hxxp://google[.]com

Analysis

max time kernel
1800s
max time network
1685s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
11-03-2024 09:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133546281579558719"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2628	chrome.exe
2628	chrome.exe
828	chrome.exe
828	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe
Token: SeShutdownPrivilege	2628	chrome.exe
Token: SeCreatePagefilePrivilege	2628	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe
2628	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2628 wrote to memory of 4688	2628	chrome.exe	73
PID 2628 wrote to memory of 4688	2628	chrome.exe	73
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 3692	2628	chrome.exe	75
PID 2628 wrote to memory of 2052	2628	chrome.exe	76
PID 2628 wrote to memory of 2052	2628	chrome.exe	76
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77
PID 2628 wrote to memory of 1836	2628	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd4e079758,0x7ffd4e079768,0x7ffd4e079778
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=228 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:2
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1836 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:8
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2620 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2628 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4404 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:8
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4380 --field-trial-handle=1688,i,879896581848639281,10532606533610841078,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:828

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:652

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
e0c65cdcf7f18ebe83e58b846c901fd3

SHA1
d3f66fa7aa8934091ef6efbf07e2a133684aed51

SHA256
74210e27b2025cbc573800f68bda144ef84b07e8766fce6e007aa3730c015c52

SHA512
e063936255e1bfda250186c5a69280ae306df9ea26cdde9dc3d24b840c06693aa9977cae4ae02ed62328b5e58c1d6c4b06d06afe821f732a11a3c6b66cc5db7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1bef4f92ace0ff5721108c7d8f341e99

SHA1
bcdf1c4f0fce5881e244f0b7ac45f48f954ddf64

SHA256
e88434198fdac6e845311a0b9e193778d9e5fc0a4d64d9acc313b73bf1261292

SHA512
b09359c789480bb99ba1f7701a749cff692af7c67556aaff39750bd124f84eff3026135c0d804c2d1c36f57918e7a97e0c0130baaa80f3ba87358633daa9ac6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3558784fd3589b9154f19eda7aeb211e

SHA1
af4628be66a14a6a0e5aa78d72d2ba3dc0674e4c

SHA256
a0bcec14c1183f00715ae83f6e52b9ec065fe8c5c3cdbcc8ba79e39330594b87

SHA512
ce65e4ec8578b55d837b3a247cc342435ad44ec512d9dee3df7d5a1c1e54fb6e475a28718ce5261bffdf31bf3c3c047696d5dbc2831b80bab964dbffebfb42f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
73b69fb817809fc4e43a6d761ef289c5

SHA1
0f7e7a3428e33ea4eb31972562123ed5f90b57ee

SHA256
ca1d99bb5496929a960aaa9b5074ed6fe69a85f726e615159bee9487e3f1b5c9

SHA512
ca9c7f55630f7ee9d0e7b2c3ec7ef3545ad2fe795bdea5e0547e4467b76a92a8570b4dfda2409e97e536a2adbd76a733d4f6c77e7e841f4f88d4e0249bf4e1db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e3ab643bec86f24d1bbe0c745f25e85d

SHA1
867f14e055edcf21af5368403e68fb1ad38d4942

SHA256
ce2331e2d8155a53c5008ef138c004a7b0e3e9663c19e41a698d65eb5f156273

SHA512
12925aba1873cb7acd47b87c1193255dcfaf5900966bdd836a30e414092a612180b859757a4624158b68e238f50b158ff611df2a7658464806ae95a17396debd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
916ca7959218c3fa94ddb6e2b6365103

SHA1
9a36d25d5b2fd1037967fc95ec2fc3e11fc2367a

SHA256
7c6f2259be4f582fd150608bdb2745e6de83d3a256d09d56ac4a82d790371012

SHA512
b41d085058d37fa7d69702dce28c3abbb0e2f11619d4e7b9febe83150ef6a098f3ddea33b1be3b25b94a39375f41d18bc41cd04664698b15325a3e69418c1193

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f0f55e9cc49aaa0cecee884ad3fbebd3

SHA1
895de21f50acc578f270c79b8a97a6681b487298

SHA256
a638df5575194279591c8b1dd4dd6d640c909d7d95d7ab351ff289d1d40c5b6b

SHA512
3c9696af8a48aebbe9779a7ce930cbc457e58e7bedd9eb13c5f560dd77348cd1b574fea2a1be1dcc5736f1618c21d53ee31891548b766c8e9a5b11f32d5b5917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
3b9c1ada2c1c338d0c2dc44665188af0

SHA1
d8430e347c08f6aed72543b81eff2a4da4c790c6

SHA256
99ff898302737362fb57a11b7bc26fcc5b362b1ae2ba53b480c516894fc2fae1

SHA512
5926ac124ba005998d91b07f5dfe9d195c7245856b4af727d71745e3fee68c7f0e2abe7f65646ef4776936a35f86cc59d3839f0023dd8e7daedc8d4e22c8326f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit