X-Junior · August 3, 2023 13:42
diff --git a/DarkGate_Static_String_Decryption.py b/DarkGate_Static_String_Decryption.py
 import sys , pefile , validators , re , base64
 '''
 Author: Mohamed Ashraf (@X__Junior)

 Usage:
 python3 darkgate.py path_to_sample
 '''

 def is_ascii(s):
    return all(ord(c) < 128 or ord(c) == 0 for c in s)

 def extract_ip_address(content):
 	ip_pattern = r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
 	ip_addresses = []

 	if type(content) is bytes:
 		ip_pattern = rb'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

 	potential_ips = re.finditer(ip_pattern, content)

 	for ip_bytes in potential_ips:
 		ip_addresses.append(ip_bytes.group())

 	return ip_addresses

 def custom_decryption_2(encoded_string , key_expansion , xor_key , custom_alphabet):
 	encoded_string = custom_base64_decode(encoded_string.decode(), custom_alphabet)
 	decoded_str = ""

 	for i in key_expansion:
 		xor_key ^= i

 	for char in encoded_string:
 		decoded_str += chr( ( ~ (char ^ xor_key ) & 0xff) )

 	return decoded_str


 def custom_decryption(encoded_string , key_expansion , xor_key):
 	encoded_string = base64.b64decode(encoded_string)
 	decoded_str = ""

 	for i in key_expansion:
 		xor_key ^= i

 	for char in encoded_string:
 		decoded_str += chr( ( ~ (char ^ xor_key ) & 0xff) )

 	return decoded_str


 def custom_base64_decode(encoded_string , custom_alphabet):
 	standard_table = str.maketrans(custom_alphabet, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/")

 	padding_needed = (4 - len(encoded_string) % 4) % 4
 	encoded_string += custom_alphabet[0] * padding_needed

 	standard_encoded_string = encoded_string.translate(standard_table)
 	decoded_bytes = base64.b64decode(standard_encoded_string)

 	return decoded_bytes



 def main(args):
 	file_data = open(binary_path,'rb').read()
 	pe = pefile.PE(data=file_data)

 	all_hardcoded_strings = []
 	filterd_hardcoded_strings = []
 	custom_alphabets = []
 	potential_c2 = []

 	for section in pe.sections:
 		all_hardcoded_strings.extend(section.get_data().split(b'\x00'))

 	for data in all_hardcoded_strings :
 		try:
 			if data != b'':
 				if b'\xff' in data:
 					filterd_hardcoded_strings.append(data.replace(b'\xff',b'').decode())
 				else:
 					filterd_hardcoded_strings.append(data.decode())
 			if len(data) == 64 :
 				custom_alphabets.append(data.decode())
 			# extract domains if exists
 			if validators.url(data.decode()):
 						potential_c2.append(data)
 		except:
 			continue

 	# Variant 1 , hash : 5b17e978c2ca2cf03e4ffff1e4609f2ec98738b1541fa41ba5b67f061e9e2af2
 	for custom_alphabet in custom_alphabets:
 		for data in filterd_hardcoded_strings:
 			try:
 				decoded_string = custom_base64_decode(data, custom_alphabet).decode().replace("\r\n", "")
 				if is_ascii(decoded_string) and len(decoded_string) > 4:
 					print(decoded_string)
 				ip_addresses = extract_ip_address(decoded_string)
 				for ip_address in ip_addresses:
 					if validators.ip_address.ipv4(ip_address):
 						potential_c2.append(ip_address)
 				if validators.url(decoded_string):
 					potential_c2.append(decoded_string)
 			except:
 				continue

 	# Variant 2 , hash : 7ff58aca7eea812c1b0cde7f99ff8658502e76880375af72daef7b0deb63473c
 	for i  in range(len(filterd_hardcoded_strings)-3):
 		enc_data = filterd_hardcoded_strings[i]
 		xor_byte = int.from_bytes(bytes(filterd_hardcoded_strings[i+1],"utf-8"),'little')
 		xor_key = filterd_hardcoded_strings[i+2]

 		if type(enc_data) is str and type(xor_byte) is int and type(xor_key) is str :
 			try:
 				decoded_string = custom_decryption(bytes(enc_data,"utf-8") , bytes(xor_key,"utf-8") , xor_byte).replace("\r\n", "")
 				if is_ascii(decoded_string) and len(decoded_string) > 4:
 						print(decoded_string)

 				ip_addresses = extract_ip_address(decoded_string)
 				for ip_address in ip_addresses:
 					if validators.ip_address.ipv4(ip_address):
 						potential_c2.append(ip_address)
 				if validators.url(decoded_string):
 					potential_c2.append(decoded_string)
 			except:
 				continue

 	# Variant 3 , hash : da05617eded07cec14d283b73336c4582b4e812c99c81da14c06f28d7432e0f9
 	for i  in range(len(filterd_hardcoded_strings)-2):
 		enc_data = filterd_hardcoded_strings[i]
 		xor_byte = int.from_bytes(bytes(filterd_hardcoded_strings[i+1],"utf-8"),'little')
 		xor_key = filterd_hardcoded_strings[i+2]

 		if type(enc_data) is str and type(xor_byte) is int and type(xor_key) is str :
 			for custom_alphabet in custom_alphabets:
 				try:
 					decoded_string = custom_decryption_2(bytes(enc_data,"utf-8") , bytes(xor_key,"utf-8") , xor_byte , custom_alphabet).replace("\r\n", "")
 					if is_ascii(decoded_string) and len(decoded_string) > 4:
 							print(decoded_string)
 					ip_addresses = extract_ip_address(decoded_string)
 					for ip_address in ip_addresses:
 						if validators.ip_address.ipv4(ip_address):
 							potential_c2.append(ip_address)
 					if validators.url(decoded_string):
 						potential_c2.append(decoded_string)
 				except:
 					continue
 	# Variant 4 , hash : efe4dd6e9ec7f3d60a456a863d47a1624ca5354bd37f8a3a7c7a4dd4f68596f4 , everything is hardcoded
 	# extract hardcoded ip addresses if exist
 	if potential_c2 == []:
 		ip_addresses = extract_ip_address(file_data)
 		for ip_address in ip_addresses:
 			if validators.ip_address.ipv4(ip_address.decode()):
 					potential_c2.append(ip_address.decode())
 	print("Potential C2 : " , potential_c2  )

 if __name__ == "__main__":
 	binary_path = sys.argv[1]
 	main(binary_path)
diff --git a/Hashes.txt b/Hashes.txt
 0dee02b21cfc3d8055e4ea59c4df9a4d113dbe5676ce4946ec7406749eeb238f
 0fef65c9443c60896499c90bcce4448328ab6cf2387e1d7cf1fb9d8234ff5c5b
 145a0faa4e25006cc3decef0f1541ea5f0e5ab0c8c446cdb921ac7b6c6c87bde
 1a94ea3a5b595fa4758ab0e4a3a70a43631439d79d3e94f5f539b00b64d2a1e6
 34aed6af1425b5315c9aee05a715aa76635ab453d4a1bf5740e7e94717170bc9
 405d00c3e1cb116d81c1b1afe437991057529a56060b8e783041ed8b5d271316
 50275fe91ebc69bbfc65edfaf4739d4345710aab5f7169048c82b7b15807abef
 5b17e978c2ca2cf03e4ffff1e4609f2ec98738b1541fa41ba5b67f061e9e2af2
 76d9cb366de739ffe3a97b065c9bda83a67c9e76542711c3070e1bb30f544f56
 7ff58aca7eea812c1b0cde7f99ff8658502e76880375af72daef7b0deb63473c
 9788d166f10f46c63badb01ce2bdd17792831b9f9eb1e2b0c2c3b6c5c2dfac81
 af6e864a22ae5dff4bf6df20b653576fc517d4414836db88b24a95ac8dffd945
 c2e90c45911b7b6e9d46f4dae5bfefa47e50abddd75cc6d5297cddeee23dd002
 da05617eded07cec14d283b73336c4582b4e812c99c81da14c06f28d7432e0f9
 e7b76e11101e35c46a7199851f82c69e819a3d856f6f68fa3af0636c3efde0ca
 ec7fbfba6a5dad316f773f7d2124a2f6bf83d176b2aecb952ccf870bda0261f7
 1c8d68924d0608af14b6c30633396e17c8b19545d17da37a1a50f3c04a1b583c
 efe4dd6e9ec7f3d60a456a863d47a1624ca5354bd37f8a3a7c7a4dd4f68596f4
 bca1ec82328b8358d00aef8b7643915df307cb7428f37f3e05f41b46514b4b6d
 10959b7b9a9d905c9cffdcddfc7567cefdd66bbe44ca7b5e302b57d2fa1b82ac
 e9f4140f1bbb0f488d8bd0f56aaa5459f443e19291e292ce41b77a2fb6b29a41
 e54659e528204c0d64e45145e191e314c7c0ca582ee8d8282d58b22d54df7166
 b9042d66266323620696e109a4e9a47ca13d163e68b1950be0d5d505cd17345d
 df29018228021a8f4a580d56f0a85e973c0c112c5c0d879f21dfb632e8ef3c92
 872e21a97a8c81d5fbf63614c1f3051838332f1f6cea2567e1972205dd78ba58
 894d81000f8a74a32f41b6ad4c0269621b6843a3c03a0676cea8149826dcb4ec
 b2dedaae40964849a76c92717777a4d1eaf3b30b53211233c2a76cea18f9c35c
 4294311459a11cc5097211ae337c59e2f80e97876ebfac1214328bdd901ed3f3
 763b6e58549b4578d184755c44a44da402cc8e8a1d02978cda8e16436905d219
 4c84b3f2be74644fa8157b93471586fdaaaeab18a3b2732663e08ce7c12e20c6
 32424d0b69e46c296c7de1c621dc27502efead7df4ffd6c4dfa7b6fd2b41e44c
 74e12511c3565890c92a84015289d58c6d8b2ecab474019733020f62bc553e33
 bcf0d0d73e10ad0db761d5a2af73d3bc9c5a156c320bbffcc39dfe0da8e15e49
 bfc1eec00dbecede6f7650f7d21ba80cd3b8f2a1033f45a6bfb958b009da4789
 2824b4f5365025f5b0cb2bc956c2a46336fde086e0d56625d50375b6374251c8
 569ea1b88fafc82bdc068ade08ed0c10927236ecb033243f22c1e6ed691a5d5f
 211bea2fa32c4e2597a59c004504ec1de04239d3ca2218104bb264f59f594e70
 2fc38205e5911185623011d5ffdbd22c64476cab93c82efe255fd280b14f2158
 e2e1b0e131e8a5ad07f70e51f350fc454cae5e06b97c64692387d6c6d7870bd7
 07e7ce324773077d571c026405790fe61209008017e71313a3713e9d9095fc4d
 8d85178b309627b1272ca2d86f8d223bcef1ffa49a8eea4f846a665ad85c4c3a
 a166259cd00e95f75546d18eeb0374ac4909b4b2a4b1c6016b162ad1a75f913e
 6a53099c5fc8c311986906cb958e7dd570fe2a5cfb7dca760f70c12afc65d87f
 5b7b26262996e9665a0b8e6d131142af68df198ede9d8af7596bbeafa88ff92b
 7b008437a75d083e11a38182844cc935013e6d9200475ab3c51c0ebeb895b7df
 c879c020fa358ddf542b5b40a8ea99402ae77261cdd98100bb33126c8f863639
 9b9271cf8b5e7eff72121e8579e3e2893328e50328da3a37b3f1ed8dfc420a32
 10bfaeb0c00425c4749140d5c7d9f3d88537cf2f621ba7af5322b15cf205b896
 a3543c799f26394daa327aec1125f7546318328f1636d8ee161e9eeb9ee1ce56
 d9ba9e8fe59db9c5d2a8cec36e8cf26d585df956f51743256939c2e2c334cc68
 d128d7fdf4e9b0d1c82cfb5916ff7f5501b2671223e6190d40291d5f58c732d3
 a4cf227b5b7e6871c15bcfd1f4f98eacfa31f52d10350bf03a7fb66323533081
 dfab35a328099a51831d122b08222df01ed3dd306d9e9e1ffed94d1da8998188
 0f878c87c43b340f4d0f88e8ffde3a848a3100969f8883badd53862f1b675b43
 10994986bb504db847fa5dbad6dcbf03e256762eb53238dba7dbdd32f93ee809
 0e5f17f2697aea5447d90d79a827a72610238355bb29f0d7b27012d4e8a3c3be
 d9b835b7a41878ffa77ed6127624424b6aff8fc491f112a53ef59127ae7ee2a6
 41e952522f8350f643c4a5ef029dea29654bcb8a35ce7c45cdc6a397d1d26782
 ee2baeab2434c051166dd127bf57c17dfaf0e7438500bfae12f174ff1b59acef
 1c37428a3e185e0366d7206f898ace4f106fe592f85acfcd137a3b2f215bbf57
 bae076b9a01b4b5325ccad5439437c2b829815a022743747281052fc64048a7f
	import sys , pefile , validators , re , base64
	'''
	Author: Mohamed Ashraf (@X__Junior)

	Usage:
	python3 darkgate.py path_to_sample
	'''

	def is_ascii(s):
	return all(ord(c) < 128 or ord(c) == 0 for c in s)

	def extract_ip_address(content):
	ip_pattern = r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
	ip_addresses = []

	if type(content) is bytes:
	ip_pattern = rb'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

	potential_ips = re.finditer(ip_pattern, content)

	for ip_bytes in potential_ips:
	ip_addresses.append(ip_bytes.group())

	return ip_addresses

	def custom_decryption_2(encoded_string , key_expansion , xor_key , custom_alphabet):
	encoded_string = custom_base64_decode(encoded_string.decode(), custom_alphabet)
	decoded_str = ""

	for i in key_expansion:
	xor_key ^= i

	for char in encoded_string:
	decoded_str += chr( ( ~ (char ^ xor_key ) & 0xff) )

	return decoded_str


	def custom_decryption(encoded_string , key_expansion , xor_key):
	encoded_string = base64.b64decode(encoded_string)
	decoded_str = ""

	for i in key_expansion:
	xor_key ^= i

	for char in encoded_string:
	decoded_str += chr( ( ~ (char ^ xor_key ) & 0xff) )

	return decoded_str


	def custom_base64_decode(encoded_string , custom_alphabet):
	standard_table = str.maketrans(custom_alphabet, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/")

	padding_needed = (4 - len(encoded_string) % 4) % 4
	encoded_string += custom_alphabet[0] * padding_needed

	standard_encoded_string = encoded_string.translate(standard_table)
	decoded_bytes = base64.b64decode(standard_encoded_string)

	return decoded_bytes



	def main(args):
	file_data = open(binary_path,'rb').read()
	pe = pefile.PE(data=file_data)

	all_hardcoded_strings = []
	filterd_hardcoded_strings = []
	custom_alphabets = []
	potential_c2 = []

	for section in pe.sections:
	all_hardcoded_strings.extend(section.get_data().split(b'\x00'))

	for data in all_hardcoded_strings :
	try:
	if data != b'':
	if b'\xff' in data:
	filterd_hardcoded_strings.append(data.replace(b'\xff',b'').decode())
	else:
	filterd_hardcoded_strings.append(data.decode())
	if len(data) == 64 :
	custom_alphabets.append(data.decode())
	# extract domains if exists
	if validators.url(data.decode()):
	potential_c2.append(data)
	except:
	continue

	# Variant 1 , hash : 5b17e978c2ca2cf03e4ffff1e4609f2ec98738b1541fa41ba5b67f061e9e2af2
	for custom_alphabet in custom_alphabets:
	for data in filterd_hardcoded_strings:
	try:
	decoded_string = custom_base64_decode(data, custom_alphabet).decode().replace("\r\n", "")
	if is_ascii(decoded_string) and len(decoded_string) > 4:
	print(decoded_string)
	ip_addresses = extract_ip_address(decoded_string)
	for ip_address in ip_addresses:
	if validators.ip_address.ipv4(ip_address):
	potential_c2.append(ip_address)
	if validators.url(decoded_string):
	potential_c2.append(decoded_string)
	except:
	continue

	# Variant 2 , hash : 7ff58aca7eea812c1b0cde7f99ff8658502e76880375af72daef7b0deb63473c
	for i in range(len(filterd_hardcoded_strings)-3):
	enc_data = filterd_hardcoded_strings[i]
	xor_byte = int.from_bytes(bytes(filterd_hardcoded_strings[i+1],"utf-8"),'little')
	xor_key = filterd_hardcoded_strings[i+2]

	if type(enc_data) is str and type(xor_byte) is int and type(xor_key) is str :
	try:
	decoded_string = custom_decryption(bytes(enc_data,"utf-8") , bytes(xor_key,"utf-8") , xor_byte).replace("\r\n", "")
	if is_ascii(decoded_string) and len(decoded_string) > 4:
	print(decoded_string)

	ip_addresses = extract_ip_address(decoded_string)
	for ip_address in ip_addresses:
	if validators.ip_address.ipv4(ip_address):
	potential_c2.append(ip_address)
	if validators.url(decoded_string):
	potential_c2.append(decoded_string)
	except:
	continue

	# Variant 3 , hash : da05617eded07cec14d283b73336c4582b4e812c99c81da14c06f28d7432e0f9
	for i in range(len(filterd_hardcoded_strings)-2):
	enc_data = filterd_hardcoded_strings[i]
	xor_byte = int.from_bytes(bytes(filterd_hardcoded_strings[i+1],"utf-8"),'little')
	xor_key = filterd_hardcoded_strings[i+2]

	if type(enc_data) is str and type(xor_byte) is int and type(xor_key) is str :
	for custom_alphabet in custom_alphabets:
	try:
	decoded_string = custom_decryption_2(bytes(enc_data,"utf-8") , bytes(xor_key,"utf-8") , xor_byte , custom_alphabet).replace("\r\n", "")
	if is_ascii(decoded_string) and len(decoded_string) > 4:
	print(decoded_string)
	ip_addresses = extract_ip_address(decoded_string)
	for ip_address in ip_addresses:
	if validators.ip_address.ipv4(ip_address):
	potential_c2.append(ip_address)
	if validators.url(decoded_string):
	potential_c2.append(decoded_string)
	except:
	continue
	# Variant 4 , hash : efe4dd6e9ec7f3d60a456a863d47a1624ca5354bd37f8a3a7c7a4dd4f68596f4 , everything is hardcoded
	# extract hardcoded ip addresses if exist
	if potential_c2 == []:
	ip_addresses = extract_ip_address(file_data)
	for ip_address in ip_addresses:
	if validators.ip_address.ipv4(ip_address.decode()):
	potential_c2.append(ip_address.decode())
	print("Potential C2 : " , potential_c2 )

	if __name__ == "__main__":
	binary_path = sys.argv[1]
	main(binary_path)
	0dee02b21cfc3d8055e4ea59c4df9a4d113dbe5676ce4946ec7406749eeb238f
	0fef65c9443c60896499c90bcce4448328ab6cf2387e1d7cf1fb9d8234ff5c5b
	145a0faa4e25006cc3decef0f1541ea5f0e5ab0c8c446cdb921ac7b6c6c87bde
	1a94ea3a5b595fa4758ab0e4a3a70a43631439d79d3e94f5f539b00b64d2a1e6
	34aed6af1425b5315c9aee05a715aa76635ab453d4a1bf5740e7e94717170bc9
	405d00c3e1cb116d81c1b1afe437991057529a56060b8e783041ed8b5d271316
	50275fe91ebc69bbfc65edfaf4739d4345710aab5f7169048c82b7b15807abef
	5b17e978c2ca2cf03e4ffff1e4609f2ec98738b1541fa41ba5b67f061e9e2af2
	76d9cb366de739ffe3a97b065c9bda83a67c9e76542711c3070e1bb30f544f56
	7ff58aca7eea812c1b0cde7f99ff8658502e76880375af72daef7b0deb63473c
	9788d166f10f46c63badb01ce2bdd17792831b9f9eb1e2b0c2c3b6c5c2dfac81
	af6e864a22ae5dff4bf6df20b653576fc517d4414836db88b24a95ac8dffd945
	c2e90c45911b7b6e9d46f4dae5bfefa47e50abddd75cc6d5297cddeee23dd002
	da05617eded07cec14d283b73336c4582b4e812c99c81da14c06f28d7432e0f9
	e7b76e11101e35c46a7199851f82c69e819a3d856f6f68fa3af0636c3efde0ca
	ec7fbfba6a5dad316f773f7d2124a2f6bf83d176b2aecb952ccf870bda0261f7
	1c8d68924d0608af14b6c30633396e17c8b19545d17da37a1a50f3c04a1b583c
	efe4dd6e9ec7f3d60a456a863d47a1624ca5354bd37f8a3a7c7a4dd4f68596f4
	bca1ec82328b8358d00aef8b7643915df307cb7428f37f3e05f41b46514b4b6d
	10959b7b9a9d905c9cffdcddfc7567cefdd66bbe44ca7b5e302b57d2fa1b82ac
	e9f4140f1bbb0f488d8bd0f56aaa5459f443e19291e292ce41b77a2fb6b29a41
	e54659e528204c0d64e45145e191e314c7c0ca582ee8d8282d58b22d54df7166
	b9042d66266323620696e109a4e9a47ca13d163e68b1950be0d5d505cd17345d
	df29018228021a8f4a580d56f0a85e973c0c112c5c0d879f21dfb632e8ef3c92
	872e21a97a8c81d5fbf63614c1f3051838332f1f6cea2567e1972205dd78ba58
	894d81000f8a74a32f41b6ad4c0269621b6843a3c03a0676cea8149826dcb4ec
	b2dedaae40964849a76c92717777a4d1eaf3b30b53211233c2a76cea18f9c35c
	4294311459a11cc5097211ae337c59e2f80e97876ebfac1214328bdd901ed3f3
	763b6e58549b4578d184755c44a44da402cc8e8a1d02978cda8e16436905d219
	4c84b3f2be74644fa8157b93471586fdaaaeab18a3b2732663e08ce7c12e20c6
	32424d0b69e46c296c7de1c621dc27502efead7df4ffd6c4dfa7b6fd2b41e44c
	74e12511c3565890c92a84015289d58c6d8b2ecab474019733020f62bc553e33
	bcf0d0d73e10ad0db761d5a2af73d3bc9c5a156c320bbffcc39dfe0da8e15e49
	bfc1eec00dbecede6f7650f7d21ba80cd3b8f2a1033f45a6bfb958b009da4789
	2824b4f5365025f5b0cb2bc956c2a46336fde086e0d56625d50375b6374251c8
	569ea1b88fafc82bdc068ade08ed0c10927236ecb033243f22c1e6ed691a5d5f
	211bea2fa32c4e2597a59c004504ec1de04239d3ca2218104bb264f59f594e70
	2fc38205e5911185623011d5ffdbd22c64476cab93c82efe255fd280b14f2158
	e2e1b0e131e8a5ad07f70e51f350fc454cae5e06b97c64692387d6c6d7870bd7
	07e7ce324773077d571c026405790fe61209008017e71313a3713e9d9095fc4d
	8d85178b309627b1272ca2d86f8d223bcef1ffa49a8eea4f846a665ad85c4c3a
	a166259cd00e95f75546d18eeb0374ac4909b4b2a4b1c6016b162ad1a75f913e
	6a53099c5fc8c311986906cb958e7dd570fe2a5cfb7dca760f70c12afc65d87f
	5b7b26262996e9665a0b8e6d131142af68df198ede9d8af7596bbeafa88ff92b
	7b008437a75d083e11a38182844cc935013e6d9200475ab3c51c0ebeb895b7df
	c879c020fa358ddf542b5b40a8ea99402ae77261cdd98100bb33126c8f863639
	9b9271cf8b5e7eff72121e8579e3e2893328e50328da3a37b3f1ed8dfc420a32
	10bfaeb0c00425c4749140d5c7d9f3d88537cf2f621ba7af5322b15cf205b896
	a3543c799f26394daa327aec1125f7546318328f1636d8ee161e9eeb9ee1ce56
	d9ba9e8fe59db9c5d2a8cec36e8cf26d585df956f51743256939c2e2c334cc68
	d128d7fdf4e9b0d1c82cfb5916ff7f5501b2671223e6190d40291d5f58c732d3
	a4cf227b5b7e6871c15bcfd1f4f98eacfa31f52d10350bf03a7fb66323533081
	dfab35a328099a51831d122b08222df01ed3dd306d9e9e1ffed94d1da8998188
	0f878c87c43b340f4d0f88e8ffde3a848a3100969f8883badd53862f1b675b43
	10994986bb504db847fa5dbad6dcbf03e256762eb53238dba7dbdd32f93ee809
	0e5f17f2697aea5447d90d79a827a72610238355bb29f0d7b27012d4e8a3c3be
	d9b835b7a41878ffa77ed6127624424b6aff8fc491f112a53ef59127ae7ee2a6
	41e952522f8350f643c4a5ef029dea29654bcb8a35ce7c45cdc6a397d1d26782
	ee2baeab2434c051166dd127bf57c17dfaf0e7438500bfae12f174ff1b59acef
	1c37428a3e185e0366d7206f898ace4f106fe592f85acfcd137a3b2f215bbf57
	bae076b9a01b4b5325ccad5439437c2b829815a022743747281052fc64048a7f