ed8d19c843f0c321d9ceb1201d78d9ded4f8685705706b620a250e3ea59adeb9

Analysis

max time kernel
63s
max time network
68s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2024, 20:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Electron V3.rar
Size

37.0MB
MD5

ca43b33e3602b32d40503b05fde426e5
SHA1

7f6e18698426f87f317bec0b34824f73309613a7
SHA256

ed8d19c843f0c321d9ceb1201d78d9ded4f8685705706b620a250e3ea59adeb9
SHA512

35108b0921ac03defb467ca9e35948b8826ac323c6daeb5b82035bd916439f236703ffbff1c00ab14cfbbd020e6785b5f60c80ad8879ca18da8753177e8abdf9
SSDEEP

786432:k/wnn/givzGoxUj0qgICFcaYhZMYe8nxMBjixE7Itvbw9nmHznx/ksiZ+y:eGn//GZSYfxnNxby9mD+pMy

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2650514177-1034912467-4025611726-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2650514177-1034912467-4025611726-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-2650514177-1034912467-4025611726-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe
4652	AcroRd32.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4176	OpenWith.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4652	AcroRd32.exe

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe
4176	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4176 wrote to memory of 4652	4176	OpenWith.exe	91
PID 4176 wrote to memory of 4652	4176	OpenWith.exe	91
PID 4176 wrote to memory of 4652	4176	OpenWith.exe	91
PID 4652 wrote to memory of 1504	4652	AcroRd32.exe	94
PID 4652 wrote to memory of 1504	4652	AcroRd32.exe	94
PID 4652 wrote to memory of 1504	4652	AcroRd32.exe	94
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1224	1504	RdrCEF.exe	95
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96
PID 1504 wrote to memory of 1968	1504	RdrCEF.exe	96

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Electron V3.rar"
1⤵
- Modifies registry class
PID:4408

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4176
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Electron V3.rar"
  2⤵
  - Checks processor information in registry
  - Modifies Internet Explorer settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4652
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1504
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6475D9CCDEE86D607F4B35F7EE852B53 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:1224
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=D4E5F440FAE3A152D0E683E02429A444 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=D4E5F440FAE3A152D0E683E02429A444 --renderer-client-id=2 --mojo-platform-channel-handle=1760 --allow-no-sandbox-job /prefetch:1
      4⤵
      PID:1968
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A491F66C0BBC80E0940E97B3EA1A53C0 --mojo-platform-channel-handle=2324 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:1212
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3EB83F25C7DE935D0C8D6A2D3CD04809 --mojo-platform-channel-handle=2336 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:2324
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6E2FB38ED9998C259043978E8CE7C538 --mojo-platform-channel-handle=1636 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:1164
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=C4C2CC812ACF92226B86E32B27ADC80C --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=C4C2CC812ACF92226B86E32B27ADC80C --renderer-client-id=8 --mojo-platform-channel-handle=2052 --allow-no-sandbox-job /prefetch:1
      4⤵
      PID:4656

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2920

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

Filesize
12KB

MD5
0e085e3dae1cb1aa05e2fb99d06aff02

SHA1
2607b44aae8cc4ed383c7a643cdb66a0be01c04b

SHA256
fe552136ee851bf3317aa48e9e254e0dbe1b2fb3dd521236e174d905cbe03b5a

SHA512
484670f151f6fdee6e4934cf97d54fb6aebc008ad20133d064beb01cdff8133fed8a8ce9a9461720a9fa46b8177adf2cf6e0b3f4c7e93a1a57af85d0baae09fc

Download Submit