02e42bc73cd8a5070b67276a2630a542d815a9369749f88933e811b511b5f5b4

Analysis

max time kernel
359s
max time network
326s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
19/04/2023, 12:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

755561590996d29vbi5zaWV3aG9uZ0ByZWNyb24uY29tRIYTIUfixedKUkY4aBtawRyfiibmxgen-pagex-ifetchxwoon.siewhongisecuredxrecron.html
Size

5KB
MD5

20c62e57709c9839b0006fd503904916
SHA1

ddbf8803046eba862f1808a6be3f424647750c44
SHA256

02e42bc73cd8a5070b67276a2630a542d815a9369749f88933e811b511b5f5b4
SHA512

8d1de6118328358d603fbc439aef2dd29b6a6e8d43ec9bfb453af7b810e1bd9e16da9e71e6fabca142e1ae2416112bfda9e85d81d415c26d2beba17253ce17aa
SSDEEP

96:FOlS8IgxcY0/qHArjAaP0uqviKWhADZE5U6NtCbVlR0wDy9tnqF8aTr:FOl6gxgTr0dviKYq4U6ebVTFeiH

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133263797627624264"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
2736	chrome.exe
2736	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 1328	4616	chrome.exe	86
PID 4616 wrote to memory of 1328	4616	chrome.exe	86
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 264	4616	chrome.exe	87
PID 4616 wrote to memory of 4672	4616	chrome.exe	88
PID 4616 wrote to memory of 4672	4616	chrome.exe	88
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89
PID 4616 wrote to memory of 3192	4616	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\755561590996d29vbi5zaWV3aG9uZ0ByZWNyb24uY29tRIYTIUfixedKUkY4aBtawRyfiibmxgen-pagex-ifetchxwoon.siewhongisecuredxrecron.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff87f649758,0x7ff87f649768,0x7ff87f649778
  2⤵
  PID:1328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:2
  2⤵
  PID:264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:8
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3240 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3212 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3668 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=744 --field-trial-handle=1860,i,10033587591984036551,16105064447316556590,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2736

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3284

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
7e7cb6f70cb8837961a6eb67c2662b62

SHA1
73eee220af9e8c2bb2620aae9ccc419b24f25a67

SHA256
a7c4ad7f3c198d582f0ceecb015e154739de1ac6732788b4df988955ba5986ae

SHA512
84dc4c419982fc620aee88e268efa676b4cc2bf7b0ffd9e4bfe53033d4c373a88d6520154ee52862ead955f2657a07689d06fffc121dc13796d9a0eae7e66515

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2e5e153890aa507f9746586bcff4a770

SHA1
0538fd4101dffaca7487b4a54d39c05a23f5e929

SHA256
1945f780520ad35f50d407979148a43a362a4ad1b476e08f267c4ced89942af9

SHA512
fa12350e812b6e8bed8f1fecdc26e664166452a65d5c6c5036e16fcf4e838dfaad079b4f6423ea2c07164e0a09652fb73a91cd8877fad459323a15e266eb7698

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
346bd83ad7ae9247672edaf81f5f987e

SHA1
b8c7b066c577fb4b0ca75030b02311c2d95abb1d

SHA256
15945e51f092ff5e350f0b3c1fac822dc6197d5996e1f3092b589931f88d9011

SHA512
67fb2a25e92e33430a4f3d78fca952035d033b15aa4cdf447875e7676cb9c28c7ef5c2be6f52da583494168d994c80985bd5c454ea03185a3df2eb31a08e24f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
39a4ed18dda231b94da079abe7a60691

SHA1
629b45c79042a0aff14c40ab0742f825b368fbc9

SHA256
4ab34524acb8acae70701f7bc2d6ecac442450520ac40529f695f1edb7d184ba

SHA512
24808e8ae80c96ffbc00cc735e5c7ad222aa81e8ff3920b9ac9167e073d4a27e525f09fb98f800c2e3c48b42615feadb314f9dad561f3c37040d230ed7db8747

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5a6ff07527a9222ce83ed4f5fe6a9b9b

SHA1
47b0e9589dc8d6e31f50c4c72e7bc3066ed1dfd4

SHA256
7659304ef8ad9ecdc906a5b7ccda2e6a8c2d37438540f5dd9cf5691a9aafe60f

SHA512
b3432eb212a98a56861f9790d44698dd6705a5ec3fcc33a98c0a70130a63341ea947eaf73f5a94e2b5ed88fd7e69247ec21974cb76f87c01c5d5320502a575bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8cc80d600638d815d0c0ebae9a1d39f3

SHA1
5e632dd64181f92254140c229edc4f9676c95472

SHA256
a5776b8e0a75aaf78a9afcdae0ebf0dad7eb13f8f4164946f939932cdb78e428

SHA512
9f499769d8f4fb843223a49fd8997e75d90647d49249a7e87b6c447f665c182c336a850819cae3825299e36fc1095137159bddccf09431e6f50688dcbfb9b1c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
e41e7beb5063231a88f9b682c7d32869

SHA1
7dfcbfa51c98b2189034c3fb2ae43a1b9436510e

SHA256
bceecf0f29f6515899ace16a84d5004e45cf547530e8fac30c1d1edc3870e6ac

SHA512
f256d19f73dac83e569a411c593364915014716e57e356b6dc5f2e17625d695d641a02f07803b72758276a5511111f7a7454f2f6099f2b20158ae042813db700

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e8ba053c-2aa2-4700-8b4f-067a6843c776.tmp

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit