97ecfdf0eaf452572223129507b707ec1e395fda3aeb678010c1f8a373a1eca8

Analysis

max time kernel
132s
max time network
131s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 03:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

380c135194d1c0c92ae5be9120a9985f_JaffaCakes118.html
Size

448B
MD5

380c135194d1c0c92ae5be9120a9985f
SHA1

9a45e95184998ff2b6dab9093f68ed9841c092bc
SHA256

97ecfdf0eaf452572223129507b707ec1e395fda3aeb678010c1f8a373a1eca8
SHA512

2e777219593e423882d09baf10143255b82d8a0bc9700ef8b25a46ae26eda1079f82721595c6cf82f1bc756729f21558bea64d5b538931fa05216eedb3865d91

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000000bfab1ea32943eb61e38734e743d92f0db1b5eb9c5d986ecc88fc8569eb09ddd000000000e800000000200002000000003e8089fabc7e5a8b6e428ffdada48374296920f14baaa2534f9c14646920c4c200000000fe7b478c1133be1e8d414c04add3646fe0e60fb5814cd331f541b6982e4c61640000000b5a0b2974e1ebb2c275cfe486c5adfe2bc4e879025c7289a319ac90eb2a31ef64c42d0ec6dcfecf5c71f1bcb0b69fdad82e793779efb6c236757aec3453bc5cf	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000004427a6f5d37502775b747a6ad2e6fcda3c2b23817d76c57345e1a4202705cd78000000000e80000000020000200000001b5e42664ab50bfaf241e70cc93e4b3db608695e07aa4ff4dc8667ec44180bca90000000b4f00744da7942275fd29f4722480d693a0fd6c8e035f02c6eb658853a3900e112d8eb69f553903dcd134f690b04c68a071244440022dcfaad1f7a928c36f909db2c33c6b360a74c1eb80de198b3620be5962f69dbc63eaf37874990d43813f9830c9d09b97a6cb53e1d9b7b4aa3a08eaca258317e833040a2bb36d5be73ab79ff0d63dba4d47a53894a40e39a6b4680400000007c8c50846db43c7ac41f47d76546a6759805f3d6bce79aa9cd485f1f27147704651f7870b7210a5aae60bd603fa2c6a1c2c763dea4c2dce925c7d6e743d54d2c	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421646763"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0a2e35c1da4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9A299401-1010-11EF-89B4-66A5A0AB388F} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2960	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2960	iexplore.exe
2960	iexplore.exe
2184	IEXPLORE.EXE
2184	IEXPLORE.EXE
2184	IEXPLORE.EXE
2184	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2960 wrote to memory of 2184	2960	iexplore.exe	28
PID 2960 wrote to memory of 2184	2960	iexplore.exe	28
PID 2960 wrote to memory of 2184	2960	iexplore.exe	28
PID 2960 wrote to memory of 2184	2960	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\380c135194d1c0c92ae5be9120a9985f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2960
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2960 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a8dc0f80043259889a39626ae689ff97

SHA1
eb914abb27cc88cdd74b895d7aee654ec2d2ae01

SHA256
08e10a5c4adb710f93cb44fab8a57f781b36114d1ad51e4c0a55efa4c84b8332

SHA512
cffe5f0466e74963334aa32cf6079f1de37a5ba259304f42674457cc93d0a7b3a4fa0ca0d7bb4d26b7cae0e1886c2a33b82bbb6c64e7b1d1689df6cf58012d53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb788f83fbf104188b0cc1c4032db49b

SHA1
443a2bf326cc8cff589f2e74e4e82854b7c7131c

SHA256
7986166d9c5410a92cb40e5054de7917757f9dd3bf16a052a650e38bb549848b

SHA512
b8e8b6afab996a18a4e1427526ea3a122e4bf52618bcd12454bdc7cd17548eccb7888044278633c3e1d9d614bd0b968fa021eb6f52b8929afddf005b1bd1ef6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4b5831ea5633aa37b7553887e409afd9

SHA1
d684146fb070fca2968cca86c151985fbd89187e

SHA256
5a38795ccb6e6963651481bdebbf9ed1d1b30dc45b51697508ea56000219841b

SHA512
ae35317f1905793b1276b3536848395a3b5ce49e5dcf14cab261bd292add48083bafb1bb1a16187071109460dcfa48333d0bb43f6c5527bbc2315446439877ed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
19e8c6f37165e2458217fd68cd95e85e

SHA1
83305e0812defcf8be47238abd12ea67e5296ba1

SHA256
0118feda141f7c89ed15fbc27d75c2ad7b95f3ad41149c532a35a39efca802fd

SHA512
2386ec8fa6e07dd8676efe9f3f1d656f661b06acfc64a8b1849d86164c00925347c6b0475423cf6641944f7ecf6e5dc488387138e7c8793b7ac6a1691bb5ab4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4610289203b385c4ce549a65e5bc99c2

SHA1
b4f789f544f414f5d7c8c0ed16cb861243201f49

SHA256
cc57cf84f1fe3dc70cf71a9602155a3967ed262a8f636c364216ed3aaf3791af

SHA512
e9383eb2b9ccb0a89d1de937b3bd88323cf1d3a9dadab69ea80cea153b5f042b559709152baf949114fa41d20c5b4c8219c78a3c32ac7613133aa3b2db7f47a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1407b31d28eb522623b1a0df2176811c

SHA1
557687c9f300217f68342ce626adb0074ea04bf0

SHA256
03c2cd7e810413861ea9d8149ec1ec297f8ac8012b3a9ae0cbb131dd2943a394

SHA512
23aa056819770e434b4e0dedb0d0d6aab7e50d07d066da054f74f824397dcbdf5cf7c834824b2f12e4f3d6199b982e8969b4d6a94d50de0e719f9ec08ab26085

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2f7f7e754641d89dbe9d39024c8c352b

SHA1
fa9359809f077bcb80de2123b7bc0c261d4bde71

SHA256
b8e5c6a4d8a52d3e6baf7ec8be36f544962de10d72f06076b6b76a05b1a1241a

SHA512
629b2af7b535c0ee3e68e48b1135f8345ade600d31869d04d5b59246f36a03231621d6cbf5d596785f4eb1f60b7a2472e9f8716bb4aa3b85955e3d1a6be9f488

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c1314ae336ff4d0e04519a6cbcf859ce

SHA1
5a3fea92cb8c0ba01ace06456e6cc4cacf1ebf1a

SHA256
1a59ee682452ff0ef8eb850c8f8460091d78ed9d103263b778f1908eaebae40f

SHA512
2c3c40e4bb74bd5817fccfc2557eb29f85f6c8c4ed64c6fc98235ee7fbbdd423c432059547cdab942e5c17a0611150dfb3357648b613e1da6690b29d340c9b84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
04f76240f8ec9fc96efb0850d4f398f0

SHA1
b8a92ab245c1070d2544f2cff4e17094571c455e

SHA256
437474c6a3f6fff4bf353d34f0ff680d1cf0fddbfba3ceafbf1b25132807d0a6

SHA512
fc16c541a9890e26419750a96abf0fe873e09ace1b70b2a34f5763d08560c4bdb9561565d74abf3c1a77269e50777fba2f68dfc0bca4fb83370dfeb66a189bae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fbcd935cea4ef76cc30d8945cabaa639

SHA1
688153b53a7b84110fa4ac683ca8fe559ad32883

SHA256
03d0851ebc0029f5cf3482967e909b98ead2159ee7bd91b21a4171b1f73d9105

SHA512
84c9b380c6144c762ae7b86a820f75e81991c535d554ccfb7feb51169daeb0f2beaa2dd9652cf5c0c9120a5900d2f6d6d26e333843c242f37578045b2705727b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6663443c7e576674f24aabe031c3a242

SHA1
90863604d0a4ecc32bb781bcb7c274f7565ac7fa

SHA256
0cbc798671cbad54f47d4fd3a22df7697a5ccec968a7bbfd3d0fe11db30b6f9c

SHA512
3ea29c6ae8d6c369feba3ea2798c3f65d838affaca92a13eb4963bc25776f47c49570f46d03ec37f6566079cda41306d20a797a10374e0bb6956a83c3cd0c817

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e10f3c3ddfb7f960b1e40d7daf55a4f2

SHA1
2f4d06d63ab68a542ea15674a8c16d0e8c3f4e9b

SHA256
b534bd5c863a1a3aa4a597289b2f3a9fbdc3c22dbdc0227ad9b3d7933225a045

SHA512
7cfb11fba8b28a2c05233ceed04caededef434801d9572e7c61acdb1c6a4ed2acd96e182051eff97378dbc6826c7fee0b16e322690076915097f17b75e799c76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6812263c80b809ef30bc3de422ae5dd0

SHA1
7158c3a1b26ab3e69784efc5c2b3123972c0b9f6

SHA256
6fe677cb65f3ef98613d724047b2a5a8b7ab9a098728f9f08e13f7f32ba3b1d5

SHA512
ef42bac6de735a1bc98327c035e6a15dee506da4e6fad748add6bdb5f66de71bf3f0d4150f9a151c1bc25dd73e44ddb457f6b8bf3cbb8bf99074d8831370501e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4c5a8b2f4f5855a2f2d4966b000b8541

SHA1
bff553b8d27484834495b55087bfcadcab948e07

SHA256
f2d7d4c2b50b01f49186f8244942ea2551e2770d003d64fbcbeb3b73439c4bb4

SHA512
d086db2ce4dc36579909d52178c8a3e6a46dd09be42547dbda8036259e1e32f93118b5aa787f99399c80d764818c824609adf5987f038d033d19c832125ff955

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3412215e23e2cfc83b016da95d603f42

SHA1
fcd11f93283ec1ef6e499bba761c35c04b3d5b31

SHA256
4f6d1f505df712fffc75d1e195e36e3464f3ad76d1f436ea39d5c5759a1e4222

SHA512
f0e0ec242e70176746c90b56f281f0fba0817cfd914a1296ef3fa4041509ea257e861e7fe8f556a6b151302a56c9cad65d1737597f46ed9f619baa41e76d2c08

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3aad6fcb4f54513e1cd10cff3452921b

SHA1
9a6cdd2a8576ab90674bfaa6194d4bb0627ebde0

SHA256
03824b0538021a8de98258b0450e2992eec28abd56d6cafd3d8199bd5dd4d1e6

SHA512
1b513f1b0de102bd75e85b6e78df33c313eca7998256b80177de6a2a7eeff07cdaf56b0d7e1ccf41659489a72fb2359ccd2fae1e1e97263b3a63521c55f98829

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f01733e21beb7cd8e0cf0d4ab4301366

SHA1
3442e75b812e25611756ed18f4f11cfa15cef8ce

SHA256
2f466e880bccad2139c55cb2fdcb37e44aa59f10df329e355dcd4cc647105008

SHA512
0c67761e130c53f699d3abad104c0dc182d6cc82d96c9a0e2a7d4f2efb4e4d2ea44e24cb9133d7229e985476afe6e1635f7e1a400bb2cc877a62e367d284df44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
00ac0d5cd208dd1aae8059d75029bfea

SHA1
92b27f25b47aef53606aaca6e195db4bad3443db

SHA256
c86642cc15c0d28543c2f3b5c753fdb2a38b9b85751b1acb74607422bc5ad29a

SHA512
20091a214e0844187bd706bac35153af50b64f32168502c1682ead1fefeb02dacf486047037eb8f7cf850049d860101ed3dd0d97a834985a3888c0a8abff026f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3999.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar39EB.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit