20e5d21830a294d438c0244457da70c77f53ca4bfa133357b6d08a1637414218

Analysis

max time kernel
121s
max time network
129s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09/07/2024, 09:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2fe12b91015328ffaededa3c33f5f672_JaffaCakes118.html
Size

7KB
MD5

2fe12b91015328ffaededa3c33f5f672
SHA1

6747923dbe310d82c598315353075d974423c597
SHA256

20e5d21830a294d438c0244457da70c77f53ca4bfa133357b6d08a1637414218
SHA512

8cf6a1c9d06cb1bb74033e2079bfd7acf40bf8f15806fcfb1b7824370a0a6dedbba4147c91a419513ce3fa2c8ea7845e9dab9ae875de286d63aa75500a144ff7
SSDEEP

192:ln8uqnGDSSW0nqsazLx+YPzoKC1fRHGpIOrC2p3ag2JAYUyXf5plfCCYmI:ln8uqnGDnW0qsazLx+kzoKc5mpBrC2pj

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000930ed985b08cdd4cb38e38023150682b00000000020000000000106600000001000020000000a17336ac24745927936544a7e6486c45b3ff154a06000d5e30fcbfaf9d926848000000000e8000000002000020000000365276b698125cde625cd73d756ec70e149c3afd6ec6b172f0bc6d3fc450c0d32000000043f21b382c465ffa7e8884717f76064864d078fabf20309dd94b1c8615c17bb0400000007d978508e70b7ecec1b261ca51e022db6b1508bdb008dde1068bfb1032a48cc6ea673a50550b1e63fdaa1f1c973eb0ca258812f631d3be11c35eb14aa7bb86b3	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426690297"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20d76953fcd1da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000930ed985b08cdd4cb38e38023150682b00000000020000000000106600000001000020000000e1d5754a5c9323890e5894447c017807e4e826b5604d0a7e5bbbbe401636e690000000000e800000000200002000000091c27c86f9cd1f40b27a0782b44da08c22492455f0cd64df35cd81638d1b056490000000a0c71f509e16e08ce6bcc8783fabe926e2f147b7d679e959515f52b64e3cfe6b734eee27b114cf9d852ed4816b73760f080971061e7f410ebd3226b28ef33be261235523a60afb0d21cf1fe4511914a3e514256590f530f92255529ef7d661265cd37b66a5a66da28cb2114f0a3bb9795b6a7588308d9b4ca2d3ca0de61910be774b76a5b8e5627bc96e87cd5f6632fa4000000034d218b6e523a45c2239d21536fd8d212292448046631fe984e5e101acd1de3fcf76fa0d639d08088b85820cf751f7e1bd443314457453a2bdabb0bcebf97c7b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7E0D36C1-3DEF-11EF-B4E9-6ED41388558A} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2816	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2816	iexplore.exe
2816	iexplore.exe
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2816 wrote to memory of 2776	2816	iexplore.exe	31
PID 2816 wrote to memory of 2776	2816	iexplore.exe	31
PID 2816 wrote to memory of 2776	2816	iexplore.exe	31
PID 2816 wrote to memory of 2776	2816	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2fe12b91015328ffaededa3c33f5f672_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2816
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
059dc4a76335c6f182acbf062a552ca1

SHA1
89d09966bfa2dd8afb1c2eeda1f52c68011cf8b1

SHA256
f6395aae06982d2fc3fb8982841942a028c8fa77b8adb8c67fddb0067b265097

SHA512
c9902c37ac96c48833c22005bd471229f92388b57343779b7ac0c549d5b40a289a872217ab60b3192c8aa236b76f537ed51962dc65bdc1ece0cdb69e847c314f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
21581ef7264b3d3022481231fa73e36f

SHA1
1ba1ed0b8981580671615278a3d4098d39c5f76d

SHA256
fa1f6e2f59be91a1fd55312e0f5a52bb767f8c57a9123ebba89ed57a15d4ca61

SHA512
52764cf3937a6cc751b7401575e8e822ce01074ea8bec1f153c59c5e45fb99874b63006081533095b811de4ab1af537e2aa4470359803943e6459bbb02b3992f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
98919780c783d4bfd21700f268fd5801

SHA1
996471538b01c613daf46935576a998b96efd627

SHA256
aa20be5cf88cb9d6eb75b1a32a972c3f7b105b9039d46dd7a88cc6b08fa2bc10

SHA512
d920f556ba142df16dbdf9de390f4a116406e742204aa1b9ab68ae494b9e5f904541a8615518afcc1d1f2428862cfa1e0b1f8bba5b094fa988fbb80798d9e6dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc6359feb194e85a22a2423dc91eeb3d

SHA1
a8c29f63603a2c5f8ff1537a7bfa1797c6f88d88

SHA256
1a0483d4371bec16211fb7d765e18bd58238df44ea572ae3e68e11d52be55ce1

SHA512
1450414ff9f3a738d5503f0f74ec6b42786cd015290c24280f322de14d94350783742db81ad9e1d255d445f222a7f6fe183b85393d786e93f9361252b8c76e42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
91fd8569356da0d138fb1b0946725b2a

SHA1
d47836598d00116753a3ba4a7c7c776f1e1150b8

SHA256
ca4d056c72384f313d7d24c980e7afd3866fd5c410c4713c89c6ea8f2494b99c

SHA512
30985327af3e4c71fe5f22f5cfaae535133a536d87d92b09fb5c39c26f2e7541a8c2a149a83ace6b3df12d097430a8fb6c5a54c0f07205ad33277c7a2922ecc1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6f8ff632c87519426389429ab4cc7e2

SHA1
e7722d28a3a94bd5bdd55ab72564522bb89d4a5e

SHA256
324a053bca8204437c0dc3d579b0ceb6e65803b63a08b17f8eb24a553467d327

SHA512
e9e84ac779eae9d736bc40abbbc39b0adb7ca2f24586607ce87186384fb71b32ec7d3d8d48db759ecf5fa9ded5d5d2778bf97bcfa041f7725f88144c991d549f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4be55a988c3f2d70380ef1d77eb9d3f

SHA1
db63782da60b40c5c96dc21eaae8d6da914f8b89

SHA256
bb290cf94caff3d264e1b1e42ce28d3fbf8adbd8f9dc07fd18902988c9652a33

SHA512
de07dfac098a5f1caf16efe72bfce59c3da7ca13a105d79005fbb0fc12594164311d8a4f16cab9166ddb98a059bf14dff5c6d7cebfe4c87417924ee3d6a51d3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c519bfc77f6976c456f0b7a53f1ea58a

SHA1
bbebf66f8f84687ff56d79537cc15a31ba8eab8c

SHA256
a16071a49b52f46fb65406691693ea1592ca009d0c2549ab323e96b506905b87

SHA512
c470887f8e7a20f08652bd054c10578c4588e2c0897f91f52a11aff64e4780dcfcf95b5d3125b45112a5f73ea47f463104e3c7473a54d5a2d0c1df14372d9f35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2f1b26d730c5abda07619aa0d345d920

SHA1
42c759876f94bf3a2fcccf9c487b51dcc5f4c926

SHA256
ace0881a286c109e848adaddd6ef034c73f256e0b849648a8b7fbbc80b9e2029

SHA512
5a7218351675ab8043e4469d5e563b93e32160d351e858f86bba1bb1b717c9a446cdc4825bd867ddb842913d2169ef433cfce337a8bd342346bfa1596f893411

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c93e3371a59895b189e9db653e14053

SHA1
a8172160cbe503bd51953a1ef9d9413f7e9be9dc

SHA256
ad3086bd3c5afd19429ebfbcfe0a8e46a132335f4b976ff55990573e623c7268

SHA512
354d36d3bd311d647a5a182e2f755a9685ebe5680d6ff2e6bdf02b0a7881dff6505872c38197e1544f2ed0c29af3329f7c214d510f7e64726501951410147d4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f925662b727104c7414ce57379dd4177

SHA1
2d679b63e7fce11caf61877616e7c1c0c491eef1

SHA256
a5535c045ba2ad6108f96adc12ffad390936bc0185aa9bf93d727789ce4a385e

SHA512
416187711ed54ab9e0e094d06a836a46d6302672063aac80ae7639bb6a83f871ca9e807886b3b71862e5772d05a9b8c4c11bd3e11832dae645a949e78d69cd5f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7169fdb97e3606f6cf7313bc3833362e

SHA1
f2ee0a681473b704769236d0f253ac1705fa5c58

SHA256
965ababa253be21cc69f8f44e7b732f41a27ca0326c8c050778f10e45868c6ac

SHA512
67e6972c5cc19fde517ce167725e3acc4e87e4438fb20bfcd8e83734dab8fc556898a9c0af946c53f76812286402db34bb91816b398b461e2f54552953caa01c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
435595d341d60ec0779e243a14682726

SHA1
224c27d5f78abd7e311a1c6c9bcdc955bd95c402

SHA256
af84cbc69b69a338aefed73b61f4aed65eb3919695f80ae5acccb9d6e3784189

SHA512
77a90b58a4bd0cee14ac1cea9230fb6e190b7cc2e7d6caca2d07c1d3228dd23c7370e7b2741edf001aa54bc2c1180081f262873b43d0e843136510488bc4fe76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1642ec6f82ccb9746aa26126ab628b67

SHA1
37245526b9d82e0fa6f53463671492fe3863df25

SHA256
9c8debe842a441028f0a3bf0680c3add76056aa774de3b704970c523f4aa9b4b

SHA512
35c4c349e751f193633231246c30443906a75f6a739e9652d17a18f0e220c01efc43227e1e08a39f30018230012acd31720493dd8b5ecfc78478bfe779150963

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8277f0e8a4302be4c79c15cbebffb07

SHA1
5407ad259fde1d3aac82542a692f49c18ca4c322

SHA256
db89fdfc5b5a93ee23ff79a549697bb9807647dee6bb8306b9a5f23c60ce0043

SHA512
3341841e595e4775c76516b7bec91b0d5de35fa7164cecf0ce60663832413cf95035348030c704f9d4a360c879d572cd31b5fe16998b616eca27a92bb61b3113

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
07f9684f29b77a9a4175aa4cf149ef7a

SHA1
a80bbcd7b924b3a867a1f4304c6d3815e9533872

SHA256
87cbaad081c677682a283965559bfb9fc5d78071ac862f86ac4d2aac613259a5

SHA512
414931092b09875f082613cbfaabb34bde09c4f20be3abf22c0c0e63fe8209f0226ceab6b7ce5e9109f6ce5e89e869e2958ec54143b4b2a7e733e2b641652c8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5e24c9e5fb2f7d32ec4147f9a8f3834c

SHA1
28964c65e2798feb476055112dda2ce278399c31

SHA256
89a152311e2de5b6d0fa5c13f0309100401f9d1bc4cef506185c53cafc4080c5

SHA512
bb09b0041f4b54fbd3fa91ff3dbf052a10b078b7141e9ef08a2205d8cfdaefeb05058002e31dcf92075b099f274a371450e048d28e0fa8cd124e0cbe722b567c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
06e684de2cb1c897ee2af6e493bfd5e4

SHA1
4357e490801d89605147ae164fc6d1701f53a5fe

SHA256
deadd8fdd460fe41aac4fb1cde9e1e8bb96ef156d19d12d70b58360206b066bc

SHA512
5f4bad9621d21e11ed571a186aad9f387169e3121bd49addea2f91920c98ba899fe3f3a17a506dc75ca1ea09c11713396b5cf23733aa1fdda21ae744e0fa8555

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1009.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar100C.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit