hxxps://9starki[.]org/calculate

Analysis

max time kernel
599s
max time network
591s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
27/01/2024, 01:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://9starki.org/calculate

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133507925270470576"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1184	chrome.exe
1184	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe
Token: SeShutdownPrivilege	1184	chrome.exe
Token: SeCreatePagefilePrivilege	1184	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe
1184	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1184 wrote to memory of 3988	1184	chrome.exe	75
PID 1184 wrote to memory of 3988	1184	chrome.exe	75
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 412	1184	chrome.exe	88
PID 1184 wrote to memory of 4168	1184	chrome.exe	90
PID 1184 wrote to memory of 4168	1184	chrome.exe	90
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89
PID 1184 wrote to memory of 2556	1184	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://9starki.org/calculate
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb57d99758,0x7ffb57d99768,0x7ffb57d99778
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:2
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:8
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:8
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4736 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5352 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5312 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5688 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:8
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5828 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:8
  2⤵
  PID:3804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2824 --field-trial-handle=1876,i,1023405269468864150,5886283574311973666,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2136

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
e6836280b57bc832dee9fddc4b11340c

SHA1
f126ddff12b5515348db66db8390f8a94651e684

SHA256
65d906504349046a84d7ca44e5e3c243cff4b26f5f7e6b3e36c84450fbabb2a3

SHA512
b8b9d0188dbdc317d2c32e894d669e354486846e6c3ad0cceb3fa7a84b5f830e047b2301672c898d99dbf136c5b009eac8627e1ecb71021b4cb159ebc0678d5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
c46ddb9422c280fbc47b6837830cd54b

SHA1
62073a6e552a43bc73c9ac4b479c3381f204d81c

SHA256
563a87c520140eb77c3f05e654ccb9a1b1e711cd6719cd688768cf7866d59723

SHA512
6f706a309fd734f0616b0f6efffe835cc755a57e2f2fbb604d85bb1049d74d400801c2c8108510793b8d981d2e4d4ad7d1007ed09b0348bfeecf61df91d0112a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
b4f9986c67201b240d8f7bf95ebd2e41

SHA1
bccbd4212134468c32b99c33336ecafe499051e9

SHA256
efc3979a80adc3613a7ab773b155ffca556dfb1079225b02a1440598a7eacaa9

SHA512
d0f76ae1dc7d082db5b87c64e0260696fe1edc6031aa424c76f297dc02dae445074005592b5d74530be9ba259007899ac40b09f5a31c2deed92da3bcd435f4e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
794d857655cc3bea3080d5b62be3e7d6

SHA1
02d8ea19f285e8f657d7b8dee9344e3bc4b83260

SHA256
e1b90dcb55f6441fdbf895304d4bf2e9f09a2617f7820b0502788d1c52b8474e

SHA512
50c9a8a582bcf70e5a44c687211226c941ffa70e280ca01db25246eedce63402249e8e61e5d5c356bdf9cc465b9ec4a259f7872aa49a30019edd6a6532d7deb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7d86b9abf07bfef95a9e4fc603e0abe5

SHA1
cde9752f3ee8204db6536935efc56f1c3f9deedc

SHA256
42c5cacd4d99d9cf752f07d6e929fab2555beb37911e1b80532ad226b0787d37

SHA512
cbe27d7fe7a94108c8db240b1e7aa43138abda93bd7508cae1bac94f64b4cece31822abd9d5f5360f7c9c914dfdbb83aa3f48ac5e845fe5a1e18a6e03330515a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
07770c8e8b22a0432d9e68067b897a5b

SHA1
7bcf2953960dbebe3f8ce52cbd58d686cee26268

SHA256
04421a54d8c135451dad815b6995042f3d13f8eaa461808eb9a63b9536939f3f

SHA512
0ff6bf273c96c17603b52b9907c3dc53c7facdefe969f02215d448a16e2f7917ce0c52c25c8c42e8fbbbe2116721953e795f9ab33c8a63725f18a4257be6447b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
ca4b12bb9ff97eca8e599fbe9ad75914

SHA1
f70d58affe51d5a3a8dc4baf22e283ee12d5f1cb

SHA256
704e95a6489b65f7de52c41bd23d78b2c3f98cbac3fb852981fe1e26d504f29a

SHA512
01d82b3ed77821249e3c4de2c77be6a1062118371ccb4a48ee634e13a272323edfef1e8bad858b06faff7fd026d0bd70cbd5b255464361b234e22cb91c6189ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit