6071912d0d3211bcb9f67356cff4e6f272e0ab507f0d5c03ce416cfa428b8d47

Analysis

max time kernel
135s
max time network
142s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
12/11/2023, 04:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Annotation_sketch.html
Size

1KB
MD5

10f95131497deb3b347d5731b57a0803
SHA1

8a68555228e1089d8eedca5370461cc6a16ffcda
SHA256

a423a55a029f11ee298236e1359828be68152cfdb482213a3aca425353e084a9
SHA512

8ee5cc9d0088ab8f75f7cf0e304d59e9055187c9b681f8d25b119753d625698bcf8d1552f3f1ae8dba259094b37e625168c740bacfd020367afcfe99acf11e1e

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10d0ebb42415da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000099b8a3c6ff97044781f9dc0475faca4100000000020000000000106600000001000020000000829b916d4b52ce494e259d9d46077d1d5971cb28195084aac4f517a4b6c7c4c7000000000e8000000002000020000000dcf4eb761200d5f9854889068389bc6e1d141562fd7d7f2e90c61ab78c7ef6fa200000004d13d72a68598153f012119e1800c13f979e4aad7790b1c6e423eaab2b84f81a4000000023d31124eb3dd61a3e719d76fef69e465f71aa28e1334fd167157d14dbf2d0abe343113ff656ff7346a5c4f45fc3135a14e5486a88b65d90d2164d6ad4ea2fdc	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000099b8a3c6ff97044781f9dc0475faca41000000000200000000001066000000010000200000008f817273e036038cc36a927479df2c71b36d7c23ed836c4253befc12a28e5073000000000e800000000200002000000026488e242321585418cd8070ca37f2c850e7a98d9704eba23641033f1b419e1f900000009665ff40928dcb2852a9e7eac2d53d8a80f652a290850dbbf1295d3ed913f27a7d212b06ad827029f4df93228937b4c70351ee3054c863ad4ca852a779a3855f660f1718e86d91f154ce4a7bed45b2c7b296d573efc32be65fab8fb89ee57f92f32df2e5605069aa54c4d98ef36a93af268a2cb1d0410451cb84545aa4a5b8f4d58f046e38ae658d2eae5d8c18fa6ae1400000006bd6a6865c6815c141233e6b7f324c5e4e3b5da6fecc293001fbad7958fbf468fa32e5b2a089120bb0881976237c503a4d5a49ba98dd461a0726dd455f7c0130	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DF01BCC1-8117-11EE-B55F-FA85F66A7F24} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "405926871"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2932	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2932	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2932	iexplore.exe
2932	iexplore.exe
2916	IEXPLORE.EXE
2916	IEXPLORE.EXE
2916	IEXPLORE.EXE
2916	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2932 wrote to memory of 2916	2932	iexplore.exe	28
PID 2932 wrote to memory of 2916	2932	iexplore.exe	28
PID 2932 wrote to memory of 2916	2932	iexplore.exe	28
PID 2932 wrote to memory of 2916	2932	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Annotation_sketch.html
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2932
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cb2d37479a4e97aa993f07dbd8ec8a91

SHA1
256b0383931cfbcd930ba4255a58560c234e62d5

SHA256
5f3505594f4cd9963502bd8c63258035e42406b3456827112d66f1c1e454c156

SHA512
cd0c102c6f65351a564789ce5cf053ecd09eec3bf5120c3eff382330159e3f0f9a0370e740b164cf067a2376dfd102267b14de6f7c388430f7759d6a8fc3110a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d557d9eb591779dd3a13b7bd82bb95f6

SHA1
74ddb828d6f842f70bd625a9e64862174bb54b63

SHA256
3c3cab9df1e21e84d9dcf5b585c1794839f800e32787c16fc1e623405ec31354

SHA512
087c69ff8177865baa15457b12a0dee958286be3301951aee4f43dff5affaad5a93ce389f05387180518a5f588d0061897b7244c38da7c461e150c9173270a6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
241c4ba6de77e034a39ef618923c3162

SHA1
4652ab899084aee25d8f3acfc23aac034c8addb0

SHA256
a7883ecb59c32f366341714516aa6fdc81ddd045434f792dae5674895b2b548d

SHA512
0585a8fbd89019156a5bc522a50aba19fa8055a098c0a1c1b007c74e6f3a77fa4537799897b3965c438417d3b616aa087091d6b6f5653d040b242201f063657d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
12d36004432ae2aef1c10d8a8b6770c7

SHA1
56b6e44b44ca230a7495e1bc8ebddb622a03692f

SHA256
9bd991b3bc46b7615f7aac50b0fea1087f57184c50de00b3ef3bfc680393e0fe

SHA512
43544594eb9471375d99d9bedb8f0c21ebd872e3fd97df7615be17b321f9869a5744b35c076310a756a6a916c83f4f872e27b0d71adedcd36178f4e38470b2ed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6b9d00ce6325ad97ce8704cc4cc2b718

SHA1
09f7932fe5f2c517d3870c7201b60e291b8f6f56

SHA256
7c0e85955dd8a5a61a10939cb52912a99dccc746b9402fb85ed1a09c09d4d442

SHA512
338f6764d65841d7cda0ab0bbde2ece816805667b1cc8db0d0e79555f7549a27852e86fb808c9930d1d715b39d0f462dcc4cd0079c714298b4ac2bc24f80420c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54bc9f10597639bf68f083c01bdd1efc

SHA1
c89a3d9327999b7ee367cacf789f6f83f85c8ceb

SHA256
224037503625cad57c2e60b5f7ec8b5c51523c184bd08aebaf8cb0fe093e03a8

SHA512
b7e9348de6a27dd7cafd24456264a0165ddf8a267b4808314db6fcee0b7a8db38949b9bd6c3f8355346c6609383754aad8449b857998f9914d203d4ef2773bb8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
51eac2adfaf086abc7cf4b9cde94e844

SHA1
040956ea858ca9a01a95bb2f2316e638456176f5

SHA256
a50d0d12239592cfcd28d1d078c4f73e1b3d4ad297a455bdbf1fddfc5666bc79

SHA512
2e53d78e412bd59a64f21ddab72d15995f32a3acf4178ec73124e6305e751174de49a7fb347a92fbb0098e11ada0266f4466b5b085e57dfecded2764dc16575f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ddcb53466bc150979fc1e82657d71f57

SHA1
9850af38e8dbc296634a48894ae8cbdaaa156349

SHA256
9c17e521be8c39a6429b2084ec26480eb59ff2fd6d084ef46dd384633382c76b

SHA512
e8076984ec1c686cac90425b4f2966acdc1196c2e0f91483d2e132a999514d4c198ec15739af5f4ddc447aaca583faac80ca2e0fa9301d2fb981cd6caf610922

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
db2a4ed25ba4630476fe238190c836ae

SHA1
aa389dbd3551f8f8208e7ae80765e83109fb94fb

SHA256
042cc107d1ba78ad1509f729912b63ff7704450cd3fd86fd6f8c091758f76123

SHA512
983aea5c2d7b0a9702f03025b02fe8dfd3ee856b705c274dd061a8a3a4f628bd02b3d352f9207ee7dc86842098738560017a3d8558393069ec79da00d8d46da9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4b15bf70462262e0956f17bf1917d4da

SHA1
e32df87deb39441c4d74c9ddefc77d817856433c

SHA256
66a01e1043c3d7a8fabe84cc8fa57d05d18b4d494ccd3f54263faef7a2288533

SHA512
f4bfaf4ce71f2b7bc8f9ec75209516c25865ce0e48fb23c0affe0037a9918eecb447bb281c51e88d11d934f0e3cd416a5a1ce8fd834de7b90493ef7c7948ae39

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
90b6b58171d75ea6cb54dc1271f4a9d2

SHA1
2ba3aa5c5d9a7a46c29d789059e2975b2d281e7d

SHA256
d4dcf5900d5039ec950efcad1105a7b12c95b589a795257133d1e3bdaf6b2397

SHA512
d7137cff6a816fd48f054cd9607c5203ab826c045d31f44b3abca3047aa71bf87d532761e0e6a640dafb508d29f0e552937c3c8f9afcb60a0c537e0b4473ddcd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9de545771def7ffc6fe05e104b2d65aa

SHA1
943eb5dd1d6047fe3ddc50f56c1513fa87507747

SHA256
23eac41c5c512768c82045d4473eb3829e54f39bfaff6cd1654053627bd5751f

SHA512
6523e0f4c2950aec61c5514a425386b5f2e5facf8ffb73e18aff7539bfcb076632432035a56ed27f428217fcdd4f7b5a5f426a89f4bac0cbab5dd1f49777b9d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d955ecd28bac5aeb9976c7ca3a12b8f0

SHA1
7cc7ab6c5d017bda95f59ce6e06933141ba4bd31

SHA256
8273483f584a7dd1ee5a96abe38d78051a1a1922210560dfddf1ed8c69efe531

SHA512
01ed3e95df2d05f53654c34f395ce80693576ffac16021241fa73d95fda028c033b4fe6c0bf8f0bccabd842b3a930d302a92adb7c5e9df4d2e97747f556e36e2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1872400ccf395971b341d79c8e62da24

SHA1
f55c997904343dbfe04e2fc126fdc0160a260760

SHA256
6b89f521c8ce08742d88e9d843c36f29120704dc35d62829d68f3963a88631e4

SHA512
ff2ca93ddc93286b94fef0bb4614d130cfdd43c63a88a915948c994cf2d07315fbf5aaf620b64cbdea0170c3b17cae5ab084458ec5619fd0ec67863be8d3f501

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2c8d7f1b8de31a5915066a21787be54e

SHA1
79eae98b8d4be86bb5446794239939fba1b3249c

SHA256
cf272a20bc67fe8c2ac744d141b4a287d43c073a5e078b4fb8ed5bf11e625f80

SHA512
aff2c0204d55874675c26b1b1598a21863d1b9a4c4ef9ca83c97929a538d2e2bde6a1d525f85c785bd5c34849e263fec349da6551a7104ad854d4b274a3df04f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb0fd2034ffda56314e6325d9b25c671

SHA1
3eee5b2fb16a9e520c55c0bbab97000577875bcb

SHA256
10cf991884ac7be6dfc39f918a5a2fcc7d77595b6c28fd6abbd604c0f3ed1451

SHA512
4b386d031e2a5f170ed13036bc2aa3d667407c12f056c7ff3735ae9fccbbed369c8bc00d49ba9be883408731ccff6da7b06202d0b6f8e2d5e3cc8f1b1ea82093

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
40515f1e67c12fab24b1e0220af5906c

SHA1
7ca280afa6d69ab05cc036b69385b99bc1955729

SHA256
580c2d25e53aad297104a83cc92aabc661a5cae12bd21a8ae19754a7f5d25325

SHA512
2fb102ad4524d856890a20d3688aeb8434e6a93e756a1b3bd0cb89dfc2498db50a624f280c249fa41fa4e00fc15973b8102f0b82c5577d5349eed6cd35e79c0d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ab106dd1cf23b3e9fa3a2d81f5a5d0d

SHA1
8181e63dfb0765ef570257fcece89aa594699109

SHA256
8cca16ca777184df1165f5fd387138712aec5d76e83cd4d8e548b906798aa50d

SHA512
0deeab8468bde1c3b086feb084b10644dfc70eb70cbb9ab21989281e9479c1cea6f33a059a3a03ac8a0706665c637785fba21907f52ff12079116dc660ad0287

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC91A.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC98E.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit