53e6c67f6245b5bb07d69a4b96c394d4b875ff1fac6bfd7ab94ec3498b8202a6

Analysis

max time kernel
138s
max time network
148s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
27-06-2024 19:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1754ecc17db7c284e4963f88bde2c97f_JaffaCakes118.html
Size

1KB
MD5

1754ecc17db7c284e4963f88bde2c97f
SHA1

0280ba14c9105da9364ce4be8faf100fe9718aa5
SHA256

53e6c67f6245b5bb07d69a4b96c394d4b875ff1fac6bfd7ab94ec3498b8202a6
SHA512

50fb92f9614f7e65ccfd071e89ec2cdb27f4044d1f55eb1767363321f954beee72f5834bdcc922f7894443bbd6bede592c0ed44d936c48932c3c0aee4774efbe

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AB8BEA31-34BF-11EF-AD12-DE87C8C490F0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000063b916ce56d1d24ba9f7b6a76f09732a00000000020000000000106600000001000020000000d05398162fb0f0363db7c57fe4ae91b9889527710ff081ff9ae5706415b7453d000000000e80000000020000200000003ab2fb630ecc9927be5378845d9d4b6f0b2094f59c764d0ffb5e6690f0f60c199000000004e67c50d28d7760c4377a721466915dfd8d4627c1b05b0d8ec487dacd64e7580e484949e892b8572c9003bf7fe7ba14a8e1cd743fe14fe83094ba6910f5afffbacbefe0aa650010b57a0495687cba54669bc662419433c6c13048181918264e67b2e5f9e5a8f438f7405fbb9540b85ffc875e6b4163e24adb325cd62f4899b1f96ee13e62be3c3110260c41d608edb440000000a4ef106106516b08336dae814c1cc650ad0350e618134b13cb7c6d704aeba06bff42ee504736aeb9fd614eb9c779c5269944f756700c3ea3c0ed60c15a1b21f7	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "425680197"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000063b916ce56d1d24ba9f7b6a76f09732a0000000002000000000010660000000100002000000034873e09664b4de3b39ca23a05235b3d46910ee50c14990c5814b979112b0f0f000000000e8000000002000020000000e5d016554d29679b915ee54fdd216d30e7975b38a479fd945fd5464b72860ed6200000001a704a110c96db9728f9e8936346a523e99b9b60a7ea7622257524dba46d9cb54000000026f8301625159ffd1cef070535970e09807ac12068cd31a4b1267fbf54e18b71e13afcd5dad99ba6e80c144a2a7a90155913bf9fab8c4ef52a547161d273a9d1	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 604b6280ccc8da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2192	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2192	iexplore.exe
2192	iexplore.exe
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 2908	2192	iexplore.exe	29
PID 2192 wrote to memory of 2908	2192	iexplore.exe	29
PID 2192 wrote to memory of 2908	2192	iexplore.exe	29
PID 2192 wrote to memory of 2908	2192	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1754ecc17db7c284e4963f88bde2c97f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0a1ebf0148fef4c93497e2b8b4a25db

SHA1
6a5eba086a4911bc8f194e48fe8ede9d38d8b1ba

SHA256
a4b8d5f0c83ae9dfbf414c35ae95e6011892a26754ec496f2dfd28fbe3b7b2fd

SHA512
e8b840863e165e0e5e184d30f2e09f592631b4a1bf708316d297cc6842b1adfe435542eada7f01eba88cf6e7d77b19ed661e65ef29fbd2f24e2bcd9794240cc8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fe4353e77a3ac4330254ae39ca745341

SHA1
9bc50fd5db785252d7f9d29aa40f084acc808d2a

SHA256
a7159237cc98f61b4479aa369fe55e785326e01711c66dd393fe204fc537d194

SHA512
84aa91beed24da067c841cfb432d72db86ea7089357cb8cf9731ca581260070e8c756c51e2a75a728f448c21a436ab348ab2a8e714bed4bb34e844ac88ecb9aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b04e467a4e7ab6323aea4b1120d80d45

SHA1
99e62d53c72ee10482fc572c0cda320d219d13ad

SHA256
3fcf21a9b40bf4091eb07233042f2114e18f941929bbeb1ee42a24cbc6619e47

SHA512
f1680f190452b642549d22f8fcd674fafc38e5da26dd5f0c6c12b7074db819e2bc9f47d081d2121aa3f7a985c9241c3e78607b40de940b08ed007a3159e53b68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51e6c5c494fd0671a16b9d5c024eba4d

SHA1
6ebcf70e8c7621e877c4431527bbd0e43ddfe8bf

SHA256
e0fa695f748ba74139447e84bd6ee7bc1fdcf8452b291b14fecfbe4eeb8555ca

SHA512
8a06bbf4af97f2e574c5a914f1c6de8b12cf6d0ab3dd05d99733f01ef97b32db5b5d31d3cf6589bde49ea632ebdff474fa91bcbe8f019773f2b723b80ea30985

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1c1733af52205ad7efc40b1514f56b3c

SHA1
a2cf0e842f2ee4b52ec4c7088a68b4f78e64bd24

SHA256
adda04cbb7bf720a494fa9ee1ae951bd554698ceda60c5d767126ce2e72c0db6

SHA512
c1081f4649ca0cef999a182946b201128a129f488e9af6e8a2a23f1839fb1ebf46e2b011f873471f0ed73068ef5a00f405621126a4c51650bc7a834645072b3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d226c1b8dc6737c81ec7c4337a9c03f4

SHA1
c86e078ecf224a1093056ad70abc3391b980391c

SHA256
f65d43311a9d726dc628b4033f72f3fb983c1a4a3e6b5d464a9a5938ac7e4c10

SHA512
1cb505d06ecbaed2cf8d9cedd98042dac58cc1d66eef611896118dcf0a4688ed1a08629fc06f1325bdbed2a035e52074b1d7636a70d4459c47f0025b188dc1d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8e753d38c2f992c96b96d1f3127fa462

SHA1
412018389812b944a5bbb59e116f9ca3a0c701f5

SHA256
cd989862580191ac408fa644dc6965c773e1d48e62cbf88f052b767806cfd768

SHA512
53292db30bb7179571f5125eb494e941ec04097f9ae503f2fa4e57cdf7c8e6a17777875a8ceaadb5163b5766608b2e1d95c9309fc559d9acab5d94981e3973d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54b246ae0a55053cb0d65a8621f4a6af

SHA1
07fed284cb78fe1dc609e87ae1626c051ff237cc

SHA256
93fd4f84ff57ed57b9ffb07b43d93b6d6cb08a3867a204314600e97823374202

SHA512
1dacfdef4a99c0a626ccc4ace9d26ce2b77dcda07bb7a20477ebe3fbc0967e8811eb6bdb1822e60b2355d3c5fda1bb7aea3274b257e5b02186097cfdc2b962c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
41f1249169250d63d47f529ea037ddb2

SHA1
5c8897d7e8c87da40d006b00ab73805a57560101

SHA256
7dd4b0fba7168158e18a1d96f88f9c8d5f37247b515ff7f4e7b288198a388c5c

SHA512
d61e29f3626d58dbb0a7df13d026e681a54089d93cdcd5f44b8480adf9964308eee05237a2520c90a6cbffda21bb6c0532fbac1747eebcaf70b0a21160f0015f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d22c5a5e1668703186b2b5c95698e91

SHA1
3b5459c73f891b938245a445123d58e1e4b2252b

SHA256
15a42465d0989ae7298ae5fa9eb9b94ba9ed1db7284b272d1efafef68ca4082b

SHA512
6ab1c52da0b86287dc5a2e59298812e8b9b7e39fad9994f393e8e5fc6f152241f45a9b0fdb330179e8fa500c032aecac6d6e66655b0c9ea43a94b3e37c984b84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
52645ddccccaf47b2f23cfdc13e5c2e7

SHA1
5faaf8bf169fc4005e64da756ee70ad8bc29eaa4

SHA256
410df0aeb5fd0ca945196b5061d6a6d4fbcba753b77ecf3270c5874715185e65

SHA512
d623f3e177fa9d5d3c942af70ec88cc6fac2178021190d50ec1cfaae4ffdc7589f93a1771f6d85318a50f21e194eb5da5811328b434ea2ee1158632c808e017b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6298f821d45f994d7cb1eb44cac68867

SHA1
f996b280b17369ecf05f967215d93cd6465a1cd0

SHA256
de4e9a7134a4ffda736597fe94dbbcdfeffcade399e81e30287ca841f1faa045

SHA512
ce8c76a552331d0b3d86cfd0fd6ff292ade64b8191bfe354e118e0698eb1ddeded3a711e9ec9c40f5a2915ed7fce610b009ae1f7146a8cc42a7b210b095d8fd0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3e8d64403b816232d4bf61f35c1fa27d

SHA1
b2adc9dbbdef6346a37831516ecb8742b002e691

SHA256
47b47b97ed51e4e0cd584fe748beea738ec8cce8ea450d659387d299049608ec

SHA512
329661ff6f19124d2a79fb32b907fd4bcc56d240dddee700b16091dba22d25ce8e09a7875e731aa9ab414c4e92467c9cce1d05525249fb07253a96941099bf7f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23d72e3216a538d1147070140023582f

SHA1
d52544d6926e86d6df8a0f6bf54e54cf29ac51a0

SHA256
7c36602fa46528eb3908a01d3b1139047df5a38ebea98713a3f78b80762a10ef

SHA512
f16575e35412623dee8abc908103fa0f1d71cd7bb4cb9932066fc3a6b98e358562f57b1d1fdb62394837622b417e01ffd84530158b7d791dd6a1b26ae074f12c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d6c3cb262e932a86779158180feb28ff

SHA1
68e9a2d9f6d5b2c3436da05f47a7438d8693e686

SHA256
653626c3323794977143fe2856fcb7dcf1cda5538c3b40167c27b6d0642c707c

SHA512
7b63744ef689c17d109664a9322aaba02507f1c6ce13163e3dff6a164de79066f1eb769bd186d798936797e3fea77be04f248595ed986068ae9a50278bb58a53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6305f6c54cb2fcbbd05b8202c9b79669

SHA1
a339590db8b2171909fc2075654af92649a44d89

SHA256
4e0b8349bf1909ff4a2e9ad511014e7cbfba2ec9330ddb9bcf17c0f10d974a0e

SHA512
8b02cd602267b16f8f058ede8350d38fdfb9a3d0fec5f787f0b6584d31e31c754775ba6b8b79114199805224aab768d755d51c210b542ebe6fd2e665a1d90baa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
65c9189e3046b709be74aaed375c2346

SHA1
e7887ea80f41711d80a44f8bb0ce9d2232c322aa

SHA256
574f4c16b217174b92ea39d6d397250d1c7a1cf83405d7f617c75e0c1db2fb1d

SHA512
6490af03e6ff92227ad7e93b9b6eaf0405a24d509b3a9a81ec8b41cdbaed9c4b3e9831a7f1ad50b73e1ec953befd92b71267e29766e5a8ef96c5c1643d9f816b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2E35.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2F26.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit