hxxps://click[.]e[.]quickenloans[.]com/?qs=58ea3219a6b303ecbeae6d9aa7b23b27f56ce29ba2fab6224f971b6f37d3bb3e1c03e6f35bd311894cfea696dd6abdfe5062084cd6d8de0d

Analysis

max time kernel
209s
max time network
198s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12/02/2024, 09:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://click.e.quickenloans.com/?qs=58ea3219a6b303ecbeae6d9aa7b23b27f56ce29ba2fab6224f971b6f37d3bb3e1c03e6f35bd311894cfea696dd6abdfe5062084cd6d8de0d

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133522044061938737"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
3980	chrome.exe
3980	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5000 wrote to memory of 4176	5000	chrome.exe	85
PID 5000 wrote to memory of 4176	5000	chrome.exe	85
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1196	5000	chrome.exe	87
PID 5000 wrote to memory of 1768	5000	chrome.exe	88
PID 5000 wrote to memory of 1768	5000	chrome.exe	88
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89
PID 5000 wrote to memory of 180	5000	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://click.e.quickenloans.com/?qs=58ea3219a6b303ecbeae6d9aa7b23b27f56ce29ba2fab6224f971b6f37d3bb3e1c03e6f35bd311894cfea696dd6abdfe5062084cd6d8de0d
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed0d89758,0x7ffed0d89768,0x7ffed0d89778
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:2
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:8
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:8
  2⤵
  PID:180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2752 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4512 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4496 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5740 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:8
  2⤵
  PID:928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1828,i,12913495172611072108,14090859202343780425,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3980

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2296

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
545fa4d3fbd2ae491d71b7bbb3840a78

SHA1
480ccca38a3ef8ae918dac3fafa91e45844ac02e

SHA256
0620134de1128b9c85e763900f486e21c173b1fb836d884899c096e18b187df5

SHA512
487d5cc0d6c0864642597adc53ca8029cba155adac6139ab55f357ebc2f53ecd92cbae956ff0d28c3e3f7fec9ca874d741aab9854505be04d820171caf5ebc33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
23c16b026be93e3cde953f19a6907112

SHA1
08298423e5875dbcaa7332eb51d829c035ecdfb7

SHA256
35ced793e7c76cf6c86fc2d9ea1753568399fbc71606395d772af8f842fb4736

SHA512
5e96b261ee46d61b3711e322f0ee9c7e132fa07a9f0292ba49109d4a504715d410d91261f5f2cefce610d67e1ef43963cae7930085463a8541cd984df6a50bab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
5091f2d0c953f472ef72dacedfd4cafe

SHA1
0331867794fefbd7cf5af7557e999588d5e65c2f

SHA256
8cc4011ac42980292ca738e155e50b1e2eedc0fbc088995db46bbc7bd287d656

SHA512
19cbab9722b632cefac48990ed85686835d031fafd768068b54aadbb732e5c76a806a81166c376543dd30eb7771f602d195701705dc97a7722687ef80bdc99bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c0fa200ca2a87ff75204477c5d4e5b93

SHA1
8dc2420d3ed12933ea91471b075844cc21e98ede

SHA256
c34caeb1fe1eff1918ce88541166fbce4fb2bc5380bc39d2093f223e41bbb27a

SHA512
f08ea2f2cc97b3c502e02a684e7eaed1ca3274ef24efb2553444d727b55ef94f65867b6eb357302edf8f8283a7f0e07fb21b1fcbff4cd56f3121eab755fa9d9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
07a4efad41e82715e9ef734bd8890a6d

SHA1
cb8c66bda0b3153ed92711add0d8d3d286c81d31

SHA256
e68200d026cb3d53bc9665c147b7e15b3ca17de4c33d170d07548142d96084cc

SHA512
83f54a666cf0d2d109636bbf812950e8323f665997e9f4537c4584e61a43a966d13ed474a7094c5ae909f53aeb9291536b0a82ca6aac9d0c18f9bc13f1df7f14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
765fb8b1a67b5b9f373097f6181a0947

SHA1
bed5d58e8f2385bb8da0372cceaf369a7df3ac8f

SHA256
28c9dca1f317bc06a7d5bcfd484b59c1f395f18d663c148ac08e6c2f20ce4c22

SHA512
a51e1fb5e32f3408c68ab815f33d0f8b5486a4c4f9d6a80906cd5d01ecab99380fd5235b02647795010f5c4fb669f64f8089dea5c0e2384ec361c631ac0953e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
f7bee70004327371a7cecc3a1cd2b963

SHA1
221a0aecf83eb847711c50d52d8d2bc95c32d964

SHA256
76e0336b48d1f978d754e34e07c3bd471f12d617288062fd1560b16c8762b615

SHA512
c5919d68f26e4759850622ac2bf446bf744cdff12ed8bf02e48990b19dd800edffe039e1c7547de6e336bc52b65ebe8b5daf7652275f08a08d37d89e9206df12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit