cf7160691ff200b7449b4e608133a19b2fd49d76e3e231c47693abc1d19cbc05

Analysis

max time kernel
148s
max time network
154s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 16:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63fcabd6238b0d012bd2d08ecfcb9b59_JaffaCakes118.html
Size

143KB
MD5

63fcabd6238b0d012bd2d08ecfcb9b59
SHA1

188b5e68175b6200cbee6c1c217d5382d68e8635
SHA256

cf7160691ff200b7449b4e608133a19b2fd49d76e3e231c47693abc1d19cbc05
SHA512

ceea3a81860c04c24e27faed1940887cddb6c867bb50a69515fcb6986eb1654e36c96c2771b869cfcb4bef919945956dcbfe4dd3010fd4546132afa07134b425
SSDEEP

3072:Sh+rINx7dyfkMY+BES09JXAnyrZalI+YQ:Sh+rINx7osMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 33 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422471260"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{476F80D1-1790-11EF-9F01-52C7B7C5B073} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2804 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2804 iexplore.exe
2804 iexplore.exe
3064 IEXPLORE.EXE
3064 IEXPLORE.EXE
3064 IEXPLORE.EXE
3064 IEXPLORE.EXE

pid	process
2804	iexplore.exe

pid	process
2804	iexplore.exe
2804	iexplore.exe
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE
3064	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2804 wrote to memory of 3064	2804	iexplore.exe	IEXPLORE.EXE
PID 2804 wrote to memory of 3064	2804	iexplore.exe	IEXPLORE.EXE
PID 2804 wrote to memory of 3064	2804	iexplore.exe	IEXPLORE.EXE
PID 2804 wrote to memory of 3064	2804	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63fcabd6238b0d012bd2d08ecfcb9b59_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2804

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2804 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:3064

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ff22483832610b089c09b75579ceb024

SHA1
d7a6ec4275b50975b1bcb5e75e6dabe97f5c67fd

SHA256
29af0a2aaad6d5bcbab6e4b82fad4f7c5a57c632bd8b92525f3283869721c836

SHA512
25a9840f118a29d3eff492cea90f4a890a121753ceea3cf1b966aa5fa05fba5af1178c47d19cf325f0823753996178337b78f01ee7193f40c4af7159227aa19c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
8557b0f89728d8a16499a1a527e58a63

SHA1
63927bda0da1046e9462ff49473e96be7ef7987b

SHA256
d77df5a803c64464fbf3b3adacb2c5e2babafa1a6d1a4846351c8976906e5519

SHA512
0deaa63f9b983a70228b79d55f990bc9d14df31064926110bea368f0a72a8ba46b8faf0706daf6f3ea08169e77df5ca652c39473eb9c168f5fa27b9ccdebcebe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
8a789a0348e9ccbbf14d678e1dc0f5c6

SHA1
6a173a138ca28ccae3b4e0b76e57ad9034ad900e

SHA256
d466b3ddeaa63990b590c112ed96fdef779822c8548d1ec161fb02de446efa5b

SHA512
b1750709b33a96e924c51d85742b00aab9ff7f7276546a31b196bf9eca729a762d5ab75498ccb1906684b4a7865c92432730ddaaa3defe8f9cc2565608f6580e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f7c892d0bcef1310f9403f2a2c54037c

SHA1
f12796925d6511f1ad0934309deb4eef679774a6

SHA256
0b513cf5cbf768c804dd5901f78785dde36785367c8b87054e7cbde53f9e743b

SHA512
3d4104ba30ab2279cb35319086c3ba8ed773d97fcdfe255c74a3b4421f83e1eb0a8f4d7b6a2856686a568ca5963b8075270f0883a2c653a065f5c7c4b8c2d3e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
0dcd848c353112b9010fbb95156073d9

SHA1
ffd549763028a41cedbfe90417602fbcd4fa593c

SHA256
5e6fcf08a905980436b7a19d63f0f84cdb83340b52af02c2a6b17cd0a97e674d

SHA512
b09dfc96cf676fe08d71dbe448ab6e947e559908ecd4a728c7ab2e22557cd3c7030379f67b09bda025314a25da753943a8fc5596931bddcfedc7160d7221decb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7c7f24c47f2ceacf589cd41f6180f148

SHA1
cb38818ed77a881187351321e43cd6728872260e

SHA256
129fcb0946553fc89cfe3d2b9f344a45b5f03d3addae380b2809f9624f913d21

SHA512
502c24b3482a1f959a2dd7a286d2860a144ff933e7557c17045099dd0f926ea24d89d69d3ec648fadd8ef12b4fdc5d0c3c9744be5c896fd7151b1688c3c9fbb4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c68d3541b366d5b4c7588c2062d8a3e7

SHA1
931598fe9e3f854bd08342395680f36a55a16dec

SHA256
7947834c73a7eae7480ee93279748c32beda0e05a4170e03805455f87213182d

SHA512
51bfc73e1965f53c826c744598ab92cacd099538592916c104064867098b05be6ea33b69610855bf5ceb66155e4c20f72b1fd109bfba56680652ab529647c1f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
cb7d8413e60b66a2223f2f140b971f14

SHA1
8ba80b5a94c014dc18a37adcea3f27cb950fdbfd

SHA256
f3c1b1a910b2f96410e48e0424066d531faba38f661aae7c95e45c23a30b3fb1

SHA512
38a3f3568a4f61188cfcda7dc06b5efcc75aa5ec913ed950ea21e9c75e57eca236a0d8aaa9e39232d54133f12daae17234ef58fe3b6da7f04801c6faf519b6bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
39ee6967bf2b50f5777d51c250795e3d

SHA1
2b8b7bb51dcb99498abd32a34b2765c65f2da914

SHA256
675761bb221bc8d200c4a6a3ca23f10939b26d7937fc52a6ceaf54e7fdc69479

SHA512
86b014e4ebe51889903fb6e35b57654eea408dfb042721062567a039fa294927531bdbaf580f700e4ae23055f1e40d8aa90e1c67751b13b7e6641e05a782d213

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6601de5ba1f2f567a5cb297746605b0b

SHA1
4cdc2d70d44e373296c830aedaa031e94d547ea1

SHA256
8f16b4bfd29aa80e5f745a8f89bf0ef18c2a549e41d6effae1fc08e74afba8e6

SHA512
185a1f67c26ced8605a1b9c4c9ad13c6f87df4db2f763c4f08fa27663cf42cf73779acd08f9e7de12a227f7e7dbed2f3a1809bea5c0e3b3f69912f13e674d460

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
8e374ddf5ae271a2521fe30fc64bd0f7

SHA1
a1684c7f341d498c9f652a28425725c9481eadf8

SHA256
ef3c469cba276bf4abbed7dfd077add05fbdf3f819c2027009a26eff95525f11

SHA512
ede96394c5a022c5edcf51dcb3861f9b2304aca534d1c25f4eb3be0a48245f0cd4e6c3218bf7091a4a98700a9bc112d6feca6cbf275836bc66781c81986167d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
17e320167a2d8171fa873e3c4023d4bc

SHA1
718c0f3b452b1777792c87b97657d6831ccefad5

SHA256
1d6a1405d085398e5fe51d587604e610fcd7796b188494f0019de9677e30edfb

SHA512
3ff4caa09fb372dc64fe92e6911d6300d0f4fae2764ecceefd067500cfcce7beed260a2bc93b83316f8485a6ee9ed94feb75ceedd102d4ea927e455581e5d9ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
0ffc7d784e15c00d618c3cf047ea63b2

SHA1
a144061ee776dd1d90b4a247023e3151f5139a2d

SHA256
6e655996bc9311e5c5977d9fa8ed96afaed03c3eba573ddde8b2fd6084dc9ae8

SHA512
72affd3593efe7d27bf8e6ac657b6cc907399bfc785e81194c0221d26837ab5e5d5cf92833a3c448c952a8898566fcecd6e0af55b8d27a87b955b3554ce710ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
249e0bfe07a5f59b383a7bc1c5663b14

SHA1
15c02b232a5a6635b02a2a5745d355eb94267282

SHA256
1b80f8ee5ab39b245437906c2cfc15380314e12fc7d2354c1e9c60da35310f5c

SHA512
776483f76802a994ad4d1a7c29504ccfbd9a4007712b9683155f6e3140e695e9941fb9e871d5c001c0884f4bb13e2638927cdd79facae2f9fabba1b66b08f84d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
976c8be1263eeb7fbd538949a3c9024f

SHA1
7137f7f8622330eb6163fd0a2f8f3d5a4ee4665b

SHA256
42747f6ab45471bd8d33f1084a2d583df14f3948bfd986505e05294532221a6f

SHA512
bb4ae1212b203fda85a3fd189b28eba5d9bcd853c1139881490e398e12cb257b1810a35e76b80656832a10b4945ff31c0910dd41e8ca157bf584a7673080b21a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
09fd52e9563786e500f875a7e81703b4

SHA1
599be224e978f57162b8ce26ad9b5aabef9ffb6e

SHA256
a520b96625c7d527b65a9aa425ca0c24b774567095a7277ed0566865f458cb4b

SHA512
12e0e4606918be89e37741f100b2b8a268e9105d0e5e988686ba80fd20de0d1bf656301dc07e4f2b946c2ecfaa877d9cff39359349f9e4b1750b992a69913ab8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
edbcc9cb69be6374763468b6a8f7331e

SHA1
ce94d4ec212bb026db59eabbd807ae5183c7e9a2

SHA256
010be72545f383ab76b38eee6c50307e14286cefbace352e99788a8caa9f20f6

SHA512
0babc7078f0a26b6c6230692f98db57c724098d56541427380c95f67f5116f5f476fb159e05698360097c0fa9f8afa4b240b57b5a7c61cb7fec39cdab1a64874

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
55dc6b725c47031031cba404b673d8e5

SHA1
4d3beb5743566497291fcc7618da675cda4a0d48

SHA256
32fc98482056d73b104121d196b0459bf44eae94ebb8ba1c8c8505ee2395b30c

SHA512
b4518db1c90c59e8429e345f77002a87defa43c006265fa1d42f4064b5bce0da897df36f563b17f1fe5d36ffed87490f14857b17a3dcf2cee3014a902a153a8f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
837d5d8af5b9e76ebeee24221d623fed

SHA1
46f352bcd047a89bf289a850133b8e2b97691fbe

SHA256
92758de6a1502f96ff98a23650f624e3e050639fae8cf97e76e7e172d059643a

SHA512
0bc4c0f329c138b4b6e1e9f61c72f79592e24c763cde431277bea3e67f124847e03c42d0a305d36b8a17c8984aea01a499c8b642dd9af5b63a4d04d3e8da7cc2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
80e367f4b0ed0c6254a7589ee3a77de9

SHA1
3d728111d70b7178c9ecac7f0bd4575cbb3807ba

SHA256
8c3381e68d2506dfc7aab0125d27e506337dcb02fe20ffa654c36cb7d3524bcd

SHA512
e03c2421c190a983d8eff252a12d54c9cf10c32f41390a9898452ec85ebd900b8084453d17da035490cebfb5e1b73e0417a69bd6f30edea6a07af9756d2aa1bc

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab980D.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar991D.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit