314cf7686f1608763a3af9c72a46ab07ea93570f1956681dacdb7a14ed7c7afd

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 03:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65d6efd921a1604b1833d6064b079147_JaffaCakes118.html
Size

39KB
MD5

65d6efd921a1604b1833d6064b079147
SHA1

fd2ed77c15ea580df6a6568e383137c459be8e6c
SHA256

314cf7686f1608763a3af9c72a46ab07ea93570f1956681dacdb7a14ed7c7afd
SHA512

0fada9be483e90946ad9f02673a92c6b23c1c8304b9d3aff40e82bca2b96b811337e73b52a02aacd4f906bcefc2aa8d4241a3f60ea0d1a15b576eb165c6f3086
SSDEEP

768:R/gI3OXUnzg9OP7FmDVhQ+x4OYcMyAsspp7KY4JBm0I84IxouN9lst9s0XXDoM01:R/gI+XWzg9YZmx++x4OYcMyAsspp7KY4

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	process
2648	msedge.exe
2648	msedge.exe
3452	msedge.exe
3452	msedge.exe
1468	identity_helper.exe
1468	identity_helper.exe
3280	msedge.exe
3280	msedge.exe
3280	msedge.exe
3280	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

Processes:

msedge.exe

pid process

3452 msedge.exe
3452 msedge.exe
3452 msedge.exe
3452 msedge.exe
3452 msedge.exe
3452 msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 3452 wrote to memory of 3228	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 3228	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2676	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2648	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 2648	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe
PID 3452 wrote to memory of 4788	3452	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\65d6efd921a1604b1833d6064b079147_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3452

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaef7f46f8,0x7ffaef7f4708,0x7ffaef7f4718
2⤵
PID:3228

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
2⤵
PID:2676

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2648

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
2⤵
PID:4788

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
2⤵
PID:3516

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
2⤵
PID:4316

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
2⤵
PID:3956

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1468

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
2⤵
PID:3684

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
2⤵
PID:1436

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
2⤵
PID:2252

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
2⤵
PID:4664

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,2888033266082213276,6233977026372287433,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3280

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2888

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3596

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
655B

MD5
9c29d3bafc81951cd578c012df5e1d03

SHA1
ee2b6f0324784d65c58296dedabc893aa7f3939d

SHA256
b14373073c36d2f986da938b27fa65c2e2cf2f2023112e8ff3608a0fd1d5c2d5

SHA512
418417c36fd244c78185a625159d41489055fda614332681d4351da0c33338e33c1f015e08406f92d5a2542f17accd3c7555d4370f517968b6b2e2cfe98326bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
686B

MD5
310e1f06e17306783fb741651c2ab82b

SHA1
1be090bf79b64d94ed95ce5218865f0b9d384967

SHA256
b2dff86962ac6022ec5922a04fc64570e0dbf59220fb2e394bd9ada6f12dbe9a

SHA512
1f13416db8175785ecd0de13cc1cf229d3b4d318de803b71302b04c0000d4c3ff2e3c70302501772888f15a07054dd32a80823df7f43468b701a67075aef65e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
2096b96e44e162b73fb753b87ddd460d

SHA1
1bc265a915051813c41b793d74d8149bc2ca687b

SHA256
aeb75ec0768485f30514f1b7dd79ac156b3e2d2fa3e67f8261f25d91e7126c04

SHA512
efb5fda4c88155053dae0e87308283e8ba73de5c9e9e0ff56cdc00b82bee17e0edfa0ef16fdbe3f4c91ffd8f9935c545e989e4394d630e6e1092a8a42229dd9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
e75a7116e5c9740d4407ed1907c79dd8

SHA1
282830a68ddc93407ffc3635dabe50274de009c8

SHA256
375f9d85ae943fed48d771b5579057d99fcd966f2755d37d2e7c6c429e790891

SHA512
0d9d6434ccbea5e4f1513c2dade8097d065989b71932cfeca40f11221837e346632358aa00f1d0f0c4f479ce374568860c9de266b18235afbb1d90e9ee0a1c95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
f24906c90914db38253ff31fcba1c3fa

SHA1
d95a66aa7479e1959223e0bb2129b6f73557da30

SHA256
af1d3d025b984c00898d5909d59887092590b6a3e6fb7430de55a36348e296e2

SHA512
8ef0552ca28bbcf446415ef00429a457cb8b2a9048e116f0c3414eccb4bb1f4cb9860571956f08e565ff5eefba0157a3a6fce5b737280270adb5598cbe1333b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
2122f6b460f9184ac8cac3acdeb69b71

SHA1
75b2d5117b53d50642f23e1c333fa9dfc7a10bb2

SHA256
5191093e3244968233b24316b4a96b7480899ff2bb8b74abf94dcf236e206dd5

SHA512
d77348d40160cea311a8a15938a40433b1e1fffdb687300571054a8302fb8608eb79c8d91c80a25125ccd58332acc3c82c5e8f8c2780827210f7d3323add415b

Download Submit
\??\pipe\LOCAL\crashpad_3452_ELXHJBKVUVQLPIAP
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit