57185839d6e3b788c74e93ea8eb28c488fd3aabd026dc96842cba9ad4bd8c871

Analysis

max time kernel
119s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
01/08/2024, 22:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

173bce0c1806b29699173ef34e86c290N.exe
Size

161KB
MD5

173bce0c1806b29699173ef34e86c290
SHA1

f6931761985e6b523e9a3d8c29aefb5d0ed46da6
SHA256

57185839d6e3b788c74e93ea8eb28c488fd3aabd026dc96842cba9ad4bd8c871
SHA512

c9a40e55c9efbfe06d8920bdd515fef77d6917bf33da793e534967a48ac002986ef1f2480229a86c27c6a883277a4a0ad94731eb888ba46593adea84fe1e0a28
SSDEEP

1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5GT6SsDF7Z+pApfGQ3y3RWvfmRfm9sKsSd5G2:6+WpDfmRfmh2TSDP+WpDfmRfmh2TSD/

Score

9^/10

discovery ransomware

Malware Config

Signatures

Renames multiple (4658) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Executes dropped EXE 2 IoCs

pid	Process
3428	_UpdateSessionOrchestration.027.etl.exe
4608	Zombie.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\Zombie.exe	173bce0c1806b29699173ef34e86c290N.exe
File opened for modification	C:\Windows\SysWOW64\Zombie.exe	173bce0c1806b29699173ef34e86c290N.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Internet Explorer\fr-FR\iexplore.exe.mui.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-ppd.xrm-ms.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_Subscription2-ppd.xrm-ms.tmp	Zombie.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\pkeyconfig-office.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\sqmapi_x64.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\MEDIA\CHIMES.WAV.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\MSIPC\ca\msipc.dll.mui.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ja\PresentationFramework.resources.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\DirectWriteForwarder.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-002C-0409-1000-0000000FF1CE.xml.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessPipcDemoR_BypassTrial365-ppd.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\UIAutomationTypes.dll.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\pl\Microsoft.VisualBasic.Forms.resources.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\OutlookR_Trial-ppd.xrm-ms.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\WordR_OEM_Perp-ppd.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\excel.exe.manifest.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.ComponentModel.Annotations.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\api-ms-win-crt-locale-l1-1-0.dll.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Client\mfc140u.dll.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusinessR_Trial-ppd.xrm-ms.tmp	Zombie.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_OEM_Perp-ul-oob.xrm-ms.tmp	Zombie.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\WordVL_KMS_Client-ul.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\pt-BR\tipresx.dll.mui.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Java\jre-1.8\lib\ext\sunmscapi.jar.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ul.xrm-ms.tmp	Zombie.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\osknavbase.xml.tmp	Zombie.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\jsdt.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\System.Threading.Timer.dll.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\D3DCompiler_47_cor3.dll.tmp	Zombie.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\System.Xaml.resources.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Java\jre-1.8\bin\javafx_iio.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipsnor.xml.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\de\WindowsBase.resources.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\fr\PresentationFramework.resources.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Century Gothic-Palatino Linotype.xml.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Office16\LogoImages\WinWordLogoSmall.scale-180.png.tmp	Zombie.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ja\UIAutomationTypes.resources.dll.tmp	Zombie.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\legal\jdk\ecc.md.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-sysinfo-l1-1-0.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\MondoR_OEM_Perp-ul-phn.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\SkypeforBusiness2019R_Retail-ul-phn.xrm-ms.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.IO.Pipes.AccessControl.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ru\UIAutomationProvider.resources.dll.tmp	Zombie.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-multibyte-l1-1-0.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019R_Grace-ppd.xrm-ms.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Data.Edm.NetFX35.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md.tmp	Zombie.exe
File created	C:\Program Files\Java\jre-1.8\bin\tnameserv.exe.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\VisioStd2019R_Retail-ul-oob.xrm-ms.tmp	Zombie.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\System.Text.Json.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Java\jre-1.8\lib\security\policy\unlimited\local_policy.jar.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Office16\1033\offsymxl.ttf.tmp	Zombie.exe
File created	C:\Program Files\Java\jdk-1.8\jre\legal\jdk\cryptix.md.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\System.IO.Compression.Brotli.dll.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Locales\pl.pak.tmp	Zombie.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\deploy\splash_11-lic.gif.tmp	_UpdateSessionOrchestration.027.etl.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\BIPLAT.DLL.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\7-Zip\7zG.exe.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-ul-oob.xrm-ms.tmp	_UpdateSessionOrchestration.027.etl.exe
File created	C:\Program Files\Microsoft Office\root\Office16\GKPowerPoint.dll.tmp	Zombie.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\it-IT\rtscom.dll.mui.tmp	Zombie.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\ko\UIAutomationProvider.resources.dll.tmp	Zombie.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeStudent2019R_OEM_Perp-ul-phn.xrm-ms.tmp	Zombie.exe

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	173bce0c1806b29699173ef34e86c290N.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	_UpdateSessionOrchestration.027.etl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Zombie.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4932 wrote to memory of 3428	4932	173bce0c1806b29699173ef34e86c290N.exe	83
PID 4932 wrote to memory of 3428	4932	173bce0c1806b29699173ef34e86c290N.exe	83
PID 4932 wrote to memory of 3428	4932	173bce0c1806b29699173ef34e86c290N.exe	83
PID 4932 wrote to memory of 4608	4932	173bce0c1806b29699173ef34e86c290N.exe	84
PID 4932 wrote to memory of 4608	4932	173bce0c1806b29699173ef34e86c290N.exe	84
PID 4932 wrote to memory of 4608	4932	173bce0c1806b29699173ef34e86c290N.exe	84

C:\Users\Admin\AppData\Local\Temp\173bce0c1806b29699173ef34e86c290N.exe
"C:\Users\Admin\AppData\Local\Temp\173bce0c1806b29699173ef34e86c290N.exe"
1⤵
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:4932
- C:\Users\Admin\AppData\Local\Temp\_UpdateSessionOrchestration.027.etl.exe
  "_UpdateSessionOrchestration.027.etl.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:3428
- C:\Windows\SysWOW64\Zombie.exe
  "C:\Windows\system32\Zombie.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:4608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2077438316-259605770-1264560426-1000\desktop.ini.exe.tmp

Filesize
162KB

MD5
64288325b17dabf165a8fcd9306b8f9e

SHA1
b529b791afe28a109765be77427e7bb6fdd87927

SHA256
d2d6f57ea063400eea18e530715d557341503ee90d6f2a03c5d2898cbd51a3f4

SHA512
d76c85450dd468256fbfacf3528bb08c46c5776781c46a045f7c486ba0d8ad72d1bbfe1d2b3952f2f327c4e7e9d92905a5dbe25812f3e0dc991767195d1fb997

Download Submit
C:\$Recycle.Bin\S-1-5-21-2077438316-259605770-1264560426-1000\desktop.ini.tmp

Filesize
85KB

MD5
db9907797ed5f4bc3702587ce531af0c

SHA1
a90330cff1a83f8d557f31c15182a083ddef635b

SHA256
6d76d1773372f5fec60f1148688a19ad57b1d6a475dec23577e57a958e37b79e

SHA512
b92803896981a478813f64ef2ac2d3972c7694a69218136194ea250c7085359c7a472eea21edbec48c37f8f9b6a385431ddeca472b1f2fa5821c7708e3ad75f8

Download Submit
C:\Program Files\7-Zip\7-zip.chm.exe

Filesize
197KB

MD5
db86d0a823846a5ec82fc424be50b775

SHA1
99c4a7f90507befba5e7a5f4d26c10cbedab685a

SHA256
1f903c5edf1a6881170fb2274604766b60194d7b703ce495f732b4f61dac7fe7

SHA512
77b58105aae4e53bf0863c520bfb2cafe737f9db03f6176f878c8d32bb439a45edf0a25c282dc8d1a2ec18ee2f193de13dcf12e0235a9764d816f4becf049a31

Download Submit
C:\Program Files\7-Zip\7-zip32.dll.tmp

Filesize
12KB

MD5
5b7a3cd76ce32e54144493c75053f6cc

SHA1
40c5b2047c0e6fef1c71792862cefa38d86064b2

SHA256
c6e9ccbf0cd27a0778f3bc9ee234c54b167cdcd49c0660492f773c20a891bee3

SHA512
f28871bb6125c6d6a46fa0f0779cdf7b6d57295ee6ca7093af7c0849d8d42ee75974c3dfe826f731dd290303124cdd46d6f8b7b98ef2bca5355ff441bed91416

Download Submit
C:\Program Files\7-Zip\7z.dll.tmp

Filesize
1.8MB

MD5
8f53be8f137a3923f61daa871cef7f83

SHA1
4cf2549212c646c2fb585e940e699fed6220a207

SHA256
55b24033f1a8fa3a4b6409c4940824b402f4e0118390cc375526a5d0c0edaae3

SHA512
93da071ca8dff6aaf255788d3f7b481ac45d37d371cda6b09cb12fa439f0a1d5c510174750dffd050fccae2296351b3aba94aea0531337d44faaa9621c1798ea

Download Submit
C:\Program Files\7-Zip\7z.exe.tmp

Filesize
92KB

MD5
1b9692c9bade478d2d493445c4063bbd

SHA1
5b2fefa9f477a883e94c353c64419eb2d271b470

SHA256
07ed19429ff59d114bc2dd23a4f69bb9bd9e208ec7fc184c1da5284fe4208137

SHA512
7dd019739582432d06f12f25a14e12d66da6385d394dbabbb19f0e8cdd191803cbea54e07158a779a17c47632294efa2474a0f03dee6bb6d4861c67cf036fb6e

Download Submit
C:\Program Files\7-Zip\7zCon.sfx.tmp

Filesize
273KB

MD5
074c5bd1c122a0f79fdab8e57978403b

SHA1
5a3d3d8306bfc41f35013c6d598024a993e80353

SHA256
f9db17c447c45d734ef45987cee62f6a622bf216aa4d0656fea42a35953817c3

SHA512
640a1e873c50823ab61da95e691b5e2c4ca6a593d05a717991aaaecd9a63c9bfeb53eba6bcb22f24d6acbdb7325ea53415c6adb1eb850b46812e723e6e853227

Download Submit
C:\Program Files\7-Zip\7zFM.exe.tmp

Filesize
1015KB

MD5
fdb952b2d532dd7fccb4f640e00cabaa

SHA1
53f89fa628a548eb05fe191b1afff515f9f9d440

SHA256
edd154867c0db199f68a8987bbd27704deb968b8f96329f0bd5e323ad6d1db3a

SHA512
b9f14473a60907b9fdd1935aa047e3e93658764377aa44fabf63fbeb46da2b8271ba986d8cbf3d54a839f91abdd1a5eaa615b25d8161db50c6fe552b82a4f2f2

Download Submit
C:\Program Files\7-Zip\7zG.exe.tmp

Filesize
768KB

MD5
974c8b032c3c9e49d5bcd48682a21dea

SHA1
3c2aca3a337afc3dc8ae5eda22d58cd351f98fe2

SHA256
35dd444a881be5e9e39fe0729892af8c45fe2af024d265a9c921345992badf87

SHA512
4af147b10e8f01c9eb32af6b926b0d504037f85c55d289de42f081baa581931edafbf29675c37736364044744596ef61d518d60930deccc193fb18c17cc9251a

Download Submit
C:\Program Files\7-Zip\History.txt.tmp

Filesize
133KB

MD5
39bc60e0a53e5cfc9f1d587794a50908

SHA1
0c84719afb4986e0665086402466a9c36d1d8639

SHA256
5fadef38c999709889a4f0af03c4f626f4c8126604005283c6c7d44fcdc07ccf

SHA512
1cb3204fce52761767628ccb025b95e3c3cdd8aa98f337aece4e166b2fcf38e0eb592d29c4c460fdba98b81adf63edc0f13bc5f700991b9c5ad45a181a405fc3

Download Submit
C:\Program Files\7-Zip\Lang\af.txt.tmp

Filesize
94KB

MD5
63959d1399d1751492abc4c0a8fdc226

SHA1
e09b2924ad433d939fecfcac0b8fa59016be37ee

SHA256
11710aa502141552fb9daa4166632a77002b60427655c08101b140a6db8eee49

SHA512
f2b90ff8acda7b1a05227db3e7415b673e1a517aae7980e62ba1fd807ed58e8e5361cbd9b809017e59cdb234877219049ffd5cb8fc9d7335fe6c0c8f6cfe7e3c

Download Submit
C:\Program Files\7-Zip\Lang\ar.txt.tmp

Filesize
89KB

MD5
8410981f20f14797e0258109a4d07b73

SHA1
797d2705859d1525ce7e7215af7629f89205c55b

SHA256
f7831b8e056d693d8a62d763defc744b9c2b6a0e5a348dacd91197ae0a1fb93f

SHA512
c7cd838c49ad7d6f593b60f612051ccf6ab9a3e9690a7a119af46af54ecb8a130c480b1c3c37e7d0394f011d209f73bfba2a59e3a8c98b6319c3c59bb1b11826

Download Submit
C:\Program Files\7-Zip\Lang\ast.txt.tmp

Filesize
84KB

MD5
916a3731053c9f5f3edf308272a20adc

SHA1
d3441be403af9d4bdcc5b18aca3337b708190d31

SHA256
953ddb345515e266c0ac1d34e8e27b4b3027bfa19d62b56dd9a84428ad4d10dd

SHA512
73edb171278ae14072a8a49d1e7f2835212decc4a6e003743b18073ddc00b9b2da983f28e09e6836f869245c036d7e99701a2dfed8082125abb1bf6537aed0d9

Download Submit
C:\Program Files\7-Zip\Lang\bg.txt.tmp

Filesize
89KB

MD5
c0ce42b97c4658ae6fc9c5521030f70b

SHA1
5f789ad2328e2c876e05be936b6db68171925c26

SHA256
fbb07fe6c7fae21eac73cef8309e6355b8125a89c9a96505522331b4c8b00482

SHA512
942ea85bf75f8be738cb16b386492b2c34e0c32853444edb35150f59fe2953f5b31c72315b2ac4806f4dc26a63808d5764d2be286d3898a4fe1da7da6a8c973a

Download Submit
C:\Program Files\7-Zip\Lang\cs.txt.tmp

Filesize
85KB

MD5
d284d5c75fb50bc96fd2351eeb04ffdc

SHA1
9c25e834845c691ca465a6a99fa556e1cf5d3f1c

SHA256
1b9e45b3050672e50b5eaeedfef6e90b763a65f1f5993acb8ad64b1e9b19fe93

SHA512
27c6590b9e02b074abdac97af972c117243f6693bb3d23f53014471bb09becb3dfc505fac196fe408f48da7ebcffbfb60e4e06b928416ebbdf85d33d5c1082e6

Download Submit
C:\Program Files\7-Zip\Lang\el.txt.tmp

Filesize
93KB

MD5
5a01a349152f4fac9370dc083286a431

SHA1
abffeb5b703388bb35da3111864ce1a29df6f9b2

SHA256
d9fc658accad3576c0afee886a4906c30e1f212157b3b4b4eee26b8a4dffecc4

SHA512
14db67eb88d268663096ae8b57135e25ae6a8a66cac1018f3b58012589d942393d4cc410e13dfc31018030e0c7595a3636ab365a7801ce2c438fc09cc1564eee

Download Submit
C:\Program Files\7-Zip\Lang\et.txt.tmp

Filesize
91KB

MD5
44596adf3906779a2c8054a7b4504bda

SHA1
d5fa2d452a988505b1e8fb8019806b806eb26ace

SHA256
9a20dd49a3d23f379d869936629132aee096f0f57e90ca9ffac40a2777c59fbf

SHA512
ca13d1daa6532cc6df88aa2bebcce545a2eaa269b35f57470d8f54455bf26cac0fc3e3ee0f9fab96c744ca827680390a72ecc7ad3966cf05cbe1969c329ef822

Download Submit
C:\Program Files\7-Zip\Lang\eu.txt.tmp

Filesize
85KB

MD5
4fbaa01de6fd5633b2c280ff93e0eff7

SHA1
0ad0d1d02985bc426bedd0034a8f7dd1bb06bb51

SHA256
b95cba0e131a5479b918258dedbec3ea71869e6937dcfd947939edfeec38069d

SHA512
bb99e08eaac78d3c23367d0642505932a6c695c830b2d4a2d38df75a4a2afa07a5ab9b493039fbc0f6c74f87642aaaa4d05ebf996d9bf3c900749bbb593b3cd0

Download Submit
C:\Program Files\7-Zip\Lang\ext.txt.tmp

Filesize
92KB

MD5
8d8f57240c3f270005b0677661f98d5a

SHA1
0fd8805073adc2e7aa54388a53f6e4ad1c39d101

SHA256
7cc68fa9775b7cb7c2a479c260dad4c8d684a9a02ae251137bda4f6cdef3af33

SHA512
9d5521f55ec584bfe8d2fa0816213be10c49003037a58df1df50557c882eb06a6506a44cf74249cfc16bc4238ceadd2698a5126531ecc403ede4f49d804c5f51

Download Submit
C:\Program Files\7-Zip\Lang\fa.txt.tmp

Filesize
98KB

MD5
ffd313df39ad56c9f04d4f63c9adf6a5

SHA1
07d0b25fddf2c53cd9fea7a0b361da96aa2d7a9c

SHA256
01f856f9ffc3759fa388e22929c31bc4e858a4fddc38c66fd0d051ab9c23afd4

SHA512
b823ec58ce7b738f0ad5ea7b9a3199a7c7028a887b95177e44bad55422cfbb0c701d4e4bc7d612688568a674c4569754ce93ac2e0c62e4af37234d165bd04f06

Download Submit
C:\Program Files\7-Zip\Lang\fr.txt.tmp

Filesize
94KB

MD5
0e675c8896ff1bf7a38c545a7408def4

SHA1
67174c3b0506c83e7453fcd821b98fb555345404

SHA256
0cf9a55f80d8a38a01af6e0ecd32058b8e65a7b37d60e7a39843c866a1d683fc

SHA512
6a19b1c0b192def2a83df222f9b9e6e1d3f6292921ca84f190c4f759dc5d397e802f5fb8dfb4e5af3bd87391e6ad66247e10e268b9bc605fb0f10b29831fc762

Download Submit
C:\Program Files\7-Zip\Lang\fur.txt.tmp

Filesize
92KB

MD5
e671eaca7bd32a7111013b63c9e85f2a

SHA1
41f11c9f8d732d187a6a8e37ee562c9dc9690a69

SHA256
0e68675a74831909a28f90d6a8dd59fc01c43f0427cb74d685a15c78d4c30f2a

SHA512
0b99c553d6be7138c6dde02f41719fd157a3a40ae600ec235e7a55aac05bf887f6e10490a1dbb379b04221ae4b4c6e946c3a474d72547d88f74f8eada1f430d5

Download Submit
C:\Program Files\7-Zip\Lang\fy.txt.tmp

Filesize
91KB

MD5
29788b1ea91f958770adda4711f75b42

SHA1
793ef8f8416e1fc3f12e4a32b7a56cc8b90ad4d6

SHA256
b538729834bcc885dd0465b31c7b357fc56dbe11164984c5d249e0c810bd9146

SHA512
7e0bb674c65bcf600a69fced994d78ab4bb15f164b80c9a0b63b554b902acce46f1a1f68cb698071d27f571fe7ee03aa622e6e430f650f55a7639385c905cf5e

Download Submit
C:\Program Files\7-Zip\Lang\gl.txt.tmp

Filesize
94KB

MD5
7d22eeb94e7d6d871eefa59cf978c261

SHA1
27a4bf60936fb85621561660ba8b5b7bfa5a027e

SHA256
7d054ed1ed099dbf4493ff9cc998afcace058ca3c9e6075d02e5a430c0b7b638

SHA512
a933bc25d60fa8e6fe5d135c7ebe38b59e68a8fc8b8c4c17f10d88b921188bdb8fdff82d7c30d243d2ba063969359268e0d2aa9c2e5658c0127f8e8ad33c8d3f

Download Submit
C:\Program Files\7-Zip\Lang\gu.txt.tmp

Filesize
94KB

MD5
53bef2d1770eaf1da64c27c7de00f6b2

SHA1
6a618ab5d3a2e1cdbd89515b292a05ba0aa418b4

SHA256
5b34c8848bf117b79a7a23a73b062689076759c7761101da9010d231b3bbea47

SHA512
5c5debe676a667ac48fc0bb26c06b25e810c10e8c5ac134eed6ccfc8e7f09c3181c6001147d8a2f3647ed302278c42b553cb11021e233e0cbe9377791838d8f2

Download Submit
C:\Program Files\7-Zip\Lang\he.txt.tmp

Filesize
88KB

MD5
b7f402a012604fc4961f0d471cba830d

SHA1
9d15d8b4434c0c8251e6813d4f62da1a6726bb83

SHA256
8b7c187d8690a65d25c348524ec20905bdd641ddc1610b961f07fd93d1b12a18

SHA512
c7655c26dd330eefc7fc13b5c2eacc570f71c5260dd92f52b100309b26597890b6ba222d92e32990ee96e9cf73fc4710a4f9253b94f18ebfac8d30970b78fe87

Download Submit
C:\Program Files\7-Zip\Lang\hr.txt.tmp

Filesize
85KB

MD5
06a79f22e3e389bfe0225dad6ee602e6

SHA1
66db71f831d1a15b3785e35bd88f75ce7bdef956

SHA256
3faffe1c89647f48bb5897da7f433f7a554989256ac2eefeabc82cd798c12688

SHA512
331ef305d9b1af29da71e41c0ceb6439fddb4d44c5fc1c0f90e144091bbe4bea75bd6b3e63c30137cf8234db899eaf46ade47758c6fe4bd87293708859dc7901

Download Submit
C:\Program Files\7-Zip\Lang\hu.txt.tmp

Filesize
86KB

MD5
9eef894c8cc0331ea1d3fac96c27548e

SHA1
434ee7ca004b78657a62be881df1fd4aa29ec88f

SHA256
f417106459c5dfe96b1c668be70d56fe808a0189e4ca720e1243fcc1b1824c74

SHA512
1d0ba712496e5ebe6d274745aba347ea8f53ccaa5e1531b08ce2f3f95659219e75f62092422ce816312db55c583c05ac7f964addf502c9bf4df424c2c263d811

Download Submit
C:\Program Files\7-Zip\Lang\hy.txt.tmp

Filesize
90KB

MD5
addb7bf17d4f64618bcaea6972a97635

SHA1
17f10d810abfa56f8da4a446b63d3de1ad0dc625

SHA256
88217793123637cd8c7d37acec18eec286fc32aba300c917d8cd01438ba3ecb3

SHA512
b9e1c622aabdb9419a42e5e2d489a5865b4dcb1ea30c5880f0f164ada66c8c93c8a8b291a813a8c606f22ac8dd91b128f11f611bd62f06b9fb34ff9379853203

Download Submit
C:\Program Files\7-Zip\Lang\id.txt.tmp

Filesize
85KB

MD5
fef16d83028c6ae9c99f14df37808608

SHA1
88272232719394427a4f0bc1128d235187310003

SHA256
413a35e72bc1e2ead91d995499aa4daadb2c47a835c14c29486a145ca95eca79

SHA512
070178904e15f422e9f6457c0f6a361043cea8a81b3317df349150000084aaebdb4f09a6c48f1d08e34ba52124225ed48df66cf020eb86bc48c8fb343d55af63

Download Submit
C:\Program Files\7-Zip\Lang\io.txt.tmp

Filesize
94KB

MD5
727dc41998b041eb01363bc6a16dbfc6

SHA1
2033d4372d605311d449025c5af41fa9b830122b

SHA256
0db68e86221b1a6eb7478e1890ba5341aadc3bcc7f5f2b77a512a557fa418c89

SHA512
67cf8e8339a221911deb3b9b0435b17a240a983c826d80544ca5f77447b16ecb10d1820e85d2df864c4da55ddb285d8cc6a0dc19e1937b06e3b54c46ea44cc29

Download Submit
C:\Program Files\7-Zip\Lang\is.txt.tmp

Filesize
93KB

MD5
9bc60ead4ff2bce08aa351e7854464bc

SHA1
3c882b6222d87a07ae0800778f9cd26f842bf84a

SHA256
fb2a0103906d7c2fd63df0b29b4d853e551d7e30069ad5a1898642c11b71ba48

SHA512
3e96fc4565faefeabd18bfeb3d7816b31120d1c6dfede66f97ab0906d5990eb46b04d2d922740d11b354c761e1dc5bc48ef8fa3481584b63b17d383a1aa7051f

Download Submit
C:\Program Files\7-Zip\Lang\it.txt.tmp

Filesize
94KB

MD5
0af2c2815874c53094300dcd20260e4b

SHA1
9539a168b3577445850dc3d642129e7a64ef5912

SHA256
e8baefae53568294b2ad198a464363fc82da293a1b1e28a4b1fb1769e463b68c

SHA512
d526a23828c46ab8cb3a2db8ecfeed54ddda1ffab0bacca520618be1cab65e99508d3a32054044395c5e6375649588d6bc97c03c2a637cc9b5bad0205ed74f5c

Download Submit
C:\Program Files\7-Zip\Lang\ka.txt.tmp

Filesize
102KB

MD5
7da1f9d853fd66deece21f0607735f4f

SHA1
18789ea157a5f548e5b955758d3d89456dda5123

SHA256
108f42f8179f2db1df8b2ba3d210407fe56db94c93d280e0cfc369ef3917c296

SHA512
3dfc857ca417035873a5ec42edf5cfd6846d603d33851a76e3ea1472e6c09790e8ee3e706df1590bb2d61084a41ac8653aa848e7ebc65c6d5e87c0d861335c34

Download Submit
C:\Program Files\7-Zip\Lang\kaa.txt.tmp

Filesize
84KB

MD5
f9041458a9790b39614ce85647b58f13

SHA1
6ca23ca41fb5e8774d775dd295fffc059e97f27a

SHA256
69c771917aeece76e814d32b199373738b1769f742e84d2b3bb20fe2b497e51a

SHA512
3bdc4931e3156f3e1d4a66c3b3061fcff2034c260f9463349e922ef292d12bddcf30ac35c252f6111420a11feacf80fa46077682d67030b29451118f61f1818e

Download Submit
C:\Program Files\7-Zip\Lang\ku-ckb.txt.tmp

Filesize
97KB

MD5
9fff487d7dc4cd3adf7ae7eb63642bad

SHA1
0ff0d63a961a4067665800b4af8e6d21aa4755d5

SHA256
b3400c10c16b7c4af512cd4f16081963bd0845763d734678e0242777a6dfb44c

SHA512
64e0b0acd2f4e3e9da2f535a27cfae7b34c36fa8758c35acfbef54e14b0d71d6751135c5844bd93fcb0fac6f4b7bc8047f852d4c782d82201b44f2aa9b0a79fe

Download Submit
C:\Program Files\7-Zip\Lang\ky.txt.tmp

Filesize
97KB

MD5
faba6e68b9656147e47c4737cc5439cd

SHA1
3e83d68dabb78af749dadb0e7eb0b956f3ca356b

SHA256
4c5dcb3c2ad91239e586f917c85d401eb3bdaef66e80adac49a3ad73547742b3

SHA512
3145e193cf4f3c6e74671bbcc85bda8b3e631f79309225feb0253ce963688adb9fb4d542a155b33d7b8eba5257b24369e20775e9245497d99d3069eb5ba85960

Download Submit
C:\Program Files\7-Zip\Lang\lt.txt.tmp

Filesize
86KB

MD5
1b6aeeb70a25e019b1cd57a0f41003c5

SHA1
d9a3b1cdd84bf7f75851e875a6cee3ef0f07859e

SHA256
e9745bc94871f3c6bf3dced48c82ee24658e0a2ad3718f3d2f840c40d5489493

SHA512
1a285686501c973dfa94bf224a8eb020e2e4157453bb663b532b010562fa4c6c574eea4b7d3bc98936ce69f3b06f1344c01e8ca3913f7590f040e3fc02083c8a

Download Submit
C:\Program Files\7-Zip\Lang\lv.txt.tmp

Filesize
84KB

MD5
4bfcbbb59415f9d7a4c68f9a1f7be26c

SHA1
24f0bf85f8e4aff3c5b5c7dcd245f378d35834fb

SHA256
3d052ca5042fe3451aea7043275432eef1558f3c6c45ed3ade3af82b11cb5daa

SHA512
e85fcfbcf032d46f3fe7997de4470f8f9d28ab31d4a07e03728419d1c2ff171837c81c1b4d083378b14ad3548f127f3e1fae3fd16cc2fd3021d208e2607c155d

Download Submit
C:\Program Files\7-Zip\Lang\mk.txt.tmp

Filesize
84KB

MD5
9cdf7d5c680ab1c37ba66761ec0824fe

SHA1
72b5fe956e215dbf9f09f27c73869c2ae13415d4

SHA256
da49224833f64fcea10bef3833e0dd7027b5866cdd8f5041d5d80d30c505059e

SHA512
6752886ecca3c88884c8c17f5f60b142f548fda956d31a10186d6525bd674c81e9df70acb0cf2af56d1f810952be68979918990dbb2662108ec730b1e2e36e84

Download Submit
C:\Program Files\7-Zip\Lang\mn.txt.tmp

Filesize
93KB

MD5
81d3839191c7b08284af9de6337751bb

SHA1
7df6df68f622dfab8bd403f9848f54442a9deea3

SHA256
3075bed3e29b8d56382afc9880ef24b7e062e39fef1b6c4f5e21b9ab6b1fe259

SHA512
f65f71ca33eda404a032cdfa00a6378e3211c843de383a3b7014d524f4533969a80e24009fa15f65ca5ba1fbe8941eed462920c159af65b3bdcfba480b27d59b

Download Submit
C:\Program Files\7-Zip\Lang\mng.txt.tmp

Filesize
104KB

MD5
5d5bb9b8f0c42e00b55da6b4896dcca0

SHA1
358bea82cde4f1b25a09fe07eb6ddb415da3a7b1

SHA256
10dce185d1b1290702252a0389ea0e4023d3b2a076ef1dc2145a7f523bccf60a

SHA512
d4f066d4bd5f96c86933b156c1b9dccc188f980a6a845a920964ff8a573bc54852fa4618b6f1a715120b72f34c4059108044e0712f21d783b57a1b7b636d5d9f

Download Submit
C:\Program Files\7-Zip\Lang\mng2.txt.tmp

Filesize
106KB

MD5
6027b32ee020ae8be6ca38523b7f40e9

SHA1
dd6ed2c909b8c6f4aaa1a568defded8252afcc15

SHA256
c48a0062d2b6c645846b9abc6732a62f2fe8bca2849735ccbeb2ce09a754916f

SHA512
7976b4ba61e0a2c7342dd0c830a9190097d9502b1844cbb3d5620efbe651c5241e44ef0550a00256edbf9ce6daece140e04ebb5d6e94c25f99f8d5bc0ac9f370

Download Submit
C:\Program Files\7-Zip\Lang\mr.txt.tmp

Filesize
87KB

MD5
fe1eec6c2b412101a3a9e06c4e975804

SHA1
38c224351ca727bea42ceb7898bebb47c296b46b

SHA256
9e6caf1b96b71fcd2f052e4c599227e47a1ccebee9530bf671405fd5e04a23cb

SHA512
c61403bcd5fb99e54cb287c59fc70ef66deea1866b939decb54179cb7d805e33b282f95a1b2bd68357f0b60633606489e8f30e4b24cb90280bdad1d5606cd589

Download Submit
C:\Program Files\7-Zip\Lang\nb.txt.tmp

Filesize
90KB

MD5
5e4b1763268aa73cf9b821c9e92f6562

SHA1
cfd1b7947886430e8c113d22d22ffbe93d603339

SHA256
87bd0fc43d1e4c0e0a2fb9019b2cff57033be228a202a15ceafefcf2c5661237

SHA512
fa161c61b01ded7427da19d4dc2dee42884405aaddf6079a56a2574c04dbc194fba6ba91c2e33c9f763e7db73575db3a0079d043d6cada225c6e99c678968886

Download Submit
C:\Program Files\7-Zip\Lang\nl.txt.tmp

Filesize
94KB

MD5
bb8e3cf698904f31b8589b16471a488e

SHA1
ed6e188ad6d6231a48789a136ba3d187e88d918a

SHA256
ba4f5fde2b2263d5a0644e67f246f3c1446e26fb21a308412d95e6129e38f1f6

SHA512
c4619b374fb98f5935b643cf7ed1061ffac080c2c94924fb1ea7055a600ae52d24f0f952d2580e623f2ca37e509f55ea644b9ee97365be28f140a98bc528558a

Download Submit
C:\Program Files\7-Zip\Lang\pa-in.txt.tmp

Filesize
99KB

MD5
f88392f8d48eaaea37c65e67e8d733f7

SHA1
3786d4dfbcd3a1ac9f4f593485fca18f629b3e6a

SHA256
248c43a10a2e62e37ea80b879bf46c8351e415ae1e559717494c5dcbee8faaf7

SHA512
a9f9ca8cbeaf249f8840086721f70e4386cad9eb561103b618f25a2616c23f8b91ce42368042394cec3934dc8d9a3a89abba337ba37f52f0db359787463b4d84

Download Submit
C:\Program Files\7-Zip\Lang\pl.txt.tmp

Filesize
94KB

MD5
2aef4bd999c470bf8fb2f8c7e51b0338

SHA1
81f90bc9e660698af8b8c7da3e8c79775bd5c702

SHA256
65a9ada78d834707be7fc1e71307bcd27393a70e8be142a1eae9b9132cfb32b4

SHA512
aa96587c6152d8e091ebe4985529fccfb930559b162e68e5a91aab24038a778cf11fff77029e13183ab9bec1aa2b707ace335b884c4f0e7711c790d2770a394a

Download Submit
C:\Program Files\7-Zip\Lang\ps.txt.tmp

Filesize
93KB

MD5
1b78952402d2df3cfa61943b295c70d6

SHA1
956f113ad017b1417197107372a0c7f2357aab0d

SHA256
1bb5fcf261ccf379713e3f3829a118680a00a3d73d775be03e422844178a72cc

SHA512
9711e822d4939a34751ba38b7e38b81b414ee07a0b3516aedc2c3ec1c02c1a2e55db3233a2749e471b0b68ca2ca37cf5c5a26cf698ad9c7e73fde9c0e75e38a7

Download Submit
C:\Program Files\7-Zip\Lang\pt-br.txt.tmp

Filesize
86KB

MD5
931c6aa217ca715367d7d0cbdff52c70

SHA1
f2241954e1d5af22b1c7ceace2c7878dda7f4d72

SHA256
5eb5e046eb681eebaa85733bcec317c6796eff9d6a1e4c669c824fe1f44fcbb5

SHA512
285698ec18a728bd699ad94667960be8ef9caf8ec91b3e11a163ef13df73789d1ebd2e21d6e4cd3953835d37ee42eadedc35263668166bba2ca9f67357015547

Download Submit
C:\Program Files\7-Zip\Lang\pt.txt.tmp

Filesize
86KB

MD5
9d1981f0540268190dc1caf8adf930b1

SHA1
9590a4213c2b6d897d818277783b6bfbacbef907

SHA256
667ef3220f6cd18a83dbfd4c6b4067d0984acb9a3fc6d155e62b3af28497b44a

SHA512
2962e419a7b9eb96d3e207b540cd96adc86de71fbed1fe9988c2c01d494848c6855c9cd20389b2485102cfa83109f8326c8fcb941f1dd527803a21dadae204fa

Download Submit
C:\Program Files\7-Zip\Lang\ro.txt.tmp

Filesize
84KB

MD5
0ad989dedce25594380c8a7bb905490d

SHA1
0ea116e7f6fa00adaa7e13e9c8ec40645ccb7074

SHA256
43ba39e06853072de3702885ffd95b9a780b94a503b21a1424363246c5ba18ac

SHA512
3e37bc0f67c9239b85c1405bc04eccbc4b2ed7558c1acc8c711af90dc702ebed4346c26de920084333d28efaaa05800b4d1eaa12ca244b9350f6147875d00c42

Download Submit
C:\Program Files\7-Zip\Lang\sa.txt.tmp

Filesize
95KB

MD5
925cd290ca777f0e4a823a18a90a63e1

SHA1
39e144fe1760951bb9b5e37eae273bfff02bb950

SHA256
b8c6bccab19a21d97ac2e78a783ce093e167ef4e4c9ef2e053c81dbce6bf50ae

SHA512
e04f647a1b31a5139b4936914730df88145569118f8c0db45a8a619e81a826e52f814f1756e6cf90a445c9cce1c4ec712f9b97ff20b613b5f5cf7feff240c78e

Download Submit
C:\Program Files\7-Zip\Lang\si.txt.tmp

Filesize
95KB

MD5
41452809d4187cad30f8c4c3cd46a751

SHA1
ea5d40444a7874182062b86c8978dabc848d189f

SHA256
b4bd944e151ce8d0e55e09e06ae2acdec5e911ea6b428af8a5f4f4cd781059f3

SHA512
64a238ce7421d0e7f34188ebddf14f9ca58f829b28178229e53f0e8997ac3033fddf462f3055229c646be140b0fa0dab1a3a8c0331efa1e18117eb2935a9bde7

Download Submit
C:\Program Files\7-Zip\Lang\sk.txt.tmp

Filesize
86KB

MD5
78bb653e89b53f648292b311cdb7a44a

SHA1
e7a6d661c7b5a6be31e9a7d49c546dd8d1412b72

SHA256
b7bbd6f7e5533c3ebec9e5403394fcddd359500d9f6e124cecc13498126ad9cc

SHA512
f5074a1e4d07ca881ab37a10d8f4fe15f8fe5ca38883280286b2ec7d067d168c6b1f27ce550860d355a4a2d5a437aa52172707dabc21c57fa758f56081a2dd9b

Download Submit
C:\Program Files\7-Zip\Lang\sq.txt.tmp

Filesize
84KB

MD5
747bdf9fbd914577ccb53d9825e4b683

SHA1
30abc8d9f25b9ea77ae0fdd8ad9407895614e977

SHA256
4147873477a472884a50fb0f28ba37b0249c34e61ccacb933ca30d81c34ddff6

SHA512
3408997287d9f5f7b514fc5f1a6ec13c54de9fbece4f961176d36443de696b9c74a77859169961c283227d9dbc81ee6bf37b551d60a88b38b74a0e620335a863

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-util-l1-1-0.dll.tmp

Filesize
88KB

MD5
e30a376ca97ccfdb469c6a488c7a2dfe

SHA1
5a6156d6953e094d3797f81bcaa746f263af6bb6

SHA256
e7669fbf1d88a8272d8e945dcf9c08c3465bb71b3d7653d1895c561ec4adac9d

SHA512
332473ad492068147309950df4c7330240987777f4fbb30030a5910e11e56e463d2c29ca6e3c7a8676d5e38093d8bd6e23637f4cc308895c0ffafbacfb77bf87

Download Submit
C:\Users\Admin\AppData\Local\Temp\_UpdateSessionOrchestration.027.etl.exe

Filesize
84KB

MD5
a58569823829f0d58bb65389ae220c1b

SHA1
a4c930e46927fd60469a0fb55238706bb38570f6

SHA256
fbdede1500f4ad6e454fca0d7a3dba998f41b4446855d143378bf1084276f167

SHA512
057a1e0a09bce5364d1ae8443e9be26d257aadaa68092db1240caf0ed5f519efa58bf8f4eecbed6c702f46581ed4de71dccf842b13ba06729c7d4fd74e9623b7

Download Submit
C:\Windows\SysWOW64\Zombie.exe

Filesize
76KB

MD5
1a917bf7cb2956bcb0078f8eebca07e5

SHA1
ac75c9d7ab3d63c40fa4a82bfa132e4ef6f2ec39

SHA256
afe6e5c443b0bf5f5336accd12dfdff2833fa4f8ab13e8796a238ae98aa1b8f3

SHA512
6bac027607eaa2a9b6a51158473ce59fdd5259f8fff4ef5c9cd84d1b1d107e377eb308587e633f10d17f404d7028de35d0b5e1a377df0074e302f01830d65d4a

Download Submit