File name: | EasyXploits_API_06318.exe |
Full analysis: | https://app.any.run/tasks/a5033ffb-81eb-400f-9693-27a253c710b8 |
Verdict: | Malicious activity |
Analysis date: | January 24, 2022, 20:04:05 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-dosexec |
File info: | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5: | A15D8D3F50D25693F25FF8952C96EEC1 |
SHA1: | B0D3C337F168A846EB17E0F44FB275F9941FD07C |
SHA256: | 9F63A5E0E356E5F18940C01FDC5FA76CF0046A162E65B36B0D563CFE08035D40 |
SSDEEP: | 196608:qQGQ4YVKf6i1GgJwrqNtr7G5RCrUL0n2mw:HN4co6RgJwrqN05GW0nP |
.exe | | | Win64 Executable (generic) (76.4) |
---|---|---|
.exe | | | Win32 Executable (generic) (12.4) |
.exe | | | Generic Win/DOS Executable (5.5) |
.exe | | | DOS Executable Generic (5.5) |
Subsystem: | Windows GUI |
---|---|
SubsystemVersion: | 6 |
ImageVersion: | - |
OSVersion: | 6 |
EntryPoint: | 0x37d2dd |
UninitializedDataSize: | - |
InitializedDataSize: | 4481024 |
CodeSize: | 4227584 |
LinkerVersion: | 14.22 |
PEType: | PE32 |
TimeStamp: | 2021:10:20 22:18:25+02:00 |
MachineType: | Intel 386 or later, and compatibles |
Architecture: | IMAGE_FILE_MACHINE_I386 |
---|---|
Subsystem: | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Compilation Date: | 20-Oct-2021 20:18:25 |
Detected languages: |
|
Magic number: | MZ |
---|---|
Bytes on last page of file: | 0x0090 |
Pages in file: | 0x0003 |
Relocations: | 0x0000 |
Size of header: | 0x0004 |
Min extra paragraphs: | 0x0000 |
Max extra paragraphs: | 0xFFFF |
Initial SS value: | 0x0000 |
Initial SP value: | 0x00B8 |
Checksum: | 0x0000 |
Initial IP value: | 0x0000 |
Initial CS value: | 0x0000 |
Overlay number: | 0x0000 |
OEM identifier: | 0x0000 |
OEM information: | 0x0000 |
Address of NE header: | 0x00000120 |
Signature: | PE |
---|---|
Machine: | IMAGE_FILE_MACHINE_I386 |
Number of sections: | 5 |
Time date stamp: | 20-Oct-2021 20:18:25 |
Pointer to Symbol Table: | 0x00000000 |
Number of symbols: | 0 |
Size of Optional Header: | 0x00E0 |
Characteristics: |
|
Name | Virtual Address | Virtual Size | Raw Size | Charateristics | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0040803B | 0x00408200 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ | 6.63785 |
.rdata | 0x0040A000 | 0x00101A1A | 0x00101C00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 5.59804 |
.data | 0x0050C000 | 0x0002A60C | 0x00023E00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 4.80416 |
.rsrc | 0x00537000 | 0x002CF1F8 | 0x002CF200 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 7.93575 |
.reloc | 0x00807000 | 0x0004A980 | 0x0004AA00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ | 6.59482 |
Title | Entropy | Size | Codepage | Language | Type |
---|---|---|---|---|---|
1 | 5.04264 | 562 | UNKNOWN | English - United States | RT_MANIFEST |
2 | 2.73071 | 67624 | UNKNOWN | Dutch - Netherlands | RT_ICON |
3 | 2.77417 | 16936 | UNKNOWN | Dutch - Netherlands | RT_ICON |
4 | 3.65334 | 9640 | UNKNOWN | Dutch - Netherlands | RT_ICON |
5 | 2.82974 | 4264 | UNKNOWN | Dutch - Netherlands | RT_ICON |
6 | 4.49114 | 1128 | UNKNOWN | Dutch - Netherlands | RT_ICON |
101 | 7.98334 | 2842672 | UNKNOWN | Dutch - Netherlands | RT_RCDATA |
103 | 2.75463 | 90 | UNKNOWN | Dutch - Netherlands | RT_GROUP_ICON |
ADVAPI32.dll |
COMCTL32.dll |
COMDLG32.dll |
GDI32.dll |
IMM32.dll |
KERNEL32.dll |
OLEACC.dll |
OLEAUT32.dll |
SHELL32.dll |
USER32.dll |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3704 | "C:\Users\admin\AppData\Local\Temp\EasyXploits_API_06318.exe" | C:\Users\admin\AppData\Local\Temp\EasyXploits_API_06318.exe | — | Explorer.EXE |
User: admin Integrity Level: MEDIUM Exit code: 3221226540 | ||||
328 | "C:\Users\admin\AppData\Local\Temp\EasyXploits_API_06318.exe" | C:\Users\admin\AppData\Local\Temp\EasyXploits_API_06318.exe | Explorer.EXE | |
User: admin Integrity Level: HIGH | ||||
2636 | C:\Users\admin\AppData\Local\setup06318.exe hhwnd=196902 hreturntoinstaller hextras=id:-- <html><head> <meta http-equiv="content-type" content="text/html;charset=utf-8"> <title>403 Forbidden</title> </head> <body text=#000000 bgcolor=#ffffff> <h1>Error: Forbidden</h1> <h2>Your client does not have permission to get URL <code>/callback/info.php</code> from this server.</h2> <h2></h2> </body></html> | C:\Users\admin\AppData\Local\setup06318.exe | EasyXploits_API_06318.exe | |
User: admin Company: DT001 Integrity Level: HIGH Description: Software Installation Version: 1.0.0.0 | ||||
1204 | .\GenericSetup.exe hhwnd=196902 hreturntoinstaller hextras=id:-- <html><head> <meta http-equiv="content-type" content="text/html;charset=utf-8"> <title>403 Forbidden</title> </head> <body text=#000000 bgcolor=#ffffff> <h1>Error: Forbidden</h1> <h2>Your client does not have permission to get URL <code>/callback/info.php</code> from this server.</h2> <h2></h2> </body></html> | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\GenericSetup.exe | setup06318.exe | |
User: admin Integrity Level: HIGH Description: Software Installation Version: 2.0.2.5023 | ||||
1968 | C:\Users\admin\AppData\Local\setup06318.exe hready | C:\Users\admin\AppData\Local\setup06318.exe | EasyXploits_API_06318.exe | |
User: admin Company: DT001 Integrity Level: HIGH Description: Software Installation Exit code: 0 Version: 1.0.0.0 | ||||
2312 | .\GenericSetup.exe hready | C:\Users\admin\AppData\Local\Temp\7zS0B7F3DC1\GenericSetup.exe | — | setup06318.exe |
User: admin Integrity Level: HIGH Description: Software Installation Exit code: 1 Version: 2.0.2.5023 | ||||
2008 | "C:\Windows\system32\cmd.exe" | C:\Windows\system32\cmd.exe | — | Explorer.EXE |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Command Processor Exit code: 3221225786 Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850) |
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | ProxyBypass |
Value: 1 | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | IntranetName |
Value: 1 | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | UNCAsIntranet |
Value: 1 | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | AutoDetect |
Value: 0 | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\16C\52C64B7E |
Operation: | write | Name: | LanguageList |
Value: en-US | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 |
Operation: | write | Name: | Blob |
Value: 0400000001000000100000004BE2C99196650CF40E5A9392A00AFEB27F000000010000002C000000302A060A2B0601040182370A030406082B0601050507030506082B0601050507030606082B06010505070307090000000100000054000000305206082B0601050507030206082B06010505070303060A2B0601040182370A030406082B0601050507030406082B0601050507030606082B0601050507030706082B0601050507030106082B060105050703080F0000000100000020000000FDE5F2D9CE2026E1E10064C0A468C9F355B90ACF85BAF5CE6F52D4016837FD940300000001000000140000008CF427FD790C3AD166068DE81E57EFBB932272D41D0000000100000010000000521B5F4582C1DCAAE381B05E37CA2D341400000001000000140000006A72267AD01EEF7DE73B6951D46C8D9F901266AB0B000000010000001800000045006E00740072007500730074002E006E0065007400000062000000010000002000000043DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339190000000100000010000000FA46CE7CBB85CFB4310075313A09EE05530000000100000041000000303F3020060A6086480186FA6C0A010230123010060A2B0601040182373C0101030200C0301B060567810C010330123010060A2B0601040182373C0101030200C07E000000010000000800000000C001B39667D6012000000001000000420400003082043E30820326A00302010202044A538C28300D06092A864886F70D01010B05003081BE310B300906035504061302555331163014060355040A130D456E74727573742C20496E632E31283026060355040B131F536565207777772E656E74727573742E6E65742F6C6567616C2D7465726D7331393037060355040B1330286329203230303920456E74727573742C20496E632E202D20666F7220617574686F72697A656420757365206F6E6C793132303006035504031329456E747275737420526F6F742043657274696669636174696F6E20417574686F72697479202D204732301E170D3039303730373137323535345A170D3330313230373137353535345A3081BE310B300906035504061302555331163014060355040A130D456E74727573742C20496E632E31283026060355040B131F536565207777772E656E74727573742E6E65742F6C6567616C2D7465726D7331393037060355040B1330286329203230303920456E74727573742C20496E632E202D20666F7220617574686F72697A656420757365206F6E6C793132303006035504031329456E747275737420526F6F742043657274696669636174696F6E20417574686F72697479202D20473230820122300D06092A864886F70D01010105000382010F003082010A0282010100BA84B672DB9E0C6BE299E93001A776EA32B895411AC9DA614E5872CFFEF68279BF7361060AA527D8B35FD3454E1C72D64E32F2728A0FF78319D06A808000451EB0C7E79ABF1257271CA3682F0A87BD6A6B0E5E65F31C77D5D4858D7021B4B332E78BA2D5863902B1B8D247CEE4C949C43BA7DEFB547D57BEF0E86EC279B23A0B55E250981632135C2F7856C1C294B3F25AE4279A9F24D7C6ECD09B2582E3CCC2C445C58C977A066B2A119FA90A6E483B6FDBD4111942F78F07BFF5535F9C3EF4172CE669AC4E324C6277EAB7E8E5BB34BC198BAE9C51E7B77EB553B13322E56DCF703C1AFAE29B67B683F48DA5AF624C4DE058AC64341203F8B68D946324A4710203010001A3423040300E0603551D0F0101FF040403020106300F0603551D130101FF040530030101FF301D0603551D0E041604146A72267AD01EEF7DE73B6951D46C8D9F901266AB300D06092A864886F70D01010B05000382010100799F1D96C6B6793F228D87D3870304606A6B9A2E59897311AC43D1F513FF8D392BC0F2BD4F708CA92FEA17C40B549ED41B9698333CA8AD62A20076AB59696E061D7EC4B9448D98AF12D461DB0A194647F3EBF763C1400540A5D2B7F4B59A36BFA98876880455042B9C877F1A373C7E2DA51AD8D4895ECABDAC3D6CD86DAFD5F3760FCD3B8838229D6C939AC43DBF821B653FA60F5DAAFCE5B215CAB5ADC6BC3DD084E8EA0672B04D393278BF3E119C0BA49D9A21F3F09B0B3078DBC1DC8743FEBC639ACAC5C21CC9C78DFF3B125808E6B63DEC7A2C4EFB8396CE0C3C69875473A473C293FF5110AC155401D8FC05B189A17F74839A49D7DC4E7B8A486F8B45F6 | |||
(PID) Process: | (1204) GenericSetup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 |
Operation: | write | Name: | Blob |
Value: 5C0000000100000004000000000800007E000000010000000800000000C001B39667D601530000000100000041000000303F3020060A6086480186FA6C0A010230123010060A2B0601040182373C0101030200C0301B060567810C010330123010060A2B0601040182373C0101030200C0190000000100000010000000FA46CE7CBB85CFB4310075313A09EE0562000000010000002000000043DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F3390B000000010000001800000045006E00740072007500730074002E006E006500740000001400000001000000140000006A72267AD01EEF7DE73B6951D46C8D9F901266AB1D0000000100000010000000521B5F4582C1DCAAE381B05E37CA2D340300000001000000140000008CF427FD790C3AD166068DE81E57EFBB932272D40F0000000100000020000000FDE5F2D9CE2026E1E10064C0A468C9F355B90ACF85BAF5CE6F52D4016837FD94090000000100000054000000305206082B0601050507030206082B06010505070303060A2B0601040182370A030406082B0601050507030406082B0601050507030606082B0601050507030706082B0601050507030106082B060105050703087F000000010000002C000000302A060A2B0601040182370A030406082B0601050507030506082B0601050507030606082B060105050703070400000001000000100000004BE2C99196650CF40E5A9392A00AFEB22000000001000000420400003082043E30820326A00302010202044A538C28300D06092A864886F70D01010B05003081BE310B300906035504061302555331163014060355040A130D456E74727573742C20496E632E31283026060355040B131F536565207777772E656E74727573742E6E65742F6C6567616C2D7465726D7331393037060355040B1330286329203230303920456E74727573742C20496E632E202D20666F7220617574686F72697A656420757365206F6E6C793132303006035504031329456E747275737420526F6F742043657274696669636174696F6E20417574686F72697479202D204732301E170D3039303730373137323535345A170D3330313230373137353535345A3081BE310B300906035504061302555331163014060355040A130D456E74727573742C20496E632E31283026060355040B131F536565207777772E656E74727573742E6E65742F6C6567616C2D7465726D7331393037060355040B1330286329203230303920456E74727573742C20496E632E202D20666F7220617574686F72697A656420757365206F6E6C793132303006035504031329456E747275737420526F6F742043657274696669636174696F6E20417574686F72697479202D20473230820122300D06092A864886F70D01010105000382010F003082010A0282010100BA84B672DB9E0C6BE299E93001A776EA32B895411AC9DA614E5872CFFEF68279BF7361060AA527D8B35FD3454E1C72D64E32F2728A0FF78319D06A808000451EB0C7E79ABF1257271CA3682F0A87BD6A6B0E5E65F31C77D5D4858D7021B4B332E78BA2D5863902B1B8D247CEE4C949C43BA7DEFB547D57BEF0E86EC279B23A0B55E250981632135C2F7856C1C294B3F25AE4279A9F24D7C6ECD09B2582E3CCC2C445C58C977A066B2A119FA90A6E483B6FDBD4111942F78F07BFF5535F9C3EF4172CE669AC4E324C6277EAB7E8E5BB34BC198BAE9C51E7B77EB553B13322E56DCF703C1AFAE29B67B683F48DA5AF624C4DE058AC64341203F8B68D946324A4710203010001A3423040300E0603551D0F0101FF040403020106300F0603551D130101FF040530030101FF301D0603551D0E041604146A72267AD01EEF7DE73B6951D46C8D9F901266AB300D06092A864886F70D01010B05000382010100799F1D96C6B6793F228D87D3870304606A6B9A2E59897311AC43D1F513FF8D392BC0F2BD4F708CA92FEA17C40B549ED41B9698333CA8AD62A20076AB59696E061D7EC4B9448D98AF12D461DB0A194647F3EBF763C1400540A5D2B7F4B59A36BFA98876880455042B9C877F1A373C7E2DA51AD8D4895ECABDAC3D6CD86DAFD5F3760FCD3B8838229D6C939AC43DBF821B653FA60F5DAAFCE5B215CAB5ADC6BC3DD084E8EA0672B04D393278BF3E119C0BA49D9A21F3F09B0B3078DBC1DC8743FEBC639ACAC5C21CC9C78DFF3B125808E6B63DEC7A2C4EFB8396CE0C3C69875473A473C293FF5110AC155401D8FC05B189A17F74839A49D7DC4E7B8A486F8B45F6 | |||
(PID) Process: | (328) EasyXploits_API_06318.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content |
Operation: | write | Name: | CachePrefix |
Value: | |||
(PID) Process: | (328) EasyXploits_API_06318.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings |
Operation: | write | Name: | ProxyEnable |
Value: 0 | |||
(PID) Process: | (328) EasyXploits_API_06318.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections |
Operation: | write | Name: | SavedLegacySettings |
Value: 460000003B010000090000000000000000000000000000000400000000000000C0E333BBEAB1D3010000000000000000000000000100000002000000C0A80164000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\images\loader.gif | image | |
MD5:2B26F73D382AB69F3914A7D9FDA97B0F | SHA256:A6A0B05B1D5C52303DD3E9E2F9CDA1E688A490FBE84EA0D6E22A051AB6EFD643 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\tis\TranslateOfferTemplate.tis | text | |
MD5:551029A3E046C5ED6390CC85F632A689 | SHA256:7B8C76A85261C5F9E40E49F97E01A14320E9B224FF3D6AF8286632CA94CF96F8 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\InstallingPage.html | html | |
MD5:29F74FBCCB8AE8E707CF96BA40DBFA9A | SHA256:F56BB8FE20B8BE18B877DFE0DD46AD3C717FC44797DB5EC904F1612F815DA120 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\images\warning48x48.png | image | |
MD5:D3361CF0D689A1B34D84F483D60BA9C9 | SHA256:56739925AADA73F9489F9A6B72BFAAA92892B27D20F4D221380BA3EAE17F1442 | |||
328 | EasyXploits_API_06318.exe | C:\Users\admin\AppData\Local\setup06318.exe | executable | |
MD5:A9937E8F3B8292C53E787155509B03A9 | SHA256:20C5C73D8669F6377C60F2636098725D8924B38B322BB6F587C07A5DD26E7FB3 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\OfferInstaller.exe.config | xml | |
MD5:67ED4EDC1D47444B046AD77F68CB2801 | SHA256:C9DD581B481E198C4E83DB6BE03BEC4BAC64C02C6C6F9E3051C23C3DF6F1301E | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\OfferPage.html | html | |
MD5:5F29B47126C45D119442AD3B896F74EB | SHA256:4E85074502C0267E04B324CDBB46DF644E040513E94DD13C6625FB2E039C9A3F | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\tis\Config.tis | text | |
MD5:FB1C09FC31CE983ED99D8913BB9F1474 | SHA256:293959C3F8EBB87BFFE885CE2331F0B40AB5666F9D237BE4791ED4903CE17BF4 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\Resources\tis\ViewStateLoader.tis | text | |
MD5:38E8C0EC67819335F3119E0302265493 | SHA256:E66095F97A68BF1B65FF8825DD5F6C675203F438CA356F1AECEB5E2AE1DD44F4 | |||
2636 | setup06318.exe | C:\Users\admin\AppData\Local\Temp\7zSC4A65941\de\GenericSetup.resources.dll | executable | |
MD5:7198F9C8338C823242253D4BD5F8BC97 | SHA256:D95AEA8ABF50D53FA3CA1ECC4B568F2EF7BF032887B0421DD312CBC1607BA52D |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
328 | EasyXploits_API_06318.exe | GET | 403 | 35.190.60.70:80 | http://dlsft.com/callback/info.php?id=06318 | US | html | 312 b | malicious |
328 | EasyXploits_API_06318.exe | GET | 403 | 35.190.60.70:80 | http://dlsft.com/callback/offers.php | US | html | 314 b | malicious |
328 | EasyXploits_API_06318.exe | POST | 403 | 35.190.60.70:80 | http://dlsft.com/callback/geo/geo.php | US | html | 315 b | malicious |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
1204 | GenericSetup.exe | 104.16.235.79:443 | sos.adaware.com | Cloudflare Inc | US | shared |
— | — | 35.190.60.70:80 | dlsft.com | Google Inc. | US | whitelisted |
328 | EasyXploits_API_06318.exe | 35.190.60.70:80 | dlsft.com | Google Inc. | US | whitelisted |
1204 | GenericSetup.exe | 104.18.87.101:443 | flow.lavasoft.com | Cloudflare Inc | US | shared |
Domain | IP | Reputation |
---|---|---|
dlsft.com |
| malicious |
www.google.com |
| whitelisted |
sos.adaware.com |
| whitelisted |
flow.lavasoft.com |
| whitelisted |
Process | Message |
---|---|
GenericSetup.exe | Error: File not found - genericsetup.wrappers.sciter:console.tis
|
GenericSetup.exe | at sciter:init-script.tis
|
GenericSetup.exe | |
GenericSetup.exe | |
GenericSetup.exe | file:resources/tis/TranslateOfferTemplate.tis(82) : warning :'async' does not contain any 'await'
|