Malware Analysis Report

2024-12-07 20:01

Sample ID 241113-1z7j7azhqj
Target 78f6038aae1c3f5346a19e2b8d072d5857ebff1760961f2cfd6e832a509b99bd.bin
SHA256 78f6038aae1c3f5346a19e2b8d072d5857ebff1760961f2cfd6e832a509b99bd
Tags
discovery persistence collection credential_access impact phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

78f6038aae1c3f5346a19e2b8d072d5857ebff1760961f2cfd6e832a509b99bd

Threat Level: Shows suspicious behavior

The file 78f6038aae1c3f5346a19e2b8d072d5857ebff1760961f2cfd6e832a509b99bd.bin was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery persistence collection credential_access impact phishing

Obtains sensitive information copied to the device clipboard

A potential corporate email address has been identified in the URL: 2BBBD4EAA9F18474A4776C9297FFA0FC@256x256

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: 85FB9FE59D5DE6E8A9E85924331C8F28@400x400

A potential corporate email address has been identified in the URL: [email protected]

Requests dangerous framework permissions

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 22:06

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to post notifications. android.permission.POST_NOTIFICATIONS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 22:06

Reported

2024-11-13 22:09

Platform

android-x86-arm-20240624-en

Max time kernel

64s

Max time network

143s

Command Line

com.k9ceo.main

Signatures

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.k9ceo.main

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:443 1.1.1.1 tcp
US 172.67.194.145:443 www.9kceo.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 www.9kceo.com udp
GB 172.217.169.78:443 android.apis.google.com tcp
US 172.67.194.145:443 www.9kceo.com tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 163.70.147.23:443 connect.facebook.net tcp
US 1.1.1.1:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 1.1.1.1:53 sock1.source-cdn.com udp
US 172.67.208.109:443 sock1.source-cdn.com tcp
US 172.67.208.109:443 sock1.source-cdn.com tcp

Files

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 44a0f16982cfae95d5a069ce049bde7c
SHA1 009610cfc391f69bf7eb18ce7f8639844ad84ca0
SHA256 ba372f8491a2c3e71dcae1cc7e3ed7ea2c202d3ec2e528696b7011acfb9e9d2d
SHA512 26b0da69c444dc68f1b70b6dbcc9243f7dd5b38b2aa459ac464a0aacaadad7f135b5948379792b3546f5af0caf5bd1f208d13b6c785dc7ff18674ddc087752f9

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-wal

MD5 9dba6756412563bde69469c499fe764d
SHA1 215d33050e70d97d66b9d163d3c35b4fb56e0d6c
SHA256 70e74d9c1da52b751fe05c9e9995a26524fc3c01c73423dad43f9cee269c66da
SHA512 d17cf83f69f716cbf2836c08792b52fee70093c5e445f37661838ec9eeef96c16d38614c606ebbc723eb575074b627ca043d45ce5358f0e4305c79bb6c2e6eb1

/data/data/com.k9ceo.main/files/PersistedInstallation8008318181614077015tmp

MD5 dafcb64dfd68093b6154ec18a7f3889d
SHA1 3dd2b5beba79bbcd9bfca8452529263f386f58c3
SHA256 2843e75e47873a9ca649534821b5f356a7973ed064f0dcd1d8ba404748a4ce8d
SHA512 936ee6ba1b025086ba321e561dc75222e71486c7f34b8bc1e880eb714c20af2f8e1e4ad365866ed20f856332ac7e3011a864ae0ce0727098f8a35d1d2ab856d8

/data/data/com.k9ceo.main/files/PersistedInstallation4865326182763756515tmp

MD5 ba94feba39baba94fb8536782b8464bc
SHA1 ec90afd42db36bb8aab4f374be5ac137feb3f3db
SHA256 4d0b1c0189c9283526122a360f9eb1077d53ebca74a38fd729ac4c1aae177e8b
SHA512 354ac6ef393bf74712c37c05b3a3817c9bd2b72521635000ffebcc9ae3ac69db988d4ff0383d7901a61cc9d7cab36b73eccb034f1431c266842a5905a2fe3818

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 8d5cc980ea3939fe9eef03dc2fed9473
SHA1 e5a11532e68232b1091716c5d696468fa3527ae9
SHA256 fc89d277217259990bd7406efaaa7bd36db273fa4d3fa606e9de863421ce07d0
SHA512 a048be9a0bb93d8461683cc2fb89397702209c1d524c99b4914d99dac8b2dbe45e693eef9e96a56b54e0e5928e8344f6050265e8e960120a711e3609ea5155b2

/data/data/com.k9ceo.main/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 05ea8bd2bff554047e9b6a52b62ee68b
SHA1 c97cfe6d442a9b6fdd25b6becb1d8493690cbee6
SHA256 32b11f1432dd208aa66610ac58ca2ae47c226287d66e25166f96f3ca85f61e74
SHA512 453dd4dc96ff18b820bb224e3f7e7935e0feb26eaa440b07cfb373d4a54aab977a8dbe55061ff8c162b715c2b3b7527859331155d2c12665529eddab76f240ed

/data/data/com.k9ceo.main/files/profileInstalled

MD5 cfb62d9e249405c1defa0034d98613aa
SHA1 6048b0d35abe4e166b3b792f74af0c9c1adde06c
SHA256 d09915049365bbaba2a3f93855b2052be5dbe9f14e2441ddf6b1fbfd3a2cc827
SHA512 5440f36e19e48c1a779e6393a01e3f2d9b58cc1aee404bc3a6b4d6d9e0eeb79f1a337233a7a41cf04c89b20281c3383a31daaf95f2f4f82d9981fb874bbacbbe

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 28f316946a94763795e3cc8269ae30ab
SHA1 606a0108df10df835cd7701acc7dfb240e1891d5
SHA256 1ea54bc82fb577c5883a79b2b5845263a31953fd772df5e4f95c2348b58a4d78
SHA512 646bcdf81f55a8990a901cb1b5a83cd0186ed00f1ad61c5d155ee25458d09768fa7d4d7dfe008f9b935002646f335fa44210c10c3db30613af7a9d63300dfd05

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-13 22:06

Reported

2024-11-13 22:09

Platform

android-x64-20240624-en

Max time kernel

70s

Max time network

157s

Command Line

com.k9ceo.main

Signatures

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.k9ceo.main

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:443 1.1.1.1 tcp
US 172.67.194.145:443 www.9kceo.com tcp
US 1.1.1.1:53 www.9kceo.com udp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.78:443 android.apis.google.com tcp
US 172.67.194.145:443 www.9kceo.com tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 163.70.147.23:443 connect.facebook.net tcp
US 1.1.1.1:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
US 1.1.1.1:53 sock1.source-cdn.com udp
US 104.21.23.22:443 sock1.source-cdn.com tcp
US 104.21.23.22:443 sock1.source-cdn.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp

Files

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 ede086582a232feb35114f6d788368e8
SHA1 0d6b4bbdc5f8c1c93be907072be9ff006f99c0b2
SHA256 06467a4f6157666988c28c0ec6349af485d37453f00b34c91d9c4be25973728d
SHA512 9a16584bb12315c414daa5e308d9dd5986b58f82aa6ee93f95254a014b3a7d2f681413ce7d0bb957eeda7ca683efe32a576f3a13f12f920d2645e023177b3a46

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events

MD5 9c73ca61d5d2438fbbc4bb79f13a1159
SHA1 1ed65615a37f234b4edf6388b945bbff2eef8b99
SHA256 e51c67437cf6326b120a6f927e4cd94ee218711556fdcd21d7898860b27dd730
SHA512 18df77eea0bf32fba63bcdde63b2db640a53481992a0e1a0bba0f3a951d17123bfc5d221d3750931b983bff783d9c27b4d1f0c04f22c9e18e5f9d1f23c16251b

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 e0751abcc58b204ee43915b0b6b726d2
SHA1 81cc7037b0dc610a9d9f476d3573c850da8b3517
SHA256 321cc9bd1f2e7f7541871cd94c08f532dd2eace30584a6197ff0d0694382fa72
SHA512 b6cddd0c148d66fbe3378ce5d8afd4f59f4cc5ae177bba9296057f917d2ab795f7ac5d89a4b6103f62f46e7b95ddc67a32e55049fbb876762840e1ab6f106ae7

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 19435a5f2841ae65745ce5dddad81722
SHA1 eed4d8ed4ba6c794885011b042421d776316d4f1
SHA256 a01b8b9b71804f89f3200bc7ab4dd9d58bf1f501897d9fe67d221eb474406527
SHA512 93790421cd8ac9ebe8da1804c2fd4cae474f2b29bde0711e0b624468347238cf23a5a64adce6eea632e1b0db270ab3c3163160ff3a64a439abf9488c44c5a115

/data/data/com.k9ceo.main/files/PersistedInstallation6877856851199611299tmp

MD5 ce792d579654282ea1af4ff07cfc487f
SHA1 4be44647b0b1f849c6e9279e765e3cd31b3796dd
SHA256 650e3cb956df9f66eb07d7641681c7497aac397440daf8aa1641a71771eb037b
SHA512 b8fc108c234f576c4732d9396b6515a8f5a17cc743adedd2799234f63b47f4e1328f484b6f36f372fa97b1ab783d84a094063a7ce15e275c5fbb217fc2dc7028

/data/data/com.k9ceo.main/files/PersistedInstallation6974411213494111261tmp

MD5 54873746bd5e3bbd97f54f9a02505aaa
SHA1 60effd1ffdc9de386f798a1ebe62fc7577244d6d
SHA256 57ca078b5fd0feea56308ca69537e32c4e8cfc067d74a2425186cc84abf1ba0d
SHA512 d5579a657b9b70973a646d7ae46920fe5246813463e710d5331aa2a420c67d680077d17c9befe3053e675ac66e9311a1140723a2fd2e470dca9ce08fe2a385f6

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 8d5cc980ea3939fe9eef03dc2fed9473
SHA1 e5a11532e68232b1091716c5d696468fa3527ae9
SHA256 fc89d277217259990bd7406efaaa7bd36db273fa4d3fa606e9de863421ce07d0
SHA512 a048be9a0bb93d8461683cc2fb89397702209c1d524c99b4914d99dac8b2dbe45e693eef9e96a56b54e0e5928e8344f6050265e8e960120a711e3609ea5155b2

/data/data/com.k9ceo.main/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 4f89d07fc38fdb42076849005149c5ba
SHA1 50fa2b3e076fc46c5f180d1ea446957cfd85ff22
SHA256 fc566e0cc058a5167b052b333c3d3b1a80ed32e52a3d9945dcc1b8cf6d6aa8fe
SHA512 c3a99530a14b5e05259c27db1b5b08a760b503d8085c429c4d96fb532040df96dea311d41d870035a765ffe163aea5a463377f98c018f089669929532b3a76aa

/data/data/com.k9ceo.main/files/profileInstalled

MD5 32d6ba8978d9f517a93a6199cb8f716c
SHA1 840a1d57747e20cc2810bad1215f45fef5c6b42e
SHA256 9aed71e89cf8404d669466bbb7c2c01feb4b153a88174b335ed9bbc6acac41db
SHA512 0af8b9b7a9fe4d2ae533e561937958f3b50a16a067a7dc864e8f6a3f03cc128c69cbe0fa4468c667d52d7694e19bbacefcdedd39329ca1fd9fe228acc94e578d

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 a8dbe8445ee2b94666e9509b0ec478f4
SHA1 f6c43eaa2aefa2a2fb3b69702ea26161fe83e610
SHA256 d9a7aba82f58338a0bbc97c79e93fc3650732115714c22bd34797f98adce2206
SHA512 144cb40161022f2249f78035baa3857b67f64c36d78eff0b3622fb3aac8bd531b4ed1c315e7ee26dfe9216e231ea7125d805c736d7c3a56f836dc7b2663abf50

Analysis: behavioral3

Detonation Overview

Submitted

2024-11-13 22:06

Reported

2024-11-13 22:09

Platform

android-x64-arm64-20240910-en

Max time kernel

86s

Max time network

151s

Command Line

com.k9ceo.main

Signatures

A potential corporate email address has been identified in the URL: 2BBBD4EAA9F18474A4776C9297FFA0FC@256x256

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: 85FB9FE59D5DE6E8A9E85924331C8F28@400x400

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.k9ceo.main

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
GB 142.250.178.14:443 android.apis.google.com tcp
US 216.239.36.223:443 tcp
US 1.1.1.1:443 1.1.1.1 tcp
US 172.67.194.145:443 www.9kceo.com tcp
US 1.1.1.1:53 www.9kceo.com udp
US 172.67.194.145:443 www.9kceo.com tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 163.70.147.23:443 connect.facebook.net tcp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 157.240.214.35:443 www.facebook.com tcp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 sock1.source-cdn.com udp
US 172.67.208.109:443 sock1.source-cdn.com tcp
US 172.67.208.109:443 sock1.source-cdn.com tcp
GB 142.250.187.193:443 tcp
US 216.239.36.223:443 tcp
GB 142.250.187.193:443 tcp
US 216.239.36.223:443 tcp

Files

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 d5afdde71f4277d9c4c88da5510819ef
SHA1 7faba9f5a430cc2b343682dd69850ad44eb85536
SHA256 b92b8c7070ca3b02f05fcf84bb181c4698d2dabcde5f4ef5dab3b0772ab01e54
SHA512 113dcdb9caac9c8c3b2b5c625b52c49181706b4e84b76a318844eb49fe794813a7e7ee9aedb3dfa15ee800bcdde621f98d09b43a149b52d53eb60d8ce2c6efa0

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events

MD5 bd26484055359e0cd6ff95c024904c61
SHA1 bd556b22afa48469dd7cda280fc2cef40bfb2822
SHA256 e187906d57306bbe6430c35ab3252b5bdd7e65934d3e5c7e9789dc49619c1ff7
SHA512 8a04bada5e93cfe70d894a4bf78bdd8566a9bcf47aa77f762b6b83d7e65a4abde82d7ba3c4510df73bbf040dac4f393e674894820aef8a112f9b188ca13d69da

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 a1da31031db4ce2d69c6c64175427660
SHA1 d65a0efbe9cdfc80cb8ccb54fae919116614bd36
SHA256 ed8d0a42f597dbcb9c2a7586874eab97a8f74541f6960e2904b0b5c652dfa9d1
SHA512 e04d8a84b1e928dd4039d40275189dca8c15545c2cbb983e3b4ace777b205ba3e27a7553320645b4d80e6b040fbb33e7ce483ad2914ba105050802739fd59603

/data/data/com.k9ceo.main/databases/com.google.android.datatransport.events-journal

MD5 43cf72e569598f42859ee7ff089cab15
SHA1 d5171959bc72770a3b80f805c88b0e9992f4a976
SHA256 2d27aee1518e3d96cb7c02f72126fc56d63a39e294f8dbc08f095be5f5ba6921
SHA512 598b2c542fd1c561850c873c39f1e8c8aed80cf203415a14f73d36bb58c444ab9b639b499340f0a7befbeccbbb0ae80d20ffb439846bf42707aa72389a363ff4

/data/data/com.k9ceo.main/files/PersistedInstallation1013350722865273149tmp

MD5 2b6be70ade9070432810df5113c1ec23
SHA1 aee58c5547a576d767f55703edcfc50fc35cd96f
SHA256 9391d40a80f82dae70da182b9674edf4712f8d2947c38f3aa906374d1e392cd5
SHA512 f7c11b1eeae9d1d2532331cf43032f65348de2d67936daa8cadc364847436cb41292b8d7db4458c8ac447034b2c6749fbedc7055507d7e5e23209b1771603b87

/data/data/com.k9ceo.main/files/PersistedInstallation1274411075611162062tmp

MD5 e8d6ee2dae484cbc0accb269661a21b9
SHA1 87e209b40cb52042a04608dd72243045d6c6a9ca
SHA256 6a43c75f69b3e6b815cf8c2685402917547add3be9be672debe6ee0c1e207d3b
SHA512 0eadd11952d7a09fddbf6f5548026ca8aefed46b3d07d936c834e1c2eeeff16fd0eb7d5430eb9689ee83504e99c69f07cea56110c49c9aecd015b0feb30ca6a2

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 8d5cc980ea3939fe9eef03dc2fed9473
SHA1 e5a11532e68232b1091716c5d696468fa3527ae9
SHA256 fc89d277217259990bd7406efaaa7bd36db273fa4d3fa606e9de863421ce07d0
SHA512 a048be9a0bb93d8461683cc2fb89397702209c1d524c99b4914d99dac8b2dbe45e693eef9e96a56b54e0e5928e8344f6050265e8e960120a711e3609ea5155b2

/data/data/com.k9ceo.main/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

MD5 cdc7c0fe784fc8e58109a4182d533f24
SHA1 d4dfa04381200a297ed551aef6443668de98c1aa
SHA256 c2efd01bc96e0454c4750e2ddceb19c384dbf7b9030a9f085b684a97d5a85dbb
SHA512 7def3b02eb9747b5cb2a2cedc1c4d4fd879f2e19181149766e20de530258a8bf296638715d9f0c0e10eb97a2c6079f7cd4bec12f2dc78593872aee0f0b5a06d1

/data/misc/profiles/cur/0/com.k9ceo.main/primary.prof

MD5 d5b3b73127ba683587a18b612e5c580a
SHA1 19b42f41f3d2ac21d2eef706721192a3b7f62d40
SHA256 04096a89fcdabf76dedb36f227603c820bbaa40b8da4f6b88d2682dbe8be8c15
SHA512 278bbce4c4c46c8e30b96c2cfc3cd10b38f780184884be492ad1bac3dc2beef6aaa6322d2bc26c74e9a9ff22959ede55d448886aabf3025375bb3bd147acac42