hxxps://playdede[.]to/

Analysis

max time kernel
26s
max time network
31s
platform
windows10-2004_x64
resource
win10v2004-20230220-es
resource tags

arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
21/04/2023, 22:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://playdede.to/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133265978407911611"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1675742406-747946869-1029867430-1000\{9145DA4E-54CD-4043-975F-D68FE976FAC3}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4960	chrome.exe
4960	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe

Suspicious use of AdjustPrivilegeToken 48 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe
Token: SeShutdownPrivilege	4960	chrome.exe
Token: SeCreatePagefilePrivilege	4960	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe
4960	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4960 wrote to memory of 2664	4960	chrome.exe	82
PID 4960 wrote to memory of 2664	4960	chrome.exe	82
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 932	4960	chrome.exe	84
PID 4960 wrote to memory of 2572	4960	chrome.exe	85
PID 4960 wrote to memory of 2572	4960	chrome.exe	85
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86
PID 4960 wrote to memory of 3720	4960	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://playdede.to/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfc349758,0x7ffcfc349768,0x7ffcfc349778
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:2
  2⤵
  PID:932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2168 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3208 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5124 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5576 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4852 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3952 --field-trial-handle=1820,i,12186429615056650094,8142303776828081291,131072 /prefetch:1
  2⤵
  PID:4036

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3764

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
263KB

MD5
3cb12db7c672b33735006480a455ec72

SHA1
d060e5996b3f7143755496cf2a06de5a59c283ce

SHA256
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049

SHA512
808598eed329f0bf3ae2800eb9d7346a16e23fb4ee0a4e80f61f7f6d41fff09b76cb33e4d21d5dd6768d010d361ae63760814e4076926093afa8edb21bc52326

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
26KB

MD5
7f8aa1f2bc14e58093cbed973afa8141

SHA1
88c27b380b4c903e6115b8625991a011182baa13

SHA256
e36f1580b12ec6922cff8b0e0fe1d4f4105b42a30d20c0888f50cf195d74f6e3

SHA512
77f282bf043af92e204b454a6f93fe0983e08a1e424695e1f5e1baf31999957e310efbbafbdab1b2c1de6eef5f7c4ca48ffb49e8a9254311c61b941429063928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
163KB

MD5
109e1354dcad59ff8d3e589dcc09299a

SHA1
bc2cf564c7967a59936c2074b78e124e17439c3a

SHA256
a9f34a49984f7a94c7a522a6d171e470701d34a4b630dcb7ae673e6cfaf2e5ae

SHA512
4a85f37ac35db60a44e729a0ee842e45172657c17c71022dfa73aed445106b833cdceccf94b1735737d5b9c06da8db19a6799186bbf742544c943a4b8de737ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
fdb0b5fd2c623acc28ca6dd63b094d6c

SHA1
81cfc8b62c88d5240d8c93449a5881477104ff7b

SHA256
1360d77c03a0e6968ea6a12335bfdd63fad814517e11b75aa275244bd12a8088

SHA512
7ca2f2d7f92532cb5da91a6eed254b8dd2cd350f04da4156e05d1fe8c71f3db59239f9250e40860c43b9eb1347e39920b4ec3793fb24dad6cc47993e0fdd9162

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c8374a91b62e39d65ceb1db86355ba3d

SHA1
9fd30e3a129d9b008dab1c8843e39910aa6b24bf

SHA256
eeb80c0e162a3d2b911a4deb09c0092fc7f5287e6eea5c944806a68eae87990f

SHA512
656d4f9d2990ed31d9563edaef804f98e4b1b9f856adec89833e21831a38f46c7a368cb3d86617437d626d87c2059a6455dda92e63c6b646f7ea129f40528ca0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4a04a6a9776d7e29457ea1744139dae5

SHA1
70c13db6d80aee38132daecf155a3ac0fb380ce9

SHA256
1e0bda6794429543649b320b236afaafc98c01f8ec118138512605ecb100e8cf

SHA512
14eec70459242ced8659a8b50ad2ea576442a04b9031a499b0f780c1cd65b72316151f46f66ca310473bae149e2164791fe77abaea02aaef30bab2ecf6de1cf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b742a3d435adea9277b57ad83ee1124c

SHA1
03a4921da142391aa9cd95901fadbde560115467

SHA256
f9529f7e562cf6fd1bb09631692ec9369fc77e2abb6d07d49c4fe4ef7d1e1ffb

SHA512
9228774a97a54f54e8e65b18fbd7a64a7c292aafce8c23d3449163fb040e8976f4d8ba5ccdd06d785bd4220cbdd584480e86757da46f3f0f6e649c0dce24dff3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
e349e2d40829ea00388bb3345402c398

SHA1
c8fe2acd111f7b657b9317a850d1892a8e3a12ee

SHA256
f8baa540bfd245d6a33c826db88e83f410500dc9c07bd2d0c8b5185f6f71d29d

SHA512
4c2cccda75ca7c379f4d587f38e93b220b7be9bc53bcdc32111dfb0b3925e9d574075f3ce5865c70b9a79a57a41353f127f687fb8b85cbee4a6ff3f0918c3088

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
7427aabbd834911c36ca6dcafa5aa043

SHA1
31ac846a0020c7ccc414580f164a6bb9d13f0a59

SHA256
473b23aa3a755505a740aa78095f2668034dc75e0cdf3f3dc97efff19c4afae4

SHA512
55e4fb137c4fc98043fabf04440b869269b4364e6aed98b57f468a2677dd424fb2f1c920e94f3cb8197e33ace8371d115b3f77591cb18ff6de7aaa40ea6d460e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit