Overview
overview
10Static
static
10PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
6PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...e.html
windows11-21h2-x64
1PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...ics.js
windows11-21h2-x64
3PlutoReape...rap.js
windows11-21h2-x64
3PlutoReape...ery.js
windows11-21h2-x64
3PlutoReape...002.js
windows11-21h2-x64
3PlutoReape...003.js
windows11-21h2-x64
3PlutoReape...004.js
windows11-21h2-x64
3PlutoReape...005.js
windows11-21h2-x64
3PlutoReape...006.js
windows11-21h2-x64
3PlutoReape.../js.js
windows11-21h2-x64
3PlutoReape...ipt.js
windows11-21h2-x64
3PlutoReape...pts.js
windows11-21h2-x64
3PlutoReape...oll.js
windows11-21h2-x64
3PlutoReape...804.js
windows11-21h2-x64
3PlutoReape...u.html
windows11-21h2-x64
3PlutoReape...sdk.js
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
1PlutoReape...n.html
windows11-21h2-x64
3PlutoReape...n.html
windows11-21h2-x64
3PlutoReape....EN.js
windows11-21h2-x64
3PlutoReape...ngs.js
windows11-21h2-x64
3PlutoReape...ore.js
windows11-21h2-x64
3PlutoReape...h.html
windows11-21h2-x64
3PlutoReape...oot.js
windows11-21h2-x64
3PlutoReape...002.js
windows11-21h2-x64
3Analysis
-
max time kernel
121s -
max time network
155s -
platform
windows11-21h2_x64 -
resource
win11-20250217-en -
resource tags
arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system -
submitted
05/03/2025, 20:12
Behavioral task
behavioral1
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/cryptocurrency/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/devianart/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/dropbox/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/facebook/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral5
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/facebook/mobile.html
Resource
win11-20250218-en
windows11-21h2-x64
Behavioral task
behavioral6
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/github/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral7
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/google/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral8
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral9
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/analytics.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral10
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/bootstrap.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral11
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral12
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery_002.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral13
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery_003.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral14
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery_004.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral15
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery_005.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral16
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/jquery_006.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral17
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/js.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral18
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/otherscript.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral19
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/scripts.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral20
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login_files/smoothscroll.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral21
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instagram/index_files/f9e5c0ca0804.js
Resource
win11-20250218-en
windows11-21h2-x64
Behavioral task
behavioral22
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instagram/index_files/lY4eZXm_YWu.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral23
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instagram/index_files/sdk.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral24
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instagram/login.html
Resource
win11-20250218-en
windows11-21h2-x64
Behavioral task
behavioral25
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/linkedin/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral26
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/messenger/login.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral27
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/ConvergedLoginPaginatedStrings.EN.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral28
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/ConvergedLoginPaginatedStrings.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral29
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/ConvergedLogin_PCore.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral30
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/prefetch.html
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral31
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/prefetch_data/boot.js
Resource
win11-20250217-en
windows11-21h2-x64
Behavioral task
behavioral32
Sample
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/microsoft/index_files/prefetch_data/boot_002.js
Resource
win11-20250217-en
windows11-21h2-x64
General
-
Target
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/instafollowers/login.html
-
Size
9KB
-
MD5
85d9b45e1ee92f2fcb04f6573488e703
-
SHA1
a650a2a2be2c7ca90018c230cf87d5791398e75b
-
SHA256
433f55b5590629be5c2195a61b2287ae6a82d0905b2bfc6ea6b15745a69876a8
-
SHA512
94ded12053c35731373e2f8568c124ebcad7514691cb411cc87b5e8c1e0024fe8e3760c50730297b242230a9ccace0264ee9ec7a705693be265138aa5ce7bed2
-
SSDEEP
96:jzi/3N+/pnnG2/wM1R84yULnaUyo1cl1v8lsNZQfehiUOdRgDkaaTlM4XgLAA:/i/3KFGGb8RUervnQfeYDdBdXgcA
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 5108 msedge.exe 5108 msedge.exe 4284 msedge.exe 4284 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 4284 msedge.exe 4284 msedge.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe -
Suspicious use of SendNotifyMessage 12 IoCs
pid Process 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe 4284 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4284 wrote to memory of 3516 4284 msedge.exe 82 PID 4284 wrote to memory of 3516 4284 msedge.exe 82 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 2744 4284 msedge.exe 83 PID 4284 wrote to memory of 5108 4284 msedge.exe 84 PID 4284 wrote to memory of 5108 4284 msedge.exe 84 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85 PID 4284 wrote to memory of 2088 4284 msedge.exe 85
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\instafollowers\login.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4284 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc1bd43cb8,0x7ffc1bd43cc8,0x7ffc1bd43cd82⤵PID:3516
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:22⤵PID:2744
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:5108
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2524 /prefetch:82⤵PID:2088
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:12⤵PID:1460
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:12⤵PID:1536
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,1408242870033702277,2386643090294489869,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1696 /prefetch:22⤵PID:2880
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2824
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2032
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5825fb95a70bf7b56cfcda1f118800f98
SHA115f1e212c1fb567c70ff4f716a4bba81f2857e0a
SHA2562280c42f8ca4302a1d37d63532e3e981e33b596e3b2e930ce40b390dc0f09104
SHA512987189b84f58e5d64b662f80f47ae797bcf46aeba86584cc17afabd2f25885a4cf48d80400154ba22eeee1131b84f882cd1998d1686ee12013218f52049bc6d7
-
Filesize
152B
MD5e45a14e89fdf82756edc65c97e606e63
SHA142ce594393a4ce3b4e1c79dbe424841bd3f434c8
SHA25649af9d716c69fb93ebee18e708f4ceaab99abf505abcbad1bd46c60ace03da9f
SHA5126af0cabb253026d7613065e7274f8be114fc2cbd0134e8d518a417bf4b2b94ffc8b9c05be4e47685ac6d7246e28c11a86852ee4b6e934bf6c6d56b6c97428425
-
Filesize
5KB
MD515c9a42998e21c368f9f918609d77467
SHA12467e3d85509413ed0d74c667eff8aee9b6051a4
SHA256ccb800728a29aba534a9aceef89ef3e60e3750fd3e8137b81aafeb5534f0a80d
SHA5128962a728a2ff82dbffcfa5150f33001b44a8ec0701932185fd15cf722b9dc3bb9200080551f952befdce3ac81c9041c057b0ec4462030cc1593ba4ac5b2fafd5
-
Filesize
5KB
MD5e2936f6efd056d44ceb639757b1238d5
SHA14aa93090bd90d4d9a647afef1c1ff2f9e4308a26
SHA25601dfc554582f64304aac9137d0b8f9498836e56d2ee1854976a11df8bc1256ec
SHA51287f10297e0dd0365eac267207d16569654dfa28998cf3313ff118a42f270c5047ffc4edab36b1897cfe904d050be23900b2e92f5898299a7a64319367996ae84
-
Filesize
11KB
MD5509b496ffbde4c922d4cd0fbfc6186df
SHA192d71b1684310583bd51d7765f7dc9f7ddeab703
SHA25650c55792263c71ef5fe78d9bacd19bb00458f1926f9a30bff0d8ef645ef3968c
SHA512f83e4badaffe8a0aa0c9e6e421bafc8f89d7fd224a6467a119b31fdf93e65999b87160f14217c49cbd6939fbd167bac4b2246ee26de1d397a52eb27a41f03f08