237020dcdbeed096b073638d5c204f1c47881ad75aa0e19c464429a952833b26

Analysis

max time kernel
149s
max time network
143s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
30-04-2024 01:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vivitar/startup/flash_detector_el.html
Size

2KB
MD5

8150e9793103c56b8512b2c3067d0a15
SHA1

1f9b8d61b202f42484bd73db259f74d60ef4e56a
SHA256

3823b9a4c54ef8949c70a36cb5208d80c1a83b1dc005fe4105cde452e3ea1cec
SHA512

1f777904e75538f6d15397d1f00f3118044428c39a178605cb999525acb1cef32376e079d24dfd294e0ff7fd890bf1f490254e04cc1b4a9c22132be7e6cb8caf

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589128300354019"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
4112	chrome.exe
4112	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe
Token: SeShutdownPrivilege	3940	chrome.exe
Token: SeCreatePagefilePrivilege	3940	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe
3940	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3940 wrote to memory of 4676	3940	chrome.exe	73
PID 3940 wrote to memory of 4676	3940	chrome.exe	73
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4412	3940	chrome.exe	75
PID 3940 wrote to memory of 4504	3940	chrome.exe	76
PID 3940 wrote to memory of 4504	3940	chrome.exe	76
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77
PID 3940 wrote to memory of 1720	3940	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\vivitar\startup\flash_detector_el.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9ce089758,0x7ff9ce089768,0x7ff9ce089778
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:2
  2⤵
  PID:4412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2812 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2820 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:1
  2⤵
  PID:664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3780 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:8
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1896,i,816159620763850028,14504701054215417800,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4112

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
18ef3327bb9f988c72db884d0b6292ce

SHA1
32dfc81bf22c5b0996121b76fa61daa7d2457719

SHA256
0d54f27e76365d10ca9508447fd6ace66cf7d0e0afaab26e741379c03de4c03e

SHA512
b3a5681294ba9c1addc0eb40df011b745815d7c429dcfa1d32bda880bc8cf78f3cb2e29401321248e080b2b91910680eedb53ac6e37c13fffb4bd73cb5a576e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
991ac97d6ce7810d196c15f9b01509c6

SHA1
e4f9271a85f6a74d8ae193e11311d127838c343f

SHA256
52d4f66e82fbb878a8802495273408f0b59fbf0baf876012e0fb1b015f90ea21

SHA512
d4ee2f7b5577019f5091517efda40e675b9ad5d61b712377bdbb32128caa1b2ce2690aa6e495605553c8f9f5d89dc4f48dcce1580bd8c78b49d2d2294064be29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
41ec56ea018a22101c89dfffd40513e2

SHA1
cf4979430d0a18e139e9ef5fe0ac1829992566c2

SHA256
42c9af6028961c61a7577536aa41b8804faa7de3afe2190890add133b171ef9b

SHA512
605e923adb7fb21908898e64c55f256238fa310b7431a8bccc237bbcbba1c6a5bf3e18b8112ed5d3490cb7b83d347b78f7d0847406d9188bc26f7775a6f5401d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
559f401f762856bbeb6589a2d11a2ad0

SHA1
602914bb7b6698c25513d0f4288b1d9f47af06ac

SHA256
737f1f87150f1739d054b13e32448d8b4810184329a5193e2644ff343377a83e

SHA512
8ceb1a02228531237593afe8f4ff3110220049680cbee74d74d19936afaef20a56c0452292c35ef01d99426d49f00c6156a5b517e6a2acf62f7009d6f5bc206f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
39155bc2795890fe607fddc2a907b3ab

SHA1
330008516311c3eac3a8fcdefd1e4cc32ac62ce9

SHA256
37bc7ecbad0ccbc4e7680421cf05f0da1a3a969e3040795772f571312ddd535f

SHA512
62133591753140c45c02733cd8718a4859c46b34438d5034d119028f46b4d232c30a5c3fde8ea31323a4ec384f7c6357232762d3d31776e3625b4597fac60205

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
d9c593ab16f03229a8485b5076adc1a9

SHA1
d2790873bdf61192550156aca93d936296680c4b

SHA256
49845797c8836667db7959f22066c2b1ee2e118f167ba3551553fedec085aa25

SHA512
ddd13d0bea652ceb241ecf240a13447aa827d977118dbe032707b6c3136163a1e7069061464bb3492c41b7ff64069773db7e6f401f1040e033a34e671c14dd6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
f20ff0fae64abd4ab7c447ce0bab6238

SHA1
a53e75586498dcef26011e57e44bd5a30da9b4de

SHA256
b08c61a128f0e633f201b16bf2f370660570b19534cc4f1dbad9d9aee9237fdb

SHA512
84a48ae8f166261a8cb4cbb50204022021aa0f796ac3d6279ec3c6a2aa4c7d8d29f95a5d183056b14efb96d4405ba6729b760a5367a6a1e20d63e6fd95a7aa87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit