9afc7d6fa449603a3eb434866dce03837787e91474eb9268d765288a26ae2657

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2024, 06:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c01cd950a5b4e8e6296b878f10de6099_JaffaCakes118.html
Size

126KB
MD5

c01cd950a5b4e8e6296b878f10de6099
SHA1

b2ac1a137d0220172e85a78cc072db234207caea
SHA256

9afc7d6fa449603a3eb434866dce03837787e91474eb9268d765288a26ae2657
SHA512

d092695a88a22f088ab9106c8988fdd65cda95923f9b212ed6f1a652d3fd1e868139869fafe7e6cbe93bcce92b1064bd1054cfdf649cf614a56bb2708ac47255
SSDEEP

1536:nP89pa5DgC2QTAFZtA6MNGyaTBkQeVLAXihtd4H6WPOvelWyiRM65URZT:nP89pamXt3MNGya9Otu6WPKyiRM65Uz

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4300	msedge.exe
4300	msedge.exe
3016	msedge.exe
3016	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe
3016	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3016 wrote to memory of 4908	3016	msedge.exe	84
PID 3016 wrote to memory of 4908	3016	msedge.exe	84
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 3660	3016	msedge.exe	86
PID 3016 wrote to memory of 4300	3016	msedge.exe	87
PID 3016 wrote to memory of 4300	3016	msedge.exe	87
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88
PID 3016 wrote to memory of 320	3016	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c01cd950a5b4e8e6296b878f10de6099_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab75f46f8,0x7ffab75f4708,0x7ffab75f4718
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
  2⤵
  PID:3660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1140 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:1452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,6576953340340382150,5766155552361980104,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4852 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7114a6cd851f9bf56cf771c37d664a2

SHA1
769c5d04fd83e583f15ab1ef659de8f883ecab8a

SHA256
d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e

SHA512
33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
719923124ee00fb57378e0ebcbe894f7

SHA1
cc356a7d27b8b27dc33f21bd4990f286ee13a9f9

SHA256
aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808

SHA512
a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
28KB

MD5
3e9b79ee679b763f743c19eb540aac96

SHA1
35090af1dd33ee2fa613f355cf5997c6339ad084

SHA256
1516abe75e71112753c3327ba728189f6fc381a95931db4b21fb08457db4d5e4

SHA512
e2b5d14b497d9a730daa17aceb70ca55803a3e291a36454840b66f4159475aea81bd5ee91e93c2524e2d0ed64edf61e4d8108a42c76bb1593b587e499902ab23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
160023c75af47f0b406e5b735c1d8a97

SHA1
91398a2ee34764e608e7d59c4d083caff0f15c6a

SHA256
581be62138f475a21f92bcfd3f7237ebeb2cbaf7ff8178d495af314812aefbe7

SHA512
4e792b7c0fed6ce96fc3636afd59a827ae27d22489265baababa61564e10743922b40d8cc114413250e86b65efbb6ea2820d59a26fe2f1a5e6a4d715195c8f9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
60463887f07ff4c8032f4df6e050fc4d

SHA1
4beb0cea52cfb4e25e56cc21d153def3e187fc96

SHA256
47118c74ace5434d0dc0ed5a3e8c7820857b4e9a935c983a7d72da3dce011a39

SHA512
ebd8f5008456378a43c824d6296e95a84a7baab77532d84a41b57cc2e139ea0d80c6f21bb70bf94570e76b8dfcba95998476a94fcbab7c9ecf6a293a904fa19d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a28c816bd66ba11bee2199436cb87ab9

SHA1
6673bb3b7ba7d048359c7e0027c0cee3db2c46b2

SHA256
15c31cee91c68d7d451ec989757c8778c394bc80ecac74582262dfddc82a9de9

SHA512
92cb02179886c32d495c7b75e054bd7047f08e514273882a214c85925699d23558ead1050b794d779530484ff59725c0670ef636b7e2cc4a3176c53171a32567

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
700dfc3d03d3be892e98c616e43b99d4

SHA1
10e1ef526cbc167ab84ee3e83cec718f8ca6ff89

SHA256
d63879385f1c680a531e8debc1867a9fd56d029e488662f50c57fc13d2bdeb15

SHA512
e82606db759bfa9d4be60969a87f62c70f612903ade39d94fd19e737fdcbce2cfb38ae4b7d7d9913515d73cd1eed5362e77cce850e4b7e0f4db5c484f103b8cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e4fee3cac7e5913d752f72a64eaddce7

SHA1
68ec03d1eae0bc7dd407cb5693daf5bc5b40d7ab

SHA256
c8b913a4e9f1dd13e898b07dd86863904a4bfca8ebbe8898196a74519505b20a

SHA512
78ff8f3162f6a2f2e2435bd38b9d04e0943ce3c59b3a00e25c13133c0e91dbfad6a617ef95d702d9421d748193cdda134309528debea497604359fde636b3081

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9a027db21b8bf38da09fe38ebc01400a

SHA1
f8902c3c61cbee2b12d008eab02328dde36f2041

SHA256
bd96cff593f39720f4663fbfe99db8c19722bc1882f7b314bff926b76499285e

SHA512
9e2a94ec94447b29159bbb291f7832831e301ab7c44e247e66e196322b31f586cc25d27ca28d1b8926d7cec9e151571b0833bf5c8c02ba37dc0c9aa6614e2acc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f29dd8b2d9ff676d8632bc7caded71ab

SHA1
e723f537d744c537abeb92f7c7cb77db76fce370

SHA256
9f9263830b4560faa16f190506525bed6bddd9dbe62ec2823f9dd37824aab387

SHA512
4029580f3bebceef528cb30d2b4e72e8ad338b089c7141ee97e05c5bf7fcd37900bc967b89d7764b9b200a15e972ed5c276568cbd97bf942c266a30b966e9f19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d908dbec722fdd184420b3a92ce14c34

SHA1
3ab4e00c424b76bf951d6f61452d36b8e4d09392

SHA256
0a6436f000a7e69e8157d3ac08156ae8f04d6092d47c7ab94dea74713132b325

SHA512
209bfdbaf9b77c3dfd509f1eadc91d760e44a70c838f37eb824682e2f785741367a538d22144a889a67bd433ec36b54ff62eabdb39f2798921c27c3f358ba1a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f15c5938080a610ccc6bf231f02e5989

SHA1
9ca151435eaff801b1397942fc85fbbb2f88fac8

SHA256
b5357eb123f92ec8d9dde1fd44d3101ad22bead8865d1f837985def5e445e5e8

SHA512
f81889b6aa17038cb748a959500a33f2550f73a99ece8dce0df8651ba8e77a46cae1d8a40574d302d7aec90a33fc39ccc993c8b747fda2f5dfb31f8caa97f85d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe589025.TMP

Filesize
871B

MD5
e3b27c58341c5ab965e0fa711c7e83fd

SHA1
b4bc6c0004d280e6ecbd1fd2b3b918550c65d570

SHA256
7dde3b1468e9debdcedbcad88d8255b9775308fd2c2423e0f18fea7aa6e277d8

SHA512
8a778d1a545284fa8227856d01ad94d34a80ab36764055dbf1cc589c679ad48872561a4edab2d58fa227b863b42924478516843446db41226588651126d989cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a6668bcffa07925d8c1ddbad17b15fea

SHA1
ed44fc74302a027090b42d27e5ee98242c9035d4

SHA256
ce4e23069155a89cfdf94d9d1aae0d792bdcbdb6fb7082f9208719d24824d497

SHA512
c7ba59c4f4888637d8bb3c391d04b82772c59f562fbf8a23145eb326289bb06c26868166c762a2e5c4554adc35ef95dcd7dfca646ae039518589bbb60d18e7ee

Download Submit