hxxps://cdn[.]discordapp[.]com/attachments/1264112042009301067/1264112080349302824/GTAHax[.]exe?ex=66b2705e&is=66b11ede&hm=0ff59756205b423ac0cf3ccbc79ee853a93d5c9c4ffacd146c56ced2cc808815&

Analysis

max time kernel
28s
max time network
5s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2024, 23:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1264112042009301067/1264112080349302824/GTAHax.exe?ex=66b2705e&is=66b11ede&hm=0ff59756205b423ac0cf3ccbc79ee853a93d5c9c4ffacd146c56ced2cc808815&

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 3 IoCs

pid	Process
4360	GTAHax.exe
3832	GTAHax.exe
1456	GTAHax.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673759772942041"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe

Suspicious use of AdjustPrivilegeToken 56 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3796 wrote to memory of 2864	3796	chrome.exe	84
PID 3796 wrote to memory of 2864	3796	chrome.exe	84
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 3408	3796	chrome.exe	85
PID 3796 wrote to memory of 2788	3796	chrome.exe	86
PID 3796 wrote to memory of 2788	3796	chrome.exe	86
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87
PID 3796 wrote to memory of 3984	3796	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1264112042009301067/1264112080349302824/GTAHax.exe?ex=66b2705e&is=66b11ede&hm=0ff59756205b423ac0cf3ccbc79ee853a93d5c9c4ffacd146c56ced2cc808815&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb973fcc40,0x7ffb973fcc4c,0x7ffb973fcc58
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2016,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2012 /prefetch:2
  2⤵
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1836,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2120 /prefetch:3
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2092,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2280 /prefetch:8
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5004,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5064 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5080,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5116 /prefetch:8
  2⤵
  PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5128,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5280 /prefetch:8
  2⤵
  PID:612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3624,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5460,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5436 /prefetch:8
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4580,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5744 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4108,i,1357181436701761067,17560374468065381098,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  PID:4848
- C:\Users\Admin\Downloads\GTAHax.exe
  "C:\Users\Admin\Downloads\GTAHax.exe"
  2⤵
  - Executes dropped EXE
  PID:4360

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:808

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3744

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2256

C:\Users\Admin\Downloads\GTAHax.exe
"C:\Users\Admin\Downloads\GTAHax.exe"
1⤵
- Executes dropped EXE
PID:3832

C:\Users\Admin\Downloads\GTAHax.exe
"C:\Users\Admin\Downloads\GTAHax.exe"
1⤵
- Executes dropped EXE
PID:1456

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
99KB

MD5
487121ca9ff85282da40f76d54c2443e

SHA1
459ec8d604a1a7086d7590fe1c4fadff4b561a29

SHA256
48db80282dbdecae8d9a3b6ec60006d08b8e43b6e35f319b34a011c953f2efb1

SHA512
e9e811efb11b09c8a3e2c79d39271efa8e59d2096f403fc311ee3f53b39487275bcea3731530625aac9808171ce9760a3f156ab9793e71fb02ad30559d9a1195

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a2fd4c0b447b0dea45f42f3baf51ef2d

SHA1
f7a1615e04f1f07901b906a65aa30dedf0d6c2fb

SHA256
49ebce6335c58ae7e4b33552f82c33d61c222cd9a898440a279f3473ced60b95

SHA512
eded867ea950e3044d0310825a114f624bc9da59cb69293cf5cf53b0c50fda9344720db159a81b8b3fa2e7f90dfe5181d1f7b3f8e8c2020c20e3e3ceefb9b4a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
757d68c3c7139f238033863a47cda00d

SHA1
995ef21b6be386aadb38bb9de60ce5f8af16aa63

SHA256
5e6397cf0fe78c3c9d410cb4f4453431849d1deb24cb118ee6197d0834cb2a7a

SHA512
d9bd210bd1d2874ba9eb0f9e16c9392699664ae2c7cecc483b8012b0f5653094e20987a7ddbbe21ff33f35dcb17ef774b96205e40ccc2152f02fe65e72519a67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
51fa30092e4a2fee3044777b30f0555c

SHA1
a51cbb8bec103d1efce1054ca9426514c82da560

SHA256
6799cbe0732d5588a8be7d98c847c6b7d030b62295b5d3dc77b683769aec952f

SHA512
1eae1cbef88535428c176819717b53fef61077f13f29c59a37bf597200dd2e9fc1968bbfb400e3af88f84c17d3371893f2c0ccd731f4ab2deeac3beae064b173

Download Submit