Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-de -
resource tags
arch:x64arch:x86image:win10v2004-20240508-delocale:de-deos:windows10-2004-x64systemwindows -
submitted
12/06/2024, 18:17
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/Vencord/Installer/releases/latest/download/VencordInstallerCli.exe
Resource
win10v2004-20240508-de
General
-
Target
https://github.com/Vencord/Installer/releases/latest/download/VencordInstallerCli.exe
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626898908949834" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4928 chrome.exe 4928 chrome.exe 1092 chrome.exe 1092 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
pid Process 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe Token: SeShutdownPrivilege 4928 chrome.exe Token: SeCreatePagefilePrivilege 4928 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe 4928 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4928 wrote to memory of 3132 4928 chrome.exe 90 PID 4928 wrote to memory of 3132 4928 chrome.exe 90 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4000 4928 chrome.exe 91 PID 4928 wrote to memory of 4128 4928 chrome.exe 92 PID 4928 wrote to memory of 4128 4928 chrome.exe 92 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93 PID 4928 wrote to memory of 2664 4928 chrome.exe 93
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Vencord/Installer/releases/latest/download/VencordInstallerCli.exe1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4928 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff80cccab58,0x7ff80cccab68,0x7ff80cccab782⤵PID:3132
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:22⤵PID:4000
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:82⤵PID:4128
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:82⤵PID:2664
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4644
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:3932
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4496 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:82⤵PID:4452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3880 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:82⤵PID:2084
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4976 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4320
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4008 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:5052
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4908 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4552
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5024 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4920
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4380 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4420
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2932 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:2400
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4956 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4084
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1552 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:4820
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3228 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1092
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1140 --field-trial-handle=1952,i,9275498460454450807,6480786934562582647,131072 /prefetch:12⤵PID:2764
-
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵PID:4848
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=de --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4272,i,10323331237945274134,4898368627250816038,262144 --variations-seed-version --mojo-platform-channel-handle=4080 /prefetch:81⤵PID:4560
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
7KB
MD565c5e56387559ad0b8d4c90ae12a3982
SHA14bc49b6e2a2760267be1824ae3accba27869a8ba
SHA256aecb91050c4b479530d63c57971614766031751b7d7cbee063234f30441c2f57
SHA5122d72f65c1a8304ad44af7e2b74418b8109195cea5d58897de00f97bf0cde7adf26b4c9532e0cd7ba3c9c06e43ac5e258efd323f53a28fb28f988a40a08dc7126
-
Filesize
7KB
MD5b9f38e004a0176f10e77e2695892c65b
SHA1b211aa824f64cb8c9921cc8cc16017d8ec45e824
SHA256bf65c78b1db17754659d6e17274f5d30ed8f1434f2c07166cb47db3d47b6b612
SHA5127aab054b19b78e9db847780873909db0289a49a0dab1003666178e650ee2ebb8299f7db7778d8e5bd3b3dfb91453cee6538fa728cde8d6639bd657bd5fcbdb4c
-
Filesize
255KB
MD54f68364f48b67502c0c349aed6dac710
SHA1bb60fb22eb44d28e87581cee45cca150b8500c62
SHA256d1a657757b0d0087ece82913885a7093d50018dd4999c8e009718ddc75079fc5
SHA51211748203b1b6d896e9c62ca82dfca2c2493bab2d28827365f1d01a1305dcd2e577201db5d9a6bf04632ed8b9cebaa0232f057655fa1732615e158bee0ed6709f
-
Filesize
255KB
MD54c99e42e160274bcba8d050350c78340
SHA1eebe43fa15f9ad4243e0bc9446f00e128ab8410b
SHA256f9804cbcafbfb8b6f585b2bf333704e90c277ebe3a8e060d6cde1a51944d9bb0
SHA512f4e2126e0cf412de912d414b1f3bede0f1ca38402f248e4fcaf49b9c1341409ee48c79c0c4ce7a43cc69671e3a262964d1d20e74ab8d459ba4f9f1c0768150ff