3639efc7a5d579bd82e259fd525a2bffd4d08cb3a105059952bd9b893392b260

Analysis

max time kernel
119s
max time network
128s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
28-08-2024 20:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c79e5278c2f6df5ed2adaf492d75fa30_JaffaCakes118.html
Size

40KB
MD5

c79e5278c2f6df5ed2adaf492d75fa30
SHA1

088ca35ca56fb1d48deae7f9e71c6f9f0ce06921
SHA256

3639efc7a5d579bd82e259fd525a2bffd4d08cb3a105059952bd9b893392b260
SHA512

211b4e5b59832e7ad781d38d9d44f9f6c2fec737204aff516094d1ba1c6513f7ef70e200e86169392f9f051ecfc41938c717aec23a3a640cc8d92d21a102ee36
SSDEEP

384:BFVpfea5OB2bS5o2+5RMrCi1C1AxbRPeEF+7LlBhPo+08qcRe3Lkl+QqrSwFNz:BvpWa5OB2bS5o2+5mrCifTJ09izhR/

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6B65D071-657E-11EF-A3CD-E6140BA5C80C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 407387408bf9da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431039780"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f0355100000000020000000000106600000001000020000000618a172ba01197644e12e675396acc9fb055f247c6d55404cb243ec3668c7f26000000000e80000000020000200000004754634848ee3e9b993c59650d000b4aee73ba77c2c49b277f88d38a339ec61890000000e9c978cf5b487acad6c8af2fffab3ad8323da9f6312730cd28f98ee0915a238f219e1053a2e4c06fc68e009a129fb051d725df008624c9dee462ca27b844d38d3a89b1c5f58ca4a718e2bdeaf5114363f6ef7c56eb76027d7fd988d4c43a9e4a8c43986225b9280e3fa54dd0fa1e151171e20695444c15eee15af0c770bb4b0e3c9e81f40bc04ef3481d070a0261012c40000000aebf4a89916e9985eea15df2e2a8b7f03009aaad67551e577cc94ce4379ac81bb920535fb1dbaa179e461ad9689f4751ba9f5e75240e2ea31f7b0e5b939c5fff	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f035510000000002000000000010660000000100002000000024da99490e9def8f37b3c6c6b5f4efa3061d7c636a000bf3fba4cf74dd36c89c000000000e800000000200002000000091c5c6e13214de067dd4f0e42a9059a8eb6d12fa5e500f566bd694394301d4c320000000bc64c7ff04edaf5d8fb52a68d424d71d7f92b1df8f096ad50f4573524d45f6b740000000cebe564899fed5621a2da1a0d903a3890ce06187d441db6b4bf404e40070301be382c9ba51cb841114aa63e52ed2bd03fada84b8532a547da22cb3363ad55a82	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2396	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2396	iexplore.exe
2396	iexplore.exe
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2396 wrote to memory of 2740	2396	iexplore.exe	30
PID 2396 wrote to memory of 2740	2396	iexplore.exe	30
PID 2396 wrote to memory of 2740	2396	iexplore.exe	30
PID 2396 wrote to memory of 2740	2396	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c79e5278c2f6df5ed2adaf492d75fa30_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2396
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
22ee32d6cab7c8bcb28e6947b2c397ed

SHA1
7a0822420ae311a399bb664bdb02255cfc09341c

SHA256
fcdba6d80bb0248c6691c41ed3fba87bb2996e0bad1b4ae40e7e5bdd11cdb6a6

SHA512
6c2c7bd1d35a640ca6409bc3f389b4a1b334486f8c5528cfff3a57dbddebc42f20af632ec2be3b2cb80179feafe4391ff26e821acd00a6397d862776330175d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e67d681c55298a1ef3718ba47bcb6ca7

SHA1
f50966ef2f9ffce2765f8fc151badd2859c83be8

SHA256
f54c1afb0362c9d0f85933967d6c0c9073316a8d657f28c6e24c83be71bd54c0

SHA512
2a95dc65ff8da252a9d850515a98d71c5c68eb6ec193c1a6a48d11a9bc6346dd0376fb892afdd377043035ef527d69fb1b710c444b4aab1b60e4368b1ffe6953

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e74442fb98dfa291559c93d680e22532

SHA1
b74987c1382e3537bbb9c7a07c4e28f5ed85ccca

SHA256
801839a4790dd2b8491a2c3e52490f36631194dd667907109bd6a74dc6a614de

SHA512
2c34930a4bd2ed0f5d190f8fe77ae729a59686f7aad899be3af4d2e48ebd4947c1fc53b38a3d665aebf244ab1b9979a710389e54d0a3a3399b13bf8665037d60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5cfb6803c5b7bca44076cf3e15c4661f

SHA1
7fe97a5f6a014595734fc7099e4c35c866741006

SHA256
1f3d486a70cd44a732e4f8005807176ac8de9e568bef435bd4f5ae36dd901920

SHA512
1cec8dc89cc9ae9702b7450d1f5ed8bf00bd97a1131896d9219d1270ef43ce772363021e109c3075bd72e4e77a7667a3dd75b0a0467817ce3c5d26e0b1fc2b2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
004d99e2ad127a43e4e932cbc4ea3d5d

SHA1
d0b51b7b95c821cd7af55132014212492fd2ba62

SHA256
91425bda8b8f2066acacf20b42a2c960aed3d9b42d33dc1cd5ab71eef7967c68

SHA512
274680dd758a194f27d0b45360b95789ac4992519c2a4b50ba074eb3d9c8e2fc80542931257aa5d548aacb80c734c92c70927868f194681de0b698ed837ad268

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
79c5c5a0ba58f30d0fc7a1cd1d399514

SHA1
42c5cb9c4f9d320c6a24826dad14aa9690a467ae

SHA256
8970b5623a63e147f685dea69f75a25fc245d43afb715bfa5495ff56ac765e47

SHA512
775fafcbf3a8badfb4f57a929f60d21bf5ef0a4d3977cb088f8edfb41053965b456324be8210cf438de0cd5170f394c734b4313603accd00416e5f2d40b2fee0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ac85725023f7d82b95c782c5384c13f4

SHA1
b897263a1af0c0b94300c40f27023cfbc6fac207

SHA256
932882fbf5d9dc1985bcf68a1c2f815d46267e838b1b16aac61f1c9a1457af98

SHA512
038ec81b3d7474c1c8748309e3ed60323b748f7c287bd45d4048f59a4f2c0c190e573fd6c1681f6653071c920c8917c06915278fbeb652f1b5c376f5d94b1b4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
04f35fad4a9fd1a28e071464d668d728

SHA1
67e543cdf17f88adc85d3b876f0801c3a5845c4e

SHA256
29e07f8c6c9071e9005037e7f7507e1ad66c3d239c96cc16b3e19e8daf19207a

SHA512
e2d06a9ae1e99adf54759858bc694146f85c01f2f377da9f495a7e21d75ef2fa3fbaaa1eb70f7ae416a2d3c4012ef4a18e01bf3557db5b001ec1580f03e4a104

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47aea06b4fcf42833e184aba637c3d32

SHA1
fceeab262fc76e3fddafdcb3f3460fafe1569fd5

SHA256
2b5cbcd8aae4eb395c64c4afb6b684c47d9898b817fbb88e68cd835ddd574874

SHA512
53610500da84fe47ccdefdf243c2c94eb2996b01db2494fc837e3860ec88441d45c144cd0642a62993f8fb944a4d414ce39ce366cda464f87e50596dee9de304

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4fc8f2d570232756740f49436934cb63

SHA1
0c6668b8dcf06a949df20d8020f63ffecd9d9459

SHA256
80ccb5e4cc5b017172981e31a00103806aa1292a9779928efea3b4cd7e7f9119

SHA512
3553b95dd93b5a25b9981c86d6d8fea0eb26c6da01f38a4b7235b8013aff357b9265872ca34dfcbb451b11b6f8bdb52a0da7476bb323885b6b2a5ca693f4ce43

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ade2a6b3474a60fa8fdb190e60486dbc

SHA1
99ffc12a4105974f52288915d294c18dbfad69ee

SHA256
25b83d7816490565a3c391ade34f7544f4a5c733f6d143574724d443ff6fa925

SHA512
ae5973566d8ee71a8cbfac241698a89809adf26a00584cfdd70182336acdc6e3ca17db9fe48793f72c0751a1c1666528fed85de6633625c3046288ebba11f0c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
80c1b6cf9597a15eb461dcdcd45a045b

SHA1
2e3dcbe523dded6e86b8aae16c913cb9dd910909

SHA256
8c004c218e6a0f357301b94fe78452e51b43d76013f0954127fc65760d032eec

SHA512
38c2a340a0b281ed9b22c23f43efe5ad621a179353d2b07f5bef59f5461f47b8f1e81620cd319f23e2515efb975f8e9b6545dc04fb0fc4c965f79f75caa210fa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67c83681268992112bf6994aaf947b92

SHA1
69f0a64a36c129a70f2c976c84f85a5d5eaa837b

SHA256
a97afde0c11ce5ef8e6afc5292ca2a32e2f93e47daa487a8872eaa266e036dd9

SHA512
1ec980c6b4cd29ef4aeeb22f16aed71fe017d31e796dfb03fdf0c30b84337d8f759839ae6572a83aa6efba1be95c16b063c1f26a2c08719cd80e36ac5aa61417

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
55feda2f070cdb67536516084a7383ae

SHA1
c282a7e013c74c03850935a75242a69bd4fc2ff9

SHA256
66d0ab3879d3bfd4f1238ceaf19b96f17172f4d68463858173773aa818189f51

SHA512
c66040ad5e619b1826920389c9798b55f3f4c50c6b3f6dfc7620c3f22f4ca7b1d3876859877a84b29912e2b4842a3d79bc0233c0a3ca05629b7ff0b8ddeaaf19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ebff5bc31275983cd0dfad8827b9dc6

SHA1
36e3920d4954d7deb55ad3a92e1ab1ab2e4a648f

SHA256
3c92ba90a6261975666d08cca72075b1fde31fcc36ba2a2220bbdebafd87b823

SHA512
2dac7d8aa6d166b6fee923fb93c95b48fb3be5c5a6466d573c2d713daef31f0f9146c567bddac13b590567fc7f86953d06afdd64f5b3a326ebf671f33b221bc1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7eca1f546b1ade7c7bf2184e1d20f94

SHA1
a0994d6024ff4ecdbc7576ec096d148ae06403d9

SHA256
a29052fb8f0d934b7771811d8a31675e7e3d4922e0d653f75745586a01f5d3c8

SHA512
df118ecf5cb941e9233a5bf0263cee5532395b70c9d836dd02926f1ba7b3498f631274d224966165b0197f26ee0283b2149d74cb7045b5bd583da206fa3ddcaa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78f0492fb52902d5d543b78fd4cac3c2

SHA1
5b8e613d5c6987f5dbaf79cc9c8dfb25d94c1917

SHA256
dc8337b11874f554442ee5acbbbbbdbe141181148deb4dbef9b5cc577407985b

SHA512
1a8090357460dfdcde79ee509443492f90d3842892204f69de512c1f007d21e764914d26c4ef6b2508ba64b2b0c9917249d86bdfeec142bba67a937c4a943034

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8D06.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8DC5.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit