2d0eb2b21cf245d60fb854eea69f2c96992d3cf94c99fdba8c9ba471aa81f900

Analysis

max time kernel
134s
max time network
129s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
08/07/2024, 10:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c01877ab5ebce52652b9f670daea89d_JaffaCakes118.html
Size

6KB
MD5

2c01877ab5ebce52652b9f670daea89d
SHA1

ef1e27824360de87681c00c042763aa9433260e4
SHA256

2d0eb2b21cf245d60fb854eea69f2c96992d3cf94c99fdba8c9ba471aa81f900
SHA512

db483413e79d14bb30ffd72d3caa133cda642411a03a666fd937b820ebc39707d4e315d56542ad0f6d39d25eeb5f8695d2ba2c0facce55feffe49277af217a11
SSDEEP

96:uzVs+ux7JjLLY1k9o84d12ef7CSTUFtMoRS0ocEZ7ru7f:csz7JjAYS/UMoCb76f

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{28AFBFE1-3D4F-11EF-A1F7-DA486F9A72E4} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426621434"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d990900000000020000000000106600000001000020000000075c09e7cd6344fc8183f0b043bd3188c46fbe0f6d37b1c57cb16d2a49132384000000000e800000000200002000000023b5d8554b8e22fd17d9368dd0d00b1d23723fc67797f3c415a136d01fa4e6582000000025f5477f9fccafd576755231330ecb90e7903b85b820701b714c407194bc05af400000008504da94dec7af41cccc16a8c6b517dc1a8ab8115a810244cf2527ead60d03b748e08813b20ff8f49aa708759b6512534a71b7073cef264b764ca8ba02560484	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0ec0cfe5bd1da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d990900000000020000000000106600000001000020000000ca5c4ee8f641a7f6db4c18e26ac9f52f994902718a7ba8294fa02120a803f73c000000000e80000000020000200000001420fd95f074125ecfdad84d82d58b61dd5c43f08670911eec37ccf2298cb187900000004d531e3397b8fa6a186d89a4ab63755d534002386f44b3901640b74402d311d3861dbc5014c5d83d991c45a799f176637fb6a1daaa8afb4c296cd83e30454a54607c306c31800d1e40b0e5ad213110881fb31c79116cf52da4fc9a2d134702d2184b870a4e9b73873d79e8df22f787904bcf863f31ad84e6e635be647f29c975310c8db902592d871c67e2707b988e52400000002160bfcd9b2308b0a843581110703ba0bc26de4128e05aac1158fa5d916ef7d5bcaee0b84ca155b379ad98995a40d2050e5857215f3d43558d26fb79ce848534	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2764	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2764	iexplore.exe
2764	iexplore.exe
1912	IEXPLORE.EXE
1912	IEXPLORE.EXE
1912	IEXPLORE.EXE
1912	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2764 wrote to memory of 1912	2764	iexplore.exe	31
PID 2764 wrote to memory of 1912	2764	iexplore.exe	31
PID 2764 wrote to memory of 1912	2764	iexplore.exe	31
PID 2764 wrote to memory of 1912	2764	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2c01877ab5ebce52652b9f670daea89d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2764
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1912

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
60cb04904de404202e17a31472fead36

SHA1
6a42b38bb6be6a564193d3b891fa7c6c3abc7846

SHA256
72d1ca0c29551072a4b79aea96e2cfaddf7614296ef9a6390b0734163bc08c75

SHA512
622b0f29fb7925b76cc4d3dca6989e91967e4bb8b7ef54e9f1b222c6eb75ca2270bf2745b98e5e8c8b0bcb8eba32ab5282c6355fb424fea752f2b398e535a6f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
693dbc7cc6fbdd34aea1cb4d8177c41f

SHA1
28e7bb15248a128372988d4a90234911ee1ef136

SHA256
47856a29d93dc83ce0a8e765d9b5270c4f777a7391431e1435e87321b09f9158

SHA512
93150aeb2d17f270e5e1775aeec71bf918c1b46a89d766c63f2c9a69bf2fb7b6b4b3073528f246056a35500b809a924f2f55e325995f1487c15f2294387a9fa1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6550bd422eb5f4f6bbf752c740782106

SHA1
551473aea4f6fd00e9ad188d0c73febfc222d77c

SHA256
8f9e917453864aebe32299fefdfda57497670800ac5c9e57a7c23aff3ca8843d

SHA512
c4bce93659d40210ff750054da24ea682aeac21d9496fb6ed5fd21ea2984cfc0bb0b5cfb68f6ea361c5a39f1393874986aba2b7d84a1c0e2cec5f4f915317472

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
31581ceded432e0d78f90c0b72e43795

SHA1
b51c122d406c54fad4a1381b9ed75dac4d0c4232

SHA256
7a306b3975aa4ffdb4aa8cdc498989dffb5f8abc8b750c685156869cdd48b2d2

SHA512
2d89bad1e86496953da15ed5fdc976379436ba09b73110e8db52f81a0b2250fd73ac5dfb321639a7d770155c2f013fabc9b72aac12c96c344c1477e38d9cff95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74784145d231d0c5a8cc411f15212d6d

SHA1
2b6659a70edb11502e7f0d11ea6b3c47df51e7bc

SHA256
24447abbd785072b4100584451956c85fd31996da8da7ee6c7cbc3962ee7eed7

SHA512
60aa58a5b8e6dff68234351959535068e25affe0a8d9537d59b00a4c5ef36b75c9c44ac4d69eaacdd941d9c682a428c7f9539c6aeee0ec43f98b1b43ec7cec56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c517b26f3ceb966d6d32bee93057574b

SHA1
503ae93d2992de60c2478c3dee618214e4773a29

SHA256
cc172135afbf2a0870a11a3b2819d56d5e0fe8a731acebaf018dad3671fa8893

SHA512
6636f1fe3684fbaf4d418e962a36db607f8ebe30fc6db3d5c3f06b550d734529d1e1d9f4b2b2ec74a1625f54b04825d5ffaeee027e96380791cd802084fe3b1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9ca8e55b94689d53ef57502c2b345439

SHA1
3fc1240eb07e229131dd02e1eb9b2f517f6d4ee3

SHA256
fcb56ef1ffcb280785c559c3bf29e4f45f339ec86896091eca8f0910db473280

SHA512
788fd10e27947ff93b19f0ba2d8733acbcbf32710b058bfc25c556390778319115922a510955bbe007ee6f810bde42e720d312eda7fca9873c1a508630b5d869

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6dc8a68becb68e41f06d63b0555c0710

SHA1
77d7fe2a209b24d0444521924e2c896d906d89fb

SHA256
93f09690f35025633c94bf1ce1480dc5bd9919db25943c40d1a9e8d43dba233f

SHA512
1c66587ff9f450cd118df40eea8edb7aae507565e667667b94b9b689d1f9f817d9ee374a32cb2c57934ad3b90bc72571bfde7221a8397e703c1c1410601d8a28

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b5e21a16b761e00a8d6b399b294c53ea

SHA1
6c470928b0156de0573db421a1eb910299ffcb17

SHA256
b63f3878d01bc8604803a0757e0def00708c5bc650824fd1a29a3414bc54c2a4

SHA512
25a996c3ae7f674fcaa69667a3f19d4faaadf8bd3e13f1de59a279a6bdc4df8b5d96931b125f686c7b4b6cdfe1c754b72160a406e81315e21a0a1b2861b02b08

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
16d5ae2eef85aff0fd969358d587470b

SHA1
17081424a8629156c7e909f0bc396ed9606fafe4

SHA256
7cbf788876528b04536108dea5701082af0c5d2d67f102e0f7610fd3cdc2167e

SHA512
78fb5bdd686a4601377a0b14521cace2da2015a0e153c3a7deb2d0465e4c49d5133ac53dd73d649afd63eea9b74ce078643d27696f68a149e9ed17afcd81e5fc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0b3dadcdaa33fd1edfe7b7b73b12cc09

SHA1
809f5512b0126f4af71a0e3c788b5da325cd7542

SHA256
241565c8c2c1bce60315b29ed45fa4738276be732fdf5208bf460451b899f852

SHA512
2d69ca9a7a6323a08875bf4a2c4b339014187acaf8de64c03132cceadbc41a46cd57f0cd334f950d4c916c4c54b1038fab030f0d88b5e7a2dca85167d592985b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
10958d26f2f19c32381e792b74a10fe6

SHA1
94c306fbab0b9cbb84d4494a9ba5516c6170115c

SHA256
a2d188ae7a0dcc44543751f7188718843d43e91e5a7e68ca10fe205225fafd87

SHA512
afb57eeb3a44e7cf2ce75f31bf53899d0b0706459c8370ecb9c4576bcdcb8f9d3c0e3aa0176e4b6b609ca79cb46f4b4d5321a0e70d85a76027332c5bd6a4819b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5faf15f519dc551b0c7865be588134c0

SHA1
d5f8b6fd9db42f8d952996f0952d70cdf4631a00

SHA256
8f05e4585c82d65f2fd42c2c56c5966d9a9497757cbdca4ffe56a53b1fe7a0b8

SHA512
b50a9b31684b85433f7da90870e0855ca10fe9ea20b9ddadc19f5692f44bb108fa240b7736cb39b136a3b2cdc5e32142a69dfb4729c1cf86cfd5796919ffac2b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ced86a23cca43ea97e159deb89991639

SHA1
1620ae549c8114e4d69a0a714fca37604a63e306

SHA256
f6529afdb1c6bc78f337e7511f11e47f7859eeec76eb4db3f56ff17ca2e508f5

SHA512
cdaa96ff87413568c717b872d2ae5fb1dbc1a7928416b4f9096a51528c28aa7b67a1b3986df37cb586244aa61aefb2169ea84b1a76b93211f410ccc5477d827e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa4a63385c1396b26c3e9d53e748bc98

SHA1
842b7eaf1e89e4736e5b5a4b8919413259e9347d

SHA256
0e1d5128d857057702069f27d9a06ee1c80197c640125a71c6ed457512b32037

SHA512
45ea4850db88a41c7c842523979a245f66e81d3c0fad2ff19c5a4412c35ee50fb2d198b56ec33895cee9489e489957e30da5d66e530d34fe83e4cb0d1c734ad7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9388c797f80d0afc5e193f7d7e53cfa1

SHA1
1ff70771bb9225d2c795801cf3d17d54747c2b34

SHA256
0a922114b1b04f710a09793d63885e022383f6e6aefe70797678048fd0ea926c

SHA512
c6d58bdd238033bf90b58c4a00d7d02c5e1f9bdae9d569c496d9430573b3779d91a9653ab563da4931c25206ca1360b6c17734bd6104fe3c7d44aa54ad2d399a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a0639006d0fe227e000c01c1d5bac67

SHA1
4ff13b555e4b387b8763f0b86123948b294ed2be

SHA256
4a55e73b60498a4fdb9eed83b8c00f9b133a3360c9b77ab4c7aa594823a51134

SHA512
58e3a52a4827eedb4b88f6a79b99fc8ce2e6b0a1f8e6b116ab669c856f5e337b82c750887878495204f2ca104820b87d8683c772172191b9e6cca45c76fe5028

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ff3f987af6ac7adaf3274f051c55d9ab

SHA1
87650bff358e8b8d3372acfed50366a994be0d87

SHA256
657f36f11f8c361d2f45770ab6063422e5b39dbb0c4b67db0297a97f12d9ac6f

SHA512
ebe6bbb09f42a291ca95d9a75d5afb6d271148fa9c0532bc4c102d85fa834386bea22a6f3e16fb3135d4157ff6d1dd4700059b6ab4211bb9f9dc9a95e010c78c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab792.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar831.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit