309009671273c5285df78316ca67c084ebb50a10e6ade03320d1c21fafac244f

Analysis

max time kernel
135s
max time network
131s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 00:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6923933cafafeb1a1137c4e5ece82809_JaffaCakes118.html
Size

896B
MD5

6923933cafafeb1a1137c4e5ece82809
SHA1

f7311f8237adfdf9df8c4fe9c214dcad3ac45151
SHA256

309009671273c5285df78316ca67c084ebb50a10e6ade03320d1c21fafac244f
SHA512

09de94edec03e8e380af8a859a2b169c6d8485433a227132d8e4f17efcdbf710890701edadb0ed10c7231d5fec24bf52227e5672e1dfc5382793fd29a6dda952

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b72dbc6983dd14eae521553795f701e00000000020000000000106600000001000020000000e9ffb620d94db15e156e6f44a3fdc6f7c49d55ccfba3d1db9ca442487a6c0cd9000000000e800000000200002000000086e9caa5403f424e76a5c7535ad1f79d80a3ab0d08c0ab2851af84509013786320000000bd241987ef7e009e09c211ab664cb5b9dc9cdff9a032f7cf51f7024473cfe54340000000b449513e779bd95e9c8bdc8badb5f3c5f004ff5ad1c672e3337e05cd6b1b4287c80dea7a33602eceafb35ca5d7755f0b2f42edf1d6ba48e11279ff45231a373f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2F3A1D71-189B-11EF-9034-729E5AF85804} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b72dbc6983dd14eae521553795f701e000000000200000000001066000000010000200000008c59d69d120863ee53e3201245cb4b35e0218b44c7f74f6464a436160b12746e000000000e800000000200002000000003a17de0b2c6bbee0229d920f9fbdc68ed9ca43314d28fbcb1826b5941fd7cef900000002f3b7966e40a0601f1b50dbce43be48344d9951fd4ac1cb5cc42cdd96903d33069cd83bda9a102eabe72172b52bc37158a0a83b8544ccfcae0432db9244b12aec919ad5332aea74f16e96f4a9f39e7809de0055b545e131d40c69733e7aa916fb9a598908649acf24dab9926d320eea74d1e27b8f5c87c6ddab096f02bd0ed618a1ce35794518b0cc89eacc2d9e9eb8d400000004ccfa24dc39ee3c17cdcac0030803f5af8189a419cdbf25f95c4ad0e0e70fc8b68a187321f0d0864ab8b1d93a1c588722419b9535a9cde04a1861b50a927322f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422585895"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40ebc203a8acda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2224 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2224 iexplore.exe
2224 iexplore.exe
2108 IEXPLORE.EXE
2108 IEXPLORE.EXE
2108 IEXPLORE.EXE
2108 IEXPLORE.EXE

pid	process
2224	iexplore.exe

pid	process
2224	iexplore.exe
2224	iexplore.exe
2108	IEXPLORE.EXE
2108	IEXPLORE.EXE
2108	IEXPLORE.EXE
2108	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2224 wrote to memory of 2108	2224	iexplore.exe	IEXPLORE.EXE
PID 2224 wrote to memory of 2108	2224	iexplore.exe	IEXPLORE.EXE
PID 2224 wrote to memory of 2108	2224	iexplore.exe	IEXPLORE.EXE
PID 2224 wrote to memory of 2108	2224	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6923933cafafeb1a1137c4e5ece82809_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2224

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2108

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0cc08b11dd2dff37c6766bad3637886f

SHA1
2150e0c6d2febf82362aae6a1c122e75b44365b7

SHA256
2eb2ab088dbb084f8989920860e7d88d61c13b75c5734a7b9092d82a4e5e3d78

SHA512
626f512e3caedd2cc6b18bb76a9095d1eff9eb3ad6e67af32cd1beb2a8e55a29c33c42392c949cd7599c59bdd271d853ca19a2fd69b7ba50483345def1ec25cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0194a3714b5214b1d53a7b6b406c8d28

SHA1
d830e8e18b39cf93b72abff832a575a01e48e026

SHA256
99f08d7a13c8e01523af2b0f1ed2b4d1c382377e14555e286b1368c5920ebac4

SHA512
0e39f5a8108faab7505bc5b76a638882327f38d25ee79618a384ccd830adf9bde21da5b001ddaa1d231cdf4141a71e4071505bb8ee2f11cdc4f437b1b071afdf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
827396407edc26724663feba6c7714a6

SHA1
e5a758d6ab1175196c00eb1326a6a040eafa86fa

SHA256
7af29dd040c95edf74dd74d1aaf9bd484feb1bd7a556772ab684a09ffdb81941

SHA512
4d311097a63c31201f022c00e0d9fe211a53798c265fd38c1bce152fddc017dc24d6b3341700d01a1ebcd296a7514695db85f8a3bab25f2135a3420ee8eecc51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
85a26f372f580936a6bffcd2edd33249

SHA1
9bd154290b59cbf2aa2e7644da1923cdcb890f74

SHA256
ef7bcc1edcc58b8a8bb7e789d99d3c5e7891021441e9d8e625747680e8934182

SHA512
b2f71f5c3b61bd4d5421eff2818d9fafdb24ee6d3ce896e2b657d89917eefcc605b22795fdffe7fc3ca60095ab538204d6a65ff20ab5f51788dc6b032cfb54ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0ed4649ee5bde420e20e96fbef0d63b1

SHA1
94a118d15a1cc8c905e73cc99bff409847c17a9c

SHA256
c42e456cc400e75676acb9490d2c364e72d67c2fb5c9b5ecdd4a704d0685e889

SHA512
e4a84b03621c1342b11633ea2ea015babf454097765c926dd424beea21990d44ecc385e449015a2abe7c03405343066d827bca254de3b886bb5151a6ae2a76c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
faba472f3589f56c9847f6c69f62467f

SHA1
96252c3e5529cae594a6b29ee71220e1e70485a3

SHA256
9d9e300f3c832373f7479b3cb65d0939f04b1b0b47fd268fd4d4e5ffc7ae97c4

SHA512
c90debc87ee2adae46df1375e26d6ebbfe7ddc3eecc635ad8de126941e0f03ea8915fb9453f7b63a2a33d43b4b17058440a8699ec419848e66a12b794d671ecd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ef65e1519f155bf796009d493307e780

SHA1
5da0f6b5e6652dd08c8d0e9b62cbb791cc89d599

SHA256
04049a1dd80663b1e306c7887e30cbb162b0f6091a630a0f64fb8491b6938b8d

SHA512
0a57049465c956b27ded5840065ebe5002d22b54ed6225ab6efbfdb0f9eff9fd76c4f6078baa243e3ee3a5f65c6acb21014dbae72ca23e1b86667ad67497d4cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
64d0d610145e8a75b54c2d9453e45c08

SHA1
0dd59c85b6cf8683ecd0b0571895528732f674e7

SHA256
19fb82ac6985f66fe0110451e4066f58aa645b742075ac2f28ce063c56cf9828

SHA512
373f0bfd7e9bce3368e4f3b6094a44dd0e067a66135aebc7d5fabeb797d71d17002d4e26b2d31eb659367c3477d71f210f0c36396f40df502669de0eb8f2ab87

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b2a35358b5f258fcad68a6a99e7117b0

SHA1
fd62f3e2c81dd2c59b03b3ed6e1132fc258dff59

SHA256
443690552017d39cf5af6a8c6b1d237430976d7bff807f7239309bb11412d04d

SHA512
4e2a1c178b19e50b33912649da2c90585186f5a5ffb15f9ba90d76459c9469a26d9afdf3343d67ee5923f1a087a4a6b2c84391f64b1ba4b6168c532b0f2f0a93

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a9fe2e133cba21873469f29e28901cf7

SHA1
93c4a3fd2fa048ede9db8f214dc57e56f61164e5

SHA256
086843ea83e852656b7163ec0f91ca038e036dd2c87aa756baeba69787b49341

SHA512
9a799fab9818c061ddfe31effdb417afecb80e7fe06769acbcd7f3c499d1d36aaf5bb69069f26d472c5833b0beedc871c0a073676db35d8871a4193f43821d16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
87104c656196aca4045a9b8a84c993f9

SHA1
c654ba278b9f675eb41c92b5315bb9e4c5c2e521

SHA256
956f3862e9860fe0eec2064b47b5cdd664d7259267f175a626aec0ad858833c3

SHA512
2c85bf47be76450abd0d3d70128b269ec06e6bb793cc197396fea3f19483869b8d7585a1cf1950e9e5a7469d913bd75d7968796308599560642416c066b15a59

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2bb51b41e988cd83552545f9fca051e6

SHA1
11c4ed6edfc0ab92429fd44bb888d2984ebf3467

SHA256
8f1c02ff29879e6b443221b3518eb06c2bf31e06c5b00ef9a144d7503a0d699e

SHA512
ed865c4433d21e902e8d9ac5d3a720ddafb2d60d8bfde87081b8411770091dda9598867957d67788896632e589c2f7ab5b88f030485ca89f690c28ca79d476e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7ebce6e4ddc42ebb63c3bfb07f940c21

SHA1
e97f099548820dfa6f98ec370e31d6f07ff66648

SHA256
c2c1d3aaea9c1c41a814ed49cdad43c0bb6c16275380f493ea7a1903b9273df4

SHA512
8df93ce52dc07ee75b1d496ad1f6364f3106be905fd7c3f67ab4bbbe9de58db90484665312dd576b2ac86ddeb83fe82636b1840fb2be730a7765698904ea2c16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4f511f96963a6384d9676f2743558e83

SHA1
a807679bae43226a8967c7ec5604072c63628e91

SHA256
9e54ab4e1462b0d72ba29d8ac640a939100696064b6028404bca940ccc71551a

SHA512
242b0ad3499f3c02236c47b0fc961c7efef3c778c9555da06e6c0297eb8cd750221b2394b64fb8397e1c5746e0db782ffe7b2ffa422cbac5de4656fcaad0746b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
945127f516bf7eaae0c65fa06f842cd1

SHA1
ce3b3dcb81859e8ba269ead1e083f245bdbb74f4

SHA256
49b4db391203e6b7a4e8223df8ffcfba2135b98bfad55e6ec72927bde90eb79b

SHA512
218579993d3c663c6bb70791c831b89497e25c2588a72dc33dc784819e3ab784d8ed480aee4105a44e26273ebf970bc18ad498ab2ebb242c1647d2ac5f182e1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
33cc9d3f04d02c92f06deea4d9ffd080

SHA1
edbd25d258b923e571ae2f8244c28f76af4d3c75

SHA256
2da156892118a4e8a0d98c596074b71e9023bfe37b60acf7372c90e8820a6b61

SHA512
ce2da3cb5f0883780ac5155829d587f72b1dfb7d33c488842e1c5e2561cb79291c801949b55df8993de9f9d587e6615bef0aef4c762011fd0c8cdc6f279f7e84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4acf5b987e97967ac4c68785bf86effc

SHA1
782f4877fdf7a74a986ca365cf075cfd1cd4e707

SHA256
6c770999d5a0a5c8a99622eabe4a96229146a67ea8c04abe1f965eca894bbce2

SHA512
00401de2f41b4287213626379dda376206c5ef21949862f5a4c005da1474ee8fae9aefe36ec10514fbf97f1ff4dbcf6519dad3958918e1a3d80480d4a47e756b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2A6D.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2B59.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2B5E.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit