1881336e2862375ceacf094142d81869c1bd8b9b1643563279bb0fb3bd4733a9

Analysis

max time kernel
121s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
08-09-2024 07:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3d12745a98103d13229661cd3380be2_JaffaCakes118.html
Size

7KB
MD5

d3d12745a98103d13229661cd3380be2
SHA1

7296ad5b505254ea6f4bddc2abf189a5af42f7e3
SHA256

1881336e2862375ceacf094142d81869c1bd8b9b1643563279bb0fb3bd4733a9
SHA512

92145aa49bb2e078bccf16507c06866ef5a0fc0120ef108d2fe19eec0bd08a0129ec574b3761e17f0873da4b30c3bb7d0c329c56e12357448c465d7377639d00
SSDEEP

96:uzVs+ux7T/LLY1k9o84d12ef7CSTUSzf7CcEZ7ru7f:csz7T/AYS/Ob76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 902f1db3be01db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DBA2B841-6DB1-11EF-83AF-F2DF7204BD4F} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c4000000000200000000001066000000010000200000003ea59e89a1b53ce6f52e43c1e04255913b48e700e8dd050ec8784793116b8519000000000e80000000020000200000002944a77227b8c68e9b02ca2d55499ff02bfee3520ab622f3c1a964a48a5fe15e900000009f779278a1d5e00489e5bb3fa9d73c4ddcf2a649e0838f91c9fe705a68feefb44b8439427503878f7b9bcd1075794eca3890c2531707f7b1daedba723658dcfd2cf4d275c89ca22d404e882c0fd575f0e1b3fb5cd07bc5ed14cd01fd4e304cc5253a9f1451a7fa828032775a109ecb816cb1dc4e6b15ba3cfde0e53c2873696e652961c3a10ad4f206d8a85dd35d7eaa400000008164d4ad16b3ef35e0504a7302241dd87400ad122149b11da9cae50421f3327743c985c7c7d73241e5a6ba1b76ec7528bb52240830b7514dab35d4f5ee322c15	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431941482"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000697b79310ac77d27d665a77ecaec6372c760370cca28f5080c423236c895eef1000000000e8000000002000020000000b5f5436cf1e722d274640b6c8e49bc5f179f9701a39173d6abd3bba210e15a81200000006b8d1c0f600042a26f8f42321b7f8b3ced034fabbde4a3755645f84975737f1d400000001ff1e98ee53c4fa17bee9774dff87024141e99755e07ff4ba65b3bebd114fe64ef8e2691122d4b1400fa993d6129ef6be496d86e1337ecc16a7e81d60f71fe88	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2404	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2404	iexplore.exe
2404	iexplore.exe
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2404 wrote to memory of 2760	2404	iexplore.exe	31
PID 2404 wrote to memory of 2760	2404	iexplore.exe	31
PID 2404 wrote to memory of 2760	2404	iexplore.exe	31
PID 2404 wrote to memory of 2760	2404	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d3d12745a98103d13229661cd3380be2_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2404
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2760

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3e408e74f25e157be952ccdd0215d3cf

SHA1
53a8dddc34f0216cdf461261075dc1b3b64303bf

SHA256
4444806e638448aa6e7a1b85e3f5cc346cf8ca577b5e797551e6a674c2799a55

SHA512
2a4a6d8fa6656e373cab8fbbe8d8eeb71fe6048e6d1107b699d9b5844169e30b2109bbf7267de5188da1008ef3bd315d33abaf0ce088206259c0e8bb84e74b5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4cb3c637fa324e90c7eb887cd79650b1

SHA1
cde5fcecee7bb4910fdbbce05d9dd8c0e200b70d

SHA256
a7495a094c79718c41e1b9e23752844eb300a17b9349e1bd4448eda4de970a17

SHA512
3c603c1af1cbc147c3820971d2f7da9cc440ffecaeadbd58a470bde5041f99bba3c1e43595c64fd193fc328ab256612d30817d668c27497ca7188de73a5447ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ae984a0052396dccdf158fbf901f1625

SHA1
b80fe3ed9e4deab98608289df5ce26d5f934edc5

SHA256
3bf248220a5c0d94ea71ba26acffa16464076aa5e9a6bd9ea2edd189b6a166de

SHA512
40bc353dda883a8f8bf7b286acf1270f58398bf33736f608dfacd71a2594c4c6920d74b954ec7f351e3aee35714db0a8a95788e46e2bdfaaa4e3f2f6a80ea8c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee7f7f1a6fa1fe25ede7d5a19d42e69f

SHA1
84f83e649e52638f3872f2a3352a512e95ed4296

SHA256
4a0079d1fc30a62920e28cee594b93ea9e16ff74a861115e8261bf6eeabb52e7

SHA512
42c408995da2de915702daf6335b3d63014699197ee3716a2d4f03f2dddcec39be02c9d253516285c3bf81d051bd1956a11f178d27fdeca68a5f51759ad67d73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1982465539a6cfbea220bb3539ab7cb4

SHA1
d318a7d39de6c6a0da32356d69231f4dfef5df4e

SHA256
781974eddb379fbe33086db5600d312ccd7f2e2fc83a8d14a390741f10d90ae0

SHA512
d58a6806bbb02401d0a0a932f5733953769eb96f89ebe663ff7fd976d57e8d3b7ebd41ba5d9cdf60d67c05acd7aa1b5935cd5dd4adc34dc8b43ddbade62f7452

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
96be7703a454b6c1875c0c3ffb062ddd

SHA1
bab4fa43da3046853e3b40b8606f00ecd2b340da

SHA256
db4975dbcbe30ee1d952a424d14394c88907df911115689633c46f3be7cbc0fe

SHA512
da41811e6829ce1f9d48c30004635936cccfec3709600da30c2b9623cdeae5d95f16b2d31a7a30facfd118c05687b39b881fcbe5be15fac95dc844efd467fcb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c28e8818e42b4386d3c6cfe423f8b64d

SHA1
64fb1301750421685c4acd3a44153e57d643a0e3

SHA256
fc2f792712653251bc7ab7e1ff8f6150f84d32db20f7bab08675895c665d0879

SHA512
093866c72af8a60dfe7c88a14dc44f57edc0e2dc88b4a491803458b155cc9c8b441599b27139c2a796f65eddf3c4cec34f738c3bf0df84d5590e679d17e43e51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2ee21fcbc231b6894000221ab720d1a

SHA1
d34f6fb2beb3e92a72bc8b4f1092669a326bb5ec

SHA256
c63482b21655c4099ddfbaca11a2eda2e3a9dda76a89fa01819d088de3fcb4a4

SHA512
6c380802de99caa587024451c51e7177ab6961044f36a1616458aa15407eff67314f6e43a3885bb7c50089173a64d4d19dd1e9f90b0f9d08b57eb870dbac375c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5fba3e3ba67e2904c3ded2be5f9b62b3

SHA1
a19a4ddf86a063b4e688d1bfe46659f9b0a10c03

SHA256
844985ecea668cb5072ea8f84b2b0c5a9190ee25e597cc094755a6354b43a51c

SHA512
01ee0cace2f9baeadb5326ccd064451c34ea98dd3415fa8c76d97cbd68f73c1f01f3fa03f8d22156fa962999911588175c111b40cddff2f09912a2ff37d364d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6688b610efd2aa6d0e09927421d935cd

SHA1
07f8b9d28be471c3bb47e011a48f39fc4ae02d65

SHA256
94c68b6965a5a2d3cc82120d4241de9184249203af623fabc2620f59fd197e44

SHA512
54201956df5ca26bcd8ed8d142c4692a6d00f9f761de5268819870807f7b8be4f362c13557d4154b204c83b254db4995ba0eab723669a3885fa1e2accfafa77f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ebb3190310adaeccfecd83b032804d3b

SHA1
6ee804ec91552b1106ea5af027764454cd5a1c79

SHA256
a37b4054eaf0523792948690462dba95aa1aac8c75f86d4c8f589f0a886bf190

SHA512
940d153f6a2a5213ec99a5bdb5308f5939f7c1427a737c090e5d568067787e4c807bcf91c3dd701bd2410b9dedc09c9f3f45e2fe18e8907dbc9722f5a762e7cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cf28703eff146a699f8e07d74469f50e

SHA1
1916560f4b75916c1763d99efb5fe95256c65dd0

SHA256
f522f18153b5b5d586882a768e99b01cb6604cfaf9e4fa44f64db02afc44729e

SHA512
b09fbd2b514af6f543f264700e2d62447425ac5f2a04524c480567bc9b41911df18df88fdc302cbb9fadcb8f7605aaa92bf6ad916c733d07085813a4c9896efe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
843b80b36f0edda40906cab0be834fd9

SHA1
5e766bc2ed364e6133d5692925db509498045b08

SHA256
baa02d3c7d7ba929ddf139da0e34ad439a43d2d67e47edc2b49ada8ba2e9c3d4

SHA512
0c86e691824c4ad75efe42aa43f0bbf923fb4eac75db690cc463d736b1c74fdaf62a59a2ba8d2eee2ac57505b61ff87a8ed9da2b5361c99239b6623986a2c2c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
398f99d181d2dd4fd813f14d60b03cb0

SHA1
a11fd1bfe9e5a8c4943cca5cdb9a88eb6bf2bed6

SHA256
7141110bb1bca98bd4ab0c25801fa137b9dd0fc3b61745e31d450786bebb2e91

SHA512
e053a1460e8b2f2f37316f5678c4cf1ab00ac0b7c7950ae8a502c1e0796d68a336d9c09d19e72d33b07e0137e2cb697ff45d3043367cf5054b26427c3675f092

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e88bc4187553f6b751bd90ef54c4ddba

SHA1
c76c2adcd21dd9b75c6303fdd207e95da701ca69

SHA256
98138558c1ac7b06406a915e65f07744f75a3d03b40b3d8a626c8c1a14360a8d

SHA512
ebea1fb9d1965c584ed7cfaf96b059d17c0cd3109a1b5e4ae43b7022314f27857efece2eba93a3b1c654729b7725aa8d88d39c3cfceea573a929b32ce08c38d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1443b4acd88bfde49aec9bc4a0d5f4d1

SHA1
15c0252de3c4616f584da01b3c53f795805508f0

SHA256
e0ae776424371544bfd7cf550ab3b277ccaaed0e4bd904342f93e317dec3f83a

SHA512
6e7902d721d8546004bc81b351a017ef8e9d32ca213ff35ff75b847a0cd6664c31ff4e07baeacb3804885c0116e2908ce4fef0a773220d13629a4823b65e8115

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a4bd90b41502aa0fcf2f35e20fe251be

SHA1
31d6f0534ad5961bcbaa13e642b4c8da4cfc3190

SHA256
e0a3fb399e5b57cbbbd75153ada1d72dce45ba39ec7ffba44be58d15c728dde4

SHA512
3f02805c46dd2534d9a78048ff9c8b225b36dc32321c96d40c53863fcf667ba786191b8f7b0e942c8d26174e4e053c1d779ca9424d3765a9f32657da3401755e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8B32.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8BA3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit