hxxp://www[.]menti[.]com/al7bsift7uym

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 14:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.menti.com/al7bsift7uym

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133414207107690720"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3864	chrome.exe
3864	chrome.exe
2352	chrome.exe
2352	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe
Token: SeShutdownPrivilege	3864	chrome.exe
Token: SeCreatePagefilePrivilege	3864	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe
3864	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3864 wrote to memory of 4940	3864	chrome.exe	85
PID 3864 wrote to memory of 4940	3864	chrome.exe	85
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 4924	3864	chrome.exe	87
PID 3864 wrote to memory of 2380	3864	chrome.exe	89
PID 3864 wrote to memory of 2380	3864	chrome.exe	89
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88
PID 3864 wrote to memory of 1912	3864	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.menti.com/al7bsift7uym
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb779d9758,0x7ffb779d9768,0x7ffb779d9778
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:2
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:8
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:8
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4492 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:8
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3096 --field-trial-handle=1908,i,15662953395858385018,6217255181503092370,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2352

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2968

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
a9e0375c88b665e3f8b4ee3fe9e31c86

SHA1
4df5383966f1f8b8771908001054d1891f9a8f4e

SHA256
c69e7d4f362cdeafd76dc72a68bbe0c4979caec7d7ea3a0849d9a9f7fca4f356

SHA512
1269bf8619cdd20b0e19d73e62e2f1d43de4570201cbb49b1977f09702ba370cd6359eb857a32711dea914bf29719ebae1a41eaa97e6d3a40abe13405a0c68ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3504f4303276e335b4cc7731f6ccc272

SHA1
88fe7a5330cc4569fb1dfc620ae43127b35d8239

SHA256
0e029fc87ef93168f5349629d11f6127df1e2753d8ac66a6535124bb71699418

SHA512
1c3aaf2ff1afad8c10ec89da08307287d7f5b22e7a4d660b8d0056222fb88e403eb0adb128158bed9d2181de8abb4658bf49f04bd6b8de88485451dfa3bdc871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
48b07a5d99d83a68dfc919a0e4342293

SHA1
5740cbd34e868f256ea1b3b622e741f9d956c0d5

SHA256
20be6c789764f60848da9fa1c8d0327d705a11a5eabc0f32160954781836baef

SHA512
18e5f9741d2edae37b455dcc247412bb6111d44eb5814c2afb9d3dcd7cd2ea5c12e540ad7d3d3c56e0a4c453b7ea32cf30d752ad4a7578062e3149bd79474e63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ed94f7757912fabe7ff6eadb8d80d07d

SHA1
87ddff15983d219069676f93e5e6c32a914ab098

SHA256
f532efcae0163f05b9c7a2d4677dea54142c372690eb7316d5080bda522e7f82

SHA512
418868a0b3bef85d77c904c18d03d0c5bd5e2bdf6dbcfba5f8c290867db193b83ab48c7da40012a2df9f7b511aa9d9085d29158a1d6e6ee6c2720b16b903b386

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6fc3106beb4227b537a8ceaa8f0bab3f

SHA1
1df1e49257fa223595549127e67b9dcd001edab8

SHA256
2c448d7f8b140bae045e863b627ded564de2c71c0e0edd1ef3dae0574b5120de

SHA512
d3aba3d32ba00bd191f317c7491ac8240170913d94fbff90c608cf81e4b07b4a7a92e5ad9908f3eb3ba5af1ad90e3f13b75ed11873489939824359c2e5280f7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
658e620b81c5ccd4ae7dcd3469d79a2e

SHA1
9962205acdfb86a169605ff6588469079fb09747

SHA256
71a33b8451ba8405dcc2200d3940bed9fd0865049a867fa285a957db9f797bcf

SHA512
b5accbd264d3d637785f8e4a055a08ceba9ddfa51a2264981c029ff5d798aa84940352a89fb647f3f759c9858c0e7c62750aeee18510ff67e02d895e814a1065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
251a99a2613093967a921eb261fceffa

SHA1
7cd46f8d65a0c92cb79edb90e91156229870125c

SHA256
c7b3af57f3a7f9aa2238857be6ea322618f1570ccb958f08695d695deccd47e8

SHA512
152db939f2e00f589381eb6dc400a3c18bdf481397fc385da2ec1dd4ba06092137f739644df46129ffca2619d19508467f7c7bb6fb3ec8d785d25a7db03338bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
35372a419f444d56fc2b1fb04083674d

SHA1
7c00ede8621fd759e3d9f2daf5829d2a9ed8a808

SHA256
ac5f0c11a318545537939ad42b86405b3b99cc25a2d639dd088a131638cffe9f

SHA512
f93a7a3224d4759f380445afa3118d552ad9d9346d957c1efa17ee58b98d4228ca38e26c553ba44881dcc82393c428cb865ec858c09293c9c3629b29b5609e71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
5a3c133e6a1d923513e17141632a5936

SHA1
b3732c9f76731f35919a6cabaab3065b8d1b8ffc

SHA256
2d164f005b5c64c2407138a9704d20270672da171f5e886cac2409a49669e35f

SHA512
9dee2dfad2c5e3822935e53a8156f3fede407b1c9cfc054b1d455006f24a23819d5f4fe81e943afd7aa0a209e3f7b6284818bd0fe08227811faa7a9126af00aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit