9588bab2e5fca3ac02ce74024e0f45b65bc3f6a36ba976ed20f21cd5960a20cc

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
20/08/2024, 15:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

afde35a4d768b508304f385581be66af_JaffaCakes118.html
Size

5KB
MD5

afde35a4d768b508304f385581be66af
SHA1

ac6e46ee62b025e64be9e8ec0b2a5bef5c7e6322
SHA256

9588bab2e5fca3ac02ce74024e0f45b65bc3f6a36ba976ed20f21cd5960a20cc
SHA512

b7243aef61047c2256916b4a0409fcab2a0d1f98d97779dd1163c5f273b1674c98b315203682b393497fc998d8d28e40e96d86cd4f2ff767499f526a86655d85
SSDEEP

96:PZgQJsgNJiWfJvJsJPAJFJEJbhJ5JWJIJ7J9vRtlJ9eNID7PrtlPnaFMnWFBwES4:OcBbvhRoEzgjXO0NBTMI/rtlPnaFsWU8

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0931ec819f3da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000009e14df7c81d2662c99c430a1cfd02552307a134436ac5ac7fba6c602e8889ce4000000000e80000000020000200000004235742856f1ba0ee512960cf737d0b2c625f61a27102f85523e6c6c1a9a8414900000007313c988f12b439ef150514e17a613ef3a9acced7a3d7472aa173806f729901c32502b91f6fcdc9ecb0b48714e1590a18d9d28aa6bfb7ac70f99e6bf6f6e1c6ef71e7c2c51855fb4596e54a6d587d94c2abb5bec6b79d999b580738da1bf2e690ae6576fe79d5cf70f89090f2ba418e46276f587b28d1f16836bc339c9be717523468e24cbd35e013958a61f7ce381e9400000000f9e0e93b0e49ca0f9c02db9b5a494e0de4ffdf71d043f1022a2839ca1c91c9f0d26c44695f4211b7fa5ecd75edeb5968ca592e71e163391d5c623de842c835e	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430331338"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000005a2a753526485d0a603952cbd79989a6c13278afdcc1c32c310b109e45ed2515000000000e8000000002000020000000d49be6c5d2b96bb80bfe55dbcb0fb20b74ae12043c022495924e49e8c33ebe4d20000000e98af6a27da8711839752ec6b25da2ee42a02069f0b79e614ec7785f2861bc62400000000075ea10de56f57009d48333bb632f7f60b815b1a4cd2e49d1856878fc5a01561d414f51516cee66472064e1f16ae6e8a5958463173bb31dfb9299001e5a9f71	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F39AD6C1-5F0C-11EF-BBC5-7ED57E6FAC85} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2644	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2644	iexplore.exe
2644	iexplore.exe
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\afde35a4d768b508304f385581be66af_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b46967c24f486e333626213e95039ff6

SHA1
a1ebb3d213c07a260a67bb20cffcd846ee04a133

SHA256
c658c8d173728cb5149d993f5e9ce53b898341ab8f2ff80872f2560eb606aa51

SHA512
9a5398cd869b95187d3a60f8ea2368cc5d813811751cd3ae1f124cc410ef7c80831878cb6093a48dfce24547e182ea9e0ef197e7c2f689353a4cad75321fc2cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
213924d3c1e689db8328b5213ee100d8

SHA1
26e92ade5f7719b5d3c374a92f5f8a77e5c2c3fe

SHA256
96afdecfc8ffd0529d81d738c78e6c4d3605c7263299ad44a71e9cef5a75d102

SHA512
a3499882043df973d1fd8f61ed303cacd3686b9c1fc820ca0304f7835dae90310fd9b5da85a285e5e50a8ed87ab44db00a0495ef9c99a77544d688eab7850706

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d1cca1a4a40afa6a85abf2fc2311ba60

SHA1
705911af13d33003b64e4b6ab2caab65fdc9c6eb

SHA256
ac3fed8a15b1b507014b68381d7b0e07c6e77f8af1576435addb01f8c82f8f78

SHA512
3dfcd1133384997b90dfa57c5342b905adb841cef21add25965e3f4f91f47f8aedd58b331b3df4582a50e65a5ac1ab20e7aed60afb4e642690d3ce39e6c5706a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
584d3c908b31c7df82a9fecd06dd9283

SHA1
4ec6bf523a715bb64f29981db5d7c4095fb444ec

SHA256
15b0ba9632891a384b507f7ba373b512c0e76863a6d3231fe047771beb53fb93

SHA512
b395fc736bc996df9478efb6d3efe9e35447431f6c6e9a7d9e2b286169e918a77afb5d45aff1bc5d2ec05511d2b512e947cc266f5ac88d760829170634604a5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af12dd5fb5633fe6aa9266bfb04b4cb7

SHA1
94bad6efb282d9e97f0578f3d63a79872f7f7544

SHA256
e07aa81381c562d26af00f9c7837621ff2dfbce34a03cf15217c0fc624e2de9c

SHA512
e98f9c679ac310e2312627956f401ec90d53a4b2289dd252e5b827076575d412351e9186eb98d17c879ac7be135064fc424c6906143b1e64d8764a0c0d3a7133

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4c0cbe6397e7d6d607b02078ed8d3244

SHA1
ee6d10190c2513b48ad0f11b11c62342bf3d3cea

SHA256
a27255c2538d209508b1c518185c005e4de53f9eb9384a573b9a714eb5db8b6b

SHA512
f4cad366f3e495c3d47fdd39f1e69ba45daf551ee3ac32822d7c6ffd0b0baf1836b254e21cdb05817de30873395cc50c06f8edbc39ceb5e8bc47a0fa8202cf95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e8c7a705ccef709df53f9281bda88ccb

SHA1
d821519eb05af6affe93b4deeda6d0d7037ebbd2

SHA256
ace51dce347ff387ae762c6fe3cd34c2af3e5a82ff569a0606c9a9989cb11d13

SHA512
8275f24cdc23f6b20ca555c3b97703a6728afe3cc4695ebad45245f3a0e2626c4423b4914aedc793b24e1ea581db34c734ff33889479a0b5e4fd89886eea7692

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a9d737f0915c14b99272a1199a37e30

SHA1
7cbcfb8b861c58193da95eda152782cbac4e6f7c

SHA256
15dae053ca28be9b51d182d12804dea605b83279c6ffa018b981ae16d22bfd36

SHA512
ea62c17db79066bd542cf1e52d7e41521c61190ca753d567a4825a5f84fb624fb66b6ba321a556b6fb6895193c0117737a8e7cb5c2f5a233bfa04248e32bf5d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ff2347684b9b5408ce87cdc615ae621

SHA1
27061368e879553531ffbf673048bfe290b80d20

SHA256
c3c6cc60d7ea2877422b3783bf8bd5eb361ea7e8b9c0173c187bc45fb2f22783

SHA512
51db212955cd12e18a0da386b8c0e6e89aeb34f75dd13542db85e990b5a63b8480581d7ac1aa526cf165c8a286fa690c7dbb065c5a7d4af71c737e297ddd91f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e94be051f4b97324afd3fc8d41279d20

SHA1
c56ec918c89ecd2c5e1603c921f31a6ea0ca0539

SHA256
68f146020f44cc35556f98ef48ea2ffd33c4859eda043932a5ab44cf670b5c8b

SHA512
5e577b25466021860dea8244d02ce996b17f99580f220719b9992cd6e1fc5cf4b833c6d2facae8bd8e7cb1ee354bb209bd83d34fe24e5f3bbb8a1d0c568c74ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
90bceba7f0dd094a7ce80af9e0500716

SHA1
b902f9a85e426872de8ae88e33a8d1c221a322d6

SHA256
68419567aa43b7e9928c49c0b1b483edff175a95147428eca5bdc8dd4ee714cf

SHA512
e4a5b1cf992d92b4f3e4819ccadec1bb0696e8675883fe9f16231f17b4ad45e6fe7b1b75208b1cbd697728d9fe6c9aad626079dd857e2a96bdb76633ef996319

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c8e31ec57750ac871d3ed2af6e5b7305

SHA1
d5f2e07c148b1e37274ab2cc1b6cdeca53cf104c

SHA256
fe80470fe98c48682a52a55b2b2b9970e2fe135e19db199a9b0bce619311adb7

SHA512
adea4cf3e5d665a1ac21595ada669150d79fa310cefb200d9f1f8195791dab7d68202a5929cae31d9120885561a1342640be63774428ac93af2228efc10ebc25

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c901aaa1cec1b998d9fd587d803d187a

SHA1
436e8e6379ea2699cf00f7ae47c1737ff1e5a124

SHA256
341d478ef89e93c3cc796d52989419cbd00974277a20e8261d17436f9a7844cd

SHA512
0cc8463b2f17949fe3419e312a518297d1a9a812bb9730cb18baede87b9f8a0bd722415609ab6eb0a66601d5723752fcbd6e58ae14e98a97d4f74e6fe030a812

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b81d3e2088ceec7bc4be8c2461f6844a

SHA1
ce42e25a2174ca2a037a3900a1aa382810d4fc53

SHA256
a018f94521fe3c005cefce3e0324d99c6a6a25820c562846580fefa0f26dc45b

SHA512
d529dd62521616499a13ea5ccce3f495d3e88555339ad5380cdb82f24105333269e211ad4fb425023a56fafaf9a6e1b26c69e4eb36a5a8c0ec1e1287ce8d837c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c2f0e1ad53efcf345115d7e018be0334

SHA1
b0a93ce65bbf93d1b25b377c64dcf953e9c13589

SHA256
98edfb11ca69a1d025ab4dcc29fa22d206382099ebf8499370808e26be26d7e8

SHA512
436ae8f0cd5db619a5f2272581c3ef003beb7ddf9145379de4b376268e3f12e093431835b7cb62fed4ba628d4db6ca8a3325b6c925fe6fd83df3648a8c03711e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6c711718f9ecc370f3f715b4133eb330

SHA1
11063aeeedcc35e56f935ededd3574d4740cbecb

SHA256
de80bc503cea62a28f41ab02e18f8bf1358a3f3874c119f853acf07992b5299e

SHA512
a2653d40765ef6b7e893a2b9eff3f8a4f9e212ce131778fca880c5c56e57fda26471e0972dd7db165604356d681a2f15ac8be202ade7b50247c2b34176f69af2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e4d4cfaeff2f153237309b34bd3a32a6

SHA1
dd9ea4a0fbe61f0b9b07fc7ebc35f5a93d9efd8e

SHA256
15bc5db0f360ed1079598b797489454201802067d80a2d080934e32f22c2f229

SHA512
cd55fe8e720de85c24bdfc1f1e05f276f50d31833241815c270d004aff2305a595a624ac0166c429b4ce931cd0fe4b116ccf93e9ec1c2d9ba0bde330c9b5f513

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab29D1.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2A53.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit