58c5de8bc67192485ae1a987f28178e73847117c7f6219efb41474df92855eef

Analysis

max time kernel
120s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
06/09/2024, 08:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

cf156419f4a64804b461835b80f23284_JaffaCakes118.html
Size

461KB
MD5

cf156419f4a64804b461835b80f23284
SHA1

b9badd2cef0159a1af7ac506f760b47a4e06dcc9
SHA256

58c5de8bc67192485ae1a987f28178e73847117c7f6219efb41474df92855eef
SHA512

62d2e18bfed671d791053cc139dd4c9a229468077ce14b52772ac992e34ac982bde59064603b89008cb6f1a373f64dd776471dfc7ed41a94a1170813f4c55c21
SSDEEP

6144:SnsMYod+X3oI+Y9YsMYod+X3oI+YWsMYod+X3oI+YLsMYod+X3oI+YQ:E5d+X3e5d+X3S5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DA4136B1-6C27-11EF-8CD4-527E38F5B48B} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 509ac4b23400db01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000b0f4f0d5fc17eb73b67b7055297fb2fd1839726f01df6a6bdb0f45e865d303e8000000000e80000000020000200000007d3a08b82049048a94fd9b81964d84f21ebaeb696a9ffd868adf44643c66f37c900000008f40aad486bff8e19957da5c91ec5df2f30d6c5f9b2fa18cfe19b22b46c1606c47bec70effbfe164d79208908d022ae58a7f175e0ca741bc70a27ed91d11cf7d7f5fcdae8103c28b83a9de622a90d5129ea4c0834f274f6ca53537545b8ff8f5f44f3138a3d7f0dcf105ffadcd6d192aff4deff30f33625a9a7c6a2c44778e69fd685f09113fd21572fc41dbe1b28b9940000000dbf5d4e94a94e16f65ad75ad00f4b4051245284394e28cf9dd26b325e42a1fd3e714d23028bc2bc2a2efa536d278675922e9c3143e2bd4d9e13e38597b6ebf41	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431772257"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf6000000000200000000001066000000010000200000008c2256fe1d32779f42e1b3de76714f58a4e61b8476508fc7cac3ec15fb981ef6000000000e80000000020000200000000a6b498872e3a4f336d701e1210885080c5c81993ac25a773e5876be2fe1e66e200000003ff6b5c2515a4948a06d3858113e9b55c14a232d3d1c4c52f2ba5b8b1ac53cab4000000064043fc29f1a16a1c2fa600e9bc0081290869469627383f35954ec770c45354288ab48ba5b12a0f1e9cb8646c6965c6139001f9c2827b1dbcc3818a075d8a8fe	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2076	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2076	iexplore.exe
2076	iexplore.exe
2724	IEXPLORE.EXE
2724	IEXPLORE.EXE
2724	IEXPLORE.EXE
2724	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2076 wrote to memory of 2724	2076	iexplore.exe	30
PID 2076 wrote to memory of 2724	2076	iexplore.exe	30
PID 2076 wrote to memory of 2724	2076	iexplore.exe	30
PID 2076 wrote to memory of 2724	2076	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cf156419f4a64804b461835b80f23284_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2076
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
339895e02a11c2911644dd50572d211b

SHA1
41c0ad5a5b47944a8da6013f0c48cb31fef989ff

SHA256
eec24669b56fc011fde898ab5ee9ee68b2eb9718ede3159e8d122490d991be09

SHA512
91c818cc6769ba4d75aab254f1ea1979b94952d1794885282cb62434b5dc42e9b711fb53201227d905225d81424d910c4d3437aa5b858bddf010eaae9e690f46

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ce5c1cb1463f5de4cbba1fafdbc8920

SHA1
a91bda857c393add1dc3958f813e7acb6c22a3a9

SHA256
19770744558b004e16cc392b2924bef9f3f6492b3ebdf9a57bed79e14ad88953

SHA512
a96546e856696f507a659b4b35c9206c1f70fb30f039618548a10ff1d5e236f7108e1cb7ac0325ba80ddecd70f9932fa8931277bb3f466121b93529c3f4d61dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
89c39c5a3ef9f97010d4d069b38339b4

SHA1
4a83c9f3d495e39b2b8f52dd8899a67d8bf260bf

SHA256
d351cbaced40e9916a2e486d6ae26ea1728a84805032645983a9290e36e21499

SHA512
530f11feff42050e3cb87adedd9fb2a927673e175910abedd6c0e6dac75fc5d11ae323abb60f4651cbfb561acbfd22b848266ae8a3ab9486a7c44be5ae031c52

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a3a0693497d9c425b6b9ecceddd4569f

SHA1
fcb6fea1bfddb446458b5d1c07fb0702e5569757

SHA256
3ab89f2fe923752a891655b834b34231ccccd5bb165fc07b4a88d6fcc38282fb

SHA512
3bc23bc72e91ad4f02f3e7bb4820ebfbf8f4637f76fe52fe431e5dfbc11e7975bbc693d3194fc6ebea4535d363a47008aa9b57e6bf241c5ab5320b37959b4618

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
932ceac3592dd87e2d794319ec7c1d42

SHA1
1e9a0c647bb385d275650dbe2e6f7d4a70e852cb

SHA256
e4babf333f63d37f2d71c7776bac5f9d02c7a9c2e003620abc033bdc59c4e242

SHA512
69be7dd3064feae49ba298b26d1de4420995e9fc2f278a173f90aa2a00ff71b4feb9d6d25a41f3f8c681f812abd4a29154bde2015659b70be390d9b8a7a5dc7e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1a4ee93450ba258501b4f0cf518e67de

SHA1
1cd0b5740cb981b5ec1c31f52562974878664b99

SHA256
0fe374dcdcd6254a78c44161ac235d48c8f55e0a08d66d7ff88e3233f0dcf5e4

SHA512
e3a600598ac502cdf9b1c3a55153cf316b39992089ad7d2a22398c85b61cae6d6221c329408e526e5703e03b9e446b49a9f6d48805f678d089c8c99c931cfd62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c4738b6255fb8b2d63c08d95f034a132

SHA1
1af86487b2410f6e9f88a656fcc5a00172ed2b16

SHA256
0b09db8379cdbaeccec616e0f939efb8eab66959d909528bec5aac6d0a5bc947

SHA512
1f05f05eaee21d1381bb3e344a8a0105fc8368adb75f02a0c8d869f4c45600f07740eca332bb9e13e48912aba759e87f51a2bac0dfa7d0c12e1cc7b9b9580c4b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffdd0ba779a014536521bd61c21f1045

SHA1
d6faac64bf17437cffb6d2089645324bd3bcc761

SHA256
06d0dff50d126503efc46fd9c024e1c80aa8b392bc415ac1bb566c3b7ef2bb1c

SHA512
c4fa97922266edace5537c99069db54ed67d92b1ae324237f6b2067259765c41615072610bfe59c5a7b7185fe4b8811f7136b48f68e2ead011c2634a08a15d0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
25d62728a302767726a12e71fba7b5a0

SHA1
b50c7994c80a5333216f1c159c45d27286011251

SHA256
d6a820e166eee1ea1c341ffe616f0ff081be02c0286daa8529d3e5f4f758c3da

SHA512
a49033e39cc654361e65dba79922799d6ec0a1624740e3734d99cfdf3f4b11c614a3685a03ad9f53bfb6c4f961022111eb23f8bb13d977d33b5d86b0afe9a6f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e5063b4a74ad186b4ccde76a057f888b

SHA1
389e8929e7f167571a0e1623ae266d68223f3f07

SHA256
669b2215824c77dd173459fcbc3cf81cc6d05ce67543ef70c32d5f42a7683b12

SHA512
4e5813c7bd6ad541919524bf5f19437c94b4156b46c220c61a1978654e174262bd77dbf076bb8c1dd49721ab198d65d2a91cf8fe84f340de3cf1b9a2ae083e2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
26ebdff927c2839dcdc5e1b04d233601

SHA1
be1fda3ed8e95ab0a99bc2740b2b2ae01b248b69

SHA256
6cbde3158289dcdab7024a6041690e35f0e56b20308a7648049fd087820e5019

SHA512
6107830b489c98df825f7c4643a1de181d16e5d1453f1c341d1ca118a4c2db95522b0dfb61b57b786f8a5d1b3512324e63a66f9e1d2866613ccc247114e91978

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
09392e9ac8e80acd5001d6d34e034a65

SHA1
d94e4091882a35546ca04d25c25221f3c9744b45

SHA256
acbbdfea57bfe3ad1138cbb513139f0492979ca2a4c8b520590d7db765e567fe

SHA512
460cc2bc2284dabf13d67dd496d53d7a1efa8f289d9529e781c49e42bd76a5189bcc1f2832c96aa80cbd3b9fcc4049f35b611d811e25eba981315e1c76c8dfed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
514dcd9930341d7b23bbf2ac3f467068

SHA1
7797819621718b0bebbbe01ccbdddc1af6260dbf

SHA256
a19ea601da650cb426196cf712b46d09220f553bb077a91616b21f1fa310a6c0

SHA512
c931947cb2cb914cef4490901b3142192553468e9c3bcd7298f03aba684916ec04430d1270a664161f8ed1670cdfed12e4e2ad8143fda8693303bc42fc756ac6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a6320354bfff4fb0de7e2ad00f860ee

SHA1
dca0b60f91ee342e10f4f24ee27d5b4d93e48991

SHA256
8af048f9580aed19b43980734d13902604f8a2384b2e09ced5f09faf32fa4ffd

SHA512
601e68af09b9d1cc4b006e42af97e0aa1ceefd0f0616f741e82a6cb6585081bea5bf7a53d64e0fe874df83fb241ce600d97f2de51bc24d5160b43d4940f9f694

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6aac61a708e6066950679a69276d8f80

SHA1
bbd24441d7da8d599a023dfb529dd4b4d3568a67

SHA256
367212fffe9e87e2f8bf151b83c0fa750ea21bed072e566db9e07362fe37bbcd

SHA512
d41a80ea36c12f29f60179abafc3a4d8055d09462c17cda79867c91a9babc48a5b1f77fe424a445e103a80718053207e9837ded14d617ee47153c2030a365f33

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8eaa9e2e01070dbc4f49aa55a61a3638

SHA1
562a2370100013fa3d4ef11b36a12ccba53db237

SHA256
dcb7fe95ec46cac6eb3d9643aa00652e468e29607c10fb8a639a8a450efdd0de

SHA512
2efbfce1ad841ff563b85f34e96dd733e7dde52c5bbc5b4e8032f4acd8adc226ecb0c1ffe5351c711cf025126407d765f1c4de2bf17b675453236b9f264463e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
00b645e028041c5a1f0755834af205dc

SHA1
d3287e446c3b97c0923083b3fc0c9a02d826e525

SHA256
3434552d07e1637c4a58aeeda00a5bb9176e4fc6c9a93abb144c954ac3c0f782

SHA512
1142005b10a25cbe34448339fc42db01d903be20c12cad39fd2897f72a799cf212e717487d1c7e0acbbfe70bf3ec4d9cff976e92b1a722fef9841ce82b9b7652

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5B8A.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5FF1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit