hxxps://anpr[.]co[.]in/

Analysis

max time kernel
149s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
22/08/2024, 07:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://anpr.co.in/

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133687838644412800"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3736	chrome.exe
3736	chrome.exe
4956	chrome.exe
4956	chrome.exe
4956	chrome.exe
4956	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3736	chrome.exe
3736	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe
Token: SeShutdownPrivilege	3736	chrome.exe
Token: SeCreatePagefilePrivilege	3736	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe
3736	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3736 wrote to memory of 968	3736	chrome.exe	83
PID 3736 wrote to memory of 968	3736	chrome.exe	83
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4800	3736	chrome.exe	84
PID 3736 wrote to memory of 4648	3736	chrome.exe	85
PID 3736 wrote to memory of 4648	3736	chrome.exe	85
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86
PID 3736 wrote to memory of 3276	3736	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://anpr.co.in/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9da78cc40,0x7ff9da78cc4c,0x7ff9da78cc58
  2⤵
  PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2448 /prefetch:3
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2116,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:3276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4528,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4660 /prefetch:8
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4460,i,14961106541285553331,17122108202713753071,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4956

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2376

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3892

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
7aa31879fd25ee551a16cf139ea336c0

SHA1
8a8d7f9c8671e52e1aabb5369f3f5f165f7cacbc

SHA256
753bfe3376f69a9640374b4ba88cd2a809cf6d98b88ecc74513bb44358175873

SHA512
963493b125412f39dacb79cddf83e85a2e9c1ca7efaf438192389ed9a9d277242875fb3df229d0d4021ac4fc0be611c159233f24755c816afdb17e39da76cb03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6a0d37b2eaaa2ef9b0a3963ab985f89c

SHA1
a9838c82a6136724da06b1dbc03aafdc424ad502

SHA256
104d55248190d981f32173a92376143e44111eb5f5225ebb4289741be7326be4

SHA512
50e50461aae9989605d3f4ae41cf6de7a15e12f16d110f9ae5929190c58ead2ac2c395e803b89be6f5e2af2e23a4f2297598634d98ab1cdbcd9141be6b584584

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b740402100a6353d52cb8a1c915e3d83

SHA1
1f27ca38aa4ab72583a9c60c3f40fce13bd2ede0

SHA256
d9663011e55c13dd7f21b37b50f710f241d40a3c78b60a0f4a82a3923a26f3b3

SHA512
1a090ccb771de5ab49932dff651caed7203fe28aec8fff2bb3dc95489c479ea1214352b43a6ecb557a84636ac1d27512f76a9868525d8f62064963b188c94534

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7cb4a9e11ce30b2a090b32403f0284df

SHA1
b52c124482a8e992304e906fc267dd6d6de3e4f1

SHA256
71b152efcb12e5df72409329304979564b00b13fcbafb221e91b47f5b8cfa67a

SHA512
a9ed54368d89ae5c7e7af2e6939bc0162d2f4de0c535e8cf06414c57b165c4e4e11d38bf79cd5d59386f981bf1059988e0cb4e88f66dc175017f0a95ecf4f030

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
88e46127b4b603ea0cd48a6be241bbd0

SHA1
b487f5266026b8a6521c54e383273847ca34dd86

SHA256
c04064b3325a9222bfa9cb96d5b8e9ab72e8550c7242e3d28300f1849b42b1e5

SHA512
5dae82230a0c45050a70116bb33371dd252ba49dc1e2fe77f84197e4b7b413d5c0aa4a24a7d1dfc8ca739c3d46c6d90b5ee9d6d8da84800d68e6eccafa3547f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d02f8eb1ab056922e9493a044b2cca2d

SHA1
8555f4887f56567a2bd1adb8f5c78849d6dc141e

SHA256
2f67aac9b7bea7a1bd4eb85cabb697076f8067f75b6f75dba6a2a6fba7349c47

SHA512
652f0b3cc2046b58c7e208c73ce386e5f74123daca5e7407435dc2bf17c540fedf1184a65aa415f0e2051743bfcd85e9aa18fea7352fdbb6fe345a461bdfc49f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a247010b241b151262cb6c745731eb07

SHA1
16576e6ae2af5733b60acd0e62b2ca61662865a1

SHA256
1f10ed0084f80aea98bdab9677be86de1c7f39d83129422cff8f635aa62a8079

SHA512
37719b88f8ab4ded2dfdf33d9ee1d9d0a280878f53d60d07582292db0e5d92d57b51d656e67b4e66eb91b234ee0658a9304ed11b017d113dd26ad1e282115497

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
e7fb331729dfbb5519d622c55a52c9a7

SHA1
a65436c00c3875fca8dcfc9abba7f729f73fccf5

SHA256
5e3cfb9267e5c1ad5910731470241dd3fc1407eb7ddda51013692a10cd82df72

SHA512
c12afc1ac9960ce72f703a63096e4a7f4b56a1e038d1dacea9105e548e77f45ece70fae3ec31adf14272bca39957d447cdb2bbc3b14ead9cf2e3d17313339430

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
15c12282e66d4a6e449808eeebbaf23d

SHA1
ba81e04f1515e477107bbd2b25b6bbad7ea93e24

SHA256
3038bc83eb3d7c94052224c478346cb27a2a230cfb12c3cc644d824b8440a4ae

SHA512
0d4ba072260172626055c0af1863345d8d944e246989c2d586f4356c08cb76961b5b71c547783832a24b4ddd9aa07f952a45169b8c312ab2933fa9bf3c67f02f

Download Submit