hxxp://steamcommunity[.]com/gift-card/pay/50

Analysis

max time kernel
42s
max time network
41s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29-10-2024 21:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunity.com/gift-card/pay/50

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133747103504630984"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

1896 chrome.exe
1896 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

1896 chrome.exe
1896 chrome.exe
1896 chrome.exe
1896 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe
Token: SeShutdownPrivilege	1896	chrome.exe
Token: SeCreatePagefilePrivilege	1896	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe
1896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1896 wrote to memory of 2604	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2604	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 2484	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 1388	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 1388	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe
PID 1896 wrote to memory of 4632	1896	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamcommunity.com/gift-card/pay/50
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1896

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe57afcc40,0x7ffe57afcc4c,0x7ffe57afcc58
2⤵
PID:2604

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1680,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1676 /prefetch:2
2⤵
PID:2484

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2004,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:3
2⤵
PID:1388

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2416 /prefetch:8
2⤵
PID:4632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3052,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3068 /prefetch:1
2⤵
PID:4636

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3056,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3256 /prefetch:1
2⤵
PID:3972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4468,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3988 /prefetch:1
2⤵
PID:936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:8
2⤵
PID:1168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4736,i,13003282861046049308,12104054232819371393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4020 /prefetch:1
2⤵
PID:3972

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2812

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e6a9a58d41f4843638b91af54f2b4da8

SHA1
e5932e4d05e240e40f12f577e7b745437496b828

SHA256
3a04a84938a68aab2c9edfe28d1f3b2da7996b42f01ef6a27b5bb21a4e5396cb

SHA512
730d5de0c1f7f9ad3b75c55ad4b921e72bffc8b9066641d762a755876e03cab25d0714d714cc5607731f3097beb91f662a419c65a4912e6aa6f1909ba9080f73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
e718598da315fb29c0e4352206037801

SHA1
a3bb14596c59793c0ae3615368d61f3229fd5dd9

SHA256
6979fd0403d4d3cad233cc2407a51e53a445f7549e9e6273657575f729f4c4a1

SHA512
7e161ad07fe2f21e7896d647591604b0d5a3ce6b4e560c29aff204b3e1bd316409c6a9a4c34588c542526c13b8a2a9ef586ecc6213c729644dca879d5618ee45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5cbf6e3605d739c7128670df0be4fac5

SHA1
a2f4906e8490a7327cb002424cfc4ebf9551c13d

SHA256
8514d0b9f82a541d3240bdefe962a05cfcb6c13e86b4b728d523fbf77109750c

SHA512
221959212d68465acc055e862a15af08ebc38eaf959aea25fbc0e8833cfae59c5dee3b2663fa8ce5f5e0f0765eaaf40f1eb114453569d3046e4cfbbbe90f874e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
858dccaed01667eba21f1064e78d55bb

SHA1
091452dc3c38d343da5b24b7b739c6922db953a1

SHA256
61109871e0ffc8e7bfc6a4942f5bcf18ee9fca9cd84f33a901faf12ea314ef07

SHA512
bea684bdab78ca0d7afb8d6ba5152955f82e8e10d22d6bdaa35ccff81853e0610f03f4ffdd755c10d8f218bfe486d4836b731212a80627fa3aedb6846f942594

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f3e0b9cbc506a6936becf509c5069cf8

SHA1
30a48f0842b8a747a141d0f85fb3dc4cd2e9d95f

SHA256
5237e956ecc9a902eab56123ac63b7252afdb09b075aca4167b3b9863b9bc81d

SHA512
d53770c7295ce44685219066cac3a04a63704c775b87c241f7bf366a493e0d6e6515284ad67f40881683675c8d7678bc05a12c3fce3d22f1ac67e3d89292c91c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
59ef0dc8569b31d4a42a4dedd4e2f63d

SHA1
14ce59e6cc49b69454f6cc4ae0f7dfcf881e42e5

SHA256
1593ce666018d98f3c8d6facbb2f6fc91b3cc5a42aa3c82d949041cab880da12

SHA512
f08410130a5b052ebd7c9a57d64d704f443f8908f7c4c7d6683b642e6e40b4c2058f2920889028ee4a3a9153c2736738da40623f7c7eb5b988d3cb3bc5f3affb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
ef63452dc025741acfdf5300f9da25c3

SHA1
217b22ffa50f83a32bbc44f43f9e0a2d6ee97e4f

SHA256
10325628487ecaa114a61a0f1e5dc37d9e64b034af1cc5b85b1d6e28783c3b01

SHA512
39af929cab1963719734a0c816b509ab540761e158df47b91f3247fe4fc25ca196efb9b91f4ffdec84cecb4525cec69078b99a7c105637149db2a6f9d23e8789

Download Submit
\??\pipe\crashpad_1896_JEZKSERBNSFISGBB

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit