Analysis
-
max time kernel
142s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12/06/2024, 23:03
Static task
static1
Behavioral task
behavioral1
Sample
a2d5eaeb16adbd2835b7d6f46dbbf652_JaffaCakes118.html
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a2d5eaeb16adbd2835b7d6f46dbbf652_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
a2d5eaeb16adbd2835b7d6f46dbbf652_JaffaCakes118.html
-
Size
89KB
-
MD5
a2d5eaeb16adbd2835b7d6f46dbbf652
-
SHA1
350ce0f311cc5ab600417276ff9858dcf8c7b508
-
SHA256
0bc55cad164426227dab3045049ddf91467d65c4a0bda79f1467e779e0217854
-
SHA512
6cc7798966f1b48b14843627518acdba05e571c42da9e5258c0fb2d8870a6ad49d90d9dc5f0ec112e84d7f729a6f88a56fa96219921f189111f781ff148685b9
-
SSDEEP
768:ShC/gDCBgtYTSxxgMP1AL8qOvH+Z0zjugkrz5ylWRi7TgNz4if44dXDEyNd0zvIK:ShCYDLgKw8qOvHTf4ogNEEPFOfKbDGr
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb81000000000200000000001066000000010000200000002e4c5d796f09d84c47ee14cfd9cd38d404856c1ac21e48125d5333592c8a8a98000000000e800000000200002000000078342a10c185113cb9fdd7b7c232cf55fae2785bde9f7128f5b9693e5293dfd420000000b676d08600f0fb2b196b1cfd50f499252bb467b137908d0b0eb1843dac81991f40000000973d9de7513b28c608b1fe58615e6e10f76738c5bf388b6dd42932fb7ffd4f78d4b0ae421343ecbb88bc5ed64604378d8899dd678ccdb395d05c63a4ec8b4b6f iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70fea4cc1cbdda01 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb81000000000200000000001066000000010000200000006039577e61b4a26734eeee77f3389aee7223599bfbca55f51ef0f5654f1bc859000000000e8000000002000020000000117ab017c3020b037012ea809e6729a55122cec5a6f75400127ef77b2755c78d90000000f819edd8891e64444a43803fe33884f51925f608c8f9cc38686ccc4eb8d7c2b1b96af9e2cc4932f55c947c3d869c13e90a699581e4f2d7a584ed0f7971471cdbc4dea4712a90548ddde01445134f3ebe3fbdde5b2343828b55089f043cbc1b87e05e8c80d734e6c41c962c6deeb74a2885e450b58ea6c0ced0ba30cba03f23d924cc97737786d5b2d4d51be17a88090340000000e8af43d27bf5b7745d1b949983e24e66b813278c25e95d16676b67744ec40ab11d3bf2ef43ee850128ca94ba32ade755fc860b8d34ec25ae9672e7e83885ccc4 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424395264" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F3DB52A1-290F-11EF-9586-DE271FC37611} = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2948 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2948 iexplore.exe 2948 iexplore.exe 2924 IEXPLORE.EXE 2924 IEXPLORE.EXE 2924 IEXPLORE.EXE 2924 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2948 wrote to memory of 2924 2948 iexplore.exe 28 PID 2948 wrote to memory of 2924 2948 iexplore.exe 28 PID 2948 wrote to memory of 2924 2948 iexplore.exe 28 PID 2948 wrote to memory of 2924 2948 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d5eaeb16adbd2835b7d6f46dbbf652_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2948 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2948 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2924
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f6124a1acc93a9be55a687b7ad428b7e
SHA1312512081abe73c9bb165119825efcc4f0588d56
SHA256d2990853f0e66f8b0df068883ba919a6cfa1745f5aa113c3bde49a262b68bc5d
SHA51206e371573e379ad5e497953825a144c96bf074fae2c737223c81346639f017575bc5a88a7db164995db500c903c6f235359ae470d27f270aa9d7bd6dc7bb10a1
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD58edcd3a7cb0fddf7ad8f0020e0f6abf5
SHA1031752362c6b4bcc510acb376dfbcd80c063f28f
SHA256b1f7931c046526ed9b6e2024f31adf49d7c94c1ae8c6c184df488e77c50cd0aa
SHA5127cd6ce9e92b4294d2ec33ea1338a3b799d6a47c597c38b43ec75473ad1647d8921eae4419d777265de83df79c2d20413ebb0bffb4118cf82efa88ca5c3ee6eff
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD569af35929ff4fcc55693953433cc4a88
SHA1ba5d9cf31a218d6be4d3a14ff23dcfba5192c5d6
SHA256b08c47f8719ea18abc020ef453d19f6e90b7cb52b6c3bc6ca437cc2e7794fa6a
SHA5128aa71567de9ab49393b6335682171c9ce2da2886a790d5e0621b33c60f832587d52906ef9fd39912cc264bfd374560ca0d0a35d57f2871f71a1ac7271f9761f0
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD56266d480ab315c6a9450fc5022c14597
SHA11435d92d98f41337d60625b031011c8334095ee0
SHA256b8c55c0beaf3d694b8d2517d0064ec1df59290152972d20f58c6e078eebac1d2
SHA51276e1612881205ba49f7c9cfda369ec340746d75ef80b8396c4e4f6c5e7d519d81f21b990223efb648159295b591ff27b671fb15e18ba893a724e411bdcd5b5d7
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d703bf133211f69a4037649d8347bc91
SHA16362b97f4ba343fcf0d4bb549618d93464136436
SHA25652f063d4fd851f0e483e1eb1f6765d1a53d545bb34f6fbfca5122e7a5509930f
SHA5124e7823fc00e724d3613b55e034a73a91da0a5778ded02b999f20e70c31865296ac8cff84e79529729ce9909ea3ad2ccebb96d0a8f4af7c7ce2a921d7ab964d11
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5552cbc821204837f39ba04072be898a3
SHA1ce27e1d3975cea17eb77281e0df938b1b362bb66
SHA25649357d450c18f6f231494e74bbf19189d3650e0653fd71aec0e74dcb58c2c26e
SHA512f5ce07e8271da7cbcf05316707e97c9b017ba662cfc82ca2b4cea48a9be6b6e2eef2d982c55fdfa2e7a0b0a8cc26d9a2e3b9ba8df66d9b2f18922afaae9633f4
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD586262d2a2d8074efb1ffeb0bd922af6b
SHA14088f9dfa393f60944f04258f03009f115941706
SHA2562081387aa545541f4ce88d87bb39e9086a71529b6c6edc498c25d52f7925e581
SHA51222b1eff9c233bf8ea21560dd42e3bb152a2fd3ab3f569e00d817d80e59bd5df0bb0720658f222a68435739beb13701da5c08602cb3098a5dd96b9dadc2a234ae
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD565cc3d288590dc5d5e0563f0d1b09d61
SHA1320df43f89a04f94bb72d7f90cbc2f541392d9e5
SHA256f6f306399b2edff196ff915cbb7e51f56f7aa1982cd67d63a4d114781386b633
SHA51283118cb26b653cde2e998f6b359d29bab440ed7e199f604804f9d9a888c7e868945b8ce8312b5b48db843370f5cc5ae7a5e436e43fb0b9381ae0cefa40c36864
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD50bbd39147ead0b8e31a645945c10f5ce
SHA1138d05a0970f332bd1d66e773a33dc9f9fadce6e
SHA2569edbdb924bf49777a3acaec2c9c0a7c3bdc261febe2093fe388b035b143f9c7d
SHA51220e4ec0f41a0a382843b37c531f825df222bcdef4fbd51d37c70dc81adf4a5f1fa82a9929bf0df08529afb428ccd80aea4e69bf985994c4ecbc5e8369dd3f595
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5aee345b1cf612eaf35f0c3da9400986d
SHA19bea10804ce357c26f0feae8c83c91b8dea02872
SHA25671c719aeb66b3ba8f7ba9dc501e53498d0e4df8cc21cabd972b79dbd8b664976
SHA51278013809a92d681e1f7167f1584e693f36f693eeb41e7fa1dd7c44e8ed30c6c09292b12beb1b0c3cbb135f0cf1501a95973aea98bb691d1caf195454d8aa7c6b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD567f10755b08c2030f2966d545be92462
SHA1d0a61e4f532382e6d25903d36bf7793e0a5b3325
SHA256fbef607e62130679bd95e02dc0ca49b260cabd5c1e0403a8268213c9854fea3d
SHA51254a75c1c5404695b13d6eedfab71d22e091294a2e029a2d28ca0e79681bd3cd2760dc69faae8ee2cc3b39009d0bf0965a6e3d0245cd969ca88aecb11ab604c7e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD536700bb9b8d0058590cc200e2e72c12b
SHA1e48ef70e24272323397ec0ef78bc5c69d8f2fbaa
SHA2560ba6773b82ce40f1d5738693b0869c8d1523a079c49972674410e517f6e9427a
SHA512ca7b3961d4b4414404675beae19f762c90b21a4ccf64274b3f0c038dd1bbff7361f6d2f6bd345474dca58f27437f768333bfb504fec3a0b731c18fcaab2e1b95
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5104b7bf7a79afce148274c49e0236a0e
SHA16ecbb62e94164be87e45b75ed936185bde352c7a
SHA256f2f7d6d4597a3bde8053eb30f157e59a6b046f41011839ba74373eb60becc0e9
SHA512121499dd9e1cbdc884f4a0b4662326e0c32f8bf72d879293bc8715bdf023278f9de5d872deedb7e5787fb02b0965c3e2c2923f2e38c1c4b9599cf45aeeb5ae9f
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD58fd25665617272d477b061fbf5aada1a
SHA118be3705ad21679cfcca8b12227dbc15b3781264
SHA256f7af52df31f801c82eaa9c7503c957a3c11923b6ea7a7812c51a66210b317e10
SHA512f3d567a00f5b203f6452b42562ba4f38ee016e134a23613748784607f524c27df2361b5b543d3332b78da5a9be7cc2e101d976832ff9c33e6c762c89a156e976
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59ae5cef0f7e6f64736108a4404cd2448
SHA1b5166b0b23f904aa7596e7a77513ab6fed7dedba
SHA256a6f4455acbc7f95e78a64400b41e96ec123aa621acdf7b383bdf67e99dc715d1
SHA5126845ac9b32d5638d1f873703b8c58aceb87fcaf9adeaeb630e42a36f70845ec279a37801bdfd54f0f257e60e626836933dbdab0b5418e60eb6282495b4965cf2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD595aa6be49e43a797189eceaaee3fa91d
SHA1f56b985f3aa6830f096402a642cd351846ee4bee
SHA2563a0a717fc95bb04f988b2a81b5436f255e5fbd14c17899f7d4f09ba84b5fc0d3
SHA5129004b6a8693701a1023f9532993f054ff382301de9c3815474ed268f859dfda4ebcfd67f0933a5b203ddafb7ae02e238cc602762a80ac5018ae04fd8a2d492e2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD597ebe65310d4cfb977d4f6a6bb80f874
SHA1e88073d3d29d8a1cf1eb1be11d99bf242adbaf19
SHA256b53557b7484fc745d5b275ed2a477fcdb0c249b1858d9ff7baa944f4fd90aeb8
SHA512123dae2900eb123204dbbf0bff7c03993025a8f33f87193bf8a21bf1a6c4e489d45ddd9dcd40516fb64faca65b5da71c9d9955c62daaece59dff1d38bdda3725
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD546012ef5ea6981a3e06d3208073bfa59
SHA1919869b5e3a423f7cfe2c226937949f2590c7d7c
SHA25611e5f4bd76af105a1d65a0ad815aba30ccd5991292bf3681afa818a6bb0b758d
SHA512f9204072f31a9c316cfffe190fb35e64a50acf301f278691b2caa0c948ade2a977b383bcf86d0c5e5d964d524bc244bcd923f0de3f72b34ae370a656956eb5a9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5aa532823a7476918ccb93e17449545b9
SHA15004ae37b6aa49e22de72986edde9ac9be097d1f
SHA2569bfa866cd4d4f7522df04c59c49a404ad8057c0d8c7f9ba58c18535f0a7460bd
SHA512aebba99293ac75d34669eff404cd593a46bc51302f16f5871c85ef79a0f24ac54b7c1d9c772b5f4ee3c9afb7d879294624e3863671adad64ac529e846867c57b
-
Filesize
67KB
MD52d3dcf90f6c99f47e7593ea250c9e749
SHA151be82be4a272669983313565b4940d4b1385237
SHA2568714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4
SHA5129c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5
-
Filesize
160KB
MD57186ad693b8ad9444401bd9bcd2217c2
SHA15c28ca10a650f6026b0df4737078fa4197f3bac1
SHA2569a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed
SHA512135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b