Analysis
-
max time kernel
59s -
max time network
154s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
26-10-2024 22:06
General
-
Target
3a1727e0da1a37aeab5926ae26ea4889cdff3d43bfd37a0f8ca07ccffe381442.apk
-
Size
3.6MB
-
MD5
9c64d5fc9d3b9d41767e0879e40f01c7
-
SHA1
8d02556d0e5418c2ffbf9945d5e9eea45cfa68d0
-
SHA256
3a1727e0da1a37aeab5926ae26ea4889cdff3d43bfd37a0f8ca07ccffe381442
-
SHA512
a3228d4a3a47996638ed77f7e92ad9f1ee467a7e0f1030ad8e670e0eddb042e791b2f7e592fed223bb795604532d690c2cf0e464d9282cc0691a5e7b7be15029
-
SSDEEP
49152:fkXrvK3uPBNE+/cEljRGbpkVxxTicHaHODvOjDP2mAphTSWERYpU7hcUXvjT9smB:fgy3u5gwAMxTiIOPR0+OiniMHmAiYMDG
Malware Config
Extracted
ermac
http://81.177.140.60:3434
Extracted
hook
http://81.177.140.60:3434
Signatures
-
Ermac
An Android banking trojan first seen in July 2021.
-
Ermac family
-
Ermac2 payload 2 IoCs
-
Hook
Hook is an Android malware that is based on Ermac with RAT capabilities.
-
Hook family
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 3 IoCs
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service 4 TTPs 3 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs
Application may abuse the accessibility service to prevent their removal.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Requests changing the default SMS application. 2 TTPs 1 IoCs
-
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.jastijasranber.mirtimashiniva1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's Accessibility service
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Performs UI accessibility actions on behalf of the user
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Requests changing the default SMS application.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.jastijasranber.mirtimashiniva/app_hawk/XSrOeZF.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.jastijasranber.mirtimashiniva/app_hawk/oat/x86/XSrOeZF.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
-
com.jastijasranber.mirtimashiniva:AppMetrica1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Software Discovery
1Security Software Discovery
1System Information Discovery
3System Network Configuration Discovery
3System Network Connections Discovery
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.1MB
MD5d3f80da8c4f3bb77f1aca6f8a006d250
SHA1058f76d338356dafcc3df369221770678b25bca2
SHA2564a4bdc39711b1d9a36052dddbff4c3b759c6472c4200dfe4c6e88f531851f925
SHA51282c91e0161c4a0d67d6c442dbf76ba9086cf408862830b80c6dc40834f2ea6c14ecfd5b697bf00d34ad004641ce384dfc3970d820a22a4d0437a53c0eb4971e2
-
Filesize
1.1MB
MD595bf880c15f2d5dfe6fca2aff9045718
SHA106f339fb9f1e9869d9ad0980998a5e112be99538
SHA2562748cbf61068e5aeb5a3bffceec8f52a8223c6c660905f2d0153b10839b703b6
SHA512e8a883e8ad04f13d2ca8dffac4d62aaf022132f6318605e3ad6ae7db0eaa326665f93ba17660844e972cfa3c8346b65eb68d78be64ed65f16363f3778dd9dc9a
-
Filesize
32KB
MD51c4274aa7a9a5cac8c6d1df71e4588c6
SHA1abaecd685e01cc68801292e3dc7085654a22feba
SHA2563f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be
SHA5121adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c
-
Filesize
512B
MD5cc201859a49005e9b8406dcf6cc45368
SHA1bdcb04bcc10f625aaa021633e01399e0c0b538c5
SHA25698643878ec5a0ee67f29f0bad4fa6529d0fc1fba3aa0dc27b2cacdbda7e5d237
SHA5129d6e96740e3628bec5afadbb5cb182640eebcc98d6b0347f7fb03723562a2d0146d71a8cc37da3f9f91521c4c1bc564f890c62c9aad7810bb5464b3c02739eae
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
108KB
MD5f546230ea58ed42d237ccd447c7aef15
SHA14a0a3a0a8dd2176c1c6f7b858d141c3a335a96a2
SHA2563f874c1257016708e497bd5999f27e2da6180efc55f20744f29c99db1d5b1e89
SHA51292f95c5c47bc85b6523c48bc518f65d3419a734e1f40e31925b6f1b466d3ee3e320ec36155bc1894884f651a21dccbcc444bb076729a9fd769f113fcc8572106
-
Filesize
173KB
MD5d97464498fcff5aac6b3cd9d379d36f3
SHA14c257c2e2f257dbece9fe2bc3a6cd104ea0f6d26
SHA25634b100db6e9be533465b3e761deded1b2d81d6abf308e9371883acbb9ddb89c7
SHA5122041aa1779c97f2d3b1fe3e1bd68a5d4c1b090c86e700ce6a5a30b146961765b8f97f14426d086022a99d7c81794221abae8c2cb01f7a4739ba22173e049bbaf
-
Filesize
16KB
MD5112a6c4b5ebfd22a184a2f937aa7f976
SHA147772ced8b3976ae436c427ca5cfb5e29e01b0c9
SHA2561be64390960a3bbde926973a633a63897a9abd0e12e8909e257e859d7299afaf
SHA51216712e97f96c0bb29e721b2bdd4d419e9a05934b660ada8efa0319cf5a4a300869136d9cfb819a9c63e44eb9218b2b22f5313f08c7c5f3905abf46a4162938e3
-
Filesize
231B
MD598b2d2efad651b6b9499597686e942b6
SHA152fcb6e1915b1d06e38bb8dbf3bb21e73d679a80
SHA25682dd852695effd9bad6688aa3461ead3e1c5c07f2c7bd89fb839808e2da10242
SHA512f14e9f4553be24e3caecb2d186d6c4d2c681dedcaff89f1b5460ed5a5d392f8b2ebc319aa6f05148fae2f81506c991df9ea2453c0e1b842ef46869bedb33123c
-
Filesize
233B
MD5ec4aebc8afbdbe29919cbf297466e5a3
SHA1030860d66c0b1ea21d1fc224579f38d7dfbedb09
SHA2562158b572216132f3cf56028506793105b6a6807e26f9e0ff105c1c68036c7d34
SHA512ec804fd96b6ed99d28901c2a2bbdc8b8fea35477b24474c006389939035f5b75a39067bad20c4bf70fc8545dbce81eedfe9d4f689a639a34ea9625b6f55e1a1a
-
Filesize
306B
MD5615920509ba2679b9d4e32efc438ef85
SHA116eefcbbc66f33d73da873e17a3347852aad47fc
SHA25646ee4819a0ceb7051d6c8fa1215ec8016b204c169d7e1c7b6e64a77efec75e05
SHA51299dcdca6931fee4d8ab46e131dac967be9ead1905a285360c2ebf4b6c0e88c2012b8af54e69715d45faa1460e179949db8614f9cdfe8a769aa57d06aaac9bdb6
-
Filesize
8KB
MD50e7e6fbdaf536098bc165b49ca5d72ea
SHA12783d497656059e7410e2a0e8f14cc313c30ff0e
SHA256e94252958a41c4ef5b9a48e1b4ee981e9e72c54e1f19499a17228b9d2e8046cf
SHA512f52a971d742d5b6582f04187ef9df3f10d0b9b1a3b2c2862f51568bb347f8c875614aa32fd59386d6b816d5253c5f31adde96f5904aeb1c1261e53feb8edf851
-
Filesize
242B
MD55824da486c1145a967733467cb95106a
SHA12134afe277fd91f14f07a51d3d3300a2d7ae531e
SHA25632382257f2df077c8ee446498ea4dc7aeaab02521b10c0a20b0877bf1e41cc9b
SHA512be71c8fe5b3a524199fc9083b0fcfe38dd8a071ad905fc8cdb6357f534b3a2542caa3d7447b28a0da0452b82da74c62a41a25c04bcdf535f338f43ed4ba7cfcd
-
Filesize
242B
MD5fc2e05efc87ccc5458c8dcca2f2793a6
SHA17f4010708a789818e359b6928a0f51a65fec0e75
SHA256898dd53083e1215c06088dd078e4b901ec985ad8eb39366c5cbc1216dd2391ed
SHA51252c337ad615d97ebc51cb8a80ebda109e00bb869f5f1d0f4bb52cde6170241740ff0cc941e92b9e01500ad4c36c573d286fae65704d22e61d088570ad9ed54f8
-
Filesize
271B
MD5e72e350c1ece2c1849c3c735bc98d527
SHA1168a9b1f4e2c4ecf86042088cdfaf19cbfaf35c5
SHA256796343a423ce421d49911b1d3ac65c32cf5c57030835c8d66c0d7ac74d64b1c2
SHA512d554d0a81064d68182a4fabea2f83a052d67128961495c6ea858915d7563d075060ce06b9ca50c86266eb7c1f6530185bfa9a3bc6f03a628e656311b66dd4fd9
-
Filesize
309B
MD5c46955ac9bc120d5fa3e7a01091d6b9b
SHA1cd506bcb11063e3bd8834e036753b205e929724d
SHA2564919c051e3fb82ab959d00e29a403d952a61e09aee7a43a23f50b0ec9e1f6ee2
SHA5129189d775f2b703ed9e0433bed1b4653d4d8ba3fa3f331ad2ae32572c645f28525045d607db92d225ea343b07f374cf0b970f05c7210d88ace0ea078c013d52e9
-
Filesize
20KB
MD5aad3ce29244755ec44fcc34a680534a9
SHA1e4bc391f76e985970bf99e8a76588bd01e87592a
SHA256e064aaeca6413d410b5dc40bcb39cf72c5f4449f127b11334b51485be3841e6e
SHA5127051fab59533a30aebf59066e5d8cb1d775da99535d968e764da8787d03e6a702dc51845afec4149df4bc1753f3e58f62a2a603ed88912469c575f989596b81c
-
Filesize
512B
MD5182c2b004c2ad9705385436f6d04d1de
SHA1c6d8553b3c78178705eab7980763b954f3468251
SHA25610efbbd59391e39614ee7c5bc0868b7d39cf15993196d8d0ba58b973a54aa55a
SHA5122906012cb030d54902f8f366cae8ed824edbc7eb5675753e63af39bfbfaf0aba198c91773b600d22982e34322f801035301071ad61469744f0af4159c4bf48a0
-
Filesize
32KB
MD500a9667b9276609456e6e76331a8d366
SHA1331ffe7bbe0a385cc64ffa126d52c7ab08b6507a
SHA2560208fe7dd0be9b24c2b2c6ba672957d5457d0b0eb1fb808db9df2fc120d702c5
SHA512c0f5519330ddd24475b35b7cd70a9d0a8d10315e3c67676a85b44b2d83bd59e8f5bc73fb143c9245fb80011daf562cb88eb2242ad598773fc022d6cd0f068999
-
Filesize
20KB
MD55dca09950419a96f727c80384db5a662
SHA1541470157b3824aa4eea60f9799e22efe296c369
SHA2565b375bcb27b2bfd6ece47345d1537a49a66d9edc918bf31fa0281cb053c274ba
SHA512f30940559d2568d4630d39944867a38be8fb7ee93ecd79848356d40ea285165934f1df6ce08f9390e556cf6deaf0f154f1d27c04eb1f1c27fb3e904c15fb2ad7
-
Filesize
20KB
MD54be38923c6d38e4ee5ed00126b66401d
SHA155bd220bc7fe74a97ecd9dc35297743267eb765c
SHA256ee77913b8faeea7a508a19578e22cc478073564e05b1350dfd7466f6e9304cce
SHA512f8a95ef6ce8e5295f23fc97653899c8dc3772fde120e9e06402cd0ec0e37ee95b6679fa34c92768f784fc006e047aecf9d4aa6479e4ece67efc0fe0a81290248
-
Filesize
20KB
MD5b2be0d48842b1b99c04a8a918c607bb8
SHA1317b23de11b5fe747a7e455395fe36e66cf86cb9
SHA256cdb60dc28e221d703e5c53e9bca897b06cf6b0883122aee49f29f7b79b3814d1
SHA512ff7b497a3506e36445c6979109a662a63942b311413c61664ab15555553af70e1e58a1db147f7a0a1f4f2f8fb47f51bc438319baf3930abfc5ce8bd2a583d047
-
Filesize
329KB
MD55ccec8921574c334c03fb5a61a01c266
SHA10623c76bad7fc7f47e41a6c6e737d309a4835f84
SHA2563bdda637fda60e35ac2f14468012036e5290482f3f7f40e09ff2077adf1a03f2
SHA5128bd7248736798b47cf1bf71a3fdf75fa2aa37f94fc1db78f667adae2247c759df3761829259b9495e0de6bc50fa4cb7df0e4d1b9fd4ee8fba633aa20ed32386c
-
Filesize
20KB
MD533d684c52b95af88c199bdf89d4df232
SHA14a842beb1e14953d99a2251f6989893c58f0d76f
SHA256b103ca543c58114a9b9bd3d20924a17c9971d197fea81562b3677d68e78c35c7
SHA512742184f5583d7b39872b55dfa431dcdb28408835e8e40bab71c9d69a8bb0d24d0d43d93e24a40f8442691c164d8db62b165fe5602101c779d8d06cdfe622b111
-
Filesize
32KB
MD53be143d1957942da3d9942e5dccad802
SHA1840e3b72c932daeb7ea6952f2b705c41a1eae9aa
SHA256103cc23a4e632475c7fa8e532e561ab157818c45292d1ae5ca31e419048fb8c4
SHA512ee1f2f4ce9b2561c27fb553161a4df9a41b0cb284bf1dfd159ef58572ba3bb9320477afc0f23a83e1d32ccb04ae18cf4d40c7bb47680c664144241fe4499eb47
-
Filesize
32KB
MD59eac29f62be79bfcb2146bcf79c0b660
SHA1df5f49d122c11922b95642c37baaf1b91ea39120
SHA25627b66d31c376bedd13ac4f58dc63b9aade986fbb6d53b0b9de4914af66ad609f
SHA5123229cd47a7857d0adaed3d35d7d2f8bc347988c1e88033a3f682adc746791a7d90adf78e6f780aab0be8719653649a83807a60519d90c476aee48943fcbd21ae
-
Filesize
32KB
MD546feecdac0b92d52c34142b5fd86efe9
SHA121cc35c052231650cff4355d991eeff1f9abd49a
SHA256fbd06dfbbc0533dc79e7c6a2acf96fe944220238fed976e5c24e358d6e6a0471
SHA512ba3c8a59d8198a5e3219e18455cff2a6b18b0428dec5bd482993cbd7fd6f4e2376893121b08de43524f0bb9c2f1ff0a8af7fbca58f72619316f5846ade18def0
-
Filesize
8KB
MD5322f2d9dcd4f31622c8320e998e59f4b
SHA1fcefe8865e89d3110dc1b0375b48e9f14cadbb9d
SHA25663723073dc5223d1b3a83a0b0b6175d7b8436138757bdec4ee86f16f9d5fa4ec
SHA5121b2233f6a9cd4821e80d57d03538bff6e2cebe443b490324dcdffaefe1d7dfec7ef121234c20262d2d8f932f5d46c01bcabe328751e3e9479c9442f6869cd73f
-
Filesize
8KB
MD529f9a8d4723935b1231b933f9993f4c6
SHA1e1542ba17fac99fcc350a99118ff925a8aea68b1
SHA2560121a66df73929e47ef29faadf5cdbd36d34f2e21fb06c5d7b570fe293f2d8c3
SHA5122468f17c09f893279c7aae735e002dbe2f5ba89f22701866b4e938fd9317bc89cd2c889e4d22870af80373c49907fec882dbffca7cf0bcfe45ff53bd6a9e2e6e
-
Filesize
20KB
MD5a34364a8ca30ff4a4d4739334b5f80d1
SHA1e8b2b4e88893b7cf67a92545af51bc7cecb096bc
SHA256e5d71ac5ebef505645332adcb17681dcc1be27b26abe4858d94f918ec9dfe545
SHA512195cb3ba12f2689f92587d2d5e214d28b0e805f9f569d22969d487ced4655d0fb282eaadddb01f3a53f1b7a475d522016a7ccfdf63edb3b3c6943ac11772151d
-
Filesize
8KB
MD5bab814cb3c56c8c60e43ccaca1198b54
SHA186495a3c9b1483d4830d8318aa89ca941084843b
SHA256ae888fc7f8a0f16ea5891b3c679dc845492102974414a0293ebf598481a9b589
SHA512a4c817916968e937ff6fec22b37983db5bea7482259c851c911b2b457334c7c99017f00301a7cdebfdb96186eb3745327bc50a528751d19bb5fa3f82496443b0
-
Filesize
32KB
MD59fae767da3f47d596ec11e96a4c50bf4
SHA1d0bc26758ba09449739bffe632ab4f53b2bc0ddc
SHA256c2830214e69da2ebb8e373edb3440fddf618c73400e69a1a431447b2223662c9
SHA51200353cc9aaba8bbb4bfdad42ac1c8fbaeaa5335dd033cfb6bca6af77a0a2bd45af958da63c0953944c225cd24d77d86c04c7e1e2dab26a4ee3a3a9eadde8c56f
-
Filesize
512B
MD579994d5b45c34bb71c84b1130e2bae04
SHA1a1774a3e4b5d5f3c65ca47879df49a2dbc62a8c6
SHA256e7d75dfc8482896a291fd3e64a8f6a2129bfd098eabe0bbfeba8fd58297450d1
SHA5123272f06b40180cb534bc406694e2e0ba4b522c130f32a6adb8f3add454860c8009c4904a7066c021e731471de15bbe349e1255b27d67cb3ce9b2da718c02c0e9
-
Filesize
293KB
MD5539c916360a9a8bf5be14335d52bb4be
SHA19ec4a0af8345bbeccbb679a267060cd12e4ee510
SHA25642ea129b5087a0b96cf25af3443876f628f228b054a4c86e0ac2028deca511ac
SHA5122b178c50790b549385b213a57f979b6ac212e8d8797ab1472de4482f62277ead4a9fade0cf8e204cce7eecb7f100fa404ed08e390912e3d09ba86137ecc20b36
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5ae3fe88a5fca61ae3943413183f78b71
SHA1f746e8be157f1eeeccaa16aeb6266319f5fde05e
SHA2564e66e49be7f444271c40d8acc0c8542cc7847d516442299c73b66f884eda7015
SHA51291fbb6c31ec1d9d351856f0e0ce2748ae50d0623f5233c7555d510e4d47eb99a2b10bfc0677f665b65acb2bed44841144a4e565a1ae30d15cb4c615b822cfb17
-
Filesize
257KB
MD5f028fe0e33074361ebbcad8820797be0
SHA16a8a2afa9e1977a6f9516211f04e2e486e793116
SHA25680748dad68476b684cf26b5e74888f458e488ed0cdb1b344ade0d85851db9527
SHA512561d64ef54f32981be5cff24b36b32b8d01b4f13f2b9f4a79f9b81a351115f67770bbbf961d0e0d4b3f13998bcc0bbf2cf5a77890e441d98c3b9a16d25028e9e
-
Filesize
20KB
MD5bfbdc5da6bdfd955a8642abaacbf1f51
SHA10e5ebbcb709d20a46101046a3b2a3178c9410961
SHA2568a602319fd8e392ab30accdb764ae73b4d4aacc42fc3185cd0314de0cf5d6274
SHA512bc00a287e8738d057bb10f13d029f2f2a02d7248417e9f1f74997d27bd8f8c15d950ce4a0e81dae88d662066af0e0e50a8022dec8a7cd44ed6a483b133f913fb
-
Filesize
2.6MB
MD570eb2331bd3bbc68897aba7b1b34defc
SHA1efe54a97438e2a310e49eb2ef23fa6577ae01d64
SHA25658b30ba43f69d6015defffa439f0b5ba5b55023de314dead8b9a038f592d56ff
SHA51283f093d4c5b60fe2c34930fb9f5f5ae22038b18fb82c7f4921d501afda9d39577c714a9d1607fde371d446ca09084730fcc5771ecd45621c8e5782130a52b7fe
-
Filesize
2.6MB
MD5a5d148b8554d38abd9789a54cb3d2ecd
SHA11e6592bb2dceee2fad8fe7d08d745c15ccedbd52
SHA256810b95b1f2800b1f62f9212a49f93d9a90f39d71a9702a20c801b87372fdb9b2
SHA512287ee0f3730167423d0cad6981f9b9027714354107c35300b27337e176763ebfebd050d26057e1f0fcb4e463084609967307ffdd02acc482af48752555208a39