10cdde47093a6d9cdb0e4494da5a473f4a2c234903259ea6e3e220d0e8b06d88

Analysis

max time kernel
294s
max time network
284s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 17:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

download.html
Size

72KB
MD5

9b75a175dbdaf559d1653ad3aa73b276
SHA1

0ebbfa2932a9362b8acf7390c09c9bacbf30d6d2
SHA256

10cdde47093a6d9cdb0e4494da5a473f4a2c234903259ea6e3e220d0e8b06d88
SHA512

f7d6b89bc47279a590ac7e36a0c8c09c2ec3c4f55aa487aa57ccde55c6bf58e312fba68d4b38169f6790279c1076130c59371835b211cca4edf9f23de2af6cd2
SSDEEP

768:bM0b+aZdapR2cjH39c/oY1K91cdIRfn67:F+iapBc/o+K91cdKfn67

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1604	msedge.exe
1604	msedge.exe
216	msedge.exe
216	msedge.exe
960	identity_helper.exe
960	identity_helper.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe
4604	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 216 wrote to memory of 4360	216	msedge.exe	86
PID 216 wrote to memory of 4360	216	msedge.exe	86
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 2700	216	msedge.exe	87
PID 216 wrote to memory of 1604	216	msedge.exe	88
PID 216 wrote to memory of 1604	216	msedge.exe	88
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89
PID 216 wrote to memory of 4544	216	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\download.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaad6146f8,0x7ffaad614708,0x7ffaad614718
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2828 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,15990097399993790734,6042788380554870635,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5448 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4604

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1928

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4008

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
893B

MD5
d4ae187b4574036c2d76b6df8a8c1a30

SHA1
b06f409fa14bab33cbaf4a37811b8740b624d9e5

SHA256
a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

SHA512
1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
252B

MD5
1aad1c88b9190985fc0802d51beb31a6

SHA1
b20ff88b8a24720d2be25479c2eb00ed885994d3

SHA256
1552e9a1a2bff12b566cada97a55d4a6f68e96d4aed6de570008398917f974c3

SHA512
43e1999c16ff8e1fc1b058f57b6279188cbf15b6731732001da18b2694fc710023bacdcff8e8a5832c0ed114fb481a676e4a8f540c0a8b3e8b6621a6502610ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
329KB

MD5
bc9efb40cce3a75c9de02ce72dd61515

SHA1
51c43bf236c732c22f596c0f5765ed6ee6db1c9a

SHA256
34d06cda26151d7cdbae066a5cd981c4faf05dbccc4ca5936db9b023c45b274d

SHA512
7ce68e67de1a8e3861b2cdf2e4aa4c344bd3188ead2f181b9ccbd5bb740dc8f09563412577877ab560a73e4cdb85441d1c8e978d7e0e38442d9cf25875e97423

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
183B

MD5
03856529a4a3158e859788fc64c49fa8

SHA1
94f236931e7c4ecd3aac22a767c50893cfd3f10c

SHA256
86e21983b7111d65b598ceeb8515e6f0505708c92e1aa130b35398fd8f08ee88

SHA512
f2992a363a310888ca1a603d8956a68e80a33636799043c58f1a6cacfda426637475ebec9f8c9323acb899360735b770105262f17cb017b12bb998110c0a1125

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c9c0fa81c2b23faf76f6d2fa0d7c663b

SHA1
783b7783a485eb5a81b15419e68471299b64a7c7

SHA256
bd9c690b7b20d5fc337712f9ea9e6453a33af053223891cbcf842bc2c9f15956

SHA512
d75a2b45d476424d6770ccd9a5a800d17e40c946e07766fff37ecaa9bfb61073d05947b644dae5e036b955d093f6e789050158509c76e499590c329a4bfaf353

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d865015f8b41dd8b7dbb07ab7af63235

SHA1
94bed518bd92daf5587d0ba365f12d3dc1079a68

SHA256
290d1bb1438b8e781b1fc25cb7c0adacf994ba7a3e840f96d34ccc74c9099003

SHA512
dface208572c5c96941fde506cd8a0e040ef1dbf702ef2bbc4035e914d3fb8bf3131f7012a2d6802892a21d96a8f1cf7f7dce70c6892f729eb790f169adc5344

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a4011470e0c19af71ef4662a0cc71bec

SHA1
07d5df29503d664f24659bb16ccae4d90c43c2b2

SHA256
08370af429ed03860ff3758e593720c6df53b17219b9ba07bdf69dc6b94d8f53

SHA512
6eec3b8a6c47d560681c2a788ef5393081f6044ebe157029377a6ccbda906b248c48c11942798199e63acc362f0d8eeb88e991df046500667eaa4fc3503b46e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c26a6b301855fc24e71ae85dc969bd2b

SHA1
9b92d1b56bab7d291e202de70a7f193677f92438

SHA256
461a08a735c7e888985a5d8a7d2a2778270b980129194e3cd140a4355fb6c4a6

SHA512
ba4a8659147749ea37fce95f8a3f79b982d015afd4c92f8fb786728c07c42df15cb8db2a3dcbfbddffd753c62a911a375861ab5f1217ce717f38fca2588f9eb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f4915259bcb8b690342b160ddb3afaba

SHA1
95ab8dd9dede6731029281e3ec2dd088102dd01c

SHA256
e6d5f7a96060a271ec3524303963d87c15df34bdc5378d812fb4dc58119358ba

SHA512
98c9e3f24516c92cda778a16e803cb97535a74023335ad414583b96ff50715e56496eb185ec0a6ddd3b5425fc3ff21c7fd1aa06a47f3243d57ba8b2d3bf38204

Download Submit