e411acc1bf11b31f2093f08ff4e95aea8381b1391b6bf9f21ef491c913c51e55

Analysis

max time kernel
132s
max time network
142s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26-12-2023 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46ded91701c6b5a7599cff6307d8b309.vbs
Size

329B
MD5

46ded91701c6b5a7599cff6307d8b309
SHA1

d2bdcd9fc6e178fa5659c7a00877603e9842b626
SHA256

e411acc1bf11b31f2093f08ff4e95aea8381b1391b6bf9f21ef491c913c51e55
SHA512

0ce0caa0fddc6a96692b00bb33786eec6581612f538e6759c4ea8cf0eb8cdd85225e85e5e07fe9345b7530d06e146ece5dbfe4e19c3230b6101738746ab80746

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "410341483"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6E95E5C1-A93E-11EE-ADCE-5E44E0CFDD1C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3470981204-343661084-3367201002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2736	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2736	iexplore.exe
2736	iexplore.exe
2936	IEXPLORE.EXE
2936	IEXPLORE.EXE
2936	IEXPLORE.EXE
2936	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2888 wrote to memory of 2736	2888	WScript.exe	28
PID 2888 wrote to memory of 2736	2888	WScript.exe	28
PID 2888 wrote to memory of 2736	2888	WScript.exe	28
PID 2736 wrote to memory of 2936	2736	iexplore.exe	29
PID 2736 wrote to memory of 2936	2736	iexplore.exe	29
PID 2736 wrote to memory of 2936	2736	iexplore.exe	29
PID 2736 wrote to memory of 2936	2736	iexplore.exe	29

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\46ded91701c6b5a7599cff6307d8b309.vbs"
1⤵
- Suspicious use of WriteProcessMemory
PID:2888
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" http://www.0991dy.com/
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2736
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:2936

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
893B

MD5
d4ae187b4574036c2d76b6df8a8c1a30

SHA1
b06f409fa14bab33cbaf4a37811b8740b624d9e5

SHA256
a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

SHA512
1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
0a07832e880df01c6e2c48f3a4ecb3f7

SHA1
2ef0d26cc2705bd29576121270650610b2a500c0

SHA256
43a706178f1c260934fbf57dfb2e5f6f86e0a215bd7ab6e417a456e29d2e53da

SHA512
cbd17b163f9a3035094e26ab877105afddedc88a0843085604fa4c72ea2fe4271487d4978aa20b300f98b3a572ef1c0c762f4bd551b149928051231986d1d645

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4c9900ff99a456bb053d66caf4730dc6

SHA1
fa8fd9aadae0948a24cd45e9f0b205155be5a5d8

SHA256
dcb29330442db0fb4aba4cb97240aee1795636f114e519c350fa4cbc55c8d27d

SHA512
4ae7950de57863d13733adabf9fa19d215e624333b3c4bd82946275468d6e2ab1085e6e2f66503993dc2db3c18e19c05bfba13d1a02fdedc0b3a1c36ff0c059a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fccc26117811fed209f8beeaad0d9f31

SHA1
37fbcfec65816e1a0825b27efbd07c260068838b

SHA256
b7ad2e41bc1fd20de5800bc9e52f3d97b1b330510a728f8a5451c5533343473b

SHA512
0ebec7f8a6176f0c0cbd06c3054f48f9866c4fc97d2364e75233c47798500e3ddd623b80a949008619aee99afe120dec59a1ad667a2876fcfb2b9c443e208975

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eaa4ccf1dade10a2c8aa324e4c814cc9

SHA1
5408d433d697e9020a0f9406f5e1f56f9b29ab92

SHA256
3cdc01878f1036ba3cee7d836620586523d9e0e1ab579b071a83b0b21d906773

SHA512
49cb11919c4e38175145761eb078cce5944df698b0bca700e45a16627d14393c7e27e40defc6a39c24b44071dce48ce9f3f4e088934928f75a7aedc1eed90d8f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7c4a32787b6e287ad9e65acb170dc615

SHA1
d2e1df6300831138c2cb20120bcdb2dba5436e69

SHA256
153561dbedf227e39ccd2c9f9930693d723e01f81fe6e8f9b44efd0ecab34270

SHA512
d83cf91ffc1fec1080cb26dcde5574d2c034121798dfc1dfda051eee633e3ad5b607bac26b06d12d4b7de76f6618a62511e0eca2e29064f5dcdd72174934ae1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4bffada57470c7245dc12e442265c7a2

SHA1
1812fa8e8a06b1bdc1302738f8f2ef2edd8c5425

SHA256
2eb43899d96e90ccb7b41a7e673932138944de2be2b130868b5ebfab6a0ef0be

SHA512
99df484f3f9086dc26ea36e53509c1b91357d6766cb9c83a81ea3cc1f5ee97b7d7e0eb3137aa01851fef9244633791b5c6561e7f83ce24d976c123e89448ed23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
05151cc0d43dead62e1ce3605d74c4d8

SHA1
bc527571ca74ab81c039ff91fd0b97c9dfde589e

SHA256
a9903a5bec348d0ba23e9a6149fb03f17ce528c40e1dbfd0445dd9951c11a4eb

SHA512
225b3b29adea0f6d82cee386d1c14f05516123a245dc5bf903d20ce51360320ffaf6fa4e137943a96c7d2bdffc9d8aa99d34ded82b01325815a2e7993125ba41

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49f77b89afbace5a977e8e1aa0f2daca

SHA1
221f4d12a30647ac7ace55f41b810d2018edb36c

SHA256
6f377ec0befa7a33c4f8d35a0f44e0457c1de8612bba0180016f1cef6bf11108

SHA512
e53e46e2fcd54deb20cb8affc6c96c92570b0f1a040f4f182d1b69a7af0ca0c947984994e4e53543ff3be20b92001ff11526c3aaa5a5f50faf80b84293f78d6e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6e38c638764a135bb940d894fcad60d1

SHA1
b270099537630e1879c1ac01e4f47ae366b52e9c

SHA256
8ebe6c0adb9bb938c9a872ad41bd1a3ff496f8425bfd3b41d39ac0327768bcc0

SHA512
95ea87933704151f6d85926cd593589c74e4211f208d096a5fd3e136503a43cedf5823733bec1022019b6daf807bc5d4dc43e38118cfc9f22cdc13f2ccc8cada

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3973b381505694d5da80373d532256c4

SHA1
02c7185527a7c0799f8a310f1b4044e9381467c8

SHA256
8adcfc9f091e69c6a35a6b5526985bf75893c2bb5fc11883359bd585d16a6218

SHA512
f8c243cac29b83ab4b2f07c0829154bf978fd89bc1c440fe2431ef1ece3206642f0014fd50e1385af5eea0baf6e3fa90ffe22134f0ba8a957d67efd59ced0667

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ee1f71181d4902acb7de03582b72a06d

SHA1
f75440d5d888110771a58778a8d14285d7d5741e

SHA256
9f53db102440b296423a508625d2cb0c57d57f1379b19a8032d3d5634e78dcb4

SHA512
167d586b67fd779294a8c42f6784a0232a2b67508c6cf5a10a24b45c903c4d16a568ce38f76894b322f0eabc3b758d65dd0a6d43ebd0afb32a7c2b7f411127a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a38df37a930b68d687ea83b7b816992c

SHA1
0ba08c0f9d58cfa55cd1f1c25b50ef98234f5920

SHA256
0cf645fcf93190000c7732906bebc063253071279e811e6914907e9aa09835c2

SHA512
53eca83c9aead410cb75f7112e3a1726055de4d8329ac36b49487102facc69dd27cbf3c1ba6d12cb276bd838c098411beb7b3d6e858fb189fa09209d6027942b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
48b988181d55a4335de26c4f6017a805

SHA1
d143f329d5ff8565c59ff52e33c5526d30f48548

SHA256
cf39fe1076494d70ca5c5b3dfe1878163a0e2ad2fa9bf138baed8090b0391a18

SHA512
cc4c57f1315fa9ab1aa85682639f1ce0d929cb4ea85cbf34e2b300560a8ec26f507f21e6f40f8fcce471c0eb8e4fe585864d597099de95edec36c0a19a30a23a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
16832bf8c090e3a3c6c697f7a04fb9a1

SHA1
940df87e46ce1378d81ce47a04275b4dcfd5b65b

SHA256
f012ddf662cf09f8ba1525edf860ef9ae15062e1892b4900c6285b2d3b4d32e5

SHA512
5ec192236d4721c038277cdd2286b40f4fb175a768309fe76af87f2086e500f6c16b8c237a9220a26c3de4f65e3f0c0e4eed3f8eb9d3a4b2844e1e8ace023094

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
058c9918b891ea05e368c1d7edec555d

SHA1
bcc97982bd982c4b15d6db6624da034895e6207d

SHA256
1913ceb9d5046acd06c999782c3115ebe4b4506b8536748985e576fc896ab193

SHA512
50ec27ded6a22c098e5c6f73955563937f4b294016170b91ce59e26915ac9ca3126da53fc1a3c6be46c2445021f463651dedb390b74785db244fd598f793372b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
545fa474b398f7ba12b6dfffc84fde3b

SHA1
c6a131abf1efd633558fd182f2e2961f57fcaa3a

SHA256
b087415727b1242d73d060b83356f7dc821b6968107e87fd24b466d213fc0365

SHA512
e4c3952ae131ee8990d9190d4d200ef6b6a6aaed911e4aa656adac0766b8a6f2478cc69f66ff18d77c6a4d47e636c02b16841614d63513e9388990c7dcaca951

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9d1e02e0cba31b440623325db7873c0e

SHA1
7d32a92e4cdc8c65391d70db5f59daff38b1665e

SHA256
36b329541c6d7afa1bde74a45c56e094d9d99b6749db4875f7dea05215828ffc

SHA512
215fefdd02cca0f8efc96fe8b6dd23b5d44fadc130fdcc795cab53f703b2e6535daed66789386d602e7dc86604f3d065bcd44067c2e8aa3b169cad273683370b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b4967a57c53800d3c28ea02d7883784d

SHA1
d10985c61f3dddde053efef975ca3629041efbfb

SHA256
8349c21cff7de27f3c2842b9fb44257d66eefd54e5209916442689918b3dcc5d

SHA512
1c1fb03b55b1a968328471cdbf9c4e0e2643f1bf7bc3b70e0c52dcd40efa5e82aacc8bf96b4d01a8577ad9e949b252cd50e805870339ad36344876964ff0e0c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a9e9109ef3ba1cbe0b793d479aa9940c

SHA1
72d75cf93cbbc006e10513cd3e002402511498bf

SHA256
da3f86a64c3ed5e72c72777c73db3a75a2e2cf03c7c3dce1bedd9553235f2fe3

SHA512
dfde031e172bf5f181b10ccf143aed365ce5bf13568e436fabf1a77fb702307db6c7b665ffaf3e1588585b09c763fb043b52657029ef1ba418637c9c539ce1f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
dc916e55eca012864b51f2f7be0f76f6

SHA1
5c6a3bef4ea8158fa0fed34c68c0690c6263ae6a

SHA256
cf6e5ffbd5eb53bfb8122bce435bb964ae4478925e1aebcc446764e17590d8f7

SHA512
986f7fd70767748bc73de6511449eb6221932273f083e67743d806c2b33c084befe4b04102c90e6ad32643e6fea8a3c380699e72881a9f4c5cff14aa3b735b8f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab193D.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar19DC.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit