c90b8e8134cea5864bd25dbfbd3755139629de2f688b0757ae9a44bcafe124d5

Analysis

max time kernel
133s
max time network
128s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
26/08/2024, 03:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c23aeb07d7558510a8d216fd65015998_JaffaCakes118.html
Size

10KB
MD5

c23aeb07d7558510a8d216fd65015998
SHA1

24cb9a4415aabde846e73f40043d065e4ef76283
SHA256

c90b8e8134cea5864bd25dbfbd3755139629de2f688b0757ae9a44bcafe124d5
SHA512

f1a3dbee6dd0090ae0308d503c4939d324cc09108c30ad5b94ff32b2ee2f5bc0c712437f86da10c7966d837caa3d44f8bd62501bed57133946af77181eeaed19
SSDEEP

192:FihrNl9XcqJEwVEgE1CFARIuCT4yYTw9h7Szd2kraPM86e9NjxikeKG04aycwMWG:FihrNl9scrVEgE1CmRIuCTPIw9h7Szgz

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003125cc29be9a0e41b44a3d73dc8faf710000000002000000000010660000000100002000000061326600dd3a116c7755ecab6379ed37663fe594ecfc23cafb5141c670668741000000000e800000000200002000000040e487aa6ab0181fcd9a087039328e2a6e682e591b91ab702894fdf32c53d83e2000000070f5b27992c631d13cd043735eaaaa780cb8eca4f0ae0bf9bac5209691445e66400000002b24c2b7c4dfc48244d40a2b8cf8685f0906116f0b8cfe763b215a2bf4ff59cb75c9fdfb180dd71a54227d9b28d1609d845b3d456bb2192fe7256ddcb72c246f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D76346D1-635E-11EF-A850-F62146527E3B} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 0095c2ae6bf7da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003125cc29be9a0e41b44a3d73dc8faf7100000000020000000000106600000001000020000000098739ee2b633b74ecfa3d501fe34ca75967248100a53c08b28f10ca905ba0cb000000000e8000000002000020000000cc803744e6d6bb83ad623903e653079e102639450312bb4dd83ad531dbf2175f90000000119380d8fd6b57e5ab19ded1e954c89510ca2994568df3f91bcf0ca9adb1ff41fd9db87a951d9be0dd95dc003cbd8f447e61632ccc4d1c25285cf10e85ad4a2cab051a553d07ef73c894c3691382a42186599de6b798e45397175c5a82df970ea521d0198a9e8892cc4ff75ebc2581dfb8aba1e14e7d6b998158c9034db7c6dd055f623b33a238b45c6e52462a9c669940000000c9d967952bef5e8f20d0e04326927d0f824377d846a2ec8d737d776f491147605eeb708d9b03d5c5d6833ba0aa099ee1462affe08529332ce3c6e52a1f089540	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430806314"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2172136094-3310281978-782691160-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
948	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
948	iexplore.exe
948	iexplore.exe
1272	IEXPLORE.EXE
1272	IEXPLORE.EXE
1272	IEXPLORE.EXE
1272	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 948 wrote to memory of 1272	948	iexplore.exe	29
PID 948 wrote to memory of 1272	948	iexplore.exe	29
PID 948 wrote to memory of 1272	948	iexplore.exe	29
PID 948 wrote to memory of 1272	948	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c23aeb07d7558510a8d216fd65015998_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:948
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:948 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1272

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2ab30184874d681e876c3bcad6e26f48

SHA1
f04f2c2ff7dac3d87ce242fdb3b8d0e127c32b08

SHA256
5008bf1d622d2549275bf09dd4e7761e0091f12846ca5075507e0030b88375c5

SHA512
846e95f5f681b3ef166bc45f43722e67de4dc38d1806c7653b0e7c62dbf6fa58bc1eb49cf11a9f8219a3c120c841817d865132f22337f247845d2f82a1aabe61

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01125e6e3d84aabd597842c180b5be07

SHA1
286a2a26f7157089127b85abd79ccbbd7f03480f

SHA256
f18582c336f82b447fa01d907e189b75cc86110e3c6082d17dce0c3405fa765e

SHA512
b42deca1db880bc12c396da49f5c2a3a7ecbe8558ff1d247b291cdd3284526e8b2eeaf23c4117ae64b9e271543a513fa6c446144b6a9aa20fb66c6d58e75be0b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ec113d8ec4b9d8ada6dcc45353b6603

SHA1
8463fd6bdfe7e08f44a10b4878ef0050752982cb

SHA256
b188784768261d99f540ec8caf5f9796348f070ced459347cb1244b47583455d

SHA512
db4a36eb12eba8f3cfff52fa82fab9c5858053043203a068de09cf52e80f2af2d5f23a5868ed71f5dac3cd69a597de00a3b3747664c0799d622a3c34dd4dd1da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c67ef620761f0aaea4c8fbe49c04842e

SHA1
1ca1b5a7dacdc6e592000467289c463963108428

SHA256
d210babff5ed036da88d33af0afd96481b38bc6202517a8b5d90d0d9e30b174b

SHA512
ccad86930e285608eca198c7438d58eafb34a8409058965f0b3a0bf100499191ea53e48d23433afb9c7d23f659e0ba0d96a2ffa55abb4e8f04657ca3a906d689

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
787b4412306b381990f4453ca39f1c6c

SHA1
c57c8a5f26c77764a1ad1cc825b772d25ff65f72

SHA256
5cbdf1a92d7a74fd053734b0e9c77a2274fa7c622e52f6970c9a4f6ce67ea24b

SHA512
b03bf2d7218bcc3f6f5fdc851741153e074f5cb93c2f7af98313d9ee41bbdc9e7655880afb6a7d02a366040005aea76e887dc383b4a8017d9a947c3ebef3d131

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ddd7ab198d663ef632b7349e8da2b63b

SHA1
162439098c1415af79a06434040cd86dcb31845e

SHA256
b312769eeef7e191ebad809e630031903361aad75bed1f2e2d1defbac39516c7

SHA512
21256c3c428567f361242d94836da294c5a9d38ed6dad570185dffdc928f3b53d0026e433adbf1117d010132a15715dd76c86abd67be15b242754a93ff3d1cbb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a5db9383a5e2765e2fa9b251b9014ca

SHA1
7aefed68d31551e4ba9b4935040bc7b4ab5e289d

SHA256
4525c3f721e700825c14a32d0fb3c23130187d6b26064c7ac967e575cfe81474

SHA512
18bc82ed4f2d4ec93498532231759632008513e58834676412772810558d726f22bc88317270712061dc28dabf702766343766538ea15550f3ba8592eed8f8a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4719e505abcb88bf116da49e39dd1b4

SHA1
493634b98cf019c08e2edce66bb8833b88881e83

SHA256
0e16cbdfd975f7ee5e15a457db28f1e1a8d47ce1876afb36d9e73fd4fb7d8abe

SHA512
966386030a2a4b694546de48358b1e5c6bbd3a3b037a450a7bb39fc077b4d79bf3e3720ea87be8b8046d95f1a68385f188a5472d27b4e0d21f9a7cb0f63449d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f10e10aa83a8db73e7915d6462e0da32

SHA1
7592618759d10ac23cc6da4a47fbc34efd8ef642

SHA256
3059f1ad915bea7f4021566a04d48422d9d2a8593e5c79c5a0bc832ef5602bd2

SHA512
5b89d29c8ff5270bc02c6fc254c6587c60caab82ea696b279424e55e4aefc65bba275d9573a3b5d624a813aa14d032e9ebf8d4ded5bc10c16417dd25d0bff111

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c622d8b813ecf05eda10bbafcb6bdda0

SHA1
34ba6c7ae1959cd718f5363507c365a1bb81454b

SHA256
b2f225e2a0daed2a48f1c523fb3857f82b7610ec6548c8be0a6bacfb00dae74a

SHA512
c9a210d6b7b0a3a5169e2d167c0d6501ca9fc0fdb0b5416e8474455e8460f2f2b1afe930c2c83f7004ded65d5fef7cb09f150bb6fd4f89c0d3bc5a2e444a4717

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f98ba1f3340300eac94c31f728d489fa

SHA1
f8d66ce72e158a6d76de3b5ed524eeaace8dd51f

SHA256
889d1f832180d411bc29fca1f670c49e05a2384fddaa0dd9940cd002429cb276

SHA512
a6e6070f763a9483156ffb46eccb9afea664e4d5be20b043db2b8e01979b8c973ab3d14c4138e61ad69b1f2b4f80037a23a853379d8393c77df0e3bb3db06d89

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eaea643782025c75430b1bb708beb32d

SHA1
649906a4ef109741f5133f962ecc889f18e9f4b3

SHA256
4751520bf937e939b742fbe7de3f4df97e749cb6af65af17d5938de3c9fd1b10

SHA512
fbe0d7413cb27e4a05d792d9e55d9c5fd0e3a8f97218fe5d6ad0a3a9a46a57a0351db9e9f08bb3f01b3c705ad5a7214c9582d9e717cfac413077b90171d92736

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d45368d673947a92780e1a990a40dd91

SHA1
e82bc78c8a478767233b32d8dfe34509ea7f6b2a

SHA256
80a0083258bb1205429cce80875a148f067959e9b1e95a1f33e37286c41271be

SHA512
117d7da917174728cb45dce79346ebdb8d3a2a4f02425498d134a58cb1e87058095d0883e9c789827ce43798a286957f04e4ab71b2f3bf3eeeb141a945a5518c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5266f72e79eeb3f8729f08437ed8ac91

SHA1
f1f169968869c356a6c06402bc0083c1e7afb951

SHA256
d7ecc31e69ed868bef62511565b5676dc74eae5f7ae8f636d8f7e0e219bf73b2

SHA512
49a08aeaaa7cd89b22c39472f04e0eca671d4d0e8af0680aa4712fec1d46e042ba19e8213b6377438ee351601a1376d5464cb84ae853127d483269c399474a8d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e7a35d10bd775caf14445769bc456ccb

SHA1
f71a6a438b64c357f47c0d8c92df7b5f7351691c

SHA256
5ddd7443f1a4fba4e0254ca7cf53ce412518a1224c0d42a7840796e2725e82d3

SHA512
4d89a7b68f5a9fecb29bd2926e4e8ea547a6cfb8043c8543b583d62c04305864327cce1c23702fc2cbe101247817be883e30ad8e3968ce8fb863b7d06a12b02a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
448d9ad81000d6ea5e1b5a844b8c4cd7

SHA1
5485984580caac2a17dbf2053785df5d17b71a07

SHA256
a07efc78400e631052577dde95983bc956e3a2c42171e9aefb71d8c348a7b054

SHA512
4b1a19a427415c1168d6fbf4baf5245fd6abdf482f4de9e7a2d6e191fc0e050259e570565ffdd2104bfc987eff8c76cdadacb4639fb2f50867d336986a9a45cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d3311aa5fa89b90cceb457b3746ecc21

SHA1
306a57d432d152c7dd0b224412a146eedfecd800

SHA256
ec192d48926201c11efa97ccaf9595195dd955135c37e7f8f9229fce9ae99e7a

SHA512
175db5fe50962249b3d7766e077bbf692e2646964758d81ac0769cdcc1e7b83e63e4ec55e869f13838a42b6b3a9291a1c6d7a33322406f8eb99270ca12e469c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
16d27bbd0c0b56f0fa2e400fb6a85aea

SHA1
7470b26dc1de130744bee9a5caab5ba5655fefc0

SHA256
045f8cf269ccdcfbc7f2926ca091b7fe2347682f8e4e3a2022ecb572eb339add

SHA512
872304342bf293aaa271969f35890420a437a92503b4aa818f8b2b41a6723547e39597c8ec58fe578997d32c639c84bd8177158aa1dc1fe04bbc902cf66d8b8d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3B6E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3C2C.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit