07ae8ddd431ac5e4e9795cfc473b3a6eaf4c6e18b061596100fbe939cb1cd684

Resubmissions

31-05-2023 12:34

230531-prswaaeh97 6

31-05-2023 12:25

230531-plp77seh62 3

Analysis

max time kernel
1050s
max time network
1009s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
31-05-2023 12:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

canvas.png
Size

1.2MB
MD5

7650ab47305612ea2c56f6c465b8b036
SHA1

7e6cbc07f0424027a246e0bc2599b2953452188a
SHA256

07ae8ddd431ac5e4e9795cfc473b3a6eaf4c6e18b061596100fbe939cb1cd684
SHA512

40eb1f29f91cee415b6db6ffdf30f282e40bfb80f69a5ec71038ecd59642f2a7b88eff9b23d97754e06080e20a227718b8f1012a6a0fd7a5433b2aff7bae2f11
SSDEEP

24576:Z/Zv93IM5lu1tEKJ2SUdGH2eIKEg7YAbIFFZAnKNCAW+NKVNCKor0oYpVF7a9:1z4MzUtEKwGHN9PYAbIFZ6+s7CKoAoY6

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133300095502330514"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
3008	chrome.exe
3008	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe
Token: SeShutdownPrivilege	2308	chrome.exe
Token: SeCreatePagefilePrivilege	2308	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2308 wrote to memory of 1472	2308	chrome.exe	97
PID 2308 wrote to memory of 1472	2308	chrome.exe	97
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 1584	2308	chrome.exe	98
PID 2308 wrote to memory of 460	2308	chrome.exe	99
PID 2308 wrote to memory of 460	2308	chrome.exe	99
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100
PID 2308 wrote to memory of 1484	2308	chrome.exe	100

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\canvas.png
1⤵
PID:3280

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb42db9758,0x7ffb42db9768,0x7ffb42db9778
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:2
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4508 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4828 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4984 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5432 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5192 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5216 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4448 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4564 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4944 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5096 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4992 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4636 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5016 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1664 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4904 --field-trial-handle=1836,i,14800268195353275783,15387656757541845056,131072 /prefetch:8
  2⤵
  PID:996

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2192

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x500 0x33c
1⤵
PID:4212

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
51f7a32e1f064eabdafdbcfea2393c55

SHA1
1bf6a7eb6da9d6376945b28f23cde89f6c0c4206

SHA256
eba37448e6bea89cfa9ecbe7a5645e6a22451bf4310b34792258865157cea5d8

SHA512
e83041cb8c303955e39126d0fd750f1acd3e80ffa4724050943c0fa835d8679adbd5511f4c66eb3ed41906bc17adca551db294f04e998fdc1fca3b5cb5437b2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
20c6b5971086ea4b22b251c60957ac90

SHA1
9ccbf0f9bdeecf640876b9a94fb70135025e4000

SHA256
f5d676c69d945e622ca9b98b0ccf4284645ae39b4f54a1293758767a171ae0a9

SHA512
a08889340e43262cfd6bb9a7d104fe9b9abce8e252eb4318840934bc6f511d7cbe280ec23a5e75eca42329de0e6bb13d5566b4d7b932d74ee0fb185fbee914b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
751f23126dba2e0ba4d4bd582dce4e7b

SHA1
fb46942c885e604ea97faab0b634c8173ad006b2

SHA256
b3113fc146261ec44caab45da67ba72e8a1c4575abd68d426bb8f3e88f0b924f

SHA512
0e8dca6389486a0577abb286e985c5e6d65b0b9d80d2706aa409777920c0ddc583bc4e069afa712a40c246ce3d7e3d74240df8166c411d15c72fd6a9f5df76e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c0b04e0763f5dd3936fd98b0911ac510

SHA1
ea53fef6cd1a91d7e7eca4c975a357dfe78b3466

SHA256
99e3089e6223b3198b970c4acc2baca311efd07af851f59ea616e832de43e801

SHA512
3a96407a2e82f8b2a3c1e7696a4b2837f49d2368841d54298e58b6f32284a5c69bed6a1498ead3aaca49e4e426406874b227c9acb236742fc7ce01b0fad93302

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6b4d1a49d520976abcf8a405b96ba433

SHA1
855bcef6abe9c6f5f11b2f981cc2382476e199f3

SHA256
70f57eecdf7f3153c09ba56b840fb71a46455c014c0dad9382181605d65ca86c

SHA512
c61047367beecf176ba7f74baaa754131dd08dc59ea0371713f8cb01b20c129e3b1cb26f9e06d81ce15a09cbff4d7b297ea7c6b180ced7b85ae41533871e05dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
78ba7ed0692ce3ca69320173e0c62997

SHA1
58dfc6ebc9fd60eb1c35fcd5d7264095e6d93222

SHA256
7e17635c383097001b599420e1a977bdaaf69e8994e3c1fa10c1814a8de676c8

SHA512
8ae1e85ca9bdd28b6a350b568f67f9cbe7b3d6ef5e12635453c8a6ebbe17e6d43b49edd30a269f55a3cae03731a3464a97dcdc054185299d3b1a2057cb4afb13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6c262627db964939d9afbe6abaf53c37

SHA1
55ae75c48cb665650e3ef53c8b1a66e134a9bae9

SHA256
53bc984e0727bd7651b7c058531a6dd68c76db57061f5ba0cc67a7bda2484885

SHA512
1061e4d4dbd804ced71407455fb8e7bf4ad5174a83d43e43456db86fc4cf9e54c0a875347380459618e6346946825f173897fde64f34c7c7ad62994c05f9277f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
800e30e6b978ac189acfd6024d590e04

SHA1
ee3392d6414241013651b118ac9ccca3395fbae6

SHA256
c118f9905bf6793067cb05d9b31e3c220e979ab71a865ce917d35f34ee195be2

SHA512
cb8f2097f6a3912ab65713a2aed33014c6f8c4b3495157eaf83f2755ee61ed77aa039fe03d557b39ed855b346b29c59c7e4ae53afd947dc491d57ed843ef74f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
87bcf34e7050371f7e668d84f3b44eb5

SHA1
98a837697fc297d65ca6fcbe2e1b8a8ea2d2ead4

SHA256
a18fbbeb798b691eec82e04ab6ddf8ab8b166ae3db992d216ae696cd647bad33

SHA512
48477e7f186f39efea312f21b6784d136c32e21225c22ef3c17185abd9b7dc0ce0689cb33d7b9c47dc6df187f76c46c400ae23d8b9bb28b12ac4dcbc185f3948

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b7e3f6d3656b46dcf52acb95c2ab97ba

SHA1
2aca2253d503e34ddfbbd568f69b53a32e6ae36b

SHA256
8281990bfd544cd5693ecc2affac6244e0283e963f0f1054bee71d8a7ccc4e6f

SHA512
b513976ceffe869b54305c9d5de056b39db65b815d87e818e7c3a084b4aa0145509b072e0a240870ab33490c0046b2fcce7c4f6a5ed6adc583f0d27d10316a94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
09982c2bf0069d4fba2e1a475199d66f

SHA1
1b86c18edd08f3f93b6c4e3d8a7fbf23bd48d08d

SHA256
510ba3464a1da5aa16080d38578717daf910b4bf48fc914ce40fb68e03fab93b

SHA512
92c01597c7fdc7e719ee5f71b65d624d975906adedea9eb98636b01547f673830067346744df4a2dfe0b95c6fe940cf6fab85646820d74ffc4be70cd5fbb0afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
28410349d92793a644e687d12144beaa

SHA1
6d3e86f2e801fa11150a6d2c0079bac2c449d959

SHA256
709abe6e8875e5a53ba46dff0760d117dfd094d89d9d61dba22bb30b562682de

SHA512
1e20aee756ce6b77af45af06fc0a76661ddf0c8f94a88ee51935ec9c925f3716e978258f36bbad70345a2f055948288e02b3e5bd455ec82ed368b3dc1ff42bbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
eeb50e58830b686603cdc27ebb4b8c4f

SHA1
9f0061144222ab52c20a0947c96ea5a1b96c5bbd

SHA256
5c6dc22dc402a4352f4da6e4f1ec426d60ceac3dc8b18744e7d7108cb3bc607a

SHA512
dc382a6eda98c98106fa8eb0cc0e6bd64be4e9280792a2c3cd6e30f6be81374c7f5a923fc02aaae015abcf32ebfef288e25fd0a6a1edd73872b2dfd70c766ae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
70d0993052058f39ca9ad9ac8f6fbbea

SHA1
4479df008fa6fa32cba7c6b97a3ac043fe9ffb34

SHA256
6f478f7ca2a0d689c4778142bc31596946ff96103ce8b8f4e4f3ced3319bc949

SHA512
69e3ea7f54a961a29de2bdad539d09ebf5a682ee723eda2cf3d28644a06c93eb07e44f1387395dce05f62e3c6702c5b2dceb4dc1f6327ce690eed0750ebff80f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9b6e2e16296edf95793d277edd8771b3

SHA1
0682238699d9d8bf278dae8f9ada45c663a56fa1

SHA256
bbae01284fc4f6e630d0074d2bb6520ea079b0a011c949acb280db110249efc5

SHA512
ad22bbc9a6f1ce1d87b4fbcdb1f304921450420aad4e4fd05fd350e62b0564192664142e9f8e36824cb7ec4653a288456d2b94efea34ad0f20d2083d1f503b0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1130791fa81073fa01266049622c467c

SHA1
1d2af8a595fc89c0dbcd13d5deeba0f603ab7851

SHA256
48543be5747921e6ff624534aa77b22a67cce3e2e9a33cab599378e8f5a19ba0

SHA512
4bec15123944ebc6cb055e41430fc412c27f90f2c8c91d8d9a05f826f2357535c33ee8cbb10c54606932e9e3b47d6920acf854a7d452d74490723feae95d4ce1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e3cd93764ade67d0989a6e872a36ef6

SHA1
74d9bef6059a9b646ded7c63550dea8f813edd95

SHA256
20a4b6e70b22bbe1dc837382d67d72b5ea4eabbff04b83bb649d2e03520c0422

SHA512
beb9df814c651a483e87f5c5fbb1aa9a14ad88b4f27a0b89595321bfd4960013cd34c46156b4c19441512435c41f9dfd273e3113d49f91c8018eed742f2faade

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4db22b77966bb00ec3784c9c14f9c679

SHA1
926093aa367764e17d17803b6b53c9f212538c0f

SHA256
d1b3b691914a63c4f50ab3be841a959f2ae004147c78fcfe55b14cd8d1c30e71

SHA512
8a5ae356231fddc6964f82eff23a31a0d61ae6c9b0c1f6166164e5f818f20d6ebb4e573d3152fdfffb5e24f3ed4edbd4aa9de377bfe409620d8e39344945d0aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
c05235daef9cfea90a4394f4b642970c

SHA1
06cb695281c84018f928b7c2b24a4b01266bfe53

SHA256
9acb625c8f87bd141f9d3c85313a437dfcf2c80dadaca22a3ddcd946146c05e1

SHA512
affcc451fb1914518f782d7db2b0e21cbc92766ee97fb917017797319778adbab12ab25181133ec7f14ec3336a4eac99c852da88aa7b497614828463493bc77a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
9f3b31547a9f5bc2b9a360addfaa72c6

SHA1
ad8a1ff4a4eabccde31bebb4aef1c92b3f494cd2

SHA256
d1f71ce7dff1e8985efbc55cd5d65b9f68eb51023fbab713a6640c6005742afe

SHA512
b1857fb3460da72f60337615a874febea40314945743187fc69adde0046e71d2794dba72076b3a800571e525c29d74afac3ac0dc6f09089134e163f802307791

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d9e45e64618526d6af5a4d65ed2052c3

SHA1
c84782a30bbc17eb474c898992dd78e4a5123767

SHA256
30dd519b75e9f0da6feecd1c1599b24d783ae4fd048c431279e1aa726b3b9d99

SHA512
a258a3328d177c626df37f470940c5dda1e411e4dfce9855c62ecd4b7de177142ad409725de60c1704ddf55847ad98d59faa85864c7f2b8ac5599cd8609f1473

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
21c348e53ef038ac47842c99b36d8548

SHA1
1d5ace3ab28901d4d219989b0c11a75f38f81d39

SHA256
f17a8a697ef575049d01fb6e545b3f094220652950824a25523611eded60f810

SHA512
2ce2543f0fec07a41ef195d2ce8f54ee1ccb3af7d480b0798a818e02e776050b03795eaa2fcc6ccc18e737e4431c6e94c46833c0d01a7481d51aefd664dc3afd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c4134b240711dbb140cfb57f5618ea30

SHA1
6261151cce5ac5f926030aab223252cbfde41fca

SHA256
cbb085e73ba0da8542c6a9082c7fadf64fc1a1c3f2418b542c352103e8e754ae

SHA512
dd6ba3b51b97fc200925d56357c6d75918fcf40b5894309c7d80fdca6048ec19e3c4b7488acdf40d1dc0e08aba3eb09a95a86af6a3f790beb7a77e5b8ba64973

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
199ed71d6e67f1572f14051be4797da2

SHA1
b988d2d4b07abc6b0fff21a3cfb0612423a04ca6

SHA256
a830d1f0eeae5aca6e905ee139a451b738b6fecc62f1e0fb0176fdb93be155c5

SHA512
26b7ee815329011bc4792e1f8d6b7cf9cfbb93da06bea7f9dba86abeff01e3558e51674d5836be59ab02693934d72eb2a1273589c1c028bf580606111db2623a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5a1b4f6028d7f7cedb4259dd734b25b0

SHA1
456f9523d6a7acc73a67b3015249eec292724440

SHA256
6778c78b56549ebb38d93790e214684bb89aca897156d75a2075b32401104c43

SHA512
6971901fda37238982c8cb448b31fb02eac904ce0ff380103f50de06346930153c6d13d03263a27917b731db1b33860c1f4e1521229630a39b3a936b7ece70f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
5KB

MD5
78da8432dedf6c57004a027648ca62f3

SHA1
e98610f04b8f9f3a81b7c5c6f0c8f7b838bdf06c

SHA256
b8b61b8b2029e3cc5e2148619a9e8be866433eb178813c336bafe9ed14805278

SHA512
9ae17b7e281356c263b9ca56f753ccbba8813f5f3d1b1fc6c902ea772f551df3938d81b0ff82c8e65c1dfa0742214fbe26daff4e9b0b4c0d1c6881aff2d7ac45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
2KB

MD5
8e08e601a4e4fed1cf57c188da173699

SHA1
7ec2836b188633c298af909faf95477659d931fe

SHA256
04c33f5dce15ea28bd2182bfdc7ecd4d94e2e7ef795498d4e123fce4b6c06fe8

SHA512
740fde2a89ac7d686c4f891aedf02ce8baf02cf4de266a2fe6fbfe94e8f8c186eb45aa36761a93d8c0a15b2ba7355457c3fc0944626edba59963e7905112dcf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
3KB

MD5
4d3f83bba518f577fd1411fd42982772

SHA1
f8afa017951f4213fb8f249b80c2179681f0bedb

SHA256
0e1b68860084c77f779caaefd9e348104dcb41ebf513c50d67b31c4371fc14bc

SHA512
83948412ec454373c06bb8b9c0c61f57553786f35246d91870e529c4c073cf8097cbe765a444f5d7bec35058291e4db8fe86f89c1c36edf3b6f385dbc9f7af0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
2d6cf3130c64d69f579744c7c6c9591f

SHA1
ca09876d320587bfe9317e5959b33aecb1aa13cf

SHA256
4a5ef00f1d4a8c329f2ea129fecb08603d82c477d810c97aafe0870deae3f684

SHA512
d85f1f348eb533f1855c471c667e83605ebf136f2f3dffd7046ac879bd1d096e82076f7fb89339f67f3741f1bd2751fd586e190d068b160d31562c008393e349

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581bc0.TMP

Filesize
48B

MD5
ec5f5611e90314c0f534a2424405d1b9

SHA1
95b35461607377efe62ac1399c1c10bfb19eeb19

SHA256
89908d391e0db0cd02256d41fb2f12a73bb2f49df1cdea35416e13eb876040f1

SHA512
a3b394d0139aee6c5692309b8ee3828e78dc71647f7c0216e1dadfefba18f78d04baa715a45f1d3c85155ce6557cf4f75a0a1cff025c19dd58d378303e4e88da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
154KB

MD5
e52e9457d6ef1b80e29c3b8da0820913

SHA1
11df808a9d4139432b6efb9f886f3460c5e9e222

SHA256
adf0e1b6fdc619cc0306dbbae0a467e12f6246277fd65f9c8afc7d3dde45e392

SHA512
29b9321de6a2c54f89d66675d4687f0bcb991efffa398ddf1dc1d20bf564713e538d188f35dc2a92ad88e67c29f389f81a120b05879b15d661d64cdec9493100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
e1d7eb3e5652d1ad6421765c60857324

SHA1
d78a0fe293c9ac0e935f5fc2ce86767f6238214f

SHA256
d176624056e2a69c7d8b95db2bff04d368a1d82461a0ecd4e56ec2280ef51e94

SHA512
569e12ba6a68f8a4f576c23776c9ee2a19890569765e495a770e2f920427f8c1b65ae51d8d00eb340524dd712ff87686b9a1401f8046ea699b9f1d4550f4b478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5de1c7.TMP

Filesize
96KB

MD5
4650ded5b8a5b47686fea3bf7731f624

SHA1
74b1b8a86f65013495b7a756e0314bc21c11b363

SHA256
2f1a21b0dfef6d7ead2b63cd55312c88f417a9e758d829548da5658349f5346a

SHA512
b0c11ae8bab356650006edbfccb37bd95f1e1cb9d0e2fd79dbd4c1f4727fc3f501f557e2019abb5ea69cba46b1f7953dde93fa0a7309601b66acd20267e67616

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit