3d5a01c9aad6b6674addefd5389c82cd653148b15f11ca3bf854c79ae6b968fc

Analysis

max time kernel
134s
max time network
128s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
28-08-2024 19:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c77cf15e5ae0a9ebacea22934bd35594_JaffaCakes118.html
Size

109KB
MD5

c77cf15e5ae0a9ebacea22934bd35594
SHA1

e8005277d3d57418ab2298ee2bcf8e6dd53ac61f
SHA256

3d5a01c9aad6b6674addefd5389c82cd653148b15f11ca3bf854c79ae6b968fc
SHA512

3a27796027267fe6920667efc19cf9a97bec3c8456b294616d4591da07b06e003f2c2a1af2be3f3609e94b822971a0d95f43b28a7225493c2abe74726008b572
SSDEEP

3072:qjC5aFf2aKlWN9SQY4ThzEEHhTHS2uOjF:qjC5aFf2aKlWN9SQY4ThzEGF

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c06bc03b7ff9da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000587c5091320028f96336453dfb1b8da7c8915b27ac15f4c1c2037f0f9c8a1869000000000e8000000002000020000000ff17031ebb45372ad80dd4821cabe081584692f3b909ea4c0913e7b6d68babf020000000613749877759b60fae7e109ca76b9ae623db388e4d6d3b66080511e769eff86d40000000c6606a36cb88a6f43a350438ad12839abce891d871ddcd0c872f10cd81569fc49e93dc93b264c9d5537512d083b56e476097a05a1d9855b19305a25fb078a229	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000b851cf397fa28fba6fb33d5e91a1ed6dff796bac03a405e6bfbab387d89b3904000000000e8000000002000020000000e35e08b3ef55ca557b40684927af60e5174fa285e30e1807e26cb4cdb01d074e90000000d256e044c58259235d0fa5145ae6bb800ee6d1dd664186cdee0dff09c96d8e4e93e436495a5e89f3e9667a46f68f65e213177c08b80ec8ab85f2fac9fe53191c4d5b813423a0ef8f6fc5060b0c2971fead1411123ef23fcab5f9c8a348ecfcb247307340264605a9ad9ee49cd7aac825766a1d5e06507f8704f12a22f47f718a548f110582d51f5e3a2ee3b6c73d59f94000000012f224ddc5e708084773e722c8be7d9692db68ec5b7d893ad17aeebd7b9b9f358930b4359e614e49d9728fb88cf3de1b18dd3b16432215a1bf81b419a3cbd604	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431034618"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6729DA81-6572-11EF-BD41-DEC97E11E4FF} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2644	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2644	iexplore.exe
2644	iexplore.exe
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30
PID 2644 wrote to memory of 2764	2644	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c77cf15e5ae0a9ebacea22934bd35594_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2b44d168d967621a367c74e3fcf92921

SHA1
a761fc3e416692ca66f726ed22401c4ca1dd21e7

SHA256
a9d09b49b239cdd58e2ea2eb23a3709c0157375d989e205485fc58098c6fc26d

SHA512
ea1349df0fb9b15f56c332a35f1b418a07fe946631e760a3796e7e88b7328e968e78ea6b7b225a469e2ee11f2a815981f83f44a4aecda7ec8052216b2fe76500

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
195281bec34445ff1d94b82d76beda8d

SHA1
f92434b38ca69f6b2550af837027873295ef7ebb

SHA256
c2ef420f9219bca2642f172ba7873639f80ab1888c4df83a4192fb50c9b3ac68

SHA512
9fb0adc771bf31c08bc13d5a8c03832b4604645177b3ab06368372497488f7af98f30d6cb47be554407998fbf7e4f7044e729a66145653d7d92d42296eb4612f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
949d0920f412a73b298699f0403c0b38

SHA1
7eb1e5edf075e0ac17c9a797cb8edb7522b22837

SHA256
387f11d18b4d7a05c53bf51a73996ee21624e5fc5289c65491d0942f4f557b5f

SHA512
7fbb0587ecefb3e42ad9dc1a9485bb11cc032770dfd09d80cb97a4c39a8ba0df0fd6441c3f7529bbc31744a9b0029c069d0e92e119fd30c8404e1235b09b5fda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b4e9f37678227b5b0aaacc0c282c1fb

SHA1
4aa449826dc9b4d0e6612e228ad4f40215b98fca

SHA256
f4fb4b50ca8f35faf497869f81301b941031255c167c8d78460109c22f869d9f

SHA512
afca320013864949f8aca82b1db3e9849d31cd272ea10da70c212c4b5c1de3a77d34e8de54ef700d32c104be7e09099e0eaf5240985d98a90876f9a1dea55b1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bda129483655321995386f5ea3d17875

SHA1
7fa94f3706d1058dc58fc62a7fc410c80b97be59

SHA256
03293a1022565f16718deebb4d60d079687d5a9c589bfecab6671b8909c22eb8

SHA512
9b08aaf585663f4b7431fe5488a344671f0ae5652685a6cb716056186e95a45e0ec5a375f31b9d8497a06821bbf60b90854b71603727022f7891724fe7305cc7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33d549ce1da927c8ce46beed75a8550f

SHA1
d19cfb46154e701e243f2a57d8cc048f3eaf8cae

SHA256
932235cdc780b9175a0778eed8f7adf6c71e3b962ad5de4ddc2f24a9caa2c55d

SHA512
bf145bc9ecd5ce772a98b6c75972406eaf24b3c32f61d4e2822c82586e1ca8a957050848b0e4d47800622b6063d1b255ac5f0c75c051588cc6b26689a7e74a20

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1bff38a17e90ec0d4da52c5eb3371794

SHA1
7a8604d16427694c7b62da5119d0a5b86cc75f93

SHA256
d4940c91af172f53e7e1367ccfc1fadb32958b478cb038ee9d868071324f0702

SHA512
3759a009c9f3ad6e59ba0b0af7c91edd4760f877c59675d3b409bc423f2351214d450ed6f9a4559abfbcd1c7f70192a95f4322427dfd88c3123daf7771e32b29

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
83cac535e1546180fbfc3c355586b895

SHA1
1dd0b4413a0cfce67d7fee80ee0974f199f7525b

SHA256
fd864d440e39e681e06d646d5cfa7f23022d673d2aa144f1b7a26003c8824e30

SHA512
d076e21e9cecfdec777fb543ac6d1ce36fd9afa95924b0872e924b84792c167a58901e3aeea493c2d10bb7d6d7b9d60628f6bef9a1d28d0a83181c82e98875bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
015d396fffae43c153572fe145faeec8

SHA1
7bb3168e32a5f2c748a77b68e9edc51d5ea4c158

SHA256
3d737166e7617e8f8e4691d973681d0e3910366330050d7a913344afde4ce398

SHA512
f611642e444f73627e1854e9eb455e1949737e53bb09982b8c3f5b54c7540cc9e1b9ffa698008b3ae2ba35b28bd074de485590bd01e350b1b49f92d853300f3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9d95ebbb1bf5d5b6a4af895acf0bfe7

SHA1
e7281ea85b4e898a5f36e48dbd44d7e92a50f820

SHA256
adb851356a55e213a5fb863bfa5cee673d51a6a80863814f27b79726a7e58251

SHA512
6a44ea41e8c1bd185c22e13ac5f81584dc96d8c312e3a01a004b0928d9bee114e02bd1fa0c140cd74bd7aabd7f261e82517e7993394f45805358efd7455ee39e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d67f1409fd3d0df05818c277e9638ca

SHA1
fcae71459a0708baeac8f61a939de8a735b880e6

SHA256
dd3545e14e967abbdae0de52950136ddc2c5a3c2d02793dfe59e68bd05b7a59c

SHA512
a11d9f01857fe4f532422161053b8f6f2c64f5205d9d5324ec6f1b106af16959fe0b35f0d78e3e8f177903db11d8119a22bab48ef6c280cb77778a12769d595b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
128794297950e765146d3a4d88e7bfa9

SHA1
6f93801086fdeeaa31ac40652ac213e3bdf0f52a

SHA256
f13c3357d2c9f5bbb96222948c46714bfea5a099345010f87feb6f75839e9f6c

SHA512
8617915852769738255b5ca09336cc628c027e20d66cb65ba826bc844c0f63a03d913a473504abc246f34d2eb23138333e54ea06893c6c8f0bd1d5921c2e6ea2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
468d7aefefcf3d7adebd7430b53ec5e9

SHA1
b3d795437703e407b7b51dbc2b65e7c7db1e94c8

SHA256
e2202f909d5bc03fb8226514c5d98ea2a0054bc0ecdbff325c52c9e7f2aaed7d

SHA512
bb6df6a6a6e59187ec3960d1d6ac446ef8c8837a42fe0b8b34dae6abb3c4dcdfef025fcae12627481f7625e63b4fa7ad527aedf81aed7ba6fabe5922659561b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e0587d5904ac2435b28b24249662f37b

SHA1
2a933ce34df77637cfb12bd67552bbaeb97f29a9

SHA256
28a886eb93e95e3894b7ef24ff30bcdde7d40017c46a5cb476e08d7a7e86595d

SHA512
edc534f65d4965b74ea0f1e0939d03e5e3f35501853a79b75650aa971174208ac4dc79d4d2eb9445bf028791373a0785bb258cd5e825067d25d5f27eba9949ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
577a27d08c3b84b4d7b366251d365b6e

SHA1
c19b3466a6058207cce1333ab88f31916fafcd9b

SHA256
77e12e03426cf75ab2f7edebaf906868435e98c7b58c57f5bc5e27e31b5908fd

SHA512
f174c7682548ff488cb8e3bf15707a2ccc1cc0339d46e4562b48c40a3063e55567cf3b74e2f24b97bebabd039fc5614bb9948271e153ea88f53aef8fbefb9315

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8b2d9238c5d23d2ecba89d5aa1267cd3

SHA1
0dfe777e88bef8aa7b4196895d59f86798a171ae

SHA256
2456ec8f89ffc766a8780ba29d7419ed3c4a12abf09c90967181eecb376f939c

SHA512
30b4735e95c16d63d0ad372fef63cd910777d3cf22e03a246f5bfae5f09650e72d4153e8da9214d9db840131b722a420154035267bcbbacdeee5e418d1592ef2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0746a4cb602530a43f55ea245ece46fb

SHA1
4c7bf1148713fb4ddd66f194a407c0bedeab63c2

SHA256
efc8c370a58505d578571a1ea036d62b3028fbecfd1f03f405ebb43e6ebd83e6

SHA512
f42b0cc822cc947faa4fd31d02b258b2c02897747d2250bf04f2b77f16a9dbfbdb6f395bea52af0a71e51b2f69e6ea2818aef34d9165bd1a24b1c99b1e440e4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6377.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6426.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit