8128206ef3b8d2944844adafa73cd35037e9a51262f3682292ca1004193d311d

Analysis

max time kernel
143s
max time network
141s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07-09-2024 14:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d221398a975b3622cf2ddd7b55037f1a_JaffaCakes118.html
Size

1018B
MD5

d221398a975b3622cf2ddd7b55037f1a
SHA1

6ae39d067c2b20ddba6db6829afbff1241aa095c
SHA256

8128206ef3b8d2944844adafa73cd35037e9a51262f3682292ca1004193d311d
SHA512

7c9fc2cb22f9a3055cda54e850113a5804e5c7d3c32719624f3aa4f0da2f6865e9c59692baf5a336b4a4d34237c3fda390a8d18686b4ffa990f971ed9fd789b3

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000003895861ae04ba84bd9d16db9f9964cbd0b052fec6f3dbe2f16ef8c2bc3940cdb000000000e8000000002000020000000f8ed604a2258d946ca0450717de9ff1a7bf1ee7240b1eec5164c5a4aa3f2df6220000000d35dfb5fe589f95501ba0919b53d8cce099b8c44d65471cfd1191dd3401933914000000034934d1de403f560e299122a59fd68d732c5eb94855c18230567658347f3f91d23fe1a697711d7b35726102727524e51bf49d4eb985526511f22b81343cd2857	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000e41b3e88cf51a8501c91f7604880c4162f86b7b327e00f59d960b56b1493d8c0000000000e8000000002000020000000bb8303742d08542995bd0fd98a244fc9adcfa8626e5a0f5754ffa324b316e676900000008aeb3e20ffc2ff054a32443e91026881548b1c213d88c460ece651dbe5dd516627d04f428c6332cc87b4ceafaecb102f516ad609ad41a7b7c5816f97d4480d29bf5c31a22e2fcf2d2187119f81e5b68d1f420443d857d97373da904e30e4c0d1b48b047ce1f48705c2efef417fe0d9c576797faad1af7dd3490e047568284b52e1b91cd2f8eb9832cbaa9ad3e713f5054000000026e940bb88ad470d77a7ec2255bf7a25ea02e2b812326c3f3292cb6dfca0dd0d817a24a9d0421f6876bb974d0ff321bccd9c94f603042c9981e681a4087499aa	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 3043b0b43001db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431880508"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DF867A71-6D23-11EF-9319-62CAC36041A9} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2108	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2108	iexplore.exe
2108	iexplore.exe
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2108 wrote to memory of 3052	2108	iexplore.exe	30
PID 2108 wrote to memory of 3052	2108	iexplore.exe	30
PID 2108 wrote to memory of 3052	2108	iexplore.exe	30
PID 2108 wrote to memory of 3052	2108	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d221398a975b3622cf2ddd7b55037f1a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2108
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3444c39bf7662d59f480c10acbe01327

SHA1
6a130f6bdc1ca1ed24c9776d5bcb83f4f3c5cc30

SHA256
4208abf6c2e144f22fb164a17aa002d3e33b6e7882a177152ddc30e19eb3c621

SHA512
29afab710f766b67f28d32d0f740eab883a9220caab087a3f25621f99c8b9607d46ce24ad1fdcc9a4f647c79226774c7c09ccf32ff4557411edb53f342bcfcfe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9fe3492048bf336de5ff84ad5dc20858

SHA1
d4955c00b6dead44ad07f09da192a93201f5901e

SHA256
6f5a6d05a52302f117e65146e16c6ec68c7c64a1aa26c13048206693338223ab

SHA512
267569c1ff47fcadbf7a6a832ac595d2a27d1708326382f367f41b0459d7f5ee4b2264603e45df6725bfd37dea80ff4bd976b2ac64a03b1e4837db64bf96adf9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bbdb19a07b770667b6cc9120764060f9

SHA1
6f61231141a9df2418ad100c95b0547be77078bb

SHA256
b8246769397b7f05c0a1d3bf4b068b9b00aa3d4f08d4e6b8c91a7d191b9af17b

SHA512
4ab7e31e918d00c3a26f350780af02b6bf2c31bd3611644d490e761069b1b90b52c3d1c35e727df50af21d71ffd92422d3e1512c4f9ca6150f0e9dfaa5c55eca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e099cda6cb7fc1aaab0bedaeb28bfac

SHA1
a6f76c3b1d5cc381b28fed2c367ab6a09b8b501e

SHA256
c93da6ffbceef3a9353026ffa00c7bfd0870966108cbde1e7771bdbffb9b800f

SHA512
4474ca471f20d54150a6a934d7bda25b8c7bf134bd1c99ee7b3f35776da7a6e6a698fe7fea42220913f3c206bceab458aea5f2e92a86a3e416f6b95091543682

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eddaa7a7c7ee7a83a503027fc42cddbb

SHA1
ffd90cdf2c0753f171c31fdc493e0d6843ae3a91

SHA256
ab219cd64fa3010ba6b5be22808a8f551f240bc0240fbe72d5cad395bb1b8096

SHA512
eaf09a8975a7e44f9ecc670d113259b9529daa61984b30a8cba8e9e04fd3b2800be80a5a8a19989c617f318e3a156ba3a13d38b67ab4a84d553d5a37a924f56e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc3b3e1757547d50f8f9e199087e5425

SHA1
e5edc7f12cc615f7700101d5bd90e7bf85521a64

SHA256
69b6c7764762c29abeb0276dbce4b3134975afaebc53bf138b91362ed5ec183f

SHA512
1cd90c32c9f76a41dba27d70f66511d2137e7f3f4c33a346f2f4b21c58a3a4902111b53b81f8083e0bb32bbad2a58ddf8e14b40c1e7a9402ee8bc41d54c8d53d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94fd2a40f967aebcb09a041006da7f46

SHA1
59bb3a01c047ca1e58bf07ea128ec737aed020d8

SHA256
ecf918a7ebeb11c0f0d6d24a37c6d1d6e490088da6918a3615232b6eee2138da

SHA512
878d3cbe7f393daab52e2d95247b729398d7b2d2c195f6d7f60909c8d504d012c21a656c9a0696997e44fe59b0d0eb5b9feaabf6c13cf045632e84d3994c077a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6c29c91a6a80e8a5c27f08c3d9a1d3f

SHA1
f026a63bb9d748c008af82c5c6d1eea9e9d2314a

SHA256
45369753c165552996cdee355b23bd2735fab7a6c5c0c57f83badc4d862647dc

SHA512
f2b4e5aac7d3b8c6acb982340b3d931555f5a1c019b8f6590399200667d71354825dc8f46d5cfe7d3620fb47f3fdac72ed02473aed183aae71d70f59e3ef78b8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d7ecbb92ecc6a1d6ebab117e992c7f2

SHA1
dbbb7a361a3debf1fdebff93787a83354c167e83

SHA256
040cc4c741bd1a20efcec03498127c48d83fedd51fad29f10502c01c022b7786

SHA512
018b0745921b842fbe8ce902ea4611053c98895d3c1a63613859311bbef658ce73b04fb0e663569a87685154db64b9f195287529d9db131ce669deade99899c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c2b2a971c38fdb34529544da59f515a

SHA1
4f13ee50acbd1e3d65f0af9820954d4d35cd56b3

SHA256
d832b558371be5a44f78aff1b38fdf08e6430cb896d26eeb2ec28b6ac380159c

SHA512
1a698244813c99679e18a3f3674c6d6c93512d670bde473a24009bc480e83c445154a561c8fcff6e4fafe1eee19552c7d03697050aa5150e6bee6a1d3a3953f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
650e7e514c26d2f7185312e6b077b2b7

SHA1
d8d6a16ce71008f95fbc9116e6690ae95e90b3dd

SHA256
eb1020f892a1594ec74a4480ce7804a1ff4b7a63e225422938d41a304b1b3cd6

SHA512
4d81e15afd47df1340aca0f4c32b39f44628dac4a344fa50cb9d1e92ae9a33f1a3e8c493c317aa0704ab88e570306000be88ddea6dbe3d476d25ddb8cb73c026

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3eb56964b81c689346860677c0f1f23

SHA1
112163d5596c16dd6a7fd3352827504f1c5a4a6e

SHA256
306cd71b30296916bf941b3f9716cec47e460c9c72193b9a0d7390c2042b66dd

SHA512
93eb13d309592051edfb64481ccdd634588eda98ecfda2f084f80dc2a9f2c5fb408c9b6080a422c24ac391293f979c8c4a0a7072eabb835698adbe99934e0f6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0c0f09bdb22c99b871fea2a3d379c6ac

SHA1
d88ab89b3cda4faea57e088b19b1d91c126ce4e3

SHA256
7517254ee58d7bd9d7ad92b0518a1b724e28708964d1521d2ca774953f179247

SHA512
de5ad66d86e3cddd83b69bdd6d0f339c9ee132c39ee7c5658348f58513cfc458f8cdbf6c1b1b658175f2f1165a419af85c4678c7f43ed790c420d9ce86c036e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f27ac47b8551427f7f9082490ad86e8

SHA1
8fd6839188c463eacc0c862a867c4c5e9973a35f

SHA256
bd2a9035b88617877e4c2a3095728a1ffb0b9444fd6bd213b1468b7e8774e099

SHA512
9715ecd3c14bb48e5df654435b3ba76800a72cfbeb035e086f9a7af6cf8fa5df1b77939ca6688d445c46b6a3c248fb88b3de791aa214da35fe802abb01afdd8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
570bda485a4fc2e9a21f8412a8819dc7

SHA1
cb77d1c2485ebce2024b7c8f6c7f9527edf45958

SHA256
656117416ba2835c502205a4e0c58cee42e79df17fc7c838f121b8672b04eb72

SHA512
4067ceb61301f4521f176b78cd9b2108259220b765c8cc7c7a2e896c97223475609d28f8c79931528e0c7568040a7913a2ff0afa312eb380b5c8fb86099669c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aab884e2f61adc1dc31dfee3c118716e

SHA1
4988949b675cc5641bd3aa9c10bbdc61e166ed0d

SHA256
30c9a99fd37f92daa544a34f64d7cb7eacbe22d86485df1cd829242aebab905d

SHA512
32389457811ce3354f3c1982d2bb328a9cc25a0bf7f1f66fc830f075cbeb70440ed62300622dec441220bf9974c8051e01e8ea582f7f2a1052850ee2ab372282

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
34f6226e8f7eadadae3d012fd5faf2fe

SHA1
db8f506041d3942f93a72f2fea2e6ccd14727356

SHA256
d277470f74cb69869e5ead3df72f04b8db1ed0b039b947afc11b61b0108b54e0

SHA512
d1713786c16f17c5cad06de08284331ba7af5199949ebc02050e86030096dc3e8c78652d18718114d03566fb12d88953fba3c95c743a0ff82f76f82caca3a0a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
71c857fdaafb10f4214c970014b11554

SHA1
8ae1316341d4e7ce3c106f3f5965a1c2d4e6f0bc

SHA256
d13d92928c54a2cb801acfca47a6b9eb834bb9b2426d217a0540f1b881f19bc3

SHA512
e47c6159f5b8d8eb9f790a0abaff24183a7b98b594b9da0d8201e2f1bf00505305728d40afc5c1f511ee4ae31f1203243b6872e7538996f4641b9e2622bfbd7d

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabBF1E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBFCC.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit