df3d1c3dfb246b90e492201d05219707690037c29ebc0d1d50a3589c6a5cf827

Analysis

max time kernel
117s
max time network
169s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
07-11-2023 14:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bv9ARM.ch05.html
Size

6KB
MD5

6471fd47afac1dec1938bdc2c8bfaaba
SHA1

7d2e2af55271637d0ff5139ae8e171c006ce05d8
SHA256

ca560e596d1dcfffc917e759878a4c32b6873bf0874de8e9abb298c6c0620fbf
SHA512

5d2762a7546b2756216857065b6987e9dc53ab8a4249dd240cbc1a4776d298cf523391bdbcd1ea01da4b33dd19dcb69cfd97160dcae86cdc3836f46219c3f052
SSDEEP

192:nyvOHU4cNSpnfiESkKZHlyK6Qar08+jg4gYbV:nyvO0vYkY4H8Qi4JV

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D5221951-7DF4-11EE-854B-7E3CB4A050D6} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005718aef034e0654ab00265bd8f8b2f5400000000020000000000106600000001000020000000a7a280d7db5eb61bb286cbe5e0aae047e335bbf537c7f8661f970ac63dd7716c000000000e8000000002000020000000a5f56617dd721bd022db55e6b45b1ce73e247f3b628eefd03b54ed95788a6111200000000e8ff5acf6e1c8e1fe77ffd6eb0590473fe2282e89aae763732c839d571a67bf40000000d9852eed10b1618901e445081dc0894373c0b0871c51e2b2e1fec5186217666834185a224069458948bacedbee0d3150dac6bc6c9943b384b32cfcd31f34ce0c	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005718aef034e0654ab00265bd8f8b2f54000000000200000000001066000000010000200000004eec0604ec1c566abd86a830eac7c4450c49e21e32dcfa99f455fa44f45968c1000000000e800000000200002000000006492ab14c89eeb4aebdbf5204cdd8a55881534aab3a48e5a95ddf40cea05c8090000000f31af22f88f8494936459bd4c037920c916507f097496850750ae474ffa99d6bff6a9efa1b00546c97c69805996e3bae5c339a87c6a19a745e8d518c4c06328f8cee21c885a8a2b35373b0da1a11d4091fc39485e1fee0f80ed59f892da7a7134e5e39a965e32f0721b6ca5c48e7cad3ac38fff54f16e24f257d81b75d956500b117d4a33b1d495b33cead814ed3b84d4000000054bb0a0f71cfaaf2239567f6e8d07a5eb47936fe4e2df38e097a51118aa80db04a9954240b1d92e566598efcd47669cd502cfe5f585dd9c3a3545b977597e651	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "405581968"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60b834aa0112da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2104	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2104	iexplore.exe
2104	iexplore.exe
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2104 wrote to memory of 2760	2104	iexplore.exe	30
PID 2104 wrote to memory of 2760	2104	iexplore.exe	30
PID 2104 wrote to memory of 2760	2104	iexplore.exe	30
PID 2104 wrote to memory of 2760	2104	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2104
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2760

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f6942801ca26558e018499f297bf9fd5

SHA1
123b585a1e416ab5b6da1a92a57e0faf2a927a4d

SHA256
6e3ff00613b06081d67c49f7473c33cb269ccb706777a23edf3f9bc9720b7d40

SHA512
9e482f277ac662c7080e0c60801e7755e544a11b07f06d33806a8af6463ffff3ffb57850cd75337caf98034484a603117419ac48ef63aa4b5c642efff3643048

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6bfffa868b5351606dffba7edd360d81

SHA1
4a830dbee31c438e13b69eb0536010a14b681dff

SHA256
23576346f5eedfec72b7371f0760212c526ebb5c8f06b3b03678de7cb456c2b9

SHA512
5c3ce5429fa24808c1582234f7786293e65023d74062d84460c95aa84b9aa5e8f04f012dc0769fc6d1357daa4772783e69e8a186e52bb2a834b6a8f3dec67b23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4e98a0623fceb9d0dd12811b52b1fc57

SHA1
dde404af3472a5fd1b98c38d9b51e7845c65b1a1

SHA256
89b181889d84baa892af597e5482120d6b41b1a4712c628257f537a0f979132c

SHA512
96b2e809740d6bea2a7fb59f1f5e59348afb5c785156299007ef42ee2fd3dc7a01b577cfc955d358b38f6e862f4d33ccf2f2bdf79c16be1634d36cfd6987cc31

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a3a71fe6465993b262a741fa24f5ad2

SHA1
aaa27e44021daeca8534df5a08113ae7597f7882

SHA256
c81cfd677a8cef9e3e988fcaf51a744c274b978aacfdfd392f90fc996704a0ea

SHA512
eab551cc4466a344e1650ec85ec5b2c4a2c6e597f808eb0344b29f2897d8a681eabb5830a700cdcf8a9352472bf4614ab198aea4fa45f43c2a4586250a4d6bd4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c236b2a1f47039d1b5b80707adf572bb

SHA1
077339ad09b3ae3a39bc8990f3b7dfc02825c1af

SHA256
b238abb5a272142622075ab2e8d24de21df59e1c4697c04af09eaf6b390243df

SHA512
317cd42f0d8df9e28dc9e6972151cabffaa0df3145ecc6842ecae0a4e26faa5a7befa397d4b90cfa6d26cf34f2bb2c398ed4c81597fd4f5fe450e59c231aaccd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9f08cc3171c85a500f6a08a500c67980

SHA1
27bab81f3df0517f6ff72f19336378b6ce56d378

SHA256
8624b4d9c8f478e714c33320271bf066bdd86ff74011dfe306ea136b4c3ddb1a

SHA512
8b207a88e5cfd65b7d58b47025e59b099f33a9047bfefc64e774fc980db51f5f89a4b5609cb1f1fee6ad2f5c041d6267c556077a19915a131a69685b95578f8e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4875a536018180951874b6031f8003cd

SHA1
d2c169ba16147ef7d35b949c5f37391b691f4b34

SHA256
d9bb6d7d53fcafdfdde5e6d60e8033eb614ec64cf2c5f983fff126253ea3aa9f

SHA512
f9371d2e6937cc92035069d722be71a311dfbee308468dc1fc7616304d7e790142184f2e61466ae8ea6354ed7980ffc3839f3eb62ef6021c2cfd8da792672881

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
26ac1fdb675b0f889e29081b64ec6b5b

SHA1
a1e66846a8f75bebba9b7d121d9951977506c1cb

SHA256
6529654a6c37fda03e9a804da67e7317c6bdf51de0e2ac4406980e9749aff23a

SHA512
f5c89369f2f90598785f2f37aacaa1d0024024ddb3b9da3e74a74e21e0b7c3bf63d87d96fcaa72ef7e755cb178b9994f62091f319692ef397fbebcc443b89626

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ca76c0d8bca681b6dbc95c313d2eb1f5

SHA1
ad46c84602030855839c6d670c298f61fb5ce148

SHA256
49190f0309e8079391fa5cba6d139041516b35d9d88da652b4d3165aa9e19e67

SHA512
3bf08734cd0733789fc1408d9e8e22bac68c6f6e28269a97c0de6054f80a23ed06fbec6b6feae36b17f11881b5cceebbd27a2e5d38ec20414afbc69d9f57ba52

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f63453a15e966786278b7a20aeb7f80c

SHA1
e85ab2abbe1d6ad8dc23eb23fe7e1dd796896ca4

SHA256
2a428402297ee3000ba76238434966551e94b4f0b08ed1df825b791f11ae8448

SHA512
2a4db7d7fe198af2fb0da434f844212061154188f3d295749791c06dd376d6c77511f33aed4aa6202e49516c54ceef2e63b71f445edbb571e4b0688b6e651db5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6923ddd86f0c9821c411b69f2fa3ac70

SHA1
6666a6ecf4542ce322c23c7a15afdb118415f848

SHA256
edbf3d7392adb62792fa0ec1365827b080aa267d3ff4f7b1d2778dbd0bb071ea

SHA512
fc6e376f10babc56eed2e6b745883da9fccca547adc2628d7c95e45c217f266a000736a875e5504f44a1cc63c33e2c816094ca74a90310579c7b0fbd9e04d4dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b8377935248e5ba65d0308c3a89b036e

SHA1
b762a512c81e8c00025140c11364dd54305dfaa8

SHA256
f489986de8883d47149330460b2c8b360c4752c75b037e80381f6419d62d7a3d

SHA512
c069f29b7bfe6943aa4517f567c9639cb56070f0cccff68b061a0d73941a2fe0c8cde7697be5bd7c7a033d02615d18d378cfd71110709e62c2937d5eade60c0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ddbbbe173d480b108ebdffd46be8d273

SHA1
f19e6f031a65bec7affce01140ccbe2f17579de4

SHA256
ac47832c5b86b2711b69632e912a06a4df07d9bc645f33f26ad1740f8a981c65

SHA512
02409e1cef1480e678f219e250906d66b5a524a9245c87b4b82f712d784103e32029e205f2eab399bf6e1e3cdfd91ecce9170c2fd44e36ce7daf972789db3bb5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9bc9e04fe68648d8dd0adb782f6a7504

SHA1
d1549b9f2cbf99d131e68501b0d796f140165606

SHA256
4e7fd46efa87184651355e2935f01bddb295462bf1093af53147f7f970f072eb

SHA512
634d182b1395ce41aa4ffb5570adeb9d7402727377a136555838c35d98bce7a51ab1930aa58434555c9e9197da6b65c7e5460ab21efef4af2dc32e63a278d9f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9032f22fb77c3f2b51dc5192ff42e98d

SHA1
ecbf75928b9a5550ee586fe9830abdf99478da11

SHA256
1a743373b6547b2575a157fd3a3d36a8bd68ea79c6afbb223cf543af0d926d3a

SHA512
148525c2e215a5dd6e624e5609925db77d65b090a8b44cb0485b613a2b9f328a74c9cc425a1eeb1d33c1863d13d641d89a5c5d43d4d4d195cbb5fdce0907721b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4d1e1d995ae63dc2076dc9a0fae832ce

SHA1
f8e1f2ddb94bebe6cce0ca147d63e76d272c7b1d

SHA256
8490f51d51b11851e361507b59a0030d0809415fa6d6489e3c2a62b7eccd808e

SHA512
67fc03d2d825d1f4282fa6c8bd92d7ab83725641533353a9bf0e01fcc1b7817cb7659c62de124eda94785614ae64969890b126dc9be3d30d9c8cb77d04ab0581

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e1fa4adfb2b6e369bbbb4b0ff0bd0bfd

SHA1
fd5c60d31f20b814cd08c4618d8218b1847eb44a

SHA256
1b1bb1eed08cd61d243161921ff20a73443200efa05b773e2d949b97841f834a

SHA512
ab7335e926b14dc8955f5aa1d2af5c6890818e49d2bca15fb2eaa2cecada11bf68550999f9c96a1eed0179e935c3676827cad4ffd3256a8ac0c5b40a8f439318

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
98d479047f7dbe7369af2d29ef959a1e

SHA1
8f2f17419185a2f264553db132a2a2718d9cbfbe

SHA256
c00de15db560df37a14b915d897a69b62b8cdd42bd77ece811e72c2cc6e153d8

SHA512
3585ae02f959e4172d9a801aaee9dbdadf952b57de04213e147fc193f4b54de42d73d1234f57e191acee3f0177db8f171070bc2150fdf518bffbcc3ee2368287

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF623.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF6B4.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit