Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
93s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
12/10/2024, 18:42
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://mchccbackup.github.io/downloadc.html
Resource
win10v2004-20241007-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
https://mchccbackup.github.io/downloadc.html
Score
3/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133732321857493466" chrome.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 2388 chrome.exe 2388 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 2388 chrome.exe 2388 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe Token: SeShutdownPrivilege 2388 chrome.exe Token: SeCreatePagefilePrivilege 2388 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe 2388 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2388 wrote to memory of 4900 2388 chrome.exe 83 PID 2388 wrote to memory of 4900 2388 chrome.exe 83 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 1976 2388 chrome.exe 84 PID 2388 wrote to memory of 3084 2388 chrome.exe 85 PID 2388 wrote to memory of 3084 2388 chrome.exe 85 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86 PID 2388 wrote to memory of 1484 2388 chrome.exe 86
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mchccbackup.github.io/downloadc.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2388 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffce3b9cc40,0x7ffce3b9cc4c,0x7ffce3b9cc582⤵PID:4900
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1908 /prefetch:22⤵PID:1976
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2164 /prefetch:32⤵PID:3084
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2256,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2516 /prefetch:82⤵PID:1484
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:12⤵PID:2600
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3188 /prefetch:12⤵PID:1500
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4588,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4600 /prefetch:82⤵PID:768
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,9791054398328720122,13079539356568097841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:82⤵PID:1200
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:2108
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:2948
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:4840
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\Opal 062024\README.txt1⤵PID:1980
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
120B
MD58507d88d5aec1598b99912206012f917
SHA1236ca9da241c9abbb533f512030bec35c722ca32
SHA256d7c9c4231e3b9cf5cf0a22d419306147db5fe02095a450a8b611a192f19ff30c
SHA5122c97317db3023fc866e779ef725d3c9dc94c23f9128caebfb41fb9cde3ec21d7f454ca30cb5da757a1e31c2f4f11b74e61639768a0c198a2ddbef04bc4ca86dc
-
Filesize
2KB
MD50e73ff207d81f2ffc6f75b1037ed96b4
SHA11d5f1778579a21b5e9df55b80b72e6fa3484dee8
SHA2569cea53ecef2c3b8aa6bd253451eb6deac1e56afd5c3d53ba9716fe0695407323
SHA5128b94ab77901d5879bc4b89322841dfaa535cc1949421cfa53f1d07d73fef4a5ed37b63308ab4050a1518265dfba3c1c98b7c2843446a47030f609ef399aaa84b
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
522B
MD5b0ac277ddc1f164e5d5651271a855ea6
SHA1c644af222f1175331358ab5378511fcfd88acb3b
SHA256906609819945ce6cce92685a1b8213044b2bdadd429a138fcd1d576722ed3bf6
SHA51225920dace4225a541102d94af078a6d41834fbca02150a1ddf2a9d20efe406853fefdb9a7ad176aca9c10cd9e7d25128c03822a7bbb619850e7472ed3c983a3c
-
Filesize
8KB
MD57b37ea22ddce4632d356a23674f9d853
SHA1b05cb9de6bf30008fb56d3a014874610390360b6
SHA2562017275bc58fdd75c6eaf8e9785655122346bea4a70edc3e2e60e2a4f6b64343
SHA5126b009fbb5fd2491e97f988701964dea6a1eb621f5aec1cfbdcd09bcebe7752dc1e924bc148d291f941ca96416dab10127220f8a99287d5d3452267a5d3f89049
-
Filesize
8KB
MD54b5fe6953b7e5941adfa5c0b172ed52c
SHA181c7764c0d2b7c30ee631f1ae4a762479fbb18e9
SHA256314dde68fb21e92a16373de3bddc65bbf043b99eb80a0841846ef9639749b50d
SHA512c40ac7e150798c3fcedf4de2823e33f4fd554e7d52fc5de0a8d7b1415c912d76fb7df9337e55fa0ff39734d68d4fccc65d86baa7cbfbc42791cba3b31b3d6a36
-
Filesize
9KB
MD57697101416c8b879e398045001dff8f0
SHA13f7a363f759b03fe848e3c90aa32d68744b58e84
SHA256b225245770d27768187040d3bddfb6d7e21f167684537c2556817cdd24eefb4c
SHA51258e22d2b3fb5e826e38fe1406344c5f5fd63b9270689a3afe630c00aec3eac095faed5fb3f1010cf2f544e81bc4258c1dce5b1d0d1fa7db0fa416d73ffa20e4d
-
Filesize
9KB
MD533615ef102baa9f706590b3b9b4ea283
SHA152fb4dabbea263982e7fc5d8767b3449d2e5ae61
SHA256b40db234d71aa1a226fb1d47adabfc3bc89cd28ec17cf322e81e35a8e891e77a
SHA512fd69a70d2f3d5fc03aae97897fa90d1838136c1375a0959200c6ffd2e3fd9bf414c6fe01fbcce0248e8cb06eee0ed1dbc93a3ec6a996c6d1e92705ea5299098a
-
Filesize
9KB
MD5d822422bf29b585c51e34ce35fdf9488
SHA1fb4e5cf02738e2053d237f9ecd7bf5a80d0fc0ab
SHA256504d818f9ac735a7fb4f8815bf04be49678dae5e8a7cefa62f4d1ff2db789903
SHA5125ee31293ed2eae5a1930f5fa6a59042340ba11a88e7e8f8af475006467dd1b36a8883f4c9d2f0e50d1d18b30280f4f668290a91845759c424db47b1c2b9dbe90
-
Filesize
9KB
MD5c70970684eeec48eaab5dcc9ef45c552
SHA1815cd04a017638c6e3707a3490e3a5223e8d84a9
SHA2563edf343f1bbeee2d910d2454e70b8803c438ae0b83379e20a4ca9f61bb7b444b
SHA512fdb829ddb4f4f49fee525afde0e1cafada3d21d649a8ca4aa68765dd3ee5e7847799f67f6fe7bbcf54db20e27eaf2d41f895269af5444ea5cc2c6e424aff1da8
-
Filesize
116KB
MD5d12d598ed8eb5ca3d886408f5be932d5
SHA175405e2f14148e6466bd9c58ba01d90c9d524dda
SHA2567180977af625a1ff430792c62dbc6c5fac4f923fe044b5e4165696b1c7bc89d2
SHA5122e4ce8b12ea6eebbde4250553b335481b0c078bb413c9bbee9ff6042034a3933de1fdccd83555bdc8be539145cba6710bea0077dc1abc040968067ef28799e04
-
Filesize
116KB
MD58ff44fa76fdfe0dce60d3028a8efeefd
SHA17eb9549e7b9b3c3879b7eb9c18be39f757e97bd5
SHA256e4fb0f1e71ddb31509047c5110babf8145ca80b05649b9262719d2d911ca5f5a
SHA5127abc97568fed04ada1bf77275c234deea728518719ef6e74df4e10a56998f88751997f244c9ca1dbd757d4648f7569045778b0ea2a9090adc5526a4976e7dda7