Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
21-05-2024 16:12
General
-
Target
http://bamtrahingresli.fernandolujanne.repl.co/
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bamtrahingresli.fernandolujanne.repl.co/1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa970046f8,0x7ffa97004708,0x7ffa970047182⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:22⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6020 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6252 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6252 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1149484775040575758,965682095011184332,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4752 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5c9c4c494f8fba32d95ba2125f00586a3
SHA18a600205528aef7953144f1cf6f7a5115e3611de
SHA256a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b
SHA5129d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD54dc6fc5e708279a3310fe55d9c44743d
SHA1a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2
SHA256a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8
SHA5125874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001cFilesize
206KB
MD5f998b8f6765b4c57936ada0bb2eb4a5a
SHA113fb29dc0968838653b8414a125c124023c001df
SHA256374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef
SHA512d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD54fd0e7933980245f9d83928b34cd9513
SHA1b42b8aec620454bee64128de6f2177fe5b11c193
SHA256304adcb4541ce2e577a661b1109b3fd021af07a7f2a7c5b01011babf03076430
SHA512440f3c68da0bd3db0790ec0edafa2c5ebeba40d5a421eeb6caa48e0303bb3b03514f863913b42d9eda59127f203b16ee90711be17ab42dce4d50315b91d049e0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
3KB
MD54d25077705761c48d6fd11b39bcd8f45
SHA1929f7859b496d93fb27d11d91e7fd3fd75d537a3
SHA2568845db96bc3f0f5bac5f6fb4db762eaa607204137873209a4ee2f4c13ff1d22c
SHA51295a63766127aa52a01dac7f03ec334b302a2d213ab9d281eb916951b493153575b35bcc391ba9ca67354bdb27e6d480f7a21c829c79f15aa4538afaaa102321d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
3KB
MD5f84feebceb7100509172ea92d03a6dfc
SHA15f03598671535f40c6719612c71289f5c2fe5a6a
SHA256e825e21033a91c38f0bb84da03fb7a0290724fccc47398272ab0cf972150d546
SHA512edbf2a74d8431ce50f7a36690517f6d2cae3dd10855c7e57b12696f5312b9da4a1b079a45b9291ee520ca8b307cc52833aea40c07eac3ec4e2068d32f5a7d9f4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD53998b519cddb19c224a39358749dc01d
SHA19efb70a6fabf335965c11c1fd5c733d19bf83a52
SHA2563c1456715482e1477a4a714fb2528120ac998616309a4209eb04ef1b6ab1eca1
SHA512ee1608dfd204ea5b45e69202c9496295178b52466e5de59966a74f1e0641a6116c63441139f8452f33c8df73fb5eff9453b5bf08484117244c56edab148d59ea
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
8KB
MD5aa6a085845005a5996f8dd0d1acc0f05
SHA19d3a707914221c76e87dcc5d1d3dc82e4df38fbf
SHA2565b9988cc963792a490482aa4041bc529d10eb8e146dcdd7aa3d026d19930af2c
SHA5129ad2c17af46ceb9d42c20f0d01ee30cb11390fb60cdb4545e97057db4862197695c32a66b05541d1481a049fe8f11018d7dc7f98e2c1b0a7f6ecddc763524f98
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\f1c35e67-6022-4621-9c64-2f38ffd4d24e\index-dir\the-real-indexFilesize
72B
MD55d241e8f7af64614a90d07019237fe60
SHA13b6c107a0524b3e38ceb651c72d01a50f040bfc3
SHA256619a43b06fc2c845d8721415dcdadd7ecda495fe069f95cbd9d75bb8ee10ddcb
SHA5127abda06936bd98dc5e206d98f663e5c0ee85343df2bc7d93ed7927bb52bd66f6e8f5c27eb539295695e05e90d153cf26623c6588aa55c7568c2a27fba0961beb
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\f1c35e67-6022-4621-9c64-2f38ffd4d24e\index-dir\the-real-index~RFe57c42b.TMPFilesize
48B
MD56ff6038ba98167a3dfbfebd360664977
SHA1ecbe40f446f81281c2be4dfeaf6cd13ddec05999
SHA2567dc0e74c23f7aa29663eea59fc0e10d621c5348506a893a5c924296f679c318f
SHA512e54caf790926d1575b2381e91f1462220508ed52c22d0c39d657042ac4ea76afe5a215f45070216870d021c08eec4265beb676b8aa59e92bc22b920b67acfe8e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txtFilesize
77B
MD5d4bd3aa2ac7c9e764f1b522b10a5fe21
SHA13c23c989a362c356abdb45c505bb9eb36f164f39
SHA25694a5b123301bd19ffa3681dfafc6433ade2df47284ced3335c71a42a8720f305
SHA5128ca15ed1795e1890681b2e092425f56773857bdb63652f3b33a85c87f21770108c4165a8bfc43b653a3d3ac5476e5f6fb5979e0460976b7d9553914f3e1c548a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txt~RFe57c479.TMPFilesize
83B
MD50b5f33b200544ad000c8ced8d0a6fc54
SHA135dc91f9720de17334c4596d7d66e16d39319c65
SHA256083f72fd1325ec177fe8ea8e5600246ea457fad1c04d5e4181860cd9b01221e0
SHA51223641ec63b25c8435fbd0b823530de78dd62c0c9d0e07551231b274675d703826b3c95697f292cd016139a88c9bb0897f63baa4583bae83e0a53fc1f331a8da8
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENTFilesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-indexFilesize
72B
MD5ad8c80d4c49f18fd09a56c20e4316e27
SHA1582351849bf89f5f655e03a3e4a70279ee512e85
SHA256ead38e69f86fdf75dc3ba46354b839ff0e88eda247c2d958afb7de52d37ddbd1
SHA512e1086f485afaffd93c12b31661f6a2a3bbc0daa5d3d3e9cc3c13445f9a1702a806f00139fdab5a73ae4a777ba8257cae7ada1e89104daa90da3ecbe54d6005dd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57c3cd.TMPFilesize
48B
MD5c3eebafbc15701dcb38e2e59ef5f7638
SHA1de60c0afba218a85ca67843ed7f82c2e8b1f0dab
SHA256ab541392b133f537d716a12b75765f371d468c5cb251c1d6ce9a717c6765ede4
SHA512b87097edc2e2095a892742ec401b687199ebae38e56fd57d533735a5816790c5eb3c4f2d2d137b0a5e8c2a9336ac6d22aeb44b3f6504b1c25b890d240434067b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD5e2c5aa10f78394d9e544c779272375a8
SHA1bdf9f6fabe0a86d5c79a823d042e47ca56ddf077
SHA256a75499cffd8b5cd36ec4143f450e73a602aeb78921727b6b57b0a91a85436f3b
SHA5124ff344574a59561d575468eb8be5d86f9df6aba241b335c160e977106f32bb7eba1033fbd037aee5788907325b76177d7b4e2e98fcded7078fe2ed055b69def0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD575f9a0ce23c049e23f596fc200c768e2
SHA16ca963e6fc3b0775b064a8d9e4f6b5b7a221cacb
SHA256d90204049454564805405796d5fd769be0ad894b98b3bc048e3d5bb4014c7721
SHA51278f8fef6b196295fe8d43adf2995d649fdb6b866d8a3e928e5fd2d5e73c1af52fe793df08c71cc609a286646cbfab1b26af45b33bb1cdf1a6c0b25206bdba34a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b026.TMPFilesize
2KB
MD59e3c2c18a504db751f983fa256bce4fd
SHA153f58bfa2c9bd911b3cab6ee575af29b6cbb2d2e
SHA256b7fa40cf752c1b1d3ef6a563021fc084c3bcd21d0fd4590710ce4fb24b71fb5b
SHA512a4588b3729ddc39605ba82962309cf081a05f2bb16d505e835f671112e11373139108e7ee91ffc890998e33c2077a525221d4f6cc4595ffe58c375d5b4491f70
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD5270dfc66c92c5150180a4c14040ac641
SHA13bf1fe27cdb1f203da2b02fc87399c38f1d0fc1d
SHA2560cb4e7a3508916ff84f2621784cbefee22194c1f31c047675f752761f71280cf
SHA512b0d4f74384c3f558b257a6c869012b413de2359c3432e845e4cdb6b9706b64e48678602c76cc97a407a47812eac133ca9bda85e3ae1024e2bc32f1c65364a2f2
-
\??\pipe\LOCAL\crashpad_4792_QIRPNNCVDVQDSYVVMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e