7c76f5d451917fd7f5a1e8a02abccb83f98983962f0f057a7858c699852eab73

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
08/05/2024, 06:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

238c7e1ebd8e9aae07a2a45eb162b33e_JaffaCakes118.html
Size

57KB
MD5

238c7e1ebd8e9aae07a2a45eb162b33e
SHA1

5f55be58fe54a045f212b804d25b2bdf1abeafb4
SHA256

7c76f5d451917fd7f5a1e8a02abccb83f98983962f0f057a7858c699852eab73
SHA512

e689f134dbb3c0db838c4d3d45a0798ec56295f2150c5765badb3f885c1e69cf9e7054f7455f20a0c26268401b529047598c578b052c002dcc00fb610ec1d02f
SSDEEP

768:Su/yhyv+JZUKbnEjTIIMZYXTPOOcAaTi4urvoO/EzbR:SYyhyv+JZUKbnEj0WXTOJGDoO/Ez9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4176	msedge.exe
4176	msedge.exe
452	msedge.exe
452	msedge.exe
3084	identity_helper.exe
3084	identity_helper.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe
3664	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 452 wrote to memory of 4624	452	msedge.exe	83
PID 452 wrote to memory of 4624	452	msedge.exe	83
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 3252	452	msedge.exe	84
PID 452 wrote to memory of 4176	452	msedge.exe	85
PID 452 wrote to memory of 4176	452	msedge.exe	85
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86
PID 452 wrote to memory of 1368	452	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\238c7e1ebd8e9aae07a2a45eb162b33e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe071a46f8,0x7ffe071a4708,0x7ffe071a4718
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4584 /prefetch:1
  2⤵
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6092 /prefetch:8
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6092 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,11233043113343025426,15568811212477997603,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3184

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4304

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
62c02dda2bf22d702a9b3a1c547c5f6a

SHA1
8f42966df96bd2e8c1f6b31b37c9a19beb6394d6

SHA256
cb8a0964605551ed5a0668c08ab888044bbd845c9225ffee5a28e0b847ede62b

SHA512
a7ce2c0946382188e1d8480cfb096b29bd0dcb260ccdc74167cc351160a1884d04d57a2517eb700b3eef30eaf4a01bfbf31858365b1e624d4b0960ffd0032fa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
850f27f857369bf7fe83c613d2ec35cb

SHA1
7677a061c6fd2a030b44841bfb32da0abc1dbefb

SHA256
a7db700e067222e55e323a9ffc71a92f59829e81021e2607cec0d2ec6faf602a

SHA512
7b1efa002b7a1a23973bff0618fb4a82cd0c5193df55cd960c7516caa63509587fd8b36f3aea6db01ece368065865af6472365b820fadce720b64b561ab5f401

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
22KB

MD5
5e74c6d871232d6fe5d88711ece1408b

SHA1
1a5d3ac31e833df4c091f14c94a2ecd1c6294875

SHA256
bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

SHA512
9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
e3fd13438e9588d9c8bb9b55da928a3e

SHA1
5091e82a7c7b71fa01fab032d89cb780954e4416

SHA256
444b8326335627ace5a06c1144a4e9b9ecd0894589152623a13ee903e7e5b98d

SHA512
3ddab9e9341e4485b1e56360a5a6ff8aff8d351cc03d6676b93399f3e61adadd3799b3c83dbc9c773e1e98ee0952aa628ab5001831ce3d575243bf243fd50bbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
25d20b71b0319d3d63cdde26ff8ca9da

SHA1
b3d8d5d0abdf7bea87fa328a0ee6be56004533f8

SHA256
849174f5a519652d9cdd6af194d2f559b36813f64155863a9f2251dbf3d9b97d

SHA512
ee498f86d9b9d918cb63b2ac6e2bdc2ee41a8ab96c5e2d4acc62aeb7fda6beeecf9f406b0efe4e6c4ea19f5bd4d9ce1137540b1aa4331b7c11e6d28576b629f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
59984c5544cab2321cd4081cddcae8f9

SHA1
bcf35c7e37851271e011fce1d8ee840c7bd03569

SHA256
015549e3c4343ad39251614e0c60df9f0d043d36b8afab098b402866b09879b6

SHA512
518aeda4c55e855b8668ba8d9b732b44c35dd3ce1149dd948e7f24582504525c8bec39d8a19290a0d42dd679803f497b1fa274d389c7911899a03c002d969496

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
38a0cd34953f1f9d48794346b689a3f4

SHA1
6337216c4d74dd9a0bbd3062c1cd0b99908c8d12

SHA256
fe20c705c6c0dfa79246bf9f3ab5309d9971c5fcd706e16354d1ffa1bea27473

SHA512
6057c93f7d1b400ffee5fcda74a57a86318be9b14554298d006c9e4b91fe789553fea852c30ab823b89c6f50ebb623fd406deccfce66d7f8ec9aa149dcfa5fa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
74494ce9e2ba91f9e7e75e23c040f239

SHA1
671647905c8324f4abda058f1beb34cc29c9388c

SHA256
1884555224d2bae3ca485e6338b0474deffb7eb0f217505a5c0b669af20bfa21

SHA512
9c9702c08da9db713d9a47bb7d285ea7f37e9b93d049569279d4425de45844f48ca468d3a9f59a046d31503ddc596094fdd22dc70f17f06c552f3f5ea25f77f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8bd547102157c6c8677fecce89903be0

SHA1
61999e8a5dacee1687d9646e7969475d3dba0a63

SHA256
dfcaa830cd4517d9bd8562a829e3f55b62d96e0578859a5564e3f587c4ca06c5

SHA512
52e8c3ed90e902021145012518b6225ba4ddb0c7a3cbcc7e48e86fd606a2b488be08c02b47a924fa7a22b8882cd26ab5c80c384ac6a7e36743ef6f1288bcf519

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ea00541c6fbb5d85bd204509faae70e2

SHA1
1bc9457f64bd253681e2eed52ee5b34b3818fff5

SHA256
0be29d99983df025a37613b2474cc7b2e1f7163aa505743e3200f52f2ed4d1f7

SHA512
1409565d4c33b86b6e720b2dc6dfef0aac9c55dc2ba832ad64a21c9443394436e255a1dcaf9890ae66111f929a93da8a3963585a81679ed919aed566547ef08a

Download Submit