hxxp://e86303[.]dscx[.]akamaiedge[.]net

Analysis

max time kernel
84s
max time network
85s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/04/2023, 06:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://e86303.dscx.akamaiedge.net

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4288	1768	WerFault.exe	101

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133258491465773503"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3592 wrote to memory of 1700	3592	chrome.exe	85
PID 3592 wrote to memory of 1700	3592	chrome.exe	85
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 2780	3592	chrome.exe	86
PID 3592 wrote to memory of 1668	3592	chrome.exe	87
PID 3592 wrote to memory of 1668	3592	chrome.exe	87
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88
PID 3592 wrote to memory of 224	3592	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://e86303.dscx.akamaiedge.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdcdd29758,0x7ffdcdd29768,0x7ffdcdd29778
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:2
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:8
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4740 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:8
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:8
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:8
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4592 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1768 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3148 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3280 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3344 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4540 --field-trial-handle=1808,i,2510988349085816729,5119665264785793609,131072 /prefetch:1
  2⤵
  PID:4204

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2040

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 456 -p 1768 -ip 1768
1⤵
PID:3400

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 1768 -s 1376
1⤵
- Program crash
PID:4288

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
882B

MD5
39ef421dce937182f858c00f0f7a791c

SHA1
a1fa18c4fcf308c6e4806b02171acc4170b914fa

SHA256
7bcb44b2a5d3544e44459dcbebb63e50241ef277e63f405a8186dea869cf7a32

SHA512
fce9defd2a2e8fe000f11f52d7e2ffe2a549f1dfa4c65600230d06657c26f76bc6a68ba5f012979507cbd5464d215b5e8a4c1de8809d84aabe2622403df702f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c7bf5d8613449e52752037781165bad5

SHA1
75d677584ea14df311e068cea19e349c12f0393a

SHA256
3cc8f9c6e20ab25230f34afb3620dd3caf6bc25fe8a1145adeafa9423cb6bb15

SHA512
71110eb95ecfebdfdde2cde3ac95d281139e44598211d808e5b794e1d76d6dc1b122d1956131e0d693c0cc68722629602fb881266c1bd42d1ffe1dab11f97288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6e195a6c1900976081bcf8cbe88845cc

SHA1
abdc81fcffa6f915ef5d154edb0c993c2a2f4d67

SHA256
d4ef28a977538684e703654dbb8a6a54c3a0cdf950128f7cf308f1aca1c0c3a6

SHA512
0d03a7f88fbd709bc9941ab556f3e953a9920c3465456e05c4ce567c9dbae06e748df693efcc9b735b5927ef7cf349f82aea2b991260a5a12eeaebf9015e8d6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b447c6e360aecefc11348a798edb5631

SHA1
872662f33e69086a86411c010a7d98b0ed4ade7a

SHA256
8210116e683526abc192b10bc970e9933d309d84a519622dbe39c3b7686b0c8a

SHA512
a50d73765962d3573d6e6bcc6374a7118bc235451bb27cb1b51def90939a0a08c4d2f4779b0471240f34035514aa6568bb00071c6f286bf0b1bfb22b82e80e95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
ed99e3e61114cc8546b1aa77cd19364c

SHA1
3a7f7bb46200a21889855dce2a3fa911ece47071

SHA256
371e28b210baed904ebda62e1a9ca13df6acde78684193c8eb4a1fab05186956

SHA512
32077168fd43b9159419d013ec5ea29b20627956374a9584ae7e30937a4af7ef97d55c911b5761ef9cc4913f6adc3c627b209518c53b899cd05793c4fc994956

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit