f4baaa8135e0f9a993f0258a4d095db475096896bd3adb48369f1f70c1f0d9d4

Analysis

max time kernel
150s
max time network
143s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25-02-2024 02:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

lua/http/dialogs/browse_window.html
Size

1KB
MD5

78f476640b27adfdcfe6e26edf4cc7e6
SHA1

414d54995cc46fcf5a12b826df9b8f6f2be21100
SHA256

d93c774a7aeb4594f56b37e81838ba03b6855c2bbd91eb8cb803dbd413c5e571
SHA512

daeddd3974908fa314d072b37accaf3dc0f3ab694fcd8acde02a77176d54710fc9115c2ab915b3b063fe3ea89308cee9e3fd67da1641735027af74fc6bb8080f

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B579F8D1-D389-11EE-8A90-4AADDC6219DF} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60f3198b9667da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "414991760"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ffebb09deeb747419e902f1accea58f7000000000200000000001066000000010000200000005794951a56311f8b52e1a427c93c2d501892610d309ae646b2a59505bb997578000000000e80000000020000200000007c137ae35659116988ac4ecebd6204359c453fc9c08c072da8b06641b00480322000000098a2c9a51b0a7363e1464d1584684c9cd539dd98d988e1963295aa2f87ff02c640000000c3c984f723f9ead56e79df120255d0d740c8ed57ccd3be575ea7f33bda7a9d3cfb8c92857327a26e869daf56c7df2019946ed1fc5d111430fda3a2e57f210b89	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ffebb09deeb747419e902f1accea58f70000000002000000000010660000000100002000000026aac1637507195b0b962ac0d6f45db3925b040fed6927fd1146b51c53d08104000000000e80000000020000200000000637a77bde4c779be2c7e8ec442bafe48e2bfd09ca6cc6aa5fad5c483886bf7e90000000120502b34dc35151d738de0e4109cbec5a3b7fd9a26abb00e60dde135202d3de2717435e5da704130c54e61ef7fabfd1cf5866a5a65fd3c2d65f5d7a3be4a579831a292db1191024c3ebc0eca32245e61eb8646769198b6dd841fa2bd4ff8ab2829ff8a3b962001b27cfa760466efb915f4a4ef83987fde3b625b20186cc7e8fabc11dde51ae1d9154d20f11ee64949340000000554386825e6e8b513f145a6d90f64111c0f5cefb2aaccec313f9e31b0bcd70134f5a46c99285b9417b250366a29f6daee8c9c234365a9eb540833ba829054f01	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2388	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1736	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1736	iexplore.exe
1736	iexplore.exe
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1736 wrote to memory of 2388	1736	iexplore.exe	28
PID 1736 wrote to memory of 2388	1736	iexplore.exe	28
PID 1736 wrote to memory of 2388	1736	iexplore.exe	28
PID 1736 wrote to memory of 2388	1736	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\browse_window.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1736
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2388

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bfaa0bfd10e20df9eb21cbeff378d48e

SHA1
1867e717f47064ca3380f5532e40da2bf2a5a0f7

SHA256
a421e4473ceac705c78a1ed601ac560d1ee4f618641b58b5166e01ddf566288a

SHA512
f11336e93a43f6a2127113a3a687733109a638d46cbd23df760e28f4c66a8c8fdf845c4e4d22e904b5334c2a6dbb61e770d1100594cec8ecdb7b0093fe37dcdc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5fde7015bc14e7ba614c7897d949520c

SHA1
5ef2fbf500f0d2a26e7a474c88f53818417aeaec

SHA256
760f03f49840e2eb6b37cfab969e41c8aaa3e34314940c9b172861d97cb12cd1

SHA512
49b0ab93c70d1fa09ac644022f3301bbde8dd8afeb884850aebe1bb9ca58dff2e7a4aa4f86b59ff1859408f299965e718c8ad8a4130f378aac2b49963736dc63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6ba6899c96672f82bc434b5a865d7626

SHA1
ffbaef709243c8a83437e3f13a636cfc87893686

SHA256
20979b00750ae247ec819325a2112366734e617e8ca51f5f0f15771ccc04070c

SHA512
cc8628606e603cc5c01337a8c413cb4abd6adccbee56bcb2edfdb96eec3b955809e55ac959d1d7b30c1a8deb81049a8624d2a3006b4fca895ea315489eaada89

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
763946da37f4e6788ca7b5b749ef8a4c

SHA1
730237d2bfc69852b6b3ddafbb6c6d3d85e46dba

SHA256
4026695e94f382ed8937a4793d80e63bc3979c7c83622ca3789f6a80bc7cbdd4

SHA512
0b1841a4e4900cf4449f434ac10d354500c6d6cd4f0203188086a2f11b9652695ed8f6fc82618cf5a801661d32ea7f3721202eff8f2200df38148c12bfecdb00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3a8cfd3b4254778f56c7795c1bea56eb

SHA1
d8d41cb5b9ad1d90d8754a34255a7a8caf951700

SHA256
67a11af819854009e4e894e6e72b7fddcf8d45d3464018cc5d72cd532772c00b

SHA512
178f2b9d75ace5134404cc17fe408efb20143f258c57121f7ea77e71f31ccd16839c64273f1fbca002be6a9889645ecdf4efc130ec5e85b72b24bca1c0aabf7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
512d578b122360547b837525df5bd0c4

SHA1
a4f429eceb409eb2ed8f276b7fedbbfd463f1e35

SHA256
dd3b7de5ae0ddcbafe8785ae419feba319d3a55786e3b233c03370499567d9d2

SHA512
e15374b678ae4a7ae5ac0ccbe34e6f33eb90754d76fa533ec95da4de02dbfac06c21ef0633a0f6f5c89c802db082e57e1b42575246c446e1bb316ef1a7ead3f1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
888ff32ed1f0140e5ae8534c40e07c6a

SHA1
cbbd78a46754f1f0a00d254fbbe02773984e29c2

SHA256
05cfaeca7e1c907f797c438b8ae9e9a79147914606ccbf07dd3132f722a1214d

SHA512
7e51c10888c2bcb26b17bfa2b6641e0d7f34264257a0b1360241552283eebd183c82838c24f562cc96efe209ab4e86d24d79ca4184a23dab774890a406548463

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
34e982d8f06d562de912437b4a36e4ee

SHA1
11c56b647a2c496d75b4a968a54e72a57e12edf5

SHA256
a9e7d87f82c9928467f84522d92c348acb9f4a5eb3fc1bff76b76de0cfd4cce1

SHA512
9a88b627f7328ad4ff3588f69514cc57c04845e1026f8624b9ca54dc3b2402b557d8bdd65d2aff3cf9f39f09e1f0c218e0388951646c03bf51c8b5bdde139dc9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
da3b7755d8f36c58e6bbb5f43ae28d37

SHA1
afd4c115119d4bb4e3244cecf233e90ae82c9e91

SHA256
10fc9d7fc7f25344454307ec4caa98ce42112f24870ed13536777cc911a1623b

SHA512
243cbdefdc7e1692480c4a4f68a8504fe16327bad1b6a277d8f2a0a0fcf98a37cef325951cd44aa1cd23d976d6d48dd41ff20b2584dcca18119a400f8cb578a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0a3dbfa281fbf19bdcbe6eb656b07f61

SHA1
0ec55c0fa73eec44b4bc40226ac5bf7da74d7954

SHA256
25b3fcb8f3a4beb2ca79d9f2602f8ab6c9d545d74bfcd9f951c6dfdd354d6f62

SHA512
aaa61254c77a58d8be9c7f040b3a06d171e5e582b39ce91ff5002c18a2c3cf927935c35ca99827859eaf473f167d14c0f0aa37813d13e9d4744e76efc065239a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
63cff23945b97980c12984cd20a08daa

SHA1
81be7e1e0872fc4c87180860734f7a61b23e8d9b

SHA256
0f32205b90e3fd7f291afdeb89605b518972ccbe55ea5e89d5a7dfdb0e8fef43

SHA512
a94c05773bd5ef9b624b5322a630b4c9ff533681aa73ea2a894ab77c4a69c0d4b9e38792536cf4b8ade74f7b2e9ff2020ca152a50a6301e067be3ff019768a7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
05da73a8208b63f61cbfbdc14f4eea34

SHA1
3852f6c6fd0bfa8ad2d8b8e7c1a42f8de0abc215

SHA256
e2d975e2f5d7fd060f607bb87537cf0ecee981adaa0d5291e0c5e92481b13223

SHA512
14523a03f646a21d8b16286776b87f7d1dabd456cf24a73164357f3291afcd48f96b09b59545a7d82e01421f6bf7f60a494f0e5d35851b37de801b0906262d97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
02b0b9aeec935c970186afeaf07d13c9

SHA1
d386d8dc1460a733c43da97e90d058cd86554ed8

SHA256
09feac756186610105502839736c955fc9f09b8a3ae8fef4c5db902a5c860e08

SHA512
9934f8868c2d89bfc7931c33d4d9168c4d751d6267c09ff79861342f27fc8d934cb05f6bd7abdd0693589acda145a4fe1644f1325a6df458aacb5bbf1bf4b162

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3baef81d2eff463a9c72b0569ff5c6db

SHA1
bfdd50344c85ce0276f2a96262deff72d8e09328

SHA256
50cfe0b3237243a637fcf8116cc48fb93334cb19e8d4376a2d433de2ad7715fa

SHA512
7b567a7fb924c89ca1cfd0bcb9bd572c82134e0beb71e142202bc34e8f46632cb182e32c7fb7557269f998d5a5f82bc373c26d1134341aa6febc132938d46547

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
599f0911eb61d3cf1e3bcf54af95249d

SHA1
b01b30764a01696d1478cba5da9cd29fc2c78e95

SHA256
07828396677778ff30caed0dce7600e960e154ffb63ad584b567a3156a575ec8

SHA512
2e9b5144b728edb66373ed5bfc7f5fa61839568180dffd0823cdf529043ab7c918cd524b2a3cee9a357ece276098e7ef21fefacc892841a19f83ce8a6b1a6013

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
885bbc50d1aeadb62504e67b1904c0a1

SHA1
fac11fa9d32a1abad597004c5bf20ed6c3ac5d71

SHA256
df3d9a0f065b3dca2400684f45e7ba96b44151cf6ac7a129053fedea12e43964

SHA512
57108d9072b8c4cda0e4201a2e775bc2fc5cb4d966ca845f88caa8550bcf2e78e84b62a44fe84be1984302406c958dc7a95bb3d9e4ed535b0dab0a7fb83144cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bfb7926e2866d0719a9baeab5ad3220a

SHA1
02e3afb8e060f989b2d3469ca663701d96531b6b

SHA256
fa974515bd936719c20614eee6b61e0ddd0565ce6917788ce59815db6b3f3ff9

SHA512
1abe489f579e5f5d483827e3a8b92137e3d0faf39ccad0212ef84b398b7171d879e8e6370a2fe507664abf51cf61b5827023f1eaeea747d2a053cb3888e69316

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7d77c58afe632444131488f419348d78

SHA1
67295fe0861b67352ae01e4c7a98a6903d13adf1

SHA256
750dff2976c7864d86715375ff42363ba7210fca891c5ac9f162499c806de268

SHA512
560ef12b99f9393b15e8c7c6e614af9533471fc903daa78cfe089555d0838742f0acfe8c7e70bc74a067188b7adb60adf4263d7a86ccc991ef837711423a65b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8307.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar83C8.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit