e2864e3ce4d241829dda8dde7afe9fd0be27b3d79435e00646fa3e1e1da24870

Analysis

max time kernel
146s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
08/09/2024, 02:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3493c85d1cf567ee692f4d3465dcf3a_JaffaCakes118.html
Size

69KB
MD5

d3493c85d1cf567ee692f4d3465dcf3a
SHA1

7f183072662f45e3c0f11f1515d981dc1d075b7e
SHA256

e2864e3ce4d241829dda8dde7afe9fd0be27b3d79435e00646fa3e1e1da24870
SHA512

8ba084a6ebb35eb990d76868654d2b430d1502dae50133385d09f9abdf329dab8e6986f41725491c9340779283835a7dae07e1199cb2f49913f89b0292e446c3
SSDEEP

1536:xe8hKVgLaD5EF6YGyCaoTCevZOMucgOHGwgf7i:I8aFs6PyShO7cpHGws7i

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3200	msedge.exe
3200	msedge.exe
2432	msedge.exe
2432	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
1888	msedge.exe
3840	identity_helper.exe
3840	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe
2432	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2432 wrote to memory of 864	2432	msedge.exe	83
PID 2432 wrote to memory of 864	2432	msedge.exe	83
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 2308	2432	msedge.exe	84
PID 2432 wrote to memory of 3200	2432	msedge.exe	85
PID 2432 wrote to memory of 3200	2432	msedge.exe	85
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86
PID 2432 wrote to memory of 2204	2432	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d3493c85d1cf567ee692f4d3465dcf3a_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdce3446f8,0x7ffdce344708,0x7ffdce344718
  2⤵
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1296 /prefetch:8
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1296 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1368 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
  2⤵
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2706513585078167106,9009271617038793703,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:1624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2652

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
23KB

MD5
33a83c16527e4531fbfca2631f653674

SHA1
87a63514c262ba4bffc52d2ceebb3ca14353507a

SHA256
1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

SHA512
f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
fdd2c715c68760f4d0b1fdde7b1ff820

SHA1
c1ac1b855f625ba2ef3b9a8654774c20922ea9db

SHA256
fc621199bf3fd365f83b3d6fd2f3f46a724418a6defda3671fb8f940e3690c85

SHA512
d4b53f5fe9051181727267b35339cee3f7ae02e659966cb0dfda948e219ffca5047dc1b241ad08bde74c3030e34c99e997c867af04a9d9a8437f53d633cc025e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
03820789996b5915f2e75154666057b8

SHA1
ce4b01c354a77f7cafa51774c654fa053c8030a6

SHA256
daa3b21ff8d38d4664932158a6b520ff8f35d53197d8db7989e0a31cb858ac7a

SHA512
d006d1116db2c483f3ab090f8c5dc2ddbe800894746433947a1536d8508170c6d72902a641a33fcff81d561fe8aadff715d3186e3eee8a25ee53aee7a916ed67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b9f435fd8cb322737086b4bd90a8d8a2

SHA1
5b5ce2070c09bcbf015b9407915bca041ff6dcd0

SHA256
03ec6a226702bcf86cc73b229c7a65e33cfdb8efd22897fe386ab3265c50a338

SHA512
226dba95dfbbe2ff377d9b2dbb92d8136bb41ada34b126a9587cd6e458677883002d9031daf0f8a285ffd024d080195b67ea7e44a701cef14c397ebf7f7d28e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
54e882ed00d50a9286084098515b1879

SHA1
66225f7c9de389a938f0ba318e3f4c11f6c87a2f

SHA256
337c80e5f1d09645121431dd9b611c6cd1d8112aefe97edf47647bbcbed92c18

SHA512
da3f1aef9ccf1d49cb8c1b20e0c2ec42c28907105f45d5db92f0f05182828de1c8cb31e80ba0a34f52dd43f09fd440f7417676ecfdc09e9285f0d71189f2e819

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ca437177a4eadcb855e0ad86d2ff7d27

SHA1
84b31083c57532c133d090c3a8b870f9da600efb

SHA256
faa7e556d05e491e8af1de456b0d2bc4b7cc4b1434bcaf94f224b50cf565ea52

SHA512
42a02d2367286b5999b915e60378f9e6d32d3a8a07c584bf2692858c49607e00b9cac9428a46781be1f0ef0d88391580f2faf9582828047523a4746fe9689fbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
83fafdac24814a0d62c771855d7b2776

SHA1
aea97ffff106e7393e502753f74f3f839ce1ea57

SHA256
3ca1fe58ea3cf2ee3b26ec95a30628d6e6b83ebd6066bb0919699b0574aa92c5

SHA512
273708ef35268880fe88544b6d33c8869ff94ac53946f518d873daf96148148381311d4078e21592952f511c3f2c1000f1b8c003d1d9ea25d178d99aa9e96ea6

Download Submit