0169a981d2147ffcc85df6a10a12e61712ffb7dc26f3ad9ad868c4f7d1e3a9d4

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 21:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68b2f54b0554ee41c39c607ea41c5629_JaffaCakes118.html
Size

64KB
MD5

68b2f54b0554ee41c39c607ea41c5629
SHA1

20fc132decfe536fc845e602c781f0ccf9e2be2a
SHA256

0169a981d2147ffcc85df6a10a12e61712ffb7dc26f3ad9ad868c4f7d1e3a9d4
SHA512

7cba63fce1c62128aa02ce32d59d71d9278a9429b8fe6c1c4bd22414123ac056b4b0f4e05fbec94fe03fee5f2e4fbb3d03abf2009161e2e51aaebbffbaea9e18
SSDEEP

768:EZEutKUC3XiXZ0p7Zwmu4gPa2L1jGmfLGPc3/zfZpK:EZEutKUCF6PLLJGmfLGPGfZpK

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes:

msedge.exemsedge.exemsedge.exe

pid process

2460 msedge.exe
2460 msedge.exe
3608 msedge.exe
3608 msedge.exe
2488 msedge.exe
2488 msedge.exe
2488 msedge.exe
2488 msedge.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

msedge.exe

pid process

3608 msedge.exe
3608 msedge.exe

pid	process
2460	msedge.exe
2460	msedge.exe
3608	msedge.exe
3608	msedge.exe
2488	msedge.exe
2488	msedge.exe
2488	msedge.exe
2488	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe
3608	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 3608 wrote to memory of 1288	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 1288	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2536	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2460	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2460	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe
PID 3608 wrote to memory of 2432	3608	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\68b2f54b0554ee41c39c607ea41c5629_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff76e346f8,0x7fff76e34708,0x7fff76e34718
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:2536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1989255496608218224,709576496655941560,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4824 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2488

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
20KB

MD5
968ff90a85a3daf15d523cf3b4ca1283

SHA1
a3bfdbbf033130f1fe6e20934cc74279771b6e85

SHA256
f672df127db3df33d836325085dfb4b0b0935bc7c4d7afb97f1beb10bbc79f2d

SHA512
c81dd45a24ee3db9fc02b5f92efbd7e6b7484e4c1cd2bb5942171a16fa9a51278a8f57d3f98868d0fa6ebc513b6cd8310a16cb4f3b9b1746dbc4e4054e2c438e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
278KB

MD5
16623e9f7cd802cf093c325c511a739c

SHA1
b364dbd40e67076a03e9d7b061c9b2624d081e31

SHA256
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

SHA512
44b9d0ed3184fe5f19e650798e6fda22b71a6f316415e08c4ec88af3a4211e9fd335d5f9fc44a070f7b478d7060ae3b665c2d2620bbbce2ea6098bd6826b930c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
66KB

MD5
12b104832307d66b31e62618403ccbdc

SHA1
9d5beb9cfcb2d5722fa25a2c83570526e2a33d6c

SHA256
b18b50fe9d82b2c0c5415a430382bea474dce3cfe859357baee0302c7360eebb

SHA512
62ba667370432a07a5a7586c0f5d7dee9bf9a32c094e5a861ed1d8d44a9cff28456e2531eed70466a541b745b45c17fc8ea267d686eab88a124cdcc94185c3ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
71KB

MD5
357f3c501964d3140959e145be439a6c

SHA1
de960df004b673e7414eb8755adf703178d1274b

SHA256
537856b354a8c28aeb8e66811e63f774a236f86b7ea5bdcdf41ea76b6a225f07

SHA512
a79489623212a939d92e13fac818d35f7a5517e6bad6de3c3a85756ab9a19b9991a0d1c76610e435d5ab49a27ec548f126a9cf650a927f167ebddf331200f60b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
74KB

MD5
8562205f166c9af2a503e19fa15bb0e8

SHA1
8eb7bacc705b34932d444d995f14971bafc424b1

SHA256
4677b04b55fcc60bd4e770a8794bde687eefcb79b4710c3cba3f2094365c96ee

SHA512
e97aab4c206fafb2693f4e63093262fc7d96d5b3f61c61da54b8ad9048095f069499404bab84b7fab25bfa8c7d6ea0700656a9a7fac498cf5dde8060fec30468

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
109KB

MD5
a4aea48c73dc748b33257149d6ee334c

SHA1
d1294c421105646bd8432fd074107dde92609734

SHA256
e3927e830347c5c63970f78619aa507c962ae3ca8e6697b3ae234b7171768e51

SHA512
79983a2d5346db9262353079dc5258295ab923b1847dfc519efccfff89f68b18c00d52a9f9b6a57dd3a771e787c24815c83325b74d2c980d5b7866044932aba0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
18KB

MD5
b976b651932bfd25b9ddb5b7693d88a7

SHA1
7fcb7cb5c11227f9213b1e08a07d0212209e1432

SHA256
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

SHA512
a241ebdcfaf153d5c2a86761145b2575cbe734b4f416acbfac082ae5c6eb7c706bd6ca3bc286b7e1a0f9e326729252dcb95b776750c4a3a0d81f2aa6258ea39f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
303B

MD5
33f2baf5689519de1c8364e56346a684

SHA1
ee69a95de0ebfdb402eda2968c6e5621cfa97aaa

SHA256
3d3c05f6fc61357654b85eae8cf451d27f85ac92edba2ef1baf33ac0ab411e60

SHA512
59a67fc3f4078e0454d72bbde7b4bbb0c1dca229b95be1cb3dea305296c16c49482e3a92057275868a29dd87c3c08f8fc60dad088875071dd7d5a40a392bd897

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1b2600268f2756e56c2a1af3ed7b7618

SHA1
76beb6e10f6f6707448a383b0520dd3cba1f2c9d

SHA256
07c4a08c58f0b25800443144b9600b660ed6a170c0323443d86ff0048a8cb5b2

SHA512
18aa3c4ec9444181d824f0ce07f8970bac92aabc7f31b4e9df0e416e76dc8bbe5ef442fa904935a3e993cc8f8cb1d7bfa9d23ccfe58a83b02034aa3962715c09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a225c5f6-f0de-4589-8ae3-ff5de00108da.tmp

Filesize
6KB

MD5
5b0795cac0ef229f6d843dc58eee5b3b

SHA1
6dcc38ac418348487ca6a400ffd2f25d783a609b

SHA256
f585f309f02d72ca64b595c41c573a21259fb1ef7e360d91dbc7a1d746b99aa5

SHA512
41f2e70021bf40f87b533a95bf1da90d7f2a994f31c3c5db3c9bf670e4b9d2d945545c7241d8709bcfae723d704753bbd181f55506005524d053d31d10ad41ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ca1d8e6e772f10ad93a5d8730f062327

SHA1
86ac750d77d622d5544e91bcedd5b9c3f8d5c0e6

SHA256
1b7decdccc8d758499af41d432df36cb5b997450450d22a7480bb3cb48206d42

SHA512
acfa096236ff6e6bd247289ea3943c4003b652c2f2b7361fd373393923416ef8011c2c8487ec3d4473954877c9aac915d494346ab29c32d8961b551d8d4a81e6

Download Submit
\??\pipe\LOCAL\crashpad_3608_VWPTYHUOZSGVSOCH

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit