hxxps://braeburnrx[.]com/braeburns-brixadi-buprenorphine-extended-release-subcutaneous-injection-ciii-receives-fda-approval-for-moderate-to-severe-opioid-use-disorder/

Analysis

max time kernel
146s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
14-07-2023 07:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://braeburnrx.com/braeburns-brixadi-buprenorphine-extended-release-subcutaneous-injection-ciii-receives-fda-approval-for-moderate-to-severe-opioid-use-disorder/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4504	msedge.exe
4504	msedge.exe
3136	msedge.exe
3136	msedge.exe
2416	identity_helper.exe
2416	identity_helper.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe
3136	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3136 wrote to memory of 4816	3136	msedge.exe	28
PID 3136 wrote to memory of 4816	3136	msedge.exe	28
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 2044	3136	msedge.exe	88
PID 3136 wrote to memory of 4504	3136	msedge.exe	86
PID 3136 wrote to memory of 4504	3136	msedge.exe	86
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87
PID 3136 wrote to memory of 1820	3136	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://braeburnrx.com/braeburns-brixadi-buprenorphine-extended-release-subcutaneous-injection-ciii-receives-fda-approval-for-moderate-to-severe-opioid-use-disorder/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd304946f8,0x7ffd30494708,0x7ffd30494718
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,8986345199184303630,8765037249086567773,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2964 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4272

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3880

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1184

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f6f47b83c67fe32ee32811d6611d269c

SHA1
b32353d1d0ed26e0dd5b5f1f402ffd41a105d025

SHA256
ac1866f15ff34d1df4dafa761dbb7dc2c712fe01ac0e171706ef29e205549cbc

SHA512
6ee068efa9fbd3c972169427be2f6377a1204bf99b61579e4d78643e89e729ad65f2abcc70007fd0dd38428e7cd39010a253d6f9cd5e90409e207ddaf5d6720d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
171KB

MD5
7a88e1edbba1ad7bd345eb14f1377a59

SHA1
b299cf2eacc2d17d1f2fbda9391079b6f05fb022

SHA256
3f6aa29738172f431b8e2af2e39cba0c2f91583d7bc23f988c7b7b35975bef2c

SHA512
48870540a5e7aedf4513610e23dad5d37ff48dde92909345771f7235d4526893e65d11915b46191e62dbe6e9bed4626215703fc90932bdebed356568c1557f95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
eda7a64b978fac56fa40efae14a2ba34

SHA1
1e57836d05e9991f2902c9f0b18dd39e2dc12d64

SHA256
264eb66cfca18f834ea3b0805efb1e663b85ee3066fc34f6275a850f842e0af8

SHA512
d6fbe84c5471e158053d4314762ce72cb82d185cc98adcb322c164586beddb3d07207d8f9819c08b3397b3634fea0207562caccb03a94293657d24220a5c9800

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
2567c3ab9bf45bd604076135e1f5ca5e

SHA1
0f4b15aaff79ba81ea7e31d6c1d4a4b66259e7ea

SHA256
001ccce2e1ef5fabca99f5bc5ade91de88c4ec7da4ca7dcf5e5e7eb527605deb

SHA512
98260e6e484d3f2dead4e7fa9197b37d14265c5d697849961d61bb7738d9d586a95d690fd3e0f25b3f75f725a6398f32758b85e6d2a5a4211b423bfb282cef90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e3070f7a24f241ed242d0d4729783419

SHA1
20a2a1cf03d8d030638476dd04f1175cb96d68c6

SHA256
5c7d3d3afdfb2ae7f489d6f1b7bde05b00832984e65c4be3008c0a99aa79af06

SHA512
d260273a864aa861c200a0abeab87f588fa460ae1bf3a8e3db7af1d77e53db721016e899a3d0611c22644482977810f904b7bd2f5681ae4db07b5210450f0472

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2b5e1858f4f384fcfe3059797cd5f1d6

SHA1
43c7d5a7f91417b750ab46f23096325b8f8e356e

SHA256
f87425f3dabed495e77d41854bef884c3987a9139b46ddd1931f25f9e0e3ff6e

SHA512
8e38e54a22f2b29001e274ec92e75bbbda39e39d6a5355ae37be1eada1d150e293152492ae131151a4c477710662dfd376069c104bc636027db7d145e201db74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
5544c64f2a8f49dabc19eb84267b1c9b

SHA1
c5b78d63a8bab1c7b985f7ea2f268d0d7809071e

SHA256
a1fcfee2974a77e76a7431a2069db301861ab42dd41769cead8697f41f5a497f

SHA512
38c80d7c810441fc87beff38929473088cf426b0a25a30820d8a060f493350d99bb8521b314afe00578ea54648fce2aa4e55880a83a4f1048c56307991726565

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
5c2797bbc3b36cb2571c4ab448aa9104

SHA1
c3c3c60eaebc1e97f785a3cc315c13cf41aa0d73

SHA256
7f7a246baedf8a2efaf133c61bfcb4c5265feab1d767e91098b0d1cc478b1feb

SHA512
83e6762022fb2ea5c496ed5fa2b660cf9c532952dd68cfb5e841598318f27cc1f7224de13100c08d613366b6df1063126e5982da56e62f21c408046a2b9543c7

Download Submit