hxxps://www[.]artistapirata[.]com/adobe-photoshop-cc-2023-v24-win-mac/

Analysis

max time kernel
139s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18/05/2023, 16:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.artistapirata.com/adobe-photoshop-cc-2023-v24-win-mac/

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.artistapirata.com\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "66"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\Total = "87"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "8"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000675316f82fdac74aa8f3bd7995064a9700000000020000000000106600000001000020000000d41857732adb53f86e516d21a90e099bd389d375c8b5f80ad224d72d8f5553a3000000000e8000000002000020000000efde410f8c57ab65fcfe3605c471ab85e27e53d58f053efcb94d7dab7f84e26620000000141bdf2998668db7f9c63aa3dd5fe2b04e0419c5fe337f60d5566ae20c209f404000000016ccf2b3abc5b3f968d1d8afa90aa0b94c7f99c765375e96fc9b2f9990fb7e6db99c956cd1cf9c6332ba5d0afc763bd4d9bd3553e1bf1f233c71c5c3ff6f271b	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{A3730C77-F5AD-11ED-ABF7-6201C35E5273} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "391201139"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "59"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\Total = "43"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31033786"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "45"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\artistapirata.com\Total = "45"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\artistapirata.com\Total = "6"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DOMStorage\disqus.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "43"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2017835347"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31033786"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000675316f82fdac74aa8f3bd7995064a9700000000020000000000106600000001000020000000f6229f70214e75c9556ea888e2c0b27f92cbc0ccab70c5e79c7a943a3fe23ec8000000000e8000000002000020000000902fa8eebe58a3e6db31926bf43848cbd43609ab3f4a3aeaaa67dc5b526dee7d2000000098203ebb2e588e2b72deebe406f8432c7291e67f3f4bc4d8de4103c998c5e2d340000000555ded92af88fcca8106e00a29d3f94519ad15fc7ae41916374fbba232ea54c2230dc48e6db21eb0aafaddfdc4b20eeed2635f56112435d323001d373e876552	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "32"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.artistapirata.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "30"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\artistapirata.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31033786"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c09fc77cba89d901	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "6"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "69"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\accounts.google.com\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "87"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f01bb27cba89d901	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "14"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\Total = "24"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2031116324"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\artistapirata.com\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\disqus.com\ = "18"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "111"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.artistapirata.com\ = "45"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Software\Microsoft\Internet Explorer\DOMStorage\artistapirata.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2017835347"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4556	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
4556	iexplore.exe
4556	iexplore.exe
4188	IEXPLORE.EXE
4188	IEXPLORE.EXE
4188	IEXPLORE.EXE
4188	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4556 wrote to memory of 4188	4556	iexplore.exe	84
PID 4556 wrote to memory of 4188	4556	iexplore.exe	84
PID 4556 wrote to memory of 4188	4556	iexplore.exe	84

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.artistapirata.com/adobe-photoshop-cc-2023-v24-win-mac/
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4556
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4556 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:4188

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
471B

MD5
144335f0965ff761e7a2defeed1a8a59

SHA1
6ec775e40f66b2c8520f2a39967a6cb1ef2321d3

SHA256
b96e3e4f61804f99f9924fd096b6e77445ed82675da23ad1c77c692a43e3b041

SHA512
f308b81d72b48875b1f22d994bf9f6f43999807983b667143abe572d041831c3dd1a14e50a25036799bde787a615bb8a0d9fa3fc3420c0b48c11e1c90f133d5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
434B

MD5
0d1743f9183a0afb55db7093ead55e61

SHA1
13936188c098dc6978a066ecf7bd2bfe0d3ad319

SHA256
e9e7e849ba13829d4d98281192e1454de6b90138759523c4f55e9fb1610276ae

SHA512
ee8a7c2a35bae811a4b2f6ac056b5137ea3be5444208666878b7b2327570ad6a307c300459db6a1b264828eccdafc84658f676124c4f4fbbf32fccd0d4c9017b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\0WGE1YVS\www.artistapirata[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8CWFM2HV\disqus[1].xml

Filesize
17B

MD5
3ff4d575d1d04c3b54f67a6310f2fc95

SHA1
1308937c1a46e6c331d5456bcd4b2182dc444040

SHA256
021a5868b6c9e8beba07848ba30586c693f87ac02ee2ccaa0f26b7163c0c6b44

SHA512
2b26501c4bf86ed66e941735c49ac445d683ad49ed94c5d87cc96228081ae2c8f4a8f44a2a5276b9f4b0962decfce6b9eeee38e42262ce8d865d5df0df7ec3d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8CWFM2HV\disqus[1].xml

Filesize
323B

MD5
a89d962d2e61d989d3caac11c809e229

SHA1
37e2b40280c950901e6125b061ed0c55efb60e24

SHA256
3038f0501ceec2ba49225b676c177d11628281770d24535373bcf4308d773283

SHA512
71415ffc480dbab0481122de50e363ef3e9f4f552c5bf86b52864c0fa493ac43946801d54c0ae3d12d259039f714355ef7680828fac4b8ccf86b8ba6b29449bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dcpq11e\imagestore.dat

Filesize
1KB

MD5
94fa024649035b770c68f3b4aa21a4cc

SHA1
a55462e91a4f711a41243c5c5b59980526dfec88

SHA256
1d32fdac40a8b6e3147fb926e94d429af361af07021899bf2336c4f01bd4e8a4

SHA512
1fc5c633dd2b082349eb09ea801d515b14f893f1a98ef30a7ff8c36d17de9b42ea3a80b1383bd234fed47f3317d275591100452087e6ea4eb70fe0e89492970d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\cropped-favicon-artista-32x32[1].png

Filesize
1KB

MD5
5f26465e500ca32110cb906aabb53749

SHA1
b530a1536e1384ba2a1c20a8fb023340e4f0442d

SHA256
5c13ce06629de688dc99bc96ddb686e7edeabb56ac0126c1248d98547f624713

SHA512
dc42c730e575f3e8bbe8249441e32509c640e867020f9314e2bea6acb45694c73bcbd8b0121c73913b4ddcf5901a7e585632e2a5b58645487f0923730ad88b3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4HAJQ22Y\realtime.b23ff3c36dd0169627f8e54ca1621eca[1].css

Filesize
337B

MD5
23160ce2574c610ecb597f18fa8236b4

SHA1
de6a70e48d7864a9218c1a9ad5930c2a081336e4

SHA256
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

SHA512
433adf82e7ebd7f0a1509498d012b5cea752ee1ea901dc568a566b08c06a93d3132307f2793c8a7e225142058a0574617971533c5229ada3143000d4a89f1a65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\gen[2].htm

Filesize
5KB

MD5
67fdae1a560abcdfbbf23afd209daf62

SHA1
82e2e7f7088f86957dd5ad484f94ca317eff59df

SHA256
3c8a0c8c5ff667625a6aa25cec33e4e964fd72e75acf6c6243404f9e0f9c6776

SHA512
9781e12f62658ffb545678ee4fcc95e837b62450d8264c9dcd35ba50d1f9643577493ea10bdeb82b81406cce38c0f8bc39af0fc90b67eee8eb7b435d30aa4282

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit