bb943a4b69a11e38ae79651edb071f57da2c9989d6b840eae5efcd4e722d774d

Analysis

max time kernel
300s
max time network
262s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
26-03-2023 13:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Spotify/Block/zlink/index.html
Size

56KB
MD5

21e48d108e1b0784b074e41af223ccf6
SHA1

e7d91f00be65251d0d8e3a74142cb38aa42c64fa
SHA256

d7b44de7e211aec640bdf1ff477d142987692cdb6b8f5d3f7c526856885924a3
SHA512

896c38c61f68ffde365b060663a384a3776943f64e619c598617f7d1ca304c9cafa72b95cf0c6dff8c660f475bc6bc67995a3e462fcc59d5c55dc7b99c42cce1
SSDEEP

384:OTKk8fHc33dvsNrbXANAz79bGwNUmo9bv/flxvRSCk/b:OTKkMHXws9bGhv3rRSCGb

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133243177039390352"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4716 chrome.exe
4716 chrome.exe
4892 chrome.exe
4892 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

4716 chrome.exe
4716 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4716 wrote to memory of 2716	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2716	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 4608	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2804	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2804	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe
PID 4716 wrote to memory of 2008	4716	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Spotify\Block\zlink\index.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7c689758,0x7ffd7c689768,0x7ffd7c689778
2⤵
PID:2716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:2
2⤵
PID:4608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:8
2⤵
PID:2804

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2156 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:8
2⤵
PID:2008

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:1
2⤵
PID:3404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3180 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:1
2⤵
PID:3256

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4936 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:8
2⤵
PID:3164

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:8
2⤵
PID:3564

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5000 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:8
2⤵
PID:4612

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2824 --field-trial-handle=1876,i,15151394420716660545,2757878641970202304,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4892

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4512

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
8929f44e669ccb8ad654634aaaf342f1

SHA1
376d3ca3b4a95c08f9b9eaf0b159e9663f3f4eb0

SHA256
a989e85837dfb0ce7adf10a162021acf9c332ff2d49443490c84c3a1abfa4bc2

SHA512
0499b2704aeb08924313b15f05bbc38e9354de4233ac83a44a784a895c753178c69a099a1bd89526952c3b3090bfa9eec04a9d47d78c066ad5040893d78c5a03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
882B

MD5
1181c261d1d4cc1e987aeabc3b1ea853

SHA1
add400b89e6528c01a8fdb4c93bcef019844836d

SHA256
760be56e5e10aeaba6eca85a6e8f43cd01b2cf61f1a18d7fc2d992a7abcef4f0

SHA512
53f022de15d1e3f4b7b3b1ea3e5c17af63d75b18c2c64bb87ff4d1c001cb95f0db051ce72043cfc8f139b37dac5a2aec7b2d6798bdd9f4ee6ed601d8fbae1d2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
ba937bf7486aae6fed8c0dbabc74a4dd

SHA1
7bd1cb73eeecb45bca8d34112dfd1649d7816654

SHA256
d6541ff9d9b7453610d912cd50c259a7cfbd119e2b7084b49a519c1bde145c94

SHA512
191e25e40650718e184d550fd5d141cd48b9d8bd82b8bc55904665f79350b2a2272e7991a4ce8907374798e7094bdcb027d5400a60b06b4d2d7b5581efeaf68a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
4bdffd695499f8c8b3f39d8bd8791326

SHA1
23c741aff2d6ff489d93383d7c71dd11e8f5f989

SHA256
5c11bf3459ab3a6ce19ded9cf65ae59b4ef6965eb43084f20ee2fdd8f6530970

SHA512
73890cfc67617743b904e5ea8276652ec9abc98ffa911ab231faee63df6caf15fb008e37990d2ce6b2cb7da2f0ac30d0f274d64b57dc4037b2972209525d2cd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
1539daf538563a97b34a4cb09a760532

SHA1
3d1b90520b209bb9b41bfb05295150645a0e8c6e

SHA256
d8969d56b7a85b4e415c3724c0b9d6341c691e2ea9971ac4bdfeedeec52f071f

SHA512
4a407fadd27b0251f7ad025e2cb9f667cb5f4f526668f77c2dc2ff1ed1e37ee5e50c8d1a11ee7439eb6cf90646caf2050d9004ad4013f1ed50f98e60ae8468fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
144KB

MD5
acaab1c16fcf7b6fdad288d8219b051d

SHA1
11fe99c8948badc27fc5fc52b95106e4a5dcd36f

SHA256
e174dfd1af8f028ff41280dddc0458e8910273e581d3fa0e55042fdfba3ba4f9

SHA512
07964fbe62e565ae5173bc0a684b648cd185a0f07bb1b26ebe94311bed1b3fad34e784c69a1e873e5ca3b966453bbd87461205e2cef99f4d6418eeb751682e39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit