Analysis
-
max time kernel
45s -
max time network
47s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
28-09-2024 16:19
General
-
Target
https://drive.google.com/file/d/1izFwLy36KaJbhGLUUDZmcBIjsUn27oY1/view
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 36 IoCs
-
Suspicious behavior: EnumeratesProcesses 7 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1izFwLy36KaJbhGLUUDZmcBIjsUn27oY1/view1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:17410 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffad88746f8,0x7ffad8874708,0x7ffad88747182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2032 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6088 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6512 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6512 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2924977644957469181,16335117246265042699,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
854B
MD5e935bc5762068caf3e24a2683b1b8a88
SHA182b70eb774c0756837fe8d7acbfeec05ecbf5463
SHA256a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d
SHA512bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e
-
Filesize
1KB
MD5e174cb16ff92f06fd88cb32fb9a901fe
SHA1cabed7e4b9d0970456d7c21e002aa1756ab871b1
SHA2567665b0a72a2b036a7fd84984472113668721ab66acf72560fed9f2ab93640219
SHA512d5694fe66697d3fa2064c03280486ef81b3511dcf094a8358cbdde8a0efd1ec53f37fbc7ccffe4f4ce025e99039164e3c7e6e4d842606ee757178e113a827c1f
-
Filesize
472B
MD5ebd9748e81a2ef5ac88745f8aad5338b
SHA172034ed3beeaadd3944bec523215e25708edd0c9
SHA256761bb8ea2ddc998d90c6f1bea1ecf665621969a34a67ff1e088dd21d393ac18c
SHA512b09b38108fc6d431da66b29efdc559a62248a0838823b3d796305e5de2bb77fc55332908864fb73944dbad2f12fa3d658a51206111023b0bcec0a7a449a7e85e
-
Filesize
471B
MD539d2923cea6d5e0ab49a49f4fd1413c6
SHA1b2a420d595496a90834445ad456752fb76a40824
SHA256a5f13d33bc1d508e22f8fb1cb10650e207d0aa6fb01f1b6ecc7105ff25ca2636
SHA5128b935edd7bf2e9d3ec75667c23ce4ada60cca5ffbaf33ac8cfb13d3fc701fda348e99fae4f164ef06cdfb8c7cb79de86ecaf4ddfedbe04b0e73b92b6a113b118
-
Filesize
471B
MD5e09bf79e524c97224699afc143d9b84f
SHA1bbb207b38210640808f79f553340185545fbbbca
SHA256a57f229bb0efb470b2042b667ee58d1bd00239ee3ee785c1deb8f3887d0a07c5
SHA5124579bce038fd28529f3dc323a7619c18b79bb230deedb3211ebc7f2c09db23e7f13172f96dd33e7fb5d214f8c10adb23631efabaef091460308a5075849afd52
-
Filesize
471B
MD5e81809e35464c6a8ccffb00fa7424f8a
SHA1aca926d8ab54a834b33db7c5fb4355287d2cd2a7
SHA25601c74bfb667bcffad25fd994026261a336a8e8dcf85ad629a75c87e838fcf744
SHA512d807413cf4356a8861ae6bbfe5fd2792bdb5b81ec9fe64f6d567e505d001c847d8eeb4bc730599a5428afcf561d35ddf022d1d3079036d65a0e382d4737d5c28
-
Filesize
472B
MD59e6ac2d72c958dd3a4972b4112783380
SHA1b57d8b8e45fbcf02e7a63ff942b83b2343547fbf
SHA256650ba11580f892efe5f7e266cc1f1e9ba74f3ede96426953da92e9bc2e443887
SHA512cc89cd935e2e291f0744893e2a3b1a56bb26476eadd558205c08287cd31b46dab7ea6d99c05040c8deca4d1b5528eabebc40babfa81063ec58b44b799e574aa1
-
Filesize
170B
MD52d6d31d96990c30173fbb111eb98ef8a
SHA19f2532563e9397f32bbfcf0d2fea70eee329ba79
SHA256cc31f32ab0bff0533315ac32697c1dedf8edbb41a341931c5820b46a0c379806
SHA5124081520ab02e70089337384863653741375b8bc2666c92261bbb5fbee5ca19c7e7b95b49994f371d1c99b49da2d7ea645c1ec71ad09e9da5d2717096e597edb5
-
Filesize
410B
MD5741326d1bc2a4017f7387b49b1b27c25
SHA1d5a1bf7600804b8ede3aa0994e834eecc79f2d67
SHA2563ea87ea72082aedfeb37c1872dea5677316b9da81ed0229e893c2372354bc8e1
SHA512932d5d83ed32b76d35d0e8ffdaef234c1703e6b2a0f2245a5282b3f0db2d0b7b5d6154197f03947c4017e0b13b6af4aa8c01175afe05c21fa7ae951f2af9434d
-
Filesize
402B
MD5ca1630268629838d4464299406a31355
SHA167905c6ac5d90d7fcdb69e29da9f6d8b667fefc8
SHA256f2334b936bdc80b19eeb07f5af2e77c0728207d734f5440e12c4b962918ad581
SHA512cbc6dd12e80633903646c91e14a14b59b8e18b8671802d3dcb0a2c78427d28f01c619b37429263773b5a7037c34d8cae1a9d1703eb6f91f41ee200c82d07201f
-
Filesize
406B
MD54caba49c4153a8a2455f09d6813c0e9c
SHA11bb4d9194932aa3e5bfc6249a86d01125d6c2dd5
SHA256b3dddc76b6874aec8568e3e43daaa8e348dd8c07c9db9ab12a1779f0efe58389
SHA512390a607e17d2497df2f2673d93fa1f9735f1685982daa2116018e2c7d8a7f5538ee6616ad28b30bb3918842ce310e41219e1b700c0d1c41a44b9cdc90675848c
-
Filesize
406B
MD587f4c4f0a9c74ebf6308d9c1af33cdd0
SHA1613e3c0dbc6fbf68a7e1efbf6a2f11bab4598625
SHA2566ca837d311c7fde620ce887b92c4b61c2b67035735e46290edf18b366a3bcf38
SHA512bbc86b6e096ba561fa254e1859c7bccfc9f7ee466901babc66dfa08b946d80317a0833f62053bc4f3b76c9e333f2e4349e8f7b81b2d58f228bc99e9b7c729b64
-
Filesize
404B
MD5228047662fdfa116c3d6a9334c13f1e4
SHA1aa5718e3f5fd48f49481d1ec3921a72938924ef3
SHA2568b14a840673027d46c9eb02b0c2b4938912c39c5efe5938547508cbf7e0adc9f
SHA512e721f3bed3536123818b13cd059e6b6b9d3fd2da1dc4c5f80133c6abd70a872d618df9922db72cd90bc9d62a38defda821df908ef8a12b5df4207c5a3be96d87
-
Filesize
414B
MD58a22995d562a2cfa0388b3c19036116b
SHA14440159c8c779a5a60758572f24d6db9c6c3dd1b
SHA2563239414500638b283d1dbaabf49996044cd0c553dc9f1f635f40f18e8c44a4f4
SHA5120f52a187936da9bf5e828bd1f9065d2dc13fadfebc63f88ad170cde2500bcf2288b109678bcb685555dd1dfd1b060833be5e6b0799363502b114a614a7d2c941
-
Filesize
152B
MD52dc1a9f2f3f8c3cfe51bb29b078166c5
SHA1eaf3c3dad3c8dc6f18dc3e055b415da78b704402
SHA256dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa
SHA512682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25
-
Filesize
152B
MD5e4f80e7950cbd3bb11257d2000cb885e
SHA110ac643904d539042d8f7aa4a312b13ec2106035
SHA2561184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124
SHA5122b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0
-
Filesize
384B
MD50403d68b8670c9e866aa6249142a881d
SHA1a2e896ded3bbe0fec3cc0ac32292dbda9e70a5d3
SHA256387aa0e1bda69435a6b3aa82922b8cd08c45ae2b3ec81338804848852ba08a2a
SHA512c4aef7df55db55c7016434eac541f91675ffc94f26077b956cf013390265c0c7f924fffcf276496992635b88b3c70a7d1f6bd13b87b7533866df7c470dafa4f5
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
5KB
MD55567282c83432a909c1251a0dc03da20
SHA1a5950719c74e5aad6897acd8132fe10a78842c3e
SHA256433c46e3d1b0c1811f9bc748c5ec20f69f2a944dc518160884a59c0030f05d56
SHA512606325ac7d0545b8885808b4a1c992f83c19f72b91a326171be9b53b650839f71d51c7fde3c1be3322d4db2f66413e125558932f18293afdab2bf5b4d02c6e76
-
Filesize
6KB
MD528f687e92281326523db8aa2a3e3be47
SHA1e0008aaed15709203481b5602fe44d6e5792e67c
SHA256bc2ef9b55175a119d68d63d9824e2be1488f45adac5a145c43cf9bb4ba3032ef
SHA5129bb5c3728f6d45a11d244cc21cf8eb9a1f850112b2d4e50bd90ecdcf582fb795f7e0316ff843028267d8eeee0619f450dee4e67b7f0079515eaf94cc52df273f
-
Filesize
6KB
MD57049a0f2ddf69ca18391d010b88e7b27
SHA1c3ca9320d74f2a21ec323309a3e44ba37003e08e
SHA256435b618f4778117c090c074ca9a38a86b2302378b005aa12e75f5da62f89a4e9
SHA5120fde38ac174f1d48bed66385d0460a3bb7ce21219e2bce03892ab97da55ce4531ca01a15b0946a687b9a753a3892ba7f08056158f58f020c97826fc7e914ba43
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5ee503a83fe1e426646fde2c273330196
SHA16d6c1c6f8884e42b3a7c81035bc208a9f5de32ed
SHA2566481b204d4d9e02f1b2ad4ea6fc47f14a130cac48d51ca92031cff5ada7309c9
SHA5128ae96a3b572306402f63c717d7a6bcf16b219b1e87233b6000e8e197bd00bc6ed9b74f48760967d821d55fdf4eda2c70bb586a4865e7ac05728776803b63edd9
-
Filesize
15KB
MD51a545d0052b581fbb2ab4c52133846bc
SHA162f3266a9b9925cd6d98658b92adec673cbe3dd3
SHA256557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1
SHA512bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d
-
Filesize
1021B
MD59bba2cee2f5c7c18009a05a29ec0878c
SHA1858e3cd6af35d3b9cc588c9198cccdfe952c2a2e
SHA256bf390d599fd3bafdc364b167f7cd596e1c0f6dae5ab73c15e54ea65f46272f20
SHA512618ad61c7c98f9ecb833f783cd77a6e2b84b308a68614defeab8fd969d5ae0c820e3ecaeaf76fdec2f1a9a6eb63900e80aa99ab04a6a86726274433481f28823
-
Filesize
831B
MD5916c9bcccf19525ad9d3cd1514008746
SHA19ccce6978d2417927b5150ffaac22f907ff27b6e
SHA256358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50
SHA512b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00
