4b3f4a11e7f18b9e90ac1334b3dc00a4472e1e22dd46870598d2cd149cf24bd2

Analysis

max time kernel
117s
max time network
129s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
20/08/2024, 22:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b10db4345e8d2b073dc4bbb0950a711e_JaffaCakes118.html
Size

2KB
MD5

b10db4345e8d2b073dc4bbb0950a711e
SHA1

cb5aecb0230be6ec5b5575f0c1a025ff2ef54e0c
SHA256

4b3f4a11e7f18b9e90ac1334b3dc00a4472e1e22dd46870598d2cd149cf24bd2
SHA512

1716cbfa6bd21faa1a8ce2f145dcdeff751883f5ab2cd798a56c5bae2f16c0d6b67f445bb948da19aeb8bb98f516a3f26686199222efccfd3675ab41b84ae490

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430354094"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EE9E00E1-5F41-11EF-9CC2-6ED41388558A} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003125cc29be9a0e41b44a3d73dc8faf7100000000020000000000106600000001000020000000b8d80de9e473d93137503f92d0e6955cdc61b74335c2ad489b88fbbd9da8de6d000000000e800000000200002000000060da4276e799b5e910b3692cafd564dbd7951e9c3b60096f4ba17862437d5106200000004579b847ec9a10cad5504370a44f8a2b0941ad801361edf4e50dcee87ed26911400000006ebeeed5bcc472f1000fb2d97952161b9d7d879570a7edbd997b880ec03f4c9c414d003765ff5fd349c2ac1e581d7a26aaf4b4062a470f3c1ec2c2fbab7863b9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003125cc29be9a0e41b44a3d73dc8faf7100000000020000000000106600000001000020000000cbcda03c2487b5f4bb773d4b882faa8f9a364d2bbdfd72965c59ce8f73ccd383000000000e8000000002000020000000f7d73b990ecfaa8386b9169e01852658979b9a9ebf27fd64cac91d7660fda7e1900000006ea1980b6aca354a89c62ce26c267cd784e910dd19eef988c8235e400f0f431859ecf2f09b0b763f203bb070ea79967d683ec4cf6e45c085e4e3d228fec3968e452bf2e7b9bd332ed680a6012873fbd05de5724a7759f312d5fcc0c3285db9d8c1c6e4d8277afc368dfa5c0430ff86d19d457002e944797dbf95bdf5536452f990d2a653b8d138d8fa4aaec4ad2f74434000000033b63a959c371d27ad66cf837eecd8d2fc6cb517dcb37adb9e64f712faafecea01093176ffdf7f4978784f8f1b941cac74328e1e76cff20d7f9b730fde451742	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d0b969c54ef3da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2548	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2548	iexplore.exe
2548	iexplore.exe
2580	IEXPLORE.EXE
2580	IEXPLORE.EXE
2580	IEXPLORE.EXE
2580	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2548 wrote to memory of 2580	2548	iexplore.exe	30
PID 2548 wrote to memory of 2580	2548	iexplore.exe	30
PID 2548 wrote to memory of 2580	2548	iexplore.exe	30
PID 2548 wrote to memory of 2580	2548	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b10db4345e8d2b073dc4bbb0950a711e_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2548
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2548 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d6cae007230ca8c47f478e0b4ea493b2

SHA1
725d6f8da1e1f646d291e22d4c3c83ea39cbb024

SHA256
77beeb2a56320acd89be32f312394e4373497fdbd15ecaa548c071d712a0cc71

SHA512
5f4d4ba8003ab40177d5b0280dbd8ca9d8c0baf8eafa46dc5ce8d441123338552541ee8589d7302a708c706a7509911b3fb50d34834691fc7532c77a4a0ef2b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
525711afcb49aef79b882cf3c8580ecc

SHA1
3c3b1cf4b0c39d21995076ca408d4508e6dceb37

SHA256
635711f951f163ad7a9a055a79f55f869d10e6033839cec6cbc4f84007ad83f0

SHA512
9aae75e58a09a599c8b829a148ba8fbf0f09f8a62be3ab7cc8b61ffdd4f96c5cb17e23f91e933d39ab388b695251dc6273ae550f5809b82762e28f844307e876

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0baee0c9e81398a9f34696c1b28def1f

SHA1
1c3a7f1726aeca17701410431746db38458e846f

SHA256
e343cf43d50ee06a52ccbaea3ef954c902af33ffb0abb219b50336fa3b9baeaf

SHA512
f6b833f8831dd937f753f6c8d8ea288b4b1a36bf15b3040ce989098c83df653ae34510621942593862e2a97a71054e4c0a08515ac73194b2b5609fe8eb411afa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cda44f0eba8cfd973a60d8d1db3571b3

SHA1
f7b51f80852c3673466fd45188518d70a24c4270

SHA256
7e13480f094a0f13b1598846a9fe94cac134244530e331e0621fd4b45cd8ffbb

SHA512
5a62520939524b211fc7c2194dc24f867d11714b8d165662c715a0d6b9544073fc1b330c5c6165c58b75a26da8884fc5741e672a7f52571690a805cfdb45e91f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
617ad0be5afd9a7f80b3af51864bfe3e

SHA1
5e9593e4b36260b168cb0ff6259a6592c29bc52a

SHA256
85efe6e761ca22c92b17d9533c59bbc2153cb5c5c13f31340b7181720cca43c0

SHA512
a084b1ff89908c4ccfa6bad24476a61f11da09113334f124d47d4e0a23cef1baa3a0cea8c213d89a25e5a6a359b1213bd6c393d33f7cfdc6545b972d603e5fc9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5030e46a55fc744e29f0b387a6e5efb1

SHA1
5323c87c29957283dff83a2f885336fb0cf6e1b3

SHA256
ddc0ab972d14504635caf92f58cdc226b3157414f8029fe885e2236ad84f9070

SHA512
96cf8206beaddd8b3a1a519f5aa3d3f0c92202ac98dda8f652ce2946700421420228aa27bf4271fa41a0ee1e064c34f6d8441667a5ca601bbfd928623a7866fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a111dd37e371e77c10a26e085e3a7db1

SHA1
bf6fa439a970077b7af26caf16934baa8d64a75c

SHA256
f78f31a94a81ca2481782bc5fbb9826bf6748934a378e1be02c733f19ecc8fc5

SHA512
007fd70d2c40e141bd26873b1c9ccb3723e7274a28c15ad09c6eec9dbcc95b57b324914844016ec6d1d406e58bd56ffd387f36ef7b9193d8c549b0ed5f9dc830

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f52a475ae1be6bada248749bd9c1ede

SHA1
de197745b1173c9db75a793b2e926d56a253b2a0

SHA256
9681a7e7fba92cab84dc29ccdfdb2816518e4c2aee98275d821dd460060df8a8

SHA512
e7af575557e031240fb138087460c4ce12ea48fd1389e9d657d535d7261837be08a78268bf245df07744033564fd1bb95c31c0b3021d447f7573e67c2432dc9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3785352e28a1bdb02a5e140b0159249d

SHA1
4226b7a59f5e3dd0c018e45e8d88489e9474d3b3

SHA256
5102cb549d39c59fe631658b65dd0190473ab1b009a6ea0d457f2841de8cef32

SHA512
f7a5aac203e1b2d1f295fe1941b01958cfb25ef1e3c02ff65a2cd88827f082586bc67600e95b6c5290b9917e0df3f7e7bf6f882c48e26dda83ca73ba0bbec084

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dda3b29d55646a5e59a007872c8f32e2

SHA1
d803a91b69ee90fb7a99510ed00d948bdb030d43

SHA256
1ff2696963f41e29525a650d157d38e57b11f9ab0ddda5f7fb04a1d01a9eae2f

SHA512
b4ec470e7fd94a06a904bf38e60d321dfb7addb64a0e784388eec45f64a4367fbf4e94a2574e8f8dfb6d0b94066ca120e2b40629deec60dafa22eceb21f1fb82

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c51c7ffaf97423be1f26d0eb8467e628

SHA1
2e94c0c1d9b406289dacdcfbc40b3fd3d21a335c

SHA256
c5425dbee22914b477900ccefbb29530faf26cbd98ae826d308f0f10ad3af3d1

SHA512
5d47b4bbfe5a111ff03594ea61a665241a0f3c4851e693c7cd201d740124b83ed103725336cf340a2268313970a64554d551472f900a938be142a4bc53735f2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9356d5fc9327a00d4a2749ea5f259644

SHA1
66b29421bb765965adf35186e58a91a7e7178a35

SHA256
ae1b92f6d3b8c890ee8ae80024917d7d637cd68cdc0a29caa7cb8db82cfe492d

SHA512
5cd5a9ad2ebbd3423827306a10081e625a093965e8969979b2c859975ac4f303999c24c16b159941558aa86fd07b51630239874b50616bd129a49cc43e953428

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
942bd92298df73f8bd645b0daa165846

SHA1
230aba42f613fe7eb1e1d4ac5ee15a433adcb480

SHA256
8447495f03befcaf8a7b3bf78bf38c42bf2696142a93364e396f666d75f0e938

SHA512
5bc156b2ff25678f276ddfc66cd8fa63d7f8dab47638ca302106e4692ed0bd968a90c5643bdf6b8d420275c5b7627cf8ca74f389da5e7b49f18f22d78e2bbe3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8aa0a039a50cedb59f4153fd94090bd9

SHA1
0648a0abcd13154a6b54aa1bfe1f3b2383205e5a

SHA256
688c15d3c8a5949e89bb52570a050da88f1464002831c1f32801db02195f2f96

SHA512
df5d49a6dfbaf243b32d971ad51f4af8dbad37113d7f54ffe0a63259fecba736cbc4752ade927eb68d13110b88f4ee4eb6b54e411ab9dd65ace7fff71650a1e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2e87b29ac5392b013921fe992ed867e1

SHA1
669c0819d26f938fc75eae9144c626a39d6a4c26

SHA256
a864b5467d87d1932ce661c8440ef69f00896d8df59613549ca921a36055bd0a

SHA512
7fe3db2a6b33b7feca54774bd3d0653dfd54894c1eabacbaaa70e7400570a26c2c1f945b74f70615f3209747782331fba263d32d9ee9409c6f003daba6d6544c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c4878cd9217a99142d6ceae7d6cc54a7

SHA1
682fb0ff6af590a65a3f09353be55b6bd28b80b7

SHA256
94694e115d5f9bbd4db030512f375af7017a9476b7bc06a004c37ad1fddae80c

SHA512
0488f7bd91ca5cd0d01692d733b2c668ce21ebbc79d463d07fabe65da3b461678d4db8be49f78d62078befe756d074c803382abc52d12a23cc4fe75e9961c60e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f72afc8d97b06cb8af0c2ce08477a0f7

SHA1
2614739e6f3873dba5b5979e4c4600d9d8619a2b

SHA256
05ca6bae95b6dd66b6c1fc54b5def843cfc44aebd1a241423b5e9797212067c4

SHA512
e92627d831fba78621856f644bb1a057a8391b760997c4874084cabccaa4aa8fc1a226595627d8e0d2e68e0dfbe468daea1fbe904c831c46fa4f88121238651c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d54db5da9b12fedd119ca3c1350c6e37

SHA1
99d46f1c00b631b6f8a4a7f1c7405e48385b5221

SHA256
4908c7bf733badae25071b7d4c1e4c24e3de01be2c17de4b98162c333da59212

SHA512
90cff876ded6c5a9c21f40b13c21d952f438f2fa8a8b57375faa87b5e8fd6b8b219584d6c3af08aa7603804586eb08db900b785c9f01ac8614eae0ed4eeb7dad

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF3A4.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF463.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit