47d587a804bb087af6e5f7e5425689889cb97b08b2f5ce1302710336bf8f7f47

Analysis

max time kernel
142s
max time network
143s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
01/08/2024, 22:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

81f07bb3380c3c1f697f2da4cada18fc_JaffaCakes118.html
Size

28KB
MD5

81f07bb3380c3c1f697f2da4cada18fc
SHA1

2017c9f11e897232b20fe85b1b13fc3ea358f482
SHA256

47d587a804bb087af6e5f7e5425689889cb97b08b2f5ce1302710336bf8f7f47
SHA512

84a5ecf95e6e1326341a63be2d6a5d1b33c9ffb5942ddecbcb298a18bbf3dcb4515c00f52226e922354bd198a1dfa17dfa33f55588f4f9eb0f6d14a37ffc5690
SSDEEP

384:SEQTziZX0B2LHsRQWp3lselGlfCnqGrAyuVTcUaSW1eIcj0N73XgUzRJKzOKoBAN:SNTzz5cSrAnaYzQU3Ge

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f082896e60e4da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000082ebb0b9d6f3f0458e93e15bd38f268f00000000020000000000106600000001000020000000a0932f8e09d93ebf9e61c56074b5969ace413d74a0a5650f8981993721be8fbe000000000e80000000020000200000007d43c1fc3b78383741c3f581b7119cd9ecb1e53d90a52e7429a24ac27ea5a1be90000000f273ce532f607bcd461f7d2c1e9e59f7b796a853a4fbbed63264ce58c5ba2f42ba90b2c1d54f42edc0bf63434f7b9fcfebacd3d07f2673280b714cad64e12ea8bea30c4523ab20443e99ad0d1807ae858f739dd15a23211d59a4ff923d6ff1fcf773a6d6c941b2e3fe1ce4f4c37c48bc52609e45da9eaaba26a5e160ea2c08f33d6df09da06a2db71da2857c981017a640000000c57865692e47a716c34024330ec89f2dafbf2476fa11284cdff32eb0c1526005b0e078179c48796d2759abc16844c94ef6ceb4f0ec69a8ae819956fc9efdeb07	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428712379"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000082ebb0b9d6f3f0458e93e15bd38f268f00000000020000000000106600000001000020000000ed110bf8599a34a5589b0dacf875dac1298c68df46ff203e779e49b57d4ccfa7000000000e8000000002000020000000d7b97e4e04365ff6902c1b9d562cff032e7b6e037876b5e12091b3958da7108920000000ea574f1db5c120df4115a4446d188ace7a3c7aecb1ff6942264b2c03dd917072400000006076f048bfe12d4a713e8925f529dbcb896686e4aa61f56656cb0c02df5c0f8c95e96354544c5fd575cd568591b68778947db3c5937b4ceb048362742631f068	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{856C1781-5053-11EF-AD83-5E6560CBCC6E} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1385883288-3042840365-2734249351-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2580	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2580	iexplore.exe
2580	iexplore.exe
580	IEXPLORE.EXE
580	IEXPLORE.EXE
580	IEXPLORE.EXE
580	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2580 wrote to memory of 580	2580	iexplore.exe	30
PID 2580 wrote to memory of 580	2580	iexplore.exe	30
PID 2580 wrote to memory of 580	2580	iexplore.exe	30
PID 2580 wrote to memory of 580	2580	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\81f07bb3380c3c1f697f2da4cada18fc_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2580
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2580 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb02f305f98272f6cf03108ec1145905

SHA1
373a75d8299bf92cc878d7348d8f3b1de4e1525f

SHA256
9e65e4f6b7f12f1b898a45935cba5b7984d1f3c473e5ac0376facf6d6e5f910c

SHA512
167fa305568be9eb2e4c379f8d55accc28a9d7e828e3062c35f3956fb7413666db07934cb9fc9af75d6c401615d8b24adc46ee57845780691a18925f50313803

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4dcf3f654c0859bb4cd78895e95f9a0b

SHA1
07cbb8668c183a9acb2f02d30bb3f24d461d9905

SHA256
33e17143e9319db18d6957eef01996aefa1396bd40b351b58cb10028fb08fb91

SHA512
c2286ffca0dfe97c4b2e2f3e0775750a868c633d5382c97f7effdd09b577d1d7517bf841ecd3b24b3fad2c573ff5b15a9dd96b3c193e4c5c3be10bda5a35950f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9516bdbaeeaeff6a7e65ff384438f4f3

SHA1
10e2249906474e27799ef40afe1afb1a3b9afb0e

SHA256
c497439dd8fa826cb9ec91b15ab10ad2f7fc4b7194ecbd66794207474378808e

SHA512
8fec405dbcd25ebe32a96a3c9b81082fc969824f3d49900b38026fe5e16482328b9dbdcc0c8168541fbdd4c0284a5e5b0ab6ddf127177fbca57bfb6900474879

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3dba87fbfa363a20ee168f1de513ddb5

SHA1
b7dcad21878b336c6b7458beb6c8174315361e4e

SHA256
4c40941b408f758e8c40318baacb2cd77f9937562b0880c21d50a3e9a850279e

SHA512
7ae18327d69be337a546497c944dad8bb49158e7b76b5a42868b6491b3dfb4d17659221b3130ad3aada2a784726bc77988b3de19e54e38bea03cc644337d04fc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e569143755ac027f81271cb53cfab23d

SHA1
49658738621306451f787a43289a00c87e72dd71

SHA256
ee19598ee77954e8b3caaa0d14f0a337ec01b1e36a16a50c8593300cf4b515a0

SHA512
1e2d01633ac98f67cb09e2e3ec596100ae4c4cc300dc858ff0700a4ce12abd060e36f6c1bbabd49f5f405f6020cc1944506b69bb6585d41af594658e9826183e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
12f9c89409896254757d37b6f22796a5

SHA1
af6634f44dffa2f41dda916bec3d9273ce23d470

SHA256
f334f0ff3af7461008530bf5c6b98721ad58e14dd667d8ba57413477cfba0137

SHA512
a84fa1ca76d7808e74999765ae2a2f2185efee72ee311289cab5a2883ba9f396bfec569a485e0eb52cd89dc051c7d2f4c6d48031db1ab439108e7106634c89ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7880b7b865f6d13563e1929c785e3537

SHA1
3acd0fc544518f64a2d67d0e79879ac8ab5422e6

SHA256
1f3de1ebbbbed048a69f2d8fed24d44420263379a531aeead9374fd7b602fa39

SHA512
987bd67e929712eaad7b284368524e4b7c5ffbea8c945c1d7fc657df6a2d68de149683ce0ec77e721d80130b075210641ef79de1c61cd15ad3838554dfb80450

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3961bc82cb88b0267108b6a590c29ddd

SHA1
82df56e1e971646cb3aae14d772e2567fb7984df

SHA256
ba25d863c6fa6ad81f91acffc9c2b071995f7af5a2b364e8ca4bd748168bb71b

SHA512
948f9b4b273105e5a9d71c311f04b90de9ec94d7f3bc7f8ec0367d79ba59c54d05f8122b848d6370a235fabae1b6686cf42558a294300a03f24b4a6640754ab6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ac6c81c5ac3871676800619666ac6fda

SHA1
d5059a4db54156106e81b679b0b2f7eab5ef2fc8

SHA256
321ebfff994f5f0feaae3351bb6c5731789c1ea8df4a992caa7d5f11c27a33cf

SHA512
0ff7aa05bf07bc0b2f06bd0a48922f49536b15bc58de0b12f3a2683a2557b1a1e5d47230cd8849f4a72f3d9c05f3d155f1917ba15e239bc7e61e082ec8d31c0b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3efe08b9f1e1a062c89fede50c290eb8

SHA1
5196e0c9f77338153ae03a28fe78856384ee8a2b

SHA256
307c5961406f5f89f3b603858089b7c6ae12b0b9d17d0bc978e67a523d5d3be1

SHA512
d1bd1b76ec4c7bcec5141dbef0f7aa40e13c0b93cef95fbf84bd3a73bfdfd8bf84c8c5498df9e9c3d02fa2b84a1d4aa365217a1bb34538619c70316545993a37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7243c90205e49a418064796e8803554a

SHA1
b5b3bf590cf5dba53e0cc65ea0ae5545dc448153

SHA256
e8893a1b7db1ebc2185566dc1eeb87d3ef492f3363eead771647cc4582e1b694

SHA512
a66a1ab391e82b33df9b6580a0807653cfc03373befd2077a8e94fae20dd84d1c158b6c8564709b2b5748ddfa9d60df3f5915b5a8a41716579c660acd8b07928

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a5b70421f494a3bed4267ac93f3621d

SHA1
4b9fa13c590af7c57c066ab61ef7578dd47fcddf

SHA256
43c5af260943a0fc2fc081138428d42faf56a581fd4f2e6cbcee40110314bb1e

SHA512
e3001019f86b28a98f6324d4364e349483e346b46e4aa0321e11658a8cb3f0e346dda224f0a4ae9bf6daea8377a9f35c7c5cc2f5871a39ef1deb068f76cbda0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f7545c02003b1105aa9d273d089478fe

SHA1
e1841d2b81be4e95f26f74319ea58bc089f25d5b

SHA256
d84848762a240aeb29017e743c914b13d9bc471cfb096dae925d1d432e161f62

SHA512
d04bc534d28ad2c9943840b875b915a96456a382a706c28a556b2812bf43263faec67fc0f35b542b29f67cf3ad2946b075afaa5235f5acdfc69055cb478268c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6c3f831bb93fd9721aee363340fb2b07

SHA1
f4753b6a6830e5c9a6b1e50de165642e6a70107e

SHA256
e91e8b3470384854e66e9d7bf6cf107f23b2459fa962339bdf4fd02d6280a57f

SHA512
0c61106eaf0b7baa7be283571daabd643ba67b71190f20b0f892e7a4f74ba2ff99722dd63bd22abd6e41a2e4230c685a17314770832c6e547ade1f663ab20a96

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2058b478e61ea164366a80bbc5b44ffd

SHA1
cf0662c3b48de68a5f2d7895dc402f8e0aa0e15f

SHA256
12184643db4482f32e6865ce3eb268f996ca70cfdc924788d32f46b5939bc6e1

SHA512
de8d02c8cff7fd59ff69b735180c5fc930620b04503aec10ff6302e90e0f2a6af70a9739f323f3732e36996358aba99f9f69b9ccf3277f07ea972a76195d3ea2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a92f3a099de51b33102b6f7a16f3049d

SHA1
893892ec8f825e872d66cc77c77e8cd4e5a7f863

SHA256
4fa4bbea4019f8f8551103fd628f373fead9d9edee1b4a019ee4391e69b59856

SHA512
251f39283e50cd23d96cb3f3966a9ab8b5faf59c4a2a9facbe919bbc7194f5bf63f4457df9e41e9859cfdc1730bd11c56b4c30dc810d3fc84ca7d72e544d062b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a5a7142532a6f243b832fa2c17009928

SHA1
b5abcb1b0251d54148925548649d2b285077e90a

SHA256
25db72c539787756b8f83ea4bde8a71eee8db728d30b1661b428037933d8a9ac

SHA512
c1b0b0e926c091636385b6db831173a943d26b0392c4b5c9eee6c615e7878b438b6e2dc0380e6a4dfce9809de5ba991b05a7b9d1bc58f864f413fe57eab25976

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab54B7.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar54B9.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit