Analysis
-
max time kernel
276s -
max time network
296s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system -
submitted
31-05-2024 00:03
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://disk.yandex.ru/d/myj542RouD_tfQ
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
https://disk.yandex.ru/d/myj542RouD_tfQ
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
https://disk.yandex.ru/d/myj542RouD_tfQ
Resource
win11-20240426-en
General
-
Target
https://disk.yandex.ru/d/myj542RouD_tfQ
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
msedge.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 12 IoCs
Processes:
msedge.exemsedge.exemsedge.exeidentity_helper.exemsedge.exepid process 3544 msedge.exe 3544 msedge.exe 4048 msedge.exe 4048 msedge.exe 2448 msedge.exe 2448 msedge.exe 4532 identity_helper.exe 4532 identity_helper.exe 3476 msedge.exe 3476 msedge.exe 3476 msedge.exe 3476 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
Processes:
msedge.exepid process 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
Processes:
msedge.exepid process 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe -
Suspicious use of SendNotifyMessage 12 IoCs
Processes:
msedge.exepid process 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe 4048 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
msedge.exedescription pid process target process PID 4048 wrote to memory of 4876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 4876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 1512 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 3544 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 3544 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe PID 4048 wrote to memory of 2876 4048 msedge.exe msedge.exe
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://disk.yandex.ru/d/myj542RouD_tfQ1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4048 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc50583cb8,0x7ffc50583cc8,0x7ffc50583cd82⤵PID:4876
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:22⤵PID:1512
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2364 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:3544
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2560 /prefetch:82⤵PID:2876
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:12⤵PID:612
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:12⤵PID:2932
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:12⤵PID:2560
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:2448
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5724 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4532
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:12⤵PID:2492
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:12⤵PID:464
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:12⤵PID:3184
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:12⤵PID:332
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,13247210201190298916,2783672015763331142,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1680 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:3476
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4340
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3196
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5de47c3995ae35661b0c60c1f1d30f0ab
SHA16634569b803dc681dc068de3a3794053fa68c0ca
SHA2564d063bb78bd4fa86cee3d393dd31a08cab05e3539d31ca9f0a294df754cd00c7
SHA512852a9580564fd4c53a9982ddf36a5679dbdce55d445b979001b4d97d60a9a688e532821403322c88acc42f6b7fa9cc5e964a79cbe142a96cbe0f5612fe1d61cb
-
Filesize
152B
MD5704d4cabea796e63d81497ab24b05379
SHA1b4d01216a6985559bd4b6d193ed1ec0f93b15ff8
SHA2563db2f8ac0fb3889fcf383209199e35ac8380cf1b78714fc5900df247ba324d26
SHA5120f4803b7b7396a29d43d40f971701fd1af12d82f559dcfd25e0ca9cc8868a182acba7b28987142c1f003efd7dd22e474ac4c8f01fe73725b3618a7bf3e77801d
-
Filesize
56KB
MD56a398c523b4af71cc52ccac6368818a4
SHA162227e5498db7cd86e0b6e68dd2530dec33905e0
SHA2560375bff344824419266a6621456ddbec01cd642035d6389f03c6d6ec299d81db
SHA512882621913e323b9c89fb68561bf78f104e629e1741245fbe2d0a8b8a9404d5ed961106f9e717f040cbd145ef901b1e8b0b787786a79eb2b15d4e3c597e3c2580
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize528B
MD52a490831be6d1b7a8621cf9d91c7a7ea
SHA155e5811190d705da316dc0d4563a03cd94255f1c
SHA25636f15b2d838ef4349c007e3b57a599141b96bd114cb4d55951b8061c0bc8f62f
SHA512bb6a09d562935dcc95b8f23e9fb7e49bd9171d55c469d4cf08e631dfe68af61739e84e59b993f3ef2c3459a95e932c4373930dbdcff26a839f27411aae0acf34
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\001\t\Paths\MANIFEST-000001
Filesize41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
5KB
MD5c410dc8c7acba90a5d7c5c5ea8c6c7a5
SHA18f4c6b768baeb51e877752f6268bdcb9433d80c1
SHA25629e58ea0d272545f567d5c9bc23ae1e0afa944f921b5bb6f6c69f4b678318584
SHA51254bb5635854b4f87c614b18cb61b7c44964e001eef3cc2e3c75cfc18ebfb0bbc53d7ededeeb55e9aba7317d851d260b10f17b35977ec7f5f4b6c51aefcf60f5a
-
Filesize
6KB
MD555dd031f1e39a4a997154e515924efb2
SHA166c86df679be5cf2cba6cf9c8a4640f821a2bde7
SHA256b8dc7e3370234aa8c6560fe6f33ff888fc335e033b73d7112b9f857a3812a405
SHA512f10283c53256588e2dddd0b8b928cede173dbbf9b25808f29e9308e43c045e74c91e1db8db895eca6b598c8242c1527da0118aefe8ee74d06065a838ed85d404
-
Filesize
707B
MD5eb963d5f696d302c67cfe89506ccdc35
SHA1256ed32b83132ccdadcc322c9b27821440cc79c7
SHA2562994deb45ad6d269f926113b94d6c2f544d80ed8a2675d42879576eb65e68f28
SHA5127bdb0ed5a6fb1d385f04f8f67f2e025ce5bd2979be6f3b4e7f9ae4d9b99853d06b6cc31fb6a3fbda64a787af1322075129b43417f3c271237f723e2ccc1b3a34
-
Filesize
707B
MD5ffbf65f62fe3345abceb59bfdcdedf49
SHA1e769ca53ead80bf8fad03768bd8bf9ec43124505
SHA256bbc62850e7d71a5806f70fccc40db5d101b7686f3d1fb73e1384d5c8167307b5
SHA512758cded8425e44c09c4e2753f3e707f01c25b45feb2b77699c4d09a727e414e1eb795ae843db8ccfae7d954512fa2aee4e702910e6149f8f110775dd54f64fda
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b5406ce3-6db6-4dd6-82b1-471081a9668f.tmp
Filesize547B
MD549eeb9b13f9d2a7ea2dd2dc40776e575
SHA17480b586b1a32e6068460cd129477bebf41b9980
SHA256186fbbf1ee9fa99e64751fd177e0e00b290fe0f948c1126321c04434580a99e1
SHA512e40cfb48f1cb853d93d279f403f9156f97857689153b05ba2693e0bbcb5f1b6dbb1fc45c0c6b9bb03f6946f387675cc47cb4da9659a7680d1e41ccb07cba2f2a
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
11KB
MD59df2e3f8de227f95f9e842e2760baa87
SHA1f1759a7066fdc0ab3d6911c603344328e38ff2e4
SHA2563e6b9f16dc7c86fc955ce29cecc65be43b1193793358e6c68044be090d8a94b8
SHA512f272bf27ea93b78ba5bcfcd5f695daad45be2b01d2af01cbb740672b8adf25fc68b35ebf51a04ca255c65a7c14f9d65419e2545efc1fa3eb86632e451d7c2bc8
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e