hxxp://xmuurk[.]net

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
26/06/2023, 19:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://xmuurk.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133322819592884731"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1332	chrome.exe
1332	chrome.exe
4072	chrome.exe
4072	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1332	chrome.exe
1332	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe
Token: SeShutdownPrivilege	1332	chrome.exe
Token: SeCreatePagefilePrivilege	1332	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe
1332	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1332 wrote to memory of 2388	1332	chrome.exe	84
PID 1332 wrote to memory of 2388	1332	chrome.exe	84
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 5012	1332	chrome.exe	85
PID 1332 wrote to memory of 1828	1332	chrome.exe	86
PID 1332 wrote to memory of 1828	1332	chrome.exe	86
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87
PID 1332 wrote to memory of 3528	1332	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://xmuurk.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7fffde0c9758,0x7fffde0c9768,0x7fffde0c9778
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:2
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4792 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2788 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4904 --field-trial-handle=1792,i,13669207670147538304,16167282789421422224,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4072

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3764

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6705bf9a655fb0e4152753542759dbf6

SHA1
2466ead29b9c0d343f5825287328f31254cb2e52

SHA256
816672be9bc2dfa054edf2b1432dcef1726813a9dd48c3cce760611e5d987972

SHA512
18e4e9db6eabf3197b90f6f774a7dd60fa21b667db650193a4f22e436230a9497b854c2a6189961bc02ae5f72eb6dab8dcf95df6ecbb173b6f65f32ebcd2850e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a27aa8ff7849bdb270fe413330b8341d

SHA1
de405d9661fb85674d3dbbaeaa2986cd5dc670bf

SHA256
ea42f3de8d6f77768e7a75b77a80a54e550e7042322bbb74880c98ea85dda2ff

SHA512
24e9750c8403d41788bfac2e55132dd16687b183181d3218696bade1babe802599cf131a96e6cd25c3fc71872139a916225d36d99da23ab026a3412b52e7740f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7bf4bc968709f945648920a5252a7712

SHA1
9fe20a778349ef4d159f08a2c380792575391769

SHA256
4c1c82e44c54ad061f389bfa985f03dcc5e157eb736616abbfaad87b19692017

SHA512
839c7249c7bd16cbb91d79c27d6402a8644e7a4c4f42b2050742217adb27f1bb4b1a3a4d77b96e1567ddf0f5ad7c6b16d4b1cf235605484d1102a4fefe31526d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
7ab55377ba805163b3416664923aa582

SHA1
7125916bbf6325b7895a762450905dcfe97280e9

SHA256
a112c33096c0464762e001c556ee46ae8e963aeb0df032822553398021ea71f3

SHA512
6a2c53136412de1dba1f4870b347e3a23a15171045f0e7ea53f1b59b4b77edc5824ab4dc5b7656e9b4417de9e86174e322bde7d971702e77942cbe61fa17d9b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
6dccd6ba5f555734afbc0053dbdf4c50

SHA1
52b572bb037c643d1a1fc2605d99ffe44f592a58

SHA256
c7b6edcc72157182ce0607258774b5f90b4b5b1ae4f0031ea8ce3e53a39329c5

SHA512
cfd30c38ed23dd45778e31d8f1c726933d619420a3115a99e337214fc4516e44564413171f76c9b7e6053465acb7240193815a465b35544d884e46826f2fa5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
0a3b6e6f814e71512a5b9ca589627616

SHA1
299bc4dc065bcab0fa93b8ed97799766e93df512

SHA256
01ce35e8e254e88c73e4ca45ec66205fca0639fae2d87f2b3ea6c1a3fb2a4f8b

SHA512
5ac224b13f023606098d6f047b322edc1ad3b67c5b290195146e501c5cda57161a395fd9c27e2b4ce9c2b85ea161904442367403c956c88c7309d1acc626e8ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe575c49.TMP

Filesize
96KB

MD5
8f1582c9e682467afd7c96c0e0249b59

SHA1
e9b3c8bf1d57af0cdeeefbfc949f77c3d8b183c8

SHA256
8b2687cd58ff99825631d5f1dc0798e84bbcd4f58803eee2e551eec845faf64b

SHA512
0ee0348a0eeb9e99de75956fb787a5ff1aba42ae62b8beb768cd81a35883bd01d57192ee7b8b6c4800a6319647958ad8002c1a64a087fd3a968a6acc0f8196ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit