f0ad8041ade92d92646ccf3f96395cb693865a182c895bd89e373249472f7111

Analysis

max time kernel
129s
max time network
144s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
04-06-2024 11:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

94a8d45cd8a0338ae626c07bb0984144_JaffaCakes118.html
Size

40KB
MD5

94a8d45cd8a0338ae626c07bb0984144
SHA1

9a836fddeb76333b85e54d17c2a82f04c4134293
SHA256

f0ad8041ade92d92646ccf3f96395cb693865a182c895bd89e373249472f7111
SHA512

35e12e00558382703c13ca95bcbb98100107b06571bb2619b42ff7a30ed284c76a61a5e7e630cb5fd65335004e5ce5d149c4caf1aaa3ee9bc2d506bbb7e93187
SSDEEP

768:VVmTBSLLWV2tEg5y1RSUjkKdWBTevfCsDtEB8zz74YAlSeambq/htFB+iUm8J:VRLWV2tEg5y1RSUjkKdW9gfCsDtEB8zs

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 32 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423662124"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FA464571-2264-11EF-B5EE-F6E8909E8427} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1872	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1872	iexplore.exe
1872	iexplore.exe
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1872 wrote to memory of 2940	1872	iexplore.exe	28
PID 1872 wrote to memory of 2940	1872	iexplore.exe	28
PID 1872 wrote to memory of 2940	1872	iexplore.exe	28
PID 1872 wrote to memory of 2940	1872	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\94a8d45cd8a0338ae626c07bb0984144_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1872
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1872 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2940

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
0a2b37abc39068a34eb3da3d7b1347a7

SHA1
5c11a9c475329bdded65162fb127cbad593b5e30

SHA256
f3628acec1d277c7ccd255ef62b968daeba24b296c40ca1c937a7e1d8580bba6

SHA512
cf2cb04e3dbd2c3922c65beabdf6ad22dc34840d77aa0a39cd1f9740de602613b9ab463075639bb5736727930cf18cfab941124bb567d189e6fe74926d369a5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
baaae0369680d7932698fadc5d7857a0

SHA1
62d10ce544f6213197b2658a8583e94ca075387a

SHA256
bccdc35086f030999b129054e20db2d62f6fdc1e4459c4cb1b069cdef0f58798

SHA512
e0e5187afc5892bc87c0704b486b074e74793f32887c570a00b67645f4cbde5f644fedcd343b790c796dced160b07d260a688951af579ae382ae2500b9a69c07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b3b7db0fd7972239ef6d7d3de8313927

SHA1
dd5910527a6765183f8927cd955798deb9dd41e8

SHA256
5134860985858e0ba9168a0aaf12920597d7e930c4ad67ccdff9b9866e0ca2fc

SHA512
92230c944a5c3f33129eeceac5819f5b144889826263c85a548fad8cc40b8850ff729926f8d7949e27640983f2a658bb6a530029a801bd96629c1c3ce5c6844f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8047a18be27823962d8a9b67f90c79d

SHA1
b3e9aee5d112cfb7c89e6227dfc5c96000f32c83

SHA256
fad2a330fde13298a3850a08f35ca62fef324168833f14a814a4b3b27c910c56

SHA512
8ea291be3238e86a73e52563bcafc89d9023033665c31fc0fde4bf951f179e2bd019a04ae105ea4b9875511647b3d412c2ca2d79e0268a4fe3aa6386a4a43c07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b67cd5e437f6f9a081204fd48ac6ef4a

SHA1
21d6ff792ddeafb222df0efb833d015a76919134

SHA256
0cd5a2500ef203f01c3cc7b7af4926fbe1282ad578d22aee5678e4dbf9e6fbd3

SHA512
3ba900c4383e100883e05fe936d04134b793b2a227d78e9c221a52d82d6bda24b6cbf82032f3c7d8d31eb95dfa75334af41c7f6c4c971f77a5b7cbe4527f796d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9efaa69b49aeba15b5553468a258c521

SHA1
59c135c052e031727dc6a20662b8d7e717df1920

SHA256
8de3733f944e57db0f7f6969f3a3799edd652cca6130c7c765782a1f59f7499a

SHA512
775f6b2f93419b35ac6ec037525c662aa2dc8ed7d1e49b475a50248f2f7677f77857bec86f63363bd1775333dc148ddc72d3b148f46ef02c906300d19bc3a63e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cf37a490b0a8b384418c7edf78f60819

SHA1
a16998861f80f5bc61ebda774270063575667c2c

SHA256
24d3734d2d7034d1ea200aba9185d8ebec44dbacf208eba7fa7192c92a9fb151

SHA512
a26deb71c95d01f3d239611e07d40eb042d1f02c44462b53aad2e8681b3ba8bf3654c100fad61fcd124648dfb615a0f6ad9787ce36a418b5d6072cd81a755914

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6845b69ddc66f8592288f0d99ea90300

SHA1
0bc10d261b6a6029d8c7ab893056299bb5b22924

SHA256
b156b7ee24fe1c37a79967de6c0198f71a35409f5174870ce519e7e73df260e4

SHA512
2a9c7c672ab4b2d6de14cda98de60bef41645cbd5ea66960d905a1ef94186eb0e2b46b27b8c1ffe560145bd93b95c1d5fe8f88904f3add66246bbb1194147c9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
df2d88b3c623ef351db5173ad5f354a0

SHA1
d563ea1624d0cd05807335b36ae5176423e9567d

SHA256
f2811684e2b253bf8cbe7dc305ba5460e9231bb09b7b32888360b9f3a631cd76

SHA512
3f7ab241f24e654273370f2100742b4e81cdb7d1081b3412ac93167cd5e69d38c2096739c73401d56b43094551d4d916f6cfda87176045f9dccb7b186e5854a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51f3d13ba4d72738ccc072b45fd79dcd

SHA1
b6c5b2ab6c914c0d15ee13dd909ae13513fd189c

SHA256
7ba20683cd30f4aefacec60d1dd0b255d176936d13d2b376e1a8876ca81e820b

SHA512
36d97cdce7f6fa32ffb1e6c224c9f01ee0859a62ecd6c5cfdc399798f7b553767afff736e6acefaabbd3606a2aae740212593f153b5aca07a4c19c8763379d0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
22baba1ccb18f3e15a8749a142502906

SHA1
a421d013f2b7c20a3171c18f7199bc3bf3be72c8

SHA256
730dda518217ac6ac9a6ff9ab2241edb5d9020d10fda6a66eb351e133223ddd2

SHA512
1b53abb9d7b89a8a741d006e63533ef1ce8583aedf9caaa5dfefd1808046ec3228fb9858e30113f0f3226011e7da1109b283ad7c9ddf9fe398bbf426d8fec4e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b67aef18e2988a342d200cb56308889

SHA1
6f3743d63e23bfdaa9cfee2d4ebe9f924d5a8b11

SHA256
1c85cc8f5a76b0da11e7cb905b88230e492d1086f29d22596976b0ecf10b7f2b

SHA512
eec2dbb4030c1b644a1f586355c12cb5a8eaabbc2b98add14ee6a946cde6a3f8fe9c133f6ed48ff2a7fdbb15787304401b65354c1e64924fbe6bbb70c6a0c4e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b16b76ccf78a717076047b71b42c94f4

SHA1
54239a0eeea8d01a389613219d4b3859b3ee996a

SHA256
0a527acaeee2ba166cc1cbcbe65a6c7b0adea48d41343e1ac81b70042e29db8a

SHA512
e9d98629ab03ead532dfd97a6d2c67f6506c431b6504589ce76f9e568a68473a6882c97ce2b563f24feffcbed91a294252edbb2887ead579bf2587c3eb7ba184

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e95009ad6600522fead346cd93fbb5ea

SHA1
34597cb5c7be090fdfa54b7e5d3da4aabbbfa219

SHA256
6fe7ca7ebbec00a9a40e8ab9513c0376892cfe62a68c4593492874ba9362a58e

SHA512
6ee67bbc7c62016ec8a56bace441c93a4d0c458138979b930a1b248a0f4a0072f2a1f23705cae7d9139e29914f7525bcc2f4e2fca84e2bc4762971698a65f16e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a3ba5ca6765552ee7a79e422f46d7ce

SHA1
26bf1122fb126ca11a9c6f290a02fc858afe101d

SHA256
f92ca97a080b38a22f63eac78339cc1da81067f546a58383e46124dc864e97cf

SHA512
692976bc012541a4bb6a8c733bf60d5c1e91e07fe0005a17f9c09890830ca8136d92c903422ebf26fc04cd6d51cb369faa49d3a67ba55855f922072979f20c1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da7292699b00b4ade1fde1e824548377

SHA1
28ee7a5c0f7061170c55a83512537ab8c01afdb5

SHA256
4982ed6118700025364fa11fb1a0cdf18b4e72ab8d47d2196d81e15945fb3585

SHA512
407939ec38ccd85a722ecc9a63a1988e797b8522fea52d1b5d8e750097d6ff84c4d47ebb9d8fad8a55af715c6f773b05d51a7a1c395d332be59ae5fbd58112c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
82a0f61f9b62eeabb0b85662c3ea3d36

SHA1
efc8e0d6b952d65e1c48aac70d2f35f1f26c870f

SHA256
dfc1ba70111226fe2774267be2978691a8e4ac9c885b6802032f6ff5f97007af

SHA512
b0e4952085df9011dd71a40c5e4330b0dca092ab2a5f0ec0a43cd6213e46a96224345282d1007332877d45ee922a518faebed08dad4a878e194acc2972194871

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
c5f9f3d8db9ec9549ae0e439d1a885dc

SHA1
a9b7e25114963e53da68de6e863882c450d84b45

SHA256
e501907e1a97ec6b3097cb4926b70090eff630b19db04f8f02b17f1b42df6d54

SHA512
2d6321bfb743f68612335061ef99a6d46d2bed41cd5235e735cd15af3b6b6fbc96ca26dba27869119c6277ccb688ea661223f7fc68c52b4a16ba818fb0f28bf0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

Filesize
4KB

MD5
da597791be3b6e732f0bc8b20e38ee62

SHA1
1125c45d285c360542027d7554a5c442288974de

SHA256
5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

SHA512
d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar968.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit