53229d224b319697ad5f7bde302cd9866fa2dde5054153154ab63f3ebee9e461

Analysis

max time kernel
120s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/09/2024, 16:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d6ac7cb1e5109101af6c753fbdf11cf0_JaffaCakes118.html
Size

496B
MD5

d6ac7cb1e5109101af6c753fbdf11cf0
SHA1

bfb12e70f6486339d065b9767ec8edf8bd8005e3
SHA256

53229d224b319697ad5f7bde302cd9866fa2dde5054153154ab63f3ebee9e461
SHA512

81bde8d6134edd9a9f8f1a12964eb120c1fa0020c1dd0623786b0b72795f581915f8ff79ffe402993a0f762094a9073a0de613bc3acb7bdfee2d4044eae0e7f3

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0b5eb78d302db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A46681C1-6EC6-11EF-93CA-E62D5E492327} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000032e7a7d978a8ea679e85208afbdda6962ca2ae3656871b14405d1c73c9f126bf000000000e8000000002000020000000fc804ae5bb1c7bfe9ebe8041d7a7e9f2c739a226c86b164ab6d7dad641d3cf019000000011a098f330ecc499d5fda77854b368acc337ff825affe51ad8fc1c1a328ddf2ae9b1f41d007aad65dae3fa04a8125d87ac386daa40465e49bbe7697d90de382278056eda4d1257e28b029ecbd4c15539e6405b7d72dffc44784e65631f1206bf17766a8d183daecdff141771d0d8368be7e5e68c5641b0d1f4ba144e09218f7e6bd2a6a38772cd816e6c967050ce758c4000000023aa6385d62ecb5060deaed014a4a4e3b073ccf5d1c67438ff2483d8ef8e7dd229fdc15bc5bc29aa936dec1efb111cd48dcec61728a456e93ff1bb638290427e	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000a17dc32ecac4c59785196000ec23b4ae36088b9f8cb790506fbc1cd287dfa5aa000000000e8000000002000020000000ba1f9f3f91073f28b920bb1727f84ba00cb098138dbe5ca893bf8687d09b71a3200000004115fb2ec62cacaa3446d326ae4223f2996da61f1d1ee1c54e66f7803fd836e140000000688d4f8bc62042f7520b45ada7d6f0a39475c61c5813de0fd7c1b5559181671e0b86b73ca793882ca4b592ede96695fde604b980a0ec46a9404601d780d58aaa	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432060359"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1044	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1044	iexplore.exe
1044	iexplore.exe
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1044 wrote to memory of 2964	1044	iexplore.exe	28
PID 1044 wrote to memory of 2964	1044	iexplore.exe	28
PID 1044 wrote to memory of 2964	1044	iexplore.exe	28
PID 1044 wrote to memory of 2964	1044	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d6ac7cb1e5109101af6c753fbdf11cf0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1044
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1044 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1884cdd22ba152f28790fb38249125e0

SHA1
8034df91b37cadc39ce65022c67c86461e6a268a

SHA256
877430b97ca422c946e289c4d473924160527c658c084c5e790beaccbbd55c94

SHA512
1d532357ccf9e98fc9f865e5d06673826e0de804a52fa8673e077546feeed62aeafcccf558edbe3f86999f676de99c9cb8f3d2ed699651a487329828f37529eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
89f5682d996d2565fc6a4693e7aed38f

SHA1
a2bcbfd4a73d94bbd1afb0974f37132077bde131

SHA256
e95bac9c4186a3db9b7467a85e9663178a139242ea1bccb6b4beeb4335822e82

SHA512
4d25a6c8e25eaea8d9cb0edd374d29e0e12512a6ac7415a2f94ac9a71f9b27747a9c59bd98da1bde8320e88004625ae1b961a6cd1376a58a1fadee4a832ed1a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e1d43a44d46e557a6b0eaf2bb67fed26

SHA1
a12e3d1050e27a6eb7a5877557e4704d24e45b6a

SHA256
4445b35e4d3e572e34a78d0d531881d21898ef223c7f870c4a8e8e46804b1005

SHA512
76f449fd46584cbb28aa21a43a108bbe3e53c5e3bae33cdedb4a2348b744f3b223c24972b8d41b0cf15efdbf20d802479da1921cea594dd225c5e2826b0fe2bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb07f4c96394f0d03de7ca1d6aa0e043

SHA1
a051d4af129a860ce08bf492ad392525d50ffc87

SHA256
fe708fa3af80239e9f2cc9451c4f23c3d46b677267d93bc36a5d1f5135dd5cd4

SHA512
a23d0c7ddf31f73fcb05075b63f450e1510de48fa998a943138d8cd6ea1a8b87b646247e355411f209d7cde30ad74d73da8f45a54acae0513b8409cc46f32212

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
beb02e960c302fb9dd644217ec5f3e5e

SHA1
f21c8b35f70760a2a6609897790e6a65b72d4408

SHA256
df7aeba73c0da96f7820b2c0e2307623133005e275711606f58905c16e92c0ca

SHA512
aa1eb9d71f8a6b727a8b31cdf300385fdaae3fafd76986159f00a5b66354538d99f61eab0fa6ffd43d193c70dec181fb4e5096bd089684f2102edc08d8f6aae6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8bdbe554f2806a3d941d284da862883

SHA1
eeb917a9c46f19189fc23bb72f8df91f31eb181e

SHA256
cf99ebde4f8f47be3e4723b61b45de50e690bda29fb6267f3a5cfae70d03f51d

SHA512
138143a98be41849f6e130598c184cdef60a750e0485992d2dd24c8a2347419d1df027f1ac23844984497ceb6e8a831e241f954ad098798fd729386efc417c3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c33624fc1880da22ebda820cf2951082

SHA1
03340a60f12096c18a0d8d86e160d882189fe3c6

SHA256
f68efa0e7bdbdd96c73ea295343c14a06c7cacf704a51444ecad22fa2677720c

SHA512
1088a7f1868b5f4cbeac89e2492975c07715e98f942bb4da8c38ddd6a2e8a82cdc098aa2b4440576c8803ab6f812fb25f0e8e0a5fc05b54786f22aa901fd6c36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
05a19b5b369724df2e987ff97a32927b

SHA1
c51b20a298e709a9c3fc9f8d8de0a654ddb04e48

SHA256
dbbb7fdcdc9c19b73da3298322f5d316cacdebb50c050efa4b0d8efbf03c663e

SHA512
475a754f9d18e7ca19568d0cef87f86b8e54d5812ef1de8e27134853e195db50c108c18df369c577309349d05ed9f97f0a879adeca4acbf7b0ed79155a08ce65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1306e629e3fb14828d3c053b6f5397f2

SHA1
beca21cbecbebfbba4191ab5921c57191789734f

SHA256
38411fed1303c64e04a6a176961a318ea73c9c6d87694ec4488b6f1e40759dba

SHA512
34b7a1bd61cf7fbddc2eed07ebe6b870367979277b40506778a52055237036c5d41df904aa01d37c2aae266a54b208ff91c0285c219a6ceb5022fbeb2c34bf99

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4f3bc47e4a4ac10bc6e21bf1f14c4f08

SHA1
2287f8ef6f13b7f1c56569841b92d6210ac7f128

SHA256
8c6a8eb28b2bf62ecf68fab95351e4013d60d21176ed9f0c65e6ea3b8bf0f94d

SHA512
73b1a9a271b0fa88295bfdf8085f4dfae84a94bbd4a8bf31b587b3962bb98cc8c8f84089be63e661d04532bdf731cfa583c6cc5c3fb2e6d6f524c199d9f6ff74

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8f56da563f59d43213965f95d441c70

SHA1
7a3ee4f0517800fd123c15d568f6aea0e5a65420

SHA256
3fabf0fa8b3cabbaac56e023e00c4c83ec4bd198095bd8ab93cdad4bc3a285e2

SHA512
c15d7d24b1539538705ed0dbe767b1ccd8a0aa033df815e50b190e03cdf41ae3b71b038f66280b08e987a255285cf1dd7a4db39332d6127631b3e0f67d88f822

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ea1daaae7ffc1ac7af42a478143dc6a3

SHA1
0c805ce09724aaf6835d62683d639b10319ec110

SHA256
20400e126433c3a52b136adf57231393b18d1f08bd240303c3860289341b8c5d

SHA512
0f59d787932857e792604ab6cf02c6ec5dcc400956e929a690f8592e4103eb0b83cbda5fafee928068e80f3f28a297c7d23e0e8f40a1503fba28ac7b93fc8179

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4e844c1e7070736873b09d3a762f4cf1

SHA1
3d5e463de2c516ad51697ae06d333f0f91134294

SHA256
638b72c28587acc287d2a2d0d9a455b6048c3f36e6719fdbbca21744069afcfa

SHA512
db9854716a50d92abe5d8a767e3e713852dd5cf17da3fc717a18b426b4a9ff4a9274ceda3c2940967b529c333fb7f009ec25fbc0cf5e714305a3cd9f3f0f64d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0966ea024e9d7ec0978b00b7515e4cf2

SHA1
218ef3e3a4f88b60c382f12aff8a44a913029521

SHA256
c15672b071d29c3dc11a1333fdce8b811257b930ef7aae7a7dafb16e8b18892a

SHA512
10fbd4d33a031df9012167424ba0ff97e060ad2fad6ad6b0f032ab448e7bcee1b9d92df520b8aa68f88e3342dc8fe50dfa661a2c690a3b7f220063552bdef696

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
09c787ed0fc75115708e11fd43017c46

SHA1
8a964e33ddac61dd8cc7891c3c0b1f21474a25b1

SHA256
13564aeb55e9de04468398c3e005e123b596f7454ee2b8a5710f87c193361157

SHA512
afbc0042f5f5d435c50092d80b386139b971ef628c273552928717e3c5d57392b5a1bda814eaa23a502193f558b5737c12edfd960c99dbd920cd2230157ca75d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8cbeda8a4cd2d5f11501c98710ee55dd

SHA1
0efdc02636f87410dfde083868b0fb076749c0f3

SHA256
7e8d8382a313c6ae109c4215eb10acb103e724100f8a91d7c2f8f6de11699a58

SHA512
5dd38f4f27d28460b147c3296cbf11bf47e9345d56c3198a0714f4aa88cd1fd284472849ec293e22e99f7ff728e12758e6ab112df303d413312e4044ecaa1b17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
19a0cac29e008fe5acfc23422a1f2f8d

SHA1
e0b4e257963c94b2aea425589084b2c38a923aeb

SHA256
f9d9f0680c6ed789f9a2cd249c2c58f45785029aa01e250e503dc790140acd15

SHA512
194944b30fe8c875600be24bec6817ff1e8248f67874045f197798c3365d76ead1dad4d83bdeb4cbafec0d8a96689352bf985e43778fe41548ca69d00b46c6e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
952e8c4033ff22651d9c4788fd1f61d8

SHA1
757e8f2edd3929e8802b414c0eecf955dd853277

SHA256
c5ce86293df573380ea29cce11a3c2e846b2ddd93e468b5fed82e44da8a28095

SHA512
74b734d652e88649cf551b57933eeda6fbc76bac24b55550a3c07085071d5c9d1f9f9b8602c0a06176c61159c56d600d1be29a2b4d128c12b107b76fdd70b8c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab715C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar74BB.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit