2992e88b75e33aa2ec54ad512b856c902f9daca80dbbd6e3f376b95a73f08003

Analysis

max time kernel
134s
max time network
130s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25/09/2024, 16:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

$_48_/1.html
Size

321B
MD5

af99876e3a3ff3a6a5336d7acca9b828
SHA1

72874e2bd626622710eb89adf6f580a89c08ccaf
SHA256

352a8f94a36d8fdcf8005eceedd4cfb6c7f0de791a747fbaa14dff802dff17cd
SHA512

418799b21553ca94d606cdb05b9d0e437a4ba039f914fad7734f0492540a2af96329e08aded56d0e2ed54a4c71efccee441183ccd1786183e1a03f831b475b6a

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433442229"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000b3f2e35217c7175edad80559c0fa1cb84e3edde605179f06bb6ca14d8dc766e8000000000e800000000200002000000002fa7a4c04a432b8618e7bf952a4f68c64294953f64a44079a97973d3167166590000000c4b23059dae61f0896f7d36ea378a0aec913f821ac2277360f27ab10123a09793cdde5c501a9e335f9e2febe5384eb9abca2304ced82976c15f17be12c30f46aa0707352e4ecb75e23a6b389acd68d69dcf008b1ec26a55a40b6be21b67e5ac1c6245e539d019d91fa1b7f5c7b389ed7525cb70f01e2cb6e10f6a6bb2544d4c96ce991ac0013e8dcef27a6d7025c22e240000000abac7707bad490886870827105507123627ee4244942e8b0e7c983ccdfec9416bad8a15e3090ffd9a5e0bf06a74f3d33f3fb700d7382985ce98f68cfdd078c25	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0F3402A1-7B58-11EF-8673-F2BBDB1F0DCB} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 502e1ed6640fdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000967ec06ccb3f2b5264d885ba131906ae69b88526702513f4629cc9382ab4d99e000000000e8000000002000020000000328930c062c7b75aebf445c04574378215a9f90a3fed5a7c4fd79113eb2875c9200000008e4b9c0348d69ed43f7765178a58031ca1aae3da13165e4606f4688800475d5740000000d118ea715a3128e5c8ec43e945a059dc3f87cc846532e76f804c0c3fde6b90f0154d91dcd7880995d8b901a183b65c2412f060bf9c841d296049c4e89a0f6005	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2236	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2236	iexplore.exe
2236	iexplore.exe
1860	IEXPLORE.EXE
1860	IEXPLORE.EXE
1860	IEXPLORE.EXE
1860	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 1860	2236	iexplore.exe	30
PID 2236 wrote to memory of 1860	2236	iexplore.exe	30
PID 2236 wrote to memory of 1860	2236	iexplore.exe	30
PID 2236 wrote to memory of 1860	2236	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_48_\1.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f157319d8e608634fd1eb1d4ce08d728

SHA1
10fe146668cd81f235a819de81234dc3ba590ef1

SHA256
ae7c8c7cc5b58bd5397ea2e4a22f8849c1216721bc15e700fc4df408fba48241

SHA512
2c78bc10e41613ae59a173947fd7c88521b962e35bf6c7bc89f1c6861edba238ef4fef50d62230dd1be3f61db458130dc77d2597790fa4e65029ae0f35f859db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ca7ff410ab1874aaadc9dc469469445

SHA1
9ce76f0931f267dd5faa3b5fea16dd8f7cf043b4

SHA256
1deb767a6f772259781a0cb1f79b719411ab2b69d094961c296f2c21b0c82db5

SHA512
826f3f7a90d6de8810a983f32fbacd0bf02ccb1a3d03b6d87a7bd4d36c30e0516788370f00d343cc68a081bae56129306ef8fe1974b1c317ad5fc10c1840ff79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7705f4d589e659467377219ac6d43bed

SHA1
84d6bc5c5fb8e0089fc9f15d912342c604a2786e

SHA256
ffa71c26dbf367cb04a29f4f6fe67493e04a94fc2e9627101e00f67101123ff0

SHA512
fac61804342811dca62923561e5e9417c7cad279d298164e463e48c1baa5f277c4933136274b2417f400ed4e670516c8c85a884db4cbb785782303a368a06d6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cd999ea0130ce2c537a67127374e888f

SHA1
206d55e6a8071ed4273b62cd866ab8ba48b28e5d

SHA256
97108796b435eda8e7cabe03faaedd70eede05eae24e5ff585272133b100dcff

SHA512
295609f1333a242579e50c394b4ff97b754df9cba73576de4684c5ed48b105fd1823e44384cc0dd4babf6686ae8c5240510a9fda2779101fc9e084e74605ff11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b5e198898433c6928a02b93164663a1

SHA1
850c47a15f367ee0465d21e70e68c1e8bd81ed45

SHA256
6fd4f4b545b0d8be9021e65d0ec3fb90186e2a124de225b77d1d8962c133c8a6

SHA512
7d9592263aa9915375cd6762d9f12cc99ace9c767d3c828cf2bf9b7fe629762f3080de739400b39648eeb0b4f9f1418f02a7ad0fbe12543b9daa7c3218520ce7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b9efde353682e7727e6c78f949ee099

SHA1
15c6ac4bdc9c938c921c43286920117a69405bec

SHA256
9e76fcbbb8916059e2e6df01b2955790fc18a4ee8e826440b60aabcc0187f945

SHA512
f3efc5d31b264619d97da2ea3f1c082e7472a2c1b4721775d71bd63455f131631d1f1a7320d8bfba3884100642d9ee28a95155fd2ad932641fdd9ecdfbc14b18

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a70b741b956e96efaac24f16c490baeb

SHA1
ea20a651e5ac9169b150ed95dae6ed37631d2557

SHA256
5de8698cff90e82a32cb8870709feda0a77b9956536c4d7b297e0c1aec44b3cc

SHA512
9cf9ff4a61d4fb7cc86213decb5f496cf576af8ff7c381df2f04c9ca721e51507621a8ece040b271801e084d7c6d79aa69f288ce4ff226fed14eb0753331c011

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6792d7e6c6e222313e4af42fa574b183

SHA1
f0080bda81d371d69f3778a2fd22d0f79cb217eb

SHA256
79d4b5a25835a0cf82ae6e5823858a61870d38377665deb2305c0110658944a0

SHA512
eb6f3d22c32867799591c38afeafd83ede3e2cd6b8ef84e733d2fca6b0ab2b9be0713db057748d69c3c9514fad4b29a674e612937b947554c171198da34369b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
add95ea7b5a338eb3c7ff84e97d49ef6

SHA1
9dac9857ca7720076bc55c7cd4f5d6acc9022eeb

SHA256
b6fdd8f38feb7b72e4865362842dd8bba5f500a1fd6ad03d21440110f23e1f25

SHA512
4aeac1014c008a5fc8ba4170c84c17006c006f13bfed7637dbcff75264d5af944c76b7d39d0dd11f97d059e2f8c56932bdf768662baa2b33b6d8849049798ad9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc39df28d4be1f856b38887cf0012c05

SHA1
844073913052107b9b0c23e701fa69ce9eae44f2

SHA256
55edefff91f380b3293cf7166ee6c5c56c716f2c9deff3269a6f3c32f9465379

SHA512
7ceaa42274d6c7df4c69389189298729879b05146f94d2c62f789ef8b9a0191dd1f780f2100f10159def93ea441520bd1a1f0800dcdb48be38fb379d7ed31c63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1cd04196fc4ae02adf9ce16c1f6b9f14

SHA1
3354473fefe18431c8a69920005c89922683a1cb

SHA256
e1cce6c23518c4ace55fb7e10161d999e2d38438443423e7ae3a247954096379

SHA512
e7aa6868510f7e68aad709ab67fd9171ac61d7831c3604aae76e6799b7e79536aced0080afd91b064d0005b22fd6fe792c37c7c44dd5490937f462b9b20eefb1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1de00b3b650b4b5b00a5b38178fd8b86

SHA1
7cfd5d5f79c202710f0459389d7fa919a06d183c

SHA256
ec99f3173f4465e6ce75fccfb047be0c79eb37309e600a24e8f09d422c3975cc

SHA512
548f3fd60c2d0bdb65eb27d785f25e1845f9ff295b2e91384307127e0a0d0e1b4ffa1bd63f9f32126593dc0f8944a11bc3eba00a7ba9e54e99f0d2ca1c0170ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
95b020b1a28a020e4c8b7837902d29b7

SHA1
21b4102dfe66076e406596326fc83405ddaf8075

SHA256
d8fa74022f6ec7b363d8fe241d3cd9d03d82346f69b50b491c108d50b10b31ce

SHA512
76843ad00496da612057473b7bb70944f053ea3282458a762c6170ddfe9fba8170c2f980c44c156bf8de2e38076aa8a3ddce36754bcd9006fc7eeac8e0e82e96

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
69107d565ea451579f5ed31ae35b1112

SHA1
07c47ceb5d4dac8ac1b00e81f862854e545edd63

SHA256
18080891ff779bc25cdadbf2750e0bc2771ee64bf2dc4fdc3ef8986758c80352

SHA512
979e3a9907723c2e0c92eadd0db761070fcca14a47cc19df1890a3f25efc4953c1952c802cc22d6b60eee154ece3c0f9e1953f6dafe9ab9c6d83d67c1a61ee99

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc2a7cdca2825dc89fe9082f0fb6c8ea

SHA1
71176681c4a1c4519cce5f3b1a861c6543196068

SHA256
6bae2aff3071a306ffb283b7dce40661d1fe72da71841698c2af0ec16da56055

SHA512
d88a01a2b991651be644dd0be5a3003be7deb07583e5d3a29dce9a74d7808eb59acd5453c35f91b3ea9e982839c39acb8bfe2b5f6dfd94fb25a7a1d8960bf6e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cffaaea3d17b5da27f37ab4c984aa3a7

SHA1
9d09acb39f024d11fcb78f6b0a23570d0e4dc667

SHA256
d3e67f758b299ab80f1b55e88978472d48c59ebc1ccf781ab5a60011d027092e

SHA512
64f5fe6615e43c9b6c2af061e2985ea2d9ccd40e4caeec92fa69a9e06e332c5c05a4571fc598707f23629eb44d9522a502213ca6706e543bd8aa50dae9951ace

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d33d0d6b907fe1d39759970fd553def

SHA1
791a5d24f61392a0dd9ab171b0e5cdccefc2f25e

SHA256
432329fdab59094ac327d828f62d8efaedaeb689fc996a45046bf9088c1fc702

SHA512
72b5ab3d6494316f00aeda1e90f1e8ea820e89a89fdb1993599eba4c3297605305d03c3c23503e6829e4134c44e0dfea502597b114bb07f49475957d5cc83015

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9ad9fa887f806b32b0456b55076b362a

SHA1
c4598b781308af90695c7e9452de56ad6619e4de

SHA256
f84658c75a489f2360ce46fea5c642c99ec114ce97aab48873235756a95ea78d

SHA512
c791810f6c5d9df9539348f1e34f442e207d68793fe212390a6a1b77363c1925337e843eeb5d77d2a5b55f8418f151064ff827cf6853ddccdd3c315d1610c83f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE1D8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE279.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit