Analysis
-
max time kernel
177s -
max time network
183s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
17/05/2024, 18:01
Static task
static1
Behavioral task
behavioral1
Sample
50c30b77bf9f4440aabb2490274d222e_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
50c30b77bf9f4440aabb2490274d222e_JaffaCakes118.apk
-
Size
10.7MB
-
MD5
50c30b77bf9f4440aabb2490274d222e
-
SHA1
df27dc502a919952bf0c7e2ae9e1de7ef68a12e0
-
SHA256
dcfffc33d33b1907ac53dd8a92f0995bf5408cba966399564000879d095ee2e6
-
SHA512
c4495f71703bd2621d0c65bff00b65c70086b0310824029edebe82ba74b77b70a6c6dc4c9c042da6557a7a2e89c9cf59f5b81b49d0d39547d3c8e09889a1c559
-
SSDEEP
196608:tqmqV5EogW+wz4pcpM+XYqH/UW3r7gpjRe3+AuoQr4RiOj/7NmJJC:0m8EmPzQs7fUoPwjRey+XT7eC
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
ioc Process /data/local/su com.cai.wuye /data/local/bin/su com.cai.wuye /data/local/xbin/su com.cai.wuye /sbin/su com.cai.wuye -
Requests cell location 2 TTPs 3 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.cai.wuye Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.cai.wuye Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.cai.wuye:remote -
Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
description ioc Process Accessed system property key: ro.product.model com.cai.wuye Accessed system property key: ro.product.name com.cai.wuye Accessed system property key: ro.serialno com.cai.wuye Accessed system property key: ro.bootloader com.cai.wuye Accessed system property key: ro.bootmode com.cai.wuye Accessed system property key: ro.hardware com.cai.wuye Accessed system property key: ro.product.device com.cai.wuye -
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.cai.wuye -
Checks Qemu related system properties. 1 TTPs 7 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
description ioc Process Accessed system property key: init.svc.qemu-props com.cai.wuye Accessed system property key: qemu.hw.mainkeys com.cai.wuye Accessed system property key: qemu.sf.fake_camera com.cai.wuye Accessed system property key: ro.kernel.android.qemud com.cai.wuye Accessed system property key: ro.kernel.qemu.gles com.cai.wuye Accessed system property key: ro.kernel.qemu com.cai.wuye Accessed system property key: init.svc.qemud com.cai.wuye -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.cai.wuye -
Loads dropped Dex/Jar 1 TTPs 10 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/data/com.cai.wuye/.jiagu/classes.dex 4242 com.cai.wuye /data/data/com.cai.wuye/.jiagu/tmp.dex 4242 com.cai.wuye /data/data/com.cai.wuye/.jiagu/tmp.dex 4328 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.cai.wuye/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.cai.wuye/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=& /data/data/com.cai.wuye/.jiagu/tmp.dex 4242 com.cai.wuye /data/data/com.cai.wuye/.jiagu/classes.dex 4358 com.cai.wuye:pushcore /data/data/com.cai.wuye/.jiagu/tmp.dex 4358 com.cai.wuye:pushcore /data/data/com.cai.wuye/.jiagu/tmp.dex 4358 com.cai.wuye:pushcore /data/data/com.cai.wuye/.jiagu/classes.dex 4456 com.cai.wuye:remote /data/data/com.cai.wuye/.jiagu/tmp.dex 4456 com.cai.wuye:remote /data/data/com.cai.wuye/.jiagu/tmp.dex 4456 com.cai.wuye:remote -
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.cai.wuye Framework service call android.app.IActivityManager.getRunningAppProcesses com.cai.wuye:pushcore Framework service call android.app.IActivityManager.getRunningAppProcesses com.cai.wuye:remote -
Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cai.wuye:remote Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cai.wuye Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cai.wuye:pushcore -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.cai.wuye Framework service call android.net.wifi.IWifiManager.getScanResults com.cai.wuye:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.cai.wuye Framework service call android.app.IActivityManager.registerReceiver com.cai.wuye:pushcore Framework service call android.app.IActivityManager.registerReceiver com.cai.wuye:remote -
Checks if the internet connection is available 1 TTPs 3 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cai.wuye Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cai.wuye:pushcore Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cai.wuye:remote -
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
description ioc Process Framework API call android.hardware.SensorManager.registerListener com.cai.wuye:remote -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.cai.wuye Framework API call javax.crypto.Cipher.doFinal com.cai.wuye:remote
Processes
-
com.cai.wuye1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks Android system properties for emulator presence.
- Checks CPU information
- Checks Qemu related system properties.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4242 -
chmod 755 /data/data/com.cai.wuye/.jiagu/libjiagu.so2⤵PID:4305
-
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.cai.wuye/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.cai.wuye/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4328
-
-
sh -c ps2⤵PID:4558
-
-
ps2⤵PID:4558
-
-
ps daemonsu2⤵PID:4584
-
-
ps | grep su2⤵PID:4603
-
-
com.cai.wuye:pushcore1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4358
-
com.cai.wuye:remote1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4456
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
4System Checks
4Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.6MB
MD525416cbe0fb512b427664c85fe0008af
SHA1fc854944d91a76dbac82aea5b0bd59b4d8fcf7ab
SHA256ee44f75d69e9af5f90d58abb1d617721ea6207dbc080bd72e505a9a516128fb0
SHA5129bea4cd1890103f53f4e64933bf713420a17eb272f38661d7c2307797b8d129ee67cbfb55fec959b9f9a99546c9627e9784743888c14ac33d60f8e1794029196
-
Filesize
5.5MB
MD54e2755568939809839480adc2913b0fd
SHA1d09f45ae2e847a17fad5bbcb15a9e3bcf27a03a1
SHA256a055f1cf1c813fb85c2f4f007684b0b1c93329afd23c7d130fb78ed767334817
SHA51249303daa2f9c67a7e6fff68bd3a52448dbe47a65e09d0da1a8e390452de53958e83cef6be0ba9f1693a8996ffa4594064c465717ea313135731ca41e7a6b255d
-
Filesize
455KB
MD5e5a53000766ebc433b27d6a66ec4f555
SHA12c8f53f1c03aec2005bcad67d731f07261dabde0
SHA25678e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e
SHA512370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d
-
Filesize
512B
MD50d269dcd5a3f8e68677b73c541af864f
SHA1a9ad4f2b665c06e69be27bd98ba1d48e1b32d6ed
SHA2569251076e3b9c2ce2974594d940fd810ea22af5010007eb25e46d22dae2617f9b
SHA5129a4ae3ded591cd0c65fe85fe0e69b6e81ba479f0af55633b8f5f73e49796cbf2a6e89e78e59a357c8b498355a4094722adfaa24aa2e8a1d243625e1132e8efeb
-
Filesize
284B
MD5f1771b68f5f9b168b79ff59ae2daabe4
SHA10df6a835559f5c99670214a12700e7d8c28e5a42
SHA2569f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d
-
Filesize
52KB
MD59d67f9eac17fa33d70e3ec94f455c39b
SHA16c0acd354bae766db94892bb5d6b5b71cb3724c9
SHA25605b7f743702a81609a182fa36afbd9fe545cd221633cf88a880485126d2f88ad
SHA51201fa2162a4d2689d0b6c7351c1b57d57c449e1423cafdc9c54cc2bed50d2165727f74b0904e997ab6f6e23b1eab5a02e8b6eab8a7b13abad82b49f634096e707
-
Filesize
40B
MD5cbf273def273bf207c9a98b43bc51cb1
SHA11a89d48e48987a26e225ab23c30227208b8d3729
SHA2567d3ece66ee66e42a8d9d4765b29bd946c4cb509db9c326f351f85c526f55ee8c
SHA512237551c7d883455f6c23af3aad6893b6a358b70a0c71145d2f462f032cdce2506eda7e119f02b45022a01626f0fa89b8b33ffc0d2eac9e525057e8220410f620
-
Filesize
340B
MD57371363c4d3b78871088936dae531282
SHA123b04c4209285c24ff39cd56e66f19874af061b7
SHA2566a35020a0f6ebaebba3ad4260edcd88defba75fe5f5486f51f46f053d607f290
SHA51265e1059aaf56b22031aed1007110c248a3d07f6b493c6efced6f3c42fe62cd9e45cd55172836af756927d0b6f44f0666c698f3038ec9df41d6d5ed0ad6b6150a
-
Filesize
32KB
MD57ee1c72abba1ebab29258bebb3ebe9f8
SHA152844eaacef2608d276cf9dc793f3abd52a25dd2
SHA256d43af7ebc1e22eae26fc8d22e239eda03444dc0940f74de2bab4108a7b0eeeb5
SHA512630a5b965a0b70c61fa2ccd4bb58daf4c10e33fb865605202091ebb8df399977a37bfb55dccb08ed737dfa97c279ac13f28d635eb88c9bedb3bef699ffbff226
-
Filesize
512B
MD5ab7fb18bc505639ce5a8baad3c6aa80d
SHA17ab8d6e480bfa51787fc0f3f67a97fd52c21c2b4
SHA256ae3b90b2de12013e9e10b7e65ef0337214969da6e957e46a1973134020dbce13
SHA512fae3e467e931d899eeaeab3864a35f86352edfa2e9cb407ff5e53e7ee7c31de7e907c943b5018eeca52861fb616ef95e3bb0128e60a667f20f3a868d432ee568
-
Filesize
28KB
MD50d3e99204c6401ea499fe9e6d9855497
SHA109829f00ca458eab7374d5079393a2cd69a2348a
SHA25663ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca
SHA5128d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68
-
Filesize
119B
MD5ba4016db3842c59738d32b93ed86afcf
SHA1fadaf4fceba3f951ceefb8d293deaae19b9c0540
SHA2567c070d4f5615900a837a2a39ccb8668cc804a33d7e15c24895ad8b416d647e99
SHA5124c7f8e610da04725c77fd4e280ceac9c521db504682c7cc855bb06bd1026c121c054ac31787b3448937f47ff21c9f3620be7590ddf844786bef2856a4d7bb440
-
/data/data/com.cai.wuye/files/jpush_stat_history/active_user/nowrap/f89666ab-b606-4c96-a999-d998558cb81c
Filesize4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
32KB
MD51674cda8ce2cabe718031ad4a566f4f6
SHA1f7099c608bff3deec413ea3feeefec145be52eaa
SHA256e40c31ed90e405b2b81b7e3e8cb1bf19c3f20032781ab427702123dcdf9b2940
SHA512305b40c299507bfa87d7c6ff69ace69b9a71c4a2a8bde816b6b8a71d1b6dbd33c61601e46d05f70d7f4276f9b56e61907ee30f19471a756aac736c571b46505e
-
Filesize
512B
MD57d693a12ee6baf83f31c75ae442d7add
SHA13aa18d5c013572375d9d134ceb0c325b9b5a60be
SHA256bc54372a2292a6ff1477d6051309de4d6beb323352f91e1d224d6fc2f40cc5da
SHA512620960668175d5edcd783d639b4d28039ede555be2afb4a5d0c02e2920a53db55c92c2091fb7f54e670ca6d4d708cc6c4ca938945176abecb3996a6364e68db2
-
Filesize
76B
MD5546a6ace3f96d4cf40c8cffd201e91cc
SHA1585637788104528bf21a17af9871828adc9798f8
SHA25688553be48156f2d45e94e22004b117a2bc167c0277a85e9b6ab824fdd44a2a5e
SHA512be47bb1acf1783f85e61e8807a9ec4d7dca4edf972279c8f6aad61fdae98cdb58791899c3ddc0ff54808e6a058ff4dd775df43eb7a466f1430d87de486af82cb
-
Filesize
36KB
MD510711b19e4b641cb4753fbb4539cf7f3
SHA1416a2cf97c3ddd3492d9e13896f29962cde02e01
SHA25631bc7c3e295d25b5b0426c0e8394fca1760212155914643be6c3223686ece140
SHA512f1e64602717bf691716d558fdee55b533b5226376485038992e64e6e66d371df7c1d969088c816e96831764f0632330f1e8c2354e9a0510807e7777d4e8f0e82
-
Filesize
20KB
MD5af757be229945be283974841139afbae
SHA17effab66dfda5890e9c65b2538fb073a71502670
SHA2569e63d4d76760ce8968ff4cd4ea3450981d377876b31a1c651b26cf4ab7282100
SHA512e164c3f219121ec48481653693fff175db6ccdb5e9d66b63d4ddbb21d42069579837375ebf1c0525e697a7183bcb9a0b46a86707467269cbe5a55c7b7266bee2
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
36KB
MD5692af4612b372faa29fa8c7844f86f05
SHA1c66b3662a0720df86b5e13642535b8220640bcb4
SHA2569d31fec284a4ee8c71340074f1ea98568681dc30ba4214f77a7f03023be35805
SHA5124d3a6e40746a5423797dab0b5c0c06dc9916229f44c4579a1088b52caf607732cad08e1d52952aed7c64abf4eed3f9dd0cc6357d3aa65087c3deb3c56a0eeb29
-
Filesize
512B
MD5c8ae2885316d11a5dc2d9432a29b30d6
SHA1c2f00a9a88fb7aa6dd15a181569d9c661a551763
SHA256eeb1def01af2de8ae63995e5931c8c463de9ba685a9c768cf3c387ff56977482
SHA512cd527719c3b5d73352d4102c4a213ef8cf0a004fb0c6feac4f3daf65fedc9742120a1f418b56c28b31a84d224f3dba0810663b807e4e6df611b28e786984dd41
-
Filesize
48KB
MD52fb96dafc27bcf12b57ef6524b863ceb
SHA1490f1a49f31bd9aa7ce5092b823e0ad9a7607f67
SHA256e3ed0d727ddf4ebf59545fe4570bbae0b40ffbdbd07e33fd59f6af4e496cfb7b
SHA5129625f76c448410c7c74bdacfe80e688e08a00a5072ba5609768caecbcbddc51d218d6a1aec3954bc3f00a44fa08209097fbb8b2d487b888a25f88ea3c3ea5d30
-
Filesize
156KB
MD58f47ae1c8015e7e3ab1c3f803b00359d
SHA1b6e62bb3d10e6caaabec255ba98083fda3927779
SHA25618f9cb21e131e0c629ced4c1efc008fc3bb79945d903fad24e76ce6eab01d086
SHA512cc60ad1b8b62af86cc2db7f0f241f14ced8153732eef5b45cc86289c72a5bf1c9b26b9a83150c46119b6bc9e19742fc23f075e2a3cd66145ff1d44e15010806c
-
Filesize
20KB
MD50106bcfbec03d55439badfcae6525fb1
SHA1fb210c7400a9dd18b5c8b0979d544ef47fd5c5ea
SHA256d7190c32e0f1eef5a7d18f6905b74057f1e28080bc9c8c1de5c5e21b3cd3dc6f
SHA51218aa18463553a66b86f483cb31d6ef4f89852247f98700c88651cb8e1921092797f5a4651a4ed894f0e73913d5419705b9fe7208e8f5c48603a16962f88f00f6
-
Filesize
512B
MD5bbf013f246f92df77c23e390afafc1f3
SHA1bac047d73f8b37a2d195ead45e48063decad2bef
SHA25670593740ed9b26dc3505388b9de0cd8ce10edba925365bfe4b51a5f19f41313a
SHA51258efe4d056ad936ff5205d7ac449754b9d38b22be16289c749c20732ce188921b30da787fb3759149204238afb0154faf50faa5e9239e9a8509bdb6448a2b336
-
Filesize
96B
MD5ca03176617d14d14ee955c1687d0fb76
SHA1a5c15f2b00c6dd4814e1b0a2d0e6a84c0005260d
SHA256e9e0e1fdbca0667f14e177a981401613e508e6cdccc142eac50f7bb70d25e089
SHA512a35ef3f64a72b030d4cea239ab0e2ca5b1a15ffcc339e31d4fa59d0b1efe087a030c71131520850d2f9db2ee772c8236f96f6b345bf74b9b644e2fac8b020a95
-
Filesize
96B
MD5d00476caf53f91f908b6a51b61629056
SHA1e29b300cc1134bcbaaa2ea33973934f813bc6ac0
SHA2566a267865d73450d44ebbf6431294ec1a75cd4dcf50d95469a948c2db399d5622
SHA5129d2a9f249a7841208bf4b3ab96d92e226356d8b5c9a571236b95f05d46f685e0528147fe5103d8fa084626b885130b4685583286959b58b512014e603741aa79
-
Filesize
24B
MD5a936690571e9104e1922dda4a0ba5bd1
SHA165f49c57edde2f96be2a1dbdfc3f7351f1e66554
SHA256f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412
SHA5123be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394
-
Filesize
24B
MD51681ffc6e046c7af98c9e6c232a3fe0a
SHA1d3399b7262fb56cb9ed053d68db9291c410839c4
SHA2569d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0
SHA51211bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5
-
Filesize
32B
MD53ae37badcbee8927f3d697bc45a7da9d
SHA1ffca49069271a0efcdf801d7bf787baa431fc436
SHA2560e2c1c38798555e9096c54c40da11cd33237cc46af1ac0ae9a355a6e6d3fae16
SHA51200e78c982e125e6566ddc5c4146037464e8bb166e7acd9708a97539e4a18da260280f7705089d9909c81d2b584a4fe099b45b3db2d490a97bf27f0310e450bf1