Analysis
-
max time kernel
93s -
max time network
104s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
06-09-2024 15:50
General
-
Target
http://classlibraryhampton.z13.web.core.windows.net
Malware Config
Signatures
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://classlibraryhampton.z13.web.core.windows.net1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab75f46f8,0x7ffab75f4708,0x7ffab75f47182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2044 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5228 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6496 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15152207983799805446,16637066056079618202,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
328B
MD5af6b6bb37b917e17def7072096340449
SHA1c78c2204474a8439ce9e141c43374e5214feba81
SHA256aaf601e7f376054a9c0dd1a5d17c9aa155de4ae82f4094853bc7b4c238dbc3ab
SHA512e4cf76960440d87c17f19af473f2860083c7375811279cf61ce53e6769326f5489ccbade67a2be4f2e1158b294e07b3dc503ecb6ff2458160c08016742606893
-
Filesize
328B
MD5dc644973d07a7a507e6b220bb67426ab
SHA1069839f4afb65a96d0f82e3ec0bd52af4cef7c44
SHA2566f64fa523c774e131a2500012739fea7dee416a499330c2a3d23df23dd38ace1
SHA512ed075ba8a1f9401548ac0de0dcf9b269ec5405303443e376183fdd0eb21a4c6771c7d5afcba3668f00100a72c4f1536807f8df9603d4b9cc4cf22be7e1208529
-
Filesize
152B
MD5d7114a6cd851f9bf56cf771c37d664a2
SHA1769c5d04fd83e583f15ab1ef659de8f883ecab8a
SHA256d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e
SHA51233bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8
-
Filesize
152B
MD5719923124ee00fb57378e0ebcbe894f7
SHA1cc356a7d27b8b27dc33f21bd4990f286ee13a9f9
SHA256aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808
SHA512a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc
-
Filesize
212KB
MD508ec57068db9971e917b9046f90d0e49
SHA128b80d73a861f88735d89e301fa98f2ae502e94b
SHA2567a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1
SHA512b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf
-
Filesize
2KB
MD52cc600a97dd89f43aea0f5440c411667
SHA123523be7d83ac26b11cde1f52a41a6851d83af1f
SHA256f5e68a41f7a521abf542323d31a285b10e2be723f135a0b8233023ef09679a6c
SHA51242066771400734b19a363381463d3eb41dda22a337bc46c0a9f21d03b53ba10b625b65978fb2f3bc15584d6de1a1369a49e58ea8971ebaad13aad7085fd9d2d5
-
Filesize
3KB
MD5da72aa00f99299442b25eb5cd4e4f903
SHA1a31015db521241e19a9f42ac232dbe8c909ef549
SHA2561bb659e5caf2ae026349686ec9a2dc8008133a8f087c33b11bc05c351a4f5c1f
SHA512daab27f98615e9932468672b13fb2c50723c298e732dc49bdb76232149f47193cc10cc3b6494a08e5fa1ea381473e91049913177193f0e11255b2f10315d4bb1
-
Filesize
9KB
MD57ef95e3dd1bdc765f9a0d25eca2f2ea5
SHA1d5a916f2803002e87cbc26f390e3a3554163ce4f
SHA256f863dbdb7624188f341f1ee14a808b5c742477486cd9adee9977bd388eed8eda
SHA512849a7e9d8c282f7c928a8ebf38291a114abc4e86764ee69987524a938b4fc76fca82854e223d7aac35173a92cc69925e86c4e61c8ebeff053b2490186504a0ea
-
Filesize
5KB
MD5869387c4c780a072eddc6dde62c15c76
SHA1f5dbcf85e77b941d651a9ab441401f1bda0ab7cd
SHA256cbbbf81356a12ba12e36141b4ddc4c87cb3c65f23b8e3b478337479f5843f2fe
SHA51230475bed77556d94ffcb376d18b1153f25f347401a54f6fc39ca0f012dc7573d44411ca4effdedfbb7d2e625874256cf5b2c47db9f22cf252e790b4325f8fc46
-
Filesize
7KB
MD56f86bace1f0cc5eecb0297380c16e02b
SHA14cbe4d0ba50db20bf10ac768067ececacaaa7aea
SHA25672ceac757a279f8e07553beb46c10241bafac6ea8e1e0ff4d2a2430aa7118ba6
SHA512add4fc53fea7a62634e040ed2e4251f9c75ddebd788a0d7206ddaea202c3baa5fee29d350d4d9c776ea0e83c91d79156140125b2b51044b707eb500dde795cc8
-
Filesize
9KB
MD58c2b22766c20c49c99033b3eae41d7a1
SHA14e2517606ce1601535f4c27c0cabe8e938ffdb7e
SHA2566f65cd32af570fd2706c4de218cc4dba12f0778cf7f44b75456dcf8730e04591
SHA512436a86d159a174dade538c6429979a6f6c9bdfecf86634db9c07a083c60c022c7fbb2723e91fbab4588b66922617179936cc2b6917ada7a96d2ed1a55415c0b4
-
Filesize
6KB
MD57cdb988a39c373e93f9ecfcb3417cb63
SHA128be0fedea29280796830973434394a346d2f6fd
SHA256f75184f0a76cff5e47dc62a05fc79f5d2f4030529b38a920fe308907bc75dcff
SHA5120b97211026fe42c64b66491f8da15bedc3472c0cd78bbde55c67cce94abc50bf2cd59d51be64e323abc15a9eca8d346e87019feed813a98465a6fb60eeacd7ab
-
Filesize
6KB
MD5901e5b90e5590465a72f1f78e2ceca87
SHA12f08046fe17ae0f8ab3e1c7198f9396a4288d7b4
SHA2561ce3ff1e22ad7d8bc0ce2991f6868260f640292bd876a18794fedf5d0abe4746
SHA51233d337e5918561c7bab79a8c2178f53e33fcef521f7e57804a65d4e269ac378e3de57dc514e61bad5cf38c666e34a3cc52f256bac1dbaa817cdf2f17539cc1f7
-
Filesize
72B
MD576c22400b1954b333bf55d113b70501e
SHA1ad831fa9f71861e6e6e666103cd21709ce2d9834
SHA256f751b11a7158f51978dcb1c29a1547ffe4f30db7d212ab54e78b8dec513fa6b7
SHA51211aea1da8a93e05be96090327957451dd2e089fb6c0bd6dd76c09931b6f8d819122a4bb6ba26cd80c05123724d1212d017f35769ef47eaa1252fef66a2147afb
-
Filesize
48B
MD59ca02782fc8eb927385bd3fe6424192f
SHA1fe8f4bf1d4be0733fc310240f8500294207b749d
SHA2563f5e44a4d3306f89ef0b9e896430e7f110f0577e7257c36009b9e62f170573d8
SHA5128aa562b915949547085f9541ca763e31caa90644b72b11c24d0bebd1e31eeff925ef483047121e82bb9d6b853825406b332b1738bd28d691813565a0ff982d90
-
Filesize
1KB
MD5f0471525fe7a17659ac4b964ce647ad0
SHA13f8b98427c078b6a3d5df0bbb5e1ecd207ab1ea1
SHA2560b3da30586431521c162d23ba72e2b0f1002d926e3ba687b49b700f0274a5c50
SHA512058636571b314fdd52275baa2ddd90286e0df9a2eae34e2fe90dcb407103e342e609d2614a6129fc590f46188e43d33e0648f0b22e3b14dd533f32a96a5ce53b
-
Filesize
1KB
MD5b1e358ab901a29bd680ddddf271045cf
SHA1544fea37416ac525ebb309e0a4a650f2108545fc
SHA256037f13a3351018a5587a8eb68a8f0d146604b3099b289a16258b31f7b94ee99b
SHA5121f33a47099d912c1fb2511be4a67af0421bca9a562ed92f988b17966d82b0fe5ed431cbcf7c053972d056655dc882b79b9b5b56e3fa53d009c7447a0c3f3a31b
-
Filesize
706B
MD542278fd3a0c707d501b2c041d5cc40d5
SHA1afe52f3376e20a9fc79f0fdf73791f768c95df70
SHA2569365d8e6274999c1e4cc15f26f5975a15978e036d55f40dd9ed9596cb6336c9e
SHA51249ac86e38e4c3b367088df9238d35ed387c55f1e8b79bac7a4a7397092b97b4db3e0f97d1f9e5ca5567e4edff8fabcf66355886a04fe39545b2e67f7c515f0c0
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5966d87f8d0a3d4bfcf31744c2b01dcf3
SHA1060c0e8d9bf19a24e6e76300801bbc8afd1374dc
SHA256fe8d60751661aceef18c7c4b111163af908659af802ee212dccd3f6dbe11627b
SHA512d8f1e83221e08700cd6ee5c1ec9b82c5aa5303e413c5770239bac376a4d38775b360f95236e72da43f189666409a1f8a2d948d5afc4542d1207eda4532a7dc4b