hxxps://cdn[.]discordapp[.]com/attachments/1258399093621788794/1258439904254234694/Glix_Beta[.]rar?ex=66880cfd&is=6686bb7d&hm=4185ba09b8c52bcd0b2cfcf076ef604bc97dd13eeb1164754c30ef0e4b837aea&

Analysis

max time kernel
40s
max time network
42s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
04/07/2024, 16:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1258399093621788794/1258439904254234694/Glix_Beta.rar?ex=66880cfd&is=6686bb7d&hm=4185ba09b8c52bcd0b2cfcf076ef604bc97dd13eeb1164754c30ef0e4b837aea&

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
3184	Wind.exe
3128	Wind.exe
4952	Wind.exe
2704	Wind.exe

Loads dropped DLL 16 IoCs

pid	Process
3184	Wind.exe
3184	Wind.exe
3184	Wind.exe
3184	Wind.exe
3128	Wind.exe
3128	Wind.exe
3128	Wind.exe
3128	Wind.exe
4952	Wind.exe
4952	Wind.exe
4952	Wind.exe
4952	Wind.exe
2704	Wind.exe
2704	Wind.exe
2704	Wind.exe
2704	Wind.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645859888898932"	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Glix Beta.rar:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
3184	Wind.exe
3184	Wind.exe
3128	Wind.exe
3128	Wind.exe
4952	Wind.exe
4952	Wind.exe
2704	Wind.exe
2704	Wind.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe

Suspicious use of AdjustPrivilegeToken 10 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeRestorePrivilege	2848	7zG.exe
Token: 35	2848	7zG.exe
Token: SeSecurityPrivilege	2848	7zG.exe
Token: SeSecurityPrivilege	2848	7zG.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
2848	7zG.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1048 wrote to memory of 4964	1048	chrome.exe	79
PID 1048 wrote to memory of 4964	1048	chrome.exe	79
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 3140	1048	chrome.exe	81
PID 1048 wrote to memory of 2208	1048	chrome.exe	82
PID 1048 wrote to memory of 2208	1048	chrome.exe	82
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83
PID 1048 wrote to memory of 884	1048	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1258399093621788794/1258439904254234694/Glix_Beta.rar?ex=66880cfd&is=6686bb7d&hm=4185ba09b8c52bcd0b2cfcf076ef604bc97dd13eeb1164754c30ef0e4b837aea&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xe4,0xe8,0xdc,0xe0,0x10c,0x7ffc88a2ab58,0x7ffc88a2ab68,0x7ffc88a2ab78
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:2
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:8
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2152 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:8
  2⤵
  PID:884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4784 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:8
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1808,i,4904819737709869233,14538551184829482841,131072 /prefetch:8
  2⤵
  PID:4212

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3028

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2712

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Wind\" -an -ai#7zMap23247:86:7zEvent2940
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2848

C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe
"C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:3184

C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe
"C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:3128

C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe
"C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:4952

C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe
"C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
236b34bbc285131873c85dbbd58b826f

SHA1
147111f05cf1de58896708d090628ffc97b2678c

SHA256
6562614a0a04f76f0b1276a2ff97dce8485e7c7117db8605d40a6fb17806010e

SHA512
ac54d813550f6e926b61b537282cd7665ad4ff03c314e152e4e059cb20c921b26dba3c2983c6b868528171156cf8e5c725e05183b91e21fb10e145abe43405d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e82c9bff3d7acfab45c12ce1225f8cd1

SHA1
00b2827859fa8ae6227e7f16134c44d91a14cf27

SHA256
0a01d294578bbc0bb729833a738e38ae0ffc9dfc68312360c5244df97bf422c4

SHA512
231708e4a7b039c0c65e9e34e46cda4cc7ef2332b5bf8d1fc1032b7f9658670b5ffffdf874b1e7246c7e53f1653edd3880d3fc9a96b9db750a1a385f8080ea64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
08f0ba0bb8eeb96234f45862ac6edbe6

SHA1
b74b03d77bb13964ae2975bfad8336528432dcaf

SHA256
1e943b789b192a828e7ff83f2195916fd313be660dc2c32453518f584b454ca7

SHA512
ad9c4299822776221f6fa87df3dda7a98e214da3dbabd0682fd37c3dc89e771cde1787e1a2890fbdb3e8be47d6d89f3d375eac35a669b64ac1e70f040d78f296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Temp\1570172095.log

Filesize
73KB

MD5
dc371966c2acf45488b40094bbc9b2b6

SHA1
c461f0ba11a9564246b559889cf0bb8f3e0efeec

SHA256
782fa03b4c290c6cdd8bd40af09272d53b236189d09062d201f08e1b175f39b6

SHA512
2a2a0dc4afc1c06ba0bc22deec2648a832b04a0a8a3f53eba6e6f19175c2748d90857a5ccb1a779e032f8c066a29b87628ec4c64eaf115ac2afde14a913012ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\1570172096.log

Filesize
257B

MD5
e2d65932c95ad3eca213288647960ade

SHA1
48bfef630ed7aa754d6e207b05f1f25d43887ab5

SHA256
e649ede1b374ac3bd915fdd41834d337f7507feb377fa672b217abc5e901d84a

SHA512
a38b2f906ce9a5cdfde623ff88d07b5ceba81dfe4c62e204f342a0adafb2e8141073504b9607075ddca91bb0ef21c398d7fd3d399e546c660624de79125a77ab

Download Submit
C:\Users\Admin\Desktop\Wind\Glix Beta\Wind.exe

Filesize
1.3MB

MD5
c1eb4ef94a224baaf0fe91ebd1336d7e

SHA1
f643a76f065f08c6bcb53d52d751f7f36e43e82c

SHA256
ecfa725f54239117bce62c95b61b4891cd8304be57bd4380aa2b9b9a82a67fc5

SHA512
7a72c5049e8c7f8d95aa778d682d4b550a825af9e998482f8df3efaa89adf769cbadddefded8af3e303a6d321f1b0203dafc5454ed0ed7881353952925a8f837

Download Submit
C:\Users\Admin\Desktop\Wind\Glix Beta\libcurl.dll

Filesize
522KB

MD5
810069154354544376983e47506ef7de

SHA1
36d0b270b3b20ebb68e0671626e5d82d8e60d5ae

SHA256
88fceef289646eb8d44a8aa9685a747799d479f72b50d2c7a3a672a66b6742d4

SHA512
dd46ef90163e1fa5f124e7757e6e9eb8b9822c51b9d6b5fabda7a3168f4b2c85a904594128dd29a84aaceb20856c1732c0aaed9db80032402e41106a3e5de460

Download Submit
C:\Users\Admin\Desktop\Wind\Glix Beta\xxhash.dll

Filesize
45KB

MD5
38a87bff4aea9e595ede175f6b734f8a

SHA1
ea0bc25292f730fea597c57a5b105023d5a286a6

SHA256
e41c7830b6b26a9215078972657b0d789b74f9befbc30b50057ba0b4fd9539d4

SHA512
c44653ddea051f2e776ee5af67d3343405b4083bef4a596c277a2b1e37651e2607e694eb19db819d5ab6ba20cdd3c6435fcf55d2aecf08a978c0a74c33c4167a

Download Submit
C:\Users\Admin\Desktop\Wind\Glix Beta\zlib1.dll

Filesize
87KB

MD5
3b5256a2a65c59d4f2d45c28a55996ec

SHA1
3fadc1fb82664376b2f255986352594c82c85097

SHA256
7eb9e3f677b38e0c34f29d2814b9aa471f242931cfefaa98deed77a1171721a4

SHA512
af5be3361267910ee518f262daa48df829b40a922d61c9dd079901cb361fb73b148de46b8067fc43509a750a30a149e9688d4ebdfa4514cd8779198b6c43565b

Download Submit
C:\Users\Admin\Desktop\Wind\Glix Beta\zstd.dll

Filesize
634KB

MD5
eb8b280cbdf96296a4d02cdf33c5af07

SHA1
5d79020ea116a0fd40e5c97c9a828ac536a61c77

SHA256
e375ac00701cced00c6a126da7774c674a5577d02fba54670db67ba5216b9655

SHA512
5aceecb6a8b4b4ee13fb6057f591c6c4b56a1148e28927191d2152b48c72462f3bdba734319e463afb141c20b3a134fd518c44a1093ff40485d3674a12119ee4

Download Submit
C:\Users\Admin\Downloads\Glix Beta.rar.crdownload

Filesize
920KB

MD5
88305ff7178dbce0542592a57b47f00c

SHA1
11a5af45536e5cf2d026dac96a307a833fab3750

SHA256
ecffd22370659c4762268e999321c6b065e000ef90096179fd05a5d62e09d06f

SHA512
40ba985c731b503a86ed69c43aedd52bf53a1fd0a42001740c96127a1bbd52b5251975133f0b431189d5d814fcf4dbe72452ec007b2a643d1d45b4f1c05114b1

Download Submit
C:\Users\Admin\Downloads\Glix Beta.rar:Zone.Identifier

Filesize
221B

MD5
4fbca11e1730f509dc161dd9c0a4120f

SHA1
20762c20ad18ea4c251566a304cbbc052c752b1e

SHA256
00d1e9b1d140d5302f069c4cbeed6d410259152a624aabd00518156cee9fed5e

SHA512
61016be23ed0b9d5fc4a5533514a477c3ee118c0e5811bf484ab4381f5d492682f44aa0184cdba056a685db5785d94b4914d544012fb5b15a8fcfc2ce0736fcd

Download Submit