06bad27458b8fb763aa3cc286ad67a40a75f070b2bc4a68f9eab3ae08e93ca8e

Analysis

max time kernel
120s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12-09-2024 18:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dcdaffebc14de23b5032e1fcddc98749_JaffaCakes118.html
Size

73KB
MD5

dcdaffebc14de23b5032e1fcddc98749
SHA1

bffa057af0aa852a8cf8193e6c4dc7fdf0e43ec2
SHA256

06bad27458b8fb763aa3cc286ad67a40a75f070b2bc4a68f9eab3ae08e93ca8e
SHA512

44f6a8d8960a7286acc4195d2ed075cab9060fa19bbe8fefc1617bb273c5f35a63e58ec84d20f9d499751dcdddc14dfdcc0faf4de7c42d5ed3b77c434a6d9dd7
SSDEEP

768:8KCDyJuZ3EIvxr6tJ9zB3k6vpBP2frMhLJ3dG8bszqulK6gPKamv82zcn+Vo3x8Y:8X2YZ0RnLJPbscRmk2W3xVyKA2fQa

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000cca4ce2cb89eb8637eb0e77920e4ca0c1379499039f452fa90fc668a163a46db000000000e8000000002000020000000b996e1d6604b05cd20a35a70a6f943ccde6e75145ca421cba470f108b51e22ab2000000050d6d7f13344c876a693aaac0e8df56d9006b96ed60e59d34d6df9be0713fe054000000003223d1f9044ade40c8ee5846b7d53f31642267eda54dfb090c6553ba23b2d0472407879204e5285d670ef935e9bcbc5d30e879b16b42411f37391deb02c7021	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000049759d8f0f0bf50f19abc7a0a51fb867a5746798f4d95a029666a10a62aff98b000000000e80000000020000200000000ded7bdb4bdf1cbe8e3e36bea076d22877f795a782d91ed9c5685db1099346579000000021f5903d406a754e1309b1dd6e73283863ef0a083413747f44c8d453c87da5774f7e836afc3948aadbeb188579c795067b582fbdfdfac987b3c5427e28febf70022895585e20e098cc2f4a2532754bfe6f2e1901a1bda58a42dc6a57edb34c3b8c2a89efdab8e1aa8acb531480a84bda5348e7e73692817e1715547a3aec29f126e69048e83386e5bf7c88ddb228090940000000105c2ff30442453419285cc2da4da49f58bb0b2ce0af332b0d2e80194f0fbdbb3a42af48c8de20d86e466ec917a3844033fb9ef447cec9b31c284fffb152684b	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c04aeebb4505db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432329313"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D97ACE11-7138-11EF-87E3-523A95B0E536} = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2348	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2348	iexplore.exe
2348	iexplore.exe
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE
2468	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2348 wrote to memory of 2468	2348	iexplore.exe	30
PID 2348 wrote to memory of 2468	2348	iexplore.exe	30
PID 2348 wrote to memory of 2468	2348	iexplore.exe	30
PID 2348 wrote to memory of 2468	2348	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dcdaffebc14de23b5032e1fcddc98749_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2348
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2468

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a4953ad2285720859d08aabb38f2221

SHA1
99c5d0e0ec55c04ccb71eb0b5505ff2c25c40153

SHA256
8de0a22439c6581281e7a0ef70e97c3fd7d52ea1428a506ffc02e22d23b3ef10

SHA512
df6522af5ada6a83010141b11a2e0257d6dab069d28952fcba04432e59668a22989fc5f26903b0187973dcbb348e9682496a5edd7d4476df21f47f4f8cd1094f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a9434fdb316adcab9023333762c2f75

SHA1
288147e17f3c72420006825244393a7df1a7e521

SHA256
1ab4a359a31ec6f0cdf98eae74a2e28ee2cea8eeb8969fdb7cc39734d6518fda

SHA512
0cbaf323ff17b62e5db569c1d2921ef3ee0d9bf156e1911bb81241538bbf37efae0534e76b18dccd5b92fe3e113d463e15edeaede2e1bd3add3898e6254987cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9d062c71b9be1e8ee4cc4718a857d0ec

SHA1
bc2d6416abb0ef53ea8ba9d0b67b0875abf0120f

SHA256
33795074c2549def51bdc1579ae824a87bb4f6b702edea062de43ef150426333

SHA512
c11f6ba80940a648861d7da805dc2a380d7380572f9fc3d122402bd92bc70e630cc3421a1221641ceeeb7c6a91665611689ded076be8c7e035ec56b834bd69e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1b6dba25b3a2ef410658c5a4c9fc554b

SHA1
b7552ff7c3b3a69b4e603acf21501ea19bd75d6a

SHA256
1d7d98436b614d71c04412b04077f0aafff02e45c4916e2298a046716b4df386

SHA512
a625249d2118b6df58f697bd8af7e25ae97c545210f5e635884980621543470e9de7cd61113635d08126d54e806522472c28210eb001c4eb7aa4732506d1039c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9fff7c73de7b3cc1a1cae4c89f458dc6

SHA1
16a3ef9adee0940e4e7c48226747a34a29d0b02a

SHA256
cb19be5d2a88f1ac54fc41d8d99af70d4e4cd9901c67c1187f828b608374efa9

SHA512
68e4f1502afcbc0771ea9c5e25c886e0e2c623aff93f373ef1f68936ebcf51cab13996219cb560b4ad3d771e79755769d083f0eff88455e0696c2583fbdc11c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
57f2b3524c5464b42deaaa53af45449d

SHA1
0281a5417c6f2fe19bb1ca530c2ea3fdc67fd609

SHA256
dcd2793974d5a80f0ec1ef114d2176577163cf1b65e36b90a2ff981c2acaa0ea

SHA512
ae6a4d4afb2c25a7fb973a1fdfd139933f36aa4e1e7908e50b027484240b4ad9769fbe99843cb94a5d532b3eac8b1bb14c1980310d60864f6598a5636e14487b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ff3ce9ebddeaffe649d240c69b0e2491

SHA1
39d0611ccd2862a4cc0910920448367f451d83d6

SHA256
efab9d5c055cb735b7d0b6bfd1174da360cbc8740622992e07a2fba8d06bffbd

SHA512
4f50e740171e6cf134c2f728b70bcfd96d39d3f7249d41668c1bde34019641f33bc6763b495db39fe5d82265d1f9e87e8f17d686418f35f04d37b165bfabfd14

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bfbd3b80ca3d1cba6148d2c1ec5e51e8

SHA1
a702489c7455d2bb550ace0ff9fd14e98436603b

SHA256
0dbfbe641112e23ba1bbd59a4042ffba4dd537a8a41258f868bbd4cb4b337039

SHA512
977fdd37c8107167ec0d85e7d629533cf47b07ee47d8c98077ef10333bd237fcaf5b09377069cb911b30d7865b0a99ad8df9f34255db0e7e650c95d03ed4bd82

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e7eedaa1c138fe77f03407ee68748099

SHA1
9fb14123e4b0fadd104db1a7add30a27e3f3f4af

SHA256
602aa3f36aeb3689180df2a9cccdba1b98ea9cc6d308bfae54f5e7c11fbf0615

SHA512
fa6c415d02fb7612f221f72152bb786a887883e86007e0944c5ed6bd2cc2ad643baa698994146862d484aa9a625c965f32fd6bbe44d02c78ab4d6095b1575a0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3399076da390d72dfd961ffdca18b2ef

SHA1
4daf213270a0d02f37328503ce3c6224b4ee034b

SHA256
ad6878c721ab111dbb1d176172d972fc7c6ceb32e03a2ec8683f6a61f8f8cfb6

SHA512
9f06e95b7535b77f3264d650007fa8ab68ff4b8cef64c2802342e8d795475ddb3306ca9affc02ba21d5cec68e1e5c922a7aa9d00f20391351a4c16198538a546

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8294306fc968b5b4d688a1f8db0b838d

SHA1
8c6db86231c3125fe7a3b4a7908c92aae90366ef

SHA256
4dd67a9f4ccd6fa176371bc850229e865c2b055e7a36a629ef3008bf0f76b113

SHA512
1da004eb95b865d9c9880beee710aeb356cfea594089b1da89849ce3787d3d1f492cc269f162f9f99cf910b8ffa927311ac751dc42e076f6ca85a88944609900

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45e8b1a395044e15e7f3a7fa25cde6cf

SHA1
0a1e95f72e78cf5645527176458e710b3181d6f7

SHA256
d6d5c83d3908c0aca8307fbe0d65f7a5e3d9c45dbadc85b22bb1a834ee3d908c

SHA512
d17e352383f1c9d2fdf8bd4397f7325e7cb0663b730ffc5fa74773eb477027e1c1944d7d66c0d50615b6b1d5f048f1255e765dca3cd61c79bfae93e046032ce5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0dea108cd7239848de6ec7d73c6fc166

SHA1
eaa87a02e60e43f0d19ee7d224ec35f82999b348

SHA256
48ff760ca79155bddd72b94ff438c35cf04df8e5bea4fdef3b53553fdedb8f02

SHA512
68bc4a0c20870a7dbc8726292327d743a6b34bbc3d291927ba66d3085c548c8f3b6e5fee2179f7f103934a9d15762aa7bf91dd83ba8ddcf26a6d4764b3459070

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b00eb774f9aa99dc82de5993b4a40067

SHA1
0fecb6eb45201a06d7cd477299093fa6c2132194

SHA256
99f328cdf90720e9d7c118ae6133464564f359d7266ecfd2d95c5b405456ca6c

SHA512
9fa2648c7c2b9fea58ea0c2976d49a78b135157090d60ef15f6f5e45613898da8890f47191569e171d62af588bf5700eb513d21c124b536984fdbb02fe92c6b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
381b2732fcebe8bbadaa95203f71b88e

SHA1
6c4c8d35fbd16d91c673bcf1063d5bc5a15a0c8f

SHA256
5126aeabca1cc799e8166780025ff54513e5dadb2508479fe99c4532c42768f0

SHA512
c3b582bf2eab4fb13256060dcd3d4466c2b78af8754152d4b27b5a8b756d448b754092714f3bda4d2836d15383b3f0d27a10f48c453ac667cae7162322392317

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a7a86d0a70db58dd4386c97eb9e2f08e

SHA1
990e86e696308fa1c71389cb55a556cbeba77c80

SHA256
7837904cf172ac6b86cf1dfeddb7f4bda1e86b23872b9b5ee4044b83c097aa11

SHA512
5f93c3dd73e9bad33633778891cbe9aed875235c28d9e6c55000dc663f22b19491198e3f1822b19bb7341e9066c9ea67ba45df8c9cd3a16653acf99b90081973

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e0a84a00433cf8ffddfb1eb8e7641aff

SHA1
7c66873d3be6916a6880b949f003951a52826c9c

SHA256
a628f4a1bcaedf5a6b1e4301efd0acf70c36810107c8d6465d4397589b06d940

SHA512
b862ab3f5260ac5c8b489f4bdc0bec0ade5188fd251b677ace5a728e83a3f45b76b7779bb2cbf1e78d60a308767833a3640d949f1ceae02a7ee67427c0577500

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3479.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar347C.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit