1da9a238055be0fb085eb87413675f1df0ea779e3d3d962198f98bc3ffb69cc8

Analysis

max time kernel
120s
max time network
127s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65bb493b5a6378639e9ca6f0e9deffaf_JaffaCakes118.html
Size

460KB
MD5

65bb493b5a6378639e9ca6f0e9deffaf
SHA1

730ce9ed01c70c4155767d615ef6212d0bbaf78a
SHA256

1da9a238055be0fb085eb87413675f1df0ea779e3d3d962198f98bc3ffb69cc8
SHA512

2ae4522cec46a641c2a20a338477110e342bf4bae2d16a62828141922c3be56ab315217c1907b0fba3e47ce0ed54bfb59390a7cd4a8a09accca8c2f7d8e18b7b
SSDEEP

6144:SgsMYod+X3oI+Y3sMYod+X3oI+YZsMYod+X3oI+YLsMYod+X3oI+YQ:t5d+X3B5d+X3/5d+X315d+X3+

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CE540591-17E4-11EF-8FA5-CE57F181EBEB} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000006197a6ec53dcaee53fc5a846cacb8cef015a5f94dad1f79e4e6e6059219f5b60000000000e8000000002000020000000c13433267c65ad9fbb7e2cf2b16008bfa6170525c5a2b7f0ea3419028dd1fb4c20000000a8f8e8cde905b5b89d1f8cf38d6a20565d356d7fe675651a932b0208e025bd8f4000000016271230fd2bfad936be66d96214528ec6fa9438841a0a18b9572de152dad5cbea6e2082315af72cc3bc3211222ced708853b73274e308a1458ef7136b364a7a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422507562"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0610ba7f1abda01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a230000000002000000000010660000000100002000000094163a0c27d1724f0cd39d94eda73270a99d1026294cc68fd9f98baa1069337f000000000e8000000002000020000000fc014c244f9115092d0cfca4425444550e65f05dc229283a802b074d60a1f7fd90000000f0d97079f32c9429f4ce4459ed6396f88c06c2043dc524d032dfeefbf660098e2efa08db7516a4a517c9ce9e43c47705d27e1c215151058b0d617f469d1c85a18c1cec25dfe294046d087e56ba55f9e5cad82fc43b62879e68d09d5c616c863d67ba314d13f8d68dd3b0b0e8d4e9ab14a11444c88552eddf2bc67380bbf05c87ff2029f303cce121093e7bbbbf35be5740000000ea8b67e5b23470715dc3479d9b7bd4dbe015da81804738cdefc5ecde7555acb5584ef4066bd09cda7ad78227e50e67315915aa877045806221aea3ea4be44f8f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

1668 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

1668 iexplore.exe
1668 iexplore.exe
2308 IEXPLORE.EXE
2308 IEXPLORE.EXE
2308 IEXPLORE.EXE
2308 IEXPLORE.EXE

pid	process
1668	iexplore.exe

pid	process
1668	iexplore.exe
1668	iexplore.exe
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 1668 wrote to memory of 2308	1668	iexplore.exe	IEXPLORE.EXE
PID 1668 wrote to memory of 2308	1668	iexplore.exe	IEXPLORE.EXE
PID 1668 wrote to memory of 2308	1668	iexplore.exe	IEXPLORE.EXE
PID 1668 wrote to memory of 2308	1668	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65bb493b5a6378639e9ca6f0e9deffaf_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1668

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1668 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2308

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c8ed4ed084a0c3169f656d671d282dd6

SHA1
44dfd9e43f2670eb2b36be973cdf9bec71ae0749

SHA256
ab3d76e29d905b0d8e4063ea18943c4146488211416ed1d3ff63e61b6fc352c3

SHA512
07a8b76ba5d929557a9a8407039fbd0822801d0288bb56b3f29de21a73bf71d2595313294945aacb588178504e526e437b11bbb2096ad50dd085a55fcddaa2ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1c37dec4b43f9e43abaf82063b9fc7a6

SHA1
7b7f318fc88b1203a8d0e89936d609e55a5a49dc

SHA256
e0797621b67e056ae7004e5469bcfeaacb7f8b69963bdf14a599b0725a890610

SHA512
94536743511d2de0f299c2c779bae1fa14bdf34a7f57172a624e0d3ba81ed61810283ed9664c9618693e7481e26acd21999f94877bd5826e14182752c7339104

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
fb07412e519da24c4e3dd3716ac15412

SHA1
28fc93fc9004c3f9c567c960093b5eb6faf4c233

SHA256
ed0f1b8f1d9567d726ac95f12498efa87a8a5747938430db789dc1f8408f2899

SHA512
c0e93f65d676be4ae4d3a0fe40d7a8a9588534879045dac9876c68c224bc5e040ac4ae56a507e26204032a291e303a21e4990468c2369360dfb1f34de1774b23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
365f6e97fe2634f315870f8177f6f168

SHA1
ecbd03fa37e0eef3c9e7670ddeaf90c9251e02f5

SHA256
a1b784edf7ce2ddf4676f3126e7f0a1ab8c29592a4d15be22235f264d9a3e00d

SHA512
a1693a483a2bb3ca1e23bcf3475ac3428ad5d7834777ea24e3dfa0a2fc0ab27f5164ab27b9b74ea32ab6ea04d248e5e7f7691bb077bbfdcb9d7943e49a794eee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1204c41c13eb24e8935145c74fa2baa4

SHA1
f5dce652068c3d793953a74d7692cf24d1c5a037

SHA256
e80f76468aa7b3c59a5a372822348a5fc65cd65716663e9862fcce38b3e44b5f

SHA512
08a7af113cf2b4069c0074c546e823d837cca95e9d05bf9fa70f23a2a875da75f2b57e2747957aece3a2e4856b44613729c816043061b4ddbdf78474536f1d07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
061c7ac40515bafc07b15b7a5583ab20

SHA1
d860b60565f0bb22321fc1e4cb0320682a7310df

SHA256
8dcef0bb03ee1f20211f26904ab71755c380481f10ba718ec6819acdfaeefa52

SHA512
f8cc5a496f0e8928cb8821030a46d8b3f88b68defe4af8a81db0074fffa3a6ca9b8ceee73e4a9c6ec8be0fb9d29305b1a34c0f1b57217be33d2b833a8e5f4ecb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
41a996d5591e642c8358bd2a7962e7b3

SHA1
e1910fe4306d5911b6f25da4cc4eb9c1de2cbb93

SHA256
5b201ceb907ce03d71c5b345ad0131f4ab8036a39786bcab7e1af37c12a3ba31

SHA512
c0b8756c7e664db0f1a50ab33e32550a31c115199546362611af79b09c72c03e756db5d5f0929c001306afcfbcb6e21cba467e7fa7667414dc71b0ba0d82da5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7e8c6ce3b98d74ff3c18759dc2b4c605

SHA1
3506bb768fa5c2bf177cc022818329f924cc7243

SHA256
0e79649921f0aa9cc0e823fd0aeda2995416df50c824226ea9b5d91e8613bc27

SHA512
102559731b4468c3f7f1bcad9ea5f219cd29b6da953acdebd1bfb8827f2dcf2fba632659c830148f099d87a1d7b09dd4bdf3a332b36107c9a112e7f0c9739304

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
dda5d721345fbe5f2ff0a273008d66c4

SHA1
04f193351f630ec0de00314d717cf15db865e916

SHA256
9468b1afb0c90fe01df9a387d8bf00034acd264db02b619cc92f5a5777bdf238

SHA512
ec8ac2702b77aba15c8e1acd0106f235442ceb0851ea917cea9e1c3e0a868098a9ae967c2043cdb646a5cc11301c9dc2cb0f45e6b90299d0ec3f19987fc0abde

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a21c8d3638bb385088bcb09863d02511

SHA1
ecf55017752c14884c3ea7f1e735a5c5392e6bf8

SHA256
cbcbb3fb48379af95ca0c6c7c8de21b5644cf99345657bced633b03bba51a424

SHA512
e0df9b7ae8ccb2f22bef25004b402d703cb6c82515e0fbda75266eedd6d608705d0494c11f6ecd22d2e6bab0d1c0cec42b6652b7417d5192a9e4406098528517

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c0460413e37aeab01cbfc9e574526075

SHA1
daffc99431afc5155970a01b5bd2f9a7b702a104

SHA256
860f2b6dffd9d5e05193cc1c5afbd6a34ae3cab516e4cd85be1ec3e90dc66bb3

SHA512
5c3491c3086c20dbcf3f2e07c7314e3323948c4ebbf0454ca8785de5bdb52f8c8ccb7b6929e726ad2d5f25413129ef36b2b2e128247fdae853645b7a24125df6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
9ad621c706b55c67182bc330489bccf7

SHA1
065d24ba710d9f5e3e618b9a7ccab1d002519c78

SHA256
89d1fb8636fdf62dc7481c852c917929ca260b75708b5aaf0e4386055837f856

SHA512
05b57edd636867641904a55ee627b1bda222ce2053d13cb81b4dfb3dfe9bd2bfbfc25ba8784608e7438cabcad9014419465d609650b7633424107d9e46a113ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6dd3e2211128bb584e71dc4b028b8f46

SHA1
31ee793cac7a137b841bb77ebaafff71d78e35e7

SHA256
ff0e1c19d045e154db75d4f324b348a072fc930e25c021fc798011de87df3000

SHA512
caed71842a7bc0bc6d445cba1d12015bfe9810532b8d584381da55a79946fa2f9b722001988f9850fd8487bc89b566862e0a34f166f9b09b5aa4505d081ce764

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f72e7ec17b03791dfa32d53edeab0e1d

SHA1
d956135a3427311ff9711afd32f574b9180425e6

SHA256
5e24b4619d1fff2b83108e2c300156b7621da8c36cc73a1db6039121e5287314

SHA512
70864c079f0837e5e2ebd7d8ba73e5c55517542b20a63dd4fa3e3bb55ce5564b17642a4d32769779bce611190c8700462cdf032c669fb3c5b8c840fd2033d5f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1c16d5b5a7ce8c2a08c6395b593ad3ad

SHA1
f3c218e5fe720b771b036615e80391529d6342fc

SHA256
81a1cabc6f09fb4e2a78daf7491477ff59e9325a4e69fad23ac9ca84f9621061

SHA512
498161ad584aa482d685a3cc06c3ce6f85db49f19425c96fc4a213c65baaa9043eb6e992e25c8be58b9a87395ce222cb8a0406a20e028ebf228052de2754a928

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a9d8b44289ac16984a650ed608633bbc

SHA1
939735b1c9d2dfe5bc1c77b537f54f2753f7c730

SHA256
5a1d06add414d5710716809398fa5eafe373cc5011a16e5ff89693c2ee4d807f

SHA512
a8f3ce40af1eca2af0df991f19fd2064c9a496ee0677b3ebcb02ddf714759350cfc87773b5b814b3c26e473312d64e493042cb13e0ac6a7692b87792d28296c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ddcbb21c756e3316b09f9d2bf92ae0c4

SHA1
918622acac1b395890ac07dd3ddc95f8a5f72739

SHA256
36ae0d03da9422ff4008365a101082f3a08373888c8f20d416c02a5125e8320f

SHA512
1cec3367d4fdfc97e34c18d76a93640cffbc9135a67cdf922021b0e199f3ff46225e5f3a7a882edaa665db3d37c8ea48c8df36eb7307e9434f24876d126ba305

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4D86.tmp
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4DE8.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit