eb86a1c8c3cdadca587d843dccc8555ca38af9f330babf4ef6563f7c5dc87d69

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2024, 23:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

473643f2081777b42f59f9dc71c24dbf_JaffaCakes118.exe
Size

264KB
MD5

473643f2081777b42f59f9dc71c24dbf
SHA1

5ae407baa2027cab62d2696d040d2392897e7ce5
SHA256

eb86a1c8c3cdadca587d843dccc8555ca38af9f330babf4ef6563f7c5dc87d69
SHA512

b3ad6d0b9c5bac62b2d9d7095cbd06a75ff732279b8e92629178901351351e15634780a1a6cfd75a01babdce3c2174917a7870fad9f1f05f39c1a0036e778001
SSDEEP

6144:cdYwYnARrVid3pr9oj1mazmJDDJDyIYnARrVid3pr9oj1macf1:UJVZ0MIazmJHJWIVZ0MIaa

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "24"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "53"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "53"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "83"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d6ae7fc137728b4d8f1885e01307ea05000000000200000000001066000000010000200000009f0b0ec7ea763545bea8176b8172b4f8496e54f647f533fb428cf8e602090fc8000000000e80000000020000200000008e248c7d4ff1e9567ada17838fa641015d1f64036693f0220cc27655ad7c1f2b2000000047fc0d7af5b07b61cfa4b3958a90678312278589db47b3bfb3b225def688531940000000ca03a65422ed8333a069e35b23240dc21e943bb6943a95111afc8713aab597636c3521c24815da337dab72f71fd9be6773bc4ef2986559c130a42da177c039ba	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "24"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31118916"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "109"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "83"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31118916"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "42"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0ef582b44d6da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "71"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "109"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "696302218"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "427764063"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\DOMStorage\4tube.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "71"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "692979644"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "24"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "42"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "83"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.4tube.com\ = "53"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "71"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "109"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31118916"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d6ae7fc137728b4d8f1885e01307ea05000000000200000000001066000000010000200000002ec76ced04c8cd589d97e7bb4a959c24620102de53cb434598c8026a370a1710000000000e80000000020000200000005f7c75fdc6dd24016cda7071ead5a71f4108e597c204eb2983f853fbdfc35531200000008af5072119a01cf713530b1cd84ccbe48ff7f73ac32cb26a21ce49e4f599ed58400000005bd12ea89e454bf96e3821ae773a08494fe2310e77e0c0a71baed0f45cbc026010e4547810d79010544fb8cad1875e9c360c2ff8a2198092f857a66868e165de	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0d15d2b44d6da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{54E6342A-4237-11EF-AF84-569B09BE6E2C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.4tube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\4tube.com\Total = "42"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "692979644"	iexplore.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-464762018-485119342-1613148473-1000\{204FF77F-69F5-4C97-BE8A-AB895375E7BE}	IEXPLORE.EXE

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3292	IEXPLORE.EXE
Token: SeCreatePagefilePrivilege	3292	IEXPLORE.EXE
Token: SeShutdownPrivilege	3292	IEXPLORE.EXE
Token: SeCreatePagefilePrivilege	3292	IEXPLORE.EXE
Token: 33	1036	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1036	AUDIODG.EXE
Token: SeShutdownPrivilege	3292	IEXPLORE.EXE
Token: SeCreatePagefilePrivilege	3292	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4588	iexplore.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
3180	473643f2081777b42f59f9dc71c24dbf_JaffaCakes118.exe
4588	iexplore.exe
4588	iexplore.exe
3292	IEXPLORE.EXE
3292	IEXPLORE.EXE
3292	IEXPLORE.EXE
3292	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4588 wrote to memory of 3292	4588	iexplore.exe	87
PID 4588 wrote to memory of 3292	4588	iexplore.exe	87
PID 4588 wrote to memory of 3292	4588	iexplore.exe	87

C:\Users\Admin\AppData\Local\Temp\473643f2081777b42f59f9dc71c24dbf_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\473643f2081777b42f59f9dc71c24dbf_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3180

C:\Program Files (x86)\Internet Explorer\ielowutil.exe
"C:\Program Files (x86)\Internet Explorer\ielowutil.exe" -CLSID:{0002DF01-0000-0000-C000-000000000046} -Embedding
1⤵
PID:4512

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4588
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4588 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:3292

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x518 0x328
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\U0N5XCCD\www.4tube[1].xml

Filesize
336B

MD5
93fa5a292fdc94e3cacec27050bf30fd

SHA1
7a13718f067877f0e7d6b70bd817a8ee3a3e3f5e

SHA256
924f05a542d24ed14aa54eed077834c187d208964c8b03f053823970ed4f22d2

SHA512
17cd08e843fd2851ee45bffdf35d5943a7406112ae7a7634837383bf5aded5a4dfac1ac40f6695e6c6bd694bdc6043c21be976f797226e82c4066499865cfc85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\U0N5XCCD\www.4tube[1].xml

Filesize
324B

MD5
2ffbd395c3ac3f6848b88bd61da10369

SHA1
8781ecd1b3725e0786116eeb8b9ad47d74cd4e74

SHA256
4d0a6751ef3e839938d83999ad8b880f3392e84af1a927650a6b8b885e516cc1

SHA512
4bd5dd56c83e9ec5a15ae59af159b223d16055439f183cd2ee84f06fcbc31f7e4d53d0f773ec718e6499ef2887191d1e554dece2b767a7aa9e5d62afd192bf28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\2zzfwt8\imagestore.dat

Filesize
3KB

MD5
37fccb853c6ce13324e95025c486c2de

SHA1
4c3408d45dd9c0cad50820c6b1e30e3da1bd4eb9

SHA256
ffa9e7ca290a73b8a195592a512eb93d26c8d21c44a0fff9361a4482b1a00088

SHA512
c2645bf8bb4b8710ed2e23caca2554f01634cc14b0b9427b7c2c3087682cf1015f7d20def59c4ccaf804ab883abbcc951fa11d99145d192fa76546d0f4710709

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LIDWBKOU\favicon-06b7221b58[1].gif

Filesize
3KB

MD5
06b7221b583655a4b7e7659118428298

SHA1
2ca646b8b27e5c1743c6924c69c43de4bc5413aa

SHA256
907ad1ebbd2992e37c7ed51cc1e26d6f5a9e48039de03bd1e8d46b46101977e4

SHA512
c3a28f8f6e6898c559a3fd94fa9dda27725d77ef8bdbad63cd0c220ef08eec5afdc626a9ee829937513c406595be92078cf0e7f60be49a7b1281b6c13a92a93f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LIDWBKOU\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QOWVUGSW\ad-provider[1].js

Filesize
162KB

MD5
710721b64ea5e3867ccff5f3de8ef294

SHA1
18483d80947e14cf49f8c9ebbe3391e1f48fd0bc

SHA256
bc0563abe13d7d9aa2d4b78a528f19ab616341e43dbf486aabca10559ae58e64

SHA512
c17a8c9e51c14d5f0fdf283f2049ec128753630f1a41e5a9f89007c2c0f973bd8cf4213091469ca494387912a3a6374af21756b35716b0dcf04b9c36e9fcd92e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\QQL8WXAG\ad_detail[2].htm

Filesize
3KB

MD5
54e3bbd40379c4688aea34601db2701d

SHA1
868da5810ad26f56c5281a5e8ef8d360d0ad89e3

SHA256
09524e8022ef6a6aea469d327550df91b74186f157f64b60703368eaf6df8937

SHA512
fadb63ec1d7a8e4401285e2e129b6af5b06605b274afc84d74de46657dbf55e7b4a770d55c1c7ca7462f32ff496b6bdbddd93f684b5f99e1091709b5cedd2d58

Download Submit