32d5e1812aa389bb6865195365b4bc5ea6d2624efb96553dd6fd82c2bcf0f615

Analysis

max time kernel
134s
max time network
127s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 10:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19ddbec9f9bc7f669f8b5ac2f6962134_JaffaCakes118.html
Size

4KB
MD5

19ddbec9f9bc7f669f8b5ac2f6962134
SHA1

e30f185f1f5440b0e54f3bde791b9c2117a64abb
SHA256

32d5e1812aa389bb6865195365b4bc5ea6d2624efb96553dd6fd82c2bcf0f615
SHA512

4736632820e8654c17e0d4a67e6746307543f4697df5dbc917c405bf2cde7ccccdecb3a0c452db971f84191deace07b4d6263a54890441c9ea7ccb48a6fcb569
SSDEEP

96:o1I76zzoKgl459YdIq2kjQzTi3yFhxP7XGdcRUX7cYj:o1I76zUKU45lq2kjQzTOIqhj

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "425734096"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb8100000000020000000000106600000001000020000000a9fca7ee17e2913d3534c72fa2d17950d80965a234d59dec39450ae86a97ff3f000000000e8000000002000020000000bc5c6718250ba0805cac853256454490654d267ca2a4de694b52548ea15555d72000000079c32e8c967acd6a9125bc99bd04dac7e656c7dcb4dcfc6ed9f4de24621ae3194000000098e38dab7d6bd605a37e6148bc54aa842709d4b5ab10f1cce444e9cb5678b6c41277aae3647534317736964bd5ec7fc624605bf688dde987ef976e17289bd3c9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{29E61361-353D-11EF-BEDB-DEDD52EED8E0} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b02398fe49c9da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb81000000000200000000001066000000010000200000009be621e8e6cdc5553242158562fb3120fe7a479df754937628f0675018ed087b000000000e80000000020000200000001ea3022f6647472d40712017eaabba5bcfd2449caf4a7be1698fe6e86c99d5f290000000cf709ffcf6612a749d16ea0301a59e462589bc83f91ad4f8f670564d9132aac4dfa9f8c3f29b8d87cd8fbd02307b37b9fbae1358542d771fc1450ec4c2080ea479bbe3cef40a7425781fce867a1a81ef2cede2c94601cda4ca0c901f58359126fd17a05cc8a8a88f43e2622c12597d9927b62cea1c3a89ffa7db8e5c61ec40a5255092d09034a510455a99ddae28fff84000000079a0c775531e5ed81adec683587c8282d3ecd711e1a274975f86057c2b01a9e3a463da341c9fcd990c5c7047f510446bfe274651bc4656c7fa70a40a1b6e3e9e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2104	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2104	iexplore.exe
2104	iexplore.exe
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2104 wrote to memory of 2776	2104	iexplore.exe	28
PID 2104 wrote to memory of 2776	2104	iexplore.exe	28
PID 2104 wrote to memory of 2776	2104	iexplore.exe	28
PID 2104 wrote to memory of 2776	2104	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\19ddbec9f9bc7f669f8b5ac2f6962134_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2104
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee08ad19e0be06dffb49eb0e7c441629

SHA1
b93a4d7c1d636184f582455fb8a010b1f4f4fc94

SHA256
c2fd00aee3fbfe7ab1b3f36bca1f0941b377231199fa02221419ec3749aec169

SHA512
7c2f707526dc1e7fb24174b239e227821c946d7c5bd32f33fdfc67cb1904d389829091726077a0b3afd56f001c41970c7dd510f5caa9975451a22e41bc79583b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51a6df0abab50f7657a79eb3311a94cd

SHA1
2069b58702ab21a8b5ee9e0ac70eec515390fd44

SHA256
bded25015c0f5fd3e6e38c09e466505451a8a0643f3fe826853447b753318c5f

SHA512
1179d3d71b64848faf6f97e05fb72d1f413c5b8c1ffca1885ded4248f739d3eca90d6aa519d00ca10116df9d8b114cc2c8578a3a9b37ada3871f8a902f2e57f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a0b459b2f7023aa4338948f81e7fd395

SHA1
7137a559b26f9c02d80e04da0630aca03d9e634d

SHA256
d536c8e626a6f2bab6ca13f1c27fb4f822ee35ba33566ed621a1067f5afefaca

SHA512
76379a80e3ab0ac597c91f4870d6fbcc4973d7481fbc94ccd62f687fa41b2b6bbdf7920957f48b5e56ecfd29ccd995d746728a7f368bf08d135357a39bcb22d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4a8151f027723d6f790d1052e22decc6

SHA1
5a8f8dc3dc4c0affd6c2a1eb0f58a1d2986ef6eb

SHA256
4b88615c25e1bb3d408aaec7d102ffe613582bf683d4288746761222815e5fc8

SHA512
ded73fbb3d412bbf4961e17a5f8e06f40dc8de18f21b148fc7e6b2491dc4243c6ba0547ae6f3a9a5b305270f054865afd48689a649cc8ecdcf7fec8ac5406afd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1d9fb3fc5dc64bbd6e107b6aa15ac71

SHA1
ba838a046034583cabbf9697c0813ed09c745f22

SHA256
16ebae31be52a6dab1fee0c54bfe76a2c724bc1f0b624e9df231553ce3ae38da

SHA512
855f4b246e45d09df8aeb3eae25a7bef294a83e64eaabc0e52b8876bcca37ba0de4240f940955024809acb74f44ef2295fa510c3edc81920d7f57737e2d28e44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
10ec5697f32711e0b9b28f37239bc50d

SHA1
8ee41d052215f8e96671c5ba49684760538d202e

SHA256
886f964c31dd2f2ea825849693b27a32fa57868220a48f08d2e4efc48f7c24c2

SHA512
b2b62d2e83c3568ae34e09f89f66a59e7d3f29e35bf00c2590262be3b27d47b6138bc8a561df755f256fcea27e280697b16d9285243fa070606833bde3e9f3d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7ca9a8727107bb646b5dc02a292261b

SHA1
b38717e38fb9c58e792410c01b42751544e7e670

SHA256
55593308f55ec8fd0dfb04327caf4c45c78ba00139abce1b4a053466ed28e66d

SHA512
6771e5200e880f569c4c791f9af8b1610f3e7debb6db491072634a3cf4effa21048e374df63e2c2c08fe067451eccc557c892c78f04d22c544cd64133963f50b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca51e7ea9de98a126f52bea2108004fd

SHA1
8fd3f802cb587836540835702b4410398db75b5e

SHA256
a7bc09cc08456383260fafaa3332a2b3243decbd52dde7b41119f42dbe68dd0f

SHA512
d05f0718e8aebe6c1acbc60ed84ad3eef5611108e4ae02ff455595a01baa710b3215ef825f23afe302adce72d689840fa138161612f038f64c676fd7118d1b3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
883f162ae7b8d390a9a8187ff26f8b12

SHA1
38b58529af5de8242434172567afdf0da1f4eda5

SHA256
a8994a2723aaf8ac20f8de49ee979c29d1dc3e5b05df2bb7d501f4c3963d70ba

SHA512
61382e56f068de40ad98e693f14947ba9c6ba92f7d7c7c2a0ecb8b297d8dc84466c33fd4ea4abf354a4350fdb6fbc4d35778428b6582959d1b5cfd871dece5d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
864865817861c063bfb23e94ec1ebb84

SHA1
4edbd197be2d7712f541b8d937f3e0387d355977

SHA256
8b7d0164645bd24f81d2745d313c689abbbe7cdad453d5a7c2210d5bf58a42c1

SHA512
77ddbf4df9fa533adeaa1e443fcab7d493fd09284c8efbfa6e94918c3b9ada38bbc871262471a2d86e9dea985a0cde49fa58d6d50f8c8d971638ae6a8c2b6dd2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af6f7e0f1257a615c67ffe579c3be2b7

SHA1
1049e3b1f3ca7310d14f66d144e91e29912ff564

SHA256
e7369a7cf519f844366929e0fa423f5f12131d6ebfce854835a67afa42a9cbc7

SHA512
59de8ecb625019665b80e4c404ed09d148a232e18e34f4daa2f19bea47bf6b8a3d521ab065597fcf1d32c6842dd8f1a4d986612626ba454525280e197b3db193

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
63da3bc792b89216942af06cdfbacf72

SHA1
1df0fe134c103bdf7c60751ba15b37ebe1d75e62

SHA256
b8224903ddb79651abca5747908c3f200cae2e0664993687507516ccc211de8f

SHA512
87100fc4abc9a27003de87176afa0b05eef8ea6c7c166c8cc0873114490dd59a6809c0c563459222a5d0f5f4e7add68a48a19a9de7536dc778f37f9a393cd4a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbc8e2d7dd6824833c918ba1fbcffa4a

SHA1
4fad444fcc1fe5301192cf16ff513f8b1aa5bb4a

SHA256
b84f02a69b9c465406f80d6403fdbf960a409f550d159078bbe9e3bf268e96b0

SHA512
a40e17e00c224c45da9d9225c8089a4f6125009e3cd73a04cfc9363371be547c5f19942318232c09190d08164c889401b8cd592b375fb08c47f09d98dae7a65a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a032717c42a846a804baccc99cc2c2a0

SHA1
fc2003d211f2c735b813310d87b447cf262c10ea

SHA256
02ebdebfc23ca50d9f26e6447fda8be262a4dc1bbc212aec56f8a551a729081e

SHA512
b7fe4262b0e8a8f05ab7f37f714dcf7af5cad2049e285067d8341de7e71d74f38e4aee671fd644450b1928600e905b628e567d6e784b871daa65212a26df5eb4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d84f88ed35eb3c4c054ae5f80bae58af

SHA1
c3aa3accb687ea084b87def10afd1f9299d96af2

SHA256
d4018d815d6b194feb43e5a1fa4e526810e24ab8e845741833d8744143c91613

SHA512
89ba6859b1b516755f5839c2ce1672e3b6d6c79b1c2007ab48761fbd1a1b6d081303a8092d5662570200fa444ee5c91c3b445d634c9551cab3e3f625e30fa577

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
057de8af153464a3bb5289043407eb05

SHA1
3623e46872f4380e30873d886747736a385d7891

SHA256
3c7c6122d02eee07f9485b6e4f96b4380e4b93109aff3be9b643b8db38594721

SHA512
6e5a2d176273f230600bfd7c3447662a7a9c20fce89d4d5a7bb8ed340418108bf46636e9e3553d3160534450dd65042415221a3f7e505c6a918cbb2ea9aa5564

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a044d27e6b6f8aaff2acd5aed5b8395d

SHA1
c859d69272913a7c891d15575284dcbf35e80b94

SHA256
5e19b9f1b62d9674c7e19eb8dce87d3b2c6dfd8d463934cab75d3e42465e2c5f

SHA512
50676d9cfa446275e690a388e14ae1eb5562414d47c8991eba178e30e24b90364144b59ef0dbe588ddcabbaf34efc14aecbbbc08f95cff51ff75971b37be7924

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e9c2a45b2470f720879ed8c8fb1634c9

SHA1
023f4c011e75e7fa8a1f126bc6cb30c6164b004f

SHA256
a15886e0a8727cb883ebdcdba7d26a47b75df7e350a9a05231123de23897be77

SHA512
17ffe3e5c4ab2b7481e084caad58bddb3a43f3725208e0fd78cc892d482f63b3fd2c4236c7dbf0e3de77359681b813367840edc43eaa3f9eef23ae36c1f30127

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1D82.tmp

Filesize
67KB

MD5
2d3dcf90f6c99f47e7593ea250c9e749

SHA1
51be82be4a272669983313565b4940d4b1385237

SHA256
8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

SHA512
9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1E64.tmp

Filesize
160KB

MD5
7186ad693b8ad9444401bd9bcd2217c2

SHA1
5c28ca10a650f6026b0df4737078fa4197f3bac1

SHA256
9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

SHA512
135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

Download Submit