48db0221e2d1e0e8154feebc716c09a830ac0ce1d9c1a91ee90d540e36ee913d

Analysis

max time kernel
134s
max time network
131s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02/08/2024, 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

82d15eb3c25af4a90527506e068f8359_JaffaCakes118.html
Size

9KB
MD5

82d15eb3c25af4a90527506e068f8359
SHA1

c929e0109100ba454f544e65fc9d3f54410acb6b
SHA256

48db0221e2d1e0e8154feebc716c09a830ac0ce1d9c1a91ee90d540e36ee913d
SHA512

6ae0ced31ea61a5be06d1163ccb0ce002321268ef78f5c375d21b6e8e43cd24296b7d674b9870804aace7ec1d81fb78667a870ffc04ef852f410e517e788e539
SSDEEP

96:uzVs+ux7SbLLY1k9o84d12ef7CSTUeGT/ka7prUQcM2KilVHcEZ7ru7f:csz7SbAYS//q27PHb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7958D3B1-507C-11EF-BB30-566676D6F1CF} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f0355100000000020000000000106600000001000020000000e1245120946ba6af31765a2a7f3b5b19a16e20966fea55bd3547dc711b5a9cd8000000000e800000000200002000000053690e23b03c8c638b2e03aad56f05bcc29dddda154c3554d53dba3149068ad8200000007749d28f6960ffb7d13ff41f51e65050958f3ec5a488a987c11abc1b3d596dbe40000000645769f93fcb302dd8e7ceb18b3f2943dd0e6bcb6f81e6ff27993d80a0bf4e2e769d2cb28b355e8bb1af0d0cd2ec4f0955c47ca456d4bf5eef32a9db2bb8f02a	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f035510000000002000000000010660000000100002000000031a1b840c59d027bfaa8148f478bbd74a2cbcae6800a47a50bd9c607f7c7757c000000000e8000000002000020000000e6874f756dc3e235a9657cfdeb3cb26cf4ecd6c8098a18e0db4cc440f8b720bb90000000e21a2bef9b67431f7528e72d72a16fd2573d04ced38d76b394af08fc5df055e3e79ce70deb119b14482d75ae41905dd329d30861d2a3bb0a5b79be12c237923cc70b4f07af8404a45a819a245d04cb8e672715dcb17ea9a2986a66d981146a3c4be6014bb4cdf7006f76c579338ddf8fd6bc6519a23d21dbfb88944f1aad4ffcfb9af747d60c9b0835e60a4d0f10c608400000003733128df1609b5f86c9836c4f30f126d510065a27b589bac9eda54bf421a13c46b8fc2659d5ac7d8f22d50bf27fcf7bc46cecadd5d0bd7227c6834e7d963cad	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428729969"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0f7ef4f89e4da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2944	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2944	iexplore.exe
2944	iexplore.exe
2412	IEXPLORE.EXE
2412	IEXPLORE.EXE
2412	IEXPLORE.EXE
2412	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2944 wrote to memory of 2412	2944	iexplore.exe	28
PID 2944 wrote to memory of 2412	2944	iexplore.exe	28
PID 2944 wrote to memory of 2412	2944	iexplore.exe	28
PID 2944 wrote to memory of 2412	2944	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82d15eb3c25af4a90527506e068f8359_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2944
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c14bf745cf44ccc231ddf7105146be75

SHA1
d8ee09335595d394e9ed484fb42e2ee7da8f1e35

SHA256
bf52bd85b0f203d83818a28b70b1eff46c3eacc7bc41d313d5c8e31efd602aaf

SHA512
720f9b3b4e6e69bc29106a044994ac229364d81a44787cf8bc95f6db5bb4f87b51b824a050c97ffd75d546d73b76edc7e480ba0946cf1aa9301e583803210b08

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b531aabba4b4cb2885450c8f7fae65f

SHA1
90420b75e84bb33a1d70e17c6b3b86f665dcf94c

SHA256
41a717d726ba5e524e14719575430c2c41b24579f5f334555af013dac978a27d

SHA512
33bf5da61eeef8848cc24c69fab33a0bc8f9a07551aeed1f5511418d9fca9cc41969256293a3eb5f421f7462f044083269db73d8782bc58a8535a07413f0370f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5c3deb653caad87af86489a36ade916a

SHA1
4ddbd71493201c5a2418e87f321bbf65e4976534

SHA256
d74feb987bfdae2b9968b7df46723bd6f9c1701c7f234314f447e9d3fd0eeeca

SHA512
b35490d8831e43045f9fc0e658704bb24978b74b75fc3812f656cab61d9f330a9e10fa020313452c2881a01e9d9fdb411015bf87b4d2add1731ce20d702a1b5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2735c29d347a0c05b08eac5e73b4b9d4

SHA1
1811fc4e6794e2938d1184f497da5b78dcbc65e6

SHA256
a953ea5669671d02b2258d36f9cb5d3d6f360ec2648c83c7cd9e162443062c66

SHA512
270c2d7a83b6e891cbfc099e43f3a3a3e10ae16ebd9a98202231b46fbce52187cf811cf67aded2e0eecefd11115428ba0801bbbbc38b96e13730b83000aa5171

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5f6893ce336eb9eddc5f81496f99d466

SHA1
5d648b5ca717c3e2993a7c32c6c1d05599a66ef5

SHA256
8ef5c839c66eaa5942963711929174e3d88c8568e8823facc415a44b4485e13a

SHA512
974ed0064bdff5a51fe3bb0582a6a7660a5bf9fdfc714cabc6afeae9e9ed490e097293a784b1ee14df0bdecb9ee3175d1623c3ff189e1fc0ff85177a26ed3884

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9c749b0c71f8550b182baf73c543b53f

SHA1
9376c96bb26ec01d8a20c2dd56f2aaf5a1504858

SHA256
9d792da4dafe52ea0a8e5743019eb703beea83c74ae9664afddc82a5d2493474

SHA512
2fe1dcc32e1807e2f7929eab79709780973188f82b49f1534a59cac4104429951459dcf936b37ae96a2398aaf0a43986f2cfdf65b667e0f855c33c0d84090571

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
279bfa6d4cd89216c912d12de6fef748

SHA1
cb292cdd0b2d1f99f6feb4c19de52e9cbf856264

SHA256
4003e6c23d64b348760d922cf26bceb7f64a867092f6a08e7cc3267d9d1ae15c

SHA512
d9a723c297627f66dcfe5af9a1771fc4c4e84fedcbb9ffeba5118533b4d194093aedb3650e037b36ec52142eca497d14e5eec7c81030eb1aa6dfd05254134c7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f8b6be87bee00618e0233e9e0e0e8415

SHA1
d57e03087a2e9f8f0fe59f618270c53d293973b6

SHA256
bd6e1d3f6a74cad35906791acb985df9b2b1731cd6b3d3d62395a93eb59d1e65

SHA512
df6bc79437b57bb594d918b03f812ac2f914b9b2449728cd1d1fa8fe1e83be37789f1fc3c586d56abd4950762bc9f4b7c5bc4417369c6ebe2793ebc25bfb3f62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e90efcaafa1805bf2984b0212d35ab66

SHA1
04679cf2a1cd612d0f32350777f4c6e48b11c4e6

SHA256
126616b643884094a13d40cf79bf292f9878450ed008debbf29a67056286dc2a

SHA512
ec4dbe184dbdb445b14ccb0a59dc45ffd7b9d54d721d2b42fa60374c02990b8c92d6e08aac8135cbb4d0828e8d2f6ee328aa96ff7b4f9a97f95b7c5728253cda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b99d76cee464d5139097bc08d0adc2ee

SHA1
22d535f8b98f1d7e23de687fb68ca8fa237ebeef

SHA256
51d99c73b6016cc5960834e33b63cc71fa26b3aa8a63fa5a5d45a17a9d9c9f83

SHA512
0622b5ef288c4e031ea46e9f02a5594d4df3e2553ebd968a2e65edec1a23773a428ee4bd9226a0ede40102674c79d1600596ad4a6342667a1e264bcc82f4653c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4b40ffce757948395a84641e24adf58c

SHA1
6e09fac8c60ca3d382ea595908633d771981cb0a

SHA256
c5362782b2d4718a30e0dab96d9158e62c9cd662e081907501051a846fc60773

SHA512
4db073d9d76c417569d8b2459892140c5079d0a10d9906e7ef29cba98125fc9b0e42a98d961be2c2f07d9c58a5746c496f2d71582c55cc3cdee75d73ebdb6330

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fb720f7b418ae5aa99ec78bc8a1847c6

SHA1
22b210865ca0510af272e2272894685f572c4f61

SHA256
9f19e3e16c8d94fceb09315b6afa8dd8b85be484b0792b6e9ac0e2375815cbaa

SHA512
e2fd20e21b77850d10396f99b53103c736e2e900a43965d8dc9baed6dbfecf34ac4514e15420d3ab1f422e15fa1853258838ed9a85c5ac22604bb6cc2af1afb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ecd3fd4ea6a291647e8ffd03af3d5c5

SHA1
c9c0416f0259f646031dae35c76b88bb36ad871a

SHA256
f42d7a667c35ad1df944df54108f62545eb2af63721a1633c4a1c3d3c4c51bf3

SHA512
3fba00d0b35deaabfd4788b7e11beadbda071c9da341b83bbd1246683b80f33059f0e2fa449c03434581a8ddc1e33aea9bbd8d42b99818368ab3f5461692d85a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
033c27b24d95f87dee6bde27aa17c8b2

SHA1
e15e5826d3e2b960df9a3d4216fbde77ab1aca27

SHA256
48faf0b149d9133d9fb0936ec937233c25489fbe4a76be44bd00fbbd2324308d

SHA512
9c98cd6bb918f90cf4ffa09d030d2a3d7e2b0dda1f2f5e8b2630069ba6d4d961e2e701aa38f7d5c179a2f773ecad99e7157f2d1ec4b786de8497cef3587cb5c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1077ea89685822357cc137fa68339882

SHA1
f9a57b0d4e1f1c006e3aef0c54b5ccabdafec430

SHA256
5f67048984548619b6233ae7bd3b68f227033b1d3b1dd6ad821b6316a4b0c118

SHA512
1aaefdd2c12f422b68793843fc4d7cac4023f4ce097b1d0cecc59a516cd58ca080c7258c44945c5f5056e2662b1c67921d78e5003f6d55484722d30f7b5af498

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c8db698677aba09cc82a077b3d1a9043

SHA1
1f42f8f1960eddc9ad5cb0901c994dcff431a883

SHA256
bfcf6bd7312a061a39942b41e6bd337156c33cb0944f1d5f79a9cdb44e8d5dc7

SHA512
9577d1f305708c9063f696a1f15239f4c0dfe5fbfba16e7390cfc9565e4c934430699b69f8d043875f8acbe92969faa1f854962a0d08f345df5b588a47487a8d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a445b093422f9ba513c487a15e44047a

SHA1
66e006b7a66da8737bfd38fc0d00570cef1c1207

SHA256
2ee3d457d6b067e5173338876834470168f93cb817ff6633620eda304e6044af

SHA512
36bcbd1e8ade3052d3e5d6caffed394aa9fff8efb6bdfc7b00734618ded7a6eb09c0d27d9c9cf1ccd5231f91f7024d70f635b658527749b217ed050e41736e74

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD3B6.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD475.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit