ddcb5217b9d7b92d2e1861b5ecb7e9ff49015c0b50b5aab8509f5a3d81f17ef1

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
14/02/2024, 07:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9b18373d0ff55e2ac1400032f04d3a1d.html
Size

56KB
MD5

9b18373d0ff55e2ac1400032f04d3a1d
SHA1

9cba6886de17933d6a8255bd1a40cc44e292cbaf
SHA256

ddcb5217b9d7b92d2e1861b5ecb7e9ff49015c0b50b5aab8509f5a3d81f17ef1
SHA512

d4b79d52a38729a079da02653a620a2b373da051b37ec35f64abf8a3a3eb5db593359ebbdb6ce375ac3db6c452fa0014381c6e2a083a5b604f57e9b0cc24cdcf
SSDEEP

1536:/BwmWFW/HJ2XYRcxvcrabdYzfiVTResX6MGt8pTqQuSwpvFdHY:5eW/HJ2XYRcxvcrabdYzfiVRC42SwpvQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2796	msedge.exe
2796	msedge.exe
2588	msedge.exe
2588	msedge.exe
4428	identity_helper.exe
4428	identity_helper.exe
3172	msedge.exe
3172	msedge.exe
3172	msedge.exe
3172	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe
2588	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2588 wrote to memory of 100	2588	msedge.exe	86
PID 2588 wrote to memory of 100	2588	msedge.exe	86
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 3232	2588	msedge.exe	88
PID 2588 wrote to memory of 2796	2588	msedge.exe	87
PID 2588 wrote to memory of 2796	2588	msedge.exe	87
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89
PID 2588 wrote to memory of 3272	2588	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9b18373d0ff55e2ac1400032f04d3a1d.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaf4a946f8,0x7ffaf4a94708,0x7ffaf4a94718
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:3232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2984 /prefetch:8
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 /prefetch:8
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16337427910274705546,7167807490176634478,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3172

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1180

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\0ba6bc71-8d13-40a5-9ea7-f2d6d11a13b0.tmp

Filesize
10KB

MD5
0ce3f5ff63ed8823f96e2e1dca47c95e

SHA1
d6b88253ef8418098d78882db48f76613329f78b

SHA256
275e26b3fa9188f2eabaa6ca7137cf553169d4d44606f9dddccc5d40fb2883d0

SHA512
f16da1677974bf22bf30e03259faa9d421b995bed564ed613088b1895299c41502184caedaee39b1d902e0c3b2de8230c8d85f1b2e1553f9dec9ae8cfac94680

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1386433ecc349475d39fb1e4f9e149a0

SHA1
f04f71ac77cb30f1d04fd16d42852322a8b2680f

SHA256
a7c79320a37d3516823f533e0ca73ed54fc4cdade9999b9827d06ea9f8916bbc

SHA512
fcd5449c58ead25955d01739929c42ffc89b9007bc2c8779c05271f2d053be66e05414c410738c35572ef31811aff908e7fe3dd7a9cef33c27acb308a420280e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
44KB

MD5
aa2a65c96f7fdb26505e70abac1d03cf

SHA1
f960f30e0aa266e8b23d52c241249e8ca18c1679

SHA256
5a5a77f2321c2400046e66dc560304bf4187a2368f62aaa84ef9cdf21d7b726a

SHA512
f2c479bd9bdf8531d5cabcc6b722695aa0ce7de473bc5623beced1a45ee7d7418d43f8f9fad1a3db7f401c8678e7fd354159b0620f18bb024f534893e40a1071

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
d4e6ca0ffb5d2718e380e8e3b1e69766

SHA1
1b86e3781dddb6d15f2a38e7992d537ef376da19

SHA256
a3d67b0711d3be4db753a2337753946e1f30227ef580ccb77bf1bab581c47f27

SHA512
0a7be04609104e19f93e3f9e39f336dfd93cf442686537efa68cc226d9d6d1da9e04139c27f1173a7350c752b3177c009bd4a8b26d511e7dc8a07329dc0edbf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
483010cc890e7e012b66447cd155b0a1

SHA1
480e3fe8f6c4824c7bcb337ce6247c81993531f7

SHA256
4b06b78ce84839f74008819b4d04b833e46546e096ce03e45bd4bdd7e8c58ad6

SHA512
03765d824584c86fb9d4101a23cb1db30a5996b70326642497b4327561eca63620e6b327b0d34ccdf19a937c3e78ba726ad7281b3357424c4fb3d7a848e15c3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
54cdd934ac7a733fa9ecfdc2d19eef7f

SHA1
cdad906b5cec7835f71653b64bf6f584db6bf9b3

SHA256
15cf92c27463d0a86f1a2d6216befe08f366b57491080c481f573acca3f7ae7c

SHA512
eb128cec719884070a5e4edd3fff613d96182191cf39e0476f7af14905fddd47aeb398bfb779167f0bd6444a21ea1e2fc01bb0371e4f5c0d21cf43f453ac067b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a43ed67891af40d080edab5349c69c57

SHA1
8c046ad2706329863a2d66fb1eb0b1ae39330328

SHA256
7cf9d82e7c7845589cf8c8cb6bac70a81b5163f6f3ab717820d51d84fe824765

SHA512
5d37235250440228f50f3e76c10d9f309275e2f112fec2e33f996dd27f45e4d1004e8c92d04277587c256f147ce3754007e9dcb8924e9860b4afd150dd473bb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
68e179b2c46a6f101645be08c293c6c1

SHA1
a537625a289f1221e0dfb01c7d27107444d88440

SHA256
c0d7beb3739a029feb4266d23572361a394220db1e76541187eadd8dfe3e4ed4

SHA512
612ff2c655a4fb40b25e8f4bb1dab53c3c60a47c1496c53cef526d67b2818b86d9b991e54fc355b95db260480179d5ea7ba6d665babfe2d5eff3de08d40ea18c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
e664066e3aa135f185ed1c194b9fa1f8

SHA1
358ff3c6ad0580b8ae1e5ef2a89a4e597c2efdc5

SHA256
86e595be48dbc768a52d7ea62116036c024093e1302aced8c29dd6a2d9935617

SHA512
58710818b5f664006a5aa418da6c8cd3f709c2265bc161f81b9dfe6cdb8304fabaa4ce9deba419fe4281623feeeaa0321f481ae5855d347c6d8cf95968ee905e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit