80d4d5ada9dccbcbb6d08153dcc1877715d29de7d01004749cbfc17a1d002b97

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10-08-2024 20:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87a65cbbf5c0b963028811a90af8ec75_JaffaCakes118.html
Size

41KB
MD5

87a65cbbf5c0b963028811a90af8ec75
SHA1

78f1355b496daa9d5f2d9df993abda17cd091f15
SHA256

80d4d5ada9dccbcbb6d08153dcc1877715d29de7d01004749cbfc17a1d002b97
SHA512

7c77ab3eebf7db3bb92cbba356225445b5fbcf761e57db5818554967ba7a14e9b9a598fa1685a064372ba6a773f1ff93aecdbd8804d0ca383da99e14033dbe92
SSDEEP

384:wB63eYiwWS5y5hRiow62zD5z0JkACVuwqgeSv6KJxF0HNpL/pjIFsndlla6DQvn9:Pi1S5y5viow192vMu5g3vzPFqlrno

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1268	msedge.exe
1268	msedge.exe
3380	msedge.exe
3380	msedge.exe
1560	identity_helper.exe
1560	identity_helper.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe
1660	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe
3380	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3380 wrote to memory of 4800	3380	msedge.exe	84
PID 3380 wrote to memory of 4800	3380	msedge.exe	84
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 3372	3380	msedge.exe	85
PID 3380 wrote to memory of 1268	3380	msedge.exe	86
PID 3380 wrote to memory of 1268	3380	msedge.exe	86
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87
PID 3380 wrote to memory of 860	3380	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\87a65cbbf5c0b963028811a90af8ec75_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9addf46f8,0x7ff9addf4708,0x7ff9addf4718
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1424 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1892 /prefetch:1
  2⤵
  PID:1900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:8
  2⤵
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,15814330893930698519,17917980997907486565,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6104 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1660

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4716

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:720

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
3c9693bd0f56dc6f8b0f00f50141fd74

SHA1
f607c732d5a3a4458bf3173e92321139ddb05742

SHA256
666311fa059462ba3e63f8925db02cd80a64d44fbd0f3b0591753de7073629e0

SHA512
5665c87630c671e98e4dc3ad0d43a8503503f0c548707b92b624cf1db33c69e419bd49aa785daca9d42621f309e0a7af5da88e49ea7e8c9763a59d18c7f2c449

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
821B

MD5
045dcb3caeed92c6d70f075e6f061d03

SHA1
681e7f7f5f5f6daf90284cca6dc4558231565230

SHA256
42d4c369d8b943c155d1b96cc219c42618451a402bc9ddac11264afc2e7ee32b

SHA512
584d50b8b515b40613e8d87194b41e689b0f93ad97aa88465817cc2d96b7e024eca5272179aead85f017d381439322e74b69b4fe454e696fe8c7ff4747b593ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
8ff95779855dc7c8e703d240c0c923e4

SHA1
82205adbd204d13ecbe330c48e44ffc19df2e368

SHA256
91702277b532463c34bfcc9c695e900ddd83b5cf4d8b1d3bbca4d1c3e20086ec

SHA512
afd24c4dc5c2b28b58fc939e66f63769a73b67743a0022c4330c871dbcabf41538a52589eabc8b8c27c06e8ddce16208c966250e0cf50ee8dfee4a2502e110b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
56db58f76dcb9ca01b2163bef88a7ba7

SHA1
6aaf878e1c2dd86dfad93224a74264fa2c499bd7

SHA256
23357b60aa16b5cff8c2b1b3cf5185d4ae21a84153ab43edca0d6b16dab53f91

SHA512
8daf0c1aff9303ae888732a7491738196ad69a02958b6f882ba7a6348f86c7d81ffc306455c7893dc8a5e09f3bbc214d3265d2dd698739edbadcf0dc46cbb5f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2930e7c8433dfb26bb0df291fa9ddcc7

SHA1
01aa83009020d5c6831bbd7120e568c8f3bdf574

SHA256
70fd8652046aa4bb6dfa8752b200e843b1fb75cd7696327326f7d3e96fa4790e

SHA512
2bca4a169b15efd0a76462773f92f7f42d010a1ac6505a1b1e58d00eccaef02faa3ee20e121613206ba12ec3b91bf8a39483c8a13796fab755dcec084eaf85f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
98cf8c1ff277650cbc3e1a971f21733e

SHA1
be4050564cc78251cf6c30eaf3deb90218dcae96

SHA256
ec8805d51518d3028886d8296367261bd106880e4005f21c7a95bdfc373cefca

SHA512
89442ce269f0fb3e42c7580e9d82e8f125b9c839569c6607f3f4caf184f66cda31ee212438f7c5e05993f2fc46b4542b707f09a7df269f79a5c97afbdb5c1ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
69aac1317d9587ed84e27ea6a9fa1df3

SHA1
56b6063c8c7a49951de4692338bcfd0e44e6b25d

SHA256
5e7fd68d2ab542c6b6a8142d37bfc0541904cfba20630c08a2b97abeac7f9a75

SHA512
12091fc12229689e7994b5f64e779d76a3391f412f73a45e78f1084ca34617ad129534e29dfdc78f4f73a7786016fd290f780a40179d56494fdbe8ce6ff1b59d

Download Submit