Analysis
-
max time kernel
61s -
max time network
64s -
platform
windows10-2004_x64 -
resource
win10v2004-20250313-en -
resource tags
-
submitted
31/03/2025, 15:57
General
-
Target
https://u.to/hs82Ig
Malware Config
Signatures
-
Detected potential entity reuse from brand STEAM. 1 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Checks processor information in registry 2 TTPs 24 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Modifies registry class 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 22 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
-
Suspicious use of SetWindowsHookEx 16 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://u.to/hs82Ig"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://u.to/hs82Ig2⤵
- Detected potential entity reuse from brand STEAM.
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2016 -prefsLen 27099 -prefMapHandle 2024 -prefMapSize 270279 -ipcHandle 2096 -initialChannelId {637be0e8-5654-4a29-b35a-bfe6851370c3} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -appDir "C:\Program Files\Mozilla Firefox\browser" - 1 gpu3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2504 -prefsLen 27135 -prefMapHandle 2508 -prefMapSize 270279 -ipcHandle 2516 -initialChannelId {c60d6fda-dd70-47a0-b070-7c9744115d22} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 2 socket3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 3948 -prefsLen 25164 -prefMapHandle 3952 -prefMapSize 270279 -jsInitHandle 3956 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 3964 -initialChannelId {d9327e26-524c-4cb1-b484-f6a774eb9562} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 3 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 4112 -prefsLen 27276 -prefMapHandle 4116 -prefMapSize 270279 -ipcHandle 4200 -initialChannelId {867f6e46-4c79-4359-8fc8-5ced2a38d42d} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -appDir "C:\Program Files\Mozilla Firefox\browser" - 4 rdd3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 1664 -prefsLen 34775 -prefMapHandle 3132 -prefMapSize 270279 -jsInitHandle 3136 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 2928 -initialChannelId {cf6af56c-1568-4997-a6bf-0116e7910047} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 5 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -sandboxingKind 0 -prefsHandle 5184 -prefsLen 34905 -prefMapHandle 5188 -prefMapSize 270279 -ipcHandle 5200 -initialChannelId {c326d01b-4919-419f-93e4-b3ec7d599d6c} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 6 utility3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5428 -prefsLen 32952 -prefMapHandle 5432 -prefMapSize 270279 -jsInitHandle 5436 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5444 -initialChannelId {b8640412-9084-4e9f-a6a3-f6f4162d0363} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 7 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5684 -prefsLen 32952 -prefMapHandle 5680 -prefMapSize 270279 -jsInitHandle 5676 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5712 -initialChannelId {89326bbb-c01d-4471-b7f8-96409bbeaea8} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 8 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5880 -prefsLen 32952 -prefMapHandle 5884 -prefMapSize 270279 -jsInitHandle 5888 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5896 -initialChannelId {fff9cbb9-ad93-4aff-b7ae-ae599b8ff0c3} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 9 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5832 -prefsLen 32952 -prefMapHandle 5828 -prefMapSize 270279 -jsInitHandle 5728 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6128 -initialChannelId {7045437a-4b78-4aca-8c97-79db3ed895a8} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 10 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6944 -prefsLen 39642 -prefMapHandle 6976 -prefMapSize 270279 -jsInitHandle 6980 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5496 -initialChannelId {ba2a3173-96f0-48f0-b0ee-105d7856c3ce} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 11 tab3⤵
- Checks processor information in registry
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7008 -prefsLen 36553 -prefMapHandle 3452 -prefMapSize 270279 -jsInitHandle 5016 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5020 -initialChannelId {2cadcce1-a9ae-4b2f-b2f3-3fc96d68b6b6} -parentPid 4124 -crashReporter "\\.\pipe\gecko-crash-server-pipe.4124" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 12 tab3⤵
- Checks processor information in registry
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
22KB
MD5d9e67339fc8106e9d83c44f25f62cab3
SHA1df8fc484397a8f270b5faf40b2a439762273c2f3
SHA256164321e39d70e4791e4ba54880c9d5754ae505c99a7e474799f52214f06cf117
SHA512aade20664d9a56ab2234556844c167f96fc1ea9850e34e953df16c06156545bc71b160ee8b4e6d1430823cb1338e935ee564398c1e3de7a978c180bcf211dbae
-
Filesize
34KB
MD544bcd59c674a0b47dca22485697089ab
SHA1daeaab03e7556e8463acd05304b8f197be232378
SHA256e3cca82449099ea9018fc5b734931f0d533ad6c44dd88fb80e644aec5ede910d
SHA51222308ee6b54c032c44becc44dd6de1d5c101a5052abf7eb399310f1fd6f8f4b14b67dec6e02d4bdddf37c1c97fd7043b7ecea48ee7f7cb2d6c768f7dd66519e9
-
Filesize
13KB
MD568eabfe730ef81041f2845a138a2c55b
SHA19ddbfa31c270de300dd79856caffd52b6848e042
SHA25603d451f12b86dbbd3cc42d3b61870cd65a8fcf2f81e1b1ec10e3715931ce2366
SHA5129ca12dc81071700b9536f62be57d8061a38e30b9f64885963ac8f424cccfcc32e30c8ab8fc34c0e3ab32420b3f8700f1c10f477de3a7538dd14eca34efac67a8
-
Filesize
118KB
MD560898f271eae8eaf1aed919621737774
SHA1b72770c5b79d27d5d30c03215c813bd95ad2971f
SHA256fd663be9c1a95232abeed3b59f41244bc7c2f06bbcc3d5b95c1916dd3cc1cfbe
SHA512b86bc49ac5029d11900f6050d17b60a9448e170d0b9c617fcd2046cc84c937bfddf2c2359a34d6106f442622c38628e0bc8b483c4b310799079189c6d07a827d
-
Filesize
11KB
MD525e8156b7f7ca8dad999ee2b93a32b71
SHA1db587e9e9559b433cee57435cb97a83963659430
SHA256ddf3ba4e25a622276755133e0cce5605b83719c7cab3546e09acbfed00d6a986
SHA5121211b2fa997ba13ff926aec58b6b35a81d7fe108b0caa8f4d6369d0a37f8481373b78a4b201651243adde9e2b2699ce929482a46226ff6299b0a0e40fe2ddc56
-
Filesize
14.0MB
MD5bcceccab13375513a6e8ab48e7b63496
SHA163d8a68cf562424d3fc3be1297d83f8247e24142
SHA256a6af95a209b2e652ed6766804b9b8ad6b6a68f2c610b8f14713cd40df0d62bf9
SHA512d94483deaae98bf9212699f1ab0bd913f6151a63e65ebc1ea644ab98d5e3ebd74ecaa08f70aca31e11a5d2c64d1504b723817af35bbe9d7b05c758dd6945d484
-
Filesize
502KB
MD5e690f995973164fe425f76589b1be2d9
SHA1e947c4dad203aab37a003194dddc7980c74fa712
SHA25687862f4bc8559fbe578389a9501dc01c4c585edb4bb03b238493327296d60171
SHA51277991110c1d195616e936d27151d02e4d957be6c20a4f3b3511567868b5ddffc6abbfdc668d17672f5d681f12b20237c7905f9b0daaa6d71dcdac4b38f2448b2
-
Filesize
7KB
MD558cf06de34c00ad5da909c09d0062ec0
SHA174c12b841937f78f89a145f1951d237060c1e1dc
SHA25629ddd0e5ea71a3b7991f369d6419618886e6f2a93d3ca570757c971fefa2507f
SHA512d0749e7bf14c541b2f61cbee4e066ffa685b60442eeb37641e2086afd2035eaac23baf8f14a00182765cba1c6e3e466bff804784e3c35fa9587d990ee098d2c2
-
Filesize
12KB
MD59f3c6da53ca2ead3536be4157d5273da
SHA14e52347389a07af995bfcc07540c7a4a22db506c
SHA256f3817013fa2650c5a36c991f6e249f93003a1d3ff029cdfebe5a66b9f5c2ee59
SHA5127bf8a354bf1379574a24d8b033d98b2bb034f12ddc86fb903360c7d97e78118fb1f777b4b866ec876766e5f9b5e6d773f1b3092a47259f6f782a0d9d99cce7d3
-
Filesize
6KB
MD5dddcefca2305e7251cfe9525c52cc75d
SHA1682bbb82ea2b20319e5824ff0e85c85b76379c33
SHA2562af0addba520391261f54ee3c18af616079d51e63d5735167d3e713537493ad9
SHA512fc91ef28c89a4fe2ad15d27b48cc18381460f16728624d8ba030eff202368bb292537170ef783ba076923b164cc29b12cd7fd33d9d5a901c9ad792721c0928b9
-
Filesize
1KB
MD568dc43fd183151c310cb532891ca421b
SHA13fee76b998ca91fb9b5c866111a5e63e3d230a44
SHA256aeeb061040d99cd36f84aeb233dab31983b41b09237767e0c6645847d2568a9c
SHA51273b78b5d986a52e5549b5b21e9e75ce626200ce66d18f0702ab9ffd88ae7f756d001f4a372795f8ed68f510470f3e565ad63bf735bb836478e784af866c6894c
-
Filesize
3KB
MD5b4c316a0effd9b528bee82f8ce46256f
SHA14ea47156c99d85a642c5bfd4295d2ff1a3785a9a
SHA2566b2542a33453bad089a477fdd3cdb99533cc21fe1c0af1816f241e52b2a6d493
SHA51245f8052b137bc79850895d05091d684a58ef34ae6f8e361286841c555af68c4bfddef475b3a2b4cbc50ef4ecbf305d2d7b47673f19a8b6b65f5de17ef97e4598
-
Filesize
5KB
MD5630d7821d2e913b8b416788a98eb83b4
SHA136676e6a53374f2659ef645b4e4d025b8b1fb3fd
SHA256e75b9e7f7eb860ae3e1740e4b504759bc1096a52852aef5aea79d821be6249e6
SHA5125bafd76d72019d5a31e00ad98bf9dce4b48ca1bbf25f8d7fb0ba1799dbcd52840ffb929c25ded88fb0c51a7dac92ae95a55fd5273c4a988f52d035cb905107a0
-
Filesize
886B
MD5bdc268e6edc4d50d01a8342023b43f23
SHA1e823968c7b4e534bb31c96ad53353fba90dda2a1
SHA256ec20d159ac632d3fdb9ab6d15cb6dd7574fca74e279c1401f715ea3044bb960a
SHA51216e99aea69b06117326e791ce509e97a7199cea9649900bfed257e4631e2de8cdb4f810359d5ea18d752a563f91484ea6d2648e9f0ee4ab132a5a66267fab36a
-
Filesize
16KB
MD5e046c6ffc0f24b7c3193e6a416725b11
SHA1a6739a024046090a881fe205ed5f2c71d655bcb3
SHA256bc506b6585d84c94dd20368005c65f03a6722bad3f6a5834417a4a1e719175f9
SHA51249dff51a9ab49010a9eb05fb540b5a52d75e5259a10fae4696089383fbcfa510b74c9a62b949e5749becd4cbc733c4aa56d77adba7f84d6f8e6990aed58050a0
-
Filesize
883B
MD5b3aceecb347f62924e7ca004e5181191
SHA1cbde05bdf5d3905accad564218cebbc0ab02814d
SHA256f11d3d943255f300121352399fc8c1d626c0e448605dad39eaddf7dc1a00682a
SHA512dcd9ad3a6ba09a335c476f8ad750e71c13706902335970199fe61a8dc2fe5dedc4e90edd72b4f60fdd4937b1620f42675c69d0613464652bf138d07293c9a2c0
-
Filesize
235B
MD5b98d9154f618ef561c72e20560eca871
SHA16273ec8b5249d16b7c6f1449bc2d1ef8c782e9a8
SHA25643d25dafc7024f64e16acbabbb7b04fdbae89f398f80769ab609ccfc2b03aa1d
SHA512cbacf663ee59159b67bc53f6ff40d423f81720c4e6dbcb8ef5318198ca56e45b468718fe82633aa1401a4c1bcb21b88304ee80cc7c4db36785dc06d024375bf3
-
Filesize
2KB
MD52c8b7950ebb1645b1720a34410d7e56c
SHA114b395ce7377d589f6289fd8bac673434caf9227
SHA256e3ba03744e4e8fe2efad34c0720a6e6551331936b9174971c525243c5cb034b6
SHA51253f919eca2eaea2b0505a6daa6de648ee73970e055c83bf0f2bc9e10efe4f6c79549f70ec0ab7cda56a88c59068bcdc6e53b8f5cce938a5431141273961cb35d
-
Filesize
235B
MD585e4e0ee2d7a03ac37c98530cd2b8da4
SHA114e9ed0130846aba07b7c768feae817dbe00be41
SHA25640dabfcef847b01e0a96660f4d2ca301ce61eed72e5d40f9591003a3a904af19
SHA51224456d9d1637632ca29c0be9fcbf0a7aca38dcba5a5bd32997c33ab5b407c27cf864f255bd627f2a2f0893ae7a77a32be909fa352886e29267fbd31591670603
-
Filesize
16KB
MD592cd9aed3788e364060eb7b144874102
SHA1c9b398221dc088d3471fa1ffd2ebec50fc94a948
SHA256747097d436d6a39fd76dcb8e86917f85d5d0b173b06c987989f7ca6fa6538562
SHA512a36bb8ef821f36f101bcf5cfb2f5d59f8d74b91bfd39fece5aa046ebf70f6bdedab127425f5c21a31499156f8ec2e5800dfdbce58e2e51512aa3a862d4eb37ad
-
Filesize
1.1MB
MD5626073e8dcf656ac4130e3283c51cbba
SHA17e3197e5792e34a67bfef9727ce1dd7dc151284c
SHA25637c005a7789747b412d6c0a6a4c30d15732da3d857b4f94b744be1a67231b651
SHA512eebdeef5e47aeadfeebdbab8625f4ec91e15c4c4e4db4be91ea41be4a3da1e1afeed305f6470e5d6b2a31c41cbfb5548b35a15fccd7896d3fde7cdf402d7a339
-
Filesize
116B
MD5ae29912407dfadf0d683982d4fb57293
SHA10542053f5a6ce07dc206f69230109be4a5e25775
SHA256fe7686a6281f0ab519c32c788ce0da0d01640425018dcffcfcb81105757f6fe6
SHA5126f9083152c02f93a900cb69b1ce879e0c0d69453f1046280ca549a0301ae7925facdda6329f7ccb61726addee78ba2fffc5ba3491a185f139f3155716caf0a8d
-
Filesize
1001B
MD532aeacedce82bafbcba8d1ade9e88d5a
SHA1a9b4858d2ae0b6595705634fd024f7e076426a24
SHA2564ed3c6389f6f7cd94db5cd0f870c34a296fc0de3b1e707fccf01645b455790ce
SHA51267dfe5632188714ec87f3c79dbe217a0ae4dfb784f3fac63affd20fef8b8ef1978c28b3bf7955f3daaf3004ac5316b1ffa964683b0676841bab4274c325c6e2b
-
Filesize
18.5MB
MD51b32d1ec35a7ead1671efc0782b7edf0
SHA18e3274b9f2938ff2252ed74779dd6322c601a0c8
SHA2563ed0dec36754402707c2ae4fbfa887fe3089945f6f7c1a8a3e6c1e64ad1c2648
SHA512ab452caa2a529b5bf3874c291f1ffb2a30d9ea43dae5df6a6995dde4bc3506648c749317f0d8e94c31214e62f18f855d933b6d0b6b44634b01e058d3c5fcb499
-
Filesize
8KB
MD564a8134ca47b3734e71786193b0bfcc4
SHA17ad003ecfa611906154263fd242d96a500c27c73
SHA256bd93d288ad537989c1c5b83dd1c3c951cc0e88655a1321c9c1a585ebdba8e8a4
SHA512cbbe1f095a4df1b3dbf318d79a20f0d6704987b293d704f2c5eb5c3ba840b9ac78a843beebdf7d8d91ad57ec2812363a6957efb4edbfb3774519e22b65bc9956
-
Filesize
6KB
MD537ae6e0af2887c2a4c39be79307e1c8d
SHA1c8fee2e4e40d5652e6a62239da5e3c1ff1cb2155
SHA256cd5abface62e3c373b30369d8e777b83708f2792bb389e5597a0d8af2a0bcfb1
SHA512f4005f53158ed8bc68bf1aedf4c638086b414a5d4ee51df500b9b0e9403a2f19511344aeb5e975a1e3252134e4cb32c91f1f7b682455e4512f06a9056e66df85
-
Filesize
6KB
MD5bfe80dc9337793bb952814e5aa48e000
SHA16cc1193c6920bffa33c8c447d370ba71489c79de
SHA2561ad2ce983031685175986cb3c6ec4068e93ebea2120b53e6db963121256105c8
SHA5123bba604332bc1d42e353e38e6db712d8fb1356609cd97686edfa39f261c5df3b367ee5fce06ea7e05d3e7f3d4e1bb7953a36065f356885995951717601efab3f
-
Filesize
7KB
MD5cbe0893b684efdaeda6e71b3ebcca158
SHA134b7dad357d86c816af4b949a5e0d54202e5fa98
SHA256fa6e794480d929ee4e906249b6cb186dd9563f4f4835e84cf413d57b5ad66f5a
SHA51204414f3fee60ad7f0ce4716201ffc663263c4cf83d8729893ec1a5086751caf32cadc97497541f83689c01d2b673ae866f8a7c407daf782b548e5198a18c5d2d
-
Filesize
41KB
MD5b8b2f0ba436f806641ca9e3f820efca7
SHA1960cf590a17860c4430c0ed247f848d1d182f9da
SHA2564fea3c6652bea8188853d17b56b707efb86d037eb01fe98b667c07fbf6ab15a6
SHA51203c29820e9e0e9ea8b84e433a4ebb5958603a589b341f8a62707accf33deaaa70ec3479c77ef61dbdf150841f9c84a888478abb947b9db4c6dc47039880b1140
-
Filesize
1KB
MD5c1ea1c2285d4cd758a007b1e755549cf
SHA1114f139670e4b1f2a7be176fa1e8f154994fc844
SHA256d2994365837ee2dda12db8ac9b756969f79272df7a6b797c7f2f6defae399ec2
SHA512cef3f257a5746852fd5d20f0eb56a9bfbb84a26e96416e7610e6a735c42cfbbf5738d6740ca6ec36912ba73b97837756399af4b19d0034f5e9033af448efea16
-
Filesize
41KB
MD5c7c58fcf51d77a73d13628212e5ac00a
SHA1d4bd561f915ed08230804ce42723c679384eb250
SHA25608c7a3a380d0f83297a43b813091bbd809db338d200d30212d77e981b022b1eb
SHA512e36f44c9d523ed9ce18f30776e4ffe64faed3d3792311847705b2ec2c05de12784dff809985502c34980e8b0c8a9011938cb78186859d41d5c60cbe628f66cee