Analysis
-
max time kernel
88s -
max time network
88s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
26-11-2024 21:28
Static task
static1
URLScan task
urlscan1
General
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133771303188777579" chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1052 chrome.exe 1052 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
pid Process 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe Token: SeShutdownPrivilege 1052 chrome.exe Token: SeCreatePagefilePrivilege 1052 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe 1052 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1052 wrote to memory of 3996 1052 chrome.exe 82 PID 1052 wrote to memory of 3996 1052 chrome.exe 82 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 4020 1052 chrome.exe 83 PID 1052 wrote to memory of 784 1052 chrome.exe 84 PID 1052 wrote to memory of 784 1052 chrome.exe 84 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85 PID 1052 wrote to memory of 1048 1052 chrome.exe 85
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://link.edgepilot.com/s/3b095c08/ZyRgSnzc50mRg_8d-46dUQ?u=https://kingdompch.com/1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1052 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcfcd8cc40,0x7ffcfcd8cc4c,0x7ffcfcd8cc582⤵PID:3996
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1876 /prefetch:22⤵PID:4020
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1972,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2144 /prefetch:32⤵PID:784
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2540 /prefetch:82⤵PID:1048
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:12⤵PID:232
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:12⤵PID:4356
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4484,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4400 /prefetch:12⤵PID:3904
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4964,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4940 /prefetch:12⤵PID:632
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5172,i,12030959798172349454,15977032310496519502,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5192 /prefetch:82⤵PID:5088
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:1352
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:4364
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
649B
MD55578a1f28568de97e14e750895ec8a51
SHA1211c7af8ea8658944d04784c55dd2fcf710b0f66
SHA25646e810b04d582d1539a239358834eab8a54c5d1287330a092440d18fec3be366
SHA512a411206cfa16db4830823d13b24006e1965ecfd47eec6dad5d573db23dad14e2fa720a61e49febebb295d746d1fd77293967b628409f76c7f8741d7dd9ecc7c8
-
Filesize
215KB
MD5505e09c540405320839973335aaad8d3
SHA1561984af748d012a17097f0217aed1cce9df9b5d
SHA25673725bbd9a7e1963f9661d2ea919fde145bff986774535d28ba06b0265c6e5f8
SHA512aaaead5b0d3a76d51618bfac3d9675fe9d70be5f9ab1c5a1945335712ec7dfdf6801674c4d8ebc88d8c5866d766d4ed9e7cecab5cfc7d7da07563a33fac7ad96
-
Filesize
672B
MD50aa677583f6796cbd3c90329b34ede42
SHA1e8ea52ec68f16519a9a96e3533fe52305bdb9374
SHA256d3b767484d87d98fd33c200f6dedb147320fcd6930b829f4ec4cf01ff110b577
SHA512252389f9ae66147bc4072466b765d577b46897defdd8264afe2bd740b007471c612b12501922bd72a6f0887a779c4db78d0a89a3436aca32742abfdd9c986bc9
-
Filesize
4KB
MD5b447f1401cf6d70ada2cdd0f4fcf6bdb
SHA1081b5c3bddbedeb7b2010b1931fe8a77bf780e62
SHA256378b7285a84a76db284666387a54143763c031a4077a85fe2ba3dc23270d8256
SHA512a2cc3ec6d9c8e20e1c604504b9a92355b21b1ee6b2d697759d31b7fd7ac2b06aac2061edad9301495e96feca69dadea8c0c19aafc27217d9cf685db3722adc64
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
1KB
MD50c62ad9503051a85700f0ba0855ad117
SHA1eca295aa21b3f8ac3be1cf61f52a5dccf8a13495
SHA25688bb97b1c63ce495279981e3ce5fa9f954a4a22ca8dbd17370ab9692acdb5dbc
SHA5124f0d4350f5ca879e9216c315306d45c0982897386417a2b2527cfaa9ef336773ba1ea018f617f5f1c2c694f32228e8a4dae16bbdb3ad6d4bfb0a5dfe4499faa7
-
Filesize
1KB
MD52a5d5ced8c13f9a0bd4cdf0a847f1dd9
SHA16eb4b3439aaffa87cd97023d2d89078290af57d9
SHA2565a7cdb10160a9843fae0bc4466d1c34e463ef5cbab1a0c55c1f1182cd08d3ee7
SHA512e5de47c611cd86c3ac1910cdf22f3ec98380703b17c58aa23ed81c66a8fbf2c977dffb878be6a6363419e4ee2657a095407ca41e35f2f73ab32d3aa73b586fc3
-
Filesize
10KB
MD505c516b61da249bd79266dc9dbdf8c7c
SHA12e65797db95d656fd53d63b05985d093ba94a763
SHA2569d9cf26573e6cbecc7261c019b3305bf341a89b556205e8a814a5eb63fa3cad8
SHA5125fc6c73316d14296bd6073ae8b7dd51cfa1617ffcf76983b5a14ef9ba6110faa783fcf682a3a862dd5363920cdb14d6a4a6467e4b7398cc49346fad9b0e5237c
-
Filesize
10KB
MD5657facb2f031970991afa25402e2b52e
SHA190511c65c79c9dc8988ac66005e77328e5f83dda
SHA25644ba3009a103574bb33d6de78989d54852930dc8e405bc8f5850a981602fb16a
SHA512c801b3629140050bfde4680ccdfa0951dabb0931b45a92940bf29c36443b3ffbd48c1800461f0d448f357456ae378740282887f24802a4d7152cfb3bc2b0fec3
-
Filesize
10KB
MD5f8b3f51b8f84a361ce2c7e13cb33767b
SHA1181f95546b9779791b607a4a8e636d06b384a86c
SHA256c219feda9fdb03e857116cb76df37d0a1446c7bfab6e36d0272993c97ba73909
SHA512c959b76f1aa2c159151b5a793ae5c9ed518a3bcc424a5665b1002d79c0dc62ba927c18d8120abe42060ecec5c3f2beba31f791382a58e782bc3a5c22b6c644b0
-
Filesize
9KB
MD5ca38e189de2e90846cb0b762000cafc9
SHA12468042bcd60258f6b98dd5ed70588b3afe20474
SHA2567fa34c5c828c3bb369a3ce02c5e123db4cf376af94ca703332bcaed959901104
SHA51295b21417396c891d041c75cb1845ea26df1e75b56cff3e15b653135811014d1c1e39166d58dcc8d6f843dcadcb99ce44b24f113d4943eb06a76eaec3fec6e533
-
Filesize
10KB
MD5d3c88c2495afa5f5801a440765fb8a36
SHA1b2be2404a5441af294a48c35ab9e56285827fde5
SHA2560eba5fd71de200d1d933cb6a1d122af63f46e77a7fbf4e3fb3e2971a79802ad0
SHA5123c1ae9f87b90e29659c1bac69f7565033bdac56ab9646870990571d9d1bcd376c74cc1eeb035544128dfc836e4ba3aa942a5657bfe1dd46ec4a83b7675d4c3b0
-
Filesize
9KB
MD549fa0b426a4226af9c1a996e51d9a28d
SHA1a4722992035f5417c5b8cd786f75c2ee6a6b25e5
SHA25601a4f6ea5782c87260caebc3ed430283747412686429a4942edb515d6f492a63
SHA5129f47b087139008fbb2496cfdba26b683e187c780677945c13a695d5cbd68d8af14aa9b4ac88f4c15f47acc9dba51a9f33e6eb264172d89e11412ba22c82886e9
-
Filesize
116KB
MD5582f280de6f0165478ed7587a1b204c8
SHA10f79e79adc55eba54f0734f2369d6f5bddbfe370
SHA256f4f1ad0944b2beae11891dcb85c4f66d5bc861e5c7271a51a64f22173cef7453
SHA512454f0def9f453d5546771f985a433450da077aafb49d1994f74bef03ea216c3c1aedeaaa942c6e97453bc316406d7e402331470b880128bafee148fc2a171801
-
Filesize
116KB
MD5db5bc2f9238eb452d0a400f489b59153
SHA1738b90f0534290a36e1cfc2b7578330ec69cd993
SHA256015472cf51f08570c5480ab6d5d5d76949c9def9085c303a0cb72d8896ae05ce
SHA512c203aa600a7ff351a87a4cbf2d0c4044b7aa239f68cc7741e957725087728344df85b1d8676d4104cf275ced70bda86b1c64b6264d82e07107859e12ed42c5aa