76948f43cb34051c9f33a3dfbde32228c625d456d187dd9c6e22813b768a73df

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 08:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

62a1a739cbbccb3d0384627d2600bacb_JaffaCakes118.html
Size

27KB
MD5

62a1a739cbbccb3d0384627d2600bacb
SHA1

1a1065067d7a17d6945886a5e5730af3433f35c3
SHA256

76948f43cb34051c9f33a3dfbde32228c625d456d187dd9c6e22813b768a73df
SHA512

f29a2fdf210772f82553f0a32c8febb4b79437deeae9c99df3d328cce33ac9a379b22a910e3b730c38cac8be134be7a654ed744587d32dd425608f053ba13b20
SSDEEP

768:SGzdsFqvfudlQVV1C5m1CCCcmzm3C/CnCQGjiNP8CgekCFz2:SYdsFqvfug1C5m1CCCcmzm3C/CnCQ10n

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2264	msedge.exe
2264	msedge.exe
2844	msedge.exe
2844	msedge.exe
4996	identity_helper.exe
4996	identity_helper.exe
4856	msedge.exe
4856	msedge.exe
4856	msedge.exe
4856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe
2844	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2844 wrote to memory of 4800	2844	msedge.exe	83
PID 2844 wrote to memory of 4800	2844	msedge.exe	83
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 4344	2844	msedge.exe	84
PID 2844 wrote to memory of 2264	2844	msedge.exe	85
PID 2844 wrote to memory of 2264	2844	msedge.exe	85
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86
PID 2844 wrote to memory of 688	2844	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\62a1a739cbbccb3d0384627d2600bacb_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee1a946f8,0x7ffee1a94708,0x7ffee1a94718
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:1756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13122217450734957863,7980049151960827995,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2324 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1156

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3152

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
a588111a5bc8e396297da8911b64a0cc

SHA1
367d2fc69f47f99dd6a4e33ed010250e95c3d1e7

SHA256
c0c4c40a98864ce4ba2e5b2204fb4934b3ac2b7c09ff28a92cf8673b9449a4f9

SHA512
e5cc5213050a421c945f572fab1de22c1776a4623df1207ef91091de525e1cfaf23f3f16838cbad3be952da9872bc8b03ea2bdac632926eaf5012ab57b369c02

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
059b30262a87e3f2aba10f90afb7c508

SHA1
582ebc3973f87868bb1f4e002eb18fe10b8b7f8d

SHA256
fd33dcb898d98409f7e449d3fc486af0a18e796f8dd4086d18c0fdd0905e5cc3

SHA512
23d5febf35782e9b8cc0487eaef123beda52fc864e859a3aefffabd3895c3afb570967a0b3c23729fd7ec4b8f9f3c14396ce4194e20e685d810f39ccc74cd86e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
508B

MD5
27fa397400cc6ff3b0c13f28dd7eeac9

SHA1
41cf68241a4d28d3182af99bf7fc707d25a384b3

SHA256
bdc8a58b8b01834bb241fd652c28afc4ea8fd1ddebaeedd118b511e09a0b8abf

SHA512
57a002bd6a1e2ac4be4c64a4cd052d328b5ae19f95233167af3787d86dfe0f8f2990ce78fc0597e0507be41e3276fff27ff1488fcd183784ebef0bc3ba4188fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
71f3b241e716a05bb1746593cb810bc6

SHA1
1dcab22d89095c9c81a6e960f129841133a396b5

SHA256
47829ba685ad3130a72c0e4f712e3aac2eb761f69562b3989f54653105f7e8fd

SHA512
38517e659d11fa724c3f675c086a1560ee77f13cff90847e7450cd50e89448f5a57e164adfd347ed02d151965672bfdb8a33feffd888e9a6d9f887351e45986e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
384ee067d96ef9ec417ab6719c7e43b8

SHA1
1477ba16e22015f28fb9297f5e6fba30ab0f28bd

SHA256
c0bad6d2b85ff3b2efefd71cc865b8f09994b98f9a1eaf5c03799e605f0890e9

SHA512
7ca484df599947eea9cd31fa54749b915bd2dd8dd56fdf506ca4d8a4af89a99acf41eea48858d1d73c03b43a3a6e1b9161d6651588a0e25a034cee75de5816f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
29cdd00fb2b9fc612a3c258bcb62a8fa

SHA1
66aef2fb06a896480565b54750dca9ddfd6f0b15

SHA256
ffc1cd3f5c0088ee36ebc528088516a596948e535c1ad842d683b779cbf17956

SHA512
153e70c615af85b7384a7fe1152e9ee595d1d574a1a4c9255d5f753a5ca4dc1a995dcdf8afd2c4d0eb7d510cba4b453bf5414852a9ef2ccbffd92f7c2654f0c0

Download Submit