effaf867f4051a9db865f297b8abecd1531070201528c58201dfee9e7f448a8f

Analysis

max time kernel
146s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10-08-2024 12:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8612f690ae5c7dd69a67dac11d9f4222_JaffaCakes118.html
Size

44KB
MD5

8612f690ae5c7dd69a67dac11d9f4222
SHA1

ca61fa3d38ab394aaa7e83206755cd1a6479bde3
SHA256

effaf867f4051a9db865f297b8abecd1531070201528c58201dfee9e7f448a8f
SHA512

6d132dfb63a342931f0cdafc9c4c8ffb214cbf82c4cff02705bb8dfdba314edaa57ed9e57d39afc0b2146b4769914fe28df9f2131b9804dd2f12eb46bbfcadb4
SSDEEP

768:wNklTNaDRljWKGkcKw6AkR+CKgpu/s0M9dKmK3TIYQqdUIwhG22R1QkBYIssR/:wWTNaDRljEkcKw6AWKgpu/s0M9dKmK3l

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1540	msedge.exe
1540	msedge.exe
2572	msedge.exe
2572	msedge.exe
1208	identity_helper.exe
1208	identity_helper.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe
1976	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe
2572	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2572 wrote to memory of 3016	2572	msedge.exe	84
PID 2572 wrote to memory of 3016	2572	msedge.exe	84
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1004	2572	msedge.exe	85
PID 2572 wrote to memory of 1540	2572	msedge.exe	86
PID 2572 wrote to memory of 1540	2572	msedge.exe	86
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87
PID 2572 wrote to memory of 1888	2572	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8612f690ae5c7dd69a67dac11d9f4222_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe832046f8,0x7ffe83204708,0x7ffe83204718
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:1004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2308 /prefetch:1
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:2056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,1474172164630319982,13724654631630688846,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5940 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1976

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
1005501accaa378d11e092d3c13d9909

SHA1
68ccf2ede906f1a43ab9689c56b1f883ffded9c9

SHA256
01b7dd3a633ada535cbd1410c49c72de3dc93da060e5cf9e2ff2b97fa9d202a9

SHA512
60882e384b0c21faa5913bdefccdf9f2bd06b84fd92da7bbfe6168bb1f32edb4a2014d939fd9c32303297e71d31fe5b9ae97469560d815c002c8e4cc0306c4af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
309B

MD5
b9794a5a0dcba3ebe0acc9f69bdddede

SHA1
76968f51e9bb792b74a09f9693ba86da3732cf6e

SHA256
6f77ea59485ec067863ef653bfe9fc2ac7cd90fc1fba57246599d92e2b1ed516

SHA512
4c5403093b063f9c4fc7e9ef943b68f5fe024155d47befbda6e1fbf7020efb7f582420d179ddd6a19efd9ef61210388aa32bc927fafb8df7a0479815c6adf991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
810B

MD5
4a78a5021d8535f79608500a55ef7acd

SHA1
92f58b38f962ead3dea1f2be7692699237c64c42

SHA256
a17c446dfea8b296ec875b4c20234dba8c330e5a74efe55b39a88e40842aa7f8

SHA512
7ee86b3a42c424e313d1b92a30a906b519f5c7d4105b4c74343ee0105720c583c31b844baa16616bfa61ef116fbefdd221643354c897decd30e1a760a4ed2a5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
192e354645b70e41446933c6888b3ba0

SHA1
52fa3a5de89f92b2317c6256a3c1ac4a5afb2c61

SHA256
8b42e37111845e13d9e606b66e04d5b0cb5d16742a36b8f84e6a45135ea50bfc

SHA512
01e7fcd445375167b9363ed3ba2e37d6195cca6e21d2aebb7e1c796682066c9586b4c0faf59e3b2c87805ce447546af17aee86b1565272d32c565ace86975397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
337dd1692492d7a922db2ca1dfbce31b

SHA1
eee65296b2012871872f07c1309ea04e8f4de934

SHA256
2eaaba1d6d45e8ac9998ded68f3206bd6d1626a8237129644f992b6c574ec17b

SHA512
1be7f761d560dc6dae56b6a6beee5f1cfbc0db8bf5ccb1e2c6cae30e9907bb4ed31b36a86eb81a0b3dea8e5521c4f0f44fd5ebc0435182a435bc950e5fe6fc65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7167badc89a1ac8030fc4135b6031b38

SHA1
9b8226af881fc28b395e37565faff1ae4abcfcbd

SHA256
65d283e8cc0b86cef860d38728a76843765b3b90a3a2dcca504c17f72c0c0708

SHA512
1d388b55674aba0104479d3ba79480c1c3f3c5b367300d1213d308a94a96abd016cfeaeabe92652c97c9e95a8d1795e9e10f5b37351a73c85cbe2f8e105e9ba4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b011e7dccf84ce17ad4c4764e670273e

SHA1
1b9d9237d52916933ef20f4866ee92f2edbbd6f2

SHA256
6712a703279bc002a8565d59907a41f1035807bf35d591328662a0519c152245

SHA512
36764933dbac77263baf51fd6854352ac8b07d7e9eca792fcf488aa64f45f89c59b6c9c4ef84675a2c39334039b0bd0dfa495b5878d83a90e920b2bd824ec019

Download Submit