f4134510a66db48f170c0e785b0a37a3512c5c31c989235f9cfb72230f3d78ef

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01/06/2024, 12:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a7c35e0af7859ee8f12cb5c27edc181_JaffaCakes118.html
Size

33KB
MD5

8a7c35e0af7859ee8f12cb5c27edc181
SHA1

8764da3ac00e6a9fa6be3d8580dd061327028666
SHA256

f4134510a66db48f170c0e785b0a37a3512c5c31c989235f9cfb72230f3d78ef
SHA512

1073cf5f808e1b0df9adb2300bbb9231d08435325066249299d2b0bc7a73070748a6fa848bf22f480c1f2dc8891691fbe9a0063009753928348a267a5d83831f
SSDEEP

384:S8xULYoUzqRLN6SvuFqY+V0AV1H7W2QZhPpf2iB37dd0Mgeo82ihs+FT0/kUHiN:S8bNuVN6SvHVTVFZEf2cTIkUHiN

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1884	msedge.exe
1884	msedge.exe
4712	msedge.exe
4712	msedge.exe
3024	identity_helper.exe
3024	identity_helper.exe
1320	msedge.exe
1320	msedge.exe
1320	msedge.exe
1320	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe
4712	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4712 wrote to memory of 3620	4712	msedge.exe	82
PID 4712 wrote to memory of 3620	4712	msedge.exe	82
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 3408	4712	msedge.exe	83
PID 4712 wrote to memory of 1884	4712	msedge.exe	84
PID 4712 wrote to memory of 1884	4712	msedge.exe	84
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85
PID 4712 wrote to memory of 4136	4712	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8a7c35e0af7859ee8f12cb5c27edc181_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xe4,0xdc,0xd8,0xe0,0x108,0x7ffc451246f8,0x7ffc45124708,0x7ffc45124718
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:3408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2420 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4552 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,4693116925695794571,11101135644205772701,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1320

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2956

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
a8038c947de1ed2af95cddbc94eacc43

SHA1
e9cb2c33cc4a556c840b176897d20da2924e9c75

SHA256
1c592b7b355edebbef30713399906f0ae71fc25b56038e4cf330cd00c70351e4

SHA512
e3e957576e4d5e6d3cacc82698ba3779ee5b1a7b1f6ca2e8ad26d54710d1fbd44447c6a7511f6c611c6eec3e515206c355e41f4a6c13b60b2d2b6e0c83de3473

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\974b2c26-64ad-42bc-be06-b28d00a69c8e.tmp

Filesize
5KB

MD5
8a02a5d9188524d2d62a8f86d9387508

SHA1
ca49bdfe1a9acaefd2a8eed8d8ca0a2f4b7d6071

SHA256
297e67f473c653292f50078522ea009959e69c57514b270342feca2d1a08caa9

SHA512
10fadcbad7646d27e8f6a1ad0035f22df42de73342875be517ce140be0266c7db1ffa0c244b3b95712abe3ba1a7ab222dbd5f20ed30d05f37a493b1eb8a281fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
524B

MD5
22ccebcbcf195d8068be3991d9262635

SHA1
22d1dd4474641f3a071bdaa10c96fbc209ebf35f

SHA256
9f24d9c17cdc73b83a1bffbee4018587177e441d6b3265d34e18b9eeb5470c2a

SHA512
f8e24eaf365433fe525ed9f439bac3a705b91e7e414a424db9824daab3a45553d8cc787df24854f94153af963d8d8a1930d2379b0b9158392bde5d0562adb788

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
92e41e9178a30bffe846d7007137f3b4

SHA1
7dc3400c3425f3de923639427640893dda04f08b

SHA256
92a276f30a79224877343d5f374b310505e1640e9613b7d81ba8c1de61bfd63d

SHA512
13d2c2d938c77386699c9a7a3060623c507011d8dc0c0c88a1d161075742f4afdd0040a11dc5a2fb3be6c60601ee4057d6bfda20b3c939cb5d969913c0ad30aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
021dfd044db053abac8d531f06be3b09

SHA1
013e914cc50c74b03ea3e54e2ad452c7dfae390e

SHA256
164affcff287994870441cde2984537c1cb4c1e9bbc009f371517f684e8ee6a1

SHA512
c02eee96c67ca0c51644b3343485f17961e7c410ec64ebbaaaa9340ed02c759c823e846e58f453967b9545391b5df9a167979965ff8001a89bf04bc2c92fa189

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f2dd5740b1951220a194728f86fdd3ea

SHA1
7937c930bd0cb21f43b1e77b7761aa0d4dd7f7c4

SHA256
fcf7c8e800525f2d165f8c5a3ab4dad02cce01d99708bbc414fa664ee1f1d1f5

SHA512
1655e8b2a3adacdd730c054b5fab9fa1a33a3cbf4b2163a067ecf057cc38c1ad7589cd7df9b47696a6e413023eccc25e0de0f3ed2613c60c253aaf38b9372902

Download Submit