0b4c59cbcd994db9b1b02d7765b269e49e269becfae5590a0f6a66a24075357b

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
23/08/2024, 22:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bd804481ac164492708a412149ef21c8_JaffaCakes118.html
Size

9KB
MD5

bd804481ac164492708a412149ef21c8
SHA1

b94fc64ac9631042e0c773407f116ba3a9f33d50
SHA256

0b4c59cbcd994db9b1b02d7765b269e49e269becfae5590a0f6a66a24075357b
SHA512

4f86b1d06d021de7bc03b29cbf6345166707356b2fe0a485d99300e4fba5c9b5c5705c2472812b64bf909858f81c48a89ff305d145fa7aaacea99d73fa86c4bf
SSDEEP

192:1ugU0NipoZ4vyIf1pWPdP+IxkghDllzz3r7W+XsgskI/pVWHXHZ6I08TRaY32m:1u70NipoZ4vrNuDXf3fTXsgJI/poHXHv

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{20FA7881-61A3-11EF-9BC7-EEF6AC92610E} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb47000000000200000000001066000000010000200000007a8b9f1321bd3a9ec72dc69b0d9a0873065ffaae9c806900ef3c86f8675d68e2000000000e80000000020000200000002174dcbe22083ac327d7d0cc03327e85a80b3bcb1e2fb38568fb759c9884cb4c200000009e5bf5eb1263d146889df5cadfc078c6e0e2558c71dc5158cc397c90ba649f1e400000005a00df01ed1f38c6df96162a28c0fa16105087c257bfe2db1738275f7435ed04a772bf83803e0ef5a90bb013a7d7346c54a57d05f98803e917f52d1164f2cfa7	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430615741"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0333a10b0f5da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000c682bbc5323eeff941356dd8fc3199058b5dcf64df90fa7bbbba8fd41bf6e409000000000e8000000002000020000000880663f10c727a86fe53463157aba93a81b4693f07fb081cd28c2ae5dbe5149190000000c6265619948288a17b6a8550a2f43267142ba73aab61fb2983b4f716fc146d8aa22624b51b2162d43b37b6c42f7ea8238c61c54dac1666495e3e7133d7d2a3e23cc35d4771f3d3e3cb9840123c41dac4c358d03dae761abfb3aadf0e05b1907bb86d6b19685e94a783b5b94f9583ccb621921261b4cb8cbac7ef1c657e9a1e50bc73972a99adbc54d27697c5134411b640000000d0688ae67539d2a8edb2cc4b8b8afeef2f25722df317069d1d721de19af8d89d573970bfe5a326067f64ca06fd836ecb132678017e318eea9655d94aaff31f38	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2064	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2064	iexplore.exe
2064	iexplore.exe
2176	IEXPLORE.EXE
2176	IEXPLORE.EXE
2176	IEXPLORE.EXE
2176	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2064 wrote to memory of 2176	2064	iexplore.exe	30
PID 2064 wrote to memory of 2176	2064	iexplore.exe	30
PID 2064 wrote to memory of 2176	2064	iexplore.exe	30
PID 2064 wrote to memory of 2176	2064	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bd804481ac164492708a412149ef21c8_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2064
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2064 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
78f4b447ccfd92d78ed612d532e7cb75

SHA1
8a21d3feff7eb028a3e2645ff8a1cbfee79808dc

SHA256
683d5c54302e804bce17cd3ad5c516be0be573acccc1d58ed5d4c7d37a68edf9

SHA512
3b09eff5a245fce6bdc32c6d52eddec3bafc4ec25de142cdb95977ae09de6b2e8ace9bc42177be84d28c74aafb77ba99b029bb96fef1174a936b1de0de4e0812

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f17d5ca204a19cd6673a69404facc842

SHA1
adecac6b9d519c85b9d89d966fa2831ab79372d6

SHA256
55cb2d2bed0d1cd3076e816cbbb5740c676f9a09d8a54eb5d43e897e6a6acf3c

SHA512
b22e875bb8695a4d1e9c46f52b9f1a75bc43c5e3b972ceac42b3f4be7f9964d667e02e64d919dd6d921839f3a50ed172acfe5ecb598550cfb0f33fed0ea30f71

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3a7f53df51ff1f5372220ab0d3e63e64

SHA1
1c84d7c765217827859d038ca7dfac73b5171c80

SHA256
91484fec6974acc188d888e44f27c36cbdb43fce1861de609f7dc53253a430e9

SHA512
56effc6cb3aaa07a68706ea6c952f9671fc043b9183cc7ed8969e7ed6fb42df9b529a02d0b4613edb2839b4e68489cfc2cfddea5595d532ed285c488da415f06

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
71d1c4ad5f804ba6ba634b446df68216

SHA1
9afdc6200e3d62d3597f9c6503ba46ee33d810f6

SHA256
48d3c74d6ac161a9aa928b20ab613ecb4167bee527b1b7eee8015dccb5402cbe

SHA512
bc92684ac2684ecebb8f740e73c854501d592569d6f19930b02659e90bb60f7992a0b35efa0c941e206c6544defecd4fd81801e8c57bb26267cba449c45baa4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5760e875eedde063ce05d0366eaa8d5e

SHA1
9637a880da4e8fd6e0a653bb4e23a51111bac618

SHA256
c00ce953e0158d204f38071d1ba19db44586665cc52cfc83040b3531c2c4fb8d

SHA512
1771cf57da38c9e31fcebfeb763490dd1c998bb3c319cf0b11e6de7b25027bd5d0c4d6d72287e29fd5d92722744c7b67892b3408311ed27d325a9427c809a477

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7089c5f89df792532cfd483a869134f5

SHA1
95b89845684effe9325d404eb1af1d293042bb0e

SHA256
0f7a3ce1ca5ed916fbbbf4575105cdfb1aa5d1b78a8e5622c37784ce7325e927

SHA512
7a06407a8652912d9b627e28445fd3251da87cf19f3b9817b5c28eac4d6d58c36414b39471f007b6fb539e270b03bab89b75b347c215a8b3f1529261f3ff22d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e061d1931bf9807bd7a7af516b34fb5

SHA1
0db652954cf2d023996681a8aa2d496b19995b81

SHA256
2465d87987d0c4c085abc52a4bf96863d1b996f5169394be0ab54df45f5e3469

SHA512
7bfe72fb6c6c5f83fd4a76d779928e21b052714417a7f360482d12469efbac6ee6bed879704a96c58fb6fd3126c74a8512c07085e77ff37f2c57aa82c9bbf6e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3d33c9fbdca0228a910fa7134febed0f

SHA1
a9347c667c615b96e2872ed715f2c8490470b5f5

SHA256
93c5d9159290cd518b120eefe2e21698959efed11cb17e7db96ac02fc88fec0a

SHA512
845c161b03165fb5eaf83eee620ebce763e9b795136be4ac0bdb949c29cfb288e226c829098de58882a4dcc6a68c0bd7aeedbd6e365dfa34add75e54657d61a7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7bb3e4f09baebc08aec7c0d032b137fb

SHA1
e3d2c97b4aca3cd68aaa6d6b5935b68f84dbd075

SHA256
052dffc88f17f21e9d4bec32e94bceae11386fb3091b9e6af6d2f856df6989f6

SHA512
9ffb691e58d066a58bebac11c6cc2f0991d88829a67040dd3e15ec3edc9efaa3e3a13dd7c3d1decc907310fc5142fe2ac650227ea57de30dbcd099b288f00928

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8e108a4d698d8e33afecf06c8e8d16d

SHA1
fad78e392e10d293a84a20d59feec2c7cf165043

SHA256
dbbef0c267ea3698cae47a9f3e1df25772188ee6cbc9d4d6309def90107c34a4

SHA512
0634df43f560805c314827f806822c81b94d65e3588499066e69290e4bbbc80e3df9ce1e9ece35b20a629119f38783db5acd9c332274cdac88aca1f496c23a7e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
60b997537a05ae625bdf65b8e5a8b81e

SHA1
cc54110c72caa2a8f58e695a4eef07ebe8de8d4c

SHA256
d54570c31f316d953a4ee660f8f05d6fe3e0e5fcf3dc77459743ca90e876ec4c

SHA512
fa35918933691eb84e1cfe4560ace6c30155df62c4443156e263a5735242c9311d607a0206ad59e8dc2f6feecd17664e1ea788e174f884c0848494b37faedbf1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6535ad5a6180ec3ce1d0e843291b65f

SHA1
a10ecf5e03ff5a9098ac7c38d6c5568e737c9a40

SHA256
0e247d0625aae63626b1fbf19e01376b84858435f718228dfeea6a7aadafefbd

SHA512
e77c2e9402920fdba9aab6c3c5673024528035079c2592954b1967d2998d797ed968f21d2a86ebad67554e3ca2293337fa8c206cc0d03a28e62a395cb656d31c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
37b353b7231b6d41e3adc1cf298d6716

SHA1
a496eca51ef71c86470b43415ec19c691c44ee9e

SHA256
3937999e77c988ab3599dac55e0eddeb5ad85d181b6aa17c752f7270501fcbb4

SHA512
32f4d7e480df9d12ebe81679b3c175c918ac4c83573a89c51c9ea751a6ba057db1fee11e95f3f982f5574b3693d6c2c1e436fd4823ebdfaefc37173ffefc6a3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
09d227e941f236fbe9799a089cc7c92c

SHA1
75fb15ba9d37d1b5806c45811b8bb08038fec6a2

SHA256
fc9880aced1fb086b910a4d21961245aef259aa2edb1c2dd505798c8ec24e3b3

SHA512
02649b1ec7bafb344e79781abb757fc6dd865682cf23807afbda93a8062b529a5124a7510dd6272dbca71ddc49250428b8f8f283c8ffa986758c7419b11e9f12

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
8edaf8d354d1f8222e175f8fe135c1ed

SHA1
890e0bfd731f96a707d8f638e972f2eaf3bf0d1e

SHA256
79e4cbc0c6a8f3c86e66b948c104f9fe2f6b64d932649d7d0baa0687e01828ab

SHA512
fbd0b5aef0ab3d3f225f6acdc3f0c982ffad8ce0a2a39276043409083c429e15f4350e625939e24049b3790ab06dacb6814c38fccf311e05d3a8374bdb6c290c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8798.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar88C3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit