hxxps://steamcommunijty[.]com/10342099854390

Analysis

max time kernel
148s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
09-03-2024 19:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommunijty.com/10342099854390

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exe

pid	process
4976	msedge.exe
4976	msedge.exe
4940	msedge.exe
4940	msedge.exe
4332	identity_helper.exe
4332	identity_helper.exe
5044	msedge.exe
5044	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

Processes:

msedge.exe

pid process

4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe
4940 msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

msedge.exe

pid	process
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe
4940	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 4940 wrote to memory of 4348	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 4348	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 2452	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 4976	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 4976	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe
PID 4940 wrote to memory of 232	4940	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunijty.com/10342099854390
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4940

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x10c,0x110,0x114,0xc0,0x118,0x7ff914003cb8,0x7ff914003cc8,0x7ff914003cd8
2⤵
PID:4348

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1972 /prefetch:2
2⤵
PID:2452

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4976

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
2⤵
PID:232

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
2⤵
PID:3356

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
2⤵
PID:2976

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4332

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4008 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5044

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
2⤵
PID:2012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
2⤵
PID:1892

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
2⤵
PID:4432

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
2⤵
PID:3276

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4896 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4216

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3832 /prefetch:1
2⤵
PID:2152

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1
2⤵
PID:2324

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,15263894839963197433,4865484718186057330,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
2⤵
PID:4800

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2460

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
0e10a8550dceecf34b33a98b85d5fa0b

SHA1
357ed761cbff74e7f3f75cd15074b4f7f3bcdce0

SHA256
5694744f7e6c49068383af6569df880eed386f56062933708c8716f4221cac61

SHA512
fe6815e41c7643ddb7755cc542d478814f47acea5339df0b5265d9969d02c59ece6fc61150c6c75de3f4f59b052bc2a4f58a14caa3675daeb67955b4dc416d3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
432B

MD5
6b07655132182faccded620595675ec4

SHA1
be409eb1317cfd49b085ee8a5f50bf1907f93e63

SHA256
9fe3ae219f2dc2d6f412245eb330f2d56649e0548ee604be266aa63b6f763a41

SHA512
766c4c83b7fa81aef028905255722cfe6280c282f26ad8e0ff00154742d1dd7dc1dcb07ead48e7bd6960425601c7f3822e9e5c66763130f40e8e82c23702b9ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
480B

MD5
d04106f39fadc5e83b6334c507a7ce7c

SHA1
37f5448d45cb72d972edc34c50f311e443384156

SHA256
015b1c50e7bad7ab44aaa178981bd3837521554061750d3d263dc222177891ac

SHA512
c6798d46abea3617ccdf6dc180ef477c961f5b72a65d7c3cdb9663641b9d9db5fb04223cb91d6976c20dc99104f4c801b5b4950364cb4826dc9d42ff4fe361d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
787B

MD5
4ff576cbf164e62c5f65d24c2c5539d3

SHA1
e211e01492dffff388ae2f80ad7abf9b0bd3054c

SHA256
1ace20f5695e8ed034c374dff908922114e3fb767cabeaf59107bda9c64f81ad

SHA512
473c4b7708e683848afccad25321083b4629c4b8ed924e99f8b00c753dca5fb1d809a73f8972e0d6fe82e5723e1c333a355451a74d1e2237eab4ddcb56da1d5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
5KB

MD5
260bf81d05e2d7f3d754731d44f4855b

SHA1
c654982a6a80fbd79d732f606504395abd8ddcda

SHA256
2d5b1376714afba8a89ccdb04cba2dea38e1a81c6fedaafba1c68625343b8c15

SHA512
d168fc47f9c77363b5e20cc5fb700a4b98e8ab94ccb4d7fa9db559127de0e85972e02417921d28ca683f5367617f0f77b685b20c93722dce22de8a843b5f339a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
c319a909b93596e8d8705e869e9b4a69

SHA1
945733a1cf5380a1bbb17c04b14318cfa37a0316

SHA256
0f49baf321c6e23bf163c3ab40293088179b6f99cbb9eecd0c246669ef4a0082

SHA512
4b068207edfdd919e961760563263d5d0170fa8cbcfb41a4222eeeffbaebf1013d8d00d355c7274d8ee5c4056f010db64a8f571b66f2901c8ce1e5712150c2b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
1e82146e12573dbaadff435122ff4a00

SHA1
3b3d358c591fc7a0e934150b7869e257f1cdfc9d

SHA256
de3632971bee0288e21879dacb9f5c2e1e30e775af68cfa752bcfd6a33812014

SHA512
852a9cf8e08ddc417b35f7a4f1cf8c14e7f7221cace3ef7d0727646692f9a05574511811bd2036c8dd3ee0d191d88b8d59c53bdd8017e7288c1c577125d08146

Download Submit
\??\pipe\LOCAL\crashpad_4940_SQCHIRLAOCSRGWFA
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit