hxxp://fegsbatak[.]uno

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2023, 01:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://fegsbatak.uno

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133332517192487559"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe
Token: SeShutdownPrivilege	876	chrome.exe
Token: SeCreatePagefilePrivilege	876	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 876 wrote to memory of 2632	876	chrome.exe	22
PID 876 wrote to memory of 2632	876	chrome.exe	22
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 880	876	chrome.exe	88
PID 876 wrote to memory of 4956	876	chrome.exe	89
PID 876 wrote to memory of 4956	876	chrome.exe	89
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90
PID 876 wrote to memory of 4784	876	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://fegsbatak.uno
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3d529758,0x7ffa3d529768,0x7ffa3d529778
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:2
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:4956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4084 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4816 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5012 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:8
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2376 --field-trial-handle=1904,i,9176072733633631585,4938541960346816253,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2068

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:556

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ed4ee19d98b9d1b30ed6617428c78f5c

SHA1
d13da6462af76e2ea21f4f420ec59fcae620e5ae

SHA256
2042b227bd511cabb42621d325db4a55ee80e5a0165077c1f1f9b0ff78140878

SHA512
dcb5fc81bbc8eeace97a0fe84e72dac9db802b39ad0c09a7898c1f5304e9770dce6d2a73466cd3ee5f35a9b6cdf65ec969b4915a12fe4a7a369527621e048cc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d2ef8a7e402ec05616a014186d304f80

SHA1
bbb8880a13f660f88bd4ce5fdb43290423fef3a6

SHA256
5912a2bee56baf1392e92016706a26fb39d82322c4e4d4be643a524dab3079a5

SHA512
c6b0a4b6e3e7fe25e4460ea7fec798d687d103725f32a29056e622db4bac803c8f482e821116c83b2995b473a5d27496fa70f3c256c55d5f1e9991926fbc1773

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e1d20e10f8d0fcc6b1f4efb3a335102a

SHA1
172e84a21243cf9c11466e20bbe401ec4ca6e05b

SHA256
eaa0f2f0c252bc6e65c4e6a411ea3f448d94c2e5b513d9e20d96631be1b8162b

SHA512
defdb9217c5527429f28ba4c6cc685416407e89a0e56f04ed13126c475fd6c1c1dbd2abeb9529061254639d937f3c72d6e53d91cb7903bfe10009a42623b3f3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
58f80b3b983de0d67e9b7be46f0d2078

SHA1
c16c8a24f91ad55d01f6d1d7d5a0c3a0643a7631

SHA256
60116db70efd3cb2d72483d68f266f758d6c2eeb635aa585ec15af17af2dc63a

SHA512
ff00aa44c1349a23b496ba37dd29dcfdbc0918a395b6b62f72e14f8b026ce2de53ef07d45e4ab754f647c67b29fe6cafc135fd65b5e9cdc3b971864a9bc5329a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
f197dfa5fa15521dd46e8898543bcaf6

SHA1
f2d8c52a693140e4903cc745d81a21e2142681ea

SHA256
a4ddd3ec5d0940fb1ba4789c2c56295f71f88c327388a9f4e449dfb99ec4d265

SHA512
0f6ce66c9d55306cb1a876e46251337ea799082671576de4a9f0ecc8f7d60ef27a4d417a900de913043a5720c1ea015c7c8bd4098ba611e56827539eb0be058e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
197KB

MD5
80d072d3a03ac3df1f7719edcc049c6f

SHA1
220d7ebd1fa097bd144591eaaf4ecdad4401fab6

SHA256
964a82c64a7a6c5c19d1a0e55639ad1ccffce25d46888ca031a9b9aff5331a85

SHA512
6851257bb4d5bbe508ce63804c627a873ea059072b5b49dca743dc59fda833af49140c3414869a1cd912b12db86a6d680aa55912de36460ac7c8dd700a6fb5a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
09e910563267405c264e18851ac43880

SHA1
2484a88aee49d726676395014e5b05f716d6f0d8

SHA256
e66d693a44875705f98915e2f64f2d35e700eb6e8d1427d6531744216f2db8a8

SHA512
52fef7c85c5b7822d112fe7125e47bbcc7627b3e9cff4103d3a43cae2af9833fbbc410d503f2905d9a862eec3d9a290d566a93b6c331defd21f922a0f81f48c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
7d033bb976759210947f0d5f43be53f6

SHA1
6b11e567098e68432fc1a55d3a320096d27fee29

SHA256
2edf0ed5a97290bf1a154c6d1b7600ea5824729729c337ec8ee8ec840c484fde

SHA512
5cc07f9ac2bfbda0bad5aca3c9aba61c733b97169a2ad578153e0d4bb8d5278160cd0d1502f0b84e744061fe60791332100b90bd1b8a2029715e5b406628315a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit