7d5848842e934d5a57fb8766962a556e01c3715481d63d2a10dbca4bac897ddf

Analysis

max time kernel
121s
max time network
127s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24-05-2024 01:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7d5848842e934d5a57fb8766962a556e01c3715481d63d2a10dbca4bac897ddf.cmd
Size

1KB
MD5

b0440336a17e2a86c8fdaab419c3a3f7
SHA1

f831b05ff3fc56c2e023e4121e07b895fe1d9153
SHA256

7d5848842e934d5a57fb8766962a556e01c3715481d63d2a10dbca4bac897ddf
SHA512

98d631901af6b240356c6443ba3c7a20af35034189f38caedd87790a034bedadf784aa034a77438d14574193eb5037c3778a5c05201bfe1380d62c56efd66f27

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f02ca3c379adda01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000dd7da217c95d4560761209b51831ab9ed9cbd35ac14f8f5cde374ed3025d70eb000000000e80000000020000200000000fd2c1cf26a4fa75b13e13bb98a283e0b91234ca62444bbf5b12b7f2968eeb0690000000b616e2fdfa000aa3ee45460126ddc4fc019482a04c2017f939f2beadb5c4ed15819460e7a61a82a2d4cd9c3d1c1bb23ac20dd292de60f9af733e04fdaaf36358e5240b5a99d8e88f6dcc75dc8e7d58f33430f23c926b3bb14a42fc5d430fc7626624799974645a5504edc855f9d5a25e4d8c863b4b3c8beef3d83129f38e2196fc1592636344874f7ee21198bebbd0c14000000057b770d591b85b727b516d0b7281f4f5d075606f84a6578040df08c7dd739753b1fed64fbf3e1ae1b0713c6eb7a98dc8c6956bcb6b2cf53e5aad2e53ae81c279	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422675980"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EEB95B31-196C-11EF-A1BA-6AD47596CE83} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000000b296cff47f9a2eec30a17cfda937f958ede6a74a1503fe149a6a75ef3ce5342000000000e80000000020000200000006e48ee2b7222ae45664567b8dd9c9de3df8d669ec44f30f4805279d38d1f5ce120000000926dff3a71cc3130a3f4e96b824d892266698ee3590399b93d49909ee99c37be40000000688168a5127210ed85f6ef439f865eb20cef5c00736e5aeea97f1c7fb29e53c9b9b1623a66b2ff9f5b1954d30bb49c40c9b17db43f08e7b90fd88bf70147a54e	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2572	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2572	iexplore.exe
2572	iexplore.exe
2612	IEXPLORE.EXE
2612	IEXPLORE.EXE
2612	IEXPLORE.EXE
2612	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2904 wrote to memory of 2572	2904	cmd.exe	29
PID 2904 wrote to memory of 2572	2904	cmd.exe	29
PID 2904 wrote to memory of 2572	2904	cmd.exe	29
PID 2572 wrote to memory of 2612	2572	iexplore.exe	30
PID 2572 wrote to memory of 2612	2572	iexplore.exe	30
PID 2572 wrote to memory of 2612	2572	iexplore.exe	30
PID 2572 wrote to memory of 2612	2572	iexplore.exe	30

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\7d5848842e934d5a57fb8766962a556e01c3715481d63d2a10dbca4bac897ddf.cmd"
1⤵
- Suspicious use of WriteProcessMemory
PID:2904
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" https://s2r.tn/cgi/INVOICERVSHA.pdf
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2572
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:275457 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:2612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5a07bef9bfe13e8751eea61d7b7179e5

SHA1
8856f1687991d81d8f7401e571bf5421e84d084f

SHA256
7f2b8f3b9d7f10244c5f3ffe2349403a7292efc9187ce7d35301a7b7a9048a87

SHA512
f1082ab61a7c56d88eadb62434d1eb25bea35b271a0c2a429b16ed4097913fb545bb0f98ea778749eb694738c1f753771d2c32ce8ae20ba04b3246ae200aafd1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ec6c8faa99e4768cb920b542bef655d7

SHA1
4754e1c344108d792cea3657af896643a8862f98

SHA256
b80b9eb66045c46ecf1804ab76ffbffc7b2853f47afbba2c5789927a83777fa5

SHA512
c397f421124dbcd0ab2e452f7d20a51b34a43e5425f66456a11a9139283511d663299de3b9cd830a2fc05b60fa56667711134708e0a534481c0198b5fce7bd75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fd9d165e698703486b256b91af05a09f

SHA1
7c67f1d6764e04b57dca780584f7927f3f7c39f5

SHA256
f2ab9031c054d82a0a39bbf2fe090f1ada1b73e62a293ebd177b40a921b0d06b

SHA512
05f0de75700389d021d7823518f568fdbf2065c06cb1306375aa103293a59e7cc4b968b7a7041fb8fe9a24392d56403ba80e4bd90ed4381918f71f44cc0987c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ab81fde9dc80d209e37677b97f14ee13

SHA1
ce7953602de7709c081865c1a2480cd7f2e5712c

SHA256
8f919a9aedee1592b32b8723cfb278fe3e1f2075d4b2089ee7c11ac655017722

SHA512
abefa1e96a3dccc70f8e03fc856317df73257b32dee7172e202165dff63cfa959248440cf489887cc0e4ca6b6cdba42b66c67ca87209a351780c41b0a8c80478

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a0a1fe55f7ca38f9aed04125a0e1f843

SHA1
e6e7550d948b06530b21e73d496a743333c8372c

SHA256
4b022fd779862ddf028c5979ddeedc65beac3fdebbe87db6c74711821faedc52

SHA512
340450984658978afdacb6f5b2da7e95b3d281c61c4707369cb4bf92842ec93ab76f371021e779b0452c65f55c895ab1beec13d0aea733145b20961bb6b2a477

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
150ceeef616677bd29c6ea389427226d

SHA1
e35b047a91c3de7f1036113a8f1ca0155e877084

SHA256
aa112dc85cf38f595d205134317a8596bdf6bf53d7c7e55014cae15e457586ba

SHA512
18b77a9c19d3bea5bd4f2878802f33dbe463e4678e4697ab3c190c3118c48a1da65f33a273a4192692a2657dabb5911c839db70f847605b3e1190bb01aef6dce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
844d1794530da2e1452f2865847d96a5

SHA1
c9de6bc27e872ecf57e68f57ffb3666d71f33e16

SHA256
56ca59d5e6b05f2c0a6b818ed6aa7d0fe25b82810aec24d372e02257bdf5f4fb

SHA512
fe3cde949a958c79ab705bdbb3aa5b63e3e912f20537e69c6872d27f0c045d50fd6cd8d1ba320329c984ac08e8e68c030dc6399a5e721af359e37f0339bcef90

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
77ffa3cf47b94bbaafa655f6202ec3ed

SHA1
2e8db8987c17aa5aba0e4736b86bd79b1e5b8b08

SHA256
f61ed352870cf873fe4dc0a04ee5eda2ca77dd8b0c80a4e418d5024f2c18434a

SHA512
1ba0995e581d0c352b042195a325a1c5ff30438ef591788b188140a5c6b0c6cbe336d8858a75de6457315208feaa3b2d72a3ea2af7ac00e7c4ad80aa46377018

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d8067f537ece692ed4cdff971d864359

SHA1
173a3796892db5003bb4217fb705f0ac8673aa71

SHA256
c8a34a01a63101a86f0eff8fe0f9a827b01a1ea092599eeb73c38cdf35cc4498

SHA512
30b67c27e6f278969d46fe7f2bbdc0902793b08b1f1b79dbd4a771aee8ef6cbe0b93ccae51ca010a10d55d167177069bc16ba05f7a57ae98830d5240f1adb1ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9f98c1029713c29c43d5c4286ff1238d

SHA1
6c0825373110e91e2f9a88850aee148c1a0c2a79

SHA256
7e75c903b1fcb68ce39e9449706643bebc32344db9d288ae8e198f1f3332479d

SHA512
03992a3dbbc117bb67315769bcab3f1a88f75e5b7384f7ae254cf8c5bc37f27f2fba6594a00cd209bb0dfc3df5c62e48726909d2ceb1034b38e681ea9c00b98e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3b7857f779e59a348cf6e0d5fda88c71

SHA1
403f0909d76cef2c7deed52fc7027f8f2baf3b36

SHA256
64fa200b1021aeb853dd3cebc6b5328dd5542ce4842182c3d6fb3ac041231e2a

SHA512
97e3571a33964445a817d5cd18e551dfcc37e2ebd3ed89d4450f302fccb74918fe9dfbe52f4a1ddbc5d5f8cf46b1056ece3428df0a7a7a0f20faabd25e64efc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
87a3ed41e37e91689efd65aad490e774

SHA1
3aadb0668a6545e4087548df3164bca8e7f8a2cb

SHA256
d7a34f22900e8c73bd957910e9e572c125dfbe189e7c5685486cfeb71ae98022

SHA512
23b5b66edddd4decf2bcc6f7949ce05e6e147596b6d6ec59f8f93e14a4837464e15c05985dd109926f30c2bb18755451e89f85dee6cdf60c48269bab9d16987b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d2fd0e9091092688934a52ea5bbc39b0

SHA1
928e4f481b87261778334a667a17321e5e76e71c

SHA256
ec433195c37129afdc4d59f09405f54ec3b0a7856d075f855984c162b8af2b24

SHA512
fcca49149f52ffb4f1b63678b3dc477cdc0f3e188083da898d57854dcbe30213d68e4baaacf3952bbfbdfbec3870c8f36d4b67f5dd1c1b04442740ab27225d3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b8e9895782a9ece58565431cfeea0bc9

SHA1
edccd0ef764a7c31ee9a33ed5aa3a38a1c510fb5

SHA256
7bdd996b43882c6baedcabfcad2a57a7256500ad6cd494ae59e23787f112e872

SHA512
33d27e47ea8f30dccc2f294db8cfbd99716a6bcfc4a350bd0de2038530393bd27c006ab3f4567a1a10c1c69917ce2db9657e468e3337ba4add2b33d50143464a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2153ef6c64f2b377b3aa064510fc1563

SHA1
574cd17b0789090fcb4926a4b6844ca6cd90f8ae

SHA256
6468d2aeb493cc76af6fd1b356a87986f36180f67a186e653207c3a12f2b5f3e

SHA512
79a9700cea96c3cdd503e576ff6b95a521fca8e0aaab696a7a6c1dc541616640a46be82cff488eb95efab97f1f923ad628991e9a69c5278efc6b3a37c79e1237

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
78dfe65372b34bdc42beedf1db708cd3

SHA1
60f404a43a1fae62e69e1d885ecd2a4b89df11cf

SHA256
62da332555dc0338882ccb274f35d23b5a98b726542b9ac5c441f2a6f4505bed

SHA512
a4e9a084d3bbdce809bf8ae7bf761ef12853c9416a0a17adfdf7bd7c8fd8fb859ac4f52644153e137ec5f93132f5d8edfba4ae699935fde7b53a1bd42695c3d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ec669006c8d80342bbb7e060f813ad0f

SHA1
b6d7ce0c48092d1ae3020b340fec9ae24ee4494e

SHA256
1436d6e0cb6a194f1f22a1d70abdbe3ca3eed997d1a5da860c138d9fdb05db07

SHA512
dc59c4419c627ba2dc087baa1b4d26448d94b422337c2a63cfd07dc349b1d73f3ee01fe31e3e6b1d49fb6423fcdb494fd2571930bb14bf8ad2113d757f7ae8e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
defcbbc4c6fda4870b99f77be38ade75

SHA1
cba82f5dd4cda898fa8fed4a1c7f37437454fbd2

SHA256
3f3865efc2220fe5ecf287070839e79a19fe6ffbfa1d92268c9359f64f2f0dd7

SHA512
a7cd5e8634d03b5552ffed57279eb9029324f347bf35a782ce2ab5e2a4f9ab82e18fa2d7809c4b4444f7d0059e43f34055d09846947cbad02d1d6a37d31606b5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab46A4.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar46E6.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit