hxxps://ksfrxbmab[.]cc[.]rs6[.]net/tn[.]jsp?f=0010YAsh8LtvSc7EZ35Z7hbevLs-1OSQDu-a4NfQCaMSWpqhZNNEyD1yXW-Aye7n-fk1HzIRiw6Wuqds020AqAv2J_VTIuISIuF6S2GTb-BJPMWIfEX9suEVEZuFKsnkW6x3cE-SVfRkbF0ld3G2nTpgeOhRhoM0xWheGUKB_nrOZKcCYxJPB1ivjJrzhmhogDLGwrkDeU02do=&c=2AFhnRLl_fvHUdlwGpfb6KDbdcK1ir65VdSqyKJ21Irfwq6wZbzftQ==&ch=ZXRRICWLYT8U-7K2T7EeDii6nHBTR7O4nYDODXGPC_fvCigGKbG7WA==

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20/02/2024, 22:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ksfrxbmab.cc.rs6.net/tn.jsp?f=0010YAsh8LtvSc7EZ35Z7hbevLs-1OSQDu-a4NfQCaMSWpqhZNNEyD1yXW-Aye7n-fk1HzIRiw6Wuqds020AqAv2J_VTIuISIuF6S2GTb-BJPMWIfEX9suEVEZuFKsnkW6x3cE-SVfRkbF0ld3G2nTpgeOhRhoM0xWheGUKB_nrOZKcCYxJPB1ivjJrzhmhogDLGwrkDeU02do=&c=2AFhnRLl_fvHUdlwGpfb6KDbdcK1ir65VdSqyKJ21Irfwq6wZbzftQ==&ch=ZXRRICWLYT8U-7K2T7EeDii6nHBTR7O4nYDODXGPC_fvCigGKbG7WA==

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133529413290267304"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
392	chrome.exe
392	chrome.exe
868	chrome.exe
868	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
392	chrome.exe
392	chrome.exe
392	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe
Token: SeShutdownPrivilege	392	chrome.exe
Token: SeCreatePagefilePrivilege	392	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe
392	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 392 wrote to memory of 5076	392	chrome.exe	79
PID 392 wrote to memory of 5076	392	chrome.exe	79
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 4576	392	chrome.exe	87
PID 392 wrote to memory of 3852	392	chrome.exe	86
PID 392 wrote to memory of 3852	392	chrome.exe	86
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88
PID 392 wrote to memory of 4992	392	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ksfrxbmab.cc.rs6.net/tn.jsp?f=0010YAsh8LtvSc7EZ35Z7hbevLs-1OSQDu-a4NfQCaMSWpqhZNNEyD1yXW-Aye7n-fk1HzIRiw6Wuqds020AqAv2J_VTIuISIuF6S2GTb-BJPMWIfEX9suEVEZuFKsnkW6x3cE-SVfRkbF0ld3G2nTpgeOhRhoM0xWheGUKB_nrOZKcCYxJPB1ivjJrzhmhogDLGwrkDeU02do=&c=2AFhnRLl_fvHUdlwGpfb6KDbdcK1ir65VdSqyKJ21Irfwq6wZbzftQ==&ch=ZXRRICWLYT8U-7K2T7EeDii6nHBTR7O4nYDODXGPC_fvCigGKbG7WA==
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa88b99758,0x7ffa88b99768,0x7ffa88b99778
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:8
  2⤵
  PID:3852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:2
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:1
  2⤵
  PID:4196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4776 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:8
  2⤵
  PID:3712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3156 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:8
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4644 --field-trial-handle=1888,i,2131993602442257811,3583222165897984192,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:868

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:456

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
0370e6e29826bf812abf6423a7da5c41

SHA1
2fb3e97ebbff57919c3411be440d40a0385b9a11

SHA256
3b31c571546d49b8149d4455a2b7089367bc82bb8cf207376c24610382806bc4

SHA512
77cb2d831e94f486c4b879102a8d38bac03ea31c5cf04abfdda7b1e369b4135f1b384e5240538ca4cbe7198160d278182d5df3c9dd468423e61a605ebe405264

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f7f9f48327945870722005093e36e02a

SHA1
ee5686b7dc3e654ee30190d6552816982992f2d0

SHA256
33c6b3c51164c6bfca20dc2e37d623493742ffa53ed2461f75ff03d6b3f0a7f6

SHA512
153210a4328bc04bf321cf804a71fff05d19ace6816d650a28f1a28dae0060dcb92a8ada59ddb97e7d9289bb2116a329618fe53a1d5a389baa83c8dbc93a8115

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
70e63c7496909b1e5c8392368ab6957b

SHA1
e5102ae79736d419113afdf319e3640a57da2781

SHA256
37118f5583a1bade4310ac34931fb358a75f3bb9abf47ce31727a54aa93aaff7

SHA512
9f52e0aa86352c9cd961321f6141e4cf123d45a73e217bdc6a4e12c6158af8a7bc4611b8ed6a796b416d73c020838899cbf437029a99df808548b650e820db50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
18806339a7818370a30461fb8f1a304e

SHA1
cea3a32d911536f9a27f59fcf07dd782d27b6645

SHA256
bd2573bbc844b20e427f852df53f6bc9b15a2d2ec5aaeeb64a96f2e469dd2b48

SHA512
e55a575d5b11179e203529ba63c80ab5fc89bf8c953f5a8ddc51939f5056f7e53fe44a7455716c13df40a68599ddfe720a8d626a22bbb5d332e6b9339dee6413

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
483a4a074ebfb7f8399d1449dd5bf038

SHA1
129c36e4b98bf0ad0554d42d1db4f0d5093f5aab

SHA256
634a5c6333bd807eaffc0dcbf3bc3e82bf18d7d0349be721507bdf7da83e7e84

SHA512
d507cf036bb1d12c4dc4c4b3bfe3193d5766afda3edcc9f471c9d61f35337254038372ad84e415b06084b44802ca01f1ef1137876ca31dc8417f6d039b9b9932

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
87c1446373ec93b2c17f11a9ed455fcd

SHA1
5aa4e563c47981044aba5ede704d88207793399a

SHA256
b13ab7537b12bfd6ad76cbf42cee00d415c6cdf99553b69d928ac25bb60f70ad

SHA512
c64efc551e2beae8c740b133f6421aa2950869d673f3191167ff8b1a10289b27bfb5b91ab3ae35a5f2149323075d1f740ee553c30199e3433bd2498969e507b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit