b67525bc7bd67a1828012580601147bc094e7724099158b753360f3b29329541

Analysis

max time kernel
299s
max time network
304s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08-03-2024 19:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ragib's Website Project/about.html
Size

2KB
MD5

55fa7d385a88662c11ae4374bd323a93
SHA1

e7eea59c7f443824610b31c08ae4cf336e0b37f3
SHA256

32ec65cdf2b5859d6a20406dabb4c8a15ed0707d02927e048ef41c18e7fde999
SHA512

a6f9fdfe82ba93fd199ccc2d42ba707ae09979e1b93099cbe5b2e6d936491f547dbad8bb4542c07d1b6d3e909d2a0c89e2c9bb07bd90701b1f2a5fa361974e8b

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133543995875497430"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

1336 chrome.exe
1336 chrome.exe
2672 chrome.exe
2672 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

1336 chrome.exe
1336 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe
Token: SeShutdownPrivilege	1336	chrome.exe
Token: SeCreatePagefilePrivilege	1336	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe
1336	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1336 wrote to memory of 744	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 744	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 1136	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 3236	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 3236	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe
PID 1336 wrote to memory of 2644	1336	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Ragib's Website Project\about.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1336

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff09cd9758,0x7fff09cd9768,0x7fff09cd9778
2⤵
PID:744

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:2
2⤵
PID:1136

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:8
2⤵
PID:3236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:8
2⤵
PID:2644

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:1
2⤵
PID:368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:1
2⤵
PID:2324

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:8
2⤵
PID:4760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:8
2⤵
PID:3704

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2516 --field-trial-handle=1864,i,14350242483193600652,3628562712450316159,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2672

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3296

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
45d48333f7a1e2e877c81b9dad9388d3

SHA1
26e4854a6af991a791f68583dbdd30e5e863d4cd

SHA256
4be41909ae7c90a0cdcefa642fe12637129d295ca2581e6a09fff1ebcc6d2bf2

SHA512
8db2a2181766042e647c6ee89ff9d8e267f36095b9cbfb1a3a8b9b662a92ebc14b6e8890c055ec63a97f250b7c6c2ee711b9da9fdf114d5f6490342cc1edfbf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
a1149e374fb9d1eed2e760d6e5c9e0d0

SHA1
9b7cbcae0a97d65729e295d2b5bd16d5a4b6a8f4

SHA256
f99770d611f6e15e4447b681e303c3c885ce53d7b739791b9b47f9f2ae09b887

SHA512
34d89f9d4ffa6c2b98c1911ac1ac6ca13203c04dc92dd907b576688e8367527c2de5eff5714830a6f7dfe90aa7c71ea7ceb016ba75f443f1a860b2d3e290247a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
536B

MD5
32f99aeb12deeababf739976af2d1d2f

SHA1
1e5d249340c529c68b533f1c231519be5f7135f9

SHA256
c4497eb3ed29f394959cc99ac1ac23e52bf5f0cfb7d7bd92cad29a0adb4c29d7

SHA512
f2fa0e118ddfdae0596d28a21d709b9251c7f48965eae2e4ec43b9516049a6234daf02a5d1c48dc792f2790eb6adcb91f6dcd121628ee296e550bdc17dd2a145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
7b3519ecee210650fe4f51797ab58c72

SHA1
29179ad186ab99fc51fc4f3d563c5738c0496299

SHA256
ba9ce8255e28ea466ab0f18d9041f5f3d2c491a250dd2ac25170c185d7cce326

SHA512
a84c2ac8d3f0f1cc2d92e46add2a676693d5573e4fc37cfff152f34ca73f38b3b7e8d430e22b86dc9df068fd043ddaec75fdbd52ff0e928f024be7d51afdf839

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
ac23e4c320c108620b855f0cdbf18e79

SHA1
4786d7f47b2e3707b739863d88fea40671a3a08e

SHA256
234f603f25e79e404f858187bb74f60e422e2e5b74f639cc84875995f9854b89

SHA512
101807906604d4e6dd4f282cdbd1e6c7627da2887c36ad3233b5ce58a04b449dfd4ec03cc0307ba76e14a6356bd2b330259be4986390cd5a15cd8644e7ef92d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
128KB

MD5
b351901d631d20d8f8a3afae1fa65716

SHA1
98b7b0f31aa1f189e384197132c3c2faf062cc84

SHA256
969d48e9c2a9bbf9f0914b8d6a931ff5574b6dcd7afbfd9f5ef5611c79523d76

SHA512
1aee5c626bdede8d1d78363a5a881d6aa58b9925dc5227e858a1d8132fb799795bc32707a6980b3911778fd4e98f5fbf48824c1e3e429cc0342ffc1acb614a3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_1336_KKAJGJPRIKXMPMBR
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit