19d38508356424f6684706eb8e7c81fe30ca4523bde0ccc6ada86c97646be303

Analysis

max time kernel
142s
max time network
152s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23/07/2024, 19:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68b41fd99b6a78308fe9d827c68fb9f5_JaffaCakes118.html
Size

26KB
MD5

68b41fd99b6a78308fe9d827c68fb9f5
SHA1

654e69820d2f1cab83eabc00e8595d26a267550d
SHA256

19d38508356424f6684706eb8e7c81fe30ca4523bde0ccc6ada86c97646be303
SHA512

cc58b99cdf51965dd2d3a9817d608721a46cb9294cc2c1748e501d2f285d9d9a0cc2379bd9e18221a2687c29a48d0ea6e7e67b167e2cfa1d49f1b36264c34bdc
SSDEEP

384:4+QfPFd9QZBC7mOdMMoBKfpC5IgSnbmFe7Ac7a6+YkJvAgo0ioAjPd:Zcd9QZBC7mOdMMtpC5I9nC44IP0io8Pd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "427926473"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AFC95511-492D-11EF-B062-D6EBA8958965} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b7000000000020000000000106600000001000020000000dad9402495a4902c0b734377f244c4a412c2c4d5827fc7154d1bedb678d20eac000000000e8000000002000020000000c0cadc358b58586bd906391373bc694d7e944cf0f72feaefdfe6d2f8db18e989200000001fa04e322dfef3ba3a51febd2e5d7f428ed4e8753c63ce359f8168104db3a59240000000ffe93171c59cdb0dafb5703e3fbb555ee747ebdc61b9e0a3336b9c7b9e8d98010c984807a2b5e33268fc6857359b4cbce9b992a9246dc7812f71689ca9af8ebc	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90beb9b23addda01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b700000000002000000000010660000000100002000000056611d7975912cd061e4dc5cf13975860ad9819d4dc1e37a5f6b0b4378b3d13e000000000e8000000002000020000000fdec44d9f776b7579f9bb07738e387d3d3f907e9e20956bec6167d1c37a4100790000000835ce2b61a07e973d29300a785b71933e07db937a70ca77244e32fe11e25de2ab93a0c024ad67b82e4c069743ac2f37a743256b06e69cbd64737b762679a27a41b9742846e2467fa00c4c8ecdd5c9300ebb4ad69e9592fbd98f6776e8c64b55101700d250eaf8752a711834bd95b42e67b40f99d2cffc9b3ba6f69caaea4daf96f4cf10de7af532a0ab7d11c17dab97a40000000d4ab9d3909043770b8c8c2e8844b376ef73a61f408fa370ef82ded2957f27109fc724762a034237825c0d0d6cae6b372c2fa82e0967a594bbd4eba0ded77abfd	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2480	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2480	iexplore.exe
2480	iexplore.exe
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2480 wrote to memory of 2744	2480	iexplore.exe	30
PID 2480 wrote to memory of 2744	2480	iexplore.exe	30
PID 2480 wrote to memory of 2744	2480	iexplore.exe	30
PID 2480 wrote to memory of 2744	2480	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\68b41fd99b6a78308fe9d827c68fb9f5_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2480
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2480 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20edef3fff3862e9989d4974b8014fb7

SHA1
aaaac3bbaee093d4f2e47f666e3e5cf314c25556

SHA256
7a9c1d72667135f17400bd449f3e3d5c6af86fcd033601c1b9837245c3b897fc

SHA512
65e023c5093616d027dad36eef1f31475aa828de19d65a048a005390f229c878afecc164a3180bdb9a1f37daf80b3e97b8078ffab2d0d8e086e74438fc8a7847

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8ac669b524cfe06e5bfe0b2f6cccbd49

SHA1
fddc3871938675aebdad3ec4dc6654bd9f3c1814

SHA256
88b38e81605fa0eed3087eeb9ac998d4083bf4e5cfbb8747147f95662d2f4a15

SHA512
e56519699b2c925ad4f56f1c83374ed78a9a1a73c89addfa74076101ae4da7f1818f0c4632afaabcccbe2355fa6d73f6d4401bf773156c5338470fe00caaa9d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ba815ae3940fdcf10af96dceee343434

SHA1
b48e089ba187ecaf4b3a97daea7222195d761539

SHA256
16300c2fd9d20d7fb13f5deeb3a0e6c37d30228ce46f38b55e849610228b7678

SHA512
7a329ed3b339b5f110cd1879a7637bf40736c2b20ae309ea7edc177abf8505ed855f3460116a3246c9346b4b5073ee97256270129d60857ef7bb593b58bfd184

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa457a0960d8389d36eafc12ecb4b819

SHA1
c27f06ab034aa687cdb60f518bc59aae40fc37fd

SHA256
78f485872dcbc1200f3b81bf08a9557d38066e072795797a1ab071511921c7c4

SHA512
9fb75533481687237bb217225472c060ace6f20ddf64491a357f8174472b06b81f1cf3f48f28ee0df0f02cce00c9b6047114b42750a2552d051a1ed26d417bf0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b56d0d4c96edab059a49d06684d88f1

SHA1
0a904cb6457eeb29d3e30a7a1b42c8dd5ecd365b

SHA256
9ff40dc4e5acb88bbd7775fbf704d0ebf39db18dab5054b8943768dc8268a719

SHA512
4e5409c291f3f458c162c844285f5957a7d987c23d352af8789b47fb2e87f0fe0660ec13644aa46b71f5ca8dd91e550a28817f05351817e656c337c4476f6e04

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a610690c8db903917d9a85db0f27b33b

SHA1
ed7f98b48650b4a3940d1a90965acb1da6a3141b

SHA256
851b8f2ac5ea829f172518d8600611f30ce124ea2430ca2a49ddb44e265b3e91

SHA512
b455a5a60d6a35309d336fda6780ad71bf32ae2a640530ca0814122472600a216e735516ef3f71109427745188d4cd3ae454efc863084ce4d88c8f388ae51a1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9d8fbfefec8c2b03f1604c619d54df6a

SHA1
dcfb9ec65bde111c8dabfb8e6cd783b77666dfa4

SHA256
34116d919b91cde7369aa5bcefad0bf56ea6ea2d47d184acea046ee5ad999542

SHA512
17a77a6beabdcc40e7daae0eca8c029c19e3624aa6b03b62cc51432bcd89cba73f5e7147ffa32f1cddc5097d086a3f38506dd615df2b5b3de30ce2fb4b08ebb8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
631c537c4515c983dfa8614a0565a825

SHA1
d37182ab2a9619dfc42c78653f737872602fdd45

SHA256
c3f98eb5ad49aef20bdeff3349b528380b6b8bd89537b03de394d16d0202e92f

SHA512
d5d7ccb55849a9d2970936129419bad64b9cc09adab40bd0321bfbff675b233adceccd5853836c2cb719413f823ff52a47dd555c85ea0b7df2475b446c3765a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a284d5b709c9f16d891fd0a6f4b445f

SHA1
67e22223538f3c3e251a35d26d0637bc481325a3

SHA256
a319104a05317cb86121808e263b6c10a9b1a69c4ec8f2e8de4a5e7feeea1ad7

SHA512
7d206bd04d35234acf7e86ffb84acb6e5aaeec1cb25ee47b55f7514735e289b8eec3898a5558ff060d36afb42fa81985ce6d9db3130684832f1b818ee9c14d07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
816e41ca227a5036242dda35cfc2fef3

SHA1
c9087560650c66acc36ae4e3d23a33493da5bb80

SHA256
68e35d1dbfa101f10479e5a9b61399e5625dd5664e8fd341561249d299e7eb4c

SHA512
80d47513d8b2be8d936356b3c026318c10e4443f2bccf85fa812a93c7a122e272e726c96b02c4ee7229f2d069a3b8e7afb015c3691b1870166b8eb22d3387c58

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7ae12034dec11445578323d12fac891

SHA1
fb03fecd81bc776ff4116ee10b6e33841c11d3c9

SHA256
c3bf5eaccb787a1a478a7a651c1929d0878fead535bf619fe8c1b7939721cdbc

SHA512
50b2569b7915745236752b11063ce3bef033ddd464319f52e9406de5da0f09d4357f54116de6fdc192a9975ebb1e56d87e00c3b2a08d7f0115bc7c8c8eca459c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9edc844f68ba4d44658e4445d2c41df9

SHA1
f00c954fc28e75e543a035f3a8129d3f0e1c91e0

SHA256
7ec671268f3268433395ff27558db4c0c3b7786bfa0f61e120d7fa4b847f7ba5

SHA512
58b0077d2fa94961668a35fab9a2d6090562defa325763f47634aa6b787fd4877c42d0a1e5d93bcc0f3e3d74bedbcf84090750b183aed4fc0354922a625a5705

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
42819279304483ad74c986455c43d6ee

SHA1
8012bf0be43a5cf8d44a7c0dabb8a296f2ebea46

SHA256
c0af40d8a74df8be5e45fdb1576d01bb3ec9be03840a8c6d5b5320e95b75f783

SHA512
8e3b69b4852e8d435d8136f64bb65944f7268833ea8788731fdb58de151b69db9220d146cfe4dd44878fde2073db3cedfbb034ad79251c17b7f37ea7c66e1eb9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2cb80d7dfbbfd745a4e0ea0101efead2

SHA1
6f0f599fb71bca31c81d18528a4f9ab1b22483be

SHA256
0f12e53c709b3eb3487902e77b683be42446e68dac698125729ee97c20cf1581

SHA512
e87f289d8705a95572aefd2ac6946afbaba64c08ee105096b849886691fb299add86bf3bd111cd73861b6b617c9257ac585c6e8499f188d10da6ea9e72118cff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
66ce3f2f07442b765b4f0e559f3c2dbd

SHA1
5e5e12993c482bf29cab21d7d8097a1cf201fea8

SHA256
ad73ed2daec9af014a2113f892b6314ebdf175d62cf7449cd26541629b5ef69c

SHA512
8261bf3c28aef611518acc22fca4d9b844149be9e027e938fec53ee5381f769fb51f6ce56402787263acb6107961b453bea742d7213b4f7ea6bf00663328b2d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ae3d86a27f9ee776bba02cb486fb3df4

SHA1
7ab9765341e512ee02ffbf9f4f39564b55514acd

SHA256
1351e1372b6ffa1c7ce414dbe48b88fc6284a688e62bab2e4fb27111b6a0ff77

SHA512
dc3720ddf4e58a9d1e5d610c03ba45dfc1241f27b1e9b21ae9f8afeae688332ac85b0c032a432a6ac6c75fee08a1318638016031c1abfd56c6eea657f276c278

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4e7c0ffb7590266054d50706a5b95f06

SHA1
239fefd76522c7d8dc671bad456cfe263422e553

SHA256
5a24c4e6e0ff3ac7df216a516e20e4f69b5f0e907021e6e84a965b1ec5d13938

SHA512
e104f5895ebf79d4a0992b64ce047d1e90b83da3b952a222b4ada5adb43dbb9b8acd2a8412079e7e3ce3135366a62506608163c0d30c06ac1292507d41f82732

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabED3D.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarEE1B.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit