Analysis
-
max time kernel
137s -
max time network
140s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12/06/2024, 18:49
Static task
static1
Behavioral task
behavioral1
Sample
a1d40cb91bfac8051f7517de98f086b7_JaffaCakes118.html
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a1d40cb91bfac8051f7517de98f086b7_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
a1d40cb91bfac8051f7517de98f086b7_JaffaCakes118.html
-
Size
17KB
-
MD5
a1d40cb91bfac8051f7517de98f086b7
-
SHA1
24a16fb816f3a617dd0c7d6299a0c2748c0acec8
-
SHA256
3967a858288383757e570a2f7bf6bb143afffcb3cf38281353846d07d734d996
-
SHA512
1662e7b19fd76620387b42f2c68bfe0106582b520b7a7a89168d6df62543d70174615178e4edbdc6b96e772afdd9c9162fc0e36bd03c9b93aea46d085a371be0
-
SSDEEP
384:jENTbmnpIs7/xiVSSO5h8bBzpGr7rqrY/xttwfhu8uQkBzFBzlSBzvBziBz8Bzcc:qTbmnpIs7/xQSgesfhu8uQk37SFouqF+
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb81000000000200000000001066000000010000200000006f5460937e3e028b208788224b79b8b70988fa4995d904b382c49af8b10c5cb9000000000e80000000020000200000000d6959b304edb8c7dc138df5ca12b1160fee218b36eaf435db3aefeacd93cc4120000000b76b87b29cd18261bd5367db1cd074ad84af4663d5e64340df46665b20af09654000000053b813e8e5e0fe138149ad3c1a27baecff94cbd2347f3fa17f1ea744e92b2465d23d57b96580862fd2ab32342d39762c47d65c70b18da699a7e3a2855619bc97 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb8100000000020000000000106600000001000020000000cba3bb53ab0c858a213b84090f271e224142225dd89c74819b3601406bbb6c0d000000000e80000000020000200000000b3bca759336757828421558ed5df9cb608d4b15ffeb034e754979a4b219cecf900000003d1ae7c9b5792e7f5354b00eb0a844f00366280b0ef96f8dbc92ccddcdb052b772cd7d7e2a83c8d1d49f19a977124afcd84a24500a2d2f0b0392ed9c1beeb897660399626565a15035b0b7bdf43a68a831d1949b8c60f87b301f62c22a81ddd8e5b7b1c22269fcfdcf9d7c8ebe5835ca0c278af6d54f44e4aa4d69e4b7e59f0749f0bf321acb059b72533e80f7acdb4e40000000391afd046274dc63d7e8805224110e8754fa14aff4ea5365a34ca1c09b7e10dd3780d82566d51d43f8a81fa6d14df53e0adf3696128a2efecebbdcd09f522381 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60881d58f9bcda01 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{835C06F1-28EC-11EF-ADBE-DEB4B2C1951C} = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424380042" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2108 IEXPLORE.EXE -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2212 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2212 iexplore.exe 2212 iexplore.exe 2108 IEXPLORE.EXE 2108 IEXPLORE.EXE 2108 IEXPLORE.EXE 2108 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2212 wrote to memory of 2108 2212 iexplore.exe 28 PID 2212 wrote to memory of 2108 2212 iexplore.exe 28 PID 2212 wrote to memory of 2108 2212 iexplore.exe 28 PID 2212 wrote to memory of 2108 2212 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1d40cb91bfac8051f7517de98f086b7_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2212 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2108
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59e24370d9a79b5adec06d08f417e6334
SHA1d75f8c567fe02df205826d3b7a7554435f80b9a8
SHA256792aa14312a8e4d25d90398a2484ddd71ff0e3e2d2f84ee47758dd49dd13082c
SHA5126f1d1b5ebe6f1a07d1158cd65d0665a2a81596aceaaa03147d63d5ce07f9c20a213ceef42bc740dc1a5b4c50f3cee3ad65f80fabf1aef252c45079c138c2d369
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD51184c7c615894c535ed9c8bb82b74c58
SHA138123f32668e6fe6b8e5b18f1eac181da9ed433d
SHA2565b7973781cd23ba9a17785771308f49edd072270a661426fc275d8e635b53104
SHA512a2c8134d5abfd33670f5c7a7e9668d09fc11dd62a7818c808d32be017a8a133a7bcd8689e437a33ae2f17e0ccdbf2aeb797213c8855d46b2b2e5eddeeeb64183
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5508b5b05e9ef07a9231054c856fba0f9
SHA1985aba614af507cb69835c78481d072f7a09e255
SHA256bb4a3baf4096e3124acda9579b04931c057c2e5e8a9b644c55aebb7b9245c4b0
SHA512b9e96a3332605ac687a8cb2b22070d3a753e53bd9a5649a4ea1420397801a37e27ac92281f84487437b445e1ac36b7dc48449459b78a8b5a37096197b3c71841
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD553b612f028f71e1055b30b208c3fb5dc
SHA14752361ca107aafd9ef2d713b04da1087183118a
SHA256204c5543c763dc1c7a9e8b8b987ec543ff998adc81eb55dd25515615b8a89f32
SHA512a758688246a18e23a7ddf144f3ba4066382ab561cc938717333ddccdee31c857a38a7266b2b8cbc51a3d29aa9a4085b7f20d8be57690519f63082ea52b455c22
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5b305d63f3dfd1b4e15c2646c9027cc8e
SHA1f4ab21c7ec4c12b40409d477ed641472e75030e6
SHA25615af781a2b724b7f1d485a1efb0c80834f9eda5b0a52ac50d75812b8c080c7aa
SHA5126ab30a49545e88387ca77918ccf8bbb1e82dd2f2a7ae4217a8f5826322b180c495c11d6cbf1097d666c3d4d3f2c07ba50593217174248f658c023c3c5820a9da
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD50e2b3ece834037f3c9b6742f5bbbcb40
SHA1f628efc47437da0ea55447ce25e91ab1785a3ffc
SHA25668117c04dd99041ba78b3a89ac01e28008c03e6bba6a4560e2f80f80826e7b87
SHA5122bf2ae13270d251f03904147c4c0b6a6b55761894019b48123b5413c885b2840f7c0e4c3c305b139ef1ea1ac9dbe818af512b7ee00d84a029c1e64af365f0edd
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c7c95260bbd1af9ae92afd4e3a1ec851
SHA115f288a00a40c58d36fde4079006e22a3175d0af
SHA25678e2cbed41000efc3f952d57df87c21edbdd6af8470fdcf7f28acfdc4d033dc9
SHA512ae7b76e937becd009f3bcb22343ef1bd24846d5ebc322c991e5fc89fc357a1fa8a14050348454fc7295843944835fb7eea7dd13d6dc6daac16578a26366dd47d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e8c899c944b961508ab8cc06f271123d
SHA14f71264af7cd6c64e761e0bbfa70f80ba4666ddd
SHA25673ee2a7b949adc0041ec0f002f139059a035a1e736f41b0a9e8cf9831c5c02fb
SHA512e8be7dff98d58cf0915ba509a8af50550ae651945df1d0700e2dd608633cb6707d4b622a74f7056b08d4c9cfe51c4f13a380b0d0bba5d5073a1ff076e3a85f82
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5206617116a4568dd374a57def92ed641
SHA1c152945eecf93f956214f269f66953c5de222dcb
SHA2568190f909c9379672aa9e503a8e98174ad6c4c0b4d594b6844199cd5159a453d9
SHA512675b54a2498462dea17495fd3ee58f6082ee2ffecf8dba7f7ffd096dc4ec03895678fc9d867c8bcf1094cc02ceda65b557fffb57b6e12c31312d38d282c41ef3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5543fae991c59838caf385867fc725cd2
SHA15023140ac45540e68d7ccc688673750f00e7bb0f
SHA25660155f947f8235c9444356bc4cbe71f6a1ca158b08c87f8b1bc881b789ab20b7
SHA5127484c3f9e258af4a949dade5b2082add4c5b51c60723ea85ff04df4a4a8399e2d45c57701a43035cc77b9cb7b6ee4bb820922a7d729463bf51f2e2b767f69f43
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD56a03dfc0e7bfc8f887287825ed6e80e2
SHA109403c846b016bd13fdd6e262eeb516fae870997
SHA256ce06d4f7e8e2130b58dc34b5521438682053d82563e394d197161cb88840bd5e
SHA5126f501d114bda1464ce9c3bbd26f894b9b5133b211f600bdde825e2ac1784bebfc2d46a1d86615f7a388a5ad8e3bab2f18e8026fc2adac9edc63fcf4c093e35bc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD54688019fd4eebb12ea9b595e1d4ec531
SHA193c52a1b7b550c67163cf5b7e3f6f07c635a71d4
SHA256c111ece113e7dee3a9667360192c16d422358478170684c1d1d38ef3afdadf3a
SHA5121aa3580ade0536ab486146bf290cb531043adf6486df56f4ecc9beaafc0e40d17b5bbb6bfc80b870d8ad34baa5a7ca8221e0a695a20cf19b22cec0f5b1d4d096
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5160b1a774cd67732698f96692d049d40
SHA140cb26a47da627c4e3e34843ce920d4156db8d93
SHA2561855fa2ad3f1ce1780ac729c33afe2742fa2d3dabde37384c1af28094d33db99
SHA512883f6834172b2d5821314387f12322ac773abc3d64118b1a5a85259712538d39d59f52ad4f74915ce6562f874548feac3920a172d4c76c1b7df99535a7fefa7b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e5e8677b042a806465245c7ef84ab80e
SHA151e13abe6850e1ccd351a58afed39ad15577fa43
SHA256a28c9c8dcccf634cbab36093e987e5c606229304dad2401309b9df29e8228c2a
SHA51230b0cbfa7541b37090c71b5a70d95a7cf877c7029982b55c1b665bf4625fa2623c3be4dbd779cc8a703480c52cdfb3b286011cfa070161ae2ed4adabd954a3be
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5a8447a943c2aafe3303dfa32b27811df
SHA1f1e3e8ee12a64e708eadd16bc6d59819f34ed2d3
SHA2566c791d29497de8f3b4bdba973700897d91c3562db67a98e1301ebcd902ef01f2
SHA512aad4c5288ab84c3ed7eca26a8ee9dbf131ef6413d1e656bc6a845c8a059592a832eb4407a9c8c919741e1f7245451a6717e302605288532fe914e66f6a973854
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5be67e875b8956a21101f89a7c50e2722
SHA1a5a5b7bc86021e5bbe12aa4678cf6392ccc81039
SHA256ef008fc351f0f1b9667f37d265b0690491ab1ffc2449bff9f1baaf85cbe1556b
SHA512ea4dade07909a8b352c087ed935b3eff71caf4e7660714f9ec7757fb509da3cc7c98310d79a89a5d0740b0b6a3d99cf64bef0290597f635ea0f383a178c773c9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53b4349656709ab093f011b232d91a9b5
SHA1d057b612c545e245548bc878e38d4abe8882ef98
SHA2564184375366355655ff7ff4484318a8f3870726be367c5490babe31ed0a714984
SHA5127369ec225666a3727065a881bd26f27639f618c126ba3baaf15114ca206e0859fad3a3bbbbbe220a311e5e9b35bc19d8752d7bec09b2f38d25448582e0baac15
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5a6ea209358905185a97291df6be87d67
SHA1d405ffb5c653c25012ab118d8255b716127789d9
SHA2566cbc56e21c793c43f3f1441791756095107d7ccf10f42e8d0aa7aec9cada0565
SHA51298217110cb840df45e56e6f3429d120d0b22a020f41683dfeff38c517c834ec058cf43dfa1de09f2945af41cabdb7298e1193e33c3f473e0e151efd447fb6fcb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD554f45971e97308106ba659f10f43bca6
SHA11d71065764ada746813f6fde16cc09d654f6f535
SHA2566ed9dbc139429fd6f35cc51870104ac3398b4ece0eed9a77b64bf671a07e64a9
SHA5120bde6cc035a0db269c1781dc432a02efdec884a91ce4483d24b9eb1c001ff99a7a34d1552a669fe2c5df4445907cd732e0cf1ef484012687a95f7c8a8a3adcfb
-
Filesize
67KB
MD52d3dcf90f6c99f47e7593ea250c9e749
SHA151be82be4a272669983313565b4940d4b1385237
SHA2568714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4
SHA5129c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5
-
Filesize
160KB
MD57186ad693b8ad9444401bd9bcd2217c2
SHA15c28ca10a650f6026b0df4737078fa4197f3bac1
SHA2569a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed
SHA512135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b