666d0c8516610a4971bc64f6f306afbea2efe613110dad2e12326a411e0525f6

Analysis

max time kernel
149s
max time network
150s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
31/05/2024, 13:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

871ccee3ad0e8551c8b6c05a067ea42e_JaffaCakes118.html
Size

80KB
MD5

871ccee3ad0e8551c8b6c05a067ea42e
SHA1

84f47db87e79e007e4cfd57cc922f540b891b2d6
SHA256

666d0c8516610a4971bc64f6f306afbea2efe613110dad2e12326a411e0525f6
SHA512

fd59fe8eae24efd97b889654460857e5eeb8d53b3471d4b53ad07490cb6d83ce44ee93dad367eff227cab75374cae5c50bece33cf3d3643ccf9d593e6a12ca0c
SSDEEP

768:ygOriWNcaStz2tLzJPcxbWQUnwMYvDnkYIfgo5QYi8sQo4UpL2SgX:dtz2tRPcVewMYvDnkYIjS74Up+

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423322782"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E2B17EC1-1F4E-11EF-B944-E2C1BAF7F8C9} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1960	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1960	iexplore.exe
1960	iexplore.exe
2192	IEXPLORE.EXE
2192	IEXPLORE.EXE
2192	IEXPLORE.EXE
2192	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1960 wrote to memory of 2192	1960	iexplore.exe	28
PID 1960 wrote to memory of 2192	1960	iexplore.exe	28
PID 1960 wrote to memory of 2192	1960	iexplore.exe	28
PID 1960 wrote to memory of 2192	1960	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\871ccee3ad0e8551c8b6c05a067ea42e_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1960
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2192

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
50307dd5a05eb1be118dd601a701c942

SHA1
be4994717eda8765bc6bd57384b314dbb1b42866

SHA256
003b0019192cb0ad667e934ed3b6b76f68e95a62aab33f28049a919a52d6d608

SHA512
92e0a914dd04769499f889160e66f4db6b771ed8fb583e52c9b7dcba15a908f590098d233c3f483c9f8a3b0662d2c5b652bba81888dc9e6e1707ecb2c0cc3277

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
6a7da75ca937a7a91db1042675980ee1

SHA1
8b4a8b9d875cae9a45c8777d90f2dcd623ecb6cd

SHA256
c429bf6d79f4ff6fc5887c06f96680539168214ca69750f3630cfc9315390edb

SHA512
2e8262146c1d34fe71c9bc3af41f3222b99e5af9c6e13968f95bcabee332b863f752f31874c2bdd8e0510e30d9abb131ab4db1b282fcf905b1b1af9e68761389

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
ff4035a566c93248a5866e72d1080836

SHA1
114f58c097f2fa3895aebbed5d946acecebfa6b1

SHA256
5c24a03fa4d1ad702d5ad8b61d6b1067cab7352eebf458081638b7c0f8df22c5

SHA512
d78811964185ca2b62133b747738ee7699c0131ccc6320acf35d01284f87464a7975efc6c1d2494a44c27249e05ac81d5ca49027c75225d3c43cc1fc26a64afa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
701f728c4211c82b069f4f4a37a63e62

SHA1
e660538c8ca9ef36d5840f11542b9cf5dfba5dbb

SHA256
072c26b4e8f96fe2d7d409179ce955219498243a0fe15cf4495ba96e1f36c01b

SHA512
433f700a41f8e087517aba397a683701ccb4a269c782c11595eee54ff826b549eea8cf4f10f0a306912b081dacc5029b206f3fdace3f9f2286936787ca9ae4f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a573ee97e4429776aabe8e6b5c1dfec5

SHA1
1fb36bf365d5213845be5a78da71b2c45e3259c4

SHA256
9e218b7841f96624a32f2991857e3f94ef80e26fe6b9de6184e2c4f00aa816c0

SHA512
ffa70edab84c7c41579a9da61b8b57068e086d95db54949307d55f9273271e832f662b715a46e6bc3d4bb78383a6c36dde670fed62dca40847b2a394d475d8a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d513e66e8d53272597c1d4a8378c7ce4

SHA1
689f2d090c6c4869106d35366c4ecbbedfce540b

SHA256
8850d0e13aaa839acfd0f30186cb7148ddc01e18ecef7c35202bb2cd34dd35b6

SHA512
8a2a9aabee7c5871d006dd611c3dabd55f15af4f64299c670f3a1f17d19f64878f0ad4b87ed5f0a44d1ba3c70ce67ca1cf0306969f517499f735bed3cf8e5975

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0cd82606b58544dbee84fcd7ee71cfe9

SHA1
25feb272e6d14590c04481b0fb06087419e6d831

SHA256
672dc7b15e8d3270ad8d05dd482fc7b11e2d69cde4eaf541090eb5b00b7da6a3

SHA512
b8ce0521689b702b5bc76ce66042a61201be3a033ea8f61f19bb99ec1584adf538e9a26d42d84a37963330d16c50ca2169a35c1c2533445b5a42bf9486d5f08d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
27ef156b57e0cd825b771ebde4c044f1

SHA1
56084848b12a0c81ca15226c30e5a8c875db0879

SHA256
222db79e02c82d0696ae3e350805a722f0c598b61157d1a15a1212b3c6b80ef2

SHA512
f3c82ccb055e366b51f19b74c0735532b6b20ef1ea7de7a6eb3e832b81685e2cbac2e872aa8224b19c34297b334d3a3c19d10f0a54c4223768b903fcc83a5f00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7310ab4cd008c3a5fe0e86496582ebb8

SHA1
7a434c2a7f4a8e75cefcf9ff5533c91f4ddf281e

SHA256
b3c5f5140344a23a1bcde96f79f0e579e165022627b62c00c27ce56bcc6e048b

SHA512
e4e5b4576b7c39f01548dead51dc1edc130e333fe805374e832bc1302d483398e233cd94cb4c699bc73311874610ccbbdbdb99f238273bdcc0e2a9c7d85fa2d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f41192e3029ec7de58a55f21d42041b7

SHA1
cac86fa89cc26432781260f710c664b4374af941

SHA256
beda7ec97ed6ef2fda6e1f34e700241e3a636162d187cf0da55a6d50bb677123

SHA512
4a321076011a535bee51c5121a34204f58eddce2c804f22908473f1714d249bb585f0528841e278d7bbc2649492b603c4e1f7c1266655a0d8dccc89c34560957

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a58a672dae16828f02e90c5d7fd2c891

SHA1
315819444b0a29afcb3d7f676e42f0c7028248ef

SHA256
cdb79d9ce90c103cd2288716e38d9bc80b4a78591d6ef8077a73095346eca492

SHA512
c07f16cfb5e3edf173747c4f50524d63b1db94bc730c82599519ad1ca9ade245703dd2beaca3a495873827835a16e807961cd9c3b6edff4d5888f04958605cee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa58362bdd66293ff740031f0176c512

SHA1
4a6b3dd8321e413f6ccc80f671c4831197b4b6b4

SHA256
751e1c384aa302b392ff9e5857bb92716d9d8f5e327c09483cc04fa183b496a0

SHA512
033550736efbe613f93e642946a658bdc8679a3ec3e60d77dc68bcd2251d16a1b554939aa8ffe6dfef8e2f121660b8d0aa14aac2188a595b5e552f3193da27a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
925f0a5a93dad3a00ace0b6a82234507

SHA1
8add2594faa51583625b4a8409d9d01f33cdb01b

SHA256
101972a3f17fc7c3f3b02b7620f103f744b54efcfdaaaeb5ec8b8d4d2260b427

SHA512
1ada01a0579c12646efc36ac38d5030b430ea5e0b217b65936843718859f01e07fd7ed8fda40601229d895b9f89a0a1f8da09f7891ed5ee9933c7cfc4ee654fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6767f476cbf94ae92a8d2f513bcade66

SHA1
5ab2144585c21f6edbf7379fe1027b7f4b81ac8e

SHA256
1531a5be89e14786ed01f886bda40b9aa3b5e906ec877df25c6d824148058267

SHA512
3250063048f9799b9c154fbe210c0f8c04a296cf36dbb376672df5d499eacbf036339c42762dcb7ebf21a471d0991fc1badce8af15bef84fd5d93e44c0374766

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
6e9c8e6e03b3646938e39e88d6b3009c

SHA1
e4735b6a9a6dda24e1af2b94cccac388b163f93b

SHA256
048ac1b2062ee6f447bfe3d7b70fab13d142a846b8d70a702847ae67d3417fcf

SHA512
28ccf912e5cc79615f092bf41944b2aeeff3cd1aca255cb08e132240c0e36e2c82c2aebe70eba85bdfe6c2b5a416966249c95af4581e8f0f6644c2dd2c1a59e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
4115302e34e86a396a77d32beb908ad8

SHA1
03ef9569198ca6c80641e3d605e6e33171be9f6c

SHA256
51556e6834acf6fa295c698c2c67e0098dd94135092fc4fcc93246e7d6fa24b5

SHA512
44b4508dac6860ec25c1d4d2dd2cc3c825a693a00b8c9a6fc64d341c867fab952cd6c6be3d0f0d4b3e2d6cf393c945a91d3dc36c8eae726cf0fd768be88136f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
1019ad0933ffccf58c11fcc4397148b4

SHA1
a0350135e74800db5ab29043a121b59d123c444c

SHA256
1581a493d6ee55faf9c637a3740b798e397755a14b08cecdbd23f442b45a4b8f

SHA512
69c0ed9a76876840715c3dabeb69016402c9d32c986d3bc4114ade28bd4417b5ad91a9fe5dfbeaae4537b3a26d9449b5cf259db4bc493b1084a724d4cf55ba2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\cb=gapi[1].js

Filesize
134KB

MD5
f9255a0dec7524a9a3e867a9f878a68b

SHA1
813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

SHA256
d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

SHA512
d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\plusone[1].js

Filesize
54KB

MD5
53e032294d7b74dc7c3e47b03a045d1a

SHA1
f462da8a8f40b78d570a665668ba8d1a834960c2

SHA256
8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2

SHA512
fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1E2D.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1F4D.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit