Analysis
-
max time kernel
134s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
05-06-2024 19:07
Behavioral task
behavioral1
Sample
98fcde55a230e0814a3ee9baa9cbfcbf_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
98fcde55a230e0814a3ee9baa9cbfcbf_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
98fcde55a230e0814a3ee9baa9cbfcbf_JaffaCakes118.pdf
-
Size
38KB
-
MD5
98fcde55a230e0814a3ee9baa9cbfcbf
-
SHA1
3946e7593e24504cddb3470fd7b605548ce7ed34
-
SHA256
fa0eb7d638861f6531b2402de0a90ab93490fb7ebed583446a24d3dd1626f417
-
SHA512
f8ddd24ac57afbb9a32d241a17624d5a126963298e686eaa112b762657b577c9b2e8ab909e1730d7b77c0c08ad26e94dce8c5c03718cabc2b118769a30e5bf92
-
SSDEEP
768:tXuMZmwgCLWaruE5Hpx37620SS2JM+bfCp2P94I5MoP+rLpxdK:tXFZmGWSvj37620SS2JM+nPuGNPgLpx0
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION AcroRd32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 4580 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 4580 AcroRd32.exe 4580 AcroRd32.exe 4580 AcroRd32.exe 4580 AcroRd32.exe 4580 AcroRd32.exe 4580 AcroRd32.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4580 wrote to memory of 4584 4580 AcroRd32.exe 89 PID 4580 wrote to memory of 4584 4580 AcroRd32.exe 89 PID 4580 wrote to memory of 4584 4580 AcroRd32.exe 89 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 4492 4584 RdrCEF.exe 92 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93 PID 4584 wrote to memory of 2196 4584 RdrCEF.exe 93
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\98fcde55a230e0814a3ee9baa9cbfcbf_JaffaCakes118.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4580 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
- Suspicious use of WriteProcessMemory
PID:4584 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=CCFA26F935D352A9807174A741CEBEF5 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4492
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=A1F9FB5C570F57C09AC1F37B3104D796 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=A1F9FB5C570F57C09AC1F37B3104D796 --renderer-client-id=2 --mojo-platform-channel-handle=1764 --allow-no-sandbox-job /prefetch:13⤵PID:2196
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=6B96896B881461D79A7465C6AEFEEDB3 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=6B96896B881461D79A7465C6AEFEEDB3 --renderer-client-id=4 --mojo-platform-channel-handle=2180 --allow-no-sandbox-job /prefetch:13⤵PID:1880
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A8A04F087186B9F4F72888CA84ABF34A --mojo-platform-channel-handle=2564 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:3512
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=D91DAA98140126B6D49393DB9ADD0F67 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=D91DAA98140126B6D49393DB9ADD0F67 --renderer-client-id=6 --mojo-platform-channel-handle=1856 --allow-no-sandbox-job /prefetch:13⤵PID:4340
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=005DEF339E2D3B2D2123D66E584F1564 --mojo-platform-channel-handle=2952 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4044
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=D128F003F572ACBACF5E95374F8E02CE --mojo-platform-channel-handle=2580 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4432
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4852
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD549df5a99277d18544f3ef388113116c7
SHA1aa9c2f40bc45485ebfd118154bf03dc385d99677
SHA2563f3696c004062ea1a97f02d24898f9f4691b1fc1a37183b48cf04af8e400cd2b
SHA5126756b7a40fbb74177b201a75e167bb1aa4a698fcdee23c3201daa37749942a0d74d5e7114a0ae7d343091ca5a0770c0b4506a55e7a3184d57b75f590db6f9c13
-
Filesize
64KB
MD57a867144bfac80dc693476c0d61444f7
SHA1ac616fbef3bf0ca2685b8a6ec60afd73fd24d365
SHA25622fceb0b035925739a228cd7104885ab14e77efd2e0290201a898b47e7aca168
SHA512f99aa43a489fa3ba0a935f7bfc3f8c1a1fccc1c431ff808648cfa93588daf30ab28112cb362d9bf78d37ad658d8e84f67ccd33b313908586905c62215ecdf87c