Analysis Overview
SHA256
db86b3e52d6179d01b15229cc820a8e17d7860bece071ee4b7857f42295a4a9e
Threat Level: No (potentially) malicious behavior was detected
The file 91d3c0466ab910b14b1746f5dc5a4fbf_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:43
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:43
Reported
2024-06-03 12:46
Platform
win7-20240215-en
Max time kernel
144s
Max time network
149s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EB9EB021-21A6-11EF-9AB8-560090747152} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423580495" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000041ef0a245dddf34e982dc924e4eff9b7000000000200000000001066000000010000200000002187fe61708687502c5888ceccd4831a315dfd69e24d4ce580f6389407cd0c5e000000000e8000000002000020000000e93f39161d70fa9a2e29291541fa4b12d6249910387f9e7e7840a14a314191b090000000a83cbc42c766b74405ede1363a7f7909a48f7f076d1352201266c50edd38d65ba9a51faaa44429e0ac3aa17140e4a840cc0a923c342523cd8a645bfde8316a5be0d50a1b9e2d319156dfb501494392d9618ad245c47c5150cc8dd106f9ad7d44577e82adb9fe9fac1528ec3aeb1e9b41ded375f4e24f53e79a6e7179efeb6e10b8d9400f969b8960e016e6a93e8761ef400000007ac8118589ae4de965a083f37410156fd101e7b9fb951a7f1b39f79d35f77e2239d0815945ba0bea869e508fe1904e8f8aa5e4daae76aa971f42e2e2e136a0cf | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000041ef0a245dddf34e982dc924e4eff9b700000000020000000000106600000001000020000000019649fe8cf527066a00d7c0eabf083ed687ed3342a873d403f08acc8f2356dc000000000e80000000020000200000000b70e42abfff99d95c460cce847e91435f16328f16c0782a56662aa1375259f920000000cc2a42c4c0e3525a1e99fbc179be41c34601da39cd1bafb118df36101edb39e94000000023e568fa8763d3f0ff7ccaacf2b4c93f72f7439a92f19ddfd8263cb68ff0d8a30d75c637a170e3121ffcd314822d1531c2331d116997ee6752bd17c5ab82a99e | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d02a0dc1b3b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2816 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2816 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2816 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2816 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91d3c0466ab910b14b1746f5dc5a4fbf_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | dpssursand.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| US | 8.8.8.8:53 | dgdsgweewtew.cf | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2E15.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2F06.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c780375b90d25a7cb6c67a40ae5ef2cc |
| SHA1 | a374b5fb6f752f0c32a47167347fb08e87ac264f |
| SHA256 | 7e9011bd10be40177998cebf55e16fdf4601503dc7ccb20cdf36f69a53aab233 |
| SHA512 | 67705f939eb6d6e6723cccf34a97b355ceb2e8fd8f26bb2b681e44d4ace63c21c6298c9522759c1950de80ca6458b2af1dbe718576698ba9ceea59b731f195f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | edd80abf41690b5e51c2b50c7632f310 |
| SHA1 | 4ec6e9be4a12e5406996fdc3a5b87b043df73a85 |
| SHA256 | 51ede72f04f8d80be78c08f8ef7518ed80af87c4f22d325d803ecbbbe00d79e3 |
| SHA512 | 6c620f893d674fe97a0ce8bc72ec542164a65431ef9f8aa1794c0f687c4882b2ac2f85650a4fc318d7db49317afc996304799be0aa3690006161ddb137d3b6b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0971ebf60e16547380d92db38fc1efc6 |
| SHA1 | 78506d0344223da6df356bd4d726a473c6ff5f14 |
| SHA256 | 66248c2b6ae6484a02e20cb2c1d65feee57fd00cdaa28717f6db099c4cb015aa |
| SHA512 | 1b243eeba3572e5bdf0c7f25330fda48d17629203c13140965fc519b22c448b9a05342ca7d11c8d8b5b210e9ed5abcc090386a89603db4501351d899a67ce4f1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a4a7b0f220d78e18526a4ee635f98de7 |
| SHA1 | f729e22c49f68f3b3e8365f545febe03fc7f7e71 |
| SHA256 | 7221e65be8ef4a8983b8bb88448cfe271d682fab30b12c8e2e5bf43f71317657 |
| SHA512 | 55aacb844a68dc9fbeeaede2a9c41b0202334df2e6dab8cc319b703d2a127b946a6b872f368cff31229c0d2ed2ea517e9f1ed7f717a50efed5e24fc88da67ee7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 59c4303463f3770904b02a1e03b0f62b |
| SHA1 | f66e47bb144f17ea6e2e14859f699256fba716a2 |
| SHA256 | a847350663fa424c26bb848dec191d0f852fc9173d1b160d00571ed42c56d4b5 |
| SHA512 | 9c96c720bdae18498b57638086cb192a2fbaac33eb55c2db21d3387d107347b2c7bf6154584269e92af124c27abcabf43f052bab40b95bfa04111e83600e149d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 377f800b8368370bb38277e4a224355b |
| SHA1 | 944bb37e692b2f0df0477d565530343db6b6e950 |
| SHA256 | e573749a224f8cd900004e1b548da6075efd57d3712f62f12f2837202be512e9 |
| SHA512 | c18244d32942eaf52f84dc9567891fdffa950c5bec068e43b8bc3e3b39618bdcc4a11dbe7cb0043a6178e9a27c11056baabbfbc0f105dae4a0b96aca53f24bd8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 28d491d97c8a539ce8ea6aaaae9e3c1b |
| SHA1 | 2e439d670e152ba4a6be3f079057cf7befc7996b |
| SHA256 | 020352d465a5747fa528319ff107bf655d7ba21556957c48138ead73afbd97b4 |
| SHA512 | 644d7e90da5945c9ae9769668523fcffeabce815735b1d4aeb1018a1caf6c8a50966fe1b06d898cac67016871d497175b307e4774570731e46bace3c3bbf7aef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06611bd1167c2ba5e5f61bae508b87fa |
| SHA1 | 562b5dafc0f63dccb3191f97a8093407e34d4189 |
| SHA256 | b8e72430b61288db65d702f7a54f45f208e0a1a8e4a56f47ed15dccf56f5b00f |
| SHA512 | 8d21c181d75e7c89a7a38321473574e75c83fca770dd1c4aa2a36ae30f18f9f303b3efa31fad04bb1a6257604a2c40786dd05cb5f63b7c8303930e3f3efc174f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 942e5a2634e5a85e002f47332f5ee8a7 |
| SHA1 | d48a98f62b776ec070dac380b00493f8a7242892 |
| SHA256 | a1eb90699bc71a9ecc2f559a283620110ba3ed9829b5f608cbdf7fe7510bfea5 |
| SHA512 | 76ecdc76ee8d711c81a84b1ac60293c5e8294005aacef533af13c987b009be8b08a12831a2399a5c55c43f0e2a8408627f77231665b6b79401033eea92d0c3e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f12ed66be6a47479e69f058f4d5a3a21 |
| SHA1 | 75ecced0066bfe1eb5fdd2ac5784871674bc7a5c |
| SHA256 | 4ab5e7464cb44eab62866e6053a93b66f1e4754fc432d1b51b3cdb610cb5761c |
| SHA512 | caa47834ca96e14b14dac632b447cfde2edba574f03cf87375f9fe07260a5fcc987c2f7dd4e567b9cb0e6bc351489a2370fca5852eb52bc8d20d76dc546a987f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0ba19e9bdafc597b6c224309c1135774 |
| SHA1 | 51977578682f37794b1c726d273784384b151a20 |
| SHA256 | 156f518d7ae7baf45d3edeadb747359be1384fdf4fe67e8940f477db21bb086e |
| SHA512 | d9a6ff289f597f9aa5de9c41c31b7e2dc88dd1c926c81983327ed91800c0b5e23e24d042a577e03c31fcec4ec778894fd57e416a5baab7035e6e639f2558ca96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f7c7ac444426176fd9002dc9926d18fb |
| SHA1 | 62e45e3f5d3042d1c31f1d92f494b6af00984813 |
| SHA256 | 4736318354eb069713c203279aba1821b84714d78591fbcaf783a557e072c8c2 |
| SHA512 | 11584b3dd0b7810aad14c0449b9d38657e4d28e46c9ed87a55c8e338b431d473cb065d0607c96b30b374c7adb097e811a63d02470bdc510ed2c18fea648bc38b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 739e46c0867485f28dd55a0c77d00893 |
| SHA1 | f0fe9a3c0e76d084adc6c3dace29dad388e7941e |
| SHA256 | bc2c6e7b1223f7fe1f97b7a8ed9e470aa0637286821ae6e9774efdf6e67b913b |
| SHA512 | e03280b17dbf99af004b167abaf54a7986952bb9e24b55c8b12bd2b0e022200d5d5ba8ea4f51b6a9c4485fed7a061a64e77855fdc7a21dcc5c76604112dd1c4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6f71b48b5d96b6022deefe540a350e64 |
| SHA1 | 8ce7bc94446480b18ef93deb1a373c4a330e2340 |
| SHA256 | 45a817e55e63273026389d700a3b07bf8b315024556afa68da1893586fc9caa9 |
| SHA512 | 99df4e2fc5caed2acaf62e562488d1f8eceadab7cc786812d9c81f401ec35da737ae9b83c3b3c65feb8ad3378b83c7926dd75bcea1fde5b0ceed49af54edfe04 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e0015ad38a0762f4c030a2284edec0d4 |
| SHA1 | c974423115eb1f15dd2556d2c6eaa9b318396020 |
| SHA256 | fffca04df4b9d554406652f689d2559671e4bdd86a200db3b917d1bbbf842244 |
| SHA512 | 8ba77405f37224db204f4714d5e10c279647d51a7e2afdca0a51dc3cb5bf4e74bbfe1e413c689397ed7490d5c10a213e141d863eca9978b20dc08b7eebbc2468 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 25c4e25093b3ead087793c7247023be2 |
| SHA1 | 9a6eeeaca3bbb15c29b15d999ef20d21f7310fe0 |
| SHA256 | 18569678009bb7e78e4d616ec65021f6f1b19379cf8826cadac53e832501b536 |
| SHA512 | c051c781bbf5374ea09b37b3f5d561082ab8f7fe1ed9b674df8f11456d5d9b35d6ef358688c0e40da629d3a01fac9b91fdd50e87bb709a834d8585d50895e263 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 544ab8c49669dc7690743caf45c9fcbc |
| SHA1 | cc1bbfeffcb2eef5b925878caf1be143de9bc106 |
| SHA256 | 1937da91121864fc1158a1f10dbce548c4d9bc4d985ee5687e6ff7172ff9a2b5 |
| SHA512 | 66a526ae109394016ec6ff557635eaf5f1043e74530ad59c709243e06515daf5db234f028f61bdae71f0e0615b21dda0d441ad6e7a427c7f3e27758f97d9dfe1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2818087abd4dd5fdeb93650b33149f09 |
| SHA1 | b0900ee1dd81a0671cbfc954f7ce5571121a3929 |
| SHA256 | 99b1e375f75eaa0a8a637bcbf2ed434243e9f9ec43a8c7c7416d9f2f6e25d59f |
| SHA512 | cfa3f246b156230dbed73bc01561a633e374a6897619c426406c6f64a7183da501a830cd5656144df3fb43a7ddce14f6a98a98052a99439f9c963cbb1479a8f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 541e345cfa17c29e1e1c4e72ea16687a |
| SHA1 | 58feb7e85957665c6fc8841eb6899ff91dc5c8e3 |
| SHA256 | 4edb24864fc74803d423a4e618f71b676fbb9384172b8fdfb936607acf86bb96 |
| SHA512 | 53e3ebfbfc541e61061f7853b1b02bc454c2189d47943d0bb45abf67ebb15c67a3c3bb9f6e22bbc60fd48c0f563fe5be4f171468984016a53f81f989e4fca36c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:43
Reported
2024-06-03 12:46
Platform
win10v2004-20240508-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91d3c0466ab910b14b1746f5dc5a4fbf_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff76e346f8,0x7fff76e34708,0x7fff76e34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,1706136121104790257,14939885853058144498,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1356 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpssursand.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| US | 8.8.8.8:53 | 91.147.53.101.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| IN | 101.53.147.91:80 | dpssursand.com | tcp |
| NL | 23.62.61.75:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 209.143.182.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_3608_UXMCRYSLVQLMNTRS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 39de41f9790aa2d39586d4ee3ce8ea48 |
| SHA1 | 0246ecc5b5af16e4b395717d110c503cf8e29451 |
| SHA256 | 4256984974738f981a7e0ec694480b94f215cbe693de5168ce55cf52e86895d1 |
| SHA512 | f68e8f5d8b7bd6729fe4e6321bf96f30e073be82e0378466d59aa24d830508f6d664d62988dd335683e8d084395f8dafe5c73083f560e09ec33ce0d786b5fc54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1610deb54d8d4bf8b9d939d881961c0a |
| SHA1 | 0204fed904697262b42ee6d4f48e9da296f6e8e0 |
| SHA256 | 61ba86711d8c652cb4ad0ac7eba1f1c2324b7786b9e5bc1da6a0cd3ec43c8782 |
| SHA512 | 28067e03a1fc3af361a849e44f981bdaf944e879f857c9f6265baddb8a874d422627c8dcc86cff170c3a812d7c26b047ee728b888b1ccba9e97ee02cbc242cd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2d356cd6b1f4820ea82e1c66629220ee |
| SHA1 | 069891e7416250170d329ced61da6130a9d8bb8a |
| SHA256 | 2be1e13aee46f0a8b8f92fcc77abd022b86818b90a844a87dbf826d85b68ebf8 |
| SHA512 | 35b4f8a3655cfa348667cf180e029c295c72b4505e073f9b361ce9d6a9a7c6e1abf9b73e0923d927fb77355aa10ea5a44a298e5594684f40c9d0829f8173c3ba |