strongpity | e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899

Analysis

max time kernel
161s
max time network
172s
platform
windows10_x64
resource
win10-en-20211208
submitted
24-01-2022 03:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe
Size

6.8MB
MD5

6512121c74cff138e74b8de7fc109c44
SHA1

c52198f82d56a48544e66fc68a18749b839dde41
SHA256

e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899
SHA512

3430619eeecb2fbd83ae7724855c8e6112a80adc491cd306dc8f2b1854adbbdafbfc8e3ce30ddae9c7a71f6382ce4aa006ea88e0a8c02be03f1aaf48cca3aa82

Score

10^/10

strongpity xmrig miner spyware stealer

Malware Config

Signatures

StrongPity
StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.
stealer spyware strongpity

StrongPity Spyware 2 IoCs

Processes:

resource	yara_rule
behavioral2/files/0x000500000001ab18-121.dat	family_strongpity
behavioral2/files/0x000500000001ab18-120.dat	family_strongpity

Suspicious use of NtCreateProcessExOtherParentProcess 1 IoCs

Processes:

WerFault.exe

description	pid	Process	procid_target
PID 2232 created 2576	2232	WerFault.exe	80

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

Blocklisted process makes network request 3 IoCs

Processes:

mshta.exe

flow	pid	Process
34	2576	mshta.exe
35	2576	mshta.exe
38	2576	mshta.exe

Executes dropped EXE 5 IoCs

Processes:

DriverPack-17-Online.exewimservr.exewimservr.exewsutil32.exeWmiPrvSV32.exe

pid	Process
1188	DriverPack-17-Online.exe
1320	wimservr.exe
3320	wimservr.exe
2004	wsutil32.exe
2940	WmiPrvSV32.exe

Loads dropped DLL 1 IoCs

Processes:

DriverPack-17-Online.exe

pid	Process
1188	DriverPack-17-Online.exe

Drops file in System32 directory 2 IoCs

Processes:

e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe

description	ioc	Process
File created	C:\Windows\SysWOW64\wsutil32.exe	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe
File created	C:\Windows\SysWOW64\wimservr.exe	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Program crash 2 IoCs

Processes:

WerFault.exeWerFault.exe

pid	pid_target	Process	procid_target
3240	2576	WerFault.exe	80
2232	2576	WerFault.exe	80

NSIS installer 2 IoCs

installer

Processes:

resource	yara_rule
behavioral2/files/0x000700000001ab12-115.dat	nsis_installer_2
behavioral2/files/0x000700000001ab12-116.dat	nsis_installer_2

Modifies Internet Explorer settings 1 TTPs 4 IoCs

adware spyware

Modify Registry

T1112

Processes:

reg.exe

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2361464256-2201551969-2316606395-1000\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295"	reg.exe
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\Styles	reg.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295"	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-2361464256-2201551969-2316606395-1000\Software\Microsoft\Internet Explorer\Styles	reg.exe

Suspicious behavior: EnumeratesProcesses 15 IoCs

Processes:

wimservr.exeWerFault.exe

pid	Process
3320	wimservr.exe
3320	wimservr.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe
3240	WerFault.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes:

WerFault.exe

description	pid	Process
Token: SeRestorePrivilege	3240	WerFault.exe
Token: SeBackupPrivilege	3240	WerFault.exe
Token: SeDebugPrivilege	3240	WerFault.exe

Suspicious use of WriteProcessMemory 18 IoCs

Processes:

e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exewimservr.exewsutil32.exeDriverPack-17-Online.exe

description	pid	Process	procid_target
PID 1840 wrote to memory of 1188	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	70
PID 1840 wrote to memory of 1188	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	70
PID 1840 wrote to memory of 1188	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	70
PID 1840 wrote to memory of 1320	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	71
PID 1840 wrote to memory of 1320	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	71
PID 1840 wrote to memory of 1320	1840	e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe	71
PID 3320 wrote to memory of 2004	3320	wimservr.exe	73
PID 3320 wrote to memory of 2004	3320	wimservr.exe	73
PID 3320 wrote to memory of 2004	3320	wimservr.exe	73
PID 2004 wrote to memory of 2940	2004	wsutil32.exe	74
PID 2004 wrote to memory of 2940	2004	wsutil32.exe	74
PID 2004 wrote to memory of 2940	2004	wsutil32.exe	74
PID 1188 wrote to memory of 396	1188	DriverPack-17-Online.exe	78
PID 1188 wrote to memory of 396	1188	DriverPack-17-Online.exe	78
PID 1188 wrote to memory of 396	1188	DriverPack-17-Online.exe	78
PID 1188 wrote to memory of 2576	1188	DriverPack-17-Online.exe	80
PID 1188 wrote to memory of 2576	1188	DriverPack-17-Online.exe	80
PID 1188 wrote to memory of 2576	1188	DriverPack-17-Online.exe	80

C:\Users\Admin\AppData\Local\Temp\e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe
"C:\Users\Admin\AppData\Local\Temp\e2cd8fd988a9a08f4bd73d7343ae54e68ee2a0a4728277792115edc86900e899.exe"
1⤵
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
PID:1840
- C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe
  "C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:1188
- - C:\Windows\SysWOW64\reg.exe
    C:\Windows\system32\reg.exe import "C:\Users\Admin\AppData\Local\Temp\DriverPack-20211211154958\Tools\patch.reg"
    3⤵
    - Modifies Internet Explorer settings
    PID:396
- - C:\Windows\SysWOW64\mshta.exe
    C:\Windows\system32\mshta.exe "C:\Users\Admin\AppData\Local\Temp\DriverPack-20211211154958\run.hta" --sfx "DriverPack-17-Online.exe"
    3⤵
    - Blocklisted process makes network request
    PID:2576
  - - C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2576 -s 2452
      4⤵
      Program crash
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:3240
  - - C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2576 -s 2396
      4⤵
      Suspicious use of NtCreateProcessExOtherParentProcess
      Program crash
      PID:2232
- C:\Windows\SysWOW64\wimservr.exe
  C:\Windows\system32\\wimservr.exe help
  2⤵
  - Executes dropped EXE
  PID:1320

C:\Windows\SysWOW64\wimservr.exe
C:\Windows\SysWOW64\wimservr.exe
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3320
- C:\Windows\SysWOW64\wsutil32.exe
  "C:\Windows\system32\\wsutil32.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:2004
- - C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\WmiPrvSV32.exe
    "C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\WmiPrvSV32.exe"
    3⤵
    - Executes dropped EXE
    PID:2940

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\WmiPrvSV32.exe

MD5
833baccebb0448caa80c11ff516456cd

SHA1
d52b5c9d23616fcd0739bd03c8ea2474e40aef66

SHA256
70d3f2b2f1a5d0329c628e9867b936430bb36f9003ae9b5e8a882f229af63af8

SHA512
5d35bf4bf2be3d1fd00e60518d35810811067311d06170f7ff04bec39b1089a64c58461164fdfc38142a8bdd845b92ae5dbcac9b441b23ccc6c38c2cf8ea7285

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\WmiPrvSV32.exe

MD5
833baccebb0448caa80c11ff516456cd

SHA1
d52b5c9d23616fcd0739bd03c8ea2474e40aef66

SHA256
70d3f2b2f1a5d0329c628e9867b936430bb36f9003ae9b5e8a882f229af63af8

SHA512
5d35bf4bf2be3d1fd00e60518d35810811067311d06170f7ff04bec39b1089a64c58461164fdfc38142a8bdd845b92ae5dbcac9b441b23ccc6c38c2cf8ea7285

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_0.sft

MD5
f5c184439a7269441927b112765e9cdc

SHA1
ce1dcd4178bcd69ccaf7a5c22e38756b2e2bc735

SHA256
794aa3e3e37f64bb2b2c0d4703fd57b89358618a2f8d1cf8cde13f8a3e01a8f4

SHA512
e73a68c4a6891ea5822ba69ea62ad2da81167118882839e2d84533c5145334f72b39224f31d50d79a4593dbbc2a1f3a938f74c9e781307e29d3b00722b4a2ed0

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_1.sft

MD5
01ca387d82382f84c8ac8b20debd9d9b

SHA1
6e6256249f05f6f7e9855a2bbe9cc35c7652f303

SHA256
adef331f9cdc0e53c22e5f57733d580a1a66608d7683c6204c5ccf2a9da593dd

SHA512
16a6fe630720e4a6bb99a845d95cda29d6fccb45ef3fca8f4aaccb76ac8d55d4ddf36ba8a1952bfc1b182db618c9f8750d1d124564ecba3e3d92114609914cc3

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_2.sft

MD5
7e6829b68d8ec8be7e4442ec3f39caf1

SHA1
dc920097ca7fb91e74a907b93006de8c7bb1512c

SHA256
32f5a19b8a4bec2b8fbc28724c9843d0916a1ba5a8179111e99b14c5f150cc53

SHA512
9ce84bcddd05693f26d027a56a7c9c161ad1b2dabc24c308f8686afbb59b75dc9dc4d87c2de20a614ed1fddb6155154bcfb894005ae8d8b2da2cec40a818244d

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_3.sft

MD5
109b1f6e8650dc14c82a36d67f248135

SHA1
936cd437952da0b6a2fa44e6368a1d6b28a924af

SHA256
2c33bb59030cc460f465d87e9e89998f3e80ecf6f7520058d90707791beab31b

SHA512
c802f125f964d769b2b29fa11d9f5e1515c0eddb3b4d910987de7896aa07f28827fb8c16cff484a9cf0186eb018e221c211ada5dc9ff9ddfe4f499d89ef1256b

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_4.sft

MD5
711b9c80965ec762d069fb0578eacf1e

SHA1
0e2e9101aa9b87de6a6d4ec749325e1983d80fe3

SHA256
c3cda08f639c6a793b5608550768038fd31042acaa5af806295028f9d9ff585a

SHA512
ae60bc5d70836cac7386a2ed6030bf4217549e7ee975d80b74690ee70e90209f8b21f83558b54ba95ee2280ed16f071d3e1db889752c9abfe56dd9d427d24f46

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_5.sft

MD5
f04428cc1afaa59942c482a36a8db68a

SHA1
2e5633d88ae153b32413e6655aeed521be75a8b8

SHA256
7fceddf67ecc13c8b5ec16ef9e21fad533cfc53216999d8916aa9c7a385a9206

SHA512
23ae1fa1fcae91017feaadd084a6ce9db08c05dd2934f59ee0910b6ee9f4e3452d041fe8a281401a5569684ffe968f8ff94d2b888220b3b830a9b7ecbdf358d3

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958259_6.sft

MD5
77bce1adeaf95c0a046a3bfd6ee5c45c

SHA1
4c81b9553c1eb4558f2e6341e1e842e6cab065a5

SHA256
e0182aefe0555d3d743f725e8a07d982cc6c0246aac98799f6d198717124de34

SHA512
8511abf13712b2f038de8bfefef9830809a907bcbd6b258381bb265d08c2cee2b577961d4e671405f7e8e7eddb2a916d0ef110f34c53834abc8d3f40cee786e8

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_0.sft

MD5
5d5f6af226646724d7029e4fb84662f5

SHA1
22bb30f7a25feb99ede59c37517be9dafc895556

SHA256
d732ee07c0222a91756e3b9e44eb1603be213fac90da0d25a2e61ba4dcfb9cc6

SHA512
6ea3b008389199ee45828048b10ac039c7d7b839084306796f95e9cf243f3c273b53515521606b733c0c060079ad8b31ab67b972f6e13a2b72afd33e2c9acad7

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_1.sft

MD5
8ebf32709ad861074b58a263bb6422ee

SHA1
22206a329daf2ac17760208f94b78bd13b26ccc7

SHA256
4eadd2c642f104f686d522f377444f91ac464f38391faa6fda01e926634f5e11

SHA512
f0f702cd2888ea48e3ef2382322a45b50d941286e70a72dec4b1bf6716bea6760b477d342259f200324a85c93ec671d6401483c1b29da08227a9df2fc3d9fdec

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_2.sft

MD5
d3c662dc59eaebc13ae9437b0d94db88

SHA1
f40dc0f9492fe64038b75a18ee14306acd79ff09

SHA256
f8b70688d08c66f815d016d097812584d21e9519565cb99b09fc8b2986ab2a92

SHA512
938303f4c982ed618c9fde05eacb41100000f83e7822864d56b57a15a1c34f9e24fc6e79cf14afa5e715bd2774d7d721295899723b86a47a30e8214e152252fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_3.sft

MD5
b0ec1b4b3ada51426936278fad7de27f

SHA1
e249066617f6aaf82601e15e3f478c4c0df8a62b

SHA256
50e06914022dab248e85fc83ea78119c5a2aaf1ce49806c7c87d543c63d69097

SHA512
60bac4081009b69bcb850d2eda4deb1f3e30b9d5dac5e0951a018c407c6c0fe15e19935accfda015786758fc010a11f7103252cb1ecdee0deb23d268af419d9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_4.sft

MD5
da4da4a61dd0b2433ab504fc9427083a

SHA1
7c11a49928c51baac1c4454506c0b734214c3a73

SHA256
f795f5e8e74ffe2b850b3efd52c1635f31f674afad609009b05d03a4d94f844c

SHA512
8106766a31032eca8f360056c2c1e133ca289d806275cfea57dae4ebeacc93dd843bba0887016519be9a7348c50ea156aa31d465dc98529eb089e03f426af2f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958290_5.sft

MD5
a21bba6d39adf7f5b4427e6a35b5361b

SHA1
19067711ef76cdcc62b3475b20b236c471ad644c

SHA256
984bbfe73f4f727c04373006c9378e6eb8b8e51e92e8c07a1c15259c9910231d

SHA512
56f282fc24797c5da0455e5d2915cc0f305004652afb06e09f306f957c705f2d7d90923bffdac34bd0542d4ef85ab472106a7be90406bae751b9b55cd9c31707

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_0.sft

MD5
4e7fa9939aa4619336a1989cb701f24d

SHA1
49f195187172c0b91a5e7a49c1b9bdfbb78c1521

SHA256
e77fe7ce8c9fc39f8136feeb44f0942193ab34906aba4d255806ac076b7e902d

SHA512
3882f138ff40ff489cb4e68bc00d3a69acf3416d8f45252ef633e02989797c75041bce412480973cbe84cc24334f05c7c5c1023ebcecb342a3d5356bf648bdb3

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_1.sft

MD5
62c493bc9e9f9c3ae7e35fda75d791e5

SHA1
8b11e3591bd9324017e47f6f07593805a47ddaa9

SHA256
fd3668a8d7fb5c7097e76b388dcf88c1d6f33ada759d1f966cedf4d2ed2b074b

SHA512
23c8d5f9a285f3db622a88e98ace06aa79e648c11e8dd2d39d6f1669ac92b27bfc37db709218fe6d549c2a794d36cc93c013a11221106afd29363366d8c096d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_2.sft

MD5
ea8907f322765bc14de223907a8525bb

SHA1
472432ed47f4b6e358b71e317016da7f66051677

SHA256
339b5699253d370ccafa40d9eb792ae202964acb6981b684bf47d44a11990de6

SHA512
e23ccba3fab795c40e636ae26e9e4e78733b0194761118b4053bc5cef4c6654c4dfde79e3c96fa09c76aca79c44c68e33d8a26f2787fce43868eb644e691dd97

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_3.sft

MD5
93946b3eacac08e080beb2448600684a

SHA1
184d96f2650c76972c4a26a9114050b15d623bc3

SHA256
5cfd65af21190a97699d522300a6c57f9f3ae738765917393291fad808393f54

SHA512
f439e0d99d559b657d2e7af1d4f4bb494213878a3dd0963ec202444c0b9b9e73bec0267bc08003f72c4af024ef4221209d53e5c570fa531d658734b850e784ce

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_4.sft

MD5
30d3511383ebedb2c7cfa8a337a56661

SHA1
bb4de5a269eef171ce6b810068919d38ef85fdf8

SHA256
ed3729201aa2b97527efaf04a766e4a168f1c3281493e20fe06cb1167f8f778e

SHA512
b72447b2f0f1f9820668ba3fdc319dc5f68de7b24e27cba4272b7d0ad2d0a75c3b6248147616291a77979a08910bce489b43099a6dc01d962504cedf211337d0

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_5.sft

MD5
147c44e5a3f4a848aebc9484a724443e

SHA1
48fbd123e7508616eb0a13f3db84a61fed97fd23

SHA256
ba2548d06a754ca780917811e94a687b5303236aac65a77e388a2eeef99905e7

SHA512
492a232faf16c2d368982a8da40a5e9d11e7bcb6ac1e96c29a1c3e271c99ce80a3f29d20a4a94c4b23b0bae46270e174de76f86683702d2179089f3edabbab93

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_6.sft

MD5
c6a707fdba8a1329013fe4f9e6a877c9

SHA1
8ec882772a05f164a598125ed960ce326faa97e9

SHA256
003215ba2f6b5eb659cf6ebb377717429d0ee96692ac8c0fd6f6a55462f98b88

SHA512
306e73b733d546f84ffa4890e8b1f6452137ed8144251ed4a1d3a735ef531d90992127d4ddd7d2e63c1ddda4e92e35545079ca0867266ebd4de0fd951d38e49d

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_7.sft

MD5
79383b0e47b2f563d1c5929bbdb5e681

SHA1
7c2a9a6a1f44ebe758cd393afbd99e5ec8bb6ed2

SHA256
9d4ab4770c9efdfe6852791af0e67c50b12fc781140c777c8e7736b24f229c4d

SHA512
43e2647fd802e3da687014f4b72f8c1872464b1a22a00ac3f8b25737e88374c09c1907de0242df2209a11c61f0a5dd6796aa842f7d66416d1c2f9f2634b918c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958353_8.sft

MD5
40a197d849835c923f90b88c1cab1b07

SHA1
9219d652b125bc7fa0046a4b6a0cc9d055cf2c03

SHA256
cb619f85e54e53e521df3b9664c17c09310e3cc27d8af38887974b6be29823eb

SHA512
a054d27d30af93fca59a483fe58d844256d711a47084fdb935bcdc865ff849b15b4677075e0cf3c0c158b94d486c9cd2f5e1002b31f60ea445a813c07bfb35e8

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958462_0.sft

MD5
37f0fb87f79733beebacb8d5964d95ba

SHA1
fb304ba16b55437205f2dc3cd4a77b052923c513

SHA256
294ee6dc47cb85ccdf6efee650a04a90202408c7a717b2f968aeec1e24f78aeb

SHA512
a1f6c22a02fb5a29ee84eb5e46d66864b0c90e302e0ba7dfca8fa8b19007e5cf06dcae619d233fea5dd03f70b338a8d9bbedb70fbe592f9197541d27b862b7c4

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_0.sft

MD5
3bc7d3f2e9dc3cb881104c929d8cf829

SHA1
17e447f681f278410cb293a373dde2a3cf48bf73

SHA256
cfb9f7353fac0046ee143992ea59414f4b6ea672941bfe5f94450374e9b9a78c

SHA512
c8f2cdea822e5bee8ecd9c85ef1e225e340059a008199d7640845372f5a56357d029fcab14818a2497c4596f17f8643e6bb76a340018548852898e7e948ea31e

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_1.sft

MD5
c255677d0bb052bcca11b75dd935931d

SHA1
fa130c3141e838499e41bdbe3d0545889f1eae66

SHA256
c44f3a1dde9666bd29f41ab6ba1d2551a759f574bd2ba81929124592d7f72547

SHA512
cdbf2d71f9feb13a8da310b0ac78d14946fdac0a2c2c7ef301e7a42e05b059032cb4e4db92d42e698a0ef44d6cf37f6f7c0dd1f2466aed17945f9a09fb55ace3

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_10.sft

MD5
b40b2b940ff39217fe58c02e809ae956

SHA1
2c02edcda4ea2f9c439661eefbc9936f30530302

SHA256
3848557f0b2a473402cb1e15fd3b17bd860e81af19510c1c7457034388aef625

SHA512
c44b3519fa4bb409a6f2e578c5245bdad77f7faaa666c88e7ef549bbcaf40c37ae786531b26eed0f2ee4cc56e574dd68b5fbdc3055541f72d7b7a739895f3b3c

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_11.sft

MD5
626b2bd692ae9fe82a58a69db1cf68b0

SHA1
579ce3c54161d1059684e9e1dbbe85c94d83f88d

SHA256
602fe7939ff00845692dac37257878e6783d40d63e4e1abbea13fb52d1059e38

SHA512
3ebc0ff531957f534168bef5fc3fbdec2e11c67b68a6189c23cdede2b457f44f113f0873d9e5e5c60c7cbe4238ecf31394483216a98eb9d879db2a4d557e9746

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_12.sft

MD5
3d7913f5925b498aba2112dd9267ea75

SHA1
9398ca4d6b8336aff4557f532d1d690ea2c55bc2

SHA256
58f117bf901fb7339a312edbe055ebab17cc4de4ae8de3f2b1d6dab5ddaf7e2f

SHA512
b3998665a17dfeb2461796c2f0353f68d0041d8503924047c1a65ee7d4effa82264a0bd925be25a4e2c9c71d05b36c680bd3c6ff09141eb4e2da281deb1056de

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_13.sft

MD5
f23539c0e49ae0e5bde46f3f9f71a3a4

SHA1
77ec57bf5278755e827481241c8068aea6e7f660

SHA256
c7ac49a262149017483b05f7482fae33da5aa834eb261041313d2d0dccd43fcb

SHA512
f10f3ab902ac7bf2861ef6dcfa0c6c0d58cc9359e474eeeb8ea568c6841dc4b6fea79c93474e9d554026ea981c72fe9c50e7ab8a9cea4133228df9a2eb9455ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_2.sft

MD5
c7b5696294d66a2e9f0ccec597f98851

SHA1
a24fad3141b764b368f775f49d594f07130c3fa2

SHA256
246fd884ea0342e5baba861af9d7dfc7bb6597fbc326e157bb71932c2d9995a3

SHA512
3ceef076ae6449e694191fd0d5760dbae958eef8ed95427b898d246b28cf88ec2a338b1e3831d86b065668e504eb91f40e2b0f726ef9e73e96eb8a100b637b29

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_3.sft

MD5
ad8fce24d3b02a604cc4cc2aee99f648

SHA1
50471dae3e0b6b3e79c8d923efec68db3fbb262e

SHA256
a732511b93f31b6eb3b9d48c84790ed47b702eec777850d1ea8fc7f2dd3bebfa

SHA512
1574759033a21db5a50e204f2546bc0bc0819eaf6144a0d7c9bc8a1c2f1062d03cd01fdd27a55b74673591de5288b4fe11c014e937ea9d071eef9a57fcaec0ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_4.sft

MD5
b7d6fbfe6512660b26d458798519d962

SHA1
853b89c02538686579f8ecef3386d13ad18ccab3

SHA256
01d8922983243e1dedd62859a2271f749f9fd0d23b69632d425d80ae1406105a

SHA512
1440f2eb9214a42c85fe9547e311cc0c8e4dd44e2e6953770900a0eaa2846b39fde85459f8df9def4792f965c6d294fb3de2285970f93bcc30af722df8494cd0

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_5.sft

MD5
4f9f2d4c0da7579fea2af9cbe85d62bb

SHA1
eb77dafb07899ccda4914a036e47f2a8468f5152

SHA256
0ef4b800ae6ff36c1217baf6872c1342fe5101abec0ff2664d6b3723228af59a

SHA512
f24cb613aec5315ebbca1996becf4987ffd159399795f1dda99156ebde25cf0fe42270e133cbe24e4bc84d135731f3e88c0433b8594635d25ceabbcd5b1f638c

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_6.sft

MD5
c472c213242e06896694b5fac1458fba

SHA1
7dd3b956a364323552538fa2a3ae39feb5b20632

SHA256
63ffb275a0475bd4501db7f86350415c6d69265ba735326312f0f3799e60a301

SHA512
0ba4cd342d9129a6bb99d311f53b08bb50586eca7f6dab4670e8ff5091f586c2d252576cb4d02e32726559d183e741346210cc28a001331060641cff8258e96f

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_7.sft

MD5
9b65a072e99e14cf0d58b4dfee5e24e8

SHA1
54b1f90ea9cd56f7614199baaeff65258a6b955e

SHA256
a7473558f5c7c355364d9b30c0a2b933a23bfaa90c3f37dc547d6abaeebee26e

SHA512
30a61b2b6270e82cb7662041b6a2bc493fda5714aa7551ec2ea25b9dd5a0ba1f95dee2d9f83d5c962cd42810ca5a92e0ffd2ebc79be6b7696c4f71a2654b173e

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_8.sft

MD5
25de0f4f390323f25950347268bff9fb

SHA1
7ff720464cd3c9e47b8df470d0bff165f2dd66ab

SHA256
76464878b60178026ea4da018e99137a19bc17ab002a76a17e5e829ee5109276

SHA512
f6c5841b7327ab877aab3b31a501d7d25595c63f345795b295c8ebbffed89b3c8c6d6aaace8b8eb84392f81a3cabf8bb4ca251225bbb34ee9faa71bd37c82269

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154958540_9.sft

MD5
c280b506fdf423f003eedf149fcae661

SHA1
37a0af3fba711796255d8011dcaab23c0c125d63

SHA256
4a555ea2826c8e380c4239d457f171e2f8aebabe4bc90ff2d3a5397d482db4b9

SHA512
48af6ef50cab6b31ff43334c34e66104d4efd5aa27ac9f6da762aed20dc5f537dc2e1abf2ca6e36812cadd1a35b550b918e9683f38dc6764eac33f520665f8eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959212_0.sft

MD5
6990382119b394368b8de15c7856e492

SHA1
23c0777efc696e0d7cdc5c1a9fe73ba6d15e5335

SHA256
b552b4372767da415acdc041c20e4eed0f86f098afc7d3d50dca29f6e2dc2a91

SHA512
836d872e634032886f1b0058e2d1d691a5ab330eac1ade1b164d42da0d5a9e861fb9487c6e912665979c2c5e5a6b91b4dfc8ddd45e4531f1a2f8e78e794755e0

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959290_0.sft

MD5
49945b0cadc2a7a570f6e2269ac2e118

SHA1
126721c5707d68ce9bb28918828e663aaadf9b52

SHA256
a6c54ee5620f79155d5e34e0a2397c0aafeee2f7d2a2e75509158b20d2a83e0d

SHA512
10465c9bd7388edd0d823505151529bc248879724f1b7ba9af0c90d0b4453789c33d8bcd8095c1d9ec84321ad0dbae2e6b82d142fbc42c15f5f3e020bc6505bc

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959462_0.sft

MD5
1bb981ab58ab477defdf3dc28b820b44

SHA1
3b6e649fe4cdb35e29ff0348b519fc3c0d2839f9

SHA256
6c7f1df9d39b9fb4f7ef7884fb967bdb78165777f83051426eec34eec6d5b83f

SHA512
2058e2ca35ee2bb4464d097466cd411d625d4eac942a26fe8e802e31d7de66248dda0c42fb7ca3ec9430eb2387751dad6e11866006c6e28b45b8659a2112ab88

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_0.sft

MD5
0f56327ad5d43df8e879b9318ebade72

SHA1
ed643fa05434c26650e3bfaec2ffb12fd2d9c272

SHA256
a4d9afed025e1aa9e3e174384c0a040d55ffed19ec0e8eb7b6022e6a817a3d2c

SHA512
1e7c28955ca334057ef37e767841e64d661c678724f1378eac2774e9d4b62e03403c9e47a17eda81ff6b54db9a09090fff1bff2efbbd56cd8bbdd0743ba9b21e

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_1.sft

MD5
cb4005e639a2612488c9ff15a8bc1db8

SHA1
30d6ab888fe41279742ff623e9a174f603d0bfc1

SHA256
43115900fd537b82a8d1f3ef10aa115a68c86fe851f6033a3f760847bca796c8

SHA512
2ea250ab6142a648099c5d3efbd5c5cda7f79bd0d8072d0d800a2c1de7f81ceecd790c5dc31311b2494fd963f9f81dc4bd06d3c42bfbaf8d880fce1c703132e4

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_2.sft

MD5
d4baab85b16e9f539d8995f6f5b94f96

SHA1
c5c5dd9917536af475333ffdb625d8ba4bebd829

SHA256
6abd763fd029afbcc5791ee73314840dff91c764c201b6fad444df582ec55378

SHA512
8c93407144bdf27b899e50d77cab970c677e9176918acfe4243065f46d7551e3a7f63eea10e64b4349b77a067e60ad37057ddf473b5df55b8d4fca5367fbb3e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_3.sft

MD5
906df2556056e481c4a1d779eaab529a

SHA1
9c02472d359784a245f2e08d2718c1a7b6134252

SHA256
ab2d97df7f6404b8eb2486465d5bd796ac4b9ed8aa717b6e0dc396f639799555

SHA512
5710e5f1c13a6233ec51f0b70b5df1ea6f2bed0a8c2a6acd586a7ab440e1dde8722c157db4eb13bd7dc94f2f573eb6391b844c0d8997ffeeb34f40de1153b776

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_4.sft

MD5
37fc11ff49dd6f9d13a9c1cb9be84309

SHA1
804d54a2d62cfac6cacbd652d5fc9652ae1effa2

SHA256
f2d3114f1cdd4a8e36b59a7d98a379b6feea52e97da9282c3da9f23fb68d175c

SHA512
82fb0a19c26f9bfe181f24b74dfcd3c5d870a9f46da47b1cb155092e16cdcbd77326f2a480fb4388e0f095326f638e780cf3844397e8f7353679b811cdc4bd9b

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_5.sft

MD5
25c44853e3076cd25be431123c420eab

SHA1
f834d63e4568913d1ef1f6a030b48433084bc436

SHA256
1f39398624efd187f91e6a74de3d8d2d9973075dd1b7f7045a287d800fb85905

SHA512
01f089c089f0a83d7c1b1861145c4165a766f47ff9d89e526a777fe91dc33639b728fa05b6191a37db87abcc6dfc3e9e1357fb1523a29f2b0a995c3ed062c767

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_6.sft

MD5
b85c2a79434e166cc7d03c6941285816

SHA1
374fb4141db2adbc6ba33961b106e1e453da52dc

SHA256
ea301782f5300008d77a85e080757ea1da37937bace896c0346552541ba86829

SHA512
b1b047f1a78f54e7e191d9f847314041438092a7b2dba06fc23ae5cb13103c5e2c23bc291a93e8549a50214e28c535de59cbcdc0246fbba2b27e6e56730241ac

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_7.sft

MD5
b8d527efc0b9999be6c085070fd390f3

SHA1
54d1e30d9ee7dcf2047767e32ae7c0c672a2b08a

SHA256
45e0e8bb26e8c9ce78f6ad6678d06fe25d1c717af61bc23091ce6f6cc8595483

SHA512
10ba9074f2d831f8cdb88e419bf31c7b50a4c5424db6ffc3c39c62afc959e7a4e08ef69e4d279aadda9e8643f45a7431cd24467515fc640aff70cc9e43f7787d

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_8.sft

MD5
409d42457cc92e22906d52368a226400

SHA1
ebc8f4a6888e55d31efbc33e8f3aa80ddea1d0e3

SHA256
f5e8d7e980638f7812d00d2c6333e8a6344956b56a1373c4a2cbf3f07d3d1971

SHA512
4db610c33ac3828ab99fa4b1e65c652bb031016655a151d4c561288ab269fca53394b49f00f5c95dbdcf47929892454622edf1e935df2267e0277776ef4760d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959525_9.sft

MD5
d367a7e5170cad6ae365dfde5b108f8c

SHA1
b15fc05ab5571c1cfe489c564738c0fb4db45347

SHA256
9abac049385f792d8c489ca954f7db228a5bb3cce45df0852781f0845380899e

SHA512
9b8cc952507d444cc9598fc2a009bfaa2ef06fcf3bb95037723db8bbc122d2ab6df0f34aebe301919aa248c385a6dbacb15f7deae3d53e3895d09a4e035e7a8f

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959650_0.sft

MD5
cf4b9bad4c374bc61bf6d475e6575623

SHA1
8469dbc7a33d820f8d21fc8b1b4e1bf70acd8b7a

SHA256
72a3a48be146746b8f5907c153c0ac47f9ad9592201fdbfedbb8ae71460d67df

SHA512
f7b0a6b935cf8153f73b9ecfc30f4818cf87fd20e45e8b1048322222f650b60383cc05ed686da790430c3043ddad0274fdc046b1b6864af6d1dd934398990967

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959681_0.sft

MD5
f59af8b4eff8857d3a773501ac3527a2

SHA1
8f7840330bee73343a0f4e665af966efe7363c8a

SHA256
64b859f4b5d0cf014a0bfd1c220f6effbafac55b04a5605b6aa33934f9e6f158

SHA512
cd95634388f05878be51ee065ecf3b8c7d99e763b50f8f7a72a81934f02c5507d5c77c8cca971a36f80a5f4e8cc0d7e87b7e5f0ece790d2c682c1de6cf711f8b

Download Submit
C:\Users\Admin\AppData\Local\Temp\BAA5-22C-AC866D\guid_app0_3078847697_1211154959681_1.sft

MD5
59f4b0d33d6b4bb473c7d39f7182fa70

SHA1
7949a44fa7b7b9606202afdf9984601e536f92fc

SHA256
a78777217f77f03d0d74ec29d7452e35203f9366aead076373a9887b009fdfca

SHA512
2c05b9929d782d55a3c130b0fbb9e97e99609f72e9ae3e13a72288491e41c800c07294e647244922e0754e9c48b011f544d92e309b6fa0890b47c0979f108bbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe

MD5
3d3c9920f574ba9162ebeb3ff88dc12b

SHA1
35872bb883f6ffcbf8635586adc84063deed6d1f

SHA256
87b7f89d61b54114bb7687859695048bbc3243e2b5bc6d4681d11a5d2bd7f0f4

SHA512
cf038277515c12d1d92eebccce19d4292f6bcc8e6e0f600a6465c39c91ed5bca8ac2ecb5b3bcb64456a8dbe663d46114a22089eb7566a9b7c1da4165f10e69d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe

MD5
3d3c9920f574ba9162ebeb3ff88dc12b

SHA1
35872bb883f6ffcbf8635586adc84063deed6d1f

SHA256
87b7f89d61b54114bb7687859695048bbc3243e2b5bc6d4681d11a5d2bd7f0f4

SHA512
cf038277515c12d1d92eebccce19d4292f6bcc8e6e0f600a6465c39c91ed5bca8ac2ecb5b3bcb64456a8dbe663d46114a22089eb7566a9b7c1da4165f10e69d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\DriverPack-20211211154958\Tools\patch.reg

MD5
d49db2ec30494b46d332d516cead4969

SHA1
3d9ce116afe59760c9a1c149ddec92a2f92a0028

SHA256
c86ef9ed6e111d166818e8e0adb3cf5e2a3a5dfc6edc932abc298141ed6f2208

SHA512
1314c6bc4095e445c930c0a0a94a83ff39670081ed916337eed2f74e3453702ae0e0187c0e6c933d52868d80c36e9acbe558faf86f10146d0a825b97c3bc261d

Download Submit
C:\Windows\SysWOW64\wimservr.exe

MD5
85be57f2dcadbe1f9d3c63c1c088738b

SHA1
335a84e51d645d1d15e867e76f2fc926123b304a

SHA256
bb9f19d98021d8d13934866d47baf165b183a44cba9afcb8387cdeb7d2fe260f

SHA512
9bf352462b82a90140530ea217a4ac59c6217136f0b73bd99abca8d07f2299815a87cd61a428998a5aa8f963ed33f4209cfabbabf163cc921628a8b2937754bd

Download Submit
C:\Windows\SysWOW64\wimservr.exe

MD5
85be57f2dcadbe1f9d3c63c1c088738b

SHA1
335a84e51d645d1d15e867e76f2fc926123b304a

SHA256
bb9f19d98021d8d13934866d47baf165b183a44cba9afcb8387cdeb7d2fe260f

SHA512
9bf352462b82a90140530ea217a4ac59c6217136f0b73bd99abca8d07f2299815a87cd61a428998a5aa8f963ed33f4209cfabbabf163cc921628a8b2937754bd

Download Submit
C:\Windows\SysWOW64\wimservr.exe

MD5
85be57f2dcadbe1f9d3c63c1c088738b

SHA1
335a84e51d645d1d15e867e76f2fc926123b304a

SHA256
bb9f19d98021d8d13934866d47baf165b183a44cba9afcb8387cdeb7d2fe260f

SHA512
9bf352462b82a90140530ea217a4ac59c6217136f0b73bd99abca8d07f2299815a87cd61a428998a5aa8f963ed33f4209cfabbabf163cc921628a8b2937754bd

Download Submit
C:\Windows\SysWOW64\wsutil32.exe

MD5
f43728264ecce83d6752397118ca60ee

SHA1
c88981bd02ddba6a042ca4d67fe102a334d92dca

SHA256
16922673df874f402b1223d6a1cdfdd8fb2a92a5565270f498aa0f49473fd12e

SHA512
3819f8b2a6f86679104ba86f94d2d6db4ac9b894574b64c1765d451bc590114e7ac4189ec779af48751f50179f2ed4f656a3de60c26013ba8de5cdf1fda207c2

Download Submit
C:\Windows\SysWOW64\wsutil32.exe

MD5
f43728264ecce83d6752397118ca60ee

SHA1
c88981bd02ddba6a042ca4d67fe102a334d92dca

SHA256
16922673df874f402b1223d6a1cdfdd8fb2a92a5565270f498aa0f49473fd12e

SHA512
3819f8b2a6f86679104ba86f94d2d6db4ac9b894574b64c1765d451bc590114e7ac4189ec779af48751f50179f2ed4f656a3de60c26013ba8de5cdf1fda207c2

Download Submit
\Users\Admin\AppData\Local\Temp\nsjCAFF.tmp\System.dll

MD5
8643641707ff1e4a3e1dfda207b2db72

SHA1
f6d766caa9cafa533a04dd00e34741d276325e13

SHA256
d1b94797529c414b9d058c17dbd10c989eef59b1fa14eea7f61790d7cfa7fd25

SHA512
cc8e07395419027914a6d4b3842ac7d4f14e3ec8be319bfe5c81f70bcf757f8c35f0aaeb985c240b6ecc71fc3e71b9f697ccda6e71f84ac4930adf5eac801181

Download Submit