b9649c262f3657f25820357eab82f6782e4f21c1c57ae31166379b2e3b722fb0

Analysis

max time kernel
134s
max time network
128s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 15:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3ad466ff564826c49fea7fce07727be5_JaffaCakes118.html
Size

460KB
MD5

3ad466ff564826c49fea7fce07727be5
SHA1

7f29dfce2e053744407d914e4d92a43cc6ca996a
SHA256

b9649c262f3657f25820357eab82f6782e4f21c1c57ae31166379b2e3b722fb0
SHA512

4c1cd0b8b98575f8a6ae0acd7046b852cc241c27e314c86b69802668c8f1b314191457a68626986cefcf6a75b4e0c23bb36cf29a0793e0316cc1cc197288d568
SSDEEP

6144:SpsMYod+X3oI+YHBsMYod+X3oI+Y9sMYod+X3oI+YLsMYod+X3oI+YQ:s5d+X3n5d+X3v5d+X315d+X3+

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421689895"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{063D2031-1075-11EF-89B4-66A5A0AB388F} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e02cd5de81a4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000000bdc8fb023527f5b3f20510827a5eb60a44059a5a171ff4c26a8d020c20564b1000000000e8000000002000020000000ce300828b11595ce71f1dcbca4b7654738860107dc4dbb44822491c0a4eafe9520000000af1945158ded065f7a1c2c5a385a580e1b9219a40efb8c4c7fbc94de577c2e7140000000efe8fc1696ab36ef4819872a71698aac421797b5a405b846fbec53399f96a571c92f225e9acfd33696e1e9e793820ee06cc097d234dd0a982faa690844ffa77e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000004b7a906415d29eb3de0cf2cb752f7dcc48cb1c089724445fe0103986eaea2154000000000e8000000002000020000000762075f9febb2b8432a43e6bc72bd0d54af94e2e5d5211cba4f2dfb2d389138a900000007d5efebc3b1b6de76b34858917c978c42f15c565578109a120e5460e8a601203753a08781d4a5666acf7f933c3dd152436a32bec92b97786048fd733f0a2c91be421fbe99b8a9b44cf4378c9d30e6d17c59fd440ed05f6c9876f2fee8809df59766f2d04d9a26f4194a0f490c1e14c1fc86b5d9b56159327c314aa9d4450b329932e38e063ab25e7647e1210a91d87d24000000083928570e7c38d3b37f132de25390b9a212a2e9f2959ba06d89bdd895c8a1a0e3c3eee750d1f31e812a540ba4a58944d81ca50140631c645f2859506ebd96dbb	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2244	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2244	iexplore.exe
2244	iexplore.exe
1672	IEXPLORE.EXE
1672	IEXPLORE.EXE
1672	IEXPLORE.EXE
1672	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 1672	2244	iexplore.exe	28
PID 2244 wrote to memory of 1672	2244	iexplore.exe	28
PID 2244 wrote to memory of 1672	2244	iexplore.exe	28
PID 2244 wrote to memory of 1672	2244	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3ad466ff564826c49fea7fce07727be5_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1672

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3acbe78e9eddd1a4fd3401d49285554a

SHA1
078b32bc99659ad0661b9b0be78d335ef8193bbf

SHA256
fe17029b3a3071e6950839085107ebd1f4712fc0716b2612e85e1376a6b00112

SHA512
b61e7c67fd12cf41cbf7c9f60adb1bcabf23afc4ecb3002bf146f74858a1b9ef2bed846fcc7f3f7d6367047a191abdc9020ee9ba1832b19b4648512110b8ec6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2840201c34598f27bc64a06142e95ddb

SHA1
689b4775ed497bd1e415d163df0065b84c8d8414

SHA256
19d78158082e48ffe6daa124bf1d986e0c7c25d739cb4801ea14b6f4587b4b83

SHA512
ad23bc4364246ed1ff63da4b1281fc0991c6478bba5a45ce17a65f673956c4b48bef9c577ab145f7eb18f787a9b38acd99c3248c480b8b802faf3378b8af661a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
909e0c67cd52eaf02939a9972469272c

SHA1
f59ee32eb5ce04226cf146be81b13341e38853eb

SHA256
a2f9e275ef544d39c892f3a32af9fdcdc8466878d99244b9e16038b812338a66

SHA512
06d8d294bdb5df55b7905e9049bbcbc11f28615b4e1e1d4c1087c9ae4b692e9a5cd709d6ec9a58dbf7b7d15882789b35013acd9d4f983613e46fcc3c858e0d40

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
32984b72028d43a80d85a0465736a44b

SHA1
168626cf0303ecffd0fe0c611a874819babe9192

SHA256
b1a5294f5a370c56955a4f5e3b592ef2957fc9465a5147dc26c59d74f6910e62

SHA512
4b5daf1ccd29e590863db00cfe6b8a6c4051edf937e89b3f48477365d767f9604ed76b614218d1904b1d1c0edb1a34b559bd3d7f2e046fda0ede1b12627941a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8b668116761525a7fed37dab4b2d5c0a

SHA1
9cf76e9628c8f6bfc3560458818541c458dcb829

SHA256
002cd0ddbd4d5cff55fc5d8f8dfd9ff1cf1134f0733bbecdc1681970e3cedf47

SHA512
a404011935accbd84969803a9182a20b2367d9642073157c2bad288458d552b77716cc4d0968e25a905eac79b1e9a98cd67cb9e5799983ea788711b5ef4dff77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
083bc5770d40eba733f52d1659082752

SHA1
19b75d07c7dc654acd68d719deca8313b5f640c1

SHA256
cc946272d8d3369f9c952e5b1073a455b98c15718ed3b7c60922c80695bfd856

SHA512
cfcda30b57c5c624e6578095ad8280c18dda47794c0f02f099add8eead6b3fafc3eb077722e61970e18433c770ccf58d986490c7f2c696b8f5e10229b6fc513c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fa62287e6b5b33b5a2b4537c83321429

SHA1
63b6f09184ac8ebd7c810dd146711bda313d6d48

SHA256
cfb95e713f80eabd0e3abc0d1067d01f052b447fa325ae567f0b431cf4454cce

SHA512
c4f657d69cf00522cb309ee05888c2abca43d7a206ca6c76593ae07bf2c4bc1365aa929681da4dec07888c7187a44013fff6bdebbb6b09e40b981ea4df95731d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
58676967488dab41ff9d7ea53638d60f

SHA1
a69f358e765996322f67c26cb904c78adde143fa

SHA256
e420079b5efebf6e2b730853572d6a82281dadafee44452ee135ea016aee0438

SHA512
c550514b5a68879bf2d9f9edf514c1ac66fe436939b4eb22ecac6343f1bca20f66fd51c59f7fa4f45da3027c45beedbb5c8ebc19ed27b54851a7cfd728717792

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d700df2cfffbdad23a176714925a0da4

SHA1
73243d141751196039a4ba6e2e9ef96a9fff1997

SHA256
3a407adcbb806b18f7eb6d248eeba8868d4786e52aaeea3fdd4bd7b516b97fb2

SHA512
b219f11de80b3eb8bec090ca0f37a9c95e473ebcf0d1ce9c6841b59abfb96fe2592ff501efe4ef96c18e84e895c792fb7cbbf1637d86f78814582e571236daa6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ebb14735333f14ac12b0998983276411

SHA1
7e90dc66e5cbc31f8f780204a1517a1c3a699e33

SHA256
30b6045bd15270955a0cca306faa9258b736a8dff04d49802ebf7faec00065aa

SHA512
d568d768054f2b391efea6cc37567fa4d608157414da2bd7e66d95827c1d8f9930adabaefbc48fe4663e7c450ae9bdfe553a7a2c20d8ae850799afc50491d16d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
41907cfb85e26ac0ca55b5b4af9264e4

SHA1
eb145ddf392561f1350e66d0dd025f757efbda47

SHA256
f4b69d2655dacfd8cccdbeb4f20b851860f4102aa00bb4fdf0dc803a7bcd26a2

SHA512
371886fe2539845a31fc1800b85eb8b8998c8a6e2181c8a1a4f20b29c1303bc534f2f414a118746c69bed78c3d645b1d1810da0c3b5193ac996ad7cab2ec1fc6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1607bc92944297ef6382ecb48e7d093a

SHA1
6f87ce63253f8e378fa41a7f5429474369d5fb8b

SHA256
d55cb3e8726b96c6f890a177061a62f83015b98896b5e020495ca858665c5a9f

SHA512
0f24425c79f12d5741c8d59eeb5a8877922626174e36be7420cc0e02c39cb609f2794e5444480c5ad175d08c98deeea36424f0f759bc50858941b6959b105ca6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aeff6560a85ffa9b4ed010e5a33aac4a

SHA1
13cb2259b4bac77e918b8be2fa8a53d5d641d044

SHA256
08ca07eab1351184f86f5e104f7d31ebcb7f938bef5bcc062c4655f67e814ab5

SHA512
b9341a82016246cfea0882daa2e5c80bb9e4b9e1f14dd12f3527692a202582cfec504ba5fd6055369be92ca8491e31b2d4cd52e6319f7202227772cd9ef382e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
562e6a311d52be81a20703b50abe1fde

SHA1
53aecf0a4c76aa4f78b166411b5c0788f77baa90

SHA256
0d10d3103e9b297a3910a5ee891e12b6fb35df9a894b5fa7245c2f9587f2203c

SHA512
bb9465ff62f712a824024ddfd9aa698f4a05266f4c5d5a254a7e60e34edeb7e037613405298449a1acc7f3caa0262ea0f451c2be776bff53501206e1f45faa58

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1c526b7800ed86f68c43f4060bbabdc6

SHA1
eab18070b0cd3fc5a349cd244745ed3143cbccd0

SHA256
2358330d795321d2f696c2922c4aebbe83de677fb8e17e952dfe0e22b9503762

SHA512
d16d58c9af70ff197be1a3c17a1ebd78d1a8cfbb32c0f4c521432ede70b9934ec56c4fb2c1a41534ee4d8a77e2f7ec84edc0f10662fcece6c29ba40c3a20dd3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
def59440731203d561a6f96884bd2a32

SHA1
319de335a43e0e0f70e6501b90c986fbfcd09b36

SHA256
f8c227af135e66a685decd7f4bf812670780a7f393288189d4c19afecfa03aa7

SHA512
bc7fd24cf757ac699a976a2a1d72fd3f95bc3589d66e293923bf2062d4ee76165b55cdf4d707fa4623a39e56d8f3ce5d73c66994215ab1315761013ce7515eb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b298efd5caf992ece8fbd5b14a4401ac

SHA1
7b1473632c5ee42213f86521231a956581abb3de

SHA256
26f79831cb978c8aef220b5679535916e27721f6162dffe2b4940bb17b60eca8

SHA512
1a4354abbab962e14380b5f1224e7579af80146d6ea28787e29c80dd29afbee4d01b183c684179004eccfb0ed366210acac4f2ebdd16f8372747f8e359a7921d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
472f7e578b57cdf257d1dd16da2f99b7

SHA1
759de83af9e1595c814da56289cb519bf896895a

SHA256
c498633b36986be95fadde74b651d300de73be1d1a4f26c3b31ca9bd29b30772

SHA512
0916249eb5f9aafd678c6c05cfe4e256de5f36d39d1c4469fba01cf036b5e8375b32ef5be4eddac73e9a416cc2201a49f72e33ad96eed1b13f2ab84646259d21

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab541C.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar547C.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit