hxxps://baq8etp[.]myraidbox[.]de/

Analysis

max time kernel
1800s
max time network
1690s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
21-08-2023 14:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://baq8etp.myraidbox.de/

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133371007614031630"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
1168	chrome.exe
1168	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeCreatePagefilePrivilege	2632	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2632 wrote to memory of 4016	2632	chrome.exe	82
PID 2632 wrote to memory of 4016	2632	chrome.exe	82
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 4884	2632	chrome.exe	84
PID 2632 wrote to memory of 1520	2632	chrome.exe	86
PID 2632 wrote to memory of 1520	2632	chrome.exe	86
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85
PID 2632 wrote to memory of 4168	2632	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://baq8etp.myraidbox.de/
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff936a59758,0x7ff936a59768,0x7ff936a59778
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:2
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:8
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2892 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4996 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:8
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5176 --field-trial-handle=1880,i,5658373938131184997,14661384351282120772,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1168

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
72674171530abc1d3c6e1f7f878e1e02

SHA1
531e53602142885b66b1d11d558f86e679d8b012

SHA256
3f5c95281bc4d394bfc5e50bceb927a4dfb142e2714533ce472a7b8628d13f58

SHA512
366a7beb98ad43e86bdb17f71965e7812d376ec2650324dba04171ca8c5489a46576a6a9b3d3b07abbd49fc43c7281a46643a1d2dfa90315836f610f8050244f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2def80824d09d9f75831ed3289bc3a5a

SHA1
124fd4f358c55d0ecf30e1ed830d61ddffe4774e

SHA256
f15ca859d2569c567f3fab3c1c2759b3baf3bdad4fb3bda6aaf195ac9fdb8401

SHA512
bfedbb29e3b9ffe951f3b17aeeb7930468fdbe2a63425f5c140cb8e5e8989c09dac75e0918a56db267ba598d2757fc4222213c73acb6b26566f4ca00d38ae590

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0b2e96e43ec0f2f57e4ded1ee17f76f7

SHA1
a6bc98efabf9416b895a646f507be5b95bc2b8c7

SHA256
1c4e2fb0b541e144f9e13530e75694fff583db44c98171e85446dd294e904d5c

SHA512
a9737b6c3c63c93b515103f8dc398be29b2694a082bce91818b48347758a67bd64fbf65ca5132c7c4fe521b42521d7f9df0e2321eb02968e9ba2b9db9ca92839

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6715055a58a0b0544b93697fa37e3efe

SHA1
e6e4bb2bb2912d5b979acd93462661c1b16d1cbd

SHA256
ceff42deb3f72af75b773f55014f0a40611a2c180e27d4171e43293d24616549

SHA512
e63e17c18dc0c462e841eadce8a445e558e6987298fd1a21eca2209bc1eeb91fafa8125808a6b051829462aeede5b2ec772c56129c5477b760c9264ebbcc8c45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
7c6bc7ca2c8ad822381702872e573d84

SHA1
a933bffc66790f3e4fe22f41eae5e5a31271a770

SHA256
fc199d1b6bbb78b1a33ff49552387e78e9e2e01531272330a355dbf8ecedbec4

SHA512
92a08e3ee20f10896ff66edf2c02bc5d05dd9a8e1ea0e455d9247db81663f88c3ca038f63517a43e69bfb06a31c31782458aebe1722cd40b623e2220779405c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fe486921fd9be44926e23fcb4a505103

SHA1
1d826578135e4430354a4e0a436b295c733d894d

SHA256
f9038b389ad9db49e3b9cbaaf6161af57138689ccedf5c2f01438d680979826c

SHA512
222b5ace14037e74a7892b83b3f3baa84bdde73db000c6e2326d7d47b0ba951eafe04bcb8f71daad5670961f73b655a2371d43b5ad92eed340b489140dd4f523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
27c3cadfbb1ea6cf90dc7f42b897a252

SHA1
3da83de3bf627377f21fa369421bab88cdea108c

SHA256
5aa1e31cb8ab366220d50474b0a778a3ffcf58e008aad3071705d34509a7eee8

SHA512
067186266804d9bf5d41375ef15a145e1ad3d4d44a5053a4a65549bed60458c7b3d7de1eefd5043fa8b3e2458e340cd17096f1d5c0d2e10f7934b5f8d5270d0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
80fd7bd6d1cab55257884776e8621120

SHA1
1c394f95c51fe15f42f894ed3a13f17d2d5acec9

SHA256
cd2ed9a59b0a45c7c2e855efa3680a7aaa237440e6a1be965944efa73ade09c4

SHA512
0b41ac2d84b48fff6f6cdfef9d158af3fef25bd492d05647f25bfb357b3e2eb29a45a0d9d4478c9f27b62d9042dea570261ae357c387f4cf6eb8010ce6d66612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4be9dbe65d91b77bb211a277cd887831

SHA1
0b204878bd1c748c1f79db586f9edb53fc019e38

SHA256
63da9ca56f200c9dcf133b825d90fc5234bc79ff7c4e1f325b20ccd40ace05e2

SHA512
392e7623d0192647b80b3f3179ac805f3c9607df78b3f8cdb37819699d56329307f91ade9aab739ebd7b107cddf37561b338409b0d4cc0ab9022da79bb3599fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
2e5fdcc671fcaac2a6c39cc4dcd11002

SHA1
e08f78586e26de5fa192fd888bdf8a3c4e8b3a9d

SHA256
6ca02652e9d5b1d4e155242a7a5f393aa75288f918d45f9c14df6786677122ed

SHA512
56919cf08d1a31bfaea68f2ade345a9773a102854e12df74619e72e89f57b8847bc8e18dcb662fbf9d26e185db3670854bfd64d660659eefd19cece48742e44a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit