7b9f322f897349d272089ea95b73ee8d58d6b709d02960e8bf993fd3021c9a87

Analysis

max time kernel
120s
max time network
129s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
25/08/2024, 01:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bfdeb4c9f9044c07721f5f75aa1452fb_JaffaCakes118.html
Size

461KB
MD5

bfdeb4c9f9044c07721f5f75aa1452fb
SHA1

6a12ae2660ef2ce528569583eef9a74e9aecc0ef
SHA256

7b9f322f897349d272089ea95b73ee8d58d6b709d02960e8bf993fd3021c9a87
SHA512

2aef78d6cc21b4e8debe26bee779ec4bcc3722e64044cad6691e6161e606e085306e6415a6b091c037ba301f6f17a1c03fedb50b44a8b48affb8bbaf94e04031
SSDEEP

6144:SOsMYod+X3oI+YReqZQWsMYod+X3oI+YmsMYod+X3oI+YLsMYod+X3oI+YQ:r5d+X3/5d+X3m5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9EEBC9D1-6282-11EF-A3B5-DAEE53C76889} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 008172778ff6da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000062974e5b5f804e45b98349be16bffb780000000002000000000010660000000100002000000060e9138a3f99adcca4278e378651ba2f52f593811c38f509447b18d7ce63c814000000000e8000000002000020000000caef5af1be12c30a3f4389d6bc25a15cb757522927454f549142a6962063e6a020000000131f71c41ce0dc3361a116401df10410942bf67a26a7f7c7405a01994eededea40000000721951559d08c9ac8ea472d784edec17170def8f05d14a970cf194a8dbe1a802746cee64d5ee7e745b7ddf0fa03e33513f798752abaad58fdc9ee8d317a98375	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430711730"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000062974e5b5f804e45b98349be16bffb780000000002000000000010660000000100002000000041c8411f73a9a53e8e443f8e876be23c9de3e8d6e180d27aae554aa3af510fd4000000000e8000000002000020000000ac0f2d56742e1d68f4ed895809f4cb979c2445b25f4e9dc5de037f856361828b900000001f1d2767ef172f1ec7fecd8a6ac12a7e7bdcd9cc091320c8c3d5060c8a20e4529cae941e85e029b8f149ffab09120b5c19093c2e880547812c43f77bd15159f6a6cbf20231c2412711b2f2de554f740e1ba23a1f8ce18f5b90401efd87ddb4bd982dcf90ac003910d2262f6ddc44997ec3206228a3ab9df1fbdc4b79a6d673c8f6e8f87a5cfef825c974f9f46ef1bca7400000007281e583a09c9eb8d9282afba20cb76cad851af52ea0c50e7cd764220499e39a1007e846204c6dcc764ad01f7e10e4446cfe9abbe67d55be129a2aa33659f684	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2756	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2756	iexplore.exe
2756	iexplore.exe
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2756 wrote to memory of 2680	2756	iexplore.exe	30
PID 2756 wrote to memory of 2680	2756	iexplore.exe	30
PID 2756 wrote to memory of 2680	2756	iexplore.exe	30
PID 2756 wrote to memory of 2680	2756	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bfdeb4c9f9044c07721f5f75aa1452fb_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2756
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
93fce88d47bf140e0d860dc149372a4a

SHA1
ea9521c335e5a863ffffedfbdf1100fa8efd1d4d

SHA256
bad3c0c3dd0f6094be0607be9f82e6b56b7f6cf7bad032d2b9e530297c4b5a85

SHA512
df96261a85668b8b51d279c5548f7606c76437790cecd4dcfbd10e0f4e1bb0bf6f6ff04002e3b794e28ef6834e10af49e1d635d50949978e254b6b4c4713ca0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aaef8f6fac30815f6cba9f1f18b335c6

SHA1
a8493032496be3c1c5704de3103beeab2a18fc1d

SHA256
8d811e2b9486b932382c347951cf46f0af696761e8089d80933a4f2b33a7ad00

SHA512
1a794f05135603ed22a641c679af89ac0bece360b322404d985490180cde155d4d1da18b97dc624a98ba4743af26bf81884ea67f7bd4e1f21d22f174e67f3d64

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0e18afb875e9c648c1dcb5e95a7a62f

SHA1
d376d409e4b88051900fb6720adfd6787ebd60a6

SHA256
1848da1e78acacf032f5d332c4955f572b5222b46b6a133549ab90d913f8f2c7

SHA512
04af0b6e802eed820c63f4eaafe8f48c7a08f62ecd427c70e70cbac76d164630fd7a0e2110a5f3d9aa4479ed1da63bd47729a0b0943051eabbe7c4da0bcc5d83

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c45152fea1a79e46f744e1bb99072946

SHA1
a62c1826e2db34d2269b775736babf074173808f

SHA256
aff638fab93f5bece8d040c0d1a5e27b090e4e86a0e771127b82e74a91399b16

SHA512
be3ef018e32fe49dd19967fb6d778dccb2d8791c699ac2a14fa03f51ecf26b308b909ad134259d28bce9cc4bcdc27535248a2fca412569728c8f91a0a0cd9b5f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e643f2b231365d476f1f23d9726b59e2

SHA1
3cd5ec701f0bc6e685d1e6de2d0df82380511c46

SHA256
2625fb99d714845534d6956c206e43cc85ba33da39f8b35295cdb9b8a142d99e

SHA512
f7906cb81520f1eef87e183b58c0a0bf48e6aca893d1d51c114f5c993a01033479ee5d316a8dae014c96830297e43e942c314a122efc2a744737ec60bdeee012

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
97f3fcb626668883d47ca4cd5ee03f46

SHA1
a8df640a3a86f9fb70d0f497778927dc8a4d7291

SHA256
59c6a1fd92cc5bac5f32e9147bae92aaa90351f60d8409692a87b60c9710c8f0

SHA512
e403d2c380db96524be8ee57cb6e274748ea2f779f88edc468af6b68414a9b10d93b1ff451532baf785f1ea9e41b569161c492b159b341391ac8f222f70f5f8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
77d5fd245a36ac695812113604a91016

SHA1
7acf2cddbcb72ce075373fe6474394f21698d2c4

SHA256
a12135c47dbe9eabb3c038169aef2b467a8a699d8c033dbebada9ebfe0fdf5c8

SHA512
879bda6abf9ef3fb18f6f8089267e97d19e38a20323e3adbe42641df0c5bdb6ebbbf054ca0213bdfff3bc75a71297bbbd084d37987d2af1f4e7c49f4df50bf59

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8ad0d2bc2f6f9c34cb7c28043094f84

SHA1
23e1cd7a00a3249e9e68fde9367a741ca878531d

SHA256
b73e05fbe8257a81207c46120ff2a5f8be98ad6cdb29c3bbd1eb33f1504d1681

SHA512
8c77ea43cd4c71c0162517f0818f5d0112a98a0f12bdc7f0012eecdbacfce405174780ade10445bc2c0ac0ad5747f6449ab928a791fa5d5547e701ee5b3d4757

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
62c3e96f1348010d8e39a2e9282adea8

SHA1
9beee408c1d36917e288f3dcd6a2b47341b4fa11

SHA256
0d7b27099c078322056c33430362bcb893ac1e575b11eaff4d4c55c761667b49

SHA512
b2581277c35a569fc2effc0f62ed90cd9f2488b1b88c9fd60cba59e8a8d22211e4dd8041b68a50946555dca77248fda12a1cd683b1f1d244b44e13d6237cd526

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9013b028e5561551e5125759fbb54129

SHA1
74b04f556bc5f6c3d44cda0bfacf09b42a1c6d12

SHA256
5c00edee36d9817e8dff8e0010b137f2724be29fe80464609a2620677f06a8ac

SHA512
8be08c83603413aabc9e979d06590a79387686df2add2ad65e184c499635f511a36ad67c32792b082e56924a17ddffa68ecda1742c91bdbaee0baadf82b11614

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6812afc40459313bfe22a5fc002a964

SHA1
35fdb4cba8a0c722073100a175d9bda592ee8e20

SHA256
223c041b2c0f878aea073f1581c1f5eceafa5192f069c3ba6163e780485e53e2

SHA512
285f8eb345a45373c8ffa882007618ec1e98c4059455bab02455d6ad94d639bad45aecfb64b5f28c010bd2a5e8bb2e0ae19a21aba10a47ae26187be5c34f05da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8bd6097a93dbce64867ca9c0c3afcd6

SHA1
9f269d57698de32b0cc68cecf8defead32699399

SHA256
7d2db13f229357f17141d1939b4451525468417720ba8eda51d05c2a33190a8b

SHA512
4f8ef625213b0eab40abcdcced87e5e5d8fc12536c88e6621bf6b722fe5a987685b4ac95b04c50492e3ba9ace64192eaf517a4146c717387069d244ef587fb97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ecd240e0d48f4eb0729fab4982793601

SHA1
56acde39c3b7f929d038f58d71090a21feff41f2

SHA256
3e8bf4bf9fbd1ce6c3b8984c08f4441f1c55c7fa81ad53f2f2d59474525bde0c

SHA512
3e380d922da2dffec516b53e019f27d81cec7811f496a0fd00578a3ab9ad0afcf49ea20b5fa2ba7b6bfdcdc6fd08d918c13838915f97291c1413cdc522fbcc49

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d687bc0b7d7b890b7fcde89b9ac6e048

SHA1
ad6ae08de046f0b2af3953782dd57ae08f8e05c5

SHA256
56d28327c89203b9c6591996fb54473599464cfb6200dce907dce8ad8b4c99f1

SHA512
7eba91c60e4102dafe756d251e73b6e5ad9a1748b592401225c75ed42042e38af8a94a47a061dd68cedacfb1704b22e90c76e45272de66439f58638f31bb2a78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
43fd735d2cb3cbeee5d4c4acd7387cad

SHA1
db3234ab817f076224e81014a0a4b311b039720c

SHA256
d474478a58c0be93664b285b6a8f80d7b0a93f4e3289ff8f2b4340cc2e920ded

SHA512
5a8a88cff42c36465e1a946f99aff60644bab3a6ffb568aa0855bb3e4e15693749c540e8921c2d3be453bd4ff2dceb033f7396cbbc0d6876e0e4c5f9294b915d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6f8475e17fcc527592a59ebcf3bf47b

SHA1
ed08ad414259bb0364397d11278d6e510db24dc9

SHA256
7912710d3fe4920ae3cb7645dd28eebe84433fb5bfb6503312b66aa3dbde78a6

SHA512
a847d2d3baa222b83b24665bda6e9153a2167d80c1f3c3ce653f1f64398e43ff2217085be7266873c86b9084d892111e58bd809589395d644bf783161de9ef3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c15bae1aec3bd1bad79bde2c28e3dfc5

SHA1
4390d61733de7e8df6a33bd954ece7642886da02

SHA256
f6f6b9dae84a87dada5334b7746ad1d057a026583da0d88b3303f17ad75ced5d

SHA512
32db236cbd9d3315a465f5a377a2c3428bf71627fbf1c29cc6bdec91586184517df8b0cee30bcd2047a320b1d0492febf151d4440667084064991fbeac610382

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab53AF.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar542E.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit