e5e2879347ce5086df08939bdbde52e14596a51fe82f2f200d11ca5b8b018f4b

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 20:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

47cb380b8bd7bc77f23f9ff3b195b97e_JaffaCakes118.html
Size

30KB
MD5

47cb380b8bd7bc77f23f9ff3b195b97e
SHA1

e060560aa76b72622c021821aad01c02dc1197e2
SHA256

e5e2879347ce5086df08939bdbde52e14596a51fe82f2f200d11ca5b8b018f4b
SHA512

68a98118631c32e1abade032d40248511f74ef57fa8dc4a13fbf8155b3f50ae6be4128c1e6de7b4b19fce475667c0a210dbb60be1b81e84ba0ba9fff44441707
SSDEEP

768:PMhT66Wlc4wnqPcQBF9Q3KFpmncpwPk7qBRSukSJHy:Eh6lc4n0Qju6uNy

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4088	msedge.exe
4088	msedge.exe
1616	msedge.exe
1616	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe
4900	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe
1616	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1616 wrote to memory of 4228	1616	msedge.exe	83
PID 1616 wrote to memory of 4228	1616	msedge.exe	83
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4452	1616	msedge.exe	84
PID 1616 wrote to memory of 4088	1616	msedge.exe	85
PID 1616 wrote to memory of 4088	1616	msedge.exe	85
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86
PID 1616 wrote to memory of 2968	1616	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\47cb380b8bd7bc77f23f9ff3b195b97e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcce9946f8,0x7ffcce994708,0x7ffcce994718
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1464 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,12569518213335456664,2392564062407889863,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3880 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2744

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4b4f91fa1b362ba5341ecb2836438dea

SHA1
9561f5aabed742404d455da735259a2c6781fa07

SHA256
d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

SHA512
fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eaa3db555ab5bc0cb364826204aad3f0

SHA1
a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

SHA256
ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

SHA512
e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
48KB

MD5
63c541481031303056eed255949f002d

SHA1
e6ba8fec21f4e6789076e4678f6327bff58bab99

SHA256
abed17da104188f92c39961f2d0ab6e1291fe52b6e19ac03f34a9ce36260da9b

SHA512
bdeb2b22f64ea25c6f97960a927637856f0f6bb9375a75c9a69a70cdc8a544e1fac24cdde3e4eccc9c31501fcbddee6a3b96f44294916cc848516b6406e7a5b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
91KB

MD5
36d92e36b94c94591fd63ff70b539bf7

SHA1
1dd062e1b94b02fa4fe1064e2941e4b42e884255

SHA256
a30eb1422b358917c9addfe1cd3b2100f0d28cf93243a6775103dc198865d881

SHA512
456ac0f2cfba7ccc7ca97cbb5e9a291f99b4d3fe4a5061a923e1a62f15df6703477b1082172fde117bdb4819a9819701d3aa22dd8895f806ef69b4c8566cfb17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
502KB

MD5
add520996e437bff5d081315da187fbf

SHA1
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42

SHA256
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

SHA512
2220fa232537d339784d7cd999b1f617100acdea7184073e6a64ea4e55db629f85bfa70ffda1dc2fd32bdc254f5856eeeb87d969476a2e36b5973d2f0eb86497

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
55KB

MD5
11355ac7e72954bc23c1f1718e9d9117

SHA1
85248e2f9a4120fac4a45fcc7343ca3997204c9a

SHA256
f946fe77b49916abcdb53d85eab48cb3c53fa596881f06c2872c0b5789dd0954

SHA512
282411af792221523c91d1f09ec368ed6fcfde70cde572d0c1faf12b003876df55c112d612190cbc955f47eb94342faaa27b82d2f2a9255a57c2f7d47aa6a28b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
55KB

MD5
6fccb07bf5ecf378107a141ce6835c31

SHA1
e332fed7b8f156407495b95dc99b99bc45e2d27b

SHA256
0d09f3ec0233acb5c82440b6a7e3cd5486d4abf866f0b6a62c417f644332f619

SHA512
c229ef1844785bfb4c682cdf8eea526a785384af21a35a77089fc93c9d9c03dda1bc59ebbfb4b27e389322708e4a2eb03b0541499e414a2ce91785974ac272fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1781a43bfad24a04_0

Filesize
269B

MD5
e8c092b4e26ca8cbde02e7be203ca6db

SHA1
54b66c3a89f5c2ed1301c9d4f2444d5fff03f50a

SHA256
9fd4a271dc99a1b9321232e8f31e867be9d661fd61af544db8d630e983058d17

SHA512
a0636bde91b4a4a56d4d248b770d6de795dc1b388d8248a90490cbb59f98fcf243faf44efb215ad7889e4ec36e8378da00f6f27fdb54994fb6c6c878f7753f3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6c36ea60f1827088_0

Filesize
392KB

MD5
3d913fb0b297e4e41508291c234dd005

SHA1
df883603881faa48689d837575bd500de0b99dce

SHA256
fdea250403510a3dccb3c6efa588f09e2721b3ed759a000ca098df2d09851736

SHA512
c6cade225337d6edbf6a30605c492faec3ea09cbc8fb644d64a27eac0e0342b2ba490b6add3bdda767d5c7d4fac9728453bcfa6b5495330a9fc2254d70948ec7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
26dc147d510b45f6fd62a78496dc746f

SHA1
9c889f08a37d81b5eda8b1a6f8c66b449762bba3

SHA256
f4cb9f2ce13a3f8bbc6861d942a7673bfb820b6c1c07b9afcd58858c7fc0c149

SHA512
b824ee371df473cab7835f11777b789166b59256d4f2717e28a599ef2d730a55e033fe7b832046cb87aedb7a85a16e500ceba0449d049bdd0363cb0446d5596f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
08ea5f7ce005bfbd6ea9f2c3d0c180b3

SHA1
e1a08ec59578f878b3817370126cd962ef120346

SHA256
8a7247964820d54a9cbf71a4832e066383ea8bd1d8a57ce6af1f76c17a00ed7f

SHA512
b6384c02b97dce40f9038ae5c29cd38ec07c261c66b32239a7bcdd9cea37b92c73ffd38a1b11b1ddbd493b43d746b83a45912223ca50802ed2b66de5c29e8396

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
c52fbde34ae63c419862c1074e4eafd2

SHA1
8facbaa2968e6dc46fc51ccfa96064e5220d2bfb

SHA256
a12a910c6ae0a4d218475119fa9c3d42cd67dfb1f2afbf37d22d8b68b57d2cf1

SHA512
0b639dff57316f48cf54e87a68375cbf77e80387f448bcd30d1cb839d99a48b9f66230a01fd8fc895529a9479e18352e794f33c9d704e3546b5bd17fdaafc833

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
53999e15a0a98e789e06a55e012e7c80

SHA1
933931f041b2f511e9077f62f1f9cfa6d1677c4d

SHA256
3765cafb5ed13193be4125866a4d7ac94a1bc92d3dda5623e5ea4224f8d9ea68

SHA512
e822f42b2409a2298ee073f1ad5b45afd000585d7a7f4a2776300e53968ed6416ac9625e833895520f052138881db6d103c7b0d32035be8664c69945c01f8715

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
533f1c00798a7e99072f915b324edc4f

SHA1
c7359182d13c6f3401babb55c19ce5a64b00a002

SHA256
41413775292844a0d32d93ca1938040a49b459a2d5d076cac304ef1234b32594

SHA512
8578bb53daed30094d2019c4e8b2e068a556b66fd004393ce1cea191030f756a90afbc574424d6436a5ba4bf7715e1d6fb34f20ede2129f9d323dd736cb47d91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8259653b555bf2ca241fe4c22691ee9e

SHA1
ce46577e2b133dd54dcd8a18a80165e5b193f83b

SHA256
bd42097222f0c7f07341639a22fc158066ae53a6da2ceb13cf27704c03306cd9

SHA512
ae31b0f8a9dafdf89362e62ef3c245c913ffa8881ef226b7a5de0616414070d0195d044b5728e531dcf9391e0c1aafb52b968d2b65f08023704aba3b3adb6c1d

Download Submit