002f6b60c29dc7059ae1e2d4f1bba8f5d39ba6a4a344ac393b22d8691e1b1fd2

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
01/05/2024, 19:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0c9fbdb445cae8107691942190e3a833_JaffaCakes118.html
Size

31KB
MD5

0c9fbdb445cae8107691942190e3a833
SHA1

05d75ce027865f1b8eeafb60304dc8530423d8c4
SHA256

002f6b60c29dc7059ae1e2d4f1bba8f5d39ba6a4a344ac393b22d8691e1b1fd2
SHA512

1ccef7b7dc9d5170550a8ffbbaa4d62a4c219dfc8f80d5cd14c07b93b0e4065b6987d71dd7f9eaeae529e61779cf6caf0bd7d3f9cd4ce6286f09166d98e43ce2
SSDEEP

768:jfhJ9w28QdjbIQj0gr8tB1kMI790u1gAMmwtewbA4OprpW2fc5h/JTvdaR:jff9w28Dgr8b1kMI7Su1yXtewbA4OrJt

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4612	msedge.exe
4612	msedge.exe
3320	msedge.exe
3320	msedge.exe
2892	identity_helper.exe
2892	identity_helper.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe
624	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3320 wrote to memory of 2396	3320	msedge.exe	85
PID 3320 wrote to memory of 2396	3320	msedge.exe	85
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 2536	3320	msedge.exe	86
PID 3320 wrote to memory of 4612	3320	msedge.exe	87
PID 3320 wrote to memory of 4612	3320	msedge.exe	87
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88
PID 3320 wrote to memory of 2812	3320	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0c9fbdb445cae8107691942190e3a833_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdbf4246f8,0x7ffdbf424708,0x7ffdbf424718
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
  2⤵
  PID:2536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,8846589673622944596,8781255439422609650,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5788 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1944

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
867B

MD5
c5dfb849ca051355ee2dba1ac33eb028

SHA1
d69b561148f01c77c54578c10926df5b856976ad

SHA256
cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

SHA512
88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
242B

MD5
b0f3ebd9cadfd3e07a8fba409df76b4e

SHA1
767a6da8dfcb4874b9759ba0fbdf75fa4cdabc64

SHA256
25cc232b092c0c995e08c58f480727850b308ab28db4d7c28c1e8541bfd78da0

SHA512
7616b494f26cf488b770c0767cbd0bc1580e110e65b89bb8c106c9e15d1c253e7701137d512fec3d9bd535f14a85ecf2d157610b24be2b4a3dc1e58a9a18b62a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2a70f1bd4da893a67660d6432970788d

SHA1
ddf4047e0d468f56ea0c0d8ff078a86a0bb62873

SHA256
c550af5ba51f68ac4d18747edc5dea1a655dd212d84bad1e6168ba7a97745561

SHA512
26b9a365e77df032fc5c461d85d1ba313eafead38827190608c6537ec12b2dfdbed4e1705bfd1e61899034791ad6fa88ea7490c3a48cdaec4d04cd0577b11343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fbe1ce4d182aaffb80de94263be1dd35

SHA1
bc6c9827aa35a136a7d79be9e606ff359e2ac3ea

SHA256
0021f72dbca789f179762b0e17c28fe0b93a12539b08294800e47469905aeb51

SHA512
3fb0a3b38e7d4a30f5560594b1d14e6e58419e274255fb68dfe0ca897aa181f9ce8cb2048403f851fd36a17b0e34d272d03927769d41a500b2fe64806354902f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
d1095b3bee7a89238fe92ba513e6b6af

SHA1
00ab4d5bf3b61fc7f1255c2f020e6a8c2c1cb927

SHA256
5d500f57adaf814b11232bfae0bb912e1ab3cf5944638f92a2e09e8e78cbe909

SHA512
e137ccee64dc6d6130262959002a79d2d0d2e15790467b6160c45b2a246ecff2115661f4f1c2027c31dc2c20764542938e3b4245f239d7f7ebf87dfab4d671b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d1f502b0713e8db4120496bd06e888c6

SHA1
9ae2219eb2585ab17d503d767d1683d07a7b0a98

SHA256
32e93c1e9a783d393c2dc30f147323cacdaf4d224410f00e2013bd154665fd7d

SHA512
ca9bbcce3b92c9a7101fc67a2f0f33333959f2a5703617a788391fb9cb1f55f1e2fb7eb9bfcbc7e03a79409564ef6f88a0ee246a82a58b982cc34bcc0c7c91b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f8819ebf0da116ca9fbf8a75e0a9fde7

SHA1
25ee4d8eac31fbebd0695dc70e3656d53a25b6f4

SHA256
e681d6e21c6b9943e6f3567a6abed1616d6a2192068585a2c595bf0e8fdf4a7d

SHA512
44ae9b122b3a3689e22f111b8ad31838c5e5008370ad7571a43a79d241bc0f108e8da50b5d25f6ac15b12628f317502c64bc6d6f798127ade15975b3f7828232

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
017221ce2bea7f7cb6225a40b24abf4b

SHA1
36c894bc6c6ab1d787d4de20cc574e27d0068139

SHA256
3d8c0ba49faef0fe2114811c151044298093f0b4929065ddc9765cae8f91089d

SHA512
fa783baaaf81dfc28d8f478df4743b36819415f70a73e43adfda9e38a4a3148b25f3d6a5fd8403370b1c1344ad55abc7e4e8ccafe548d05413b98deec23552c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1c8343b56a64ddc1fac9247a1dd2a440

SHA1
7cdfaf2d6b596a845414ec21073ea5fa728a5d7d

SHA256
e10197532ea38ad747ce0f75a9af3a395600caab4b8481fb4ad411264484d046

SHA512
6a5a12b2b8e4d27f71d29dabd1f0f76c09278155ac4044d1f8fcf00f16fed8ef6d694d951cce4fb8948377f81c40aa24842ada933f1bc97669fa02e64ebc6d67

Download Submit