hxxp://otter[.]ai

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
11/06/2024, 14:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://otter.ai

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625907423258230"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4904	chrome.exe
4904	chrome.exe
1028	chrome.exe
1028	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe
Token: SeShutdownPrivilege	4904	chrome.exe
Token: SeCreatePagefilePrivilege	4904	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe
4904	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4904 wrote to memory of 2076	4904	chrome.exe	81
PID 4904 wrote to memory of 2076	4904	chrome.exe	81
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 228	4904	chrome.exe	82
PID 4904 wrote to memory of 4604	4904	chrome.exe	83
PID 4904 wrote to memory of 4604	4904	chrome.exe	83
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84
PID 4904 wrote to memory of 1120	4904	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://otter.ai
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd1d6ab58,0x7ffbd1d6ab68,0x7ffbd1d6ab78
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:2
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:8
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4140 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:8
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4528 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1872,i,12102076269126263629,16349598831981962545,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1028

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
861KB

MD5
e66bc8bd93c3c0cf70f4a3ee9b443789

SHA1
afd5c4522b1f7abeec78689c90e5bee52466f966

SHA256
1c00f8104af4e0a59f1771242adc23446f83e3ab93fff4478e25aca65ab3648e

SHA512
ea8db5f5cead98b7f23ba855b9acc0203252c37079ce80d9dbe2ea8cfb60feaae306780627fc823940ba2280687c9b880d3cd8df2bdba4279b6d2b2149dd6023

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
7e51927d1ee02119129b10163a1978a0

SHA1
54f6ec0f37d19c0c224049cb798479d50ab68f76

SHA256
188a43d7c5046b91e0d0e0b110763c129395862c69561eda3c5ec4346c1fba42

SHA512
890fa1d961187e1c0a8bda7fa137c18131c7ccc62600a134d3d743ffa459da19c1cdb3274fa763ac2cc966daa1e37c0f8b7101855fa32145f28f43555c89268e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4a40ea45edd7263c04e2af9fac5bd79e

SHA1
ad513b026489501a15bdbe288014dc77a506a8cb

SHA256
0c51aa01f0507dcac622e9a36a25bc49e47ce16ee7a145c7a3b93995bc30c8bd

SHA512
3f93adbaba425a62d6731caf437a4ed58335dd0f11fe4c44902246bdaeece8c55a62be804dc5c336c5db1b3f581e90e61471c82de09cd2136e22d85f5d74c6d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a06e13ec3a86ffb75b652ab9c581bc21

SHA1
768dd4bf4a79019f405c59e165e12a22f98a7337

SHA256
32d1b5fcf3f6ee07fcb9f702c31b907a7935ed8b5563bd955f580a6a12b61797

SHA512
ab967e317223036ca5a128c3a9dc91f5a67958bf71fdd712cd858e520e7543b356e433517a4b0c06a9c01994ea4b4d6b7cf0204e4e829dbdd4b5e2bb981b9589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1023B

MD5
ca15c55bfc64ba7f7b5f2ec18494ccc4

SHA1
ee9480a10718f8a3274f7a4a8d79cd9c1fcb5e13

SHA256
e9f86febcb7a08417efdaea5321cf1ab30523b59e5fd5a6db605d490a8646249

SHA512
7ffd1f2ba67de8fbd8e46ff607c13407ac8ab093c23b5466d70cfbf1eecf457a258ce8468ccb67556d41fa651c6d92e0e4ca67e740e8f61e65197edc89e04100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4dd7ae7381bda8777d050f48f0fc01ce

SHA1
d2ccf8dd1173a0bd22f9724a7d4e7d9046c8c90d

SHA256
293cdbe3035437454ab71c83cf6cf9bebaa2e45c2637f542135789de934f8647

SHA512
62ffb206e5e6ee3d8c0ec4589f8df5cfcd00022faa82ab580823ffc23ea269586a77a1f9a03c57645e964a17d574868f906815547d03da9251092cee4ccae8cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ab42c3b1ea637231e3a024ba0ddd79c1

SHA1
ae3647a18e8abb385fb7b67ece25350f09815545

SHA256
4329361280c9cf45699fb69d9c5be4765ea94bc65808895be6a1b4269cd43735

SHA512
510d693361a6c4dc1d7322ac8d618e554a463935d6e3be890f18625d27e6057d134b48c88a5750692635868c862d80d7a479e2bc3eb52abcec016ed4a6429118

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d69cb14ded77b44a6ab86cd32410242b

SHA1
99d972f443b1c58b445aa7728e91b1db7aaf3e65

SHA256
adfcef9af165d3d0139db5ec9831bc04891f80f68a5e5679dc89736b4aa03ff1

SHA512
f7100f8c080d79497f9b17f61620bb22b8477518bdaa8127e8fb3348f3d3e725851a4a5c7942423ad69671699cd5f2574f3b38b93580b920e776f2da4df9af6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
0e56cbf5014ec3c3d9767f6f7793024d

SHA1
ac622fe3799b87653394fe341fe9d3e2e1a77c23

SHA256
fd599e4093cf79fdd8924fccd5a99eeb41e90ae88d79b12dfca6496ee7ef8314

SHA512
96648b691f89c702fa972d1482d90f6e76830e488ffa43b0d1097c70c5f2de4d68b3ad5708155ea57ae9d23e48f85565a7a0910e909356379b37422f576355a6

Download Submit