hxxps://steamcommutiny[.]com/tradeoffer/new/?partner=148972743342&token=hL5xBGgK

Analysis

max time kernel
145s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
24/01/2025, 11:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommutiny.com/tradeoffer/new/?partner=148972743342&token=hL5xBGgK

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
1972	msedge.exe
1972	msedge.exe
1972	msedge.exe
2536	msedge.exe
2536	msedge.exe
2292	identity_helper.exe
2292	identity_helper.exe
3456	msedge.exe
3456	msedge.exe
3456	msedge.exe
3456	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe
2536	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 4892	2536	msedge.exe	83
PID 2536 wrote to memory of 4892	2536	msedge.exe	83
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1116	2536	msedge.exe	84
PID 2536 wrote to memory of 1972	2536	msedge.exe	85
PID 2536 wrote to memory of 1972	2536	msedge.exe	85
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86
PID 2536 wrote to memory of 3872	2536	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://steamcommutiny.com/tradeoffer/new/?partner=148972743342&token=hL5xBGgK
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe3f6d46f8,0x7ffe3f6d4708,0x7ffe3f6d4718
  2⤵
  PID:4892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
  2⤵
  PID:3872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  PID:900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:1316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,17180606939018554268,5184082340955523394,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1840 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
713d4cb0bbfc7694ee80a61f3c9127ec

SHA1
dec11d2bf431e88785cfffa3e0fec43373c60cae

SHA256
e369e3a77dec12bd267b0184a249218adc64da8bc2d6f8a2c51bea84a01d6342

SHA512
6901c875cb5d044c6d2501deb75b2779d3e30977a630fa3b30bae62f06d583997ce49428928470f4e463f2ebabee2dd53bbb00fce8aebd7191699e0d55bf89ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
26769457c3967872c619aa7457a0d1e0

SHA1
71c5dbb3be7fb8036899e1fce8bc7e653842b3af

SHA256
e9ab7868ea7a7ce2f9e67114e766ea8cb463c95b2da46ebc508b2583be05c691

SHA512
534e9de763ca6dc617f98f5b423505cde816bcd036e44de41452faf777891a7262efa815bdaadb2d482b41a1ea58ef55a1a1cd97288f6e112f7b6fb24cf95ac9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7f553ffacdff16810e47e55d524035cf

SHA1
18d05b94cbe80425bf241b5c95bb19dab882abcf

SHA256
85026d9e22ea7a4cf0f2815e387364e625f794d8658f50e52bb26e04951bab58

SHA512
b637995973aea25b73dc33a627ee893080d04a83d577052aadb2877f9f0e23471e86bdc9f2cc3d8e1d3e4ce1e4c3f501bd18248ff72aa1a1780d636c0700cce2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
29e8e1e3dbc4df55f8318e09ba683a85

SHA1
1d2b177b69abd0e79c35f160473ebef4852ffdd2

SHA256
c784bb4f24181511c0f9f5b7b6c95dff2c56f315cb9e12b20d9d9cb08af157ad

SHA512
438b91b0493a480b17b929da1ed808ed221e8dc083a0c6f5da4b1fa509e82d64ae6dca76b2e0abe475eb532878e69281b54260d14442cd159290198874775c4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
54b312d636e25bdae3339c9255926e10

SHA1
f3209f0217d359cf7ce7e04aa48f71d97d5c43f4

SHA256
7bf47fc7b129de8f0b29dd1ac7c051042b8efe60635196373eb26657ca093f67

SHA512
cb189ba1e24df6f6fe2ff252b4f0f539914cdc6dc7c383e33adc338003f200a9976f63d44534c6a1c2549169e76c3c1e89da097eb29fd8cb0935b048a1c458e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581a2a.TMP

Filesize
706B

MD5
7f6fdcfefb5f1962c0b69b12e6e73961

SHA1
afc31c66561be05a68105a55dfed0799a2bc8145

SHA256
f4b26f0e93b59feea1cdb2078b2bb50ea0ea6b006d36a3a9df0b772e18488a49

SHA512
c41757cddf4c635275fd2c4c2ba5b0ad83fb5a8909afbd608d494e765021ca51ad6e4729d80c0b3fffbf0c39846c4c8be3e5fce08cc3546fbc593c7523de6a9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fa5ccc69-29a3-4673-af84-1305b24398d5.tmp

Filesize
1KB

MD5
ba9cb62ca43fe9d4e1c4e7914d0bae1a

SHA1
01af403a07d45bbb225a0c720463aefc777c63aa

SHA256
9b731ae97cc9a462af19b02b8545130f4c6d13b8cff1aa3ebb2649c8754d5ba0

SHA512
ac8f51428c7a3caafc09e30c6529300bbef4dd318d33a625e38219a5110587aff7674d9940b408e4f104b1a5e5deed8bca4b5a907607a1e88bde93ca7d25cd45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
53387af702f2d4b76f835e48553b66e5

SHA1
498facba4e24c31064244bb9cf37c4146449bfde

SHA256
57f08af406c7e2f949281c3175e4e1731c8eb5aab30abb0a019509dacb9273d4

SHA512
230b8c4919415aa2c046133289d40e302784ebb743b93ee2725009556fdd39a304986ed685ca13fa8639c2dc40f32278a5d13c44c9705f98f60cea829d6d3803

Download Submit