Malware Analysis Report

2024-07-28 14:29

Sample ID 240613-1rk18avgpp
Target a6bf4b25833e292f69dc8d3cbb8b0c0b_JaffaCakes118
SHA256 4d3b5957eef18a5e1cdc4d38081299b48196674738a8a0938c1f4bab7198d434
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

4d3b5957eef18a5e1cdc4d38081299b48196674738a8a0938c1f4bab7198d434

Threat Level: Likely malicious

The file a6bf4b25833e292f69dc8d3cbb8b0c0b_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Requests dangerous framework permissions

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

Checks memory information

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 21:53

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 21:53

Reported

2024-06-13 21:56

Platform

android-x86-arm-20240611.1-en

Max time kernel

128s

Max time network

182s

Command Line

com.caobi.player

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.caobi.player/mix.dex N/A N/A
N/A /data/data/com.caobi.player/mix.dex N/A N/A
N/A /data/data/com.caobi.player/mix.dex N/A N/A
N/A /data/data/com.caobi.player/mix.dex N/A N/A
N/A /data/data/com.caobi.player/mix.dex N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.caobi.player

/system/bin/sh -c getprop ro.board.platform

sh -c getprop ro.yunos.version

getprop ro.board.platform

getprop ro.yunos.version

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.caobi.player/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/com.caobi.player/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.202:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.141:80 alog.umeng.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.140:80 android.bugly.qq.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
GB 172.217.169.10:443 tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 223.109.148.177:80 alog.umengcloud.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 14.22.7.199:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp

Files

/data/data/com.caobi.player/databases/bugly_db_legu-journal

MD5 d0a6ee14951e2cd7c5c84debcbb7c9c4
SHA1 4f71c84a03ca8390ba253f9ff46a66cd873a17f4
SHA256 815a06fc43ed9f83c71753080a8cd62759eb605b05f9e6c69740866a803b5b84
SHA512 5e333c3c428531bbf9b83f7cfae1aa7d55fd28ba7f0c69eb8ef93d9c08eae16b25dcac6fe39f084cefa7d74074d0eed3c3d5a84c79ce635ddd5da7da098ab347

/data/data/com.caobi.player/databases/bugly_db_legu

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.caobi.player/databases/bugly_db_legu-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.caobi.player/databases/bugly_db_legu-wal

MD5 ab52d8dd91209b60f4e064beefce21a6
SHA1 d6a2a2573178521bc769f7c7d907af232e13a6f9
SHA256 5aff0f05d794221c1c3e87c566969f93a57bdcc4c899e65a68061429016a7957
SHA512 17e35de5298a6cbee59e17411d8bbbf8661dbf2196752a7ea88bfb13e444f93733d722bed308f56971d4c9d6dfd26541b9c9bf0f4d42db41974dd8fdf2ed679b

/data/data/com.caobi.player/mix.dex

MD5 63f77f99bd2c2b772a479923bde11974
SHA1 c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA256 4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA512 3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

/data/data/com.caobi.player/databases/ua.db-journal

MD5 0b0ac46d51b70500f938839278c85cd6
SHA1 c2672a5886a7282212067fb9484aca5f6a7def07
SHA256 f188d1bed21a4ba7f58cd29f8402a0a92f306e256057b44bfe12aab749271981
SHA512 07823996b943dcc99736474e1c0e550d3a58fbbb6a59507855c38df57286ab2793e817caf4cf4fab4e9d8120fefd38dd451ef22a47c196eec2eb60d661734636

/data/data/com.caobi.player/databases/ua.db

MD5 81dd713081a2668fcfc95d74b55e680d
SHA1 a09cb5fabb18178687bdda825dfac3785fbe1e34
SHA256 c0046790db52ac6ed623d01853a03815f4c719776bdce9a9cfdb87f94b860ec4
SHA512 d764acdf9978bf03d3c6f81172ac7d21e9cee9fe72665a54cbeaf5e0faa1a8f0014316331258a3b4028dbe9cf526cc6177e2a2adf118fb5424ac0271afd5cf7c

/data/data/com.caobi.player/databases/ua.db-wal

MD5 bd63c4e0cdcf87b39997ac8e30749bf7
SHA1 457ed81875b163fdb788aa83df5559bf27468694
SHA256 94e3e4c2af29532814b43d021d0c9f4876f4fa95404569bf94a2a0ddcb383163
SHA512 0ddc7d1c2607a83e71c9d1ec02979f3a0dd71e1bc1d208ebe8a8730540125726d33b1f4c727061007fcf820e1575a0a62871297a8c688b92d3ccaeef2e6a739f

/data/data/com.caobi.player/databases/cc/cc.db-journal

MD5 acc498837e206fd0a0851ad2f9f5a2a5
SHA1 4e85db052924135e78fa25e436ee5f35527264f8
SHA256 0d413f69648e553108c62253550a33e4b13a9e0ea09aeb3d22f6aaa526230b31
SHA512 77bd7813f932145080e31e649eef8ca80825e0bf3e3426f0703d768b151834d8f68ff397b11f699f2527917097cd6c06f95990dae12d37189306349e09175d2d

/data/data/com.caobi.player/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.caobi.player/databases/cc/cc.db-wal

MD5 bf02fc9d84cc13b23cac4c8f31019848
SHA1 f10e3127be36640e54e3be21cf43b9d7de207cce
SHA256 fbf950115de6c80fbe664c03d5888eb9f9d97be91ea4e5900cec41f590222f2e
SHA512 9228239a775066f7344ea2ef6130d6eaa0b7a93aa77fb453b8b991d96f370568de4721654ef7e702b22054152f7e08c0bf691c8d3dbffaddb1326934abd9ceb7

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 4b1f33153d38cb6026b188a440decd10
SHA1 7de180c11ccc24a0f0612ebcca3de58876374948
SHA256 ce5e69bfb780485a08dd2ea7ccc384ba6df1f7fd03b9558ad1cff5f885c9a7d1
SHA512 e2c6b154bc1db34cc42cb58194e4454b96965627fbc7a680de6f0d6af576742a69203cc4124040f884dc3609fc5c45b1b81cf29f9e3aa5b335a1f3a69fc7ac2d

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 855a6d1f672ab76213cd88061799fef7
SHA1 f8d9f5f9acb3dba9e0decd803f454241492d3b94
SHA256 c337ef81746852ddb7e7fd71924c037d5639085f61750ece213fd256a18e380c
SHA512 b943dc46273d3e00ada87ac24c9242c4d4650fab58438418dd77a6c42a41fbf49af1bb2b9e12d89beecd479306b43b1fc800063ca476d784be943fc977a79ec5

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 13c06210409e64fe25862c1cd34fe8e2
SHA1 f2879c4e289d3373ad3b2f2dad9836c0bc5c1670
SHA256 7a46202f0920cc25e91907eaeb16fc180e6af7a3d7b78f0b0b7261256326b608
SHA512 5f607141b266fd6a13e48140691de08776e666c9efb6055247733025f82a8424e7dbf8d229bc87d795b0a5878072b0ea272f48dbfdb2430b04ee8d1181263d7f

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 a2d70b318d8b1f2424c2939538e287a2
SHA1 9bd9caa9a4ddef28ab18b5c7e7a039427e187f46
SHA256 2d6b0e17de01d0ac5ef710edd387d6e50292c352d3dc54cb2598470a00e291eb
SHA512 b521683efa8ef8ac988b47f68d17ce144d8740f4d1157505eac2f77e0fc7c7acdcb9f9c83bf74b5001f2687ce3937bfdcc6bd046a3e0d8f9e7b6cbe909254503

/data/data/com.caobi.player/files/umeng_it.cache

MD5 eb767d9f29ba0a66f26c1c4f983e321c
SHA1 8bb718d0c7e60611f46ad7993904042ae0ff41f0
SHA256 9a9b6a4ce248fbcd009e6729a300e18a139ec92c385847b00c4363bc47b00171
SHA512 c22f25f9ceb5879e7814274ced98b07fb0bdf92088052218f5ab23fecab6be1bc9d7ae86c5cae745c36c9a137fdcf18a37f460ee618ee54b5286b5ad41910518

/data/data/com.caobi.player/files/.umeng/exchangeIdentity.json

MD5 f8d562897511395f88e7f05dcd6f0316
SHA1 da11d19956f886e1d241f348fcdccad09af5e2f2
SHA256 573028c8c87a0210a3460a9debe2f67c5d7b9b4bc2fe7234a175c70ae71def9f
SHA512 5ab6f4368132da46fe86416974112fb50cef5f24422a09f2cded425172b0d6c6ddb5c80ec1d3a2e235333119c2e0f917c849c8944707c14ffed7ea346efcaf0b

/data/data/com.caobi.player/files/exid.dat

MD5 94daeaa3852690124eed5257b127e0f0
SHA1 2d62015f106d17e3557e1e68f9d4dab9636f7ff5
SHA256 66388490c38fb431aa33f64437d40d30adb14d24731facf9c5f9d07b477f368a
SHA512 928011d4ddf7565b2ea53cc666b26207ada822de323b6ed8a2d86d14c874eac0b568137f70bd861446e8efbd12f4605805a0941a37954b363b93b7a378fbe4e2

/data/data/com.caobi.player/databases/ua.db-wal

MD5 42ddf556b65b5162096f1f29390a2fa3
SHA1 25be663a342832b1546621cf2f6c03fe99360c47
SHA256 065aa16229d730e7b34e792aaf4ab90ce967f41dd3440f9b063bdd91bff2fbf4
SHA512 e7eaf0166117cc246112ac080eda90d4953b72247f4aa01919fcbc68e86837553313521c76867a7f789d3168fed33a7c3229966ba75086eef4ffd55c2909aa17

/data/data/com.caobi.player/databases/ua.db

MD5 d604a3bf1f8d992cc320ea5b1f7609bd
SHA1 247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA512 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

/data/data/com.caobi.player/databases/cc/cc.db-wal

MD5 a17ae7b0b289a5ff311f3774c51d9da8
SHA1 3235ae05744222e5778fd9a48eaaa990b700fd9c
SHA256 c0fb2fae1ecdd75c88b798fe2c212b5dc4a02d3d41a2c807377fe51e0db588dd
SHA512 c62dcb5b24335d21a53ba49e6e70f7630f1d8c6ce4f7f9990f94fb512056920475534126c08263870c44ca0c156ea1280cfdf6c49501c4bedbbe82e9196f3071

/data/data/com.caobi.player/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.caobi.player/files/.um/um_cache_1718315728421.env

MD5 9f2258e23a343acf73aeffa69eaa556e
SHA1 86b5c6a5f01e2228118e3f1cb2f02cebfe18ade5
SHA256 a2813cd5d020dc30097dd56a75d8e5f8a9d5f2bd8179582a669641c91461ced8
SHA512 1cacda06dc151f3891848705096037190a963358467f94d1e9b32c6c8182ab6b53d01f7d7a6b4efe05954fae7d07383ff42bc259053fc2a84210c5320c522ba6

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 21:53

Reported

2024-06-13 21:56

Platform

android-33-x64-arm64-20240611.1-en

Max time kernel

10s

Max time network

170s

Command Line

com.caobi.player

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.caobi.player

Network

Country Destination Domain Proto
GB 172.217.169.68:443 udp
GB 172.217.169.68:443 tcp
BE 142.250.110.188:5228 tcp
GB 172.217.16.228:443 tcp
N/A 224.0.0.251:5353 udp
GB 216.58.212.234:443 udp
GB 216.58.212.234:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
GB 142.250.187.195:443 tcp
US 172.64.41.3:443 udp
GB 142.250.187.195:443 udp
GB 172.217.169.68:443 udp
GB 216.58.212.227:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp

Files

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 3f803f9c7c38b323253506c9a6f10619
SHA1 4e02959ae2bd8ee50ec5c5c4732f305feb9ade55
SHA256 9057db7c39cf778fe18f2086ca8a0204d730759f5af67d2a0c019358c86a1030
SHA512 07121f19d8eb178a95547e14727d23090cff841d0f7e4f5e38ea468c9da0ac4f1b5656c52ad75e947c3c7852d79a8fdf1185c9cf6aa3309215744a5295778499

/data/user/0/com.caobi.player/databases/bugly_db_legu

MD5 17fdd9aa16506512e4b7dc36e4016ca7
SHA1 3c7d03a036a321e576f361647af8a25727538d17
SHA256 5abcc8c43d7f41aca982dc1bdb7c86496a43da7fe21b6dd590a655a6e0fd2d85
SHA512 fb8d65759923001defc72153a784d6c51a98bf414a661c72ad97895ef65dbeeb33213eca7f1960ba195bf7dccc48f618aba445430831c81f5c5e16dca02ed53e

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 683878dd7aad1c9faa06935059e451c4
SHA1 2a9cb66d33a8adc40442edc2d87550614a0d3dd5
SHA256 81b5fe4943e9f0dd86831b72312b4baccdbae74f21327f1581c5cfe05409ede8
SHA512 22c5956de7e9d876f135a692016e2c767a3a711ca4fd17a957c037989620b6b950949c728d06781150549bd07982178857c0bc3582fdc8f8af47d59af9b42b75

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 0a029defd61ff810982d55ea35112cfd
SHA1 df9a474053da1bc787903946717cfcd391757020
SHA256 683b0625c64e94a3f428313518454e609181793d1c0ee27cce5b5446bf7b2de3
SHA512 7cdee9f7eda620dc76a945b62078d05a4a28295bda8755b8c147b08c859be053a2a7ed70acfb588169daaf618e5b31d648bb9a363c0de426b1b350d25651341b

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 3e154d8434f443c1f6e5d6c5d364ae70
SHA1 e3fdfae667c00b9a522d5deac96bba9208d24568
SHA256 93d069da66cc78a1699e6a5b163bfeb56ba6ab228ef750b9faebbc678a102cb4
SHA512 4334a0ddba2f84263077ee9c80d5a209728a296508ae5b757963bd5c4105d19de3cb7ec36b96505fe9e118a59334105bf630d0ff085378cd77dfd73303687588

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 6a0ae96e337b1bcdecc20fc15135d42f
SHA1 2233b59da16e17165ca798c4c22624f870c98906
SHA256 31e11627f5213e4036d4d2438f4d04e0569010afdefb8b449f5d2dfff4d84c42
SHA512 0433e7c66c2ed6c15605ff9f767d18b22f4370465489237f78b7228baebbdbd122a153e55af26d6b8929b0aa1f04e284e7ea9c75ddc224a32ac6ba666723f530

/data/user/0/com.caobi.player/databases/bugly_db_legu-journal

MD5 72667208e1b7182cf62328b4b43c3e88
SHA1 8df5fd8b5bb05da8cf8cffa9022242e0db45fffd
SHA256 7021ee9ae8cd157a058fe911b252db0459852965b6f633f35e7cd3f85c6890a5
SHA512 7ce9e6ec548a07e075cd1b844bf6e19019246bb46a93404e8816536fe6fb91a7d8560bc88f67aaf8ddce9827c5bbef0eac3de3650af4bef906011836b7c8a753