hxxps://assets-fra[.]mkt[.]dynamics[.]com/2784eceb-7f29-ef11-8406-0022483990f9/digitalassets/standaloneforms/62d713e1-2832-ef11-8e4e-000d3a8987cd

Analysis

max time kernel
36s
max time network
39s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
04/07/2024, 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://assets-fra.mkt.dynamics.com/2784eceb-7f29-ef11-8406-0022483990f9/digitalassets/standaloneforms/62d713e1-2832-ef11-8e4e-000d3a8987cd

Score

10^/10

microsoft phishing product:outlook

Malware Config

Signatures

Detected microsoft outlook phishing page
phishing microsoft product:outlook

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645582224703061"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1680	chrome.exe
1680	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe
Token: SeShutdownPrivilege	1680	chrome.exe
Token: SeCreatePagefilePrivilege	1680	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe
1680	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1680 wrote to memory of 4916	1680	chrome.exe	72
PID 1680 wrote to memory of 4916	1680	chrome.exe	72
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 1956	1680	chrome.exe	74
PID 1680 wrote to memory of 212	1680	chrome.exe	75
PID 1680 wrote to memory of 212	1680	chrome.exe	75
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76
PID 1680 wrote to memory of 2660	1680	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://assets-fra.mkt.dynamics.com/2784eceb-7f29-ef11-8406-0022483990f9/digitalassets/standaloneforms/62d713e1-2832-ef11-8e4e-000d3a8987cd
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa4ca99758,0x7ffa4ca99768,0x7ffa4ca99778
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:2
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:8
  2⤵
  PID:212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2112 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:8
  2⤵
  PID:2660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2868 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:8
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4640 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3792 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1804,i,7544020183753971682,2834937149435434522,131072 /prefetch:8
  2⤵
  PID:3356

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1144

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
3dd15202bb9802daa6c8a4d5d5d8815e

SHA1
84c392e15604debdc0bb584acada420c0351c2a6

SHA256
482d796d7aa498f8ccffb42832196083cb468db31c4ae8e00fab473104a7c5bc

SHA512
a10b6d19bbaef24166a6a230fdf8a83272badb15c3cf40fa220a41e625e8c853ef0cb306b64b67364e680586401cccace7d46ca04a11611620fc85fff5f88ff7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
ab9d85462930077613a65349a6c5df95

SHA1
f348471e7a87d5f8b12078b2e26c09edbdecf597

SHA256
9a8d9804822e0a570fe4c1c6579db608cb754cb25a663062d377ef83b3b9f704

SHA512
0656d590bb09b201125d07c547b2db0fdc077c1fd8e1ba8338f67ba64fd7ab9d1ec2318ab45af22073d1fbf768d3f0997e14ad3f6bb087aa3c6478a324cc9c84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
7fd311088d73d2fd96ef9d95f92e6bdf

SHA1
4ab7baa41f8a42e95d4abfff878df16d7c483ced

SHA256
f9eb062219ed28ea2cb2b2e388a25e5eb3d5acad659cbb2af352bc1001616e75

SHA512
96fe58616f55c707fd659a8afff58d3fdf95f030101530a8c9694ba5ca692e98e35cabcc795a1513779cddf48efbb5f103af5576cff386aca7a1fb618f9a0371

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6c90a78810a56a4731625209ef497304

SHA1
55bbe6aff632e80d94c37bdde450b79006829519

SHA256
e55a2b722239ac864b4c9855163247b7f9a807d309b4b08c871ae35021136f14

SHA512
8f565f680df8682059fbad29c5a2a268e837baa017278536c6531347a1f61d04c4d5a5881a6dc84158d17b121255504a6dd0e16c6144f121f25f6b2e6061a134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8657a9bb03d7cc353945460290e73bb1

SHA1
d59e4edc1baf34312cea8d0fffcdc7e24df5ccd4

SHA256
9c01ee5b2dc2770be7f5c20b28ddef0a4a0b854fbfd84f179a1fa8d6276bb83b

SHA512
d56446108787b05e800f365855c89f5732e0b8fa35a1b9176b840d1a565f621e5c0d709e073b2fb5698ce1dabaa13830c283380e0d66fe5808e66987bf2a25a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
4aa130024249377d1d697fd6dfb248ec

SHA1
0dc35e144fb571ca8bf478c04ebe4503592631a7

SHA256
aa6b9d67c205a255895fb169e822cb5e427d054190fd7838680be6c0a8966bdc

SHA512
dd7df742dc5572ad275734291c35870c562f41dbed52ad02b50d8da2cf2a682c8e5a752f94dfd42d32452ef175675d40d8f2d3b4eb691b92ca98cb362cfd8017

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
99KB

MD5
487fce0315d1067014a117499db0deda

SHA1
0d47591eeb629c551f156e720f054c4dce6d84fe

SHA256
dffd1268a7c3d70514ef609c3e48208dc4eac35afe3edd9cc89e779f4c294b32

SHA512
6eee49fb237ee9183dc0bcad481ba1171f3646410bc693cd7cb513f344cbb9a33310c388e259b77d44c34a78f0b417edc43309befff69049e95af9c83a14af3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c796.TMP

Filesize
98KB

MD5
c097ff4c67828034acb8ff0b8e767cf3

SHA1
e66b39f4a52e0c434df80d771fcb314322ad59f7

SHA256
730a7bb5b56c846355b9df33178bc985710d866abfa7eed2d0be9b860ead6500

SHA512
5a9adf3122691d4c8e1bc1df5ba5a2d5a54270d93e37d964ea12faaf408c020bad9fac908ef35feea2a37edf9efec8ec396a2b14948042a9653a812f6bb26e63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit