70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787

Analysis

max time kernel
41s
max time network
147s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
31/05/2024, 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
Size

1.1MB
MD5

c3da2390d81bfdeee691709027dd0642
SHA1

5eb2d035abc3f04db47bb2fac95d394712280dd7
SHA256

70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787
SHA512

f57ad2b1f7c153468376cb45826adb2b22441f975339309bd4d5d8ce79fe3b9129544158821cac63254bdaf7c6472b95f5d93c0f3d47ff689160247d86dd486c
SSDEEP

24576:QqDEvCTbMWu7rQYlBQcBiT6rprG8auq2+b+HdiJUX:QTvC/MTQYxsWR7auq2+b+HoJU

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2500	chrome.exe
2500	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe
Token: SeShutdownPrivilege	2500	chrome.exe

Suspicious use of FindShellTrayWindow 47 IoCs

pid	Process
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2500	chrome.exe
2500	chrome.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe

Suspicious use of SendNotifyMessage 43 IoCs

pid	Process
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2500	chrome.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2492 wrote to memory of 2500	2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe	28
PID 2492 wrote to memory of 2500	2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe	28
PID 2492 wrote to memory of 2500	2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe	28
PID 2492 wrote to memory of 2500	2492	70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe	28
PID 2500 wrote to memory of 2944	2500	chrome.exe	29
PID 2500 wrote to memory of 2944	2500	chrome.exe	29
PID 2500 wrote to memory of 2944	2500	chrome.exe	29
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2712	2500	chrome.exe	31
PID 2500 wrote to memory of 2544	2500	chrome.exe	32
PID 2500 wrote to memory of 2544	2500	chrome.exe	32
PID 2500 wrote to memory of 2544	2500	chrome.exe	32
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33
PID 2500 wrote to memory of 2472	2500	chrome.exe	33

C:\Users\Admin\AppData\Local\Temp\70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe
"C:\Users\Admin\AppData\Local\Temp\70793989c60fbdf7320ec7c3fabd876ba559da741fbebd4636fc9fc7bdc72787.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:2500
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6ed9758,0x7fef6ed9768,0x7fef6ed9778
    3⤵
    PID:2944
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:2
    3⤵
    PID:2712
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:8
    3⤵
    PID:2544
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:8
    3⤵
    PID:2472
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2364 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:1
    3⤵
    PID:2664
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2376 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:1
    3⤵
    PID:3024
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1184 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:2
    3⤵
    PID:1948
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3244 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:1
    3⤵
    PID:440
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3536 --field-trial-handle=1244,i,16970242246287715377,16794616329114437964,131072 /prefetch:8
    3⤵
    PID:624

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
46fb66730767294983be7ff75d235af4

SHA1
50fba0dcca744124dcbe21f087f9fd97234fe204

SHA256
8260c619632124b6968f238f75815059e670617bd8caf6e3ee1dede102b64f92

SHA512
b9302761a3f4a1f39a0cf9e4c60d1417ea09b672f8d8221c236c37b7e13a42263cd63e9aa5b53d13509d9c88fe9058ff01fae9f9aa96e5b5ef66b2848229bf8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
965dbd07918aaf0a23395a9fa8b501aa

SHA1
0f9c61f44fc0ec1b93b49df41a2db5900e6aa759

SHA256
c17339eab9bb68482c86678eccdea0695db58a857375ebf831be564a90bd8fa3

SHA512
eaa00722ff03670981f683bde706e67c6271be04e43f72d1a6320f1bb7cd528be24f77e08d99e76a29af157b77e096e58de9b600d106232d3a424335cd4963be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
32623bae7676a973165da73115bed689

SHA1
f0c5388d3b5337462d3ffb94d370610f1540fd95

SHA256
24b3e0c6abe648ddf9141dbc5c79cef45c8d175fa768f7555215de73238ab6de

SHA512
726e7957bbc03ffd1cc484a8c4772862ecbcd1897cd9a4d1c8b1ace1471788693ab019eb87c11df11336db24edef579f61df39880ad5f67f1d65964590e1318d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit