de9e2012cfa42837174aa81f5b799be48e6aba5c075d7e2616caa33021bdf9a7

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
29/08/2024, 14:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c900e54ef92a911be166b75a612e521c_JaffaCakes118.html
Size

19KB
MD5

c900e54ef92a911be166b75a612e521c
SHA1

0ebb2de2c1f0556f15d2341a8889e6d79aa9029e
SHA256

de9e2012cfa42837174aa81f5b799be48e6aba5c075d7e2616caa33021bdf9a7
SHA512

f8f6b036956346dcccac8f123eb5b2ef961865b03de3e123ea76a0c8ac953801930878ea3dc28176836158170c5a870e6b350e59897a179edb05d62e0040ce75
SSDEEP

384:34RRXXVcPwEpwlS05LLqlLhPFyDqQOawFW2RypbHwh2fXSR9le2PT8OqcFbYXnIa:I7k1pwln5LLqlVNyDqQujRypbwh2Ee26

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AE5EEDA1-6612-11EF-92EE-6AA32409C124} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecca440099c424d92937bb9b1db2c9200000000020000000000106600000001000020000000cb0ab2800ee4bba13c9f58a10add81b1f4ccf696b3d0903fec6fcdb80a503308000000000e80000000020000200000003994edb7f8ec97108858440a6c98a95a8ab536d9c007f29e7242e8757f2d209720000000e83eb77d61b1d33c6ef88cdf664b2ccaa6ad0595d1235245b08a227f19fef56740000000b098a60cecdfaf66c412a390a10b291419ef3c99f628f23e4f0c87264216104df6188f4cc7d4e9472a60a9dd2622408d07ceb3965381868a43c7ab75521f8c52	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80fae3821ffada01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecca440099c424d92937bb9b1db2c920000000002000000000010660000000100002000000079337327cdf9ff75663367ba6449d06abde78532fef708cf2af7d886708d95f5000000000e8000000002000020000000c5240ec3ccd18b62bc5dd2f269a9e134a7cc78e35e0219e68c1aa72e1b73e4b39000000082eca19298aab4a83e1bcf8d62a17e17e6cf0ab99c504b9c85f19f5033e71d046fcd0df35ccf566b12863e16c29cfd244453418c5872ef1e3128c013ae6e77b1d99702196ccd21fd045ff1c7e7e5b35ae0b21c8cd2bf50bcd08ec1328cd64c981841f80eef36f6b130a2ae2d1615c1da2a4adfb0c738bf818b9f5987a3695ee6b34fa104a9bee5d7e3c35b0776c004b640000000850bf5f70cf9c5a725ec1b8d0c73ebbaab1fdbf2fab08c40c8261e5fae0844b5359b5e943045afd2cb9aeff9b8027ff5ab88ee2148e4329dba3fa6e036b17e19	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431103456"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1968	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1968	iexplore.exe
1968	iexplore.exe
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1968 wrote to memory of 2468	1968	iexplore.exe	29
PID 1968 wrote to memory of 2468	1968	iexplore.exe	29
PID 1968 wrote to memory of 2468	1968	iexplore.exe	29
PID 1968 wrote to memory of 2468	1968	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c900e54ef92a911be166b75a612e521c_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1968
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1968 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2468

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ae024592a34963a7378a88e979aab20b

SHA1
8583beeb14b43c4a72634add0a2567f39396eb47

SHA256
bdbc6d42dc13e764a160eaca65fd853d32a46a0c21f711bee6061eac712bba7d

SHA512
5de86e51a6007053f4b01cc03d14d33e33634e3b6e263fcf4800ab9a65106b3d07ba16801802ed8ca0208edefc01d075cae6bb45c053037afcbde33df7a181b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9bda596c348170f712d574fb5c3c179a

SHA1
d57cde2e36886fe05cc191e33937f8fde895e200

SHA256
752156ddefea28c297e37469d54a06cd571e49f72c275a902bb40ca034c1edad

SHA512
6d70bbe8940a8c694bbc13c35cc7fcd2faceedd90a7f5930808d61a6ea5c9f72ce6401a3c45866a9d08bc9d7b3d71d59e2f9d567c73daa45300b58beec06d01e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ff5e10e1f651b094e8bddb9634bd558f

SHA1
5f4a1d8c68aa9f94f990ba755290b53f501d1735

SHA256
bba5133624f85154eb7d1e1f245eb05ba158d4cde70bfaa0aa02c8fa08f6ce79

SHA512
6aba4a3a24df9518429427ba2c40ca4d5acdfacbb858ac9eada91c6d949c1fb4d506376cdded851c615773b9796058c01c0ba76d138ba4e71ce9affd5e43589e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4eb301bdca2910c993dca464ae539be2

SHA1
f7ec0d4a0269de22fe86d964cfc2df3b7a03d133

SHA256
48dbb25faace4e57a681910da22c44213070d3b37b34ea2cba34807c0f354f7e

SHA512
1162072591562b9f1b47dcc9f6b84a3dc182508d5ea357809d43528af7d2e2435115ea92e4919cad08b6912eb8fd875fd41ca4067bb114d97ee78a31176e50a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b1374d1c4e85e5748029fe514ceac57f

SHA1
aa18733cc98c510a7dd3266ad3c290734e97053a

SHA256
cd24096a3138e703f2022594ef83ea02b0dc476bf93ca379ffd2f3ada28908d2

SHA512
ac33f0706cdc1463d2ee32e93ea600904361f0bd297d57adc739855930e1c2f3695c1b3b1623fe5a11ee820e4daeee67f3d264c9bd13032e7c8e325658ddb833

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fe0c1bcab3da730c7478ceef90d454ce

SHA1
9f38069a8def1e84c045aba230f1e12f41c9d977

SHA256
45c044b67c9c8ae5c18eb08be667a376fb4213edb0e1ba4d01d18eae1ec58602

SHA512
837be7909d1c1b3e93036b00241263f21f58733d9ceea8c026c4fdec6089225190d737f4aaa27009891073eaee53444eb80ebe001f419e6b4dd36e6dc57dd46c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1eb29be572089bb656388af52bce25ca

SHA1
9df5ba9e8043a67f6a73f4c3d77c6cb3fd0837a8

SHA256
9111fa9cde1df4be8db886200076b343c6ce7a8b9e87e5b5d26d999a8cbab047

SHA512
a9724d9fe8c477df5ff8db406ee44f46f55ca9a912a04a50f6cafe3a7ed33e65621851322672b7162cbcf4d6b2963d550a901710907064d31507ede917e5b42b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
308c9ce7df6d84e8737c5bbb7dd2602c

SHA1
a48668a29293aa7bd6a4b29ac09d10121d176fd2

SHA256
5403b994a948f3e964425c23624db89144bb4e3ad95a8c5c67e1a8eba89639bc

SHA512
c2fc5c677e32dd91f5f49230d175d9ddf412584577c31ce225d4fe54b0155a9f3e74bd55749c84b35636cc203ce2056e506c3426dc415c6f829387008933faca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da2a488bb2e0e1d75e9971e30d49a0cf

SHA1
0e4774b7374be1e9fc763b9d440176db1e683460

SHA256
43402214ff9567b5315bd5e58519fd07a0ab198e13d9a2c38ad383961cf4089f

SHA512
07b6d316f3781ab5b11888084bfab424c1845a88c9d6bd6074ccab860d6cdb19749627dd235e755fe99c1a9292bc3aa90e950c98f5deb5f04ddbf04976ee0d07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
97b454420731272fe542ced2a1554f97

SHA1
28a027ff27567c26569876cdf3a45f1453c58431

SHA256
ca7788dbd08d5a37a419dc0cd0490ec0e9fbcd1b3d4b5dd41f6ca6ae985242cf

SHA512
b657bba6a4bafa159c78666408a5dc2f066f7ead38a943439821faa8515ae5b40093ff551dc8ff39be514be33101330689a9c2b9f2ebd34e39bafcb649572ffa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da02f5653088c934450748c36eb1a174

SHA1
6a4e816f327ccb1179004c7c42fff25913ec0cc7

SHA256
ad3e4dd833bde745aac048bcf4f2a433aa0a54d6d9aba3e7dbd0ff2c2c3f3873

SHA512
57cb82592686edad6859e2f941f451823c606dc3214286b207ac1e8120058edaf5c7192972d91695cae60a3cee38273cf0ba302a3e50350c0cb12519c6884bff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3f78a389fc7dabdca2faefba7da6dcff

SHA1
bd53ef31a0be6d08bd0ae47b96ee27105cab6139

SHA256
c139b473dd8d1524fe863f17d9f35aed6554d7e4cc43b5a670006759113a08e8

SHA512
8e6a7bb46dd98d01df13d63911932f99a970bcbffd0bcfee93b94b99648b931f3bb10f1f8ff5eef8ef010d90e93ba7e6347cfbfe2303a816f2361ac06ff1fc3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e9130cc30e11b816863850a1d41310cf

SHA1
2b7410405dba320a131f4e9d2f8f6b7b5712a6ca

SHA256
6103b4ff5bc517d0b0cdf7844fcdaee6e77de983094fbc93ad90ebadafc2c6a7

SHA512
117292429bcb6e05e8dbfd219d41cc618096e9c5c4079ceae48166100ef64041ce737ce066fb17765e615a432e01d68b1c1f6b8f414f4f1356f405d7b6dc08e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ba09a27bb44f5d595d1045c374c2dc33

SHA1
823d2991bd324222d8e56011649063b37bb42536

SHA256
483fadd6b3579427cbd03c3e3ca2efeaa4d95ea67ce01f1fd7b62055e7e4c47f

SHA512
e872a90607f360f5fae107c1bce8142e00d693547dfd771b1de8dafe5d553221df328e45f43e23a71c96804ef928610fa5a2811848b77f205281bb744912a9b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6fa7e676d29fbf56b4b6819bac111158

SHA1
3ea6185c5a6fea529aacd54402625a099f080e01

SHA256
26140140aa0a55e152954343e6722b3c4d86d306a316d94f0c83c03ceeed7acd

SHA512
8133b2faef15dc97c7ca41b6497a817e2dde8a790772d4736dd0b73ef3d372e7fe7c601538587d56d8959a9145a34cbc06a26ae8f7efd4c3b39f07c27a68836c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1df463c3c5bfa91049fa7ef2260c8d63

SHA1
f1e517a25027e0321118d9ff1a01e79ebab4baf9

SHA256
e56f4d3da7eefd5c75b000b403681108c4d1670beb86a807b80ce71751955031

SHA512
cdaac1b9eefd4001e59f02f7ac7f4d0a1229e6d5486f8fc123ed9295fc61391dcaa9404073aab47643dd1d9b400a56c918936db3c39646f7fa04c0355ec142a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b63dffd607d78f9370b28fd01eba446d

SHA1
22ce2a9a99703f106338517bb31d3c3c0521e220

SHA256
1fb986cf947aa552d0aa436253cf645221e43be5d920e3861f120187aa9b6014

SHA512
44115e5c10cbec581db9e2d39ea7e89b815c95fe3aa629eb58380c68cda50e54e6f68fc73929d630d43087990e5dcb982a235a5957d9f27fd8a41b8cd57d2970

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5EC6.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5F84.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit