Analysis
-
max time kernel
149s -
max time network
147s -
platform
windows10-1703_x64 -
resource
win10-20240611-en -
resource tags
arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system -
submitted
17/08/2024, 19:44
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://google.com
Resource
win10-20240611-en
General
-
Target
http://google.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133683975377445998" chrome.exe Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
pid Process 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 4388 chrome.exe 4388 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe Token: SeShutdownPrivilege 3840 chrome.exe Token: SeCreatePagefilePrivilege 3840 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe 3840 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3840 wrote to memory of 2168 3840 chrome.exe 70 PID 3840 wrote to memory of 2168 3840 chrome.exe 70 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 4236 3840 chrome.exe 72 PID 3840 wrote to memory of 512 3840 chrome.exe 73 PID 3840 wrote to memory of 512 3840 chrome.exe 73 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74 PID 3840 wrote to memory of 2952 3840 chrome.exe 74
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3840 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffdae209758,0x7ffdae209768,0x7ffdae2097782⤵PID:2168
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:22⤵PID:4236
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1792 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:512
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:2952
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2692 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:12⤵PID:4200
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2712 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:12⤵PID:204
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4396 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:12⤵PID:2184
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:4056
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4820 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:4956
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3764 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:4596
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4860 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:82⤵PID:1844
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4764 --field-trial-handle=1864,i,17263258114036682323,12402009602453876205,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:4388
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:1336
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
209KB
MD53e552d017d45f8fd93b94cfc86f842f2
SHA1dbeebe83854328e2575ff67259e3fb6704b17a47
SHA25627d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9
-
Filesize
168B
MD5904ac379baa20a150621e332e4f031c4
SHA1561ddad45ab78c80f0777da213da979423c67968
SHA256bbbd477d32a287bc78c8dc900ce0197873138cec4529c22f5f036d8c4c21e9ae
SHA51288ad84266e64b5012709aa04a2804061ebcdf834cd3faa0bc8c5a5cff87e9a86845512158f780e4f7ad455bbca3ffa9afd1f5a48e97016abf52c327953aa034c
-
Filesize
1KB
MD5788c4f429dcd0a7213b1946c321e0bbe
SHA1c97a25cbed2385e2d185fecd05f9778d33d8571b
SHA2569882d92beb7ece1d9fdd2abd46cedf1ce33d3d14cfe4eda6e9bbca088f6a7ae5
SHA5122b71e9591f7fe28841a33dafab8a28fd62416af64815881e0406020874db3c4d0696a6dcba651889b90f7536b7bf9e43b80254f6a699497b40deaeb35b57f01d
-
Filesize
1KB
MD5041b9ef1e723aa461da293c0e633e5c1
SHA13a7a8b8de7c22ae9e381d7014bcdec9f0df30f8d
SHA256710f852a9ff995befcf94e88703a8b6293d54e761060dc54217adeb58f1758bf
SHA5124e4ad8c9c1e468b5b89d5bdc4919ea675f5c1a8c76df8ea93fb827f4b1cd0352e6a4ef31a97de1218bc037b2c5f3fc29ab2b1d362dfffdb58fe02e970640c9a9
-
Filesize
5KB
MD55dae3eba2ac1c6fc07da21001e829c55
SHA1ddec557fbafcc5bcc7d4a09b14852c28e920ac18
SHA2565ea5b3cff76c2ccb80db3dd165c5217b3fa0c384bf366cb3b3f16a185c3202eb
SHA512f7f9d7f4d664a461dcc200de37e2a63ff62fee3d18f34a0b0b8432d6ea5309186cf69cd00360a810a0f5d4308e2c18225f3b90538d524f837d1734147ef9ed4f
-
Filesize
5KB
MD5adbc62965ff620a683859dbfec9c51d7
SHA1f9d2c00024c447481f8ea6c035f5a72dd0e77e43
SHA2562bce2ba8021659d6afe2005d14a3345066ab9fe9ba7b97db32b27e663224e70d
SHA512f51831da71f4cda4cb2713c73f260ac5ff15688eec17f0b668a00089815bea613c75ca1c17ea9980ec7230494dce59213dba15a627f037e653e764a95736eee6
-
Filesize
6KB
MD5994cb5c4685c9b867dbc25cf8b588fa1
SHA1ac56c6a08a259460e1e5df88dcbffb15452b3cbf
SHA256e3c0cdace5d8e93d058cb4674ef0cb7119e6510f382def4b15f128e3e6ab6a3d
SHA51203764a8f882665047cfc0040874c62e11e90e4b81774838cf5a8252229d9f7ad827622e1e67e777dce3a38be87452d68e6d9ca741d7b5867c92dc252662893c8
-
Filesize
150KB
MD53615b193e49d0c5bedb16e61cae54c3d
SHA1420a4756c2355f7d5fa07979633cb160f92bc381
SHA256cf0ec1248d7722d65ebb700c0f937ba0b0989ed18f1256507015cb45da3fd48b
SHA512fa0b2a3bb6ba64b7cff8cdd3672760b3af9d6c49f0237ce7984c947558e1da6f87d82f39aee14ca413082b7b06cc137b6303c7530d126933e584552adad396ac
-
Filesize
167KB
MD54f631c804c5407346dede49d1f1bf070
SHA10f5074e4b4baca777749cf8315bb81b7f279a8aa
SHA256da942b4bbc329fb7ecc2020fda86799a3d7f5019b8f2f76863fcfebb3fa7d5d3
SHA5124a2b4073c13cb53d17119a2c68409f3804bba3aeaf33cd0cf96c008211485ae8dd4b16c151a43090c5efe6729a873723e0d9385d3199389ef3922e947fbdd63f
-
Filesize
150KB
MD53aaadc3672e125548d0b84c48067fd58
SHA15336b8ef1f3008b7183e5bd25ad5d76edca5c27c
SHA2566283e6c0a6da17a5d8e56f98b3c8eaa485cd2ce78adc4f8d2502197579ed854b
SHA512c4677a0907ed18be9336c6e0e1c25391abd34c411f0699308091f3af28c288b273f26d30ca821ccbb9c3aca39873a5ca3ce583c222238f95fd37b15d9286a41a
-
Filesize
150KB
MD572ec11eb6cd7260c9c38a0b1f48bdc05
SHA1c3d862e091f35a90d3f33f02a2d75df703cc91f7
SHA256f7a971d2b6ded07de54056040613c31baf31ffd948217de1376d47e3fd2ded85
SHA512cf2b51146e75e5e66e0aba028a078fffb7082b818b86cc1107d6b39487b4020b61d8aa7eae5f3cddf0deabcc886ace8c25f6dcee072adff96a7c76bd04ef75c1
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd