Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
480s -
max time network
503s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
10/08/2024, 18:23
General
-
Target
https://www.youtube.com/watch?v=5YlX_BrQ3ns&t=17s
Malware Config
Signatures
-
Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 51 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=5YlX_BrQ3ns&t=17s1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9723d46f8,0x7ff9723d4708,0x7ff9723d47182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5608 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5972 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2024 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7772 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7924 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8424 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8604 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8804 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9264 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10284 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9892 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10288 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10776 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10728 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10956 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,3692208566516206572,7544901053263935235,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4f0 0x2481⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5111c361619c017b5d09a13a56938bd54
SHA1e02b363a8ceb95751623f25025a9299a2c931e07
SHA256d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc
SHA512fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2
-
Filesize
152B
MD5983cbc1f706a155d63496ebc4d66515e
SHA1223d0071718b80cad9239e58c5e8e64df6e2a2fe
SHA256cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c
SHA512d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd
-
Filesize
3KB
MD5b84e60ff2b68171d9e2defd35a407d13
SHA1ce1829174470a7408c87db6724eedbf957412afd
SHA256ae8f425c3a85ce066dc77eca2e1d5ccf9c5422a593770e44363766fd85648728
SHA512bb8f57845eba8b4959cd3308447278a0b58413de84464e99b9ab20e6e2a2f21f104663e76622eb92cd81c260e649bf33a54fc5f84ccc72cfd3c9daec66afa14e
-
Filesize
1KB
MD5791a0e24107cb25bb996572fdefae3c7
SHA1dfcf07a4eda89639246058525a2846b628ef5ba9
SHA256ddc70859fc5cfd30f217ca7018468d550affe5dfd840f72d040558777983fce9
SHA512966eab452b775eff9ac99a64ac2f45dae7ffd1b19b4866aded3bc4b367a17ecd322fcbd5c8f8a854f93326792fbbb7fcbe8e35b2651aab7f07a991068a7615ee
-
Filesize
456B
MD53fa8d386b156d5f781cd8ce18267a493
SHA1ceb0f2b29a6b251c14b997c8de48ed0f57e523b8
SHA25643f705e5a524b456cb64da5429f274c159ac899d5d2859bd620821df64360342
SHA51218c33d03ee4731c26dcf2cff7fcbaf9e1d8212a1fcb8a3224a4b5e1cc1ff43de9b80482ec734d7433f229f721c8cf45de3cbbd58a8177b8cc1adc5410b7bed53
-
Filesize
2KB
MD53e5c3679f4c77b0615a6d6db8be18697
SHA1ecf8530b6ae10b80a5ef0e59eab4e487a4cb812c
SHA256de7576177f17852d1ff005c28af23b3df4d1be589198e9700511601819a81a3d
SHA512c3e5ea4482c028c233e02982815ee9137e09f969c84976052d2e2b8b7f619a3c4e3fc8a4bbcb476350fe368e7ca0eb0f477111723335a9a672080daef0089061
-
Filesize
13KB
MD52616eacf8c0b51789ba41bc4a54971f6
SHA107af8eb92597a382cbc1282230cf91d20fa44ce1
SHA25673f94ffd7e3090b39f2e087ab484a1b0fc83eabdb2dff7f3194e4d573732353f
SHA512aa8b458c48c2a0164781250791f81016dd71b9c36d5bfc1ddc96de170a70ff7452d528522885ce484836220145bd3cddd79a2a564b4a10ce78766614797ba7e9
-
Filesize
13KB
MD508875c4bd7fcb145ddb84b1597e04791
SHA10f7a4f4fefb8881a92109b00b4e51b7094b035dd
SHA256bd8234e5ea37d6472a00f8a0d8791cab4f2e9b6625292bb99b28c0144d42de81
SHA5124081f054015da61be7d26d50dfb90b890cba96234fa20769b357f0e9b25a15f81dc54185078522d88880de8704cd746c501191b05eae0612b84c2eeb18aae8b9
-
Filesize
6KB
MD5e91528d078b633665adc07600d3cbe7b
SHA1acf34482410209cf3850b93ed294c9021c8b5038
SHA2569e7bf7431ccd3249f1be72e08273d240cc5ccee0330d2bb91850632b170aa374
SHA512cd4cef65069204a9e5f03e173a2f2db4fe96c15da259ee2fa77586b9eede2cba2be5685c914822e78488a05e07e8cb8f3cfd17402a95a5e3b53f37742d8a5070
-
Filesize
6KB
MD56a7fff4da7f45edaf2f9e8a29e1316ab
SHA1f134f7acee5a74d3c619d4a898a7671fae0d587e
SHA2564bda54bb1fbf907eaee2576a089a9f6adb0fe0e1d73bb3f2132f6746c333a6c2
SHA5127879b66825f4a9ee019858e20df475a68975f6d91cde71c6114d2ac9679dc7c950c78d6aedc7bb10a79e2e23f07a3eb721683685a75dcb3e396995bccd9c395c
-
Filesize
15KB
MD51ad5c1e163faff9b817b49b53e34d65f
SHA10fb1e99e70d78b5ae6e320141f6d8b6a3e038795
SHA256cb7cb85164389f179b345dd034e8eb01e44378ca064008c3e795e7d06118d16f
SHA512a9dd429cd929f3df63178ba1a7682d262bd26de3a5f436a5c9f56b1eaaab21fa34344bb72c830282675f432e66ec39a128143399d96b07bc46280d4e7e91b087
-
Filesize
15KB
MD5bedd1ebb13480eaf16b0bf5ec6452412
SHA102b09e45b5db6114d1a6dd94858a843f5dd23e69
SHA2561d31f092576c5d44b998537fac23efa5494fe9ab77a0de045b626db679670318
SHA51266b6f82ec51d0443432b0b39ccfc43583a2d1d2029fedc6674e986819a0235a9edf4fd0772e657cb41e5350484db4e6faf9add2cb7021af3d842fc63067e5e56
-
Filesize
6KB
MD5fe2d0fc07a715b3f01facd650ebcb606
SHA1ff2de41eaca35586635f6a3ab0ac08b53118c258
SHA256a8a6505cac04ed07102e55795c072b35c55e4ff8826443459fd2bed752e273d3
SHA5129f9ed666b342c01adc7a9a38ff9b32d17154a437a68d4b08e767b713895e6b3de2adfaee0ceea13e4f99a1e8629c17da25357f52c3f3a9b4f0f34332d29bac36
-
Filesize
7KB
MD52af04c697156068b061cca847c647ec4
SHA11259437c1604f534ee81fa9c83ca48f101a1aca1
SHA256db17c8e38d86b1de8d8eb23bf0d4ad6634fbd88b9428d4036723ef9e7ebed3fa
SHA512c01654073b0982e3b159961a8437b3fd1e2f359b15e7d1232fc1088b121a13e14393ad0a053a09f861c6e08edef9107584f216dd9d71e7b853643008ee7283c7
-
Filesize
2KB
MD562222c044044b4927eeda4af757d931d
SHA15b324a7d94b443af18d3c52c132f3ec5de45e722
SHA256190c1952171094f295af9636994fcdb44b5901f81d0c7c74610e93f73788fd54
SHA512b514ae50f27484b5cb0979a3c967a4ec6e4200dc2ad1bd66927c3bea26a1fc6f045e800006b2c8f010ec819c8a65aae8c735b0bfba47f0fa8430de32f7301e47
-
Filesize
48B
MD548ed404285b1728fdad936638b010ea6
SHA117f3cd933e6214f3f5479e745ee2f29fc22f0cb7
SHA256188812fe0582bc1affa02f3f8d2b643d22ef4bda65199417845ee5c87b216a0b
SHA512ace7190b42d39a4aa3110724fd32fb8455d01817172ba629fd041fdecd68ce0f43b1efc549a4df3cadd12c14f985e2d3c37e2b3f11d587ef4fee130527293cc3
-
Filesize
146B
MD5b4118f32411438dcaaed5da432868529
SHA1f78e260cc7b637b3888408da5afc6704039b8ea3
SHA256fa55dd9219002d4d054b62d1ae31553541bd1ff227937e1e6f35b3059574dbba
SHA512979c3e82545edcdd6507f832d50a407410779bd60b6a6fb2ba436d890ae0c8524b877e110d3760f4f16afbdaad8e0798a2f1cea8f44b6833fa7f4bb41d2b513e
-
Filesize
82B
MD5cf885b76d0f7a48c000c6396aeead975
SHA1ee24b8d0c42d9b164542bab169dbc5ecee92f328
SHA2567567e516c588db903af0b5d8ebb21467b61687353113dfb39258feedcf671179
SHA512dcaeb178e7ec942a08b4f6fdf5a4826fa39dfa06862ad164f128a08ec2b2990e90b6ed59cdf1b5c3ec77a3701e8ac6e502f6dee0f8fcd0f7ee1093080e0d6658
-
Filesize
84B
MD559f09b4dbab8f3c50bc5741848b97db8
SHA17ec14cbd162e1454ee97626ea2d21ba7171f2526
SHA256d9bf2fdb82383c7425a368df7c5a0f81d3228ccae518087e2c75082a91e238ba
SHA512e253dcb7ed6c322e01517bba2ebcb9e34774b1c55c6e4b608ba46d72a336edc0b6238df42f1d2c79b7f5cfd7259a576767b26d2cfd0afcda8dd2cce68d480dd6
-
Filesize
89B
MD54d012e298f1bbca7b82cfc5961b2b210
SHA1d7948c9b786bc04d4fdd04f9f4480e99028d171c
SHA256ef4ac3655069a2fa343eb4948c9d66740536b8562755a3aeec8363c31c9ed386
SHA51259f70fb91932519694b654502e0146ef0fba9796bf78667c84b3a1f5a86b3a11ec9a6473df01d8e3fe4fad984a00222b47dedfb8f32e41b937423a8d5706e579
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
72B
MD53f0744c5f4d11abf5cad3cb714f05cdb
SHA1ac0139d0bec7e57889f6cc384fa9df46dad492f7
SHA2567e30c3d26da7710fa2d8bf6d08718fa7a68991922d6fdf999f822055ff645e92
SHA512c90ee6d3706d31d17345b28377d64855ec03c8c6a661214988454276ca2a149ad5964bfcfa724eba52c29d9be8fb315172ec188cdd5734a301e0d25ec4da2551
-
Filesize
48B
MD572191918aee3c449889d3127ce094632
SHA1e646d111a3f13c19d2dddc7c28c7360f5827cd34
SHA256abd830d332521a26399ccb7993552a736df8ff1795f1957bd8969e54da10bd32
SHA5124c9937e764216f38889d864682dc9510c7cbb3137c7a4fdd66458c879246173bca13da841940132c8aa747bd735f658e2b22428a563e607872cfa7a026813072
-
Filesize
3KB
MD5ab9a1127942b74b072987ae45ef0b37e
SHA1cdfc003e332d8ab53f780a81b085734511361497
SHA2560dec206f400174e424990802fa7c721f128f0d9d1618f7e7797ba7ee04771135
SHA5128695ef47bbe59849af11825d39139a1422c3679dcb863ea5a513588a98d25708f6261112558e6ec5f2238a4a059c67efbfce91d88bae5569837e40271df6a8a3
-
Filesize
706B
MD5817486cb2c2b150a7434ebfd82f0fa00
SHA1b3e44046b3a2e3a88305308a61121cf5a781b918
SHA2568eee8fda252e5756bb0853bc8ee4701d55b6eaed6965cc41553ab508a554c180
SHA512ff1bdc2febb694dff9754089d5b3ab4c53697fdff31af0db6dc7ff6fd4ee6ac5072453b80e444e6fe7cb640f0db11ac28337c47819de4370e819e0746adca374
-
Filesize
873B
MD559ee16778c91b93690470b0ed771bb56
SHA1eb001e1913aacb3e20a0964d0cb19b6708439574
SHA256a283a62364a46e7d6195a1339b438fdde552e8179eadf35add6411156283691e
SHA512afb3ea9fc523da604aee9cb7b2f3ceb2ffe73179b3aa84c44d5bc1b2a197c9ca9a9f41bcabf0b04514e90f579a7d9aa157049c4a9b4c1786f682111bf75b348a
-
Filesize
3KB
MD5478d3c4e21a4aa138b3b0b1e41d244fb
SHA196ab6f9d93f595cf337291ed77c0d8a53cdd310a
SHA256c5055b027259d42ce66640bc2e194ac9869932d86ba363016a04b2f730fd5f71
SHA5120dc5a33c4b538fd97c2f24aa8a48a75236d83944a7fb27c1d610bc3a7cb72fef4abd3f468550eb4d3ead7bf90d0ffbd0af347ff98057c420679a1ca5aae8fa52
-
Filesize
3KB
MD58373db8e854ef734edb508aa23590dd8
SHA1427f9fefb0d6453392cccbd449156fc6d9887932
SHA256c72648f75bf4e8fbacdad471f7494f28b02bdcafb90de8547ec4529cc63b8f8d
SHA51254b8f9286913b310f8ebff71acf3de1765d5acc2bd4b61e52847500b10a042b0c40f4fc35cf9fb8b2e5c8719752c7fe28788f950dc177f1ef5500cbd17c36edf
-
Filesize
539B
MD56475352649841d0fbb7b6c9a67cefd89
SHA1867861d5162581f54aec3e3fe4fffa8961b4de69
SHA25604c7dd860df033d66ec117301b0727d02ff7677943c723127053ccc751a51ae0
SHA512b69222fef50e57be6d401791de457cbff46d20b2c569768694e9c12775f9ec154aa54a7475247a2e0e189d251f2e9c642b563821233a6fbf24f3a7a94c7118fd
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5332bae9ddd8832298f3165f8fc39694e
SHA197d8f8012c7418c92a9288c9a5a680120196d731
SHA25603e99b5fd984a837c663627da08a398eb2012fa1dcab7ed0492068e5345b045d
SHA51218d227e3f0394631b469145b54c96573ba819ce55c716e14dea3c53e7f100519a9492b46b38d0e4741bfff45e3d608f0dd1255091ddc2eb91d1269912992bb96