c744d54c070668e5e42cb6cc4e7a57ae1a77f59426d2a7e77aeb545966afc36d

Analysis

max time kernel
136s
max time network
135s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/09/2024, 04:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d5a6d022a13456d46d19ff7b58e695ee_JaffaCakes118.html
Size

20KB
MD5

d5a6d022a13456d46d19ff7b58e695ee
SHA1

d3898ecc1b0e298dab8ca95ccd390b659cad6c49
SHA256

c744d54c070668e5e42cb6cc4e7a57ae1a77f59426d2a7e77aeb545966afc36d
SHA512

6d8b5deea3d869999f8e2d559dedaae3476d56fc90e2f49b43a6073c3f08cce08137260e684694d183d3adbfb33c385e1db078b0355a1b3a1d2a90c9429313e7
SSDEEP

384:TlULpUzyln45/VvWz5N8MrJfDgWQvy7/CeUGU3DOOwbHpC9INRbG8OM1iG4H8:TlULpUo45JWn8MrRgRw/CT3DOHbH9RbB

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000f453a81df0300d373bfaac048dd1254bea05220c358aefd5780944de78dc0df7000000000e8000000002000020000000a770343bbecadaf65edfdc0626239c3dee78081021490201813f84a08132d91c200000001498a89fb8a506fee35d2f3b5f685f41882cfa58d3ea054e8af3cf29fc0f3f8c400000005abbba9592a1cad968b9ffd11a29a5266b0bf980a8a184b5afae99b26b7c6c47bb74c546314fc13192012754d12574012cfbea420f03dcd37ac2fdad7403ea50	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EB5DE681-6E63-11EF-BF4D-465533733A50} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432017960"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 802b2ec27002db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000012d2b992ec1433b1aa25a36d596e3dfbb3fc6b1f202b7c3e38cc5b3eb6cb84b7000000000e8000000002000020000000ab9af07ece0ccf8988568f5cc4a1d5bae8a97688cd97a8f933b0ce2544662bb9900000008974889ac8067ed41487e6ffe4a3c792e41d9e125d00f71097f8a5033b10b882c595ac902c8b280cc93793675c57986e437c8e38d444d190334d8be1e2d75dd2649272e8b2d9b3969cc0c36c99b815dd5755bbb4ea3d5b3de96dc628f7049f4bcf01e5c0938e466f9752dd2031ee2115eeef85451ba7a03850a45b3bea0acdb19d9d52c53164808c9ca2c10769ba559240000000104074068d2804268ff75e99eccb6db141ec835e84c269f901f5f97fbf856402b3b4e74d634eeeda81b1b7454532d469b434cc64018d8544e8bb88c7a4107474	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1788	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1788	iexplore.exe
1788	iexplore.exe
1828	IEXPLORE.EXE
1828	IEXPLORE.EXE
1828	IEXPLORE.EXE
1828	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1788 wrote to memory of 1828	1788	iexplore.exe	30
PID 1788 wrote to memory of 1828	1788	iexplore.exe	30
PID 1788 wrote to memory of 1828	1788	iexplore.exe	30
PID 1788 wrote to memory of 1828	1788	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d5a6d022a13456d46d19ff7b58e695ee_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1788
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1788 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ebcebf7d42f8050ebcda0c1c870cd7b

SHA1
e74279cf31d421123c86e50aa3dacb032f2f2b50

SHA256
7ac1dcc7e63ea0c1058592ee2b7aa2ae7a8193eb64771b01ad72c6fd269f4258

SHA512
edf46530b0764e54e20393915a45bdf24254efdac102af995def8d9c8308fa950e0f2ade045d4c7bc391a3169fa5e7eae3bbdf97a8dd74f6ac43b8bc6ee0b320

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
06ead8dfea08abc1abee9e6a08ccd1c5

SHA1
e8394596506cd154582fdc56b282531eeb671462

SHA256
9ae8f666f66218481d9b72d983b1da4072e99e12033c3adf98ab663eef52c9df

SHA512
f98676eff9573ec7df14b227fa0e3f78a0592352bcaff64339fa064ec5f80b44d71840abf39166004d1c47f724db74c402b15bdb62f75f3c1f701b14a510fad8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
883fd7a8f04f728e7b000476d9381b9a

SHA1
daff392ec2ba2cedd26a5288a2c3f7bd8d001b23

SHA256
00471b38bb39d4333c74b732334915441b03aa5aacda24d230e36e8b8e072cdf

SHA512
38ab079946ff68d018031abe77e5b91c4a40d15c43c241e8831a269308b129747c723fa7c1ac320323991d9601164edc0757853442d1aea96473925b27fc8fd3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e888724e075b68d45b4f5906fc985b29

SHA1
3353a398877f1ccde19cb8b77f5dd83b6ef44d6c

SHA256
ab7d367ca1ac8a9e7e752d129dcc07b3929ec611084ff079cbdd43a846724aba

SHA512
0d6c27be8bdcf57461a46cb34fbc6786f821dd22cadf3c4d717bb1f2bb53be4747550f525152b9205ad931d8a6fc633f3f0ffbe170174adcdb958f2170152017

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbdf054ae840942106798cbab31e7a62

SHA1
8b8fe0efd76324ffd5cbc5a3885a3f20846cf026

SHA256
2a592c21e44a9b46ef05d75563a928a8de3ea897648a59e8d6ae40d0cfe146d1

SHA512
af6bb21899ed9c28fc596895e0785e771e5da177a6f087034fb34c6c99484db01c592e128acec3a6fbefba22945e81c319dbc545e2e6a67af3340dace81c4790

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
973aff83699d4060d91ab32b401c124f

SHA1
256bffdb5d4655ad664c589a5d8020219a3f9ac2

SHA256
7a7d6dcdf49655b48193aced6f305010baa89c06c6605a2913d8796545ee6232

SHA512
115f600762a09f5ac6860ffcf89799019ea79be27d447570f5b7fc720a6b1db1664a2648ff644df667c04640bad1916ec4f979374c402a6caa1ac2354f8ed37e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
12f1b542d4eeecc713d0b1651eeaab59

SHA1
e4b3f929a11cc4086d956a4fc66a5a531e88fe20

SHA256
493f82a2800f1289abd80a52d50c033d52edc0ad1fbc4af4b3711e89fc0a4329

SHA512
719f2cb2f3ffa2753fbc45ec388ef8ab8c9dc1f51ccbeebcbfaf10324f8e38b313272f261d26e5c42c6c64bf16773b28378636c2364311ae6306c5d7ca7a199f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7330e9a520b345867bf35262c6988827

SHA1
e881ef433c489e161993cecc5d5f5005c0b9ea51

SHA256
5879ccd8a0092cb343727cd819af35b06d518ce91bfa2c1ffbfa0cdd26348515

SHA512
a2d863e8ee710c2106e318b3cf21d637032fdbe70ec27e5b9c069f00c98aed69bda65ba955dfb0ec202426da832a3d1d658b816ae0cf167a48c13efdd1dfdf53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
79b15353cd073620704646d1a40f7107

SHA1
f0bb65646fadcf755891e6d49045cd5b860a8e5a

SHA256
d19a3b5b0b7ecd8082c3b18241dc194af5dfe81805c7e22bd89040a04803e7c5

SHA512
2ddc5571922744c57f3db78a5d3296cbcb16632db470b68ab28c90aa2a7f1ad0ad6aef5b2b5d6946b4c0903632a7b422e30ab0f5d2c8770e95bc3e91425c8317

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9a36f5069d9985303a6685e8093320c

SHA1
7e63f4b81a444969da0e3c522d2466ae4d4526ce

SHA256
251d48eb05dfd42b750ae0f70425181bab07384a5578d45b06ce0fefe8272056

SHA512
bfb395ba96c715fdd0447f32d6ea180730b3e9636265f8b85401cfaf5f369fd6596496d65ae083d9bd1a65feadfdf9938afdeffd99c6217373375be81d21fc97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9445b65b881cfdcc9802b6b30aaecfa4

SHA1
15d4b4c41aecca2713b2d452ceb2e643237fb0af

SHA256
8cbc8720539e6da9e091a0c47ebf91dda151996e338285a341809d14a1ea6267

SHA512
ed1ff2517dbb820c42bd6fa77077afae335676ea760b3305e6350033dd40b91d1b7a6579cce519c30cf74ee2c5a1a40b342d7a70120280dbba4da2bc81885fb5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e965b35bd0d0813573b18a07fa8d8ad0

SHA1
d80e7f9d3fd3e8c7384422237aca42dc36f879cd

SHA256
c8826a6b47809cbb950a5b8d8af04caefd652cb994cfa24a90ad7ca2de0fe596

SHA512
04adc18f2f30566d7de19d83cd13809e6385a4428fe1ffc0f901f7becd30234f07d96d6f69521dba08a64a649f4968128499592f2d52b39295ceebcfde1ef3f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
28c19d321f28b856b704037bd91e2889

SHA1
be602a0ce477c5c57d20369145a2164afe4cdef2

SHA256
06a856df724af8055f553fa45b4a0bee59d2c26d611b498fc921c2837aed5bef

SHA512
0a5f66b70660ea51fadf3aebc1b1f917af4c8cd379cb25973e1314bbf288a3d21626a38030d7a82c1c612540ef93a0c7c2fab87cd47325c197b6220209f7d943

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da0c9bc6b9b4189964c2d2a78b65176f

SHA1
25865573702157327bbd62bf56b0d8dbac206936

SHA256
5ccff978e15f282cd9559a9a2a977ebff3cb5de7d2cc6f959e261c617e44bf2a

SHA512
14c59e07fc800b53481bd8bce4b4ba1048168c53b62b2d109395732a9d32f16c5deb6d9dff57008dc9a35ef1cfdf4ea93e591a76b0316d7086501bbc757d973e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8c3fad306ef431d13f5d8f0858d90172

SHA1
e8f0fd7b5b6aeaa06dcf85a9427e73d9fc6f6bb7

SHA256
a2aab78d3af10d66532e5b98ba1d8eb11d5585819d8460c84ffedf55f5e15c43

SHA512
698efa96263fae758e04c1b399987970fbad8c8f1830f50a8e699ceb4cfc46f6ebb0ed7d4a8e3f778063b4fc9fac7c1b246e0390946bc234f5a7642743259a2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e1194ef4cd98b21071fabf57debbb56c

SHA1
f4cf5ab332e9d302d7697e6e06b88047d2d86b77

SHA256
5d12cc6c343567629dae9b441fa434906736ab2a6b2fcbd65835943faa80a8d8

SHA512
36372dc944de1c5993ca7befe1064ee6c6469b96c3595e2ea269f477f96485266f699bf842b2d5fab661b7243d089ed1f4e5525a82be5f54b5473e9d4774717c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e521c1b2ffffa843052e1542d0d5160

SHA1
66035727bc9792c5ae41f5cb4dab7d56e2aeb153

SHA256
25027fa27a090b8044304032041ff2dbe6621712409be84842559914dc81b987

SHA512
632652bd74dff46e2fdc28c734021bd998a3fdc64722b87edcede1fda0064dd536767262af48f94f55870d96ad23b0e3e97e50ac17e6e40ddde80b18b60ae0f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33cd95473ffe2671605d7858325fb584

SHA1
4e858c5e5238c1fc072e64be06878f7dc108c678

SHA256
cf9f67de58794c83c2fbf9063e1971affc45855adaa067ceaf92cc5acd56cb6a

SHA512
f5201d2690d497c7cb37180db0402de1f52b5d3aedbbbc65f1652216a8350fac38d9653509bab72d11664c61aa82af7dc480e89b926d19b17d943226f745fad5

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE8CB.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE97B.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit