928770238a29e6a6024b616ebbe7975f426ec893bd96689747fc11d2402ebc2a

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18/04/2024, 23:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f8f1e5b0b8c7d32d354c2c0b7e5b7ca0_JaffaCakes118.html
Size

2KB
MD5

f8f1e5b0b8c7d32d354c2c0b7e5b7ca0
SHA1

647e62ce339c751204aa54a68bfec666171ee4df
SHA256

928770238a29e6a6024b616ebbe7975f426ec893bd96689747fc11d2402ebc2a
SHA512

89f7e12dee8c6995da75fc5c0765a8a000a49c32d55d3f17c9b6aa19fa7d76c8759c3fdd2ed6e53de92423594685df6b3f07981bc95fa76bbf447fa8ab8f8218

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CE21BE91-FDD7-11EE-A293-4AADDC6219DF} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "419643248"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60d49ea2e491da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e861098c19b4244d8627ee4664a9606900000000020000000000106600000001000020000000287d0fc81a294a19d8fdad9b008e45bd9ee231c93494d7ebf5feaae9fac18fcc000000000e80000000020000200000002ed7fb2d0f2162ef840cf70e2ee148bb67b7768a04d032a5450c39c78d87a0a32000000003ab8222f0a1c69e287d730aea1a371510cef81a929e4986c17b68112e5d9cfe4000000048fc2958471ac34be77f10a3c8dfa478fdd1542f43a12e2f5c978590530062f59849834a4d9c366680269788189019ef21df618a2ec729a6da64943ab1826100	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e861098c19b4244d8627ee4664a9606900000000020000000000106600000001000020000000343c281d55ecffcf3a9bd47665ace711bd7695f68894fe7cbf2ed21f29b8b186000000000e80000000020000200000002a4c2756a9581371079bb742775c90d1969a0c226af94f4ffe4a99f660e54de4900000004b88608209aa869bfcd0c0ec466e02cfda322b8d84bcbb773d879eec082ae51d5ffee00a73bb5f70183b65616191a9aae0f06e4df0fddc0e064666c98647c649a7bb23f95f2f38b568af5c78997bd553d4c33ebdc1bb12d7024bf9bbdce356728d424304f7201d026dfc7e5d27cafef5c6467861ccbf248503dcb3e800c1a096ca7533d52c45a60b981ee66f6bbffa5140000000737be7ed1290c098eb9fce06ccbe3b665b08860f1ce0e1c2e923cc38d37215ecab4053c604508df67c4387a109ee1a6875fa43eedda2ae1b05bf6468a13a392c	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1712	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1712	iexplore.exe
1712	iexplore.exe
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1712 wrote to memory of 3064	1712	iexplore.exe	28
PID 1712 wrote to memory of 3064	1712	iexplore.exe	28
PID 1712 wrote to memory of 3064	1712	iexplore.exe	28
PID 1712 wrote to memory of 3064	1712	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f8f1e5b0b8c7d32d354c2c0b7e5b7ca0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1712
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6eb33c3ffa360643ba4d4f3d1f3ecdcf

SHA1
3da33cf4fe2c3f9b0922dc0296802d3f5aefdbf0

SHA256
a7329a3a05be630e92a0e288163fa1f7435fb2856dfdf038a337dba166def76a

SHA512
1d4c3d19afc6aa88af5ec6fdfb4a676350ecf6e5de18f47c20c217aa947bb5f0fa1cca6a8f9d4282ed08c190f740ed6d9a279ac5c21455d530fff63686c907c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
debffd93e40e448b408e1b4e63e8be28

SHA1
8fbf59eca2f0e1d4e32e853868d049abdb4c294e

SHA256
aee374435f45061f7fbe84f4beef8d16ef22f901f9c97794169f6c2526967766

SHA512
45e53f61c5f72368edb7c673c6892b8f41e35439d547b87427418a41530178225a6c42f48aa1fe8884f3fd42793535c43010186c283e01e177d3d1e31f9fa116

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
facac216f72bb4a04ce23d6542fac6a1

SHA1
b3c5d9f324bfc411e111fa869e48eb695b541716

SHA256
23246463cb19792e5b1529de3972f3f09eae02278b937a9ee491d9984b14d0a7

SHA512
510c5ead73a4fb1fd02b124d859cad69fd2a42e43f9d1c06844b0b97dba9eb048b7fb142da289c5d71f5f7d4584a58bbbf0efad0909eeb3782361056e2d680d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a34e8c3cea0d2efe0f768bbbbc6e4805

SHA1
d9a75c612c5745584cc98e503536b6582859c250

SHA256
408f889f5c640a44193aea4743f7512df4376fc98e80e122981c455847428e08

SHA512
2953f7dc1a817a7aeaa02cfb96b8a2b2ffee689cd2920fa246523c92016fca9b58610b2e268d5fb08e842f04e7760e96a26e361cfa4e61b527d1dd012d622166

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0aea85e60414fed675a2a5e7e3a6fab3

SHA1
18e9278199d416635429fc5dd51e16048271f566

SHA256
9f2e20b081b98e5bfb02e2444766aee3a05e991ecbcadbf9832215f4b8ea7932

SHA512
1659939a8aab524851ff0a4e49fc0d11366e3c060a44426a01e29cdfaf6b486e3011867da7eb3b0f0fcf74cdd8743c9794e045dda279577f016ab5088b01a072

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6f7f23c3a1248f0d84264158b639b1d9

SHA1
c53aa28e03f9ac22b343217888ced90a34e487d1

SHA256
f39009d1e94dc92bf8f75c0c901ca1d9c2ade879b62bfa15f2b5c2eedbfe124c

SHA512
487505de9e2320e37beb7d0b6e9551fd96aa59fef30d042888099c8165e7786c1550c3196f6a7fb33c22e9184a09a350ed6a80a0d2b2304a477a76f3ee7fce2e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
869e0a11719589ee81992c1d553d1c1b

SHA1
1c7b93f281440b884c6bde53a9be82b86060592a

SHA256
d6fc30cdf2c126c9d1a1a8dac5f03a587af89c70bb7eff65479be4852f056a84

SHA512
cd605a6b5f14229056435f5afcb6bc74a4ed0efb76186d1a4bfd4e6321709d7650b3a39c558a9f1ea875c6bea716278bb337aa5d02fd18235f33cdd8767d5014

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0d48ac052e511ee8d8ad19fd28f0aa07

SHA1
11c6094a5aa20eb69c0794fef1e7cfb00d1807f6

SHA256
b46fa0465af08b2b176f947cd7a2e2133d401f94d0d6e00912a3409284967ec5

SHA512
71c9d6d567ab98b32218f14cc3a31583a5dcc31a75e7a8725f39ec357a59369bd694099e34ab9df0ed101fe7635eaf21e9f978864d30b6e3f817cf15da64bda1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c7da7fbd6c0e9527592f294ba94d9548

SHA1
585e92ec0e38288e44bdff7f44c8e629657cfa99

SHA256
3af9ddd51fdfa188fc26a9b74bf5bd73e8a7994ef2774e132803d3837ef049c7

SHA512
3535e2e239c2833726cbd25627a1a5dfb688ddba293651dd892fb4b7773c2a82549be21b7dedac2c56187d5d388118fe462beb8e2230d8ea12d9fffa929b25c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e9c1a3886ee8a75a5e1e7a5184f474ac

SHA1
a2a041a6420ded1a494a739638780cf478e0e40f

SHA256
d6c9b103a4f7660016136889edc13fdffdb265c333ab63614cac7b1c9d57b941

SHA512
15da0f9003561001cde47cd43bf92cb4b9d4e7c5da7de83bc01b2ddce59f0b1dcb1e277b6cfb410e6d0dcc7d9592f8936bd5bb979ffec1d3426f220530eed28a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72d9baa9eb0810e078edfef81e4ff499

SHA1
5503f3a85446d87666ba8eda9a74fd12f1f75a02

SHA256
2ae88ce9f840a05e982c700e0be3c7f643d8b645b857a213fd2dfb4b5a5970ff

SHA512
883b6805dde86b7a8b1c3b78143e31185451eb24aebc5618cec3c491dfa1de4823e4802a9f51835b5cb95976f572740a3655c620c381fdbef7de1fa44d171bdc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e2b7f38451e22e78298780a791a06f5a

SHA1
b51a3e0acb47f53b66f663d42e28d2fbe69fb946

SHA256
bab8ce0da34f9e4626b591e64ce01c66d5182d9843333b0608badd713bfa17e5

SHA512
75f2d245612cb4f0a8a232fb08d0c7093dbff474cb05d0d76d3331fce921752cd43ead1f3c5295cf0b0ded1654833a28a90361e30b760d8a13bf98b340f893bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5140bb84a8f6070689dd28d9de1edaa5

SHA1
12ae38361e7192f370d860f9f99a4e40830e7925

SHA256
edda4496479ad88f429de2426f7cd55db64b766854a4dcb9b3347e4d8c2be04c

SHA512
95fe525c3da3ac4bd125242f343f0915df3c48e1cfe66b94f665c9c9b05cd505432ac7c0cde992e122ccd3c80d89c9cd0289c110d7da79b8c40bc5843c8b2e16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
31dc19784202c2a0679c6429905d9bd6

SHA1
78dea12f8fee589d6c640c7020560b6d227fa3d8

SHA256
7ef0f32ed3dec18a072c287a5a0800cd062c40ebceb025cc3c0fe266f6c357da

SHA512
40c923df3e6069d01cb1860b542030d6cb21cbbc06a93c6a72b83b89da1621120c295508bcf8186c655ca425f6c08455a210c39e61717045d94d2ba6ef562d0d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b31a072fd01f4e1a8ab7a49d5783cb26

SHA1
4124969b89495c580a8d3747369e743cfd11efd6

SHA256
3938576bee4e0623d6f0e47495c0823a62f7287e01643e9cfdcd1e8d3294f427

SHA512
74b5e46d579876cc92cd2d980ae86ff171c1b4d1cb7cf7c243e27436f08bba17552f115d9a3def50087608afd53a83b9da080ca5bf7d2200ad938c6ba3aeaea4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb33ae8b2cec24e805e9ca49d40007e2

SHA1
7d52fb9ba0a21867c8e5d108250e17c873b2189e

SHA256
4acd3601e27c3a8cb7e929a4a3cd5b0a39415b9dea34c97f20d6f628fc66ce6c

SHA512
921b3fa6565778b9ec04c15b2bfb349d6253ed0ee8ca62622eb543426a2fe0176d6f5c2de101f1b797f30134664f5babe748551d30686ed1f250ebaba5b32709

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d40cf5e1c809518cf8105ecc0d57141c

SHA1
cc547ade7c62c305376c2c36be1480e9cc76bf6f

SHA256
99286ef59d9bde0796dff4ec25bdcb7faec4c94e0fcc53096ad2688133a10930

SHA512
577dec9b9d3dd64c32bcc2a45cd56b779217e858b296b5c3a8a955536a0ba6801b766decfd5a28a6bd12f389aead8676aa7018f75e0b04dfc7a691e571a758b6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2AAC.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2BA7.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2BBC.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit