c5086904467eab51396b78e4a3f57d58ebebf64f8d6c1b9489649241019a9507

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2024, 23:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8c225b2edb642ebbf0cb6c5f47cb457e_JaffaCakes118.html
Size

33KB
MD5

8c225b2edb642ebbf0cb6c5f47cb457e
SHA1

4612a0b6d75d6b60e8ef0672bc08b9cd596bbe63
SHA256

c5086904467eab51396b78e4a3f57d58ebebf64f8d6c1b9489649241019a9507
SHA512

27f451c3d714a2a72f0d6400b18df0302a448049728be3051357303b5695de78a9544f51216ba658b3675e9c551d5ef09e0e3fec0fa9fe37ca02b5799eab018c
SSDEEP

768:VFWbs1bgt6b2vbnCjOX/W9bNOJq3xCoGe301Jn4JAYAX2V4IFP:VFWSUt6SbCjOXEpOJq3xCZ3NZGiSP

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1444	msedge.exe
1444	msedge.exe
516	msedge.exe
516	msedge.exe
3300	identity_helper.exe
3300	identity_helper.exe
5228	msedge.exe
5228	msedge.exe
5228	msedge.exe
5228	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe
516	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 516 wrote to memory of 3500	516	msedge.exe	83
PID 516 wrote to memory of 3500	516	msedge.exe	83
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1400	516	msedge.exe	84
PID 516 wrote to memory of 1444	516	msedge.exe	85
PID 516 wrote to memory of 1444	516	msedge.exe	85
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86
PID 516 wrote to memory of 468	516	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8c225b2edb642ebbf0cb6c5f47cb457e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8e7e846f8,0x7ff8e7e84708,0x7ff8e7e84718
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,8267544259086109800,17883483367471916494,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5228

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
23KB

MD5
e1c71f7c04be834f5587230db2ad24b3

SHA1
f3bab9cb99d9f343bf7ed3981aaa7450515d2424

SHA256
9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

SHA512
205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
9c7162c8041f7baea540ae40b7db5eb9

SHA1
234b64401fda9d86a84aaffaa9a9952b86b4f1ac

SHA256
77362479bb7d9bbafa7e8e8723ae30a0e0b6ccc8f01288c33a9fffc2f04ee4e5

SHA512
27b67e78cd36a344bc91a361d13fe77f428e9f99159030570b32f5584a8ea52dd7170807ecca8c8f409924344df2507cdb681651782ef5528b6335bf5dccb8fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
dff6f4a3837965b89cefbc6a792c86ef

SHA1
306ca6b96ea9055b855f42e4638f6e8e3c9d81f5

SHA256
10a361ee358e4f13ae84921620e598f50671b66995e3f254e64fb1e6991b091c

SHA512
5828a48b56874c438a3fdb5529d0dfeb9fff9c6173cf8f4fa089d002fc06a6ec09c46b405c857ff7750bd70aa38a72e792d2908e2b6c202c0a4ba94f894c0f58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
987B

MD5
3bed8342a4914e78df9ca8c208376033

SHA1
c5c29a887236186da81cb52e2c77ebc7e71009cc

SHA256
9d916cd219b11657eb544a452a5dbe9cf6cfd74d195ade50262f5ba0db12a9ba

SHA512
ba31a36968eb92d8ab0110cdf8f80aaf8a0bc74b582dc3baeee34c4f57bc02d039f5a1e54db4e25e5601ba648d906a3c8e573bee18b8dddd456e7f2b9679470b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
911a965862e10ef0a1faf87faa57011c

SHA1
afbb9d29283cd502f7a2dc844e70270d33b8bf14

SHA256
742eb19cb6f269befbd662459d49031ea123c6a3878f86aef8d3eed5c66dd793

SHA512
2e9d6bf64f90cacc6d337fd7d86a2eacc6dd3fafc732721f11841af2c4e8d5ef9cb930331ff91865f877a36ab937a0654e2c9648d4f790f77ff9614799aee8be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
173296f3f8271269f5201ad9a9193f03

SHA1
6d87c43192af3f7c644b6573e777221d4cfe357e

SHA256
7955216ad96d529750a2a9f9a6afe6ee7cd5aa67a18516cf29b1c8942a04fcf8

SHA512
622b8c9b7463894acaa8c515d46fb53ddaf3c246d60fcd6fe67e6987ef7e909a18629d4dd082ead228165ed74927cf519fa88cb3edef6a6dcbcf10675671583b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6daa79fa20342297696e8d294a4ba27e

SHA1
00670460c739795467c21115de96576391d88e5b

SHA256
550ccc755f49495aec10adb44a5c01ef8086ea792a30320e0d076f9d936a1125

SHA512
6f284ff8ed272455d7a41576bdde9621ad1872e37220c424cb51e62c817e1b9c4886c5f053888b96df1b79655d9bfadcf462d18bb7a37f61a9bd9f2ba84c9c2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3b04d062013537cfe108012e97b3c607

SHA1
349dbbc86fbde02998e7fa3cafd32942cd56a1c4

SHA256
34340a29a1f531d758c1d72b7e7b87d924426ac5fc3fd1cdd2383caa708bbcf5

SHA512
0aaefdd39d81fba2ebd11702667cfc01245ea7d41a5708ab907e891e413b742cb996adf0e97a50b1ed13e9d8d5db8e414979c23d7815cd13647a1a1d90ce4b9b

Download Submit