hxxp://www[.]osha[.]mddsz[.]gov[.]si/gradbenistvo/INDEX7361[.]HTM?option=com_content&task=view&id=4&Itemid=8

Analysis

max time kernel
600s
max time network
545s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
08-06-2023 05:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.osha.mddsz.gov.si/gradbenistvo/INDEX7361.HTM?option=com_content&task=view&id=4&Itemid=8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133306775279123671"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3944 chrome.exe
3944 chrome.exe
3352 chrome.exe
3352 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

3944 chrome.exe
3944 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3944 wrote to memory of 3040	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 3040	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 464	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 1068	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 1068	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe
PID 3944 wrote to memory of 4836	3944	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://www.osha.mddsz.gov.si/gradbenistvo/INDEX7361.HTM?option=com_content&task=view&id=4&Itemid=8
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3944

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7fff255d9758,0x7fff255d9768,0x7fff255d9778
2⤵
PID:3040

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:2
2⤵
PID:464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:8
2⤵
PID:1068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:8
2⤵
PID:4836

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:1
2⤵
PID:3780

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:1
2⤵
PID:928

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:8
2⤵
PID:2188

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:8
2⤵
PID:3484

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3804 --field-trial-handle=1820,i,6074298075405674377,10088806889920037796,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3352

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4708

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
168B

MD5
d69bcc30e3dea4383fc7195c0d210e05

SHA1
47adfbb24a3cc02fbc26eb5b10d543c1dd14df5f

SHA256
352e5ee6d44a596bd83898ef6f351c2829c0ecdedc2aadeef57f6e69d1497168

SHA512
e713fd3d0f03252851b494d6412a43e7a8f8764297354d82b142617fe3833c75c76a4f7cc9ca3caa9fa568dc8e43d6f970676e00d8487e132f2683235610f600

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
bf10aab4492beafe2037c9e31e8f2070

SHA1
e5ed624b22f8f24593ec57712d58cc5138ff6e8b

SHA256
994b29a21ccb5728f206223fdeebdf4081597ba604124f68843fb33413bf8553

SHA512
59beb293dfc602fc1255c14f89f1d59dee80885b8ca84fce021b94c6da1123c645b41ff6f99d115bb7d9bc35003f3d25d4f14ebdca579a6e89ff9442a0cd6351

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
7d6e8618cd50fb181a9cf95a2e1ea8f1

SHA1
559fc41bb7b96e491df6aa32d97f24db95029f7f

SHA256
ac2b353c3b2fbb5af66fb7b018a2b855dd69c808fb3ac518cebec68e45e4e547

SHA512
1cdee00a21387bd08f2edc115a12bb1c7d1139a87f1575d3e53e66f4cdd49d0495d637ebf1cf2293e13a4013a66c4c4d33b2c431af32bc5c6731493b126b0d70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
a50c7936735a352f310c5111d6fb16e9

SHA1
8e197ff466a3bf43e4827cf295c83cf87c042c9c

SHA256
ba719c978dec871657f230f8f4fb5be27e9af14af05e0ec66951f0c62f0d3d44

SHA512
130858ae8baa16a4b73f0a93463641799fec97a768ab85f38c3339e7a5be185f9b10609666ce6d6288312d42b4fdb31576e5b65c2f6fd8e24e948d29c4bf9025

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
00e752e231a6ffadb5f308fdedd14a7e

SHA1
2baa4dcf018a8282235857eda2c61255bb255df1

SHA256
3c6ee09d43203c6decdd03263e82626bf080ffebef99197071ebccc524024de6

SHA512
e1d76de1bffd06608f6b6f5cb4b1fa414812afc098ef461035cfa7ad52e80751ea1577d1f21acd2bd9a7ab834224e03b201d96ed44651824fa07cd9ec1a030bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
f060977f554ad34536e249bbb1943ae2

SHA1
f514be8f0be302c81317f88987495f0c40be9a70

SHA256
3cfc802c9cec9d18ba9e03830f37bd6d5703084c3df09c25c5db47bc500ab456

SHA512
26210b99360ce543046c5a7fdd45766aaf24a51f4b537af47f200f82ef4cb25d2233b91b0dcc08a38f48e1df96f2d3abfac4dcc3deea69bfd77e9c7c90cb8726

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
ae5673adecc46f95e2f7279d83c1929a

SHA1
e16f66bc78e18049efd823ba69668a250fc18d51

SHA256
75f6668d032a9297d770dcb0e889c05a2a98c0d2c1ed776821a5bfcc254e6f27

SHA512
2e31c6b0946fdf5378b2b6add4b7935bb49be2fa875a34ecb8f536f50f7f4e188570cadb5f839dd7518a86a6ddf437f750f24568b37edeffd01199619681c87e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
158KB

MD5
e6a237a07439ecb93c72fa29d9bbca0a

SHA1
0fd9c557c2c8a5370ee56ab4669dc67d99182390

SHA256
b05062b5fb74ed33115f2310f52c908f1c4d02bd0b64866edbb0cbd525ed946b

SHA512
fc014d1bd4336f5e7c5e4c341975f7382e5e79be463cebd5c906eb2beeddbb6cdbc7662f81bd73bc5e062f7d5745ffa50331ef803d2fc9f9f5e1da310819f012

Download Submit
\??\pipe\crashpad_3944_QNBKXXNVGFPBXBXW
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit