48702d84db761ea73e5fa016c59f32f38b5afaddd413d08c330529552d0d700c

Analysis

max time kernel
142s
max time network
144s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
12/08/2024, 08:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8e161761bc20d55a4ecaadf84c3d03d1_JaffaCakes118.html
Size

2KB
MD5

8e161761bc20d55a4ecaadf84c3d03d1
SHA1

7f39d02b3887566380e7ab6574330b29850d2021
SHA256

48702d84db761ea73e5fa016c59f32f38b5afaddd413d08c330529552d0d700c
SHA512

246f23c14f1374b77f8e2910c06b561de36ba7fe092e579feb342ed16cc7bbed668fccd20144361d4ceea352619da23e6a309b4861a0c09ac1f03a2931cb1c29

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d990900000000020000000000106600000001000020000000b5ba26cda0f3d1a32b2f2a7a0603b97b52fdf91bfa09b23cbe6f86ec2110a0c6000000000e80000000020000200000003bf479c74f2133edc80258cd6f62ba0491ace7503d9650f6534c07c6266b47519000000071708bba2fee4e33a4942c8e73acc76d4d6e498eaff9440c010dd2c328897bd8076a24ebe25e173e9e397b57a754e5b741829abc0ba5629a7b3b092552a131d183186cacbccdcfd69b891ac4f3eeeed9946ecee5fa53474621e2dcedf4cdb03018dc94cac1831dbf8ff67ae0492373273080a97d4cce18f5f3095405c70ed5bcb6a632113211a47ba745dc69427d19cc40000000a40d21d7af2b5368be18c4870a118fb0aec997ab7f7c22c9c29a1a87a350457d10af4b0e02995e7501a0b2e6f27d605f91157062b856bf12bc27470db03cb8ea	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "429614388"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000005ac9b8bf4385912c6f35189571e07c26e83021b257854f1d02792e6e09bf32a6000000000e8000000002000020000000aa84c45d88fb40f052ab24bf6572b93f1ce715a087b98ca4649b60abe3f9e0d720000000a176e43c7692a7eec7f734838f12235e37539e434d6f90c90a49283232113ff040000000866bf959ecb1e051bc9696d7b4fe1c91ed4227ecb721bea0f3e7a741c83e2d0159f836d28ceacde6bc8f3c5d5ea8f000b4b65c5e0caeb7e51d1db82bc18b3a79	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AC197EE1-5887-11EF-BDFF-5E6560CBCC6E} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30abe48294ecda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2144	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2144	iexplore.exe
2144	iexplore.exe
2072	IEXPLORE.EXE
2072	IEXPLORE.EXE
2072	IEXPLORE.EXE
2072	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2144 wrote to memory of 2072	2144	iexplore.exe	31
PID 2144 wrote to memory of 2072	2144	iexplore.exe	31
PID 2144 wrote to memory of 2072	2144	iexplore.exe	31
PID 2144 wrote to memory of 2072	2144	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8e161761bc20d55a4ecaadf84c3d03d1_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2144
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
42f29856aa2479a0ed663ac87c5e3a32

SHA1
ffd702041c6a4c68f09d8add2add7531b9805ae7

SHA256
312972ce4171058c5500450539a7cde30253340b48aa5a8004798ca0558ea782

SHA512
060d893f148129c2c1ab67583637cf7fbf436fef95ed513d078663e6033f63b8330dd9c0618c7b106b934ea8bccf9b4b2141fad7540b34339621f0f6e1a22d52

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bdd8d75c6c418ef58de388efcd34d7b2

SHA1
4ad326350d954730730f06c7c82c5aca2986b279

SHA256
813827ba906da838692521f1b3f2c46e3f2d14ee0f817ef1ac8d167ec15cee57

SHA512
6689cc63d34442e17a1e55eefbbf62a16a602eaa117b3ad0a41d0ec71f6133b6bb8d71913420303bbe59fc2f13f6ee2e83428b38c19afd158cc1b017610a91fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
18fbe7cffce024e2c782e3a65e0c194e

SHA1
0fccf2337c1d236b32d762665b5a0eeba7c533d6

SHA256
6953b31eff1403a03bf2dea82db5b3ae706d42e7f642ff4bd841c6078d5d42a7

SHA512
11f525fbdb98f615410840bddcb8ce327723a6a5f2a98ac8871cd0836bb74c7c7aab8fcfb1a4f9369d6818ade33d081652e9873f6c8fde8a1b64b5d02abf381a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9b32faba35e32622b5cdb23e7fdd89fa

SHA1
ca64f693fb78a706b054351a7e5df7689f1cb080

SHA256
362ec216b513c14b664055c2c70916f0accf15c83b67083500cdde9060537430

SHA512
86985f3a9842da3030a389b3e7c6c7b648fe0727e0fe8d9e530001d04b454b8e14349376889e7a05a3062bd4373d1b048bfb414f45640dcee1891f50598e2865

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dc81fd305d2120ea9b86e582cf2b45b2

SHA1
60df558163cae41e0e0ccb865e01aa5b2ca85a59

SHA256
06e5d966f40168866b364ca6df7db2d28a31d32b22f03c7df14dff2c71af82ab

SHA512
a66e7a32dae661e218fd22d62285cecd8897944921fdfa61376bad6a5b5ab6e4f963ebb13819d589028d6ce47d279beab5309ab47b92b6d3ced528de1c63782e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b2b80043f1f6456d5e1bd825b4e6cbe

SHA1
1af857b8e4da396345e5983a4d483a53771927fb

SHA256
d5669bcae0d8a18c94b1cb9efe9b8167497171fcfca824a35f046274f4ed8639

SHA512
bb374965f6990ef680373d5289ddcdad18f691007b74b63d96a77fcdc960ffff4de93f9ab5c0d3f4dc933df33e241699d470bb5ab48468fb324359207b4b0e2f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a177cb628a207e297f24a5330632ce92

SHA1
98e4488ff68e8c621051fc80bbe96ec0b7757105

SHA256
7efc8ab113a61d9fdf9df45c1884e9b1fcf4851d2617337121d096318ee02af1

SHA512
be26ecb30852a5b27157293420c498ee413de6ed1a2bb68658b8c45ad9c0dcbb43e5810ddde8576e44e37e17fe2860dd827f89553eb27194d4b64243bba3e955

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dc1c0bda34cf02d2852067689aa604e6

SHA1
0413315a39b0f9c73ef447c3296e57f50062debe

SHA256
5f4c82492cbec0b505c04fa94ca4b08d9fa3146152790319339917a71c691a94

SHA512
2272b9b0bbbdb86564c9d59315e21dac35a9a4e8ba8bac0ef72c70a13b3bbdaae2d0a8e52a7ed1f0e84bb9596b07070d5fdbcdcc8c9c961499e363e061b0f7eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03fbcb1ff2c4a967fcfb240b00e37a1d

SHA1
9d43e23670dd3d4b8befee8c237ff35d99624e7a

SHA256
b805d1acd3665ad83db33fdad392931421284bc3e508e4337cbe08f7711eb39c

SHA512
1f74ded89cfbc923ee75af3c217aaccb8242653956f8b5e5dade0506007a26652be5aa2f1fd5820ae3ef68c486c8f315e91ced17047e36d5dd7d3916c5508570

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0679c38b8cc9c9b6a033709dfc7e6bea

SHA1
5a0bef9a1312fa0ae99ce9ec88fe2b248ff7ab15

SHA256
0b85202a4c059cf6e8c3f7da91770b4edd06d75a521a0882fa57aa4c9edbf43a

SHA512
87bea7da88764ec9907b2d4462a8f0a34e7a22745d61e4611d60b5da3550b2c917b1acca945ef6a1a4eda9a82208501f1e79ea6053ae63f44b5d0e3ecf5e1cdb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2da46db24a82203b11382267e320def2

SHA1
5b91e7cb3c5483ebc1ea9c4b381a1b46bcd089ca

SHA256
e470f5caabdcb49561f5e1f57e5ecfb7f1cd9b762344c634a5c5a09e1fecb306

SHA512
18c04ecc4fb7201790de0d005b96f28ca28710a5cc756c8bf0da450188577193d2f227f4035b05b739537a8d19126978a18933f91d0bd72977524bd2e9730232

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94e2174cc124d4acc965595954f04e6a

SHA1
d020cf2d89992aff90bace620bdb5316e79fd26b

SHA256
96e0e4b6c3efee760d1629e3cab18ea8fbbc5bf1002a01ff8cea6519c25d3414

SHA512
47857b6d2c6d12ad8023f344b0d1d8b358a85a0936eae2d29058fb741c524594ee3658f61eb9e9ebcb1d9f88ded0803c76d98c88989978eaca72bdfef6b5b670

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9acec4b2315a6b3e6e120cef64689339

SHA1
f8d3cdb7810e9d5ea56218d9bd5f1cb45dc57d48

SHA256
f7e27fba401c07eeb988ac0016625f301cc81082bbf44360d43efa98c5b2bfe3

SHA512
904fbde5d9bbde66ff10aef5a533cb9a608b7210b6b53a8e49b9582fe19e5a422ccfcd3d499fe68e6a39ae728a019e990fee1992ed7e1f06464650e17c298830

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6d8fa816f1d206e3bd02e5271a7feff

SHA1
d2514ec737543445c129b103bc149f85499099a5

SHA256
205dd4ebc7dce445b7ee2b23d86df87962165ff180c0df6b5ba1e17ac202e0a9

SHA512
d12f4fcbcc151fecb07c618d10df2215f52c4513700b3b39b0748dc65052e4a955b0fdeaf9e44cd9449813b3c0818d90e316c35adbff6779353fd52d4aff5d79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38584a9864e7d1855f441fe64d4978b1

SHA1
eab645e62b19d6b67c34912c65d292ed31166c4a

SHA256
5d20982aeeca520dacb147b67948ff428bc323a7e0a223f079ddfc8b93d1ba9d

SHA512
64ddc11796a9369048ddf6ae9d75004ef8a2f24b0c4a229599b5856ccb0207ce5e71a7752c9af6495182e41eb8e6b732ba7db7d09a318b21ce96d3692fc47a71

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a35327d4b4f06ae429b494eb1d7dc966

SHA1
4dea44e9c9b2542d3c7fb278bb49bca98aaf9f88

SHA256
8128a0d0a966390d2fb62b3b18fe4fb68c1ba9903d573f0868a1be61261300d8

SHA512
d11b5699b8a7c15eb2625cdb3c483286a6b101dca7804032660cf8545127e63d538d266046ca46d06fc45948d41a4886b59d475b0dd0f57a0072c773413c2d48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08a7a55f8580f6c5464aff9cd4bdef2f

SHA1
e6a1b90ff055d3bab475d40798f7bdf23a886403

SHA256
e0f9157783038402732ff0d02657101b7308c2c4dfd8e8c92afcfc6d6c24422c

SHA512
cc5a54ec588f3e84c840ac9fdb9de90bb56badfdfc9445f384787b6c8b264d9ef0fa6a339d6aa606ed8e24eae0deabed1b6896d4fa91c3e42c616a2d5a9472db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1b3499dfd0033472ca6825d58aef7b30

SHA1
bb00e757873cadfed4e0dd1070f1d11e8ce0554e

SHA256
f1c6531ea0eb3313214fdffdb794a6680cba2ab9ce3c5857a7bcd5a4d1acf980

SHA512
cb5d901c516146d08b8e5a60edf554d57e01e40c0d36bc4814fb88aa666122921aa8ca9b78bd7b635c3479878fcbc0c25a93058432b0d17d79daa1d895932353

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab580.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar600.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit