hxxp://www[.]coopsantodomingo[.]com/wp-content/uploads/2023/MDTlmmACMtoTgAwcewt233[.]bin

Resubmissions

01-01-2024 20:41

240101-zgwvasacdl 1

31-12-2023 01:27

30-12-2023 18:44

29-12-2023 19:32

19-12-2023 06:04

19-12-2023 05:54

Analysis

max time kernel
167s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
01-01-2024 20:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.coopsantodomingo.com/wp-content/uploads/2023/MDTlmmACMtoTgAwcewt233.bin

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133486153513441407"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2424	chrome.exe
2424	chrome.exe
2064	chrome.exe
2064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2424	chrome.exe
2424	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe
Token: SeShutdownPrivilege	2424	chrome.exe
Token: SeCreatePagefilePrivilege	2424	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe
2424	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2424 wrote to memory of 3104	2424	chrome.exe	89
PID 2424 wrote to memory of 3104	2424	chrome.exe	89
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1972	2424	chrome.exe	92
PID 2424 wrote to memory of 1592	2424	chrome.exe	93
PID 2424 wrote to memory of 1592	2424	chrome.exe	93
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94
PID 2424 wrote to memory of 4392	2424	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.coopsantodomingo.com/wp-content/uploads/2023/MDTlmmACMtoTgAwcewt233.bin
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c6ae9758,0x7ff9c6ae9768,0x7ff9c6ae9778
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:2
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:8
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:1
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:8
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:8
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:8
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4688 --field-trial-handle=1876,i,12461642127313988116,544930845101377078,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b1c178edf3bf1a8cf8420afe0f92956b

SHA1
6a2cf64c1fd924ef83d4765e1758632cbbeae968

SHA256
c2d65f2e43074a1db3fe3fd1282c0eabbd0fc164e54ec79b44564476d6579e01

SHA512
c2ef255c8db1141c26e74df34bcd722f00eae167f663196d4cdfc37705bc242ea7454ea8cc2d40506f963766598d591fe959a264f4fb26b49d93d8bcecb0453f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
45dc82196cb92b9a961bda50027e1a31

SHA1
0b5078743f434770904b253326fd029bb1548770

SHA256
1edba5251d4f4df011988a051ca64094bc3518fd54ae7709fd7c955cbea69427

SHA512
78a4499ae494ab3f1791c99a7b54922e37f651bce2a1ddc9ecb1ac1cca0195b558745099eff84d8ce1d90feb51715b293acc81272189d3e09ad0c57bd9fe3bd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ccd415c3e7dfd8ebb814b0a7e6cf7057

SHA1
580638d027dd907115408dee018988b077d9d222

SHA256
2c7acaa3102ef3ba011110cbafda693281b277580f3f7f4a0c9413334a02c076

SHA512
b26f8c4be7b328a8d5e35a6af6a62a03a633f22795b2c1f3336fe8204b6e98c453ca3badf08a07b8a7fc55214a89984ac4cc25affd84742c5415b3c05b54ccca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ab4d3560000f1fa71c838dd95cdb9d9d

SHA1
9261160619cf2b57060b223e9bced664a4b6c289

SHA256
a4b6e9dee972e13ec317975443d2905c9444aade65c11ee78c42741463851469

SHA512
61ee19a41fe14604cb88a068cedf0b3db5c56442882ae63001ecb714475032fe1d0877a9e98aa89ba64eb4e6d60e4cefb2591d1cb53fa3b27726d2dd6736a7ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
90dc3e0c7cc5bb755e00c82a502be15d

SHA1
b9ad1cede338c4959d5fa618abe4dad4c5fe5f98

SHA256
8fb252f3b6115619cf253cf52367c70e0db0bc6417502531a5732f109574208e

SHA512
a2c67286ccdfc4b8b235760c62755c8bbd5ccf42a7cbcfe39d22910890e8fcff9bca4a85402608689b2d4f8b1da30d45d27cc27babf39d150c8170cd121549cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
066d79b34afc26e1e88ae444fa137821

SHA1
d9c4ef930eed5fe9bc0dab2c647bed2ac7d01fa1

SHA256
770369219075afe5d4c8a5944c0a56690a66eb56639cec17732f5731079a9b61

SHA512
fe245d9f1424bab51a29059a21440ea9aa717aacb2bb03fb1192b0b0d361e549d2e36cd25cfc89a297c2fc424f425739ac41e03e6b0814bc5e58721eef3cea6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
ea91c86f24ebcc0d5dabab8bbcb3c03a

SHA1
ba74a11734b7bac0a2cfba5ff9543c06ea293f0c

SHA256
968a8351593cde79d8f3164ac28bd26d6f4dac2c9b30d1e9ebc36138fffbad7b

SHA512
2687be614be6ee73d5c7ab0246cc4a6c650ad8088309c7162b75c36e3eaab4bdd7125805169eca808115f711348dc32c49442749c3b2f0272fdba315407ce37b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\MDTlmmACMtoTgAwcewt233.bin.crdownload

Filesize
240KB

MD5
faa2c3d1b2487aad5a70f2d8e755cb3d

SHA1
f858420103305f3ffa8cd3447aa69e253c7f364b

SHA256
4c53d4b424851b03ee9178d45fbb79047cc71d183ce0b6c878d5eb896fe32834

SHA512
a91ef4314e58b738f666812cf0355d029c591986b26aa9907b9bce2b8b00aef0ff5d8f212af8474e22ce6141673efcb33f7363f3d6f27f2bb15c866405077ea8

Download Submit