12fef2009d903ad895fcab103dbc5083b835cc959a1ad45fe6d134475b89e754

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
27/05/2024, 00:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

773f4c1e50fcccb59b16989fcaf80055_JaffaCakes118.html
Size

3KB
MD5

773f4c1e50fcccb59b16989fcaf80055
SHA1

b11a05c13665d98a8e92606eb1b75eacbf6188d7
SHA256

12fef2009d903ad895fcab103dbc5083b835cc959a1ad45fe6d134475b89e754
SHA512

7f0b0782b09695f87e86074c497856691d4d0b96e663b84492f7b89094aa8897a91fc35ce7daae573c0e451f301485c1fcdfeed08796bfc8f676b194ae2eb4d1

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422929890"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a06715f2c8afda01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d1000000000200000000001066000000010000200000005ccb15c70eb216fb0487e0993cda037b1b2addb34a7636d29d9b5219a6839d43000000000e80000000020000200000002be1f2ddfd3fc2409d87937c50a08496f2ea91d074562ce06eb70340f155cb0690000000b739680d5a3575ca1bf84287ff49542d2c2c96a018dfa25e1291fe9a05d536eeef5846aaa5e3fd4403237d51c50a40f296cf58136d2825f9132a10169644d0e91250d82c65f06eee3b5e4ae5de6ae689233c2d0c375a7a01d19bb0028b2700828f34a7fe2d3be9d255706f6abc74744ce4c3d0342af1fc2a270edd8a5e19b313b06f9546b75393c1d036b55440b2ad454000000093f4f0f78a8a350e5854b36a55ffbbc3603f4326fb4407ab91dbfec0f06661c0de23624de33ee66072d692f0464a9ac9b0e037b50ffb59d079c116dcea411394	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1D722461-1BBC-11EF-9A67-52FD63057C4C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d100000000020000000000106600000001000020000000ae2589ceb32dbb2198aa34bf36a20abac62b25846426003d61af75e6c91436c3000000000e8000000002000020000000c729962f0f7fb231a1fa7d9d327546fa705fbae03f94b714104f5b288b3241f520000000828029681a88278a70b65fd1a1d3fb5b85cc5f184c90e491660dca0177457429400000009973378efe539bf2fbf2baf48167043180265f47870d8bd29c62cce2d7d8bad8f34479a8400e019220aa353e7bae3f1a16f41f7e45227b36e6cbefab0ed2c888	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2424	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2424	iexplore.exe
2424	iexplore.exe
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2424 wrote to memory of 3044	2424	iexplore.exe	28
PID 2424 wrote to memory of 3044	2424	iexplore.exe	28
PID 2424 wrote to memory of 3044	2424	iexplore.exe	28
PID 2424 wrote to memory of 3044	2424	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\773f4c1e50fcccb59b16989fcaf80055_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2424
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2807f65e095a713a17d6f2f8f84fae78

SHA1
0bd0fb79e4d069bde9aa0a1c1f5c2ceee66be507

SHA256
00f74b7a2f57e31ac1b88dc982b3c7715371b65e78aa412b5e8d7f8c1564fece

SHA512
d2ceff2f13308ead8cd744619810e222c1f672dabdbbdae8db11ddeebf2a6a36c792834cce6f4c2650f193ebe2565b0734bce102bdcfe18276da4b2cb9af395e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
126dd1b614d0e30f6ff51707d3e5b165

SHA1
259b1f3a516cc2a567e41c54d8288a83cbf967cc

SHA256
6e496d83ac91bbdc721ac1c6b8dae43f22922d9d5cab5230fd9670062611e251

SHA512
49e793528502e067436e2653ae62249c4294d4f0075c463b6c88770017116303ceeed80c446ce6065b799dd6c72039218aa8e867ffeb96f3f6591f98883f5f66

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0846ca44298cbec75fa2f5ca8c8fea0d

SHA1
6cf6b0aa17fca61572a07abb685d4b58ea63657b

SHA256
ace569f2aec6d9cdcafbbf9bcfb0a1e24ecd5f7a9565442e1ad8f2d561fb3f61

SHA512
efc86d173bae5427fc7db777036f5dbc2194d5705d54cd57f9c63ae89c6d2cf79d08f3968e183e83ead26b7836011efa732b00c7ce32c2f81bfa165f5aab2749

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
26f73fccf011a5ca77ff7fdfffa36d27

SHA1
a6453923ff615155f80ee56714f21c3a5c5cdccd

SHA256
32b2b660469eedd0c14ed540055ab94af6e17bf0ffc994c2032fb2f78aa3fb53

SHA512
206f4b5b26be692c8bd09660538e7611f9bc6e0351b2960bff50b2f563e394bb687290bcff00c3d2c47e61aa71c2d7113be1c0ac79b622c0b7603999d351a626

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cd3c6c24a5d24f98103c3ee84cfe6325

SHA1
2c529b020dd0cf0c77cf03d69588f2d8dbad63cd

SHA256
9febc78b7e6f372ca5405dab2aa2a00b4b34382832f81184e64fe1408396df6c

SHA512
d386d905fc3f03b38ba40eef6919c1cf95c1be647626fbaf0ea69d42213bdfcad64a37dbe6d32f8bf58fe2b9dfc295a26024374ce43740d7be3c7baa1c1f360d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b958ed946cef8dd6ec36362ab813b754

SHA1
7eb7486b5fb37deb3d58c12c67082b866a68517a

SHA256
6281d93880e88b5da7e64ae88d3cbfcdcb849658968b871835c1d548ff12c28c

SHA512
24bccc59fcf0467e1f659925a66495fe0245c8b53838f226d805e0f46913410080ea799913a43561ea7c07708addb78a29145c1e4a15e531f7d896f461437edc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
36a31fe2abc4e68401b9719e56f5b711

SHA1
9f33d29ebbe28b8ad7e09f4ea15c72268f5b2709

SHA256
7a893f46db7e159517020401a921eda69c4c1a6cfd635553a62d85a1df03ca8a

SHA512
b5bc0728deff6a7fe5d9c0bec904c2dc70231ebfad1e60d33a022d39738e28dfef016e6a5bd528dbb8b0788bc62ed292ee3111223a4fe0c776439c19497c79ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cb649d235e697e6155a6144876b6aeb

SHA1
d9579eaea6a359a47a7c02a3e0576f52eacf896f

SHA256
26890b3fb2c27aa61e0b4ad0ce208582fefb3f643bb252b0f3a9a7e3596ec6a4

SHA512
c265887cbe1b36c4e1ace082535dbc47aff8890512659168ddc41faf446fa021423c8439824c8205b0129873dfdf0b047b171ef6f0cb9c96addfca501ba414b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0593b4072cac98b0d302688d3225823e

SHA1
601787c6faf1fb833847bced313a5696fe6c30f5

SHA256
1b66a824abdf253ed1c0ab90b2c3e61c2fc50a8ed876e8ba96c73f1aa09094ad

SHA512
a2e592cdd01db47ea7dd9dd7ff1bc5c6c85eaa2a847b854ed6636dc8fc555d45055c7b1bffcb0c862ac154acfbff46a54a1ac774d2cd95b271f1b3c9f485998f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
57b6307104a164c15de9d69ebb756712

SHA1
c0ce0a3a24e3d58dada6a005d25d6a9151fd6fcb

SHA256
1ce817c0c698fd93937314a56077b16639619116a0a74614213e627b61409284

SHA512
3392a8238e0c199fcdec9407cdc83858abd6522a7a4b298f75c0869b5b7f050db13e4d550c8ac601895deb2207afc1224b103094bd2bd7fc68a96a4b3523c420

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
375264718924d69c1dd80dc1b4c0b333

SHA1
d158a3fc95806e2788d7933ff014ce8b3bf03a30

SHA256
da96c1f2ed69ffc2a5f4bdd253a069664108c85cfac529e7b29ce179d6053819

SHA512
062304acd01415f117206ca94484df35fcc8fe9d968c46ca4d87a549e8a66b69145a1ba3c32152dfa0a56fb889ab569b42e0c9ff1bad7d8d9fad47e4157e1130

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dccb900352cc0bd2ada110f438c2ff3a

SHA1
3563907f144ed363e747db22d9f04416447f33f8

SHA256
c8662fad3c57f0e86beadb79f6b7f4161c083dd7e4d4de20d47ae0dec0ecdde5

SHA512
9b187903c380acf7f8819ceef3c9d89786e816ea31aaa9ef70d2ce5bade16c83fea48e38b71e7782a8184cfee08822817f7f5abe268cf7f8b1cde25a0cb3ae2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
397cdbb04f07fc925930fa54253320a3

SHA1
c58de560894dca7753afbdbf32257bbc376e05cb

SHA256
17936b2ad77c16f34fc458ada9c876c90499faf67e62d9a701a88b7b80cb79b1

SHA512
8ead03ccd9c837a7b45cb2aa61c9aecba5066415ef1ad25f152fc27e182270bb56b0aea3e095bc8b01bf1b53d9e83aea18058a6bf40eab498d673a1a4a5bacd8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c067b65f7ddb5667b57f2d5ecadd6fab

SHA1
dbf57e26782c1bb21111cc8d90915ee782984fb5

SHA256
a2ec3f432a5f364abbca66b05a14d07ec05013844907ed0c3247087bd38aed3b

SHA512
7f7a4ada7b5cfaaddb98a5622b880cb0c29614743d9a3d46dc9d94ffab3af81aebe8c197114913568d8cc3bac7870f23165b6288b40e6705004b033b372d2612

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
acfe8937f03fdbf491b1f13626d01798

SHA1
7b7c221bcff8bfa531ce350d99412fb0c1257ff4

SHA256
f59ba914904e816fc03ec11ca767ea903a287e97762c2568791a4fc6b0f6f25c

SHA512
914f128ee3dbea5b854eadee2d83dc2915461618e639833775ad5158f1502cdf0bd5c2c6ea94c02bf81802bf85287b4799cdc46b12ba9dabdee892fa0242b73d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
800041b5781086af2e613ccf8922edef

SHA1
649b96000193f3e570ede0cf4166b10a586d99ba

SHA256
7d257b894ddf8a3dbd8c9db26761e150ce707474d31b47db94ebb82cb7580011

SHA512
e6fe875c3646895cb37df641c66227cc696a264b122f08d26373f4b34091b50d7e563d28d695e37f4eb5e2372ece3a96b10ef264e3b8726888ef112988b11cfe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cf5be048ed15ae894660fb3457792dd9

SHA1
6ec8c1b6430b373397d7a99cb340d4398ea8c864

SHA256
1cc90502c9749fd9d16fc1fcd8ca0a36b5e5935b253fec795a36c83754746370

SHA512
2fa759fe2691bf6d9e09c2d669b0b9355c75a9a0d1304d3dc7f315734ee74b08e13a0a0e3ab2bdadcdabc10e42adbe6fa11585c528fd8df95adeca8bb3922d50

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fa4ae90a4034c582b412b9fe7cdcd156

SHA1
6ca4b7568318b007138dbe93654f09063b9e2848

SHA256
0a7fec687045c649a845367ef9f9516535d752f5ce4591d744f89d4b5bfb1c8d

SHA512
f88baba41b44705e1a4af8e5002a8db2ca3ffc58a36b4d6f47dee4e032257d6814c385e9ebe61d7e2e40ade07b72038da9f949dae08863ed0b9256a62041c463

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1BDB.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1C3E.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit