7fc2a97e6cf795f772da4931ce5a0469bb6694f9cad10652a2c8d3ebc8c7ae68

Analysis

max time kernel
146s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
08/01/2024, 20:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1209c7285899cfd49915a232833ff205.exe
Size

485KB
MD5

1209c7285899cfd49915a232833ff205
SHA1

255f374f0054adb7e19a166eefba0218a74bd6ea
SHA256

7fc2a97e6cf795f772da4931ce5a0469bb6694f9cad10652a2c8d3ebc8c7ae68
SHA512

49581c99ad204e1895d72df1f779c8902f25287106e8ae13a6ea204e8abbbc5751b314dc3bcac5384099a4445dd0888abb6ef6e61057af5a7a1b0369fc3f762b
SSDEEP

3072:Dxv/y9LJ3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgD:9amlKgzelZNQSBQGH/CSpWqTKmQnmQ

Score

6^/10

Malware Config

Signatures

Enumerates connected drives 3 TTPs 10 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\E:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\I:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\K:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\N:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\G:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\H:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\J:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\L:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\M:	1209c7285899cfd49915a232833ff205.exe
File opened (read-only)	\??\O:	1209c7285899cfd49915a232833ff205.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\RCX4743.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\chrome_proxy.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\RCX4894.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\createdump.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Internet Explorer\iexplore.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\RCX4908.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\crashreporter.exe	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\readme.1xt	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX47DB.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Internet Explorer\iexplore.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\createdump.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX481D.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\RCX4861.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\uninstall\helper.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\RCX4787.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX47C6.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX480B.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX4840.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\7-Zip\RCX470F.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX47C7.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\RCX4893.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\RCX48B6.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\extcheck.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\RCX493D.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Microsoft Office\Office16\OSPPREARM.EXE	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4972.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\RCX493E.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\7-Zip\RCX4710.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\dotnet\dotnet.exe	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Java\jdk-1.8\bin\extcheck.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4960.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\7-Zip\RCX46EC.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX482F.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Java\jdk-1.8\bin\appletviewer.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\RCX48D7.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Internet Explorer\ieinstal.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\jabswitch.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Microsoft Office\Office16\OSPPREARM.EXE	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Internet Explorer\ieinstal.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Microsoft Office\Office16\RCX494F.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4961.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\dotnet\dotnet.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Java\jre-1.8\bin\jabswitch.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\java-rmi.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\7-Zip\RCX46ED.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX480D.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\RCX4862.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Internet Explorer\ieinstal.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\RCX4776.tmp	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\Internet Explorer\ielowutil.cab	1209c7285899cfd49915a232833ff205.exe
File created	C:\Program Files\7-Zip\7z.cab	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\RCX491A.tmp	1209c7285899cfd49915a232833ff205.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4982.tmp	1209c7285899cfd49915a232833ff205.exe

C:\Users\Admin\AppData\Local\Temp\1209c7285899cfd49915a232833ff205.exe
"C:\Users\Admin\AppData\Local\Temp\1209c7285899cfd49915a232833ff205.exe"
1⤵
- Enumerates connected drives
- Drops file in Program Files directory
PID:336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7z.cab

Filesize
41KB

MD5
0327c3b142a176220c5d69d78a5d8040

SHA1
cb7a99fe1cfe7b6d027be3a64da28dc5485e30ad

SHA256
cdd85bd5fa4845828b57d9968791010fef9b03f2eb5ab7fe0ad8813194b85f35

SHA512
e7eb9febd14e0dd9d5b77610d8e0b03f04d2c3d6c5c4616a8407767c91d0ffad42d4f1303fd01dac6023780abd17c52ae420ed146879d71eb3fad32f2da70bf8

Download Submit
C:\Program Files\7-Zip\7z.exe

Filesize
1KB

MD5
2a0ecf80bd24add8b0af6a66bff108ac

SHA1
b4fe636d1689578c92aa10908f66ede736866310

SHA256
2790bb38f48f43199d831344598800f70e9c0ad74e0a0212942664e3e409e3a2

SHA512
fc86bc8c877c029a0ff6d095490f43e40805f5a355b8e8fb748afadc1c3f1b94ef9216211c5ecbfef989baf30f11cdfee415d3cf108211c23d034d85a61bc111

Download Submit
C:\Program Files\7-Zip\7zFM.cab

Filesize
22KB

MD5
21d0cdd3f9864a6855b60f008bd96b04

SHA1
aa6b75455eec9689a502ba2adb810ffdb058f682

SHA256
37c7cd30789dc840fc270490876b57c40ad0d8007724eefc79288876fc51c5d9

SHA512
51bc7b8e6ab9d77b64dc7d182f12b6979be8afc168501d19811c5124fafa131f2e1a157075540c80a60d66859430b9be0673a233ba4e1d2abd25f790fad9e5f8

Download Submit
C:\Program Files\7-Zip\7zFM.exe

Filesize
1KB

MD5
58bef52ec7a47b7e36670cac74f56403

SHA1
62fa04ee82af2534fe34d8a895ff706de819b15a

SHA256
993c6135b281e35b18282bf40f674395cbdf85dd6388c3e61b3f38c1edb6034e

SHA512
0bd342303abe96c4405626e1725447449787095c060f3fc349a072e52aeca13e429dbfbfc4ebfe3ca8daa13c636f1e26190f02a7045172a233e036519c82a95d

Download Submit
C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.cab

Filesize
6KB

MD5
45cdd48a19f11fa71fff6a49d7aaa64c

SHA1
b66959edd4604668448b5730daf05d02faf51105

SHA256
fb862d2d6944586ccb9d297b7c37f5b1416ad0ada606245c9510d8ceec21854d

SHA512
3acf10782c08f0cb0be884813537b5f2201951b24ab6589aaf0cf3a4d6b33858029869adafde6f158ad9d9112c2eaeba0947105c6ae953b4e7394b93e056bed6

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.cab

Filesize
1KB

MD5
08bff20daea1ed4800cfd41e5eb7c065

SHA1
9302dcd4ec04bb3d1e95016d6a205a3fa57ee32f

SHA256
5dfa9961cb4f4201d7afaff1f165962d98ad455eb483fc9cfe59d18a448f7013

SHA512
e7821eefc48e43e9dfc23cdd1a4e036fd5bf6bc863233291fea53bcbaa5b23319f749c41c49b11d008774199fb97cec785095d9b8ca484697782d436225c6ed8

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.cab

Filesize
8KB

MD5
815102082ec31a885437dac58c2a7f1e

SHA1
d9f4f8d7cf347fd00dff573c84b0a89ef1a36f15

SHA256
c689a0b3d27e9739d275f0f8d5dfdb0fd2b097ab857fb4e917a3ce69b5923288

SHA512
bfa46e64dd620085aefc3cacfbfea4450b2276e9b5c7714ff05fe85b025c19fbd173d6554299fc90f190d3c30a89b4730af964f1d51e38e5139702415755c50c

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe

Filesize
27KB

MD5
fc3bace6f0dc437e4d77ad49f8018601

SHA1
d08f1f196db9d261543f16e589a0e68997d673e7

SHA256
d718515b4e4c90ed91d847af7cac2eab8b76dfac8f9e82b19add940933c8b298

SHA512
ce62c45611cadd03095e518b1020e0b759a015f9b3a38933274c73fe2f9598dc8d4859137558d41055fb443e4e456c17962554a6a95a9d9bc7b3a361ce6128cf

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.cab

Filesize
51KB

MD5
61021a7d525d1acdfac3ab749354b0a6

SHA1
fddf25d22faf1ba82188a5058508125c32bc672e

SHA256
b778de3dbe4d5729c63bec2fdf7cdd60f932ccb98a2d6246c9c97ae7c85411c8

SHA512
1b39e7144414281839f81b7cfaad1ce6d1c6905a6088d9fb312359ace7bd4c976f7e938df1e6fddf671ac8bff22a4eed8f7a8294c426502783eae5cce5a65bf0

Download Submit
C:\Program Files\Google\Chrome\Application\chrome.exe

Filesize
1KB

MD5
2cf9cc065baadd93193695b57e132bf1

SHA1
a06c507afab9bd1f851b21deb1002e411c0aa59f

SHA256
15b55b0526669a1cd13dac4d71032b256b9d5c236f4baa2f0145584f18ba4973

SHA512
e82001bd21f739937e72e73947adfe28758a9b42b9b1cc9c4e4e129744e3a3d20c38b8c09d98d3dae1197718ea97277fba22649581cc856776e4379bf947c3f0

Download Submit
C:\Program Files\Google\Chrome\Application\chrome_proxy.cab

Filesize
1KB

MD5
fa58a3a0cb840649230c167fa1ebeb85

SHA1
5e3e4325dddcd64508c447fdca96938820612d07

SHA256
1134312471b2dc0d2497601556bff2181647ba5c30fbcf5778e1ff91f0052eea

SHA512
b680d167d8c8588ae06203357f9b10261345ff9296c6cd490d52c4bab21210425472c2472edcbd8623ecc8243004796b5f20f8aa0c5f963cb51e8579b8c5267d

Download Submit
C:\Program Files\Java\jdk-1.8\bin\appletviewer.cab

Filesize
1KB

MD5
27e54c959cfbd29eae298746f81cafe6

SHA1
8777340a9e89bac55fa89185d2025cd7d879cb34

SHA256
59bf5600611da6405c3ccee802fbe94f70ed3a43ce9bf0196b8a421314356a2b

SHA512
878ed0dc2645ae6967e260ba93925a16841c9e0df658a525bcf4a46f6de95386a7c9d6b039b48a994d17b434477b6eb9a4d29d7f1dec884818e7720600a41f5e

Download Submit
C:\Program Files\Java\jdk-1.8\bin\extcheck.cab

Filesize
9KB

MD5
0aadfde36c054bfab9e909ad8b6d28d0

SHA1
359c024cfc9b56f66c9521c1641308426467e8db

SHA256
5dcf17ca7cd9f3b12c85ba75e85c600727723833f7537e13e3c96521bfb71407

SHA512
6a303f6df12e6b25c06e33b0cddd65cc5343dece510023f2bf97673777d0b2c873f952790cb68ee806707b501bbb93070c72f39a04f6b3f310209f3294847501

Download Submit
C:\Program Files\Java\jre-1.8\bin\jabswitch.cab

Filesize
36KB

MD5
f0532a6f7400133c6f29cd5ab9d37703

SHA1
7618c7fc499846b759c12c870c39acaec6b466da

SHA256
79939762773a3a93b507dc257350d8fd83148bc3c10029ebe7143cde4d5f75ed

SHA512
832b38018ed5c9c704290cfa40011e55b0cb9fe869ce6a31d652fb0dcfaf540a2de7e940addf38837d40d10574d3ebacf66fcc0a3b92fa3c57bd9c6c6f77f5cd

Download Submit
C:\Program Files\Java\jre-1.8\bin\java-rmi.cab

Filesize
16KB

MD5
c0de4c82054ec6fc3bf0afe981d5f150

SHA1
9e55be0cd26dce04724ecc94ea9120a3a36bcebc

SHA256
b5b69e0ee17b72bfefa59b3b3752cdae199f1d32e3acc1a187414661fce0bd5c

SHA512
c9083821d8002ffbad2a265cc69082c087bf2529ae4a43fa3b58c9d98d82d17aa97740570ee9e78f13447a7426295001cfcce9f88ed00dae74c0702310b7d118

Download Submit
C:\Program Files\Microsoft Office\Office16\OSPPREARM.cab

Filesize
26KB

MD5
592f55c970b24e1240f673bbf4b75e0e

SHA1
6f134762f13a651c10d9a2fc0cadf35ee9350bf5

SHA256
bf65b623a49e08b6ff21f3a36bed9ce7cd0e5e23d93a81268dc2b6cb55ff3966

SHA512
734d74ade290162c4182e5132fa7455cfb1a7a61fbcaee27bf561fe8ba90e8896eaaee03ae5ad8094f28550d30ee3580193b77733bb354f9869c67e344d9e1d4

Download Submit
C:\Program Files\Mozilla Firefox\crashreporter.cab

Filesize
25KB

MD5
82c8a1532a1c27154de2dbeeb7a90c4c

SHA1
38a39de28f18d4fc6aef7182a7b5dfaeb39f5e73

SHA256
227907b99c2764d69c7894da4485e037a5bab61df62112e3ae3f93c0ffa0c701

SHA512
7d8d0fd18f20cdd3dce001ec4b1086c2e75a37dcc615bc2c3e5e7861e1e226187b63f7c28bc12376bf897d04be337554d8cffcbb87cbc15a56c3442bbfe11ed2

Download Submit
C:\Program Files\Mozilla Firefox\crashreporter.exe

Filesize
82KB

MD5
4a837b4fc2d172b9b39c13dd1864d5e0

SHA1
91a7a7674cd05909b404e6cac882ea4f5c90f543

SHA256
39ef467a45b1173727c8da164d5024c62ec690479c40a40ba2be27f0645ca57a

SHA512
a1cfeb5e2962bd634e02270281d8c9f48141898551ff6d2e9221afea9b942f9caa154f44cfbd384e9901f1f8fbdf6b64b4e7609825c7aff8169a71810e246e8b

Download Submit
C:\Program Files\Mozilla Firefox\default-browser-agent.cab

Filesize
52KB

MD5
987d2f799bb4dfbf92bd5e731bf8a85e

SHA1
a5267027d7760558c3daa9d5ff335086ad27ccbb

SHA256
2327f967cd3d989f57e4a2f1f48eae1a99c01dc32a5dd7af2453329951c4f348

SHA512
7769dc4cbff501e50260298dc7187e3f670296cdc45960c017eb283100fa4a42f9da8216c713f2aa8d6693b1c155f9490b3e3a7c8fe9ed7c69d4ef8ea6575931

Download Submit
C:\Program Files\Mozilla Firefox\uninstall\helper.cab

Filesize
31KB

MD5
31188308b049f53a77a44c9dc72543fd

SHA1
c7cb376f8ac11c23946d87830a09774b2957184d

SHA256
7d8cfec3e01c7c3f949fc8d9525f974af2e63ff3c1404c9c48ead6af4e4d5137

SHA512
1845df3efdc4a30a430197cd56f445ffe2fa307cb50bf69d8bfa0ff859378b0229772c557f8a16545b6d9d4dcb64ef8e5e39f7a324d6567d264ba3e6b9141a34

Download Submit
C:\Program Files\dotnet\dotnet.cab

Filesize
12KB

MD5
2468ce5e77f9f2935b70da8439066bde

SHA1
bbad72b89a9f5302bc1ba414bfeaff851c7a92eb

SHA256
c6d94d52d96f8190a65262261726da3155c328400b829dd5c2c1014d772627f5

SHA512
95655d346bac05119b9c19960acd1db55c5458e5f953ba8713359b69d329700f0fd436e9cc77cdf6bf7524f4180528350db3944a1890e8c3a0cf0ed6ffd623f2

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\createdump.cab

Filesize
13KB

MD5
9e29bea2ff88e3dcf560798db55bac00

SHA1
f94145e483870970e4bf26c3c20a3773b027b40f

SHA256
a5ec18c621805985443a1eb2b84ea8795b728dde3b483763920d368e27e9fe45

SHA512
85a6e82869280257fe1c4c1a9dcc30c21d5f5f0230e89b073fa4fbc26a9793044ca5776e0eb83f140a15765db22dc907e38af87e110dda0fc57292784ece7d9e

Download Submit