hxxps://mega[.]nz/file/4YMnnTZD#G242JXj6FLZ0T-_GYpPZzpigf7j5JFYPz2Mhm0Qw6Uo

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
16-04-2023 18:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/4YMnnTZD#G242JXj6FLZ0T-_GYpPZzpigf7j5JFYPz2Mhm0Qw6Uo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133261421857990343"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
3872	chrome.exe
3872	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2548 wrote to memory of 4696	2548	chrome.exe	85
PID 2548 wrote to memory of 4696	2548	chrome.exe	85
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 3948	2548	chrome.exe	86
PID 2548 wrote to memory of 1836	2548	chrome.exe	87
PID 2548 wrote to memory of 1836	2548	chrome.exe	87
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88
PID 2548 wrote to memory of 1012	2548	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://mega.nz/file/4YMnnTZD#G242JXj6FLZ0T-_GYpPZzpigf7j5JFYPz2Mhm0Qw6Uo
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd8,0x100,0x104,0xdc,0x108,0x7ffe06d59758,0x7ffe06d59768,0x7ffe06d59778
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:2
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:8
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3180 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:8
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1808,i,9476105210763322466,14322511046198724165,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3872

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:484

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
033b62f58ccccad47ff30e0985084fce

SHA1
13fc0e0f7b5afc38e5273cc63734eb05795cf50f

SHA256
c9ab03ab2e9bc7d77f711658687c9482d5b48ab34f3459b83c619638f8ccb55c

SHA512
b29cc09524e99e60f81aa643aa84a2e66a4976749cc346cfe01b30338998fc5cc52d30bcf99df4aae7a3b334464eb0b3f0fe25ae7199186e0f8b44c8e6966a25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
914B

MD5
7729c3776890e01be967acf001a6a9c4

SHA1
ad0eb3429bcbc370f54c871b6aa1785c39b42a24

SHA256
a38e44aac27428bafa3b04d58537f1be4768455f341267fabcd233e3bd90584a

SHA512
9745dd162e1753936bc188b7ecde5ae9fd759e7886926284c85e1d6e713fc7ece8804cea51bc21c73dae8213638c96da5a90f40e0e3fd921ee506d985c761bd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
437b11de15864fab1564926f03831e7f

SHA1
56e879a82c3de4b1460f979024516c4e4a4c87e1

SHA256
554420075c67dfa0ffd6deb1b98ee38e0ec1d816e5866250476d5a0424b2f82e

SHA512
5a106a7be2a0e2c7fcb3dadbddf0b2359714f70d6bafed3a204129f9b2898242b244c2f64aa055bd24cdca5cfae87a3f1a7829b841815c5ccc5475e9d88e032d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ecffcfa7868bb20dd1980112ee06120a

SHA1
a8196605ee9f1e1a9a871f1355bc68ce20f8c9f8

SHA256
0d7aa8348f9d71e4c9aa850d252687f7fd43812ff9a70710c93f7c35a325f028

SHA512
9657b32890fdfe1fe2aacc21e6276d5ee808888629f5dd7dde191e315df0ed7787fa85af24513d4148e7dd96873dff989a2069f17725eb48b39d3c6f6aef5d82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8823ff73d66df8e9c0055cd2735717c1

SHA1
f5401a07c59bb70cd3830dd8e937bd557ad3bc9b

SHA256
6b996d99166914614e683d9c9d065eeb02ba162b7ffa2efbbcc907eeede9a4f8

SHA512
753e1bcdb0cc04c46449d66a0b02804158a1f795e6268105bab04b9cab9e9a5793c4327a63bf02d9197f9063bd79add09174cc4eadfab5c02dfa8d410a59485e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
236fe61033a584c17ca8288952722cf9

SHA1
949106660e87cde97312ffedce5ef3ccf90c43c1

SHA256
e8e28c2cecf8c8e4a41d37e153f1e1b1a47369c9e91de2abec483bc19991f113

SHA512
f50b3f353383bdbad9ff532f2df8d52996b1bfc413794f3fbebb329adeff74cfb0184946c0a968d1bf6fb6b184e2cabf9050f91cf2dc1753e61d288edca087fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
802a22fe7170e78044169d723caddda2

SHA1
38d31cc12af03eba75dc47679ef4c80a35c01cf6

SHA256
b7496fce4d513cb731c36d36741f4dbb629b097f6bee572333a29c438776fb84

SHA512
ce1cd2a1dd1e46a87ebda39eb970b1634642be4a481d9f80d613f47a02ac9eb8cb970a85de160be71f967ac58486aeb65fd8ff437230668f6a8da4df7a8ee483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit