b329a64821ce9c769d020bde0f8ee476d73d4113c26d8c996148ef579116e792

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12/03/2024, 01:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c217bf007a40e2f06a89c22476c0f823.html
Size

35KB
MD5

c217bf007a40e2f06a89c22476c0f823
SHA1

f21bf3b3a990b7c327be94adcd684ef8770d20fa
SHA256

b329a64821ce9c769d020bde0f8ee476d73d4113c26d8c996148ef579116e792
SHA512

fe26cc881d2b6d352adaadbdf7d0fa02bd2a1a7177ee1f5a2b5db19df90ff883aa7c959aeafb86b1c34da538368ac769066d9e11d0a843160f4e2e7eeebdcefe
SSDEEP

768:jHgIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZh:jAIRIOITIwIgIiKZgNDfIwIGI5IVJ7SH

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2296	msedge.exe
2296	msedge.exe
3672	msedge.exe
3672	msedge.exe
4716	identity_helper.exe
4716	identity_helper.exe
4656	msedge.exe
4656	msedge.exe
4656	msedge.exe
4656	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3672 wrote to memory of 1504	3672	msedge.exe	90
PID 3672 wrote to memory of 1504	3672	msedge.exe	90
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 5012	3672	msedge.exe	91
PID 3672 wrote to memory of 2296	3672	msedge.exe	92
PID 3672 wrote to memory of 2296	3672	msedge.exe	92
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93
PID 3672 wrote to memory of 3388	3672	msedge.exe	93

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c217bf007a40e2f06a89c22476c0f823.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefe5746f8,0x7ffefe574708,0x7ffefe574718
  2⤵
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1972 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 /prefetch:8
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,7699154049432658513,4601295899244510545,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5820 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4656

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1044

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2972

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3508

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e494d16e4b331d7fc483b3ae3b2e0973

SHA1
d13ca61b6404902b716f7b02f0070dec7f36edbf

SHA256
a43f82254638f7e05d1fea29e83545642f163a7a852f567fb2e94f0634347165

SHA512
016b0ed886b33d010c84ca080d74fa343da110db696655c94b71a4cb8eb8284748dd83e06d0891a6e1e859832b0f1d07748b11d4d1a4576bbe1bee359e218737

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0764f5481d3c05f5d391a36463484b49

SHA1
2c96194f04e768ac9d7134bc242808e4d8aeb149

SHA256
cc773d1928f4a87e10944d153c23a7b20222b6795c9a0a09b81a94c1bd026ac3

SHA512
a39e4cb7064fdd7393ffe7bb3a5e672b1bdc14d878cac1c5c9ceb97787454c5a4e7f9ae0020c6d524920caf7eadc9d49e10bee8799d73ee4e8febe7e51e22224

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\62ba9292-6ec0-476a-ba03-63154c618fea.tmp

Filesize
6KB

MD5
0372141d4256320404ba0018fefd602a

SHA1
cd06a157b8723b98b633985228be41be787fe08b

SHA256
157fee9142cf727fab260d249bda153ae407d0f60f0c4aeb37bc2f7039444cb9

SHA512
1dac13c0d114f409ec29f4a76a89015422a53707b6dd0830feb29f1614f7640fc46d2ab41ca729de5f1dd3875312beb4a63703c0e45af56e2657f75cee213129

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
4bf56a1017e9991ff5e38ebfff540654

SHA1
5d4ead5817ca54dc131bd7a8b917f3590320a3cb

SHA256
224bb4e0c69014b89eeb822cd02d01fa8ca2c14758d67d6d6ecd41ca0e44d246

SHA512
d2a49d9d9591af23d4dd6b4830ddf92296ce7043bcb3e651b4fdf075c3cb4020010fa28dfffea160cb1f67c20e55181db8ab4fc193432e7599a042d3272da929

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
da0ccc89174a75c6c103c74716425120

SHA1
75b0894f9eb4232f1be6c7eb60f6902f5277b9dc

SHA256
1811be86304cbd1f9742d0a66567e623ddfcf1a9332a46b3e0aacc8c1ede9b10

SHA512
3f7d3f40374809e8fa4fe652930d747ffe96e9b6fb6de450cc188e2fb9530158787ba8c6023cc80c2deb1b5d322e1afd69e1e73fc3d1ef085e94f41ea89afe0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e9c4a8ec34cb62d056a95bee0dc8f5d3

SHA1
09c3e20dfa6a2374bceb00639d4bdd1cf6f4f809

SHA256
614ae0f7e271427e5be9195ccda7602d271875949c1504b9c0443324f60bd271

SHA512
687513c900fbb129afa2cc4a4f85bad6d3740176256c5fe8378207dd3ed70c3a55d33d85efd31d1f67ee34c1a650298a4c2b4bd766621679c6f61777b055b03b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3650565c3be0ce7d0b15b61564ddc947

SHA1
39254ee2ba0a7da6967ae984bbe5723cb6eacb50

SHA256
c90d77cc23bafeeff9cff4979720b6f26a7786d5ed49707b44335ce00100f446

SHA512
96afba7c9edbf38a527dea7d3639dfe267d9c27beac2132c675a5b9676f9565815b38e83aca728001d4671418a0ca8ebfb2c6410d41b16dbd2b34413211857e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
43282a1e84c20359b8478011fd506031

SHA1
95150b068c0c03157a4237f33c623d9cca359ce8

SHA256
e5cd320d48a1b1f530ee3c7353fdada35e66245b090865445bda20add9df4e90

SHA512
7bc99b284133dc6f8e8813e892651c68f33b1e738d9baa4a498f69d9010a40d3df667bf51ae123f71ea44cdd69b11eec4c758e712567afbe4e9f611ec57c56f8

Download Submit