Analysis
-
max time kernel
210s -
max time network
209s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
01/06/2024, 20:10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://gameplay.intel.com
Resource
win10v2004-20240426-en
General
-
Target
http://gameplay.intel.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133617462713341713" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1088 chrome.exe 1088 chrome.exe 4108 chrome.exe 4108 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
pid Process 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe Token: SeShutdownPrivilege 1088 chrome.exe Token: SeCreatePagefilePrivilege 1088 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe 1088 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1088 wrote to memory of 3840 1088 chrome.exe 83 PID 1088 wrote to memory of 3840 1088 chrome.exe 83 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 436 1088 chrome.exe 85 PID 1088 wrote to memory of 748 1088 chrome.exe 86 PID 1088 wrote to memory of 748 1088 chrome.exe 86 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87 PID 1088 wrote to memory of 3964 1088 chrome.exe 87
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://gameplay.intel.com1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1088 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa1e7eab58,0x7ffa1e7eab68,0x7ffa1e7eab782⤵PID:3840
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:22⤵PID:436
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:82⤵PID:748
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2228 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:82⤵PID:3964
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2940 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:4104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:5068
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4232 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:1980
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3244 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:3548
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4536 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:82⤵PID:3832
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:82⤵PID:4668
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3904 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:3716
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3200 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:3384
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1540 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:4108
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4420 --field-trial-handle=1904,i,4615105528414950352,10479072438185726827,131072 /prefetch:12⤵PID:4516
-
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:3164
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
206KB
MD5f998b8f6765b4c57936ada0bb2eb4a5a
SHA113fb29dc0968838653b8414a125c124023c001df
SHA256374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef
SHA512d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716
-
Filesize
1KB
MD5f67f65c503e98ef91982098fcb65e8e7
SHA14069685ae8f7f50aee74b5edb62e52614360e0ea
SHA256356fabe886f347f978b0c046dd11811570f77853bdcafcb130cfcb1bd499477f
SHA512c0ba8f7d703aa152a532fa7d6e7d3082a0de7583e4d6231c8d89ffd605e4cf2d0684b26b4f4918f49c03066ff25cab900b005ea4aa4dc622eda58856f204ae7d
-
Filesize
934B
MD517c89edaa6e48295ac26379d4a6eeef8
SHA1ddab0d4f88f96c127383d282f65e0a7c3566a8d4
SHA256ec9090f7e56a5a6c1f9c75a70b5dcf8d62ad37650d8e189157a6fd2ce75075e8
SHA5126fe811c0fd81ba2db839daea1c68a69fd6016ad2910912d01902c1a1a127ea8bcc6acbf5f2c6c850c6e9a625fe8f38485d2a8b5a67a3f92ec6d5791b5a8846de
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
518B
MD502b3da798b774b77efd3c02ef6279878
SHA17549ff64c6de37462894c8ed2f120a56fd1e96be
SHA256558662e30d628b7ec3c26483f6942542cb54f654deaf9b3a50492645c2a3079a
SHA5124e3e4fd47cb963b662fdac1a131f198f304cfe4a85bc58bfdedb5993203d117d217acc2804bb06e52b43bfc72c0e44bf4f296f3c98a9b7a769eaa1e447cd59b0
-
Filesize
518B
MD54ece1dd08fa8cc512359f81305ed94d9
SHA1541bfee89e5f3f11805f4a740e66736bfdc0b71c
SHA25680d6915f2b51c4e8db70679189e726001ecba4aa9cf9472d5482c3f0d6584969
SHA51272d666860af30776c5768df1fcc52d3007a1bd77c345b7600195b37b3dce8ecf2da6eef18d475c6d0c611498c53574cc0435ccd959af35b728c10015b75e6c28
-
Filesize
7KB
MD535a5af5a48677d9028d74f15242e8e24
SHA1e422bc448df95ab02625fe01130d1941ea49701d
SHA2567ef9b286b5b39470010d1f23c1175f0588c88755e0e3aa0bb73cdc6650115801
SHA512b352d5310dcccb1b35146d88c84769c692064dca0d177ff5042742266a590ffe1254bdb3db3d901b7a5fb83af2b318105bc4e6164ee08515b09f48c3db995f00
-
Filesize
7KB
MD556f73b0e1ad699200b19d990687474e2
SHA1ae40548698d634701570301b84a91a505f4c6c90
SHA25688fb53fed47c7507aa9059e5c92cefb302a646b8495b734c965bb3f0fec8c777
SHA5121c2ab80937a82db3ac4cc53a9745f161e259c77f7049979be0502a3b2e6dcc021457cf053d57c934f35ccc11bb257d0753a6a45fdc7fc6bf63ca0d0763b511b7
-
Filesize
7KB
MD58f18c9ca2976777bd8a4ae8e2a6e70a2
SHA18d05d925cdcc76f85edeaa065818de70532cdafd
SHA2567a690342ccdb0e15b5e11f772e4085dd57d0176a93b8109e70a721ada6df15af
SHA512b40ffff4c453f755563089bfbdd673793ceaf7638b264ae00bc723d42e943e8aab0c8b93dde36c59e119be76ab1e4731b572b80e0fc8b715766fa6657f14835f
-
Filesize
130KB
MD5107cfa63a6d21474c61cc46494d2a8d8
SHA1a438abe2265bbe93a88a30b59c759aa6851364c7
SHA256cac0302a34e90d56e8be5bdb4ce212f441e915d1832e9079f32f3477509ccab5
SHA5123848a00762b76e5606de766eaf6fdfd74d2598659a7bf6d7be9ecc1568d7f645bf04dd5bc815c592fb05b6deeca1412e7ff636b0d623247138220ce84dc30472