61f3d5c6fe003bbe16d409e8a05a5eca25b5ffec436e127238d7c1c5289833c2

Analysis

max time kernel
147s
max time network
149s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
26/07/2024, 13:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

74473e5b4f7b2080b173f1849338146c_JaffaCakes118.html
Size

121KB
MD5

74473e5b4f7b2080b173f1849338146c
SHA1

90d992960cecdcc11c85c201ce00f971d97c9407
SHA256

61f3d5c6fe003bbe16d409e8a05a5eca25b5ffec436e127238d7c1c5289833c2
SHA512

cf4e55b8d96efb344152e35805e735ba201e098911777a03c5306c4419ee37262598ced424fe245048c3563fe89fef1adfde1f76e49749b7d9566eb31b58e605
SSDEEP

1536:FWIDZIGpL0KkmIxsMDx4Ck59aw40HiD3Cu:nO0Laj4b59aVfN

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BD3C25D1-4B60-11EF-9E0F-4E18907FF899} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000006bd092ee78867033d64c331c55aa559677eb681f691986afbb2d175c0c10ee11000000000e80000000020000200000000067f0dbd545aa52765de1fbdb6910636445c7c42ca103f1503eed62c82bda869000000024a569cd631e8e71e0ca5c6ae6532ffc3f646b0dd2a9f49336acc390397f351bef690020f332ba2994b39ff94c139d770a7892a1c4a26032633bba49dbba83197d0d00c864811689054766e0c2b78371ad01299abffbdbabe68eed0dbd62cf0af61cd570e05e05a1f7f42333aacfd869be1a4e8c891672d1bf765fff771b2ad3bff992a91c8ed6eb0852c82d8ad2d2fb400000000a1769e82c55a404b6534691e866f453c0745c02758b67cc1fb572f0fdd63d47b5f5a0384b5f304d6209356d2d9e2d02e5a1727ed5d70adae0095095efd8ca4b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000002a96ea1982c7048d9e6674e6bb83d7298db65c328d25c5e951a1eadd428b693e000000000e800000000200002000000000d3f94f9d7c1164873ce46069e29ae28be14ff378f5c61566cab0224690434920000000be1df38ccbdca9c93d3f5413683fcc11040c5562f95e23663940b87d0b763b3a40000000f493bd875d210702afcec26c12033843030176cb489fb00652841ebd0ff49a2f6b74573ce2f6382c4747158370993e43755dc638de6f10b2aa5f5a764baab182	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00b85faa6ddfda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428168301"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2220	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2220	iexplore.exe
2220	iexplore.exe
2600	IEXPLORE.EXE
2600	IEXPLORE.EXE
2600	IEXPLORE.EXE
2600	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2220 wrote to memory of 2600	2220	iexplore.exe	31
PID 2220 wrote to memory of 2600	2220	iexplore.exe	31
PID 2220 wrote to memory of 2600	2220	iexplore.exe	31
PID 2220 wrote to memory of 2600	2220	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\74473e5b4f7b2080b173f1849338146c_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2220
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6764a27596cdb08a5cd6a20225d8f828

SHA1
416e85e158a2d657f95957d6596c2d4325cdfd57

SHA256
fb85440ac21d0098e31e43f41e0123630cef0ccde75ecaeb4bab9693cce07688

SHA512
caede49dac8a836959444ce31b49496b5f3713752d52976b71058036f43b8599dd896669acc589cffe3722a977d049c687ea91df0621033b10f4cbc42bb0a274

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0df33395dfd9f6d6c05da5159ea909a1

SHA1
0df313ceb9fb1016a6ccb6dd7938d19c015631be

SHA256
c858134a89435e3898a2765c84a307f0dbbbd82ec0f83b5f0836078e77ea093b

SHA512
fd3c7913006899575740de9e84a979e0e42243ea1d3a6747d4b7fe861d39c48001671b4dca337d6a84e7facbd0e18a8c7a83fcfad19537722127701b9a73aca6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f41496a9005ae733389b20cecb7b4c76

SHA1
01951cb4acdbe0d4ebe90f0536663b50814f1d88

SHA256
12d6e5d03be17d72a6bd4859f1bb7d503691bdaf62b1d0c1e20c6f8ec01d079e

SHA512
70044c2894bc4d6dbdb55a8fd294b2ba969bd86589bc2332a5de56dcde60f32085d77245cf9bbc0f8c4641fe8e72a46b39aa333df286f20f6314c9ae2cae8957

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e3505327dafa985877ed2a609c711cba

SHA1
a113af49b49353a38e142759086cd8e634bc6c9f

SHA256
66128bb611510635d5eb6df08024f50afc12ed2615985a14b1ee0e309fbd7ba6

SHA512
a82a4d1b1c71aefdb5eaa355f31f8436f53b442805f8c0f37bc1938259b25158699e6662f7862610197a4ca58961ee7ed79e0b51862246549d2ed8a0c9d4dd64

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74f9f43d1f9ac7fbb698392e1a167657

SHA1
0a8674c8abe076ffbbd03e99ed056eddbccbd4ec

SHA256
7008fa4dc91101cf3a496d46c51ab7f504558bf49eb0db34d666751bd948fa4d

SHA512
15437fa881f58d9e606b8888bdac5883031dfa8ca66b838d2b09a50658d2d4503e19af123200017d2c8be4c8c0583c7ea0bb271517ffcde8ea87fe658bae7440

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67562a389dc17c7080ceb7248c3ff7e5

SHA1
ce5ac7ba37785f7f49bcd210ca3446288979566f

SHA256
e26778d65c25f4bd7177008b2be2d15cf8035446bf918caa445f82c369e05e66

SHA512
a92ddd865ba88625a1f39d724bcdc16835743d26cae18e583ac6b168afd8ef320b447de14b730b6249c87d9436f1cc177bf063209eeafce015db88889aee881a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
58de1d806ca5798a3749dc53d2fd2366

SHA1
dedd41c7e737c8560da3dec6576143270b15d2a7

SHA256
663611383dfcee1a2a3bcd3711d5d75d91308175d278581351e0c90e956af9db

SHA512
84b7aa6b1cf521717a20d0a9b28c5358dee07e2a8191f2a6c75d70e2b0da9b3b44fbeae455d758410d2b9eb32a24d8adca825c89e365441e815557b3f56ac5cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f26d823a37d6e33960963f843e5f8a87

SHA1
5de2bb6fd05cacd8b51dc26bbf731946cb64703c

SHA256
b4935741845b90a3b5232cb7eaae5964ce3b8144643231f2135e03c5c70bd4dd

SHA512
17e021c1099d6ed1408fdccb565f62836e68f21657fb884c0de2f0b7cbfff73a5bf00134ec473bb021d1288637c2332378b4ca82b5b8e2225f917daaed733d97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8584c4a4784226ee65db0da811726c89

SHA1
021b4286a0a9443d68cc66ab4ee43029ebae0e22

SHA256
754d740435b12c96e41891a9d59c49f197dcb2685b319cc9248ef4ee796be121

SHA512
cc04dc0607b5046a5e0b6d96c429b3b650ab268d022de3a772d9fe378bfb81484fed7920242c97ce881616541f9929c13e85a61322d21d6433c00d8fb3e1cec2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b6c4d3e25060744fbf9968765ed2eb82

SHA1
0b8c4e229cd2a1e4fc0cde69b9dbbf047f16194e

SHA256
374c18ff85f5b2a0098334cdda2baaedd02c307fad08538359bafcbe1f58e0f2

SHA512
8013b4814e600f9cdfd45c81de2f95a16389e58095a218b53590560e2f6c8165a5a211b35dc180003e31b88c95fbce94e1391db3a8638479a204751132d400c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1136db9ef49ed583c7a4a722b1f032cc

SHA1
74853b865e9a544b15aa023ed9b4430efe933684

SHA256
6a5628b33c1f0ec8ba1ec97f055307a0cf20a7697b566ff0e3b30bca409c8ff1

SHA512
f854e5b3379ff8a17f052ce782d883485f0872fdcaa558a59120c38361c2a59a7326c36ab27566a5a07bcbebba487f432536401faea7d8dcb307bd44cfe49833

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
090cf3104d32248fc7a4010bc4da1e07

SHA1
592c308c3b548a1c8a0a3486e1e9948af0dac426

SHA256
30d055485994ff0e7e95b9775a44a85641ba7a88e93de07668e02e143f3dd671

SHA512
3443a0326726a80c621fa1030c50690d7fdc5719e95dee5bb4ba45894fb796adbde538ab6135583b9323e5044dfca9ffac7590342c625f51b2f8e74b204704d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9c51b4646d24334c5750179ba10a943

SHA1
ddcdcefb9b2003855e287fe0573327adcb13e36c

SHA256
1162720424660cfbfaa487c6a619811c8cbc573a46c6c6b7577bd63524b13815

SHA512
52364f0e44d03340dae5a07e97aa572615c40a1615030c77c6a98d4f0963e107ddb57afa2acb0a83df51e22b8c570ab635a535d6b0d743321250c3400230a686

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ba98b3d29217e0f7832a32d8a7f5fcfc

SHA1
88be0c32a4c3b80030fe1068c445483cfde418f0

SHA256
41a1afc1f81f8e6f1fa025adad18a3b4faa60d4513cc0962f3f89e8966467854

SHA512
5653c2d0b970752820f8f02b6cd30ef3c96246839f567efc0c1bba48b3fffae746cf63ba9f1f75364ce0c32cc175443e8720007d6828408206942a6705cfa541

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d51c6dc111f80da62910a8d1e00e1f2

SHA1
0cc3e52c5e3cefc6ab1ba36663690a2a0b4caa10

SHA256
ee27935e151f33a06f8e94dfac29af1d58973b7294dd74600b03dc635d61e39e

SHA512
bac6e743094a9488ae069dd03b6ad2e97737c10579a38cba49ad51e267a88307e6a2933e3338ca11651ba6f571a2bec986820c0b8796bcf4534c7fc27ae0d5ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47e9b91b0ed268b294cc2e337f253c48

SHA1
69d0fce705ba1b30a6241214d772f7dfd5c18643

SHA256
88514930ae3d60db9e4ba78d0643b4c256db915d384b6b61d0b38b75999b68a5

SHA512
d9eb26fd0edbcf5163e4de3c05985bf1e6a3d4cd4fc61a37a1fdfe01bc24a2e1c32c1c2160be56fe9730f180656b12e5c64dd6fd50e336d4c42f05bf8467641e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0b16f43f0189bedf98987723f5036e47

SHA1
3039436ac5112d0ec82becca294ecd21b3864314

SHA256
53cc430fe8d083549397bc8974ff943e1dcbe072e7ed851f14acc19dea6ab9e6

SHA512
88643eae9ad0cc39c59aecca33b852756543e08a236431e8fcbd955feb48a33ed538982ae6f3f8338a96a6f126b87f6130946729335873619a87b000786158bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f91529935a26ec0ea488f04be23b4a8f

SHA1
20dcddeb28f4f0639ba3642b91f920b0a768b6cc

SHA256
85239c44c201b385eabaaefe9d9b987f4ebe319c59496bf150998534421ed447

SHA512
724e7e9c89b5f2b6ca7d20dd0ffd250c85f3686468557beb1d5f5f35e3c63fd371c83e60ace05f8215c51858677d8767fa5d5bab02b0d81a5126513c21f7b164

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab86EC.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar86EF.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit