5a8c46e899347ef36b7e6796791d13ec51713ab9327e4f61eb21bbf5eb1020b0

Analysis

max time kernel
251s
max time network
320s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
07/11/2023, 14:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bv9ARM.ch11.html
Size

43KB
MD5

efda3b7bc247b77f35ad3461614d73d5
SHA1

a90ffe12610a00b45bc5821fa0b11e9991a0feca
SHA256

b814523101ce584997a176f0146e03989d3d6b3c1339573dd47c4261da46863a
SHA512

db6d49bef3590c7a6043c2696b16d567169841279fd255109431ff79af48c27858df25e7cf596b006334c12facdf691514f93122db2a57283c44095934ef08be
SSDEEP

384:nyvOB+EYz2VK1siN8835lKDabjEFIJazEzQH30hVUvEMU7whpNiabAEBvtV5A:n0OcM0683mDKJbhVPShHn6

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008d5ea254cbc3cc499365b391a5fd66920000000002000000000010660000000100002000000011c0c26c6961a58b562363168a146d355dab07661af51c396dec9878ae691cbd000000000e8000000002000020000000b6c3404076abc4d15b54c5085c2d3d6dd70deb22ce4292895d0c4908c6db6381900000006d5ed918dffdf0778ca7a7a97b3a25e9dc847a5ea07f8cd9b966b3cce6ed6c1f843defa51d2f3137a940354d76d6b6419d2797a56b8e5b1ddc692b5daf1c5fad3a9b35777fb326a06b620d10372538df687fdc5b8f90828d47434e2f86392f499c21bc1a2dd7290dac605cdc98e31a37cc768eebda73b68b9616931811da7d2b74885e59c8858feb1eaa064482a84b9b4000000018fac1e72a2abf19bfde5564e867bc85fa2365d8fc5362973bb11a3206a9d9ac3da0dbd534a435f05264c31a2665eee2fac6c1d694ea394f86adefaba062d929	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "405623000"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{590309A0-7E54-11EE-945E-4EB5D1862232} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008d5ea254cbc3cc499365b391a5fd669200000000020000000000106600000001000020000000e1f3cdf70aadf5bb4cbf1d3a463659e6cd3f97be35c5b9c49ddcce68c9916eb3000000000e800000000200002000000040dac9f53ae2dfcf0c4d05600c90d2b217073438733b28e9c819ee14c2e2b3d520000000e1080538f3c4731d1e70afb3fc689fccd919334cc9627c5242b5805667bfe789400000004ca529bfb756dfc53bfc4c8a3b208845312300e22d4ae92c62e6ee28c998068caa4ba1f8a47d4213e44c5cddcb695b491d04422e8363394c785d225af19f8887	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 702f6b376112da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3425689832-2386927309-2650718742-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2520	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2520	iexplore.exe
2520	iexplore.exe
592	IEXPLORE.EXE
592	IEXPLORE.EXE
592	IEXPLORE.EXE
592	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2520 wrote to memory of 592	2520	iexplore.exe	28
PID 2520 wrote to memory of 592	2520	iexplore.exe	28
PID 2520 wrote to memory of 592	2520	iexplore.exe	28
PID 2520 wrote to memory of 592	2520	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch11.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2520
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8c50487b740d242f9f957a38ba71f6f8

SHA1
861e2a8d92a8f034f160b2c51521c102b3242f23

SHA256
59ae9a3dc79073342dd31ae205820dec7637a9d819bebe02135dc7a9fbe2a14c

SHA512
754c53df7d07fb6b8ebb54e3c6a05edcdedb3aea3a17430b4f17c1f8a452de0f756e22e30e0397bf21fb3aa03c49f99b7e3447f9164396a0e445c2c96612f1fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
637c9e2d68cdbb522c3c49d5a717d25d

SHA1
099325db1135016aafe53ac78f377a7356255ae9

SHA256
67e906f72f7689d369c017924cf8068b3e4ce8874bfed68946caef524d07e3fd

SHA512
b7651228c479012e3052185cf7f61ec76d46512304cc52b66c09f4d35c2519f2b0fcbf2ce82ee5557a8746473033e6f8706b938611f10974f40f135edfa8c8be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ac64b8ff7cc7e6611e5908acd9098f1f

SHA1
48a68056d86646419c33f8e3fe22d0b375ff3406

SHA256
641314479e918506ff3c2ea95447b79eebf7b1b9f32ee828eecfd78ae36df604

SHA512
593fa97115d918aa096d46a913c761f8e16a16bdbb87173087385d613c50ab92a74c729ccfebafd303c007f7251c24ea24b91ea1da270d0c40a254a378623e16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
74ee985060639be5c33c7a53f010fcec

SHA1
3b7a0322b7a9ddc296ca5f5e84c9c88be50423fa

SHA256
87fbbc306f93fb196f508a6651f93a2a50572f2406250c2271f7fe128ec79914

SHA512
175d771f1133b971167f30b03ab2f00938f5f1efdb72553fa10b3099db843b966f0333d72dbfbb08fdd20569ceb26997e9d45c69c5bf37ba4996ca73e6365f24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
625ceb444af3b11ae312ef6f4027c8a7

SHA1
9fda7b40eb01ce895cf3f865457dd88df6be8f5b

SHA256
af5c83a7bf2babccd968ac26c7f0e80f5a6592e3e1a2c3abe03a99527a24d402

SHA512
4937f97fab7448261da19b603772e71f9080acca3522323f8cafcd3128d26b1311ae53049c1bb47c4fdb15b976d6e56e6a55cc7ae313f1366f3e6288ee1269be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e46ba5f402bd90ba2ae7a4a9157a35f2

SHA1
330f3140a317e4cba7745da45a6137a139f97cf7

SHA256
158eacc160aebcc0b20445abd45773ecdba0a4c61a0bd8b818dec0168834d76c

SHA512
011efb07b403135a5855d7ee111e68b34c1ecab6976a4997cd2f12af05933e28f645c3b76a77cdfbc41496c8cce582879f39408b8cb75c4658c118ba8c4f071a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
af3c988324cd8eb85dd00ab3195e194b

SHA1
01b3707a8600390ea70f037e5b2755ae6033dd5a

SHA256
973cad66cfefd5a0d07240fa4e379d39e990b1d5d21ecf58912b9396a0ebea4a

SHA512
f623460e26eb8acc223d683672ee4fc3daaeeb1198866dfffadf7824bead8af18651009d304cf483c1adc5d39ca5b95b5eba0dbf72694fbb294ce6fc4e90c9be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bbcdb416053d8d9d88c84d9f83432d07

SHA1
5be762957b477f051862cc180d35e8caa362dc1d

SHA256
bf6742bd9315dcc57c37a82efb9ca716805205d5971ee500d2897642bf36a61b

SHA512
d6deea0f8e2b829e2d0f2d0a6f3596e8aae89fe46487d4f86f79df998543b599a8b81148fa0a42bc64a2e74dbb859fa92d5e860b5e7c3f3b9dbcafb2f1d7e2dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d5a49d5e44c297f32a3dd16b9669d400

SHA1
bfd5c3caf1676d060847c07b9f9f2b04c003c535

SHA256
415d4f3b7dda480f3d58dab36503925060c46d3ad5f4684abae9f5130341b63c

SHA512
555dccd991f517b5ea3141b31dc2d6668ea593fac098cd06dd2102a27e5731df41a18c7b0d8dda2817a16bbc006b2a12517f9276c4f52dd4ae76b03a7e196ce2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
009d2fb38d1b320edc7bc28d7909d59a

SHA1
91377381c628b98c9683d75e9e85d12282174a99

SHA256
4cf3e6f7c763c44e7f2dd7c0fa03ae30b9efe986ebdd1d2481fa0b2d6f4d4cb8

SHA512
b52e7d7f7b5dcd695012b8ff05ce875051189955218516627ae32f0392b4e71c118bc2ff08c2234fd520e2bcb693fe28a826a75cb13964f7822a5030f10e3972

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
980c79c6a959a532c22e38356e217a38

SHA1
a853a1b3a743e03cd920e5a74a8044aa256cdd29

SHA256
0288ae1ff64bbde604c6901f126eacea6266be8c0a33236b2ed5af573f36ece5

SHA512
c4f791b4078c638513437aada54abcbb29df6ed4bc7f73d1ab1c292326f9bdb71cc3fafa2ea1450f24595fd015026ff1393f402b5191f5eefdf51ca223ba36ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
914dd748a0f20fed3bba0cfac30458a7

SHA1
a9194f044527c51fe0ac5a1a7d539cb0b44cf33d

SHA256
471b2dec7b5dfb38bd8aa5f946896e8d83013e0a028b3b7c573120d5710725ed

SHA512
91bde4f342e298a21dfed7175f30aba9813fd60f0ad687781e04185429805c09b1212d45a9537ac5e9e7e6e28194c3d40d43c2136cf61ca05cb574c3dd605a3d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6a95bcb4cf9bc8b80ba8606e1dfc6302

SHA1
bfd5e53e6f12d741e5e2907891a2921622ba6241

SHA256
918482dd6eff81b525515c7be62eea5ae3507ba2d53c35402b585e5182be699a

SHA512
bad25486e6a8a1b0eb631e2bd97d17a8f016d14ef12317ecc6682dd41ec4208727c1292c23ae7f4d410f9face6df6ac27fafb690a29a82b97fbbbd8c5fa0d350

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6515d3e799ba7977ec72665a78746b66

SHA1
f841dac2aaaecc2098978ae082cbf01cf890414f

SHA256
925b102343e871d7ff346ec52f544118053d0fcf9154a98d08e0c14801df4c3c

SHA512
05c7c2f5022749e9448b613ccefef35fd6de8cec6ca7defac25b3bacbc6641540215d1c3c9c9564c55cf643f30705d40d1f57287db1f0a5c8c8fa3009b041fd7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1a1fc903f848f838461367d7470475f9

SHA1
7058c26dbf48d7c6762550f9f4ddd582601b97b0

SHA256
538a4e35f82bd2fc91a840910f7ea91b736afff94e4d78182134025c3cba13c4

SHA512
ad07ba3e1ea59c6f0a6560ce60a186be5533b09e603fe30c2c123ec3d31863c2c61ce29a8bfd97ac6d2598a4db297c7a8f367b2f1cf381be0630135576fe2041

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
918c1c0b0ff6cffb999b45d0a3203015

SHA1
7c4acb500618cd486ea0f6f3c9fcb722fec5ea14

SHA256
440cbeb45add75ad3b4896a610634a686d17f41490d81d5709a5192dc61939d0

SHA512
c198d9a3af67c4de7e3d7741827c32ed281a68e40a8cc5489e36048247a36ee036b4349803f24b2d875591e24fa5625a4e5da0808f61e9adccb1b4ab14870f30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
75481fa88e0e8f1e1f9e2e85a0cd5626

SHA1
58a890e2b94fd0cbe14e64e233c74a04cb9366c5

SHA256
e3373a5297ecc8ee798c4fe733baec6f7c0b7ea9a006517c7d2d5d1874e56a07

SHA512
1393742f86c62aadc0408e359a843b5c5039dfd48a2b525caedb95f47dcc4f12537dad7bfad85f2c7e77ebf0a69e215018841ea3c81b6f8f20a98bdbceb29fc9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1f3c0ff125200b11d559af4c38f4c367

SHA1
1a17d61d73beb80c7189bfad1875a1fad8655145

SHA256
95b61a074121d4471e844171376e18470970c6f6a3bd44e56af49f5af88772e2

SHA512
01e725797951d8fbcf2183e9bfd2ded88d3147ce0af1edbe9a2a388142a48c7cd5630ea3568dcf47c895e8037e4408618f00cf49e686c67d704f9cf19224403c

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDC3E.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFB17.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit