5a8c46e899347ef36b7e6796791d13ec51713ab9327e4f61eb21bbf5eb1020b0

Analysis

max time kernel
135s
max time network
173s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
07/11/2023, 14:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bv9ARM.ch04.html
Size

108KB
MD5

d248d88c97d2e4655df53a5c6b88c551
SHA1

3def1e868736fea530625e96c13d512930e198e7
SHA256

93c97dfe90f72b555fe3791de94c1b7bf338ea0f2bd72b999f027a4fc1210589
SHA512

c92476c1d0fb2580c179c1fb26fba55723238870db96ea82b2f62046506d3c04d44486541f0087096e55ed14cbb5b321bd0ccae3f5af611ad41952bc56370749
SSDEEP

1536:n0OcnwiC6waXoLJYx3PnoWkMa7aW7wWcIUWPMkto:n0XwiC6X/lk9f7tcIpPxto

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "405622573"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000efee191c820df7499e31472656722fd5000000000200000000001066000000010000200000004de70f534de2439a29472a777bae5946d0a601726188cdf5e6a41c72414940bd000000000e80000000020000200000001313348b154978c569c02c3e6a58057ae857e3bf527b4bdd8cf21e768561b81c200000005ef31240f14e4cd0a7ff1024c48bc3f4960dc5075868fb4b18777086acd7fe2040000000e5b7709283e01539605eec99e3803f97d78e2c2d170f44a183e17625a411adadb8db64d7ece40263e6d529365d46460bfd8e038dd951266d9fa74f365cae8f62	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0d7b3356012da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000efee191c820df7499e31472656722fd50000000002000000000010660000000100002000000045646f0ca0dbcb320c6268c3f0fefd0ce9aa885204c4abd00310493cf12c7844000000000e800000000200002000000032148d106b41d3b1d652b14e1e7426d3316ea75ccb48fd70c683953bf63e23c2900000007c5c4a7be5d0143f90788022230ec45f9299d8115fdc6d550281e93d85cd5060a36a0ea1935fba095b816418e534d80dff4724298bd002db7b852c1235a06b214314452bb85c59ea63ee723a7d91fbd3cc02a64129b33e9b118ecb0f37167c945af7bbcfdca3aa1264a0368ef9fb0836c800cf9bd5bb4be16d005ddd70c7e04d2d467c9d60f0891669d350011da0fef840000000c832c6a2ddbfde031b8ed1085a4f2af4a1176bd0d614689e745d5a0bbd3f835e2ee95554b7c8faaa5cb05881130dd64e784ad35891218da6b618183abd4d108a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2084844033-2744876406-2053742436-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5F7DCF51-7E53-11EE-A12E-CA9958541264} = "0"	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2796	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2796	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2796	iexplore.exe
2796	iexplore.exe
2812	IEXPLORE.EXE
2812	IEXPLORE.EXE
2812	IEXPLORE.EXE
2812	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 2812	2796	iexplore.exe	30
PID 2796 wrote to memory of 2812	2796	iexplore.exe	30
PID 2796 wrote to memory of 2812	2796	iexplore.exe	30
PID 2796 wrote to memory of 2812	2796	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch04.html
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2796
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2796 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2812

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
df6e61d491f767c1bd9274519c13ca76

SHA1
605118e35a96f34f01a03b0e96ea6e15ba79f8da

SHA256
2ae0e04c45fbb7bc1d6ccf547403f6d97b548e75fd23a08623a4b9b05c403171

SHA512
87fa706a9b9ee97fb6651a4a9e62e4471b729e677f857bdf1dc4cf372b03b285999bece6e2c3c94d61801e0bb8fdcada26662a7480e7e6671e77787bb5f72431

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c6fa7bc128e87605f13a2f99a55c0a36

SHA1
60b45e92c3465d77bf881e49af71961c852a43fe

SHA256
68b6e3424f97e893b23bc3a0e478f2a6c0ff1de69e96013839f4c8da597c2121

SHA512
2279588f71c1ecafd9fafe6663f60493b3159f6b7046e250e66253ba33c188a7baa2db4097715136df3be03ebfea5224d311f04d1dfb2138644863757e648b73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b97873a55a02b7f963f474aa0875edbd

SHA1
25a3493296018cbef83a2fdb6757c7d0ccf67664

SHA256
12e8891bb789da176c334f33985c54b9540ee2b4ed31832a17706a5c7fa17f2e

SHA512
06fa08a1fbd7bd10f33f4ffc4d75a279d98f6fc11c35b65147c8eda46a9a0aeba22c1b2a4621b9c37690ca461859c36897a8e668bbb151190cc167f7f90584e2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b91b9f93cfb22eef9c976df23a0425e2

SHA1
d63c511afb9fb42223d13d2c148f9e7ca0b2b463

SHA256
af121d80f0d98483a1ebf4c54409ec511fc3c6f69fd92cf490f184260b74da7d

SHA512
91dd756559e49a24a3a985c89b94369f2730829081b0b886b7d607d9c970920af7a707b44903625bdc6fa56811aba6bfd5e1ae41ed50cf540f55e9301a95a577

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c991ab0e45b002809a549fc117229c2c

SHA1
c4775cfc4e304bf60633bc60ffe61e2871613028

SHA256
ba3558c055cdaaf0a889cad062fe8bb7a091f7adc5b0fa5fb3973d725df60aac

SHA512
a45197e0fcf698dcaa9f8d68c891866af57a7a4d9861a9115614f72451abc335a09767e9504d59009e36e95156b3a33b587d6139eaccdeee2075e95deabf8c1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9534d52c9705bc00e809db29109331f8

SHA1
f7b675bc8d392784bfcd5daec90a8dd2d510b899

SHA256
42808c8cf3c2b9f5684d2736f064ff9298442aa1494ecef7e7b31a57e31bb91a

SHA512
10a752661f76d43a31730069ca55ebcc4bf7ca8c900f0602cefaefc3947ffeac3d4908408817da7b5e76d9ae7f11dbe35c9519e00f558ad6661941c568d417cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
caf178444bc88628c9f175b866d8baca

SHA1
5f282c469396d0d7e0ee6e99f3e172e5c7845883

SHA256
bd527bfd8e9f792aa7621c495ccc087b7068b371880047578c25e235d8753e2a

SHA512
b75948d65645b7eb9a3ef42dfebb907f7634ab1cb8ed525660d7be03384b697d679b1917efdb119b98eaf7cc3f0a6df88198d167634982f181b16773cecb230e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
be471c90e43796ca76c5bd5dd95b2bf1

SHA1
171c70f4d160d89ebc293c7634615e5b0a8e92b6

SHA256
63eba50da3261d3287024402ce9cb97c5247e56d373d954ba8c5929100c58265

SHA512
72bb991ee9359496f0f2315c11a7bbbf8626435609b835b61e6bac0b1dae1c99c29e1265c39f3b45f692505788ba068e7e0765b85b27942a4e19dece909a0fb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2a8c2b79d9591b1f231d8cfcf6adec8c

SHA1
87f42c77f01b41b5cea95e2ece03d37fd069e818

SHA256
0ccff91273abdeced0cba0ae84e9757e05a7006f372626bc51976e9e6a468075

SHA512
2b534cb8dc32ac87fa6fd4e11339dc7b815c3a9079fa634acfdf8f31e278d6a57a6fcfc40753513b748c905445cc1f41386a3a6e554e3ed47d44b31c224bc5cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8401b4926628ae388c7744ea777b78c2

SHA1
36294ba9df694bb10a70494b4ba4c2de6589fef5

SHA256
e34e9e42612a4a15f663cdea6d611c42c03fc2821e10e91a38210175c8d45e20

SHA512
d167604e04e6dc8fa6426a4c7f38e056a9b663c4adf0e407c6f23241172612de2c82ee7f6dc06741b11cb8ad9490f075ae21f8f8a449a63d111cd20c01f10808

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
29a5648ca4e52fb6b851b5bda306b360

SHA1
5ebf9b505b6b566e1c931043f1fb1f376797a34a

SHA256
24b2ecdb6151dbb3739a350a21ac2696e5a5c14c053d4c18173075a471493f78

SHA512
f37aa93136d374d73b78fc7f480676378611a33f1f10f4481b69ee22fb40ea27079d19b21db06e3b4371b38b90ca9819bc13a5130aa49d43e9c4ebc96f4df9e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f3e038e443447810ab5aa5809a796c01

SHA1
f636fc9331038bd5c7b59d652b0cf5f019781bb2

SHA256
984627e15501113d5bf92e2b807c437579d051d9848edfd2dca23a53a4c3c309

SHA512
e1522ba01dfde2e82f81ca7147753f6840867d66745be1dd837637252b6600cd6b2b1654f7d4ceb290fa119e06fadcd89cb1c81ab992218399d161e066bac8ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
622ce7c427b6897cbc444eb562bccb1c

SHA1
097f8d5ec2f9691bf28b7aecc6caccbd242eea07

SHA256
22b9a576f7f99d2ef093fa1ce5756b5d31cfbce716a734ec8d1f92a34841e84a

SHA512
e024ddb7f087cbcc1053110cc781f8ff373f1027cabc6eb428fc04dcc27cba3511bd3152957280f2fdb1d54f534747363088538f978dc8ae350c477a5ec35fa5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e7443eb15eebf764eab1b253d5fa4e46

SHA1
ddfb5eb9a43a2c6f7e51bbe1575d395d0e1d76f3

SHA256
ea24cda710a5a4676fd37ca2f500494e96a5a8d8938a5c75adf315766b9006fd

SHA512
7efc617f8d6a51e559f6f09d2001ab91b424503b1bd933bb735072c2530d15caaaea5289a72202c9404204c67007847b9b489d38f5f229722f4eeb4de28aa147

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e9e0b7d211f18b1811f418c772540935

SHA1
ceabbbab1859d58855140621a7366d71126e3b1e

SHA256
56fbb32a16669cfd418f3c3e7f74be9b3e751c2dce504b44e7d4e79e4412a854

SHA512
a93835a7e7117ad22a7af5dbb0861688346b0b4f05bd820395b36c21d21d7177469b897752083b96eab214a47c31a7354b9cadb9d016b2ebea5d9c32f57e0eed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2a2f45a5443e36d67b1d5a7c409a03b0

SHA1
04524bd96f68bea0661b60ff963380e4ffaf64f8

SHA256
307989094e786c6e233ed23ea0b1100974dd2062e9f2d230d233984b3ed22675

SHA512
114265ffdbc168823101b5479707b881d17df67bb667d8af77e4f75b5dd53f92b7361a7963759e527e6d399302e03ac530aa03e0b45d2b5e822f1658e25de228

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
73d5c56935eb5be91d7d863d05d46691

SHA1
38313845cbd08f65d4a30af218d979c5ed7027ff

SHA256
57c8c916d8b1835a6f45b69f5bc82016d5095cd249cc622de6035b893b310d44

SHA512
6c373b55f60c854d49c7e9d84222a5bca971532f5d169c5b4427a30b6eebfdc24261b986f85020e30309a1d46d9d842c760c9d8eafc898d3566574912495e40d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dbb31adf5cc1c0ad5abaa322d8faf8b5

SHA1
5d87b349614e7caafc274bb92ee23058e69c580c

SHA256
c964133ef835f3f3149c3f4ec8bb701cd156451f16c9b2e23426aa9e9923cac4

SHA512
950455d11d86a943be31973a8a834b8d7a88b70167bf6a5049f9b0ee3afc67000ae8421a24084175c393d86d8d687991610755f54b6c5a168403e55fc0641dd7

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab51CA.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar527A.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit