hxxps://t[.]co/eL1I7GicEH

Analysis

max time kernel
120s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
24/04/2023, 08:15

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://t.co/eL1I7GicEH

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133268049400426816"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1640 wrote to memory of 4696	1640	chrome.exe	84
PID 1640 wrote to memory of 4696	1640	chrome.exe	84
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 2404	1640	chrome.exe	86
PID 1640 wrote to memory of 1872	1640	chrome.exe	87
PID 1640 wrote to memory of 1872	1640	chrome.exe	87
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88
PID 1640 wrote to memory of 264	1640	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://t.co/eL1I7GicEH
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa7b0a9758,0x7ffa7b0a9768,0x7ffa7b0a9778
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:2
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:8
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:8
  2⤵
  PID:264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3212 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:1
  2⤵
  PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3204 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4540 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3240 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:8
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1100 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4896 --field-trial-handle=1832,i,9005265043825978226,18376643362971542147,131072 /prefetch:1
  2⤵
  PID:1940

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4384

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\67b0aae9-2393-46ef-b1c3-6f4a720c30de.tmp

Filesize
7KB

MD5
e4aa574c2f1401600e863aa9fa7a4e57

SHA1
b5b2edd8f415bcdaf4f48ab2db2ebc49f3214240

SHA256
de13ba0dea23e7499a3c8f4a3dc7b19021914cd72f0653e0623aa1a563c3ac52

SHA512
30aece06047b971af3688a27eba6ac56a2e0ae1d39e13ae9576244a23ecf0fd27e919b6a34cbb7472fdd7352d1c65772d1e97be16f78b823ac05b2347c2441e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
8e26740df153bcaa779c9c43147f0adc

SHA1
bb39b2d44e03b613ae4f0eae409281e9a0e3211b

SHA256
ec872360b4958d7197abad5428d8a5f94f146dce614a87cc2433035ec8db2a95

SHA512
64bb1fade67e9da662276638d1df75f4e88ce7b57aa764f36c4c333cfd480d6882dc203f5af3261cd344dc6a82e29d60c2df66b518fc77aaa979522a74eea544

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a741b977d4b0776c2e432f8223e5d673

SHA1
6005073695fd49c80175812d68281189b43909fe

SHA256
fdf205e2f92ba37ce9f0be4fa7383ed3db91727e4cf56a69a73a3fd7fbbaa8e4

SHA512
9d66ed5ddddb4c026cdd269e16df4c8ed2294c8fa619745cc0cbb42d8c429afe0787c6ce44d12d0555e456d25d7addf89ae123ba3ade82d92c40fb7d655b7a1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
e357eb60b26554451cdc10a97611c363

SHA1
6feea06c01899863b68cf967ba70463e105390e7

SHA256
797276bd13b35aa7da74c93a57e8ec83e3c4b44717d662604f45ebca72b2885b

SHA512
c134c55fb71b3e2d990aa8bb861da66e6400c6e7734376bf998554cba05a687685d143fe078c75c577b6eec28f1dd00f3d4da99e7c29fc872ff913a2c975eb11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
488c00265582a867a8a9a962a59738b9

SHA1
7b723be860e59a2fe255a0ae5d2eb5e22e071603

SHA256
4c0e5df57db0d3a11cb6265400266c99daa45ef3851a4fa1ac139129390e055c

SHA512
f833d378645360d79622c54565ec1f8ef48907e1999c902c664593f2c38c737961899a3657918beaf62887680be86188686c89a229740c1d3c7bce36c35f5943

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
84ccbdcc0672fe9de1aa26c5938fcb0a

SHA1
f432a8623498189106eaa32622b311a5c5b9a53a

SHA256
8353845e20f931fa9be84a310138a28ae8e996f8d424dd649385bdd0b68b8b55

SHA512
e5842e23d1fa0e14299878548deb2eecfd30d6d5a847cf44e18d78f265a92d216b4aa2e6c01c9343c0abb79645bc01968f3ed0f5fd5f1f180980113ea4aef54f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
201KB

MD5
31dcffcbe8430743eb7d30fc64d23dbc

SHA1
d8717f19c9e07e2c944ca7640152e5eb1edb412e

SHA256
5df4c094ce08b9f5debc464ff57369ebdaccc3e078db179937edb1cbd583654b

SHA512
06c31f1d88e0684ab84fa21fad2428d469204b24f70a4b26e7f510cefacf6958c43b167dca8d976c425d4e66dfab70d45c937700b58af3560c8d73c0bff5d863

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
201KB

MD5
2c45084a2f734a7eafe77be7bf033ca3

SHA1
2d2099eaee567d5449950710acd089b2f2723fac

SHA256
f6801b263b8b313c6b93026d57ae41cb41b31dfc4e306f65c434a1c27cb0cdef

SHA512
10e7ec0e882aca59c92390c00818fc7e29f7f1f0b5cbb0545e74a73cc6fa3cd4af9ab9503a867c780e5778ad6041653ddf56da058eb1f43ca85fac276642c136

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit