60b1183e2808f826d01392d3c39c41fd01e579c00455949e568472e4eb2af0bf

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 00:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1ec3f43b61ee6fedef9021cf729cac94_JaffaCakes118.html
Size

231KB
MD5

1ec3f43b61ee6fedef9021cf729cac94
SHA1

8d0357ee1e5ab2b0d06bf23474ccde7cd94c63f7
SHA256

60b1183e2808f826d01392d3c39c41fd01e579c00455949e568472e4eb2af0bf
SHA512

5fe5e2409104b361bb922eb81ae331805ddc8ad1ab446ba0471c23f15c7ba8aa50351828f6f3b5202920bfde47eb21f24d9b0cd82bf89bcb5815db1f50ddafb4
SSDEEP

3072:yg1+PlKHbZBz4BRtwQ5UsPGfPmTVjRedZRe:ymEKIt

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1888	msedge.exe
1888	msedge.exe
3076	msedge.exe
3076	msedge.exe
4748	msedge.exe
4748	msedge.exe
4748	msedge.exe
4748	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe
3076	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3076 wrote to memory of 1368	3076	msedge.exe	82
PID 3076 wrote to memory of 1368	3076	msedge.exe	82
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 4324	3076	msedge.exe	83
PID 3076 wrote to memory of 1888	3076	msedge.exe	84
PID 3076 wrote to memory of 1888	3076	msedge.exe	84
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85
PID 3076 wrote to memory of 3060	3076	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\1ec3f43b61ee6fedef9021cf729cac94_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa5fea46f8,0x7ffa5fea4708,0x7ffa5fea4718
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,13901178807651633665,11053483692230635575,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1260 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4164

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2172

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
20KB

MD5
b6c8122025aff891940d1d5e1ab95fce

SHA1
a0c7ca41d0922d085c358f5dde81ae3e85a8c9c4

SHA256
9954c64c68000f615e5066bc255eced1195d1f8b7dbc715f9062ddf9f147e87e

SHA512
e62a37b55b6b8d95c24fb624105ff6ff72f118e31760d0da1e8df8e8acf627ec6327c26dfa26df8535585877604c7948d2f621ccabc39beec49787e22c302c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
ecdd4671515c258840d4df88c1feedd0

SHA1
c8bd6bd1bbee378420767bcfc4d06acec1626af2

SHA256
c0a9b3819ab434bcf8f57a9df11d774d93b317bc6e2b88cc500c0fdd140fb18c

SHA512
78a314142ac7000a3be86c564edb8eb0d1e53c392bd96782e9e69e8482762b1b64674bc848ee5fabca5536f037f00099de0a5ac10dbfd4bc072aa63249f23deb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
9985906b1aa02ae8bd97a736134a6a6e

SHA1
4d37cfbd2586eb492fcbb9100fc59e226725162e

SHA256
1923b356cecf688be05d44d67ca8ab0db4b588341b8881996ae430cfa7a3dc8b

SHA512
a519ee34a37e7922915fb1c1a44d6979ad2b0f6f2f9c0e9b71dfb3333ab4a52d81ede9abbc2b9ad44ac0ac4fe865cd8a077c154b36b492659bc403f09aed18b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
082b7cf363c2c355af1e9ccf9131fe84

SHA1
c93f94db6f31e1b73e65f420ee1d023cb74e67a7

SHA256
02578fa463a29c0a7707fe405a8f020eec65264f49403ea7d3581a9686c0579f

SHA512
a28e2940f5ea1eff06192e663ff8e95ac0a9a708dded75afc71078fa2a117a0ddc6137c3022b80abf632045c4be07fcae3c9eab4eda315fa7435c4fbac727963

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
1b3372ab67d165ec5646ec19dd71ef36

SHA1
da34694fb70bb6233035650644cfe7e5ea9913b1

SHA256
621c205eda0eb3d0ceef0d3a80091b8163e5bc52a02e9a8866e48ecce27f101c

SHA512
a6066ebe6c459529ce41c25f520c4dab0e998433e757e40c7f4fa05bb36131d25f2e96bdcbc6a92b3d86ad59bd0c88fb93b0efe7a4c5302feacc27c34049f02a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
68d18b3568da5cca34ea60e15d1c748e

SHA1
b5a688e8cdef0c4aea74497259b1c042e1b6a91b

SHA256
43c8f5b2d4140072f2fe6d2b0eb269ea04295909320656234da4ae640eeff76c

SHA512
267fc8274e4e4d86648a7364f8dc51d211e79a18274968d41818982ac47b568be085ab60a481a7ebe205c25465e1b7496fbe7e3d23ce9275b460d623cb157189

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
1ad8ec5f0aa256c605a14383f33398da

SHA1
69b54578e4c1aa52846d0c47323056de08729da2

SHA256
66ad697e1fbc250c0626bb28430d41263b122a2df1db62fa9f85436a990739fd

SHA512
60d41692f07990da2e639f3dc4aaac5cef6ec945d9d0a8d2b78d4d87de57919d5d91970a1a63844e265f348c679db0d40bea87e0423140e41a80cadb355c2e4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
82d8c3d0fdbba03872a1af73231a8789

SHA1
436ce1725ccf8a2d7e045fbdf283e028e7052b51

SHA256
93a7edad00b7cf3ad329985aac2dc34f142460d4be4c8070794d7d1d6088b017

SHA512
7a0f132961f1bea26585255189ae002bec236a806e0011eb7d2be0da8ec777a565dbb03b687a667b10882e3341446cefb281aeb16b2cad4f34332de1bdf0ee2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5793f3.TMP

Filesize
1KB

MD5
36849d8c3b4960b6a509ed135b10328c

SHA1
546a8bb0040cc881507ef4376fc60584c28a0c06

SHA256
aea2d31416e20f5ab62c64ba2fc019f58d97ec793db0c498e2fadacb24fda884

SHA512
def5e5096aa85a823f225225ea8e48c29a117249e9eb186485823df5c314f0c5ade1d0e2f46f2b7358c7afee5deea4dd03a703dcac870e96fc49c50f7ad1d90c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
edd1f33f16420adff08d630f66c7a680

SHA1
6fabaa7826336a924c5b275a0ccd97d906b53192

SHA256
ed3c65dc2fba35dd680a0afeeab5b8e5ea1667089914bd636b1cbf057b57dd29

SHA512
c59a510cfc08c2e49822c04d75a531c1d7cea0c0e2dba0b0c4295b2b999940afcace024e6245ea8bd91c8cd7de9641914c49b5ab134d2d13eaeb0d68a2454a25

Download Submit