hxxps://myremedi8-my[.]sharepoint[.]com/[:]b[:]/g/personal/abrooks_barriercompanies_com/EUPGuloYCehFpUdcROcCo6oBrxo89vzH6aYy5-8XEh5N6Q

Analysis

max time kernel
153s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09/01/2024, 03:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://myremedi8-my.sharepoint.com/:b:/g/personal/abrooks_barriercompanies_com/EUPGuloYCehFpUdcROcCo6oBrxo89vzH6aYy5-8XEh5N6Q

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133492429080175625"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1388	chrome.exe
1388	chrome.exe
1364	chrome.exe
1364	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1388	chrome.exe
1388	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe
Token: SeShutdownPrivilege	1388	chrome.exe
Token: SeCreatePagefilePrivilege	1388	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe
1388	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1388 wrote to memory of 2532	1388	chrome.exe	85
PID 1388 wrote to memory of 2532	1388	chrome.exe	85
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 1700	1388	chrome.exe	93
PID 1388 wrote to memory of 4820	1388	chrome.exe	94
PID 1388 wrote to memory of 4820	1388	chrome.exe	94
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95
PID 1388 wrote to memory of 684	1388	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://myremedi8-my.sharepoint.com/:b:/g/personal/abrooks_barriercompanies_com/EUPGuloYCehFpUdcROcCo6oBrxo89vzH6aYy5-8XEh5N6Q
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa73c49758,0x7ffa73c49768,0x7ffa73c49778
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:2
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:8
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:8
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3164 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:1
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:8
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:8
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4776 --field-trial-handle=1872,i,395014903903976086,7421804983347373181,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1364

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4260

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
969a1ba40442727b3613f4eb68b5c7c5

SHA1
0a771c75fe0de7dc5bbfb551daee2ebd63d2f2c2

SHA256
b774fc16ef11ab1dabc0c362eb1fa86495a45bb9c62074faa5b2a3d27f3f2f34

SHA512
ef044bf1a48a32774dc77a623497e47d38fab7dced646941862b660893afde4ad6fc0a9d5fdacdf3d1e4753412325113d49f5f755169b8a7e95553d18b1ea22d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9a464483e6b6826b6cc7c35c93bed1d3

SHA1
7aeb8181534863d94505037f81b0ef4c93e6d481

SHA256
67974b1a8e42bb1b5be68c959afdfb407457fcde8fbd69d13c9e257a0701cb6b

SHA512
e5464f06f3251474e32726662330a968aa9756fb4e156f46a22268a8761431ac27a7315f32795e88818ef19b5440410b972672ce40334bbaaae7a558aa490554

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
49a38ef1e82d37cfd71b313d9ee35cde

SHA1
23d023c55d805a19f774be8686e51da21a28dfa5

SHA256
ad4dbb537deb80b05522112362e326dd55ec2d73a5b2bc1bf72db79d34c33b70

SHA512
8b299b209c6e485f092ba81e729eb87d25899ad7d19b7f5368239d8750d194d3a68f9c2ae4963d4a91536f2286be225f86d0f4cb30d1d75eaf198c9d0fed0b88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a32abe2eb8c66367dbd78c8ff55eeca2

SHA1
5abba219b4040501d740e26fe429f6a6fd72bc1c

SHA256
a9d5b9c376d98b1ac8eee24153c2a6c688da2a2b49265975128d465ca34e3a0a

SHA512
fa08be324a8bbee23c2ac7e3529e0a5d9f3dde6fbb64f60d798ae1844176316ca97bea188cd3280f73333464c0a4c179fbbd0f95882f61ec247e23c883742765

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
704B

MD5
8203bf1e6448514275f897a05a4160e2

SHA1
e744fd21dcbd88dc7598c67f9f07424b9de4dd10

SHA256
8fed0de49bba1fa98b5136337b3c214116fe4b40bb56cafe5dda9efd957605e4

SHA512
43c60774da34aaac40ddc9a34f4388b575fae01a9ddd51ffd073ee5d591f664c8aa389220d250f2a6183023cc820295a590ede18cd63a895dd2ae4abcb502f2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
61da44b58cd675455d2adf457909325e

SHA1
5b6d3e6d71f838d2c703df2f7df3ffd6712c2609

SHA256
e0030ae4da5563b967d812b31d5598749d0f35f9843aa56b37461a535ebcdfec

SHA512
d5a52e0b220ce2aff5e2ed7eab640a0b64716be8cb3bd7f3de3aa236958b70221194ad08c8d8b0298f061d1e4a1c1e50774c7fa8a82a83d9aa4a5d7877d6540f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
efc7bc26a57da91748bd024dca2adb34

SHA1
1158ab03441cf83b94f7f24f208dafd6fa6fe490

SHA256
b4287e1cd7d47ae9c5a8ef45f2cfd4b25c6173ae15342ff44ac08499b116b0eb

SHA512
208e0508eb6ff7dbb4eb829d0166db3fbc40330c8e804bc6c19736a60df234d86d00c7292f9adba48314fd22f3d69087fbb708cc3c0ad288a468cb1b6e053aa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7ef91d6528e1884594413bfee2706df2

SHA1
04fae98ba11bfd4a61088e37aad7b0e8eaa9c81d

SHA256
e84fc945f4a426e799349e912534553fe9c4ffe647b7b17c0f3b096404f62d86

SHA512
69eb3f4fa8948e98ff6610fd137f6aaf115afe228c104255010813c371f563c3c0482e7f17fb8605873a663100eaca234f77f6e946d544a699c7cb62b75079b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
3b62b5b7b69ad0c631ad1e90323429f0

SHA1
33461a6f5ec031cc4c60e05f4402d10db042ed80

SHA256
cf8c1d0e7a5ed6cf5d40b71aeaf09d52c2d4459a7e7f293ba2e35a307ee1f438

SHA512
4d14915d0981c24eef4df73a2d97beae121478a30d83f13c50e26c57f43f6e777cb369bb454c155474cc0b9e54207c636c64870d1ea55712b7d2839029827b75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit