66462f5252ca0fec56c8ece6c6c1b272c0e8149ec6d1c29c162f5f2cc90f99f7

Analysis

max time kernel
145s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/08/2024, 13:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8e188513b4cf3accc6cb1471241d65e_JaffaCakes118.html
Size

68KB
MD5

c8e188513b4cf3accc6cb1471241d65e
SHA1

4e0373fb2325da8480b11a864d36aed193fb2243
SHA256

66462f5252ca0fec56c8ece6c6c1b272c0e8149ec6d1c29c162f5f2cc90f99f7
SHA512

dddaba6883701d698c1086513b38e8672ddd8771c5623687802ae3f09b029c6d583579f91d641329d3690a8d4a73f83fded1ca54c98a60ce5027c6a44c9f0dfe
SSDEEP

768:Ji9gcMiR3sI2PDDnX0g6KIlJI4EUIj09oTyv1wCZkofyMdtbBnfBgN8/lboi2hcc:J7UNDaTcNeD0tbrga94hcuNnQC

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2824	msedge.exe
2824	msedge.exe
2940	msedge.exe
2940	msedge.exe
4636	identity_helper.exe
4636	identity_helper.exe
620	msedge.exe
620	msedge.exe
620	msedge.exe
620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe
2940	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2940 wrote to memory of 2884	2940	msedge.exe	84
PID 2940 wrote to memory of 2884	2940	msedge.exe	84
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2672	2940	msedge.exe	85
PID 2940 wrote to memory of 2824	2940	msedge.exe	86
PID 2940 wrote to memory of 2824	2940	msedge.exe	86
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87
PID 2940 wrote to memory of 1300	2940	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c8e188513b4cf3accc6cb1471241d65e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff904ef46f8,0x7ff904ef4708,0x7ff904ef4718
  2⤵
  PID:2884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
  2⤵
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
  2⤵
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17827108266860752394,5705402268422807815,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3744 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2204

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
211KB

MD5
e7226392c938e4e604d2175eb9f43ca1

SHA1
2098293f39aa0bcdd62e718f9212d9062fa283ab

SHA256
d46ec08b6c29c4ca56cecbf73149cc66ebd902197590fe28cd65dad52a08c4e1

SHA512
63a4b99101c790d40a813db9e0d5fde21a64ccaf60a6009ead027920dbbdb52cc262af829e5c4140f3702a559c7ac46efa89622d76d45b4b49a9ce01625ef145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
270a34d43c5e62d2eef5d19eac963bad

SHA1
983eb88bd7810ee49c165c716bd78314de4631a6

SHA256
568d9ae0073981f94d4f8404f44103eb38224f5238b22ab8309c8e843248d33b

SHA512
c8c9a3a5697b939fe6f787e4e5c8e7566ceed8c176c61d3f4161c496b237f88dfe3207c243387274a8ce7500632404bdfbb012a88d0ce50caaaba4cf21e55884

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f4d7c118964b5f2ec0ef03b427a2427c

SHA1
fae09c1af09ddc0ec084eeca279faefbbe80e292

SHA256
4bb7d1f6e7c5c509b40bd84b42b90ca5532822e2a9b960e2b71fc3e182322552

SHA512
1bf99475f0571d9d1152733f748da3378a6bd878d1f586aec7b3896d32a08835312afb441dc2f5f61dce42e8e4f56e22b283d7b0768c3c836bb20d7bf183ca9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7ec3ce97425b58fb0058105571f557c9

SHA1
f0e7158d1e585788f82d0840da3334a233c78414

SHA256
290f84733abfa11aa3e8e0e075a3baf1df3f737b8a869da0607b545f51ec9011

SHA512
1ad074ba0c3f68c154fb6f8645925073beeb0f661125f916afed0843aee609aa7d4b6cda39acb96430f65d5efa011934037499747ff347bd7f0f85d2812235bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6fe5dd50053539631849750df231cfe3

SHA1
5254987615f805a0ce8a209d3438e01f25ca8f66

SHA256
777d725c05b7dd69f70842da579ad7930a4b039a177a880370848ec69a26d82a

SHA512
4d23f5dc38f3e9eb7f6eaf2fb5adff64a8e3126c6fe489c0e518f8473b61dd5236ff0424b7abebc7e1f3c57786812a908d505d3d7cea8f43d50c9d3d11d86ed4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1835fdcc06006fb73f91b6a546fa40b4

SHA1
cde0a1da2bbab38df54339d21e2ced3410a649b0

SHA256
7990abba5419eb4fe84d40d83a4e8e2037786be49cd1b17e4745dbec90fc9cad

SHA512
3b8d5fc8eba4b33ff6008d2275c1da617617cfb744700f2a89c0dd5261d8e32d9641a5c537380d2889b8b049e447a1f9be764df2446d0c4a3887695be33488ed

Download Submit