757900daef442d310ce62d8bc0b07d91702ab02e49de344711bbbcc8f7eb1c13

Analysis

max time kernel
119s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26-01-2024 14:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

商道货源导航系统特别版V110905SC_0910/ChengRenLiangXing.htm
Size

15KB
MD5

f5070b224f4df34b5f45364850882694
SHA1

bd8545da61a3d01c3a62cbe9310bc26fa803971c
SHA256

e4fbec44f3c3aa85eb8956d8dd1a5156f9432ae9b64c39f8601225a5d12a6d81
SHA512

c99e3a4886b07099ab2717402f3c18df19ba9fe86e8c575d427a1b458b7ccf8c63a24be4ddcd2fb1547eea7a8fd72f7c1434eca6b8d04cb5097326024025da58
SSDEEP

192:SMQ4H26/pHCP78ijfe+gH/b//pyb8uuCLLrViY0kcua:SA26RHG78kfe+gHVdaNiY0kcua

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000969d72c3e5a03a40a0257479feadc03a0000000002000000000010660000000100002000000038d486d187618e17260ee50f98160c658c97750e8c4e54e65582ce10a1303726000000000e800000000200002000000000dfeaf0ad04fbb9222cf72197dd50cf6672022818ddd0dc4064f69739e8dc8d20000000dd4b5e9506d5c55f20579fed855fb478a7f017f07f10b4d5a09e881e2b7ac652400000004002060ad48c7de09dc9224b0f51d4f94c6c4336ae2c3494cd054e043d7b2300f4f6aa490e383c18e0cb56efe754f3e0ccd42ba2a38157e07b18fb62ea87c0d0	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8CE66C81-BC57-11EE-9439-EAAD54D9E991} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000969d72c3e5a03a40a0257479feadc03a00000000020000000000106600000001000020000000d3d8ab1ee96af0219314dffff30181db2bdf5d22e55deb957fb7117d70a18f25000000000e8000000002000020000000b9568659795162f79641ba560b91631a0ded427bc0aac33d0e5af59c0cbe3d009000000069e55279135d457035aaeeb248a26e7fa8353a1455836e5bfa97d443bb0336774f66e60d582ceb55ecb20314f4422fc5a524da2e0f54e0393716639584c6c1e009087cfde7d66bc7cb608b8b76cbf4e8198810ad82e58ab72c6a50b76e934856b8640e8dfb1eb89c3b2d3176bedab48dfc235e631af3914b62997ae1f30fb4c9e853faaf2cba469754b4ee0295f8f30e4000000079d59b6e6675a3de7e49589fe7ad5b169947b946ed9998631f29479533cab72ffec7388f9c4b4251b9d003b41c796fe73c680beabd732119800b041210c588f0	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "412441338"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0b8827a6450da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1900	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1900	iexplore.exe
1900	iexplore.exe
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1900 wrote to memory of 2700	1900	iexplore.exe	28
PID 1900 wrote to memory of 2700	1900	iexplore.exe	28
PID 1900 wrote to memory of 2700	1900	iexplore.exe	28
PID 1900 wrote to memory of 2700	1900	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\商道货源导航系统特别版V110905SC_0910\ChengRenLiangXing.htm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1900
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1900 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dfcf6846b3ed7896dca4524604c6f47f

SHA1
d7a3679846265afa64da51454ababe3b710fce1e

SHA256
5d26e15b9b835c472f37ee245fee71a7787624a5f82ad07c49f37b55091678e0

SHA512
605c255f76de75067a83cee99d37abb8d982ce5f3baa03939d47047877e90ecbc41eafa8760e48bf88006b651690207c56c422ad512b871ad3a943606525a439

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8364177f97dc4d40e39ffe5af288fa22

SHA1
cdb6f8e6ab5131f524efc79cf581b9450f8a6e3d

SHA256
b2713e717d2597e7709044ec6be6a4026bb1a82e9af60310d2bc444d3ec1fa2a

SHA512
1872c49b7844b3e9f8223dadefbb5b2b834086243e662af8c87e1ff4c09b2f7c084fa170091eb731a61d56d90678eac9ee3e8ac11ae37427986b2018c25c33f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
724cfdb6bea78558c36ef7bcab00637d

SHA1
26560e66f7eddb32b0b09cb9b5bbcf163df16b31

SHA256
d226f69c2669055f060b518eaed7b5324764236cba4aafb69c88734fd7324888

SHA512
b54e04e634a53fb6d2680759c59e8477263fcab28773d5893bdb99fe6120c34c6c30fd4070ce1ad01c9ee55798a65da6c2e53c52fd4d405f183fc0f4787118d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
573aa5dd6c95571c1d55f6e8d448f780

SHA1
4ca4bad606253d6a7ef3a450bed6c9d7090add99

SHA256
5c004f2c9bf31b45bbdcb1d2a5441edf7c24d2a4c4f4c723a96a7fadc9663e21

SHA512
323e46c6ce4aa5863590979bc71ec46081e393d436ccdcf7024a8fb6d151c10bded01d147f0a76670614a2cf809c1f9b817d9a92a82bf84f37056e6ea6c9f1d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
baa5d3d33c4c10322bdc8c9ab64137c4

SHA1
eabfa8e831fdbe9da1c5410c2b65c6a7363fa502

SHA256
119a9d8fcb90e2ca3f528d17a3e27187d2029dacebd91d2ebfab92373ab02e79

SHA512
92a4575556dbc6dd3306e93bb96914ce26b852ca5227e06ce103a1d2710b8a4e43a6d216fd02835557c9908df04543e6f51377ab35bd07c9f200ad9a4410f533

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
53fa81990b164a5138c1ac6a9e4c8442

SHA1
0b9f7ee0ceb90f9d6b808737d20201b6f2e6af11

SHA256
e8f1237352cdd3a73f1e5795925259050bbee7f77f52c8841d41e96bd0e35f7a

SHA512
18e6948bd980a021ac019772b01b309803e6a586d5e8a2ca45165e035efb0ad7945c53b6d0065c831b10c70c8895b1c6e75b34ff2319d0524adee23abcb6231d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
448b5eb676f9cc08acee42015822a99c

SHA1
d6c8aba026364b4fee8001804b90b236fe1c3cda

SHA256
19ac7e5ef7bdd8d40bb5927f2ab60c45cb64f2869b11217e55e51b739e83f099

SHA512
276cb1b9d1744dd0984b759fc2964757e3c28e6667363e0de7902ac05ab540db3adb200fc6a92c75a72fb992b9b2c9789baba13c6e7de44c31554171a84d3fe6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4e0d6de9495ee43ef1f7821170563c3c

SHA1
1e0fca2b78e902b04a6095ef597dbdb290fa0883

SHA256
db011ae2ea54130fec315490cc4cf6439399c585ca3e13d51a47c60eb398a314

SHA512
da9e376bc798f468353bbd1dbc3a99bf5de7a6b33aa6e90da673b35f13d1fac41b70ee72599c91e48a4fba743ba358bf3656e675da1f9c009a88281ee027b8d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6cbea3cbab56b42569eeb00ae08776f7

SHA1
6ec7f618f15f39fb168ccd0d9b6b116b1f555e19

SHA256
285e0ac84e585c0c7b41486407efbe260c8fe0adf456b9d7c773dd1c2d037a77

SHA512
10feaa5756fa8948520a38341ca71779e46a6594e37c20875a577cbbbce78ac4a03e0cf6463ff3ccd9148921d437d7519930554d9ac8f9879ac02628a5055e6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3cb7103cd7fd747371fa66f813854edd

SHA1
698d54def763d57ab8746089575543349621ea17

SHA256
f0af987130a06b58d50a0a1922b1a87a95195ba65ac6f6b8e5fa78d42a8aa478

SHA512
3713d1cc1bfd9314dfed2ce0525aee6d4294e73013fd985eef03ddddf44b1d19fe01207b723be10cee363619da0682af7c6651c647c8cd99e12d2849a983928f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
300ea0bf8b60a0b93b40bb1f96642b34

SHA1
2c6dcd4a0e0596fbdf2411f99051dd844b0608a4

SHA256
2d26b220019c2ab9e501480625656f08595da16bd0e3235b40059f04857e216a

SHA512
bd44ffcaab216548ddbb9bc87923e1bd229158fce19d03a29caba71c7f5a0cf330b60a08eaf9038cd65c09d6889772051973ad2d73ba5f8c9f2cbaee046d330a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2363f7e29204be98a5dbb9a2ac011733

SHA1
0de37b6fea0ecc2041731c8fba516c3da367b3fd

SHA256
22a97244d8927706ede62bd88b2a099378fd2af7f462d221743108c9dad9453c

SHA512
a2ea22e0902a46c32956aec7882b5a67ab12674167b485c462454042596eb92329ebdddbf00578e257447cc2cc9fff80bc7ae05f8ec627b3b1d7715641d028aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
429db927788627c3a5b770ac493ca001

SHA1
cbcc0b8d097d042c1cfef3e0a3b4e37826bb7da2

SHA256
dac817bcee637ec0482ce1f9a3ab6d0f61af7b0237701aab2ae2d30ede8036e6

SHA512
a3aaf130ddc4efb47c9e344ff35407d143bb7a500b17f85ecc1a8556c94519262f13863020f0bac9330be0bc897c11ebffd115f02012ef3807d5face2199dc4b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
525f4fa4665c9a1bd43ea1d8e285779c

SHA1
0dc1a8635c8c8e25c744fc63fa93bbf5f4371649

SHA256
b4349c022016dc88c0a03c1f06920c5b9bab42f767a68b1ba62fbf0433802c3f

SHA512
f45bf62193cdc8469d8e4796a9d273caaac001dec3538b39b51aed4d68531fd76b7d400b3188e22635d042d4ab0a3e38278499a6c92a9036de15e6fb4f93f09b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5b0aff8620b433a4556b3e3608aff6d6

SHA1
8982d87e8ac9a47711d23fe412a0d6e392ac901c

SHA256
2c2649fa8bf6a72d171d3be1507ef24528418be794d345d80feae8aff9ef7826

SHA512
d6ff455fb81c2184e02bcef26b1f97f9e7ff0db6827326bfaaae3e465faa8dd2b177209630eb704ebec53d3b4e710248d98260d30f08a29afce650eedf63f03a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a5cc36ede060a2460bb83be87b2f97e2

SHA1
1bbffb6b616377e37ad96773ba844b846964be10

SHA256
ad2e09fdedd2b70a5dcd8b2db1749de9a3013a29553aa4e48e67fee653158d7a

SHA512
df66922596bd842b4bc7fe9e4c98e73da45a12ab1b4e38ee3c58f7b9a9b4264ebbcbb83695537443625fc84be5600ca60aec1cec49eaf35966917f63f4e374b4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
501babdba70b9daa792ff828fa16fbea

SHA1
b2f1c09a7e87c1b05b96c0e455258e0fff774dea

SHA256
3e325361d518fbe35ae817d23cffb3f303ac98699d874a3a8837787f71d3269b

SHA512
353f3d2395d77ee0295a9d13816c8a24628822df45bac9daf7fe8873f97923999342673cabec38f49cb4849af36bd33b049d778c517ef0c49fd19664d6c4dcec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b063e90e8b08fe0f2e938a9e52aa1d40

SHA1
829ca2a9a5e303b7d982d6dc0b9402d6533502ec

SHA256
325101f3490acf9442ae00fe86d2c9458bff2a7b7e3a7b3f3f51f8ff15409abb

SHA512
58c584ab4edb026329be8ba1852ae1163ca511fb627dee56dec6db52d9502fe79ba1bd80f11b39ad8b5d8360fb3bdf4dbe0d296013171167a7913ac66558f383

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC842.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC864.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit