507641e3047216809af93a127af70a266e273cd95c1cfaa06605a753b9166388

Analysis

max time kernel
133s
max time network
128s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 14:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Delta V3.61/bin/lua.xml
Size

3KB
MD5

e2b537e027b3251fb82e213739e66376
SHA1

e47888a238dcf90097ecd3c8860b0f9b02ded0e3
SHA256

5c508701141f851aeb0ad9088759f7da15bc33f9e7459ea8c8d4e1ec7b4eaa60
SHA512

1e347301cdc75933d709eddeace7cc9d62a7e9685f5badde3e1ec6f3cdbb37bbb8b95c23632e11b283e0464ab4c84e79c644660a1f0c09f51729e30571555f7e

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

IEXPLORE.EXEIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422463923"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10c2ad078cabda01	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d100000000020000000000106600000001000020000000f18c9f4727b796b81c1382006d9e2f4534ad268c6f3df6dd2ecf7d669d14d531000000000e8000000002000020000000cd989be02a7935dffc9fdc85c31270c96d932690146d1d5c18587d990c03a11a2000000000b6ff755cbaf8d86e32ece6865014185c233b69e562928ab2eb6946003b5eba4000000081c3dbb017d2676add24cea98890767f920d0f579de7a69c76c1e5e5134550556c381b0c069fd375b523b23de98d936fad4e7c172bd615a50ba225cb258cdb0b	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d100000000020000000000106600000001000020000000813c80ddcdf695a6ca817261d0bf8068e0bd26c58905f0378d7ea3cfc6a932c8000000000e8000000002000020000000c23a608febb258124061b510ed307a8c3e7416f3da2605cec1f4911ce379517990000000fea48c8ccb3dcad885a6a354644d76c8a80840e4931b16fa1140b549a2c6e62b9b23d227abf886566887b8e16022087efceb4fa41403c627f92b541bf571b5564b60f37f59351c66848f27a46ebe112849c59fc68304cbd15c5299cb9128a908a3e9419d5e860f713dce9abf08fd91b9f4c4f6c91c8c5c6b6573440bb437104d0e8cc84f578eecd23e5de5db16459ffd400000005343225dfadbeb45c5969479009c2a34ee7f80dff638a3a0ef5fd4763384c05035f0130b46246d87a87c6c12eb1060f94f3ee8e28106b470c8095243509bc32d	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{332F0E31-177F-11EF-AE27-76C100907C10} = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

IEXPLORE.EXE

pid process

2752 IEXPLORE.EXE
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

IEXPLORE.EXEIEXPLORE.EXE

pid process

2752 IEXPLORE.EXE
2752 IEXPLORE.EXE
2664 IEXPLORE.EXE
2664 IEXPLORE.EXE
2664 IEXPLORE.EXE
2664 IEXPLORE.EXE

pid	process
2752	IEXPLORE.EXE

pid	process
2752	IEXPLORE.EXE
2752	IEXPLORE.EXE
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 12 IoCs

Processes:

MSOXMLED.EXEiexplore.exeIEXPLORE.EXE

description	pid	process	target process
PID 2324 wrote to memory of 2480	2324	MSOXMLED.EXE	iexplore.exe
PID 2324 wrote to memory of 2480	2324	MSOXMLED.EXE	iexplore.exe
PID 2324 wrote to memory of 2480	2324	MSOXMLED.EXE	iexplore.exe
PID 2324 wrote to memory of 2480	2324	MSOXMLED.EXE	iexplore.exe
PID 2480 wrote to memory of 2752	2480	iexplore.exe	IEXPLORE.EXE
PID 2480 wrote to memory of 2752	2480	iexplore.exe	IEXPLORE.EXE
PID 2480 wrote to memory of 2752	2480	iexplore.exe	IEXPLORE.EXE
PID 2480 wrote to memory of 2752	2480	iexplore.exe	IEXPLORE.EXE
PID 2752 wrote to memory of 2664	2752	IEXPLORE.EXE	IEXPLORE.EXE
PID 2752 wrote to memory of 2664	2752	IEXPLORE.EXE	IEXPLORE.EXE
PID 2752 wrote to memory of 2664	2752	IEXPLORE.EXE	IEXPLORE.EXE
PID 2752 wrote to memory of 2664	2752	IEXPLORE.EXE	IEXPLORE.EXE

C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Delta V3.61\bin\lua.xml"
1⤵
- Suspicious use of WriteProcessMemory
PID:2324
- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2480
- - C:\Program Files\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2752
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
      4⤵
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:2664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
38477725ff12347970e6122602720c7f

SHA1
6e7286c1ae7e0add0dbc7e920bbd4a7009a6b9ad

SHA256
0ebe01c8b4ff02b6b70c5ad6a58cfbd07322afe95b5741e7caa82a47feffd2c0

SHA512
9ab8941b0756dc343790fbddcbc4b6da73944949d860b678535fe265a07ebb2050b5082df03513acaa91f429ad61812570bd79fa5c6eb7dcb3d56a98245cd56b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
99af644e97839c0fd8fa79845429aeb6

SHA1
d50483bbb89b475a54c3d888a35c0a9a0baaa0bc

SHA256
5208f7ea92f554048a821974b773d88e8d1a808bd6704a4ff2b3fc1afffb534b

SHA512
853b4641d76a6a240cead746caf5dba2bad5ba9f752a4d4d62b8b53ccd7a8a2fa9058baae38949204df3eeb97778802d796b423ea6ed893ce71f759df59916c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
15ab5e230cfd4bf8d0a0fe463b64f749

SHA1
fda52dbe7685d22741ab30c46993e9fa71ed5c83

SHA256
80d09f242a058807b6524a20b3f67626340ed8e8661fc9aa36e210d9df5179cf

SHA512
f9e1c2b01d6fbd353325655180baaccc7f98c7cb21e6573964f166d2184f015f3df8e81b8ea8ef62a45f1ec24d93d2fb95e056cc0f8bfcedd636513d54140a19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e14f0311cfde34919b92186f3b7d22bd

SHA1
e8d2dada4b4ab3b07cba0f22aa878f4fe847e99f

SHA256
b87f4659713b0ef8aa6234b760116bc68c2489a35f9ba05f2559b9486c48865b

SHA512
5f467b288582ade3e11e88b88ca6a527c6db782f7cdee696c917e0accfc2c27758496000278ba510db73a20434381235f5970bc35f50282623f7b4e772423f0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
40ef22f9e5fc54bf5f38c8174602153d

SHA1
8943a154b2565a1e8df9fc048a22c79d98400a86

SHA256
0a57365f49d8ba0be075b10cf9a398eccc70b184e600a1b7a331a3cba44ad889

SHA512
0bab7e36f47fdfccec9e832a20d21bb6126768ceac2eae697ab8b2100f10b35fbc89b85a81355ce410082d1060231e5d0f43558a753461ae1cdee6ea2d7b9921

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e20fe1fdec516971011dc8fa581f929c

SHA1
cf7a026298922f4f010ca3d03c9160c2e2fd35d3

SHA256
087673fd5ff24b3685dd50a735ac4eef0152906dd0e65123bc39c3140d66ef24

SHA512
03f1b04e8bc4e8cf1a276f4e95965d14d2bd45a852fd3e982880852781ffd4340176bfd43cfe474ea9793d72dc89c8fcf1a118bf0de384af9f5bde7cdafafa5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c35ce78f915d3b2bb3dd317f2c52d12a

SHA1
5b99f424c4b13edf6e81d24ce4e8388a32497f6e

SHA256
24ab2e4522d5ed20fd53ee135bacb781dbb36b5b1d712a5a9743be58ea761c03

SHA512
5be3134af7f0ed3cc9eaae79e29ee6ad948e8a3873bd6877c2c4bd676e4e031a65c8df202e4599ea5481966ee7ce2070ac53518696611480d086e8d28180e415

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
604cfe4c82149402dfba2a4182b71c53

SHA1
88db77884cdf29a2ec022cb1d533476150c4b26a

SHA256
0cb35a6e184c369c840b9d73cdc8f4539a57638192a91e6bf7ba1674318f2b82

SHA512
c2159ea387b52af23c01cf6e7a93f8c610a925956825f97713e103c0dad07e3dd4cde3d540484c681e79e269778b8aefaa127c72e31302a3b09ca0fa8a7ca1e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
43149c93bd76ccead5a4913b5444fea2

SHA1
1aed31163f758bddfc3f3f3e104aab964514bb29

SHA256
2f4388bfe2177c77a87ed6147bf0164df361352ec8794b411ecb6fd1a0b6f058

SHA512
96427160fcdbb3c7c9abdb5a335a922946eb0b9e81e16eb86e1e50df858a32e13134f277595462c040c6850f6873575d213664375f538d9b5a4db74dd418f144

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fe498b8568c39bbaec588801ab41aa63

SHA1
5dc9a43f59381027da3bf12f2b8215ce168286db

SHA256
e4f8107e629c7bdab08a03d2480f52ba148d3e926cef8ae5ec566cc1a56792e9

SHA512
702d0deb508a847af08d0dcd3ce563a60eece24254fd1abe433711ae270e12505d90b0f671dc76e640985f3135ebefa03f1d612a93ab1953af4b5e8bd0a19c76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2d97a49061be66aa00f22a69c50f7e33

SHA1
0dc18dfbb0409f8f190339cd3d424410d814f881

SHA256
7a9b0d1e0b9f06eb10ca28c4a6926c96ce469d8a5faa07042ff0ca41c907aae7

SHA512
45640bd250c6845d3de987b9a1b6d3ece18def4610d609fd5b2dbe65ed66c0497fc551cfcea40a7ae48b6b08606dc48fdb13443739d77f818b9d1a2538e9f3ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cc319e476d681452fd511076ca3501f

SHA1
4d9594f206c4f76eb8dfe329004738c53850759f

SHA256
c68eca091f89cfc11df9b5ea00f5218d62a54977b03924feb9830fa79106699e

SHA512
5c8da1ba1ac63fbc0917e3a7740ea3ddddaf927991ef0a1445edd06437fd8cb85ef25087289de8cadeff7c12ebb093b1c91d9b545dd68dbe3802786b2cf5d457

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cf34654f2a30a44c5a935e5033c9a273

SHA1
1db85f428954cd5d25237c338487ff070de222a0

SHA256
153ea0e0a085e8b1c4947e9ca8b2b1876af2180e2db882997a67c4e962221d26

SHA512
d4c34875c21ef6543480c09caa6c79e4a3d012a36a5f7271f7aeeadb4919cbd35910dbeb71e774772b763b03457ecbedc4f33be4948810f08ac12b666b380e26

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
87d2ef6696e5b28f388a299b6c49b63c

SHA1
c6f52ce3d0bc1254c082056105d4483fcc1a757b

SHA256
f7c40a22394e3bf1bd4471591a895dd5931f82373bd61629cb084330ff713e92

SHA512
135c79e773419748e4d514e853399a761af0f8130ff839e7cee2678c5a36bad1467cc329fe1c2385348c65b432fc67398d9172fee3e6b9756dd3caee78645eee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bc1190d5bddc1164dceac00d276df188

SHA1
604de5fc70702d3adb3c2b448d32428de613b99f

SHA256
616e55da8f98ed40168d2e69bfa23fbdbcb0b6ea5ca0a9a8adcb46abd73ea1a8

SHA512
e15570599e8439b59d638fbe67d7659f94e9b1129b20f7cec5a3b9a7ad292ec4247ca8440af5727b747ebaaf72fefb6214c83c8751d8cfcfe8e5beedd16cf144

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab27CD.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar283F.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit