hxxp://websecurezande[.]com

Analysis

max time kernel
150s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
05-10-2023 07:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://websecurezande.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133409654248322588"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1872	chrome.exe
1872	chrome.exe
116	chrome.exe
116	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe
Token: SeShutdownPrivilege	1872	chrome.exe
Token: SeCreatePagefilePrivilege	1872	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe
1872	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1872 wrote to memory of 4244	1872	chrome.exe	84
PID 1872 wrote to memory of 4244	1872	chrome.exe	84
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 3320	1872	chrome.exe	88
PID 1872 wrote to memory of 5092	1872	chrome.exe	89
PID 1872 wrote to memory of 5092	1872	chrome.exe	89
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90
PID 1872 wrote to memory of 464	1872	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://websecurezande.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff88c089758,0x7ff88c089768,0x7ff88c089778
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:2
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:8
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:8
  2⤵
  PID:464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:1
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4568 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4540 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:8
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:8
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5380 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 --field-trial-handle=1868,i,16403958552185267958,4012133734338952888,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:116

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
213cbb1a6483aeb9a6884e6a2886cde5

SHA1
dc3f0245324cc0ee5c54ffde2bbbf16535220f98

SHA256
c879b0ba81a068f8d75d7a98353e184ee08efb1c9dbf967ca1e42f7ada2a9fff

SHA512
de61d16dbc6f82722404abdc108af7d0777cd0b705d3cbe5da3a2cf18fcc59828f7616cc2e979b83ccbb9245f8f84181f8fc2dbcaf88e8d4352e7791426575b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
be943ac812d92c0763d96181e010b3fc

SHA1
f029ca6107fab56a8f526c438a8881b682a35867

SHA256
643dbf0b6b368b9bbfd0dcec04f78456f408892d593a783ee67bddc2fc6f34f4

SHA512
b8af12aff12b56ba300062d8f581f9b393d56cfaf8afc4653312daacef7b49093934de5e935d709e2a9f245529a79789da58ad4121423938b1a1709bc37f8291

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ce3be1ddace80fc0bb0ffe8a1520d591

SHA1
9e8fe3ecfd278e2947bd24628564166df12a4058

SHA256
93a66ad49e816db42fb0d7ccc1891d6f2583f6768535a0b015f7cd9f9d2e3ec8

SHA512
39f8eeb0d963517a49832f6de05f79b5dfc263cf9ae9b428b7d944bafdc2692efc3537dec1a45b99516c2b7bcf3143acb9e74c302fd88ae6e8d1c1446a1222ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
98b5f596f1a34d94193e55d81491e9b8

SHA1
ec6c79e56f022d2389f206049d953de139a5fffc

SHA256
039c7dd2c75740d4f1cae959b8c0da21095bc73b281807cdc496e1134947e65b

SHA512
e175e2d4439568b62a39c84de6866b80ecc1c8f2d25dabcba37e32f353c1f19f66bd1987eb8f6000c7edc9ec3e0fe501bcf6cd4d3c07dbc16f89228e9ca50aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d62e08b101aa59f76d9ed7d12f3f5257

SHA1
a34d06a0ecc6e867b40cbfffaef5f91a41f0672b

SHA256
4bf9623b532c307e363db509d2074ea50abce0c2eec2b3675b2eeb95682f936e

SHA512
f4d88f0b5b56063084f53f2c10487d08892c46b9e3487672e15decb948760082a27fab466a985b4a41fd8a4555cd315591e329f81111c901a872741f914eb2a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2764e561e0d5fddcc75b9e703fa6f9ee

SHA1
a74da060a35d4cd8ef2901fa78994bd89b2c3334

SHA256
dc0a4644e0be82d72892cfeed5e1cafd28ba31a73d6742f0ec61c0911dbbd7a7

SHA512
fb0630ff412a350c07bb2b9a68f307ab8cc342845aa1f5e0484c0fca4d1e6eb76fd28b7585dd0142eef6cf5527697a0a0e46a24d555354bffc48054491854ecb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
4234563a4406d1d427edcab92e87fef9

SHA1
ab1a098ccd3f71498edb87fc24194a9ce73e7b53

SHA256
f109f03c09ca641e935cba55f92636f3b09c71afa3cab21be019c3a791b595ce

SHA512
b55fe24b8c22b23cf25491925f4809b3f6fc6a3424635f746645b3bc799496eaff93fade4e51b3537c34bec1f10e3bebd098ad478241f328b7e113d3f3f8e67d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit