top of page

CTI Threat Summary 08 - 14 November 2024 TLP: CLEAR







This report was processed and collated by the Elemendar CTI team and includes Mitre ATT&CK TTPS and IOCs collated from using one of our products; READ., an AI-driven Cybersecurity tool.


For further information or a demonstration of our products please visit our website: elemendar.ai If you want to get your PDF version please email us cti@elemendar.com



Contents









Executive Summary


VEEAM exploit seen used again with a new ransomware: “Frag”

Threat actors are exploiting Veeam Backup & Replication vulnerability CVE-2024-40711, enabling remote code execution to deploy the Frag ransomware. Using LOLBins and compromised VPN credentials.


Frag ransomware exploits backup software vulnerabilities, targeting Veeam systems. Despite recent patches, delayed updates likely enabled compromises, and attacks on unpatched systems are expected to continue.


New Phishing Campaign Delivers Advanced Remcos RAT Variant

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits


 


VEEAM exploit seen used again with a new ransomware: “Frag”




A critical vulnerability, CVE-2024-40711, in Veeam Backup & Replication (VBR) software has been exploited by threat actors to deploy a new ransomware strain named Frag. This vulnerability, discovered by researchers at cybersecurity company Code White, allows unauthenticated remote code execution (RCE) on Veeam VBR servers. With a CVSS score of 9.8, the flaw is highly severe, as it enables threat actors to gain control of systems running Veeam’s widely used backup solution.

Elemendar CTI Analyst comment: Veeam reports that over 550,000 customers globally use its products, including approximately 74% of companies in the Global 2000. The exploitation of CVE-2024-40711 was first observed in attacks linked to previously documented ransomware strains, Akira and Fog, but recent cases have involved Frag ransomware. Sophos X-Ops observed that the threat actors exploited CVE-2024-40711 within weeks of the vulnerability’s disclosure. These attacks are part of a threat cluster identified as STAC 5881 by researchers at Cybersecurity company Sophos, who have tracked this group’s activity and identified overlapping tactics, techniques, and procedures (TTPs) between Frag, Akira, and Fog operators. In each case, attackers first gain access through compromised VPN credentials (often lacking multi-factor authentication) and use the Veeam vulnerability to create rogue administrator accounts named "point" and "point2.". Comment Ends.

To exploit the flaw, threat actors use the vulnerable Veeam URI endpoint on port 8000 to execute remote commands. Through this endpoint, attackers can initiate the net.exe command to create new administrator accounts and expand their control over the network. Once inside, they execute the Frag ransomware payload via command line, specifying file encryption parameters and appending a “.frag” extension to encrypted files.



Frag ransomware is executed with a customisable encryption percentage, allowing attackers to adjust the impact of encryption on the targeted files and directories. This ransomware variant uses Living Off the Land Binaries (LOLBins), leveraging trusted software already present on compromised systems, which makes it challenging for traditional endpoint security systems to detect. Similar to Akira and Fog, Frag uses LOLBins to blend into normal network activities and evade detection.


Researchers at Agger Labs noted that Frag’s stealthy behaviour closely mirrors that of Akira and Fog, suggesting that it may be developed by the same group or a closely related entity. By using LOLBins, Frag operates covertly within a target’s environment, making it particularly effective at bypassing security controls that rely on identifying new, unfamiliar binaries.



Fig.1: Frag ransom note (Source: Sophos).


Elemendar Intelligence Assessment: The rapid deployment of Frag highlights an ongoing trend of ransomware operators exploiting backup software vulnerabilities to hinder data recovery efforts.


Given Veeam's widespread adoption, especially among large enterprises, backup systems have become prime targets, this trend is highly likely to continue. Though Veeam released a security update in early September 2024, the patching delay among users is highly likely to have given threat actors the opportunity to compromise unpatched systems.


Little is known of the threat actors behind STAC 5881, it is highly likely that further details will be released as further attacks are observed within Veeam users systems. The impact of these attacks is yet to be fully understood, however given the potential number of verticals that use Veeam, it is likely to be significant. Assessment Ends.


 

New Phishing Campaign Delivers Advanced Remcos RAT Variant



Fortinet’s FortiGuard Labs recently identified a sophisticated phishing campaign spreading a new variant of the Remcos Remote Access Trojan (RAT). This campaign begins with a phishing email containing a malicious Excel document disguised as an order confirmation. When opened, the document exploits a known vulnerability in Microsoft Office, CVE-2017-0199, allowing the installation of Remcos onto the target system.



Elemendar CTI Analyst comment: Remcos is a commercial remote administration tool intended for legitimate use but often abused by threat actors. Once installed, it enables threat actors to control the victim’s device, steal sensitive data, and execute further malicious actions. Comment Ends.

The phishing email entices recipients to open the attached Excel file, which activates the CVE-2017-0199 vulnerability. This vulnerability enables the download and execution of an HTML Application (HTA) file, which then launches the infection chain. The HTA file leverages multiple scripting languages, including JavaScript, VBScript, and PowerShell, in layers to bypass security checks. It also downloads additional malicious components that run directly in memory, making detection by conventional security solutions challenging.


Fig.2: Workflow of the entire phishing campaign (source: Fortinet)

The Remcos variant deployed in this campaign employs extensive anti-analysis techniques. Obfuscated scripts and dynamically retrieved APIs make it hard to analyse and detect. The malware also performs in-memory, fileless execution, injecting itself into a process named “Vaccinerende.exe.” This process enables it to download and decrypt additional components directly into memory, maintaining a low footprint.


To ensure persistence, Remcos modifies the system registry to remain active even after a reboot. The malware’s stealth is further enhanced by dynamically hiding its processes, calling undocumented APIs, and detecting debugging tools. These techniques allow Remcos to evade detection and stay hidden within the target system’s PowerShell environment.


Elemendar Intelligence Assessment: This campaign highlights the serious risks posed by commercial remote access tooling when abused by threat actors.


The anti-analysis techniques demonstrated and availability of Remcos, make it attractive to diverse threat actors, from APT groups to cybercriminals, who can leverage its widespread distribution potential for gaining initial access.


The phishing capabilities of the Remcos campaign highlight the increasing sophistication of modern phishing attacks. By using social engineering, multi-stage infection chains, and advanced obfuscation, the campaign is designed to bypass security defences effectively. The campaign’s reliance on a well-known vulnerability and fileless execution further enhances its stealth, and is highly likely to pose a persistent threat to all verticals. Assessment Ends.


 

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits



Since July 2024, Cybersecurity company Check Point, has been monitoring an extensive phishing campaign, dubbed CopyR(ight)hadamantys, which deploys the Rhadamanthys info stealer.


Elemendar CTI Analyst comment: This campaign leverages a copyright infringement theme to lure victims into downloading malicious files, with emails impersonating companies across multiple verticals such as media, entertainment, and technology. The campaign has a broad geographic reach, targeting regions including the US, Europe, Southeast Asia, and South America. Comment Ends.

Each phishing email appears to be from a legal representative of a company, falsely claiming that the recipient has posted copyright-infringing content on social media. The email encourages the recipient to remove specific images or videos, directing them to a password-protected file containing supposed removal instructions. However, the file link redirects users to Dropbox or Discord, where they can download a malicious archive containing the Rhadamanthys stealer. This archive typically includes a decoy document, a legitimate executable, and a malicious DLL. The executable uses DLL sideloading to execute the malware, which then gains persistence through a registry key.


Notably, each email originates from a unique Gmail account and is personalised to appear credible to specific targets. Around 70% of the impersonated companies are from the entertainment, media, and technology sectors, likely because these industries frequently deal with copyright issues, making the phishing tactic more believable. The widespread use of automated tools, possibly AI-powered, enables the attackers to generate and distribute emails efficiently. However, occasional errors, such as sending emails in the wrong language, hint at automation limitations.


Fig.3: Copyright campaign infection chain. (source: Check Point)

Rhadamanthys is a well-known and sophisticated info stealer, highly valued in the cybercriminal marketplace. The latest version (0.7) includes enhancements such as an optical character recognition (OCR) module for reading text from static documents like PDFs and images. While the OCR claims to use AI, Check Point found that it employs classic machine learning, typical of older OCR technology. This module includes a dictionary of 2,048 words associated with Bitcoin wallet protection phrases.


Elemendar CTI Analyst comment: In 2024, Check Point tracked threat actors using the Rhadamanthys stealer, including Void Manticore, an Iranian state-linked threat actor active in Israel and Albania. In one campaign associated with Handala, a persona linked to Void Manticore, the Rhadamanthys stealer was distributed under the pretence of an F5 update. This marked their initial use of the stealer, which they subsequently deployed in further campaigns, impersonating both Israeli and international companies. Comment Ends.

Elemendar Intelligence Assessment: CopyR(ight)hadamantys represents a well planned and calculated phishing campaign that relies on psychological triggers to ensure the victim is deceived into downloading the malware.


Though previously associated with nation-state actors, the current Rhadamanthys campaign likely originates from financially motivated cybercriminals. Unlike targeted espionage efforts, this campaign indiscriminately targets diverse organisations, lacking focus on strategic assets. Threat actors are likely to have used automated tools, possibly AI-powered, to generate unique Gmail accounts for each phishing attempt, suggesting a broad, scalable approach aimed at maximising financial gain.


Rhadamanthys is a sophisticated malware, featuring an OCR module that reads static text, potentially to target cryptocurrency wallet data. Additionally, the malware employs advanced evasion techniques, such as generating larger versions of malicious files to evade antivirus detection. The use of spear-phishing tactics, automation, DLL sideloading, and advanced evasion techniques make it a continued threat to the enterprises currently affected and it is likely that variants in the phishing tactics will be seen, presenting further threats to all verticals. Assessment Ends.

 


Annex A: References



VEEAM exploit seen used again with a new ransomware: “Frag”















New Phishing Campaign Delivers Advanced Remcos RAT Variant






CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits





 


Annex B: STIX Entities


VEEAM exploit seen used again with a new ransomware: “Frag”


Mitre ATT&CK TTPs


ChatGPT-4o Can be used for Autonomous Voice Based Scam


Mitre ATT&CK TTPs


ID

Name

Tactic

Description

T1203

Exploitation for Client Execution

Execution

Exploiting vulnerabilities to execute malicious code on a client machine.

T1211

Exploitation for Defence Evasion

Defence Evasion

Using vulnerabilities to bypass security controls and avoid detection.

T1584.008

Network Devices

Resource Development

Targeting network devices to gain access or persist on a network.


T1587.001

Malware

Resource Development

Developing or acquiring malware to use in operations.

T1562.011

Spoof Security Alerting

Impair Defences

Falsifying security alerts to mislead defenders.

T1588.006

Vulnerabilities

Resource Development

Gathering information on vulnerabilities to exploit.






New Phishing Campaign Delivers Advanced Remcos RAT Variant



Mitre ATT&CK TTPs


ID

Name

Tactic 

Description

T1027.010

Command Obfuscation

Defence Evasion

Obfuscating command execution to make analysis and detection more difficult.

T1048.001

Exfiltration Over Symmetric Encrypted Non-C2 Protocol

Exfiltration

Exfiltrating data using encrypted, non-C2 communication channels to evade detection.

T1055.012

Process Hollowing

Defence Evasion

Injecting malicious code into another process to disguise its execution.

T1059.001

PowerShell

Execution

Using PowerShell scripts for command execution and automation.

T1132

Data Encoding

Defence Evasion

Encoding data to evade detection or hinder analysis.

T1547.001

Registry Run Keys / Startup Folder

Persistence

Adding malicious programs to startup locations for persistence after reboots.


IOC’s



Type

Value

URL

hxxps://og1[.]in/2Rxzb3

URL

hxxp://192[.]3[.]220[.]22/xampp/en/cookienetbookinetcahce.hta

URL

hxxp://192[.]3[.]220[.]22/hFXELFSwRHRwqbE214.bin

URL

hxxp://192[.]3[.]220[.]22/430/dllhost.exe

C2 Server

107[.]173[.]4[.]16:2404

SHA-256 [PO-9987689987.xls]

4A670E3D4B8481CED88C74458FEC448A0FE40064AB2B1B00A289AB504015E944

SHA-256 [cookienetbookinetcahce.hta]

F99757C98007DA241258AE12EC0FD5083F0475A993CA6309811263AAD17D4661

SHA-256 [dllhost.exe / Vaccinerende.exe]

9124D7696D2B94E7959933C3F7A8F68E61A5CE29CD5934A4D0379C2193B126BE

SHA-256 [Aerognosy.Res]

D4D98FDBE306D61986BED62340744554E0A288C5A804ED5C924F66885CBF3514

SHA-256 [Valvulate.Cru]

F9B744D0223EFE3C01C94D526881A95523C2F5E457F03774DD1D661944E60852

SHA-256 [Remcos / Decrypted hFXELFSwRHRwqbE214.bin]

24A4EBF1DE71F332F38DE69BAF2DA3019A87D45129411AD4F7D3EA48F506119D


CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits


Mitre ATT&CK TTPs



ID

Name

Tactic 

Description

T1027.001

Binary Padding

Defence Evasion

Adding padding to binaries to change their hash, evading hash-based detection mechanisms.

T1027.003

Steganography

Defence Evasion

Defence Evasion

T1055

Process Injection

Defence Evasion

Injecting code into legitimate processes to hide malicious activity and evade detection.

T1055.001

Dynamic-link Library Injection

Defence Evasion

Injecting malicious DLLs into legitimate processes to execute code stealthily.

T1218.002

Control Panel

Defence Evasion

Using the Windows Control Panel to execute code or scripts to evade security measures.

T1547.001

Registry Run Keys / Startup Folder

Persistence

Adding malicious programs to startup locations for persistence after system reboot.

T1574.002

DLL Side-Loading

Defence Evasion

Loading malicious DLLs by hijacking legitimate applications to execute code.

T1586.002

Email Accounts

Resource Development

Creating or compromising email accounts for use in operations, often to impersonate others.

T1598

Phishing for Information

Collection

Using phishing techniques to collect information from the target, such as credentials.

T1656

Impersonation

Initial Access

Masquerading as a trusted entity to gain access to target systems or information.


IOCs


C2 Server

198[.]135[.]48[.]191

C2 Server

139[.]99[.]17[.]158

C2 Server

103[.]68[.]109[.]208

C2 Server

95[.]169[.]204[.]214

C2 Server

15[.]235[.]138[.]155

C2 Server

15[.]235[.]176[.]166

SHA-256 hash

d285677cba6acf848aa4869df74af959f60ef1bc1271b4032000fcdd44f407f2

SHA-256 hash

2be6ad454fa9e87f78dea80d2855f1c14df81a881093a1a0d57f348377f477a8

SHA-256 hash

9ef9c88cef51ee0fb77ea9a78dbe60651603ef807ddb6c44d5bda95cc9026527

SHA-256 hash

e8aa9a061c6ea803faaf4c8d7a80c6886b4ee73d9a89a9dc6e87e3fecf7a6851

SHA-256 hash

b1ac4ad92045e935c132214015188d27ec4382f930d0152dfb303695b708b38d

SHA-256 hash

00086cf4f35b6fb7f897cfa2f0d5ad9876aa9819cdc87416c798005ce901d3a1

SHA-256 hash

05e02f0f9b8625fe3959ae1219f31b0167d787fefc0a9d152edf6524d6859590

SHA-256 hash

0a3dfe260dd7b038ddb8911689c899541391c188aff966261e7bd9d0280d153d

SHA-256 hash

0b9bd95d815af9ea4a59840ef6fcdc7ccfd0e239c40974334cb4cfb41df530db

SHA-256 hash

0de8d2d3217cebd37a2fe488713d1c288ae5a63d3d3b2a3495e2e636ba6a1f89

SHA-256 hash

10eafd75429ffadee2384acd37b0d4e7ca26b83666e6786f2acaf1b1c29c3f17

SHA-256 hash

12b7390835f30c1bcdeddd258e49684c98133cee4a6a2ccab869785567deae4f

SHA-256 hash

2a276ca5b2e095cdac7b24e58b3f7a67cee7db2fb5c1568e4775909265c7e914

SHA-256 hash

2aa58fa8d71bd2b4fd1ffac16a6461191bbf6f4b2c97455ae52800cce929a0f2

SHA-256 hash

2e0c99758432a3759b5af6f190ec5cb72a5a84c977d8883dcf041c4de003f3d3

SHA-256 hash

324dfc7bb75f27e6fba8d67dea67a63525efbe947bf8e29ef39980c6efc1c3f6

SHA-256 hash

3448005600ccb0ae52443a4c227a657de9cd767b389e9a1ed75ef074709981bd

SHA-256 hash

3de252c9023bc8920d77570acdfe21813532727af3f91d59af35fa8abcd3700f

SHA-256 hash

3ecf2838b2e07e6d329d45cde7d0162ba47fea4b94bacb24838358314daed756

SHA-256 hash

415ee9b12002f17ca4f36bef794fdb19884e22980e21bf8a15043258624c439b

SHA-256 hash

416f3fa48b75ab168e3373dae77cab7f4702de5158835d23a02629e8c1d20156

SHA-256 hash

41a3edb3a8e8d5cf093cbd02791911f6ee26df39a377fceb6b101d66a7b7aff2

SHA-256 hash

4b33219c5cadb4d741044874f6f0184d45f43891d28ad5b489716d4da21310fd

SHA-256 hash

4bbe0f6b5488a51295b15d8144d0a1c9b41bb86384299b88ea48e88c76704f52

SHA-256 hash

4cbcfa2a8d56976eff1e8ac0ef4d7703d0b802f227975a0cc36f3dcd3a90e73e

SHA-256 hash

5cec33e8f47855da3c4ce1f3953d750275864714b16e08a94605bc3889867caf

SHA-256 hash

6044e08402d1abd52991f5c6a4749ba6aa29a0587ff196edf60b38862392e855

SHA-256 hash

623bb3f1f476c37afc309d6c0ab89e216aaedc03b8a7ec1aaec5fb5085d78a97

SHA-256 hash

741dfdae8948f3e430a5b7b66c8fb4b8a750695b67a84a12abc0b6089e8fba31

SHA-256 hash

7990765022c4400a45f996046971b9e6b69cca5b06f8d2adb61bc267fd362197

SHA-256 hash

7d7a3e254b7968400a301d83fcd44a69f655386b9b95998a36113cfb2e542720

SHA-256 hash

7dc07b8aa268485e40ab78bfbb03a367d80ebd7b2c6c74961dc6842cae7086e1

SHA-256 hash

7e270a80cd0f04f245309e8c75cfc2cb46dc075ba01a00b30f66cb8b5deaaf3f

SHA-256 hash

865a4f2583679f7a40357b61301d75567cf516a5b8295dc8155e6d4aa2ce244a

SHA-256 hash

878917b6a8d241031fc330eff771f416a9fffaecab42c39d57e58ac2d8f38f11

SHA-256 hash

970e199e40511e90d6dd5d6f3c9f3701215fd881b1273fe2617bd44444b0bee9

SHA-256 hash

9a249dfdc2c16700bc5add2455f2ed00e47a2610b7779cc33e40aac576a2a74d

SHA-256 hash

9abf9fb94e2529d8819a3873f2025bdd90d14e75fe4af81e489f6d0560809f9c

SHA-256 hash

9d10835f7717c89d17886b7e59cc2dfc9133bfaa044bad5f070e1c8e1212e257

SHA-256 hash

a03d2956ff8d0ae4d96c9e6cced79b335b70eef10feb0f7202609cb8652179f6

SHA-256 hash

a064bbc4b58642ab4d7118abc55fb81db6584cbc633800ad14048e8370a95ef2

SHA-256 hash

a15d0aedc8b4e54a170b6ecc3d9a06835cc499f07b05c6ca261081ace505debf

SHA-256 hash

a72083974e886856b7d985bdc79888234c8cd9012ed39b2566851fb0d86cca50

SHA-256 hash

a8729621ca4310e8e1a7ad3e1426708f1e1954a16af420cd3ce46c501e9692ab

SHA-256 hash

a9896a8f96407a5eedda08a63dd40967f0fe0b3926e7002b6e1abc11f6ab81cc

SHA-256 hash

aa04c9307a9087455d21dfac02d7f322ab337cd5978f9161285a9c79379efecc

SHA-256 hash

b36205464ead176a473ab43ea7b5e0c2b8749b3eb9549d65609be2337dce25db

SHA-256 hash

b529c6df6164ff8badf30f942220a3126f99e3fc2c2ea1494aa3e305b3b53c1f

SHA-256 hash

b9c4c8343ba75081954b2db54940585c6c0c9bb47e053ac1b9229b4fa8fc9293

SHA-256 hash

be9c3feed5f6e81ccd375902c8c92616f77694b6cd14f69896d44dd4b1ea4990

SHA-256 hash

c5bb808a88f9e729484c05a1bc3097157bbfbd28469e502f2ebc4c6e6135df42

SHA-256 hash

c622c0f67eb5d9a90008e5e120065cd5a1a6e25c6e758e8205d377596059b8fe

SHA-256 hash

ccb539bf17d479d9707ee717d0afb03cd57e9b6f023becf1abf9cdbd88e1b06c

SHA-256 hash

cd3040c88a6fd71ed1ce8c2a5d0b13ed8e25e49835932a39891c514ef946dd29

SHA-256 hash

ce2f00f1d0e71287e746d5a3507547f355297a3e45a7c2cc0322015916a0137c

SHA-256 hash

d00d3adf81bf95ff4994dcbd2ae1305a6ee6b0edfad6eb55b87217f85645651a

SHA-256 hash

d0e3f547e3efcc9d9794774a765b9c3950955e7ad752f3e630ebd5ab9425bcdc

SHA-256 hash

d452461f3527d674de3e9b680026ceb2b02c56d6d3f7c94da3aab65c05f52c03

SHA-256 hash

d57f45096e646837dec51129222fcbe79981c595721164009aec68be09bf5dcf

SHA-256 hash

dbb4f7e6354621c316fbba7e7a15f59cf229684e16ab6d21027f310beecaf49b

SHA-256 hash

dbdeede6f39936305c4c5bd8e4f7bfccb0b823c025130e7f8fa285e80383be0f

SHA-256 hash

dc3d72f72247141efeba3c2ffd498025f68e0c4b34c9a4dc2686ffec09b6d401

SHA-256 hash

de933f7b47707f4bf8d5a4aaef8b31f5059d3b8f465bcaae3e22438466e8390b

SHA-256 hash

e6315b24e0311758da1c25daa5f2724da4f534ed7ed644cbf43f3cc64c4676a7

SHA-256 hash

e9a18755312011e30081e7ce0fcc1db3e3aec3b9f3ed3a776dd38498830a2738

SHA-256 hash

eb4e39d44ad016b8d6d1dc8dc25a9ea3d3e18df87516922fdbd995de15b68f54

SHA-256 hash

ebd167ca477af620065548a9e55567682b0750625b3e078fc4498dd5adeabdc6

SHA-256 hash

f2536e520d37512d868a418797974a5c11e67742824a5477100b7e3f5b2efbc3

SHA-256 hash

f4fcba1c9d7f4ae8e3868f901035ea1e0e9e1122a362a83afd3d111c17a97d7a

SHA-256 hash

f7eef906c7dc1ce2ffe586d4b7f316a5f5c6761b5cdbf22d892fbc87a5ee2f6f

SHA-256 hash

fe55c1d263e0ea356d86afd8b2b1cedff570568e45b8a3810e05ea482b8a9329

SHA-256 hash

fefba5ce20c71a71cfe35dd8ff06c514bf6ffde60356babf4f4bba66dd904b78

SHA-256 hash

cf9d93951e558ed22815b34446cfa2bd2cf3d1582d8bd97912612f4d4128a64e

SHA-256 hash

48aaa2dec95537cdf9fc471dbcbb4ff726be4a0647dbdf6300fa61858c2b0099

SHA-256 hash

00fc4b8a4c65c06766608f3ef3f92385c8e147f5991dabe290e33dd14b39ad44

SHA-256 hash

0ad65fd0897a6547f6febf398708ab2d423a8f8834b53136219cb490ec3ebd13

SHA-256 hash

11ba24d023b544e28c37b6cb8afe27d06638175d7f56c2e4d4ff97bf7bd813b6

SHA-256 hash

1a2399ecc38f3288206c75b55762d125d3d75254062a2c0d85c86e7f896736ac

SHA-256 hash

258ffcc13dbe110bcce21b91f7f075995719791fdd3c9f55ea5934984fa4373d

SHA-256 hash

2cbc1e8a4cb5d18a867666adbd3417bc88d48a74ae6500593959aec1a1c92d2d

SHA-256 hash

342a5c7df2bdd040570f4b83c74366d4c96a90d6418149d432cb5e8577f2f6b1

SHA-256 hash

3648e89e7449ea433a8b3ef0e5b605b5dc4157048c03b20dedc5e3b920fa8552

SHA-256 hash

5418e42706bca4712ff2a3db67853eb42a2310660c51cff2f9020586cffedeb3

SHA-256 hash

69573694d16b7ccadfa208ff976bfe1b3e36837aba3e5dc4dfc80e66341ef61e

SHA-256 hash

6de4f65b1d738d84f8e825613092bbd360194195fe8a1c986e12a9bb704217c1

SHA-256 hash

751f149665f87dd20cc8dff743f28e5da1ff2a5f04874d4b8569b9afceeedfec

SHA-256 hash

78200cd816acbd39b6664c6582e06500f6d46085b62b49d2f914bea5a004197a

SHA-256 hash

783c7f4bf23072343f6247ee14e54e4af0b147553ad1ef42b4e7fb44386d667c

SHA-256 hash

7f99e506c17676b98dcc08e6a19f100ef933cde3e0423c6d4072f6802a9196bb

SHA-256 hash

8d0b1174cbda6b102bb98c91ba123e9f404b9fad23b49a4e29f3cfd8d20a577a

SHA-256 hash

90c7688e0dc23ba4530bac1d567bad920c4ef1c06cbf4b2d867eeb363271eefe

SHA-256 hash

9102e564c3262b2c291e8ca3d67f8a55c06650aa86f617c919916f6053c03c9b

SHA-256 hash

9327aa03760431b6d86eeb2f1a3efc36aa443b842b5116fbbe0f2a7794c4e70e

SHA-256 hash

97286b6f3a6535ff1172ef65172e6967e3670c6b14a3313c3bf0d6c171b1fc85

SHA-256 hash

98e28d3423f5d414effe3c0ed6fd0f1c8154942e5e127ecee5f051e1196ffc75

SHA-256 hash

99c0bebdc8cb7b0948000a601f510fc70487f9da532be199b8641512a2db9839

SHA-256 hash

9bdf49b27fd4d80ef087f63e0bfa0a0822686814863eca09ac506404ad76dfda

SHA-256 hash

b2588061ba5ee9948bbccd320b40c6d7b8d6a693d181f3bce61e5e267f53aa7e

SHA-256 hash

b936853a0c50a0cd0bc8b33103b55bd88e19c6c28768d990b954c11d714286ca

SHA-256 hash

f2429f4bd09897653d0ffa41206a14cafa55356d5edc04dc0915c116867f8c27






 

Probability Language


This document uses probability language based on assessment. Further information can be found in the image below: 



Feedback


We welcome your feedback, this ensures we meet your needs.

Please contact our CTI Director at : CTI@elemendar.ai

Acknowledgements

Authored by Paul Montgomery, CTI Director Elemendar




Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page