4e0c8377af351679f03d8af579f60106e51d70ac5f69a08491353b2f6a2cffbc

Analysis

max time kernel
118s
max time network
131s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
11/09/2024, 18:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

daf4918ef0bc47b55ea6323d0e89f2bf_JaffaCakes118.html
Size

460KB
MD5

daf4918ef0bc47b55ea6323d0e89f2bf
SHA1

4c76706f7235fd77501ac914dcdfee9b4ac96215
SHA256

4e0c8377af351679f03d8af579f60106e51d70ac5f69a08491353b2f6a2cffbc
SHA512

0f3bab4c52e86de87cb101f5a9154e1cdacbb9a9b172d04663f35cb3fbb25c5540508428fa95491d38b61c2e37b4ef97c0a3da6c708c7328a91670a84da1acba
SSDEEP

6144:SCsMYod+X3oI+YNsMYod+X3oI+YNsMYod+X3oI+YLsMYod+X3oI+YQ:75d+X3T5d+X3b5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000d2d111800923b9af3ac6586aead5137a397cfd1e57cd3013969095aa850cb1ea000000000e8000000002000020000000fa55fab334dd5ee126aadaf8ea79702e62fe8b8cb3b0ac8d6d41faf4ff0be5762000000012a794872b8a46a84a5360a4376574f68511092202ea26acb4efc404fdab55254000000018de03a961a741dbeb576a3920c3acb3b8ca2fa9739545b83c91c78291d5c535b4c362533c56e76e35e2995341758bb94fecd129994e1bcedd8bc42ec3d62607	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000441df9c361338ee6dda8d80982fe3bf412968cc7d8f3bfeb60db7d56fed1b050000000000e8000000002000020000000e72a99b79189e610da324e4481a972da39fad0b941aef162537935635febba3a90000000b8b50a4d475644768884ef34d526832dcd6f81f5af717f8997baa2fd3508783a5a6293464e533fb33f158ca6db3ecb35dc8e4859bdc09770e69d1535c1374921b0d82e4942f332d9ea536dfdbb8e3a46899005f4960796de35af3b03dbc00e2ed413276b0beac0107aef8f9e143c2223141c4edba454504830e258c793b604c1da8eb12ab657428d785f2f8c480fba5a40000000c84767f6ca01737cd32cd5157df3137b82fe2146b99cd3cd26c126335beca150f9931b63b3a31ca573fc84cdc887eb1a6fa40159c560e6e29f2468d846e7c9bd	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{80E5F0A1-706A-11EF-9D33-D6FE44FD4752} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f00993607704db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432240691"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2280	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2280	iexplore.exe
2280	iexplore.exe
2756	IEXPLORE.EXE
2756	IEXPLORE.EXE
2756	IEXPLORE.EXE
2756	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2280 wrote to memory of 2756	2280	iexplore.exe	30
PID 2280 wrote to memory of 2756	2280	iexplore.exe	30
PID 2280 wrote to memory of 2756	2280	iexplore.exe	30
PID 2280 wrote to memory of 2756	2280	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\daf4918ef0bc47b55ea6323d0e89f2bf_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2280
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1d000f2900f802303ea64aa8c141b142

SHA1
27fcea03fcca896bf3a85b8b4f093bf32d4a8fad

SHA256
f134575eea7e0ad53eec6ac9918cc6e4211dc9d03293aa19ca81543e9448392d

SHA512
569c1c9eb7fac9d36430583a5370489e4c41c86c34663bb2f03a18d77cf53ebeaec5d9b7845745d7f4d7e49134f50852951131719d1a9ec0a915d6c6b3bf5e1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
68a45d943cb89786ebc46120fae0ee69

SHA1
add52eca6aaa2357ca8951721fb33bad4e4a92a7

SHA256
3e23eff03665d007b3ca1bfad1ba18b5cc4204469f96cc493fba2a6ccdd5c1c2

SHA512
8bd85d1e5f3f48289356724c8beccf1039d235e6838b8c5f0daa00e1ff7a3b56e3c1096aaff30eada575efaab6176020bcddd321ce1ac7d8c1871f51d0fe7552

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8bccebc345ffe45b3e61cc326ca6ff32

SHA1
9941b2fb4c243edda1e513e1e3cc740ae24a8bfa

SHA256
699b6e249eea01e9f6b4ff08678c0222c65329210f6fec4b416674af288ab3df

SHA512
a1a830b529be469e74196bb5ce5decb15d318c665635b56430a9f033d34c6a66611243a4a68148da14208ebd3b7f065f0751990cfc8525a2f1c6bb40ecc39118

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f717dc0f444aed65cd9c2db16b5050a

SHA1
a85911f33eb8b5df820669509738d45e6b4754c6

SHA256
d675d8939f35bc49012c6af1a807293e35e993ed622d14c8da06bf3b93f15f94

SHA512
65b888ed150483da78f956da8451fe9d96a9e4c7a2a7528c24212eb32bbd5e07b02a4c8ffc57f2ad34f2d53333451deaa8997a01407bdd2515657aa998836eea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ffaa986508363f738a470ec3d2c9b37

SHA1
0caef19a9c6ed8b0752275659d04dbd95d32e806

SHA256
48ee3d136a4526723474cc36e9dd7b4dbcb91afbc7625a7f2fdc1a809b25c0de

SHA512
c965abcf1d12d7b3d12e2f69c811f1ea3e05f59e19a8b8f7578013bc70abc725592fdcb08509ecd9bbb997db43686c2106916d7106284167443e37e6e8a75400

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2ac29c4211c94193dd0a7437e252354e

SHA1
35e75559bef9dc6b931503b93fbe62f4d47c0a71

SHA256
7cc72291bd589e2384482ad787f6e1ae7747f575ef946239b108a1864183ed36

SHA512
0acd10965e51a3267175a686918d47703629df7102157561ea630fa8be27c94002bccbd22e6665b503d895537be3da05d1306bc99f10b5f473234b9affa22af8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
962e4b69ab072f5157ce3c8b8b39a3f1

SHA1
c3b900c4980f2ab6f4bac774a8cb3c472f56d4ea

SHA256
6295fcf21179af7e2ec07e9f9bc6d1a2b4a5298864bbf28cca329ecddacdfe9e

SHA512
1e413cc4936feb70ed76744aa8875ec2218e530f571896018aa008f4c692f875926ee0d51f593f9fb544c8d13802fed4f6d3a1d16d04b9e0a86f3ca2d195672c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b74805b20dc0763d11cc8627eef28315

SHA1
53f3362866ba4028ac1cd540d5fd8a49221faf0e

SHA256
ff4bcb0bd350d520306f26bd105284b5a27837359d828f9b0338076ae99e5233

SHA512
e0c53eed183ce5fb10cbd575a1d1f0d8a1aea98f67de48cda17bccde6bfd3475577f4722109e73e0013ec372a1f0d1e94374d168801c4b78ece8bbd1980b896b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f5d9217b39e5bdf374565a9a8a91d272

SHA1
f514a74d9c07de4a8b86871a487780164686a23e

SHA256
1e7fcde3e7455d4ae304979166bb81c3bb41bb4aea81bb42502064eb4bb8a681

SHA512
7a8bb84b7a52e3853ece93ffa5acf31e1cdeadb9991055807866a8f3aa908d815d2c34a6a0ff68be57fc3a6df8ab856c155cc4149256e72cb1f005036b86fa16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
02d956f6b5cd9519931700465fbb349b

SHA1
c495fa41017fbfe992a8adbcf1203e7341a62a66

SHA256
5fdcbfcf68df9df21b88044855282c0d45fa26b67bbf8a1d4d1e6a1da6a6778b

SHA512
60302170859bbe89c74f4f9c63c865a7d128e9c00e584e7fc033f28f8d3ce4c3ccb158a6b0efb953a70a83c24ca5904e3065e03f3fa8c8201694888dd8550dd5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
547a92b4dce598d583910f65faebb387

SHA1
6161479a03f25f06dbf4d2cbf8183fb6289d1865

SHA256
fb54f76124093b0b288998ddbdbb48b8601f351d9273b19bc04e7ec40d956242

SHA512
ec93a42ed7b2ad4b250d5e060b138719a54ab6d260289dc9fcf855b78491061aa84b55c8ce4bd9bff8f430f0a0e2ea4c888b4fc3827c7e6243eb2aabacda1ad1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0bb21713073746940b72c80458d8203c

SHA1
e92fe82ca74cb21c7059aa2eab19a91013f5fd52

SHA256
1dc1e9988bc52c32a7ce61dded322dcef50fff2796f1547e2b40674816ad832b

SHA512
ff4ff95f03d9c47c3dc07dff4a15ce3de0e225f613c38b7f93af1b0d8d46ac2c69d05826779b1af58c9ba342fa16f34826c85822af2465b5cdb4dba6138d08d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bec754af5c28adf29f88a01694b82599

SHA1
5cd77d1baa746ff2cdd8fe08319dd036312983c3

SHA256
aefd801e9400fe7a4daa8edee23cc701b13798d9bd0dce072551d826a92bf824

SHA512
598ddd4914fe55fcf3bcea89cc09bdd884a1f9d982a0a9e999347755870f3974ac49a4f5be85bbeb78df7625446fb2c1ed7e3e5feebf3b04d82135eb0e48d087

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51944702c71d06b471d0513e4c425032

SHA1
fec3ee82dc9eb9dea852337a01976b7de4f08ead

SHA256
263e2786c49b2435b9af6c99f1605f578f283da02443e65b671ad8c2c7f07445

SHA512
82e2f124f605d609f4b90f6bd6f1dbc1ead635d5e3f6cce313bc254c873b71ede9d5ee4f4b7e245531e86798f26481406bf10c591d99733c41edc5ccc4fd51a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4dadee9d84d94bcc0ca2babbc7cc5043

SHA1
4ba44f8f9d13f806181864f33896c86b83549466

SHA256
58292abe04287156d74839f007b79ad48b269bfffef5bb8aa90b6ac6ce2a8569

SHA512
9da5ecb7aab9b953647433616cc4614683245e27771599b98f185142ab87df2869b8f32f228667faec402c8794236e4fb3190dc649996d078e058cad4ad581e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0329ae6dc48bcec2da79f8434b11a2f2

SHA1
2b421d4b19bc290db90ee9b31e5769ccf04dc067

SHA256
d4f241367ce6cff08ffaa66a5b5de8235a1ac6886e1e84a686a00622c09958d6

SHA512
2acc6ab46cf427856e576faf9d54937284a02d8b965e6daa1b350c770b8de4992874a9b6ddeedfc8bef181ce697e57339aaf7ef94257efeefff6bd15524a7cd7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67800af5a50b3eb2db07ffcadc148d0e

SHA1
ba4788240751e43478556af4d6f4cec359a6731c

SHA256
2bf299b8704db963b55184c3197b38f95d967d54617c2affae1c2beaeb5f36d3

SHA512
986e41464462a149592765ec8c688e9a8bd105d6d803ff24af36dc670bf3ceb09f3599de8066239723c101dfd70bc892c117dcdcfed0af668f1d50862efefe2b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC0E1.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC191.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit