hxxp://grupoalius[.]com

Analysis

max time kernel
44s
max time network
48s
platform
windows10-2004_x64
resource
win10v2004-20240412-es
resource tags

arch:x64arch:x86image:win10v2004-20240412-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
24/04/2024, 21:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://grupoalius.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133584682171138270"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3424	chrome.exe
3424	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: 33	2632	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2632	AUDIODG.EXE
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe
Token: SeShutdownPrivilege	3424	chrome.exe
Token: SeCreatePagefilePrivilege	3424	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe
3424	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3424 wrote to memory of 4228	3424	chrome.exe	86
PID 3424 wrote to memory of 4228	3424	chrome.exe	86
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 3304	3424	chrome.exe	87
PID 3424 wrote to memory of 392	3424	chrome.exe	88
PID 3424 wrote to memory of 392	3424	chrome.exe	88
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89
PID 3424 wrote to memory of 4520	3424	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://grupoalius.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe389fab58,0x7ffe389fab68,0x7ffe389fab78
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:2
  2⤵
  PID:3304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2260 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3024 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4348 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5104 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:1256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4884 --field-trial-handle=1952,i,12427404080295257338,4777401800734738618,131072 /prefetch:8
  2⤵
  PID:3956

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2892

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x410
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
81e91aef9ac782b3cb7231df7ac9bce1

SHA1
ce1e39f42e2fbc3ade18fe22d660c15ecc503276

SHA256
e0bb9491d8a699133376ed4c64b7d5c3f482cd704e80b1c3638d9722ad4ea3e7

SHA512
f27391a2db40eee1822c7f245e3970fc02ccdc1d7a0c28d77e3022edf6002775ac39a87cbb5ea6de0f751902933e3ed9624ef16a4190d0aa7940295f366e0f50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e74901a76b2fc1b7296acef81e29a196

SHA1
1c8c950e67159142bac0a8986893b269c3f3b951

SHA256
fc1bc988be01570002b097925f26989f7cf688945e92aca38680282e171feec7

SHA512
e09235e6ff1578f986b12607db8121c5a17fd9bd6c96753f340b151d8550c3728b5f53eb89bd5846edef40c3c72d62fc7e62458c7a017e75420b4e079ca8745d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7cbd0db0a8dd4ee497cb7e573a38b265

SHA1
f88a72906944389b542958eec137e9bba319534f

SHA256
7efcd7601bb22176510c6418c9fd492584a51512a30a1f110893526f31c831c0

SHA512
f37015f8842266cfdb100c457bb3e07a790126aaae0148408caf59c314fd0ed1810b5bd39e73f284c37d0778d00c533f23139e6332580ebf2553c0e28e097464

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ba075301a643d9743e7665e03cdca087

SHA1
e1f9fa3e310ae325c9ef016e893862d58879c7d1

SHA256
c33c8066cd24541532226656ce58b1e4152fd5eef9b68edf16194910430e9772

SHA512
47af984d8a9850306a54833f2ae5ff63d2e42732b89f1338d8da76e91a336af2a07a2d416eff909537e7ff6f12cc2ea37016d54fafcbdd1f2a34ca767321358f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
252KB

MD5
72768a12426dc7d07aef622a5f52d441

SHA1
2f60f5a98d7f926579cf244dfd35662a04b52e3f

SHA256
764f79897e717bd0528b8a62bf1e09ec05286d2c17b0a6160d84b047da45f43e

SHA512
509f25cf30fa2c63715904c8865b72cb1ec96a67c29006094de3fa1730a120be010359c2e23428c4d2f922ebf2efd5112684ffa43eb142995b4421ae3411a133

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
252KB

MD5
d6087b6fea3eddf48e0e7883742aceaf

SHA1
56ed4d17943a998b8dbbd1ea421c41035f8785ed

SHA256
09e9076feb23ff5128ceb0a243c17f06cf53a44ce8fbf79f4b982219dfc8ca59

SHA512
77737f616bb6358301e8eeed4e8ceab5742ca0d54fefe6c90f4b50fe85dbc4abfdd689daf5184e3d298ed3a15ed85f33385ea2eb2942b153efdf3a5750982480

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
93KB

MD5
a53c1b1a1aa9b94da0f1221903553e35

SHA1
78d4a2b98e2392d8d246b465695b3c0fc1f3dd26

SHA256
2fb9a48a70b7ecaa4abffd6685f457ca0fd98f65a7020a2ec5142006e4685c98

SHA512
585d33dd95525364329b6ddce238fa9ae5e4987aa7a9be30130698a32b8322219b4d33ec60f45dc0ff8cbc6bff794ec5b00a054a4fca1e27b72d559d3b623100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f26e.TMP

Filesize
89KB

MD5
4ea8e874ae3d789c6582a33ca7155afd

SHA1
37056c9a3ab1b126ba36f1a84b4c91ed7cba948c

SHA256
7c9fc9f44968eab4e25ddb585846451b17594306ecd8bf745b76c68f61d81646

SHA512
fafa5b7268beac59d81dadafafd51cc4bd15f972d1ccde9bf0caf7b5cbd04fe1c9e35ad721f7a640ea70aec8a68aa6ac10aaf379a20ca41eb80f9cea4990c0bc

Download Submit