Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://github.com/chronosmiki/RANSOMWARE-WANNACRY-2.0 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-10 17:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-10 17:47
Reported
2024-05-10 17:50
Platform
win11-20240426-en
Max time kernel
150s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133598369279698770" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/chronosmiki/RANSOMWARE-WANNACRY-2.0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe07e33cb8,0x7ffe07e33cc8,0x7ffe07e33cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2516 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,454588851565417197,10566746238346326972,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe07bfab58,0x7ffe07bfab68,0x7ffe07bfab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe07bfab58,0x7ffe07bfab68,0x7ffe07bfab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2204 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1576,i,12538937773852009410,7593629158885457976,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1576,i,12538937773852009410,7593629158885457976,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4192 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3828 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4572 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4568 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4472 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4860 --field-trial-handle=1784,i,12142729929035203037,10441482259295435834,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.200.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.200.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.3:443 | id.google.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| ES | 34.175.83.78:443 | e2c71.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 34d22039bc7833a3a27231b8eb834f70 |
| SHA1 | 79c4290a2894b0e973d3c4b297fad74ef45607bb |
| SHA256 | 402defe561006133623c2a4791b2baf90b92d5708151c2bcac6d02d2771cd3d6 |
| SHA512 | c69ee22d8c52a61e59969aa757d58ab4f32492854fc7116975efc7c6174f5d998cc236bbf15bce330d81e39a026b18e29683b6d69c93d21fea6d14e21460a0a7 |
\??\pipe\LOCAL\crashpad_4880_TRAEDCSYDKWYOTYG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 046d49efac191159051a8b2dea884f79 |
| SHA1 | d0cf8dc3bc6a23bf2395940cefcaad1565234a3a |
| SHA256 | 00dfb1705076450a45319666801a3a7032fc672675343434cb3d68baccb8e1f7 |
| SHA512 | 46961e0f0e4d7f82b4417e4aac4434e86f2130e92b492b53a194255bd3bba0855069524cd645f910754d4d2dbf3f1dc467bcc997f01dc6b1d8d6028e2d957236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ef9675498e7c10473f3804982be0f6a9 |
| SHA1 | 15d0c0d9b7445e1b2b94cd7a3691d922b86ad1ed |
| SHA256 | 5dd48b017a78dd7a0ce22bb5974e2d5639b879d81bbef9b3ec33705de8221ea2 |
| SHA512 | 4b4d622077d7a5956b2e1fe9fc49a6097e5d71b12f56b0afafdde7767fdb4ae8836ce58d011d8cdbf7b6037c760a5db9f15df37161f94187ada95aeea1d4668a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 10fc89c94686282d7ffaab06b202ccc7 |
| SHA1 | 3414060cc4f4f640ed347028ac387718491c5163 |
| SHA256 | 34fdbe854c2a8db93e05d3dabcae731c9dce73164592527424d879e3d97c8b70 |
| SHA512 | 872f920baf4d16d5ca67a8b40e66c185e1c2e43d6ddd01d47d8d7fe25e54080dab9c402fb6d20a52f3f8ceb39ea66e7ad30664b006c54464c0f86f6f49efb2c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4d540d212ec831b7ad711e946278bec |
| SHA1 | 24fb3ba45d60de90fc3f6fe91511abc855f9a6f0 |
| SHA256 | fcacfdff130e36905a7fa7b43abad13e3f889fda02db8d7c17cb7f0732b5bf27 |
| SHA512 | 45a5e01566081f30a95b0e8713f26ed27e59f9c665f6f373795545fe7387fe89500b53f23d917aafb4fa17882e1ebde6498be3c7cec94f2d11f728b61583a13e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c741a90edff0fc7fd467f010086b2b4f |
| SHA1 | c8ebdc40d018b06885c460a1c2a5c038212b489a |
| SHA256 | 389e67f64974a99089bf0db35930e916c1c6b1d97457f5c81ed1dbe7ced848d9 |
| SHA512 | b87f58bf939827f25def9037208585c2881a8f2087469b66e6f49af50bf99ada9631473f4e02ca9fdbf8cbe498bcbe1944d849100af25e86ff2d3ba57ff70074 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 321e724b4fc976fbe3b173e9fe1cd5c8 |
| SHA1 | 26d6da06611e85330ed170e9b3f0153464a9a333 |
| SHA256 | 143d021346f8d9f3e95fbf177913b1a934ce000546dee415acfeec0b83bfbefb |
| SHA512 | 36e10a118282e8bde197dcb687940328ddb586905050074c79792b7d0a76fe28bf70151191aec752b5c870ec473d98a01892c946c5823a8cda07ebd66b2b419b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6a5a97c18ba8bc0ad187e1d5e5246e91 |
| SHA1 | b6dce0a06dc872f60e17c13bbd0d5427a2a877cb |
| SHA256 | 2e7daafc3dfdc0aa8601aba142ee353b68fbdf456ae6c44aff951f6ea3707fd5 |
| SHA512 | bc38b3f04a74af4958c508128cfcff4c32342893410ddd5a07ebe5073f50a4299edcea47b21f7d8c3167aaf885433d79d1ff25ea84c8c26bde438bc23360c6ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0c9fdd71f9cd937dcc57d3c231737585 |
| SHA1 | 9bef132c901e4effc432f3a74c4cb61723e43559 |
| SHA256 | 64651f690f1b2ab43385681e70e817f382c06e434ad97d8ad54ea69efe5ee261 |
| SHA512 | 3fd32b4947715acb2ade64db3820ea344d58b0297ad7f6f38646377a35888f373b8f38cc0e0ad43a38370fd99f8fb3d71103d993f15a7cf991b37acf7f55cd91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d22266ba3d8db30279b96944f0cec985 |
| SHA1 | 44e288cdfe75a5e8299ce32e75dd9e0705cdbac9 |
| SHA256 | 77873629fa695e434160c86ae9116906ff65a97666d7d35a3ed63221b627c0bf |
| SHA512 | d463aecbdac835dace5544b4267c86c2ed7d3165ba95095db6dfc3a25655f2391fa202a81d37b4a76a36f04456ed86df137302ad0e456fd59ecdfee3c69c6c1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b0319e11a5409c3002072bb09e3d8174 |
| SHA1 | bdaa5d114e3b4d4b2386bda8f89666e5ce7f4010 |
| SHA256 | 68f07b6f2649f95d9fa3d22e4056490addc3b2d34c1144bc2852f320aa3204fd |
| SHA512 | ba2d378fba681547ce843737cfff9bdf50cc0a71b5db6d91b2e713826089c283fa0ec4a3670811a112e007c6c03676f3c58e99a1c6807740a50d429cc1ab3ad8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d764.TMP
| MD5 | 15fc97765042944c90df4f6b7fa5a34b |
| SHA1 | a1aa0e8503ff664748278f5856aba90b7cc73fc4 |
| SHA256 | af40c5fa14503e4d4cdb74c414c7ad8114daf94d3b36d3c1dad860162c725f51 |
| SHA512 | cd4b95ba305046336da01cba0f931d01d3e884ab62572ba48f0f5d07b94b81ff74d5f1b66bb7acc92a0537fc5a33e6108b827aa32e49055b869a60f9eab1105f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | fe0564e60bca98f07f3cbaf8ac77999e |
| SHA1 | bd3c7c933500606e6777f58304fff8e771da4c96 |
| SHA256 | 755a85b01ce80f82a2613f69f59eaf79b3d8529beef6cd7d56bce885ae424554 |
| SHA512 | c200c9e3725af83aef01b361a3cf2f9b6fa477fdd8602504a9f42069bbc4af0d146ce85a6c61599aff8a10eeccbfcb42c0dc39d7e038a758afb0bec5b91d62b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e1f3aab24157449bdf21ce03e8e3de92 |
| SHA1 | e93d7813cf98b76866e33e41c1cd116d2954dc20 |
| SHA256 | a7e36700e67073cbbd96856ee424cfa8d6d7c2ae9736b46069abc7cf5b9d5166 |
| SHA512 | 1c2a7a66bba6f938ee0c7d6b45fbbadf3427353df141e0a48f79f64554e70707576bfdd844871ae6eb60fc9c8ea98c03d404c569ec5eeb24b92306a819dacb82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64d139851ebc6ad8243ff018816494a4 |
| SHA1 | 6356343fe73edd25b6dff761d38b2bff8d3d2ce1 |
| SHA256 | 8b3b9f3d82a5a8c121ed3b1e4bb71d4985ddae71a982b475167dd653a747a0a5 |
| SHA512 | a88cb6c161e971bf239fbfe2813ba55a50e51a07dd56992ef7eccaae0e52a48a6c6302810ddd47ac63501a71e1c3cce57ecde8a1c4bbba8eb5b52331f353aaf0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f3361a9d2768ded165ba32ad82eb1c34 |
| SHA1 | 3ffc5e5a190804108ec0dfcccffbe83175a27800 |
| SHA256 | d6ed91b165d41b48ec7960a6efa95c1da66f8f17cd53b064765f296da5cce52a |
| SHA512 | 169fb6be2540be88a837531298dcbf24e4b69d2b1ee7b224d7358f056e238ec5fb689056c6aac2268e442c51b1e10d81796c3134af4ffdfc4420ef18461951bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a1d9de24ab02ee6f8e3297eac30ace7d |
| SHA1 | 020e202628320f026cea69d4caa7d323055c7210 |
| SHA256 | 98fde7976a472168a30eae11e4ca0b9c6abc7869c1e25d59d1f8065e595ac8f5 |
| SHA512 | b79fd5fb5c7adba4422614b5f80335dbc5a1bd6897ceebb0dc60c268473d7f9b5ae1b187226ab8d787cf87765c79e48ed6b3715b49a31752c119ccb8e94556fb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 456b47a55efaaa360d821b91f463f246 |
| SHA1 | 43bba6118ceec8cb05856ab07232c6db9d4a1321 |
| SHA256 | 051ef9a435983bf20ed4094abad502e0bb1cf02b5e89163bc1a4ef54b87f6de1 |
| SHA512 | 014c4e60c551b46e8a6594beac15130f9bcc60dd485a64899a0aa2273075dc1fd93e8f4c52d8b2047c6427a65740f549160c372a4547bdb650016808882bd045 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3f183337f672004e7f4fdf9175b08f75 |
| SHA1 | 5f0c41635a8b4028d1bb5432373d4d7d8a1973a5 |
| SHA256 | 7bba734af76bc6202624d4682eafaf01c1de3c195e4839d80c5bc4a7cf465c32 |
| SHA512 | 1a07cc1dc9291567c2d7fa1d2e2b4e5c65a922c6c4e16feec8e8ca08e64c41ea4421ff1bef255f4d0ea5db2664c6387756dc89fabd407463a54f606382558372 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a3d7cbf66da3230a9ab210ad038024c2 |
| SHA1 | 00629d6ca465900645e62529be79b97a843ff6f2 |
| SHA256 | 5b3a054feda0eb1c693f24550b4d0fdb629abe4b762edd9b0aeb705900007364 |
| SHA512 | 48bdedb7759ceda2191566611c9e5f2c1fefe742290dbc3be7e1d8aba06c263d2744280b6417d7cb61b9699953a9cc4a7843b693f16ce769967fb72f283350b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 275123f607dc621877261e1e21a204e0 |
| SHA1 | bdd4b2dd2ba0badd8c632b75f0bb9dc183a76832 |
| SHA256 | e8cfc356e5e5e321c31f6df6c54c302ddd8ac9e9b7c8e1c1761bcf3aba6077f0 |
| SHA512 | 891b2c744504cc698ed41141ed72173c59decd8867fb2b01d1507b741fa86bd38645bfcb37e29f27498b46b1a75b702b732d83888c1f036acd6baee144bd65df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 95c38116be46949619e42690c89decd0 |
| SHA1 | e2c700fb2d694b0c464de02f85a02a388bdf40de |
| SHA256 | e52ecddd02f590c41a44a947bb9c7fd1b9e8bc1d06532bf905cdabf4efc5d87d |
| SHA512 | d4c72e300a6a970752c6e8003e34ab27ecefac2e1ac3ae0582da20bc97409fdc3e2c86ef66dfd58d572cc0dde196ee82fa4921943855fbb81b9d5d9b4c327aa9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 44b93251da76bed6c4eb637c7a2f450f |
| SHA1 | be549164547a6842093dce250ca58aff0c44b6d0 |
| SHA256 | 97af076cd6d3f1c353a560dac1185d6994035b22ef2b367ee0e93b5df85995e8 |
| SHA512 | a00582180c662ea947326d8a16a56aa38dac9a185b097fd0e84e868d4f257077b59a763bd1d905c3c796e4645f73bda0a01044c7d31254b750fe7f286c3bea98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e5008a58-a7bb-4906-948c-20e9587fc1c7.tmp
| MD5 | c84e892a297d7b5110bff752af070152 |
| SHA1 | 74687a9822284c165be76fbba3631062d4515cd9 |
| SHA256 | b785f87364809d0b92721a48051f521b01bb9fc469af020834823a027329376d |
| SHA512 | d5d4c34b789b03634563b2cfd5a685b4c77dcf4288aa6e64da8d4b413579c3c9f8070665ac00fdda0b6c0ff06def0ec62c81d22a1429a7fa0a6fc683ca45f9e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0a6a10a5095ae2084f20dce4df6e71fc |
| SHA1 | 01786df5d493cf73eedccdc72022f3a14cff3a25 |
| SHA256 | 2afa4745fb7fa5e34efa1e5eaaeaa7c1b79b74288adc60d99a585c91f8677fdf |
| SHA512 | ccbb561eefbcc4b1eecbfdd4b67ca4e6da877d7c1dabc4a8d9c70c5233226636719631648e0e17e81d66a174327220aad9351f3119f959fbc3b52fe638ceb6c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18fb3e75cda8290e9f3f01f8cb3997c2 |
| SHA1 | 6d3fd9bfc04b09435c4a627196a7c4e05bcdcc68 |
| SHA256 | f35d57d1bd9e4f0670eaabee28218f7a211468e95520c1a74758a12edd95b4c5 |
| SHA512 | 6b09bb841ad038778eb050c8d9e02cda45f79f1105c70448f3aef74453677c6aeab67cb7bad287f138fd1d512e30231ac2dc18867e481242033c6244bc7771df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 589ed2f31f34806942b49914f9bce3f9 |
| SHA1 | 806d5ab7a76b8d590a9f26664859cd0ef4bae8ce |
| SHA256 | e235b95d77d6394a6cbbd5e9796bb9d8af906ea0483bbf4575cfc798689c205a |
| SHA512 | 4ee845fc56b67b348668b1da7cfade0b4e58c2b6f4c5272403acb4a54dd7686d7ae95af1c0e51afbdf292622fe4d2c996ff923965a9f1c8ab72c02ad8827c82e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9ee6c7a8212cd1925f3a143074e03696 |
| SHA1 | f4d8fa1492994f06ef759701b76318209d7989e4 |
| SHA256 | d8ffc8c597b8c64900f6c37e49aea6f3e9733a911a6349eac5400342e012947f |
| SHA512 | 4d397ab7b7b8d0af8105413c1b56f11fb25b5ad243b07b775e7ace1ccdb4c0fb4f27bdd18d740c8cc69d028cb8662956af20ed772b35824ac6492ada069c5545 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7d3c9fd38221a8a3198367afa3beb4d0 |
| SHA1 | f85fd7e78b322d8b14a42371ec09ae0f3a5db703 |
| SHA256 | 24d97793f62866c3d2b44a885a8b0276910c2a605d3f4a390d31d905e5ea2636 |
| SHA512 | 3461e7dbf51bb69a0a6cf03ae0596a364b53d7a7e98b8b6cc5327d5be238e66c97774f9053dbb3f48331281e0913d3f36c812b769dad20acf2e90fa162899285 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 695cc37454e29025e67f81e8beb0ca99 |
| SHA1 | ba894e8fc86a36bf488177df8e7b52617af2a4fe |
| SHA256 | 32d2dd6acca933c098d957d9acf55181d470301ddada4488ddbf86dfa0084691 |
| SHA512 | d6b3ddbec6d9a6790614f40b2fde7a318ec13808d0359a4b3c7f5c8ce975a7ea80da4a1dcdd1b15a72d9f2672c6ef781e8f9d23a1fc575913ed6dd8e44addbbf |