hxxp://edpuzzle[.]hs[.]vc

Analysis

max time kernel
1199s
max time network
1170s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
08-03-2024 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://edpuzzle.hs.vc

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133543902941884132"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
820	chrome.exe
820	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe
Token: SeShutdownPrivilege	4548	chrome.exe
Token: SeCreatePagefilePrivilege	4548	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe
4548	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4548 wrote to memory of 1208	4548	chrome.exe	80
PID 4548 wrote to memory of 1208	4548	chrome.exe	80
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 488	4548	chrome.exe	82
PID 4548 wrote to memory of 3856	4548	chrome.exe	83
PID 4548 wrote to memory of 3856	4548	chrome.exe	83
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84
PID 4548 wrote to memory of 2308	4548	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://edpuzzle.hs.vc
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xe0,0xe4,0xe8,0xdc,0x10c,0x7ff8b0499758,0x7ff8b0499768,0x7ff8b0499778
  2⤵
  PID:1208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:2
  2⤵
  PID:488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4560 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4024 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5028 --field-trial-handle=1876,i,6808959552267125895,1078115650842041934,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:820

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2572

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
cc9d7de43f770d4c0047edf9b9dea97d

SHA1
78b79e290d660b8d6f418c549b6bced871ffa9c3

SHA256
d99bf9f156208fb18e103d1cc32fab618054159354cc5e831657eada73e353ea

SHA512
92cfc954f5114967a322212f3085e5c89eb54cbdd2f1cf83f3f3c81efebd2b8349bb8719bd7b4237e18951bee596619c7e7e2e60ca30cf149f193f5d1c01685b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b9ad63646f7f1dcd0d976cd1cdfe9da5

SHA1
526f6f4c36a76c595afa88c0a930224accc13464

SHA256
b0299e9b758e8877a31398a8cd9d3b6eb761c89f93e689d7690a6d1b14e5779e

SHA512
f913f3442486258b6edcede839be446fa07fe68686a654bf7a313d2d7c9356ca3dd2b061fe1234cb67024313c65fe08dc543ea342348221c000aca2bad9ffc9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
701B

MD5
62bd70520f8c25b4846c7d537db202a6

SHA1
25b44d177ad500b2ef9311f999702434c130fc2f

SHA256
d4ad17d3bc64a85a125620bc333f75c06d10b718dc3e1461abd11b0b72c6cbc2

SHA512
2ddcd35f4284e1fa1e36a8bc9b809f3a558f8dd256a8304f7c496459548a8e8642d3eca8e15c44c248caf552f8eef709a64f4b476cd09daa2020b064058d5aa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0675bf8c27a814804eec97dba22a5377

SHA1
c993dc8f986f7e94476dee9668032b601663e1b7

SHA256
46bf1f2a3cfd851f5359c583921e3d9d4d439d6830931839dfec11858584512e

SHA512
19303ad5d20ccf639e28976b65cbc5ef864bee88db352ca39714944f36d789bc1a1d6a23f7f06a9836f0e455f331ebc00b6ca0b7aea2b566d913d3360aa244e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
a23d3ba19858ee1f16d953e9c566625d

SHA1
0521ffba854310bf85b124fa56f97ea1c320bc73

SHA256
c4bbc880b72d71a6b354510fc3f32c53e7a001aad9062a30de2300aedc4ea8d6

SHA512
810b6c31c624eb38d20b22d428bb7ac3d3b7a2cb679fbcd7bb68d1d898214a682dfffd79b6886fdd1ff894ac2d6afbdc114db62657315986552b0f2833738c2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
132KB

MD5
152675467ba70874764c401c28d7f64f

SHA1
9871d3b15fb86da7174958032ae6d144e4e37272

SHA256
2dbe62f32a31ddc1a852597ae5b85d11538e23b722f6065d530a36b82396fbf2

SHA512
97fe713f3eb89c4b846f8073d24eada98758123f5aac948f3ad72a9841b0e831636015053244532cc189a3733ab91862d7f334fb7fdf6db6a97eba5b64dec9bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
c635601d05d00aa6ed16c1f33b5b8c35

SHA1
7e29636637b1d14ea513909afc1227850cb7228f

SHA256
84a5ac0d6baff53e0f7a6991e743a4d7e9f0bb79c8e3f7e97eab80a34066e711

SHA512
9ec74367707cab1109e4e7832c91c5fe0e4ef1edb042367c56438eb702875b20b83ce5f1c51c86f0391f2e71b4b7260d52702e824c681ab9d184ce4d407b61a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
7c6902f1bf83135864ce0feb9ac14df1

SHA1
492e4683e5b0c8f523e5329c10e0a8c891e00b43

SHA256
5d6f52f088e576275d59ec782cbdc5f0ae59096e552dc3ff9dab964f7a2519fe

SHA512
1d1a156a26da67feb2386334870754e627bed937a060aefef29a7416f8f0f3f4fe80d02ad9d954bfea0c3d0eaf305acbd07b79dedcd0afc9d893de01567fd3d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit