hxxps://customervoice[.]microsoft[.]com/Pages/ResponsePage[.]aspx?amp;ab=V0llUjJNS1NEazZIMDRlQXhzR3JMY3JjNmllb1YT2rVVRRwdpa4K4wRXtdQ2SkZxQ1JIdlhsZm9yaFVOVkJCV1ZCYVJUTmFWMWsyUjFsT1T2rVVRRwdpa4K4wRXtdQUwSldWRUpCUzA5RlRDNHU=&id=WIeR2MKSDk6H04eAxsGrLcrc6ieoV6JFqCRHvXlforhUNVBBWVBaRTNaV1k2R1lOU0JWVEJBS09FTC4u

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
30/05/2023, 13:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://customervoice.microsoft.com/Pages/ResponsePage.aspx?amp;ab=V0llUjJNS1NEazZIMDRlQXhzR3JMY3JjNmllb1YT2rVVRRwdpa4K4wRXtdQ2SkZxQ1JIdlhsZm9yaFVOVkJCV1ZCYVJUTmFWMWsyUjFsT1T2rVVRRwdpa4K4wRXtdQUwSldWRUpCUzA5RlRDNHU=&id=WIeR2MKSDk6H04eAxsGrLcrc6ieoV6JFqCRHvXlforhUNVBBWVBaRTNaV1k2R1lOU0JWVEJBS09FTC4u

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133299278615925183"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
3408	chrome.exe
3408	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4892 wrote to memory of 1884	4892	chrome.exe	84
PID 4892 wrote to memory of 1884	4892	chrome.exe	84
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2096	4892	chrome.exe	85
PID 4892 wrote to memory of 2116	4892	chrome.exe	86
PID 4892 wrote to memory of 2116	4892	chrome.exe	86
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87
PID 4892 wrote to memory of 220	4892	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://customervoice.microsoft.com/Pages/ResponsePage.aspx?amp;ab=V0llUjJNS1NEazZIMDRlQXhzR3JMY3JjNmllb1YT2rVVRRwdpa4K4wRXtdQ2SkZxQ1JIdlhsZm9yaFVOVkJCV1ZCYVJUTmFWMWsyUjFsT1T2rVVRRwdpa4K4wRXtdQUwSldWRUpCUzA5RlRDNHU=&id=WIeR2MKSDk6H04eAxsGrLcrc6ieoV6JFqCRHvXlforhUNVBBWVBaRTNaV1k2R1lOU0JWVEJBS09FTC4u
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff87f5c9758,0x7ff87f5c9768,0x7ff87f5c9778
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:2
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:8
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:8
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3200 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:1
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3204 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:8
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1812,i,2364668547962696412,15716525210939352003,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3408

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3716

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
8b0a8c3c52ee7bbb475abb97e0956d13

SHA1
1ef31a937c948db968c050fbd83f3908e41e9f18

SHA256
4fc552f36d424ab7791576608a99054b9a50094b443a2fb34a7987b1f82fd864

SHA512
280bb45bc932d23ac212f904deba931aef80c693683797b984ecd2655fb4a666a3fffe471e16d411f0ac556b77ba5a1d4e703034107fc325e22426c5cdf57067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
934B

MD5
267164ccd76f5c08d28926f37f7350b3

SHA1
d53a9f97ff3f553a117c1b1dcd288b5e06118145

SHA256
50379f16a75c39bef5a6f4a4fc8b205ff9a2cfc563199844f93e4b651c8d70ca

SHA512
ce374d8b6ec35a29807be850565370c2bae0541c8317ade977d4399f2db2f8344d220341d054d925b8a1390c0b78f3cee4fbaf3625595121964bba87c4c9d7ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
9385a9355355bf1b07b5331dcef5d7ef

SHA1
fbb02a8b22c488322daf5092ccd85c8500a4ac10

SHA256
137cb61b7ff1277864676d881be1e9c06c0b271a13f72b827474c1cc9c0338ba

SHA512
1298c518fe49ac72adb376729cfca8a327d7e170a6ebd96f245f6870302b76d15e3d35fe346215d8c1390acfb1089014b348f3d04c263e3b8b628c424249c3a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7076b50eb1f6b511be6c91fa75cc5112

SHA1
5b9fe511ad7bccfefaf3d276485b46af6e6f3889

SHA256
f17d1e56470e61dd4930a436477da456373f532307972884612e9fb5157b79ee

SHA512
b13870aaf6bd1eebdad27b92194e3bfb0125bd7b280ec10d860af7f5c51ba13fd9cca0109158680f4b0fe14465c0bdf1be214ad365442e6e46aaaf081c6a522e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
90f93ecbaf0f8bc63f954810f2e2817b

SHA1
a2cef2c6e0d826a0474c4ef7855b4f952f25b499

SHA256
f9699273d5404b9edc59c3ddfcb0b7ead41dda8f1206fcb7d7955fe72fb889c2

SHA512
8b90d0b61bd701347589eab81d6699913d4d8553ca7d17506fef0ab1faa2f635b3176ae4c54178e2df31819d4e063d5281a064563583249cd295f9d4c816cd96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ae59139c63a88d595b1163e15940db8d

SHA1
d419c3ffe78d582777bc9116cc28b5c13f87c297

SHA256
7eebcb79a8a621cd4f3217344ab5386291f6e6adc6bade09028d6de38da1d442

SHA512
1351059157bffe9d527d3d846157218b548bdbb7fe7afe6a6518d25d41cdfc6d4fd6cb8c7ea0dea4b2ab876de0532ec21517d043e2bb3399645e61bdaa6db6c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
154KB

MD5
bab1683247bec4b15337f7e9f62eb578

SHA1
3d4455d031f5da9b19927f2683bafdd852dcbcb3

SHA256
5cb7b69498382aa3ca9bc0afaafa2599ce07caf0b78f4196a301884f8126628d

SHA512
f4b0a1e28c55b9144677c0067052fccfb815fb3dc8c08197576f7ef626c5a3c02ede2aed46b4d933cb153b8b16abd661f92e6cf7fb1fea6304e5a16c7422761f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit