Analysis
-
max time kernel
44s -
max time network
102s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 18:14
Static task
static1
Behavioral task
behavioral1
Sample
SolaraBootstrapper.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
SolaraBootstrapper.exe
Resource
win10v2004-20240508-en
General
-
Target
SolaraBootstrapper.exe
-
Size
13KB
-
MD5
6557bd5240397f026e675afb78544a26
-
SHA1
839e683bf68703d373b6eac246f19386bb181713
-
SHA256
a7fecfc225dfdd4e14dcd4d1b4ba1b9f8e4d1984f1cdd8cda3a9987e5d53c239
-
SHA512
f2399d34898a4c0c201372d2dd084ee66a66a1c3eae949e568421fe7edada697468ef81f4fcab2afd61eaf97bcb98d6ade2d97295e2f674e93116d142e892e97
-
SSDEEP
192:konexQO0FoAWyEfJkVIaqaLHmr/XKT0ifnTJ1jvVXctNjA:HnexHAWyEfJoIaqayzKAifd1LVEj
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
chrome.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Suspicious behavior: EnumeratesProcesses 13 IoCs
Processes:
SolaraBootstrapper.exetaskmgr.exechrome.exepid process 2980 SolaraBootstrapper.exe 2980 SolaraBootstrapper.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 560 chrome.exe 560 chrome.exe -
Suspicious use of AdjustPrivilegeToken 18 IoCs
Processes:
SolaraBootstrapper.exetaskmgr.exechrome.exedescription pid process Token: SeDebugPrivilege 2980 SolaraBootstrapper.exe Token: SeDebugPrivilege 2540 taskmgr.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe Token: SeShutdownPrivilege 560 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
Processes:
taskmgr.exechrome.exepid process 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe -
Suspicious use of SendNotifyMessage 64 IoCs
Processes:
taskmgr.exechrome.exepid process 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 2540 taskmgr.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe 560 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
chrome.exedescription pid process target process PID 560 wrote to memory of 332 560 chrome.exe chrome.exe PID 560 wrote to memory of 332 560 chrome.exe chrome.exe PID 560 wrote to memory of 332 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 852 560 chrome.exe chrome.exe PID 560 wrote to memory of 1648 560 chrome.exe chrome.exe PID 560 wrote to memory of 1648 560 chrome.exe chrome.exe PID 560 wrote to memory of 1648 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe PID 560 wrote to memory of 1124 560 chrome.exe chrome.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2980
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵PID:2636
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2540
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:560 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6ab9758,0x7fef6ab9768,0x7fef6ab97782⤵PID:332
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:22⤵PID:852
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:82⤵PID:1648
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:82⤵PID:1124
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2308 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:12⤵PID:1732
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2320 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:12⤵PID:2328
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1388 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:22⤵PID:1536
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1296 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:12⤵PID:1052
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3476 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:82⤵PID:1832
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3596 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:82⤵PID:2092
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:82⤵PID:1072
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level2⤵PID:1716
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x1403a7688,0x1403a7698,0x1403a76a83⤵PID:2632
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3856 --field-trial-handle=1276,i,1565831726996585540,5360074157881015735,131072 /prefetch:12⤵PID:2256
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2272
-
C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe"C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe"1⤵PID:1736
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
361B
MD501f901e3c9dd22b7a022767ed4af412d
SHA14af0fe92de95c2a6dfbcc93fc4ea7ee0c14b0b8f
SHA256c7af4b20487c536516d495045926030199968e5c00cf6f21c4620bd64959b25d
SHA5124a9eb374b25f8d2cf5c9ab241aeef03c2f2f0b285834a7fb40ebffdeb76e911887f95d51284798b7571eefd203da61dc021b6e2b0b0ea4b21b5fbbc856b43d6f
-
Filesize
4KB
MD53d7d085fec9a3c3ea116598433efafcd
SHA133639d0406f69d3c94a1c1e24c9382b5f0dc91a0
SHA2560c188610441adfea778454a84bbc2274bdca40d7de3cce777cc564d3b70607f9
SHA512aba7282d6c4456487da7e99956588cf9888e9ffabbf4192bc864b98a18bb00a47c597e3104c276b8bdbb00036be093804dcc49d4f4d13fc5ebfc1697bb149c16
-
Filesize
4KB
MD5b29d8123413fb6fd5fdf9af04e8f40a3
SHA1247dd546887346113396286187092fd9de626042
SHA2566a2eca8c19ab95b8873b5a9a6a2060dd37b6eb9ad66c9a78dd9962ea4b4bc142
SHA51238fc6886c0788147f5274fba47331696cd4a9e2514f27119b345cd23297003a001e15894ed134c1c05d2a8092ccfe929a50c5dfdbc95c12bfc602b9f8efc0f94
-
Filesize
4KB
MD558ad8778b255d83c5200b77406bcf86b
SHA187b3573997205f43fc9274717cc5d9a3e461be6a
SHA2562b7d7d0b204c9efb4185555da382a3aecfba5d53d5c05ebf71b7b70ba98db36c
SHA512ff9880562a679ba1bc066dbf5accc23abaa12b29960771a88d220ad0515baf874a3584bc29f7c401ba9f6dc1bb3f33c0aaac18c77a462868f069ced9ab2cc900
-
Filesize
16B
MD518e723571b00fb1694a3bad6c78e4054
SHA1afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA2568af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA51243bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2
-
Filesize
296KB
MD5cccb47b093d2a7ce235161e01e8ab955
SHA12308b793fa4d407c9fe96a7be639020bfc355b03
SHA256d38f416371040d919ef0692d96767ff35df486a09984e9b347d8a6dac254d406
SHA5123a0c4a70b49fc0209d96b42f053d14e4bbea11391c56ff98bde4ee5346e961a1c6e89a5aa2061e14d340d4c9a04ff6319964730249658bf0054082a1083a1335
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
Filesize
94B
MD55fee8c846e9b919705407a20885194ab
SHA1a1aa27e0366ae24c0c5f3a92bb38817615437080
SHA256ea27260dffe170fc8c7987da31e3b5536795a9e30c76a2e6d4047db474a9617d
SHA512e39ea9473731e201caef09ac448cc333ac7377df6deec1781b54e7d51af41a7e5717725db56088cb2adbe0c647eea2bba91e8a95ad77eaa8d6446c7aea890c11
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e