hxxp://google[.]com

Analysis

max time kernel
2641s
max time network
2654s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 14:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3160	msedge.exe
3160	msedge.exe
3256	msedge.exe
3256	msedge.exe
4004	identity_helper.exe
4004	identity_helper.exe
3692	msedge.exe
3692	msedge.exe
3692	msedge.exe
3692	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3256 wrote to memory of 3576	3256	msedge.exe	82
PID 3256 wrote to memory of 3576	3256	msedge.exe	82
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3432	3256	msedge.exe	84
PID 3256 wrote to memory of 3160	3256	msedge.exe	85
PID 3256 wrote to memory of 3160	3256	msedge.exe	85
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86
PID 3256 wrote to memory of 2508	3256	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffef86946f8,0x7ffef8694708,0x7ffef8694718
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
  2⤵
  PID:2508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:364
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
  2⤵
  PID:2840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
  2⤵
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8021770509777372466,1172563676825609653,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3692

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
28c8fa4b15209010a33d849fa7469500

SHA1
6823d1d44c65026cec55c9db410d52bc41d07e4f

SHA256
abdf5f7dbe489ce5987706c236ba95f612c93ac4e75df5ca27175f9ac83ed445

SHA512
aac945f5a71053c26b386dfe21cf8851ff7d9ccfd02334b93388ff5d7c9db6611bc3cae87a4db68776ff738a2a17a0af944b9b8ac5ea2b2486f6206b6ebeb905

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
79d4a38db03b503033c9454d56e3e5d9

SHA1
cfde926d57c0a8f7c4084df864b5cb2b4994a476

SHA256
6ccf36d326575ea4d66070ecd03a41270007cd84e554ff0ec1f05effc74934d7

SHA512
8d32d417d747c87ca483d0c202db699ae0858bcb9dff2befae1e7e9a6339c912874fc35dc39776191d9f061241e46a6c4f254eb526d5221a037e888a0f38d87c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f8f7e9f71e87384c5da826b965647e68

SHA1
aafa15bafe6e33e2894a3c3fc59207384d3ea7cf

SHA256
dd474dc26b6be6068bccbba88569983911b0ae77ff70eafb2018cdd6b09618cb

SHA512
9551c230493476991b401119da61c709f75004040847e8faf36f0b74c0f67293971ba64d73de8461bb8c31cb9442c497e85e8e66a18fc2d78b0d4ba85ec061e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bf1de817bcc99d67f93bc091d5827abd

SHA1
8a8a3ecd3662a7ad611e482fcba5e36796d412a2

SHA256
115dbfdff4dce989ff4904d600e63256b31a54a3fd85ea51c0c6cf2d63b2bdab

SHA512
b7eddee30408b52be9ffccd98419e0ae3ecd58c7246a038350295add6b93e7f2363cecdc9792cad55f7c12f96cd93b74fa9576979c09d1a8b97d5edb878b3722

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ef138c861608be93b534290795961565

SHA1
c1b9ca7830367c9b9a0c0a3a339a93b4fd580fbe

SHA256
7d13a5160c6716aa254e15d7dd9e9e0179b95089807967f36dea68f2beb50c43

SHA512
5b1d7631f767ff44af4f738e5934fd4a175ca619c45ba106a9bcbe78c9e8d3728551cb22002ebb566ab6c45878a4c8160ad3357ae1f61f24c8e137bd9cc6b145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
9b8b305786d031a39d2f53c8e4d153fc

SHA1
679ef08fc7327e2246ba9b68e28f822fa7548e8f

SHA256
2524b3c5b24cd7fbb08fb665c6cb41570e90681dfa4fa96cd38c05995c35a3bc

SHA512
2adbcf447994fade82fb97548c0edfa19fbb547ea03d5d84b200d8bac1701e6bbd3d66ce92aec17079a2baf0bfc3d8305e0d4e6fa130ae9e0c150df36edde9b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1de126e0b99c410f3bda0aefd25147bd

SHA1
0d86a437a745a4345530039ad1d74dd593f36e32

SHA256
58a65b70715ac5e4f497a5d990172700518987e77aa04345e9e2bdbd494084ab

SHA512
0889aeead906a6989ed490955fa4ed9f460d2b4e9dcb3329be3e0275a81199254f61c4cf6c82529783446b447190e1e955e746dd7eeaa15827881a0386114a12

Download Submit