468dc2e413944b1fd4c998e54eddcc769abe3a130c05498915632e851fd240e2

Analysis

max time kernel
136s
max time network
134s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19/07/2024, 09:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.lnk
Size

344B
MD5

4c2a7c403e0c28333f645a363f606da8
SHA1

fe61f5e318e323fab9af329245e4bba6128aa5c6
SHA256

c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14
SHA512

8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{56AF8011-45B5-11EF-880F-D61F2295B977} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "427544931"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b70000000000200000000001066000000010000200000002f8b1a128e85311ad861c4755dcd73f5aab2fe3cf1332944907176ef52958e94000000000e800000000200002000000026f951c9fc68fdd2993b993a876e6c0ad2c2641972dccf4a731993bc4e71060c20000000c9106ab94867b2af91042137451c15996b13ba4ea33c0df67594ef1c3c3e3e0f40000000d4e34ce5c689680ca06ddd6b778b8ad9a42e69bf59131d7edaa3ec62adb04b0d0fbe56ae5bb9a85265945eaad18d72670f0471b4a4af86ee0c0f819cdae6af55	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b7000000000020000000000106600000001000020000000881f557a136e758077047b49c2b8355cc3e789ea5a51a0a4ba3daf6b3db53f31000000000e80000000020000200000008747db952afa1413fbf9684b9af9d4fc7044b8aed54c61aa3939297c54ad2f619000000052ae37d27b7c2176076d77a2b8129e4b8a3c8085a94fc9d9d3d96bdeda9aad50e28204075ec87e73adc4f29b97bffe44b2ee2448bd4ff0fc88eec6df2e88ff17f03ec1c6dca341a19701f0752d9ae96961d8f7a3c50da376cc7edaec1a2f323ecb95205d34a148bea55cb6d2250b00c325715fb8d40bdb95ceaccd21a274cf827eb4b09ee6e1069654aa45542748d4a8400000002f87dc6d235fcbdc546f6c128582f0ac37a7f1f457eb6cb19faf9016278dc3bc00095aab15342e718b09ebaf7969270c59cafddfbbdba6e7b6948aea1ff96495	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70c9c92ec2d9da01	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2900	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2900	iexplore.exe
2900	iexplore.exe
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1668 wrote to memory of 2900	1668	cmd.exe	31
PID 1668 wrote to memory of 2900	1668	cmd.exe	31
PID 1668 wrote to memory of 2900	1668	cmd.exe	31
PID 2900 wrote to memory of 2656	2900	iexplore.exe	32
PID 2900 wrote to memory of 2656	2900	iexplore.exe	32
PID 2900 wrote to memory of 2656	2900	iexplore.exe	32
PID 2900 wrote to memory of 2656	2900	iexplore.exe	32

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\.lnk
1⤵
- Suspicious use of WriteProcessMemory
PID:1668
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" http://www.newasp.net/
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2900
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:2656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
006d9c50331b44fa6bad682c60eae656

SHA1
0d3daf9b7ae97595109fdb7d72af2e6a81c4d2fe

SHA256
567c6168e65b9ff25af936a5e817e9ee12d6f110bcaf4004d972bedd0b78a156

SHA512
31f56a661445f27aecfb054115ab12c1170ff267c29e443eba9bc44eddaf4e5cb6c0c7c4c13d3ec7fa5207199f3bed711ff8ce4be23e3b0be8aab0f783b52ee0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f5748cf598d318757e94b8de79d9879e

SHA1
4850ce1664b0cb088843b3b2c53a80a1d80a9835

SHA256
1a998d9b6e338e72f9da2839ac39c57cf9aed705011c88f26a6daf35131a9bd3

SHA512
2862ea94803a134abffcad35189f198affd20b991aa9871f87ed6d1d223f4e198f0226cd7daf6f67228b0735a0de32247f174e40b3b686ae6ee15eb5d401fed4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca8e49cb641ab01ef3b43e80184b6ce9

SHA1
a7b60bbcd1dd0927fba0c545246a4d04e52cb573

SHA256
b9a35bb5b96b263e4d3a8bf71d866dfe2a87b44e9084c388c491ac7970b6df13

SHA512
3d819863586dff022e274d5b15d46871b4598e1d6d0b90a2271a7b819d2843269eb32ea3bb709cbbd6a8d3761eccb670ed27fd521937c8e9f38da840043ee04a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ae925bdf755f57ac125897c5c408c9f

SHA1
820293bc5609d4e75c8aa050631324cd53cbdfa2

SHA256
3fcb4137a9ed49b95d44522cb3e59156c91e1fd0badb6f8ab2a3eec022f74058

SHA512
207f2471b828a84dbb08a251e385e896592e3d832d831d62da0bed667d436c5654c2d91ac6055e18b31d83805c23aec710cd2e12939214a56a328f30b6bfc1dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a7772736b94108d8f29c469f31de7fc

SHA1
d44acdb4966e8c3814de9c3e6dff4aa12fc3745d

SHA256
374f31a061dc63ee60281dca8dab1dba63dd725c7767abbcecaa25a12bc57213

SHA512
317336e381a6c9675926bf1017eeaea6aa95692b71c59e8c0f8f93509c9b62bea5b717f492e97d73d726522f648e3fdd6d827b23ac53497dbb8313f06971d952

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d8f14ed7a3ea961220d0ec4ff4627e7

SHA1
e7e28e58f78de56a6994eb897ab064b71ced0ca1

SHA256
9ddac3bf83772c1f20bef0294de3b88c1ed374576d9b27af973bcfbcd11b6434

SHA512
2d675bc49a32b649b89afa49dd6fd259d732859b43c659c041d086ac0c355039ea9bd457eddfcf7903d7aeb4697282dd62bad6b0dd93cbb86f972425b922aee2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
31f3dfce22b9e6983729976acf64de29

SHA1
8d9d4171d0d90a2b848e76521dea3a5e7d5a4d2a

SHA256
066d32ad1d2b1679e9a600b5e8b8d2a622f7d1ecec4a6bf4b52555528018fdde

SHA512
e5983f43ceeca793df6b36509e95d5b92c47f1221e3fb9246bc19884fa28bea12f7f50c04fe66bdc4960e5e30f16ad7a38c40f19d09a0841cd0d1cdb2f12aa06

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
488d1a9fa67f4a3ba659d98d2cbe4ea2

SHA1
adcc936fce43758dafe818732f8f3a116f6a6174

SHA256
bae4bc525361b1d2247690b8a4e18ceb396c008f5578737d68ca3c66aa1c61ef

SHA512
44039ccaab109a7e470c860ba24560b1c19d84c3f286f1162c491882ed52650ccf67c34be859cc395affa248aeabf23baae5129c9f5c3d20502f8c7f23269ab4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44af4d22f45a37c2a6ba8855a064c028

SHA1
34f5c43b18610ca1716423455c7abef4e82899ec

SHA256
d337300832df8b1f5a25eaf4b948505ab0829df32a9c8ce5e07e793732577994

SHA512
667309bc0435dc558721584eb806b1fa60626b5b4d8c4cb85c02e7277c01c38cb9d19a1d358338c57041ecb1440714229f5bfed706ad3e43d612f6e152883d58

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4289395a002175cf9cc08d7bf4c21b0f

SHA1
a27adcef296ce0418d1c8155c2541d9268319e8a

SHA256
9988230aaef81783ffec51c6f0d6f40b278a1255bd3ffa4c86d04e7e5bc38c57

SHA512
94ec9bf8be3cd0d304b5a3d4cd93b40c9acb453a516cc44cf7aa02d0ffcc814c8b0578711992cba4269f429737efd83bef0e65dadfcc7b7bd90a53340c8d8427

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a5f67e184f1d1bacc1f92e8aeae258e6

SHA1
ae85b85f8bd3e215f7b7dae5024063cd11a41284

SHA256
3c9b03b93353d28823858a5a1316e3cab28072226a1aef4b0f20b8f1a046ec5e

SHA512
19c72fbad82a4b14352da37823bf205572a25022c487ad13e5d814f1cd588dcf2c7d093dafa6b7eb6bc1d6adb9397002d5e6dc27d6ec51a3db691e121058ddb2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a26aeea24e5c10f45a6fb16269cfbbf4

SHA1
8ccafe23bf335e1d3621f85bd1068a9bfa51f3d1

SHA256
d87f8b36add33e90de6db695dae6b1418f460f76479f684871c4ad19154cc27c

SHA512
7d122ffe6ef12e56d191078ee7b87d380304daa642ecc56bbf101c13e84bfa0a0fde44eeacbe53d50ca871e824ccf0d49e3b015c485322f1fa04fd59ea2caf2b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23d505ea66d8cc252cf938b5efa820dc

SHA1
25e77c57b5236d6c70c31729cebe80a4618a764f

SHA256
6712de9fc1f31f084771ba507843c13fb61cf75bc13bc255a65f0c371bd5981a

SHA512
0e35d5a13985079600653781ad6ae897442ae0b25fe941de65ea471e4bb64bdfb9203bc6524339c035acd1f31c9c7ce5b1f70e310ff81ba89b0c264797025105

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
46902362fc6f820b7502810dd45324d5

SHA1
f0aabd063d18fd88b44214655c802288f5fc9a6c

SHA256
38dfc2d4365fe8465646d5281d40fd12c6e2a5182c789afe7f589db824cfde5b

SHA512
44ebfc654496e01cd2b28236176c2397f5bab9955388c0b3b28c445ee2ca64ccbda4fcd6becbe93cdca8201d769ae03232ede69fcd18be986061922b5d338f44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bd592c631140519d0b98eab74f6d367e

SHA1
86d39eb20f1a6a161788677f15916ed124b63bef

SHA256
4d0de9116f2d04168553ed536ac5062d4629864a0024c15653d568c8679a7f48

SHA512
fcf89e32c8b0b2bc4bb2dfca6db69a1edf2c5d99432aaf92bca76f3e718d435f1c3ba3f3a48c5eb9de445d97a58bb3aaaa6b136e8cc14f0302b93f1dcd93cc03

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b5e7e578f9f364093b709084b45ba97

SHA1
987875c0e04c9db8147a97c8ee220b974f71f39b

SHA256
da77d6a16a22a873afadff1287bcaab2a064a585e9acd712e5b6a0a946c71cf6

SHA512
98a2d88ccadd8cb34440c35726e3fd25a725ad015db18ae87f5cfeae1a28e448e758763892830646dbe70787395c49f86bca1dbd32c0316bf5c599802b4ab3c0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6073bf7b7c8be8e9701d6dd15d565180

SHA1
34c58f2e493ba1f60c3277f01d87cd3b0befb8fd

SHA256
4b13576e8eb6af80a639bf912e272b80e43c44fa7fe42a0023d6a5f0169724e0

SHA512
460d8b2c9e56f7e30530515ac04a3fa947188a864e67cbbe3642f0dfb752f5e970855bbe18b05c6dbb0d2bd85f8b1514be1d56db4384332eefeb2da5b965dda6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
13cabe90722556af6f3fbe460e6435a2

SHA1
b3218932518a08cac9c5d9b16a2c299cb29f6a3b

SHA256
09cefc538da74f3147eca19daf83a00ce782817893ca9d849eb5fca087d24c69

SHA512
dff27af5049fc2b476e5b2828846b6293a819b336b9f58f5067b72577f0819d6ca3aa6136c10acef6b71225b8c784d27b85ee96c7a05f960139800a16b2b928d

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabBB64.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBC15.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit