c15739f50be26bcd83ab7196df695127a055a730878b356cc59fa5b23ffeb3d7

Analysis

max time kernel
119s
max time network
139s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
14/01/2024, 11:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5b1ad5e1e3a51c5f9bf342413c92f25a.html
Size

38KB
MD5

5b1ad5e1e3a51c5f9bf342413c92f25a
SHA1

4fa54b3c5d2568a9a6a97e9605724088af292bdd
SHA256

c15739f50be26bcd83ab7196df695127a055a730878b356cc59fa5b23ffeb3d7
SHA512

c041da6d870aa7879328db59ee381e48a5981069db7ba19fa378f15a4979f28e0caa84fe5dfa027541bdd4526368c1638db25ddecc2af73eb9c57c5312c01314
SSDEEP

768:PhPqjp08PIyLr9TXorThpVlGnsEmYt/mTnQ:P2p08PRLr9T4tmtOTQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A5EC25E1-B2CE-11EE-91A2-464D43A133DD} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c0000000002000000000010660000000100002000000055a9b73241a945d8683846f5ff3849a7f45ad3ec83b2b4485d89682b48be2ca6000000000e80000000020000200000009eca209038ee9250ce3716494aadaf3233572003a4f8190abd725d358387b3d69000000061416158e10394e2ea3d10b15cfba0362cf271379d66e34e24c4b49be9b27afc60838f5f30aec050a7aa223865017204373f78af131bc327db2aeacefecd9f978c250d7513428422a661fd2f262c38fdb9820718da0d416c1b7673b786af356b260e406b1440902664b3f553be3172088f7509c505c1a14c3fc3a378d1322f4d7ecba1f2861cf2f9fc97885581e8f94540000000fd67a86716c8d5abca114981e32566bf958640ba493da088ec8bf6b3365693d47bf237807025dbf261e264b4eb9b8095503c7ae3034f0f17a5347b95716f5f2e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c000000000200000000001066000000010000200000006dd9a66a16ef9f1866dafa3c88f3bbfc9d0fd2b6ee6c83aa97e39051f7b35719000000000e80000000020000200000001a67b6bf80796751eeafdcbe0ab065325a359250366531d9e421730fafcee7342000000034974fe9e99aa143367e07210208314c489440d3ef00086e0a6c8ec328e1169540000000faa82598fc456238a8b7e1172bd29f60ac550627dbddaa2f5ecc934f0f46318b6495133c0f503a0f41490a6297e970a031603235011e204fc998d826b0146908	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 2065dd7bdb46da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "411392987"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2324	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2324	iexplore.exe
2324	iexplore.exe
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2324 wrote to memory of 2080	2324	iexplore.exe	28
PID 2324 wrote to memory of 2080	2324	iexplore.exe	28
PID 2324 wrote to memory of 2080	2324	iexplore.exe	28
PID 2324 wrote to memory of 2080	2324	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5b1ad5e1e3a51c5f9bf342413c92f25a.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2324
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
297404dd833e6787975f684922eb7799

SHA1
95438ac292fa285c6100c2deb9071c95e5a8bc4f

SHA256
1ed247ba33ce0a83378bd2a802e78d77a39b477b97d44e018fd24135ac7404d4

SHA512
a8bcee2cd367179b6abea72a49512da67a8dcb3d43194b00748b0dcbcdafbf82fa693fb8cca67c74522c4ee56e69c93dc66d549aaa46718e57d631f43bc36052

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5c569a2e751b0717ed07b77711c6a854

SHA1
55788f79abd7911021d70bc2a9f5febf23ea2188

SHA256
4616ba2cd62e887c904bd31a0dfc98a5d3c1e70b9cb7014d754a81d317264a95

SHA512
0683ef230d26a78dc6997b1833444a1fe1d89a2e1467568b930561af11819822b9e3e9718328bf27f2ac1e14eb7a5b7c0698860af1ccdd7bb705906970e3dd0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
04c020918359d7a29c52e66489dffbe4

SHA1
aa18bbc8140dced670d54dcea3004ad60d8bc94d

SHA256
6a28d5e3786de9d02a4f64af6b1d6c17d6b0e80e760ff3524c285f28560d6c00

SHA512
049c01a254f190ed57d0b9709b944869024119122c284a74a9d38851b0c0dc399de4355abff8aac0a3a8f1ef116b84a1e546f39422582623a087cab9e1a6eef6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8e26db01d8e70aef14b21344a11c106d

SHA1
bc2393efddafb175cdb401feb498fb983aa9b1aa

SHA256
3925e866cc22e4182e02da2a5e248689172f447bdc587ac39ad81a79b0fa8857

SHA512
56480387a3a34e0bb2460cb8181988899ffe9b4f94661886bc7cb2ddaa0ae0b620c97a16bf701e143d7fe8a783d590b362a01ed7b9a2f2bfe9fa9a200edf58a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ed50e2bab8363e54c82d6a4aeac3c111

SHA1
bbd5a5b881241ab0729e753197bdae6f3221da45

SHA256
10de6a4f7c6054eab40294b4cc8f19a662f63d86866d282a0df0a6d028937f7d

SHA512
79c3cb66199c297b9f14ca670708fc641493f784a3c0d9af5c3d703b4afcf1b326cbd979bfdcf35404a742599889343eef37ab4dceab2ffd6a65cac40e5dec93

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fd4de3bd2741aabc22a8ce258da47c48

SHA1
9d44f360f808bf85f6bb5959c1943a0785568d41

SHA256
7addb64b3787ce0f6f68b4380422e35a074e61a9d8bc273720c81be0929e9f32

SHA512
b37a708e855cb8745b2593eb27cf37b0dc3cc1833b135014079414c2db779379e62ccd6342fb888094bddb07a5b4886e02050e6eba639b645f12f1328a4a9083

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cc06e3860caad6966ede7f3dc2e2538

SHA1
eb545dd3a5d8df212c9aec7710b3fdf6349df4e6

SHA256
7d760a4250e5abeaef0793f207437363cee8a6b12847b230ca2aa1e0cbad7c72

SHA512
5ed7b2482986b92cca52e7bd9af64f40583c783a2cc2971af9c7e0af55ed7979108b34a2ad4d91fef5b1d5ab3a583f2c151dd002ccda8fa71b3c4ef49acbb16a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4007222a67b9e39473a8b4bc0045c980

SHA1
f63e8c997d7c7822cf6a945303d637e8b41df1d7

SHA256
66af43d2b4e66547b1f9bf2420af6b38950b58a7f63444f1fa67624f1c647ffa

SHA512
c24389c470f73500ad6256f77c7ed7b1667ba69da5974b8e8599a69eef0c8487fad2ce33b5433009a8bf14dbe1195b3e16bac8927f1f74bac918d54d95e46f76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4b0a911e9c97aa38358e826c90247f7a

SHA1
c38fd7226277745f1b491e67884e1e47a96bb5fc

SHA256
be9a80609617618348dff4b8e099626d9e28afdc4cd6c2250f0267c79a02cc72

SHA512
cccba79aad7774fef1a2abe68689ca0e95075c8156307083f776758b0f0b8a849e2304a7ba8b0d96827edca35bc06db44bb70b31a066be549a06363f67ff85fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
96406bad019fda1df90ce616a4996dbb

SHA1
eb8516679af3c9669fe94082a173451c148f2c2d

SHA256
22e180b517699e26849dc91d83e91b142f2556f020c3439243fe87897465e89f

SHA512
9e3d91fdd8ae57cc274b3c3bdc41085421e2988079e34440a2b164ca8c890d5859334d679ca55f55cc6028475f8e92edb11a47d972ab4adc1bab72262ef2c2b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
88ce255d7b2001079bd4453c630feb70

SHA1
49d3293ddf560674e997fbeba343155e190e77fa

SHA256
1110e4db81196f1bacef2ef4614bb8654384765d76960c80a81ddb4d2d14f3b8

SHA512
6c8cc8f518ad309c9b25000c59ed3a9ee1fb55d1e6d6e9b864742cd36a7d935a34a3469bb1e57bca664ee2b0b06a2dd4ccb37ade2a88f36115557e8b1388b2f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c1993cf4c961ad86ae0bbf971b355ca4

SHA1
5f5fd24b2edf008c61884f7863c36228fa53a75f

SHA256
e0026c1c419288d94ea06e20cd35324d98bdaa45926f75b0549d2ff6fcccc409

SHA512
183038fd95f200f7af57d28a65eef40b9bd8cce6eee81f569648c596066b0f09249d9d3c9fde692fbcbd175ae13cb09e81c0015919a81388597f92b288e760ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5c1f1759f793cc6a4c2815a6f4dd5eac

SHA1
14268e6e71800f537c70b4b69f6282efcbd813cb

SHA256
c4e7e6cd9b384d645beca0dbd136292df6b542c715772b25ae6725b1b6179fe7

SHA512
e6152b54feb5d45f1a0ab0be8cc290cea745fb6edb740d815c79e25363d2b84709a044a90d831d29110a3a03292f7ae7dd9936afd9f94f4bf217780a27190624

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
138245c845a4702d8096b14f8a420292

SHA1
fef270974e48d41ac2248c69d69c3e52625c2b72

SHA256
8fd3e67877d3abfda715925ada6395e4a57992cd66c1b24ca5e4e6694f8242e1

SHA512
e1111bcfec80276d77729140ebf7107ee045cc4c6104ac3eee8a819daf793aceaa929f6756f411eeead7a4bb4b7e7036036dd2620c984c6edc7ae3023184cfef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5b4110941bcabf194ab1ffd8bb4a938f

SHA1
8eaca7437fb2187b20032221d690dd8dc4f887bd

SHA256
9377308f172feb0a078e4bf1aad451a111088b04983aa9b97a37f2d18a1b2aeb

SHA512
d3db9a4fde020c4f7092803a56a4195bc2069272e33123bb19a1f376766bc1a22c77c3e09dd2b65fd4a9ba9727e2843aacbc5134237d56a842d22bbcb0a2696b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
8442eaf000442ced22feb7e3b38879ed

SHA1
2428f6f8f658191d744e375a1e003b29a3d80fb1

SHA256
6d8b40bcb2662d2bf5e682b704a221e14d41b1e00ed694f83ef7150d239ed943

SHA512
bbe93624353cb9a281fdd3e7207655041da1568b61c6add5ae495f6bfcfd93b3c348e078b2f20f3472766aeecd9bb05b470b830c443f504047b74981a3511514

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab586D.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar58ED.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit