42242c28ce9b47b1b0bb75f87b8982f74f19a47f82be7fc361a7b8b339e5b80b

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
29/08/2024, 04:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c834e65de413d8e28d76b9438d0b6e59_JaffaCakes118.html
Size

4KB
MD5

c834e65de413d8e28d76b9438d0b6e59
SHA1

bd423073964dfb65458563420c951da64b3cd6ba
SHA256

42242c28ce9b47b1b0bb75f87b8982f74f19a47f82be7fc361a7b8b339e5b80b
SHA512

99486b2fcce722d94373d06a9b3903684b4594c873b28ab918b1cda949881e9a8e48d8ceecd3d2a68257e8e3e51c964adcd550434440435f6493cfd5d04218a1
SSDEEP

96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8oKSvd:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDu

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000070b505063a1ba0e5de9ed771fe627acc5b909409efae467e79a6de948534323000000000e8000000002000020000000d3d51e5dcc966c222bace1233964e1ef63825a9609733c260f2784bf70f0d0e72000000097afa92dbc97a6a97b61aa30c8c79b88b37863b60f503ce7043aa79af25f9021400000005ba846515a6535a3041e34b06e19151c2380d3f55177ae131acb381860ab15f73bbb7e36cdd6e51173173e0d6a9cdea5f76cba5894ba26c512afe24a0dca73b3	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431066582"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D3C181D1-65BC-11EF-9CB4-D238DC34531D} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb47000000000200000000001066000000010000200000002004dace304a8877fd39da5c9444cc1ee214d59f96f9a91f68ec1cc57fdf97b5000000000e80000000020000200000006d9f58becb4051aa3e858d5c309a41bec342284791ac18c165ec18bf12f8201490000000c029db2d05dc6d58fc740449ff432686e77c4b6026e31b490e024c0701d240f81d755fbdab32787a0c0b2cb60956e7a8f70cb678b3ce92a9e6498314208f5b2468fb4c3c4033b8f4f970f92fab83dd500794172dc2c688787e61c664da948135033ba85e475a25b760ffec7642650064443c4fa940db21d6e221f6c162d38ca33b4a1199eb67b17fdf153ea47e8da57440000000693e25c6c800bfc5e7178fb90cce799235fc533cc1193b9b3a1f72ee79a8504367b0dfbd7e8d3a7584d852a002082d2390e8c47041204d4340ffae4fc5ab2223	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e05d38a8c9f9da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2324	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2324	iexplore.exe
2324	iexplore.exe
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE
2308	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2324 wrote to memory of 2308	2324	iexplore.exe	31
PID 2324 wrote to memory of 2308	2324	iexplore.exe	31
PID 2324 wrote to memory of 2308	2324	iexplore.exe	31
PID 2324 wrote to memory of 2308	2324	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c834e65de413d8e28d76b9438d0b6e59_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2324
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2308

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ff8648c965855f24f185154199b1a4e9

SHA1
cb7dc1be5fcab3bdc8fac2246d4e0253ce00390a

SHA256
85a5d996fc865f2232d9d78df1a5168e687c849b883df44c617db8208116eb78

SHA512
401377a33d725232872309ce56cc2dc70b7dbff46b08eacc6bcb875a6c91cc5b7e2150291264dc91a0739687a4c23ed926963d9643c6ae31f282d1f9efd3448c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ca33eae73ba6c07e31f86f7986c5018

SHA1
9458a6fc76ac1b70bbe09e9591a818b9e06da3c9

SHA256
a1ec9994edd1387aa46fc5d0dc45445e5cc38a4c0b8d40e4549a7dfbd29088f4

SHA512
da996e4a9bd3de099a992710383615b07126d169aff1cdcd2e2eef9d3adc704d5a6736fc9932f5a64ae22421451f5a856d19afc0c8606d11a4af932e9b507742

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
362a8fc7749c57e7ff485d81dfdf417a

SHA1
5cb8ac8f5baff7f713e4c8092df663fc96ad52dc

SHA256
df2cedc8c13d85dc667c0b5e36757d18ad97ac679a8e80123601907e92e637aa

SHA512
8ed1d602a794572cc91e5b2298a97d2d0acf6cda6b953bb05b7d8bd54d45bcf4eb38223be841b36f561119a45f34a29ab95788ea583f572747e6f97622425a2f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
437c373c1799188cbd6dcc9e481dc39e

SHA1
2c07cc7b04a8f49582dd34913bb3d749f41fd091

SHA256
b87b42a85a3025be86237b4875a210366203ee339b036a575a126884ccbd839e

SHA512
3255a3880b4ee7d458bf8e7af652161767c306bf5c46768e9e5040dea34566a5ffb4bc9540d7b4612d370efef732a4c8b996843444102763e5dfbb3fbcb5506f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c98083d68bad8afd5a193f50c2f54435

SHA1
379bebf124db613f9861faf34fb5dfa42d575ab1

SHA256
21a94e8f3fc426d49f930b510eacd6d5e0d4cf5364fad3df61aef399dcf8800a

SHA512
e8d74b7ca5106c7e98f3b38f3f38fbec9beb6227b87396b0162f90813dc3f9affb455dde97faee855aac6f68653332671577c670dd199d44a8f1c04d762681ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9ddec0f498a81d4c8ffc386064f03606

SHA1
3a24b65ee7341a578684a277a5fceeb491fb912a

SHA256
171cf2dc2d7251596b774dbd90f2a2b056cd4674f436c919baec45e9bb29d5f5

SHA512
eb728132c1c6d800ea62b9d460c7f0bac6199d32ea62bd745fba3cf5a8b6a9cba326f70cb2099ae59a63db3f4c935c9d1e4f758ee0c76e2018d73001cd29a5a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3dab1a1e9f746d276c23f4b0f22de268

SHA1
8e6503057a62d694b68c75db3762eed6664cb1b5

SHA256
1c4ce7ff8f0ebe2c00ab38e4f20547e538fc380ff0dc64341e3120135272e95b

SHA512
4dbfcedde6258ad377916f74a2a06465c902f40bc522efb9178176bab11498fee29e3a11fdc527b07fdba2d228e5866625e9f1f8d9c30d1d391c795778c749c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4a801504416252471739d49f075b5b0

SHA1
e846ca6dd73112f18d82f7135465e182e6170d15

SHA256
0c3bc501a490cbc733163f0906ba112f3d19a5087f211511022b55082100dcb3

SHA512
a3c36251dce9cb829de95b1c3f243f106994b4bd9bdbd9e491dca30d6a66eaa074316fe20c454621b27ffab2fd1c69259a3f6b961acf3e97df0a373af02694b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
76fb60abfe7beb7a872e9ef21644f715

SHA1
76e3ac2f0a5928dee75f7c0fccf43353d0b1f482

SHA256
c7c9aa6bdfb06807d7b397a97c934885b9872356345f36dafd6f407380c0b0a1

SHA512
518a2eb5863a02d6a310c19b504d6c9f912aa7003e05aef1448292c51670302a30e3431b4b5ee6fd0f530b3aacaf629983361875a2e48a1b904f9b7f5f17f972

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
460e92a7b2239abf024d87cc16a7bc9f

SHA1
26f76c424b26159f09408accac47234bbb97d5fd

SHA256
69649da9c011a4faaf64e8e340c2625ef94f5a7aa2a1f618ae0e7f74c72c075b

SHA512
fae475b4bf4be40a3d421d60b535029032ed40b013f0537c62ad33e0cb377b96ce573cafdc40eac8f53916bb129de57678077cd3fb2ea1bbb9cfcf1dec844b94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75b7bdc8e9a3458da01412115cc65608

SHA1
c9c376eef69e59dc13748a970850229d27c9dc0a

SHA256
37abfb14c9f86b93991e03996e99f8f8574b82f82ccb91b6d4e65e2eb32eb561

SHA512
8ec4b93784f11265990775dca21d4326f393169f387d89ee7490c4069aa7094e9c8c2fcc1baf3bdc0f3b564355b3ff3e1a895cf9d0c25fd8b674aacee2e5f240

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
268d5df7b756c379c598172b5ea1eedd

SHA1
c8125303c747a3b613ad9f481941a3cf1bceb39c

SHA256
caf164725aa6a4cdefae4306a3a8cc3523df3a227d5e7714d1c331a82bceae4f

SHA512
72325265e86c04152b431377f177f039efe8cf46068879b2b81114dfb2f560689f83aa2eef4b503f5db97b70d030ae361c87a3229390a2336b220de3623fdf92

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
488e7e4ac57af6d135d2705d6b9e3b03

SHA1
82911db20976a7f314310fb4c585da21957a917f

SHA256
78790e85f16de4524da1c0361a15ab7de1d6070885527fea7972a035a1b92939

SHA512
3db8eb6b0a67fbe36587badaaade856dbdebdab391f7376affd2681f5bc77a11df6e2b52feb75576ebd5917a40509ea3adabe77be671d84c3c932c7c951845bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
deb037b2cd0a5239dc3c673af80f9b0b

SHA1
b3dd9fe8f6e57997b2ef60164168b280ec516240

SHA256
c20914a0a8df25af9d3e36b8df0df2d84af4aef899801386101f472f1f21a846

SHA512
850e187421d47f19367e7101be33027f141ea287790ac20257e9fae99ee1992ece849084d72a651a712cd6c3cea425f99fa6d0579066f8edc5f35a8504e6500d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b18140c55d3f9f115ef9e8a4f41e43cc

SHA1
5c02cd2455195da90add8ae33e43ee6c80cc60cf

SHA256
583c74462bc9e8b0bc3bed3350ca362de75a6b43a55f78614591679da4c850f4

SHA512
6279c1add5548d6df19742efc51907def70793825a61e874ca1ad521caba8a66d66cf85462573b22bc0fb93310e69fd62eebe376cc590a991ca5fdcebd7adfc7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b4e44c54bcedee540e7289e4052f4cb

SHA1
7224df4a2d581f95ab89f2f3d1b10cbd4ac86671

SHA256
78f3f495dae3e80f4bccfff2941e734e752b9ad65f78ed9f2e1c2d9ad4e9623e

SHA512
29b95923eac48aaaae6a0d598ad0996d8b2c1bb1876aada3194b1b672f1a743ac4ce5d21fe744f47ce84f542b7aa4ebedfc97723c1b2c8c8ca0d50df0299de91

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
890b666e84580a6af5bf960b9007f509

SHA1
c0ebdb351074cfcb9896b6641089961b69550146

SHA256
cc992d8204fe56c910bedc02815a1e75e668faf47ed171d5f36b7ca16fce996e

SHA512
4c7ad9ee0e9340c25f0d798acb4537c327a7e8369f3bc4b5981b2e31b82a17481deb33442adb2c1bbd20ce7e9249a8a5b9b26c0bed8783ab7bc85fb5fc2756c9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1355.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1404.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit