hxxps://fulcat-great-fhhg[.]com/

Analysis

max time kernel
1801s
max time network
1690s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
11/03/2023, 00:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://fulcat-great-fhhg.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133229681926554599"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1328	chrome.exe
1328	chrome.exe
1652	chrome.exe
1652	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe
Token: SeShutdownPrivilege	1328	chrome.exe
Token: SeCreatePagefilePrivilege	1328	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe
1328	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1328 wrote to memory of 1620	1328	chrome.exe	86
PID 1328 wrote to memory of 1620	1328	chrome.exe	86
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 3968	1328	chrome.exe	87
PID 1328 wrote to memory of 2304	1328	chrome.exe	88
PID 1328 wrote to memory of 2304	1328	chrome.exe	88
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89
PID 1328 wrote to memory of 956	1328	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://fulcat-great-fhhg.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0ab99758,0x7ffb0ab99768,0x7ffb0ab99778
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:2
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:8
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:8
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3208 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:8
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:8
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5288 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4508 --field-trial-handle=1824,i,10183648194077652433,13091983153841753509,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1652

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:816

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
224cedb0f915dd95491a48fe1e58392c

SHA1
ed95b3a125a910ac1e9a97b6bf89a4da74f4cfad

SHA256
f18906d0b4b540bdaf5388ad81fc2944656f495511c2b66419f872479f8d8ade

SHA512
17cc326bdbe4adb004f5af2efa3bac300a73d334bf76bc875937f3bee0fe66db8702c5397b62fd4b0b3399558e0e5c6f49d60c51c5bd326a8c6e6b3e1218c91c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c2f02f0220776b1b541fb50e0b6f7695

SHA1
9f3abf88d77c00722602856dcc7a43445f14e6e2

SHA256
c24bc77fa02bc8366c292d51f75f2020cadf66b2a73cb56ef1260894da5282f7

SHA512
49b7b6ab339cfd3b35047f80c3d12ebddef26c5c08e26d7831cc309fe47b2349fe6c7ecf77bf1086a91e07e9e378681135503229a181e9b6fb1a0b6df25d1b80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
875B

MD5
a693784962e984168a2639f56272c476

SHA1
d05a480247b6b1660358dc856942d70422ec5609

SHA256
05e1e44c39f32d854dac1a627ee5bf437a249a10baa68a5b6294b3c6a8b7a846

SHA512
b17cd04a8c62a488793edef8a8fcf236c0c38350b08885179e952851346434b61c6f91017ac5e6216a6554127eea886f8613f9dd56816ce9562ccd74fac66fee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
dc83cbeef92baf575f3377541595ef77

SHA1
94c103d32f24b1c59e728669bf6393efed5a4bd6

SHA256
fe2063565f689c41a3b111fbcfb319bd4255d4010248cc5cc96f4c8ed2b30ad3

SHA512
7fd72616e5b320b6407d0c6f8b71434711fd9b2063d3f3522ded667f945c23105aa77b7a2955086dc8e8a74a27459d2d5d1d0ee0f551b0db89dbee862f879347

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
86887bae23809caeed868805df38a058

SHA1
0e7030a4dbfd0d99b2ee6edb4b1153c82a7858d6

SHA256
d0a81c27367caf1f628372b9f15fade4d3dc9a95ef4251b593cd47ba0f08b7a2

SHA512
afb862c0c2ab16d247bf532b14d3b5c0892e9b814cb6f8036db442ee55a2f43a73c6803d85eeb10b12a009deccd3251e524b706613187bc7c57932d4f576e024

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
30ec56d61adbe3afdc4a2fa8de6c6977

SHA1
f1d7e2cb0b379b75f44e8ede23604d5fb741cfa4

SHA256
faff4296cc620c1817519f51cd217b231eb0d6954cb98803414422ac1b691389

SHA512
e5b007963438a3e3fcd53cc60f5a60fa74f04f6879b69c06c7c9b6a4d0e682ba2386272ec227a81b8475f76874a8a47a4713b49cd4f978a81996de7668cce8e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f47cfbd9-c6be-4914-b33c-5794324a2264.tmp

Filesize
5KB

MD5
d0b900078f114cfaf66c64105d4761e7

SHA1
09b4cdc2764bd60508072039cfa908aa1b8175f9

SHA256
c7b566be11b5dab62a894449a00b8ffa42667a42ae950b82c1bbaa0f3176ba27

SHA512
53a7188619cdcad931ace4107c8cfbfe20ff6b69317a551bc1f9a4abcd730d72f7535c9481d2f140aefbf75582378ec387d53594a5ab558814ed4052083b77f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
5dbea886946e8b5d86fee35eb5165bb5

SHA1
f0ef2e83b9c141731993c7b33b8628f40a2def45

SHA256
68198ef3df3de7df1fa4cb19e869413a1371f742605ec26f6c2dab0ed63c0f28

SHA512
97ac1f2c2b375e62456b598f6aca27b6881e07980c607e5abea625d4a6ecb0b264d2dc15c6bad6286a074d49bebb1103549682304c55f3f4edaf912b49532677

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
977c00d313f55f5d0f9612679bcf2684

SHA1
a38e8ea13b9083f1465adcb6fe544fb2f52248c9

SHA256
51ac106d2d4d8559cdc69de3ca306d3170c301ef70620244f4d8872b779c1576

SHA512
89967fa37738977a8d92c161bf5e350a3593ccc039c0cd7ab6a82030443bc5ce639d4a241d266c15728d1a05a6dbe1958c99b980cb343ffcdda2207ba31cdac7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit