2b6408ba93af92f01978e09a01631b71bd3221330270def8044168d3c0b629af

Resubmissions

18-07-2023 20:01

230718-yrv53sdd99 1

18-07-2023 20:00

230718-yq5ywsdd97 1

18-07-2023 19:28

230718-x66ppadd25 1

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
18-07-2023 20:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Untitled attachment 00011.htm
Size

86KB
MD5

e5b0d9a102e5452fac56cc86d3d3756f
SHA1

66a023efa3d16fbb94fe2a15318a0ceb004316e2
SHA256

2b6408ba93af92f01978e09a01631b71bd3221330270def8044168d3c0b629af
SHA512

e479d7c099069804eda957571ae3c611ba16b3b0b7a47a99ee627cd5bec64556dd635537ce0c25c22e8274c7804ac26e4005ed9aa159d630c7f3ad876585c955
SSDEEP

1536:eDuRpGBMgws2EAYiMfhWFl1n97McThNyQKxq9FhDwgL22VS7cPcEJ89:ggBEApMpWZlhNlM19

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133341846431172764"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5044	chrome.exe
5044	chrome.exe
1948	chrome.exe
1948	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe
Token: SeShutdownPrivilege	5044	chrome.exe
Token: SeCreatePagefilePrivilege	5044	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe
5044	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5044 wrote to memory of 2196	5044	chrome.exe	64
PID 5044 wrote to memory of 2196	5044	chrome.exe	64
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 3432	5044	chrome.exe	85
PID 5044 wrote to memory of 872	5044	chrome.exe	87
PID 5044 wrote to memory of 872	5044	chrome.exe	87
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86
PID 5044 wrote to memory of 1932	5044	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00011.htm"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe4acd9758,0x7ffe4acd9768,0x7ffe4acd9778
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:2
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:8
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:8
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3968 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3404 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:8
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:8
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4944 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4860 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=748 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 --field-trial-handle=1800,i,17467953164154964853,16116352305463891268,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1948

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2748

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
bcca22fafc7d73ed2bea049413c0f8d1

SHA1
0457946ac2041c684d96eb90ecc5064d88db2db5

SHA256
89737046e456f58dd3149a28a1ba2d3c60d769d85b8eddeda42d4ec0b3968efd

SHA512
adc4eb169fceb446222e40e4e327e84044c32ca7b49fc512079b846225fa1fef031b7c54ac74bc0e0c88b1d1423f00d492536b14c407fe22c4e672249f57b974

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
189fe49da8e6c5f910711101d87e8cd7

SHA1
e0df1c72626b23311e131b8c36e5715898c3b024

SHA256
4fe342d39a202fdac4722fa0b39070f90fe939b4111f963334667bfe659fd448

SHA512
fca5bd7c8582bd683dc0601a8c937354b0f2702ac9efd99a9c1bd009796ad2a272675c5cc3408ea27c9386af61013a6e1ef45d9166d3d5e9d56a0c8351c258a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
36d4281176e9a7863e80bbe59a1b4303

SHA1
5f4e2bd8ef55946da11ee1dbf4e0e01354f7e8a0

SHA256
9266efd00c61a29176e3ae82b91c5f1a0cf475a8eeb1f1d856f000ea6c9fefb3

SHA512
acfa8ec488de2975fe5180f441d87b2c5d3a214d8f3273f08674aef20b9b4655edcc82466d037c0faa48fa9cda48ddf1083e0c73c04534b39165ddcc8b720d94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
53fef06bc9fd8652573c22aed2290306

SHA1
451331139b15e69637163b58f361cb7d7dafb88f

SHA256
298c5d7d5cc88a45d422c4c4284335a5693446295d943542c60fdba026bc1bd9

SHA512
ebd7759c8d115b3349f734720d0d9254f3c3e7474d9ca31cb29c91ee4e283040e5224b8798ca5f927de53a7b94c4765e8aaad8e923e2a21fbdb8607c6c559489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit