464473aacb24d4098d4911b1219da702f0f216b1656a92d9d5c1c15c83dae3e0

Analysis

max time kernel
136s
max time network
123s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 02:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65b51ab2612127dd154c7fc46fec5cac_JaffaCakes118.html
Size

234KB
MD5

65b51ab2612127dd154c7fc46fec5cac
SHA1

c06c7259e50a4b53eccf71e8e8a2e46cac4205b5
SHA256

464473aacb24d4098d4911b1219da702f0f216b1656a92d9d5c1c15c83dae3e0
SHA512

6eb7f7468d90b08abfea259064789500434825a6341930441d8432b672f75393a73cc96a306b608f6989e0cdbbe53278ac9bd57dbe28c708229757f3573a315a
SSDEEP

3072:S9yfkMY+BES09JXAnyrZalI+YYzByfkMY+BES09JXAnyrZalI+YQ:SIsMYod+X3oI+YYwsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d1000000000200000000001066000000010000200000007148c3d1da7714375b2ca2cf047fcaa6fac6a9989370f69cb9e4b56247c35883000000000e8000000002000020000000b37deb2fe7faff315475c0b558c89b3f59dde556f5d5188c5f6914465228669190000000b62f6f2091ece29d76cc7ecb65f3be5b7ce431396b5b8c3c18db72a1a64a24197c9085941f38d80cf75f5374ba744c89d1ae28f9f609b6a492d5b1e1a048972dfb92d5c8e6a329cc6371d48e185258c71bc50f4d8c807cb39ef3c9c2dc79ec703c89a0a810d90a8b0e3c4cc90693fe035411151db87d007139e77b4e581a9427c0b7b766a6db9edff29d34d88763c358400000005fd02f79879e02305a604caa688ec3799b651e5a9ac31675545d74c41f62a05d63c51af9ee5af33f79133807e30e9f6a9856c9b352c8983747e4e5e9b7e17247	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BB862B11-17E3-11EF-8004-DAAF2542C58D} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d100000000020000000000106600000001000020000000865b9792971a2fdc77e924213b0289fa1047824206fdf3eaf383f8e830af11ec000000000e8000000002000020000000ddee0f39340897f6a11ed374c87cbf83563905472e8857b59948b1ba832404de2000000024e96173bfeb20f03a8debfa9889189b517c71cca9ef96e9948efab98dcf7d624000000012d51fdb443f2dce41bc7b8e69b76a62bac3f1b4622976cc37ccb3b409ee9585173e90ff9b7e59cfef3c929195a672c96cadaab7e85bea71f697baeef9659d6d	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30364ccff0abda01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422507101"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2420 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2420 iexplore.exe
2420 iexplore.exe
2240 IEXPLORE.EXE
2240 IEXPLORE.EXE
2240 IEXPLORE.EXE
2240 IEXPLORE.EXE

pid	process
2420	iexplore.exe

pid	process
2420	iexplore.exe
2420	iexplore.exe
2240	IEXPLORE.EXE
2240	IEXPLORE.EXE
2240	IEXPLORE.EXE
2240	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2420 wrote to memory of 2240	2420	iexplore.exe	IEXPLORE.EXE
PID 2420 wrote to memory of 2240	2420	iexplore.exe	IEXPLORE.EXE
PID 2420 wrote to memory of 2240	2420	iexplore.exe	IEXPLORE.EXE
PID 2420 wrote to memory of 2240	2420	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65b51ab2612127dd154c7fc46fec5cac_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2420

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2240

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80cd1b201587901018c44cb6046ceb6a

SHA1
2ad97922e1150826899f6d77e1ad0c610ca091cc

SHA256
048c140e82e20c70b1bb462f8a55a44b3a4444453657fc13cbb9f2a920182dba

SHA512
b90e5f4ccf312c8bcf1a37b222e2558a7239edf5ae6087a663215159cb37a0e2b808d6d169f981bbbcf2b8068ba4615540dee1ae2c1d8ce38087ce28250a602a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c43092b8327edc697c352e201ff14e6d

SHA1
bd7a8d40a6adea105dd38562eaedfa66a76bba73

SHA256
d01ef12bc009a706e94eb36f6b00386a80e9006d30fb1fbbaf0a7b00fff3551a

SHA512
ebbd2a16822f97a052244bd243cb50c9f765fc37f7804ccb8e13085d7c81c8a3f4e9a2415d4378e0f3a0cb7a6d3d196ad7113e11a5994c80d8fae68f28827f6a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d5d9c03935eed774079a2fb35c3e3b0e

SHA1
a2be97a17613c2d3bf761fa63940933294c427ff

SHA256
6f0ab4b68b50ef395eadf3d224a725ab213337cd3300bc5a880b17d337e81562

SHA512
91010445291106373fb81ad8d500121048256a34c6ee0d11bc159ec290ca2df5aada034e85c705643bc6a028c3d4db56f02976c2419e47aa03789158c63f8d97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e39758259a5bc0e905351c86eb8d9ff9

SHA1
95404fa39abd7adfcec8a6d78a17eba272ecc474

SHA256
3a96036aefabfd25d4c7187a11d1e1f551b2fb8b33a1ba83dd46a56973b2275d

SHA512
de0850c403b64a5148989f96d9499ea4d14ee5d5cfed45dec471705115689cfb5568dfa74c315c9c608027cc788bcd9f5b1344cd825874f10cb7bef9381e5651

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ccc6abbf21f9d3cba9ff91125406bdc4

SHA1
f26d047948ce2c566d38916aba1bb62a5fafdaa5

SHA256
5918d1b3763e301545dccbe648092226ef0a2cc13cd6688c30d4f594f47feafd

SHA512
9e82f9881d601b85ee8996aab16ae514298220cae3729fc48ce7db4f750fedcb39a3fa9ee672c34d57ec80d1a35bc38dd9b17c686304752d6a553918c036eade

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0b5543eb3ecdd7298cfb7b7c1e157fe3

SHA1
8dd473ae55da790ee93351305f3fe047e6afe843

SHA256
6419f47a3c434706c6e0eb4edd4efde2497b0f247304a42207aaef7e8b3801c5

SHA512
c5432dbf1c7475bb1e8150b060fc532705f102b2e99aa950c4ae407a363058e75081bc797d3a47fb2b1b7b993d9e054ab435329eb09cf00e5ec1d9a7d3e7b696

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
89e582cd66fddc45bf75e5a20eb068da

SHA1
136270d1525bccfffd3eecca08913440376d1462

SHA256
d67ae327bbf63a1c3ae55a44fac29339afb9e3cfe4a0d9e6ac066baf339e223f

SHA512
4dd9accac1351bef32ea57dabd94c25716b250005664b3c5d37cd3f8d4048d9abd1c740fa7090e326393fd7e7bf63b8affb3511b2889084ae748217951c7ed35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
be6ed5d1b1f8ddd8ea7ba32eb4795b47

SHA1
cf8f78d208621ce2c25600285ed69d90e1ef73bc

SHA256
e97876d499ea6760b238753ffb8cba4cd88c58cdc0602e05a037863c542667a0

SHA512
8d78777d8b27b13fc130162b13631b03540b02f35a14d53d0a84ed96639cbeabc23bceb4625033b94de1ba03c2b2fd9658bdf004f9c1bceea1fb6defe16c0cf5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9f5f1a98be98890240c5c50df7c3d52f

SHA1
f4758447229fd54a1635ae42af4d3365c59a7d33

SHA256
9be3968dc4a6e46ebf85f09e6da78b8c34e47b25fa1604e4efee41d5daf7e7e9

SHA512
a5dea95f855f1054352c91effbaa1aa60e3f01b43cd5f74b6bdc072fa423e499a111ddcb2394d7573d69b9e50537a00be9fbe786f89a6e702065e4cc50ee385d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b54d5bf65fc2444767130166320fece1

SHA1
9406d3a77e8d326139b4ead7a158f429226d2127

SHA256
e671ec28c6fa4fd355cb197e22420940cdd14ef3d2638467f988bbb239b69df3

SHA512
8c92e7a100723646e3ecea2e149584c1ebf30c05f7e6370db02ffd664009ea4ace4326549864f42f2d0d56fb7b8a7c9887399cb7949bf4b7065c50394e4256ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6581fd8eef0f68e27ccd41204713d48b

SHA1
c06aa50d46117b8fe90ea336139e3726c39fcf77

SHA256
d3b20b296c850a5b9c7c22688b9ad0a6d32069daefcca9cf7920b8f82f4c3dd3

SHA512
ba8ad9f5ea9b1ad4fcb50f4bc4b58d38749ea779a73d3b1227ee634170815d09b385def7551e800e182b37c44db51d7a9c78b5bd5917a3be5703ab9765228718

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
758f79dd99e16d2fd3f87ed92717012c

SHA1
3d1130d916b5a10b1ee1d625ef8e2f7925a31fb9

SHA256
ff50a7d3b96e17a90b12a54ab264652114a4620f8ffac7dacc53fdcc9900c9e0

SHA512
a61cd8d2bd42e91bc1e202815c6c52310a7d3f1263e7e79ec972038fcf16587ffb9619adea0f2cf2538e8e0747d5b264390113c41ae76fab3c3e97157041f851

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b780043200eec7eed1f5feb24c382593

SHA1
e0ab0ed25490eee96db2ef706169976e62f698a8

SHA256
7f4f0e8a05636153fb0a6e2039459476ab09256c9b6b4c686abe55c6d84b2b32

SHA512
d20f04c9c421adc12128cd3f2f810c7efe4bca570485e884e1cb8a52a5cffa3f9ef1222be220e1f15d11ffc8c318f86d3d0ce54282e75ec7b50c68c4e814eb24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dea4adbd8d30d4b145ec011e424afe6c

SHA1
d6a441378144ecc21565049ab6e9294423bea3ad

SHA256
356de3914663d6cce45105056957dab86af3ef401437e66646f41c1feb47c8c1

SHA512
e9ef1c467880ed721a570c623b23b5e364aa1f3cb02bedf3e570bf56356b7fd4eabe4de62aea751d0de88fa7948128dd1e7061e49090412e99681716c8f59a3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3ccae3d0baf59c9b8256176c2487e771

SHA1
42c3b276900aa77b02a31dcde15aaf114567538f

SHA256
f817823af71c848fb68256ca26e0a8c5cc3dcbb2f5cfb179dca3d35a518d06da

SHA512
6393c92969c218924c869b4f516b630aaba9c6071069e5af5e3093aa2f27eb2df0b64b622f4c934d753613a7e5595432e1188430609ec12814cdf629f3bed0a7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b110bdca7529ebf0f82d147844af6ffd

SHA1
2eb172c4efe2bf268a7d7950056412198e7c7f1d

SHA256
365cfabc24a9a6873216be8b107bf6b723b2983ad30518718949d269b0120c30

SHA512
14d0d4905c9e8759d3da0350d21d412ce78457dafb5fa9428e1b42f6635c5dd97e2bd0ecab2065d68c46b70b8e165a1f336b9d6c994fa83c19ec5b15df3513f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7735a489250e8c167aeaede273e632cd

SHA1
23a23762b8df0bdc1697c9e6d47be0d9a4ee78ed

SHA256
be8180716a10757066562eecab84b0392fa4bac6bef7be21dc881b7753d73893

SHA512
5d707f9c0a004ef65718a99731c5146fa8d091b52ad68c2ef5253498ec66bb63b2c586afcdd86ed69826d21bea9c582f360b3bcc8a467a9d9ae3cd9f4a48ae3f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA8E.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAEE.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit