5b157bb74532eaa1e9db275cbd548b4b58cdd008226cef1b216742dca6e018c0

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24/05/2024, 23:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

702ef9cd14ab9149f9e3a2daed6df87a_JaffaCakes118.html
Size

2KB
MD5

702ef9cd14ab9149f9e3a2daed6df87a
SHA1

382f5c7301592c6667c5a67c7c75c0f904102823
SHA256

5b157bb74532eaa1e9db275cbd548b4b58cdd008226cef1b216742dca6e018c0
SHA512

c5a12f8119e71272af3f5cdbf76c77cf7b4a62fe16a2c089931dc7134613f2a7eeef1c09f64b2dcd2869c10629838f2d3868b5fdce5a352eb53e29c501cbc95a

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20daf94734aeda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{73587371-1A27-11EF-A48B-4635F953E0C8} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000bfb53e8b898cf9c0db98f91056a4d81d32eb9ae813afc049acadde7649605a96000000000e80000000020000200000002c5789b31fb8707abaa0313f93402a37e59f54dd858a07a31b4825e7a4f250bf900000009fcb2ec937c7e64de1ef1c2b8e50e72027c94206af2bac79dc8132bae6f25253d922550707260701657b72c09982f09baed973435f5e6e92fbbc7a8e016339903bb57dd4dc00f15758773f6de6b2f3303695ff471f7c6f7b56c7d2e99b570db308df07d2d69df4c3de492c71ed994c167676f0976dda6faa09a95f6d140933919d77cbbd498686e1046388a9c4319e2c40000000d49944bd043fd0e84d866c3e08ae893f7a3f0f6eeb8b7ed6fba060d6bf82f1458e5b061576b23be183a81461307195f3489576b826b3a0c87fbbb852b433e530	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e93610000000002000000000010660000000100002000000072fe76d5086f92368f20cb7e51494b4e82b13b6c4d3de9ae028212a2b0a08bb2000000000e800000000200002000000014a0c991a13a2df92fd1e29a13aa166a651250081cbd1bb943931df6788ae7ce200000006a34b28a2054f54ddf78a23311ce9371e7b9eed253aceb54fe0741b3cbebec2740000000f696f052a327ef2eb66e7d5d52882c16e91c8bff5928ca692996e8d006a0dbddda93d476b9a23935a7f46e41f30719df6d1ad550555e3378fdd7d232c7212ddb	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422756088"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2060	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2060	iexplore.exe
2060	iexplore.exe
3040	IEXPLORE.EXE
3040	IEXPLORE.EXE
3040	IEXPLORE.EXE
3040	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2060 wrote to memory of 3040	2060	iexplore.exe	28
PID 2060 wrote to memory of 3040	2060	iexplore.exe	28
PID 2060 wrote to memory of 3040	2060	iexplore.exe	28
PID 2060 wrote to memory of 3040	2060	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\702ef9cd14ab9149f9e3a2daed6df87a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2060
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9acf2f2dc8ffa64e6f876e1494bcddc8

SHA1
43f1ca16b79d7ed1764c91fcbc18b4b78c105561

SHA256
9fa3efe81a643380a41ecd416d2a7343df18a7bfe0c1e62639f7ad12e052f2a6

SHA512
fb84d2bf42b40d4975809507755d94a055740a96ca5e16310430d3039dd07363fc086ba18f1131d6da3ad738e3a5b46001e2d73ae3f8238095f5ecc6ece16c0b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7afbbadc4e7343d115a410ca098becdb

SHA1
b9441cf87faacb470728ac91173ee9179c71c9e0

SHA256
1acff4a1e38f0379f71c2346d7893472f25422195d6e8f43198d5c19ee7312d8

SHA512
b19d47d8919e9f19fc99f0160f670bd4a3bbbcfb82274a16fe3fed0dea40ea69c291819de410b38c8c87bc055eecdb5728de49256e692df1abd200caed5954ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1327643aaa4aab0d0ad4339b18c2aab5

SHA1
dc5dc8c7331cbadfe663ad5930e402b88950e1ba

SHA256
aceeb1f690d1a159ca85cc372e35415123a3ff48515d1a847466d1793ec7e8ba

SHA512
02188bbbe4803fd7900d8fc3179722b3d755bada8526be65d5e7fb0f7956e749fb78b3dcacfdc28d12f207ff77bdf6c61c1bfbfd4c16482ac5b5e280f2df0115

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb321a030f9c5d89cf40754a593d238c

SHA1
b52f212bb545fcdc0554e07954cc74175c417157

SHA256
3147520d8b5defdb996260a5b78df6e45b68fe1ea6266f7ab69b05addd783c25

SHA512
9179bb2eff0c04c7a825c4497abd7ddda072a490e1812845b5b277aafae0b1725aa6a886e0f9ddfc0535b99646dd2056ce11fc9ff5c1d4886901b1263e452690

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a6fcf37b828a3d4b3d880ec979c97e1

SHA1
4c2db380418d78766a7ccd773d8e0034be55b361

SHA256
0f1beb2e816885b0ec284bf115a42177e8fcfdece34cf971d937e89fb9a0da48

SHA512
ec9cc3230f15b350c9bf0c7f5af51c509a71ae6331ff01431099ee0ee7f78f7f5f47665b77134b3c7896d9552e850bd64e1646b33483b787fb3bd1274b02e02d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d929516e33e0c6f073c4cd3def986478

SHA1
5be16e10577c9d956a726ce3f5dba479fbf68e46

SHA256
5742124f68dc470be0fd8ce1c0039ec818410838286acc9fc585c059105d86d2

SHA512
e9dce8203edc6f09a9ef8859f3618749aa37bf498946bd42c3df036e77e0ae57b23d7b76ed35ac2553b4b4bf6c13396d0babd60950af57538c91f5431e59284d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
79315be30d27ed0f94fee42e445f6ba6

SHA1
94988cd51dea742578da6cc32dc450fe9d606e9d

SHA256
9ff27a94eb6f35b9ff38bcd2d2ef4168b402c7488b6bdebf9fde799439aa28d7

SHA512
fce598d6dfa8ce56ecb185e2791bde35f55cb5c546d98fd73750d0ba7dcf1c33f4deed81f83350935b8329d73a766ccf3f639c943abaeb62cfba08b11629f054

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c1f8e98e7725c1555fd4dc9bd2fe3f7b

SHA1
2791b8df9a25dd40df567b627c0cfb6508f8caae

SHA256
4b8237e139e9e05e9345a761e23d829557d065f8e9af6f8947c6491d6eab3cb2

SHA512
9783199ac3af8f2db325cfa0527ddfe534f81b0b5a77ed98825f46eee48adbc2f3babe4f7f323c3023257f140a2fcf98b56e6549fc4c4bcd1c8d8c14f62cc529

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f81f15764510260eceb40c3db86578ae

SHA1
7b9dd27980e21b899bb30c91b9236eb168349927

SHA256
25f83a30c52963053e5dcfd972706eb3d24757b06c4db00a8af46c63d683ba1e

SHA512
17ba354249602b8acd9f05c2ed3ca6c7da6934152fb54933694623691bc9d88b47a9d9e94d16c5ac6ebb510a52988adc87fe0361c17e5adeb46fe926d90121dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e73599fb595f684f686cb046bb5517cb

SHA1
c953004fca7f8154d49f76244410676b6ba3b6a0

SHA256
3963a2f8b15904adac41724d19ee8581384b94a479f37d20511b51afb0cb4388

SHA512
c7ae5dd01d3042e885d7178b9563e4675610a4a05ab5125f2ca48cf792d8b720ed52fd86cf7182d148409200329160adc38058f0c13a4c9d19f620a8b923c4e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fdd5970047f50ade5b9691dcaba2aa40

SHA1
8ecf8263513f7512fff7ae1a2acdf39c048b429c

SHA256
94ba8e109407c9a7e88cc57d1143fb27a3c11928790c42cca901f46bd23c4da6

SHA512
9cbbeae838bbe7fe2b05954864ad241e9bafa97fdfe55a480bfa4dd2a9aa38f92ad3461668ef1b5ee680a604db8d74a052669c6b0d2e759cd5b52ca441ea593f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0db8ff539068b4aaf8ebf0c058a381d9

SHA1
68f4d292159c13b1eeb826b53bb2e3ac5d50062e

SHA256
fdb107a8869289119a40c2524b538456ec0310908b2a540b48e8320892e4f4c1

SHA512
01cde5f69265de3a472dd09c46a212d7e92fd027f4977133fe8c9b82c04c79da78e418e376a3eb6e380b28e99514cbccad2787fa3f19dbe7074bcf0b3b39ef00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4d1d9083ec61ab1930c3b445bfc42067

SHA1
61278e1f50a3ad20e563646168fc63a57df1515e

SHA256
77ae3744e17542d9e95db4d03e515cc9653bda8b2e20beb035a1afc5b9cf0e84

SHA512
e0bae0f373da6466f978ce614617a594248745444ccddbb07c44373e17f165a4e3c521d19c29534fbec6fa7e09f165f0ca6f72ba18c061a6fb2ab174d891a80e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b45a7823d2eaf196e94264a558eadb0a

SHA1
6bcaf79cfac5adc3b9fe50c825ac6c700d2841c1

SHA256
35da2abcabba66674a12423e008503adb075a1e800418a2a6166b175b5c35107

SHA512
52363d348ddecd842f033a5962f98970ab2521f1f543f000e928658cd1cde4d0668b59eaafb44e0028e1a85c02742c296122b7ce7405be67a0fdb7901472b836

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c5eccf24f3906a11619b62481bad0743

SHA1
4792bb7c69c7eea71f4d7f68885a0066ab07830d

SHA256
480747e09da01d8ac4b32be101dfdd06bf27800cf86dc1c2396d775a98f28888

SHA512
3d70ec041e67237224b093516c49b1c70f5777bd49e26438a1bc1fe4cf8113180a6a7d51883523a933cdaae64e1fc6bbf93dfad9036339582a1718791500b05d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
644054c4e0932bafee57e0eeae9d4a1d

SHA1
ebbc84c1241b2e64f5e225bc368874c10eab3433

SHA256
5d91cf7cd19fba0cea7fab56d76bf13c45c12245540e079d2d4316d6c54df9a2

SHA512
d72a532858644fce6bd78c0832b02088a26d47462c42537b8313d97aad45766c6536c6336e713bbc11840a224d172590b0f5b19d1929ebff5472d2f33be08e2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8225abd563bc552b9f79719a120a15d0

SHA1
a103994545ffd8f3614008b6290a974bbef9c901

SHA256
900f1798997a43318e61ef7c111e8eed98cb7ee7ca1b205c0e5494b4af4410be

SHA512
4784d3d80bc49908a2b7dac8929f829a622303e57bdf8afd88b382865cbfdb6e2e5266b6b0397ddec2a2a08823a1d40218ef713553ed6b2047923555f8400650

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7714639787710d9b391a43a182bf4689

SHA1
439efb43339ea02cee726c908a1ba52a8f3e90d0

SHA256
4c61be0177293ee4a99722267e5bd00abeaf1506ff69b55060232364360d2cdf

SHA512
9c773290d8090d06df24823fdf3b05edad4199237fa8b9127c3cdd9b4c6683e325359f6e83247ff4af771fcc6f03a923622c9ac596f7f975cffd9d1c6a032ffa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab26C5.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2716.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit