f18eeddd4c614f6371efea99ca05e30a8df7d24d13f8e0e3538bc840a73f5ae8

Analysis

max time kernel
119s
max time network
132s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
15/01/2024, 04:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5c2af7465b53c2fcbded636f03f99862.html
Size

2KB
MD5

5c2af7465b53c2fcbded636f03f99862
SHA1

6740996e260f7e80e9d08cc6b2f67e5a9975e713
SHA256

f18eeddd4c614f6371efea99ca05e30a8df7d24d13f8e0e3538bc840a73f5ae8
SHA512

3ca890c2096958a75aa4b99ac1d7508eb7f6c2b5ee534c70bffb26e2d9adda36a1c6598c3c5b0f37da0f980c631ab267704f435d594528b8e65f89bd281c7a50

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0fa1e886d47da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c000000000200000000001066000000010000200000003c549635aa76d7d4410d522018c87a10c0c10d95653bd8f5541c1a05d22940bd000000000e800000000200002000000072d31bae618682918ccce6d95c5cc40b257c3919422b5197392103d0a309497a20000000ac4bebd8c724da4d56cd20f1da2265c960d5cb3a86f134876705f0444cc6366940000000420dcb204384f69c66c1e16863191dfad06b0e3d0c611c06915dc6c70c0bdb59741d7649e8095f5f3009541354cc27433fdf5ba4f3d950d36ca3da9d88837a1d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c00000000020000000000106600000001000020000000cab42eea22a54e79c731282480402169ae90ebad29b8d182d26c33c8f80c1390000000000e800000000200002000000081e920ef703f19eab74754e82b3c622bfb0e6ad8a1e9bdc0dac0944cf4667d0a90000000b79024ebfaaaf966d44dc8da05760343c185180a60ea1bc1e6a884d168e2b563c7cf982935e4b035f69d8f472d5187d64a0ae35cba1a1cb692ed46bc209a9367ccb7f12bb351cc5ac8108a0b20eba9fd816de46b43c39c5b99a42105b875e03536d0a4148205a9692f6b2f1765392ed49e5f16f85877f032b728d179c685fe080c72f3bcd38eb2454b5ae9199fc70a3e400000001792eb8a6fc3c1f62a1ab43b8afe24a49dce087fac0664807f4e67144bfa348db99cd1fde898d34f7e5a6265d538dc9275a8acdd702ffed5194f84142a02ddb1	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B342ECA1-B360-11EE-91D2-EEC5CD00071E} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "411455709"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2168	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2168	iexplore.exe
2168	iexplore.exe
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2168 wrote to memory of 2480	2168	iexplore.exe	18
PID 2168 wrote to memory of 2480	2168	iexplore.exe	18
PID 2168 wrote to memory of 2480	2168	iexplore.exe	18
PID 2168 wrote to memory of 2480	2168	iexplore.exe	18

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5c2af7465b53c2fcbded636f03f99862.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2168
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a6a942f5de245b9ff2d82f3c152014df

SHA1
667d094b64487fffec3587a6d398edbd0152e221

SHA256
67d63f81d2510c344058aeb4c5febe2e64cff3d525c78bc761435cbafb5e8aee

SHA512
7a65ae5e1b30bcb1d90af672e9bcc82b3f4313ba995270a9a106a9d3087d9eca079ef62630b77383c597b9c0f29df2fc38fa4ce552004411403f138f55b39bf6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d0ad54ec300c2910862d9bf12d409f89

SHA1
19af1dd15d9a262670cbcde9195594e762bdecfb

SHA256
fddf0089259abaca937138de08e4c4291568f7d6d9f63b1c42abe5fe06edebac

SHA512
fc1f2bcf202084337a6c152ed875ae7cd5db82bfb31a85bd645faefe69087163015ff50d34848d5234ebde155f23b0db3b42074aba4431759c862948ff46b5fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b14b948715b9e9cbb3ed63754540e6e9

SHA1
f10603678bb5b1adf12f5a7e97ff00ea20334a55

SHA256
32c72ab3ef0b7ce264bc48c9905fac14a00b102ac198ca68e449964c0462b669

SHA512
2a256742ae325cd51924271f0d9b72b9db23432794b71b7db949cf87ad0f2c2cb9cbc09e976d0e51d0fa458dc407d6ea90c6d42c5e7828406d9e51607e4a3cef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7c3c10adb8bb53774467710378923f56

SHA1
b4cd286ca79424b461346748190e3e009f14a45e

SHA256
41e4f79a085cae391bc8003f90b3a4bff846dc7a9b0a38427076ad0b2f5ec177

SHA512
19ab870abc4da41fabeecfc75cbf589cdaab47a30452598d205c75d599ce4b3878920d8adeb27d477ebd21a4a9b2f224ed90281762f6b7407110f30f80d469a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
548bcf421f904fbd2c31c0e5c86d85e2

SHA1
a21bd44430ac318f432566e42dcb9b6f99794366

SHA256
df8f174f10e6bb9a69e77c0f45ced3bade4ea97eb82f7007acf81f695ff268a9

SHA512
071e0961a302848509cf61e4aca1c55a6e681ed0779c237bcbb073884dc8005f0d5756b852c36dd3a765993c4559b90860c13018a766eb199c2e62c0f6023c61

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ec467cc1d11f386a9873621159163d00

SHA1
3c2322b5fc08b1871b2febae61bc33e1e66fe597

SHA256
d4960c4cdbd81075d25e637524cfe74cdaea413d03644c39dbafd9e05b495e1d

SHA512
0a8e2a1870d7e493c61af15515da403a19a96416cbc5780bd4233d9f85779dc82711af37827aa46234424ceb3cb77af513442124bdc42373f943b6c754463e68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9949e3e785330c7154dfaa1e12e87019

SHA1
9135a75ca69c97f1450bf1968fe333b14b94467f

SHA256
5be826220dee7be8833fd7dc939105f231f850ac314ef66efef5400098cf1278

SHA512
2b4bdeb088d82d0cfe7095a7330ae95fcc1b2047e644f6c059bff0dbe9744bb3abe961bfec79ac5ec824eff15cd3fde72f54de1c93d45fb707b9c995d14bfbdf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b450fa0775d33d8d5bbe50b04ca45ebb

SHA1
72a36a394ca2304e6eba8db1ef3d8701d4f5e224

SHA256
ffc317d541bf009874da822bd06aab3b11cfe6cee6e7026ec83c8f909be8e458

SHA512
b07a6b7d8fce319ce397e503e693acfc87034983a5d619f8add597965b4e57ba2a9b9a237f896b783351a49056f66be7373227c48624fed6fb234bce19bfcba2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
127cbdd9c96d2a235ea9f39e53e17f78

SHA1
e74b37a87f03fa52b6f60b8dcecb2fe88fdd9317

SHA256
5b57fb61f38516037700ca04f5640c4dde5f1ac22be66573e74a0e4af098e2b6

SHA512
f4cde1a2ddef42b7ac7764c041aa1026f1873d237f64701eea8d8d8dbc75e356cd87f69e2198c342c75a0f6de6c2b7149f9953d6ea2034b8cc1142b46e667d85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d0d6291182468dda7f7ce6ed429b6de0

SHA1
7c83abfd31f59b5fc0416692cc023b059b7745b6

SHA256
be55a20f08dca861f910b84e3052b567b81950e1ac045d3d24873f07f3183211

SHA512
f957226838e31d5568e4e68b2aabbfb3dc72d5b3e026b574a103c9cabdb899c300160d78f27dfa4e322f6364612e9e59513dab4a17b8d0805edd015b26d7f3a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eeb47264c43210997b9aa4f9c53eee7d

SHA1
a9f48903a9aa2f333f547a903b5f631f521b87ff

SHA256
d2f2011ff0471166095b7b16ba53ae38c07188ac13b92cfc21d76b5052ea18e5

SHA512
2dddf5c3bb70d2a12174652c206c8113db7c2de8c2f1a2cd2c0352d95ffc0593bce8b6074d2eb7d8aed64ebb8c0372c169ba25d7945f3dfb196e4668d98be154

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e2798c0bd45f2398b6c23436211f92eb

SHA1
e6a7a7273a473315cb67e72b29800d237d6defc2

SHA256
847cebeb0940a6586f68bcd1576e5bdbc96c3cf76120eb998b490c615282b861

SHA512
8bcc565c92cb7e04e590f2d31a602d72e8257ffede5aad331350a945940882217d1a9edf6521f3de187ce0634ad33ceb095cd7a8810bd1ad056c4280992b9933

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
11bc7cf8aaa80dda691817f27def3a1f

SHA1
790ff5897fe5c315f947514c64132e371ec658f8

SHA256
17226f9f506936587541c921d9e120354b2b3c7e4aae948c8b2c18eb5cb6196e

SHA512
8f88492908ecf28a2d1f95123dcc9d0dc0a6e6a092724fe2476c8359cd5280355fdf0660c29bc2b856f663f54a64691a16baedfdb6cd48fca77717623aeded1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
43216b215bba89d7867fdabb02b7dc0f

SHA1
bf087dec614b27c69fb0538132d893ed243ff20d

SHA256
c2e5bb4aea7364a86e3c73c38832f3ac65325a84278ecc6acb3eeaf5e240ff7e

SHA512
653fbdfe3fc7576823333f476180b5f9eec520acfa6a772a93a8d1c3d160f733d087e9e0f16ab69c6beadda297391048049238d28e73a0def5583b6ba3d79ecd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cbfdc5c0c6beb1ce7118654d91dc8f38

SHA1
8b4a30b41c61428b031fca133c002a78f7c17017

SHA256
33e1c68babd298c9191e07624fa0d362faab561af975c31c1b750f9b1557b50a

SHA512
b3ab7c59c8498c0b05b688b86398aa3327c26c503fa8fbdc4d29fbdd646114a1b570e18c9826afc494213ff4e13d845277d93df90683bdee055bf31260a05593

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0e34faabc73a2b2e52bff91de701dac1

SHA1
2020aef4e82c4346d5ef2ff6d8b129fbeb1197ea

SHA256
e5edee92eb7e20453e9b5ffc9d7e100a1f89218cee76809c4d2f54f5ace8ad9c

SHA512
f94ae4135a010a7ea0dc8b727a7447aad4245acc6747aa6b3a4bca4b67f05960d9c38e01dd384b573871ca148805a8f0bce67f5791cca0539ab2469873679d79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
afc1476ae1f10ee54c219de51ab66a95

SHA1
c701f8d3ab0a5be753a9a2b809516b1b1a78c0bd

SHA256
c01956c0711bdd3c277e8b2f9de9f53724a0f820ddc19576bcc6628ea3313bae

SHA512
7149556028f6012bd2d554a8399d204fd7c4506d75ae0af1a6ab09be6b8190c3c928e017b037ae7540073cda641cde7155e24602d977db77ae57d0d9f16622cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
535172e2af68175b4e64631d4bc53dbe

SHA1
03cfece3b66c0debfa5a1ee3e5522e008fdcf0ca

SHA256
465a171d6d092e98b0fcb79144835d1fe6847d17180063a260c7b23190e69956

SHA512
7df2bdae573160fbb96c931684621a8d5b7520b8fcb3b28d3d71fba3048c2a84edb61eec7c15d2386d4f3a97c6c57b783385dbefa69a6a8bec0ccc224b32f992

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6ff97bf60c1739ffb582e3c58051c9a5

SHA1
d5f327b2d290180f5870152ee0e14f54ee168a1c

SHA256
c589e36f5297ecf8aa87251ff6bc75495f8c2e98fb6e51eda5dc5c3d0233c91b

SHA512
1e2c6fbe44d5a2c1e9066c0fb2de412b54f77b168dc8dc983e7ea44ab8d24304cc03b60b9dd937d43632e68603b755e844c1f9c478183958f6f2c70a7c0e68e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab7CFF.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar7DCD.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit