59365e8671554eac595c31d2a26a8e8dc5139658b77e1a8220a433ecff5d5104

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2024, 18:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c1606ecba61c15a45c0212f3e635e318_JaffaCakes118.html
Size

12KB
MD5

c1606ecba61c15a45c0212f3e635e318
SHA1

946a56eecb120233ada86738e328909cabeda287
SHA256

59365e8671554eac595c31d2a26a8e8dc5139658b77e1a8220a433ecff5d5104
SHA512

71361479ffb898485732889d60cfd9362ef8d1437bef66877f740e1b3cf2e46d348203fad9a29f83d3a507894f73d70ff45cbcef55f4e220bb62a0a95b8e767d
SSDEEP

384:AZvVuZzvovPDaB0NRglN2Ovis9lK04QdgRzTfMMg8:AtVaToHD80NRglcOvis9lK04Qmz48

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1840	msedge.exe
1840	msedge.exe
4392	msedge.exe
4392	msedge.exe
4736	identity_helper.exe
4736	identity_helper.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe
1984	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe
4392	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4392 wrote to memory of 3444	4392	msedge.exe	84
PID 4392 wrote to memory of 3444	4392	msedge.exe	84
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1196	4392	msedge.exe	85
PID 4392 wrote to memory of 1840	4392	msedge.exe	86
PID 4392 wrote to memory of 1840	4392	msedge.exe	86
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87
PID 4392 wrote to memory of 5092	4392	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c1606ecba61c15a45c0212f3e635e318_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff925146f8,0x7fff92514708,0x7fff92514718
  2⤵
  PID:3444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
  2⤵
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3728 /prefetch:8
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3728 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:1588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,14423934184568180320,14283214794068959292,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5896 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3120

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
111c361619c017b5d09a13a56938bd54

SHA1
e02b363a8ceb95751623f25025a9299a2c931e07

SHA256
d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc

SHA512
fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
983cbc1f706a155d63496ebc4d66515e

SHA1
223d0071718b80cad9239e58c5e8e64df6e2a2fe

SHA256
cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c

SHA512
d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
fe17628b96b798524ec8ca4b3fa53d5e

SHA1
3037c8a1b118691b0be7a7c8408e63807110f73c

SHA256
eee89b25e4c528f9b051f12ad038f3dbe0f0a97b1344864045ad760bcff91019

SHA512
aa4ad8579e820206c7b02e8be7b1c7b7e36adf2898a131916d9d8156dc04fcd1e4f4b73b8aca4470f0e408adb06b9e8ea5a52b6f08c608bc0c2e4c9995e0582f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
eb0c1b4bab212bd322bde287994f1305

SHA1
22e98fa9b80da07ae0ebff26c8e59b3fa7e17f94

SHA256
a76d7615017942dc47220b3d724c258241e02b2d571a668b334d8f8e47edf875

SHA512
6b75f8c3a03d6f6b762d91a0b937a6bc45897a656470b71d54f301c964562ba6751e3716b00e58ab4997ade7d48b97d97a46db50ac0338c217e5ab0d51605fb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0f81d6dec0cd3076a11d2dea0c8c88e6

SHA1
1b3a1bac8dec300b5c54d9683858e20c6c20cf3c

SHA256
2efd4c6296296051036c244707c4b012dcfdc9512db7450bd7da7544ac77a032

SHA512
d91efe0d2edd72e9956af5e525203db23311f1386d31a7b6f7aad77a346626f91a0fa34ff8d04d53a3406583b9bfb406b981b653c4f4523d257762948d42a268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e292bf60d9fa2dca661d6e471437e909

SHA1
94b95825dc6b021c2746b7b2082fd367b7134a5a

SHA256
bd05e27d9a9e71e01c12a4445122423e85bb95871a53d8e21b53f006245d191d

SHA512
5712e3e0b98b3f43f4330c41737a76131fd0c3c79e52aa10aff8c96d1e0636cb5957ff9ff46034c976bcc7b289668b790877aa43815cca68e9e7daaba06d8167

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
fd3e398050827e1c1a923c2cbce39f00

SHA1
f0d3c349d297bdb9cec3eab3b5050481f0d40901

SHA256
dc6983c9e372b878d85556af5d0da6d4920d84a32ce53eb2b01c7d67ca8f097f

SHA512
4c220f617555e024c5d4311b3f49e5625e212b87b9cf39354f8672e6183263b34d62f281282839c6ee2d01ff03d6b8642ff076af19addf1c8dd489418174e480

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ec063163b9b553ffab28491caac46764

SHA1
7dbdeea86c2a6a951bd300b8cb88cc2e17626d74

SHA256
481570b1a35d98242f07b60263e3494aa311c9d48836e6747f79be1031193ccd

SHA512
236b677d18f48d0b7aa5ddd1e395b763c4edeb26c8e619b45fce23f751169758449d9038b35a65db0db68df64c199db7c175bc09159637a65aa28c89b2ce1cf0

Download Submit