0b1833057bce0b656234e4257e177010d5e0ecfb095b38429677ad149bb9849a

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13-09-2024 17:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de9bec62a2d33bfa3194d298d497dc97_JaffaCakes118.html
Size

460KB
MD5

de9bec62a2d33bfa3194d298d497dc97
SHA1

edc586059f46ee8c6980ed447cddf1be4191fcaf
SHA256

0b1833057bce0b656234e4257e177010d5e0ecfb095b38429677ad149bb9849a
SHA512

c17db2a46b3045b22c7c04415a7d3bda17af12bdbb202c5975fcd06cf4c531194bd387c617206838a7d5e03796e22c734fd7a76a49e1a20337f64c4d7e824df6
SSDEEP

6144:SbsMYod+X3oI+YFsMYod+X3oI+Y4sMYod+X3oI+YLsMYod+X3oI+YQ:65d+X3D5d+X3k5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432411946"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e09818170606db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000d501f7d93c6de8ff348ce70437751fd948f595bf8c3fb6e32ed09d0a17fb34d0000000000e8000000002000020000000d29664d40f4c21ef5dafb0aaa819ba5ee12935138f7578c044b48519c78075c0200000001066fb6ea4611fb49485fe4ea05ce49eceede5439896aa244064ba94bafcb3344000000097ac139b6b3b4af03a2df83a572369a87330da61ce56798f94947833af610e96a1ba51bda0be0024552045662a53c26f5a0f207a44592734a581fee4f35d12b2	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf60000000002000000000010660000000100002000000081b6e648bca7b4eee9ffad157a9f61656656b81cb205d58c16985c396236d921000000000e8000000002000020000000224978f4ec28d7f8ca753d029e982afb2842d14751963e22b4195c0781b8213e900000008973522aca17bfd8b879af652e5cf0df7e0dceff37dfbedcca178e252df4f5862f27dd794c8685ae5cd8a2dd74e874ee5028e3b10bce651bbad552a1d54ef773cadb7c9d3eba8b363b83d2316ea11f36018c37df6737800e7742d32b70267ff83485fd7eb38adea224f826786ed3818e529acbd3d8c0c45faf850741bd31d0610b8313382c480bb8c44ee1068fbb75e440000000f20a7626a4e368676dad763881170ee9dfcf737f7e880db3cb640e55a0ae92c71f00c9623e19cf1ae1db6ad7874358ac4d5da8a1a7518f4f84b693cd3bb5bdec	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{3E9331A1-71F9-11EF-9917-D686196AC2C0} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2192	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2192	iexplore.exe
2192	iexplore.exe
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 2780	2192	iexplore.exe	30
PID 2192 wrote to memory of 2780	2192	iexplore.exe	30
PID 2192 wrote to memory of 2780	2192	iexplore.exe	30
PID 2192 wrote to memory of 2780	2192	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de9bec62a2d33bfa3194d298d497dc97_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2780

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d70fec99572c607761198197f1d02ebe

SHA1
bf71e833de4c42ce8a665879c34fdc2fc982c93c

SHA256
c85a1f2b303bcddfe162fa0b108e8a91075d00655cdc9148f467ec0ded45fe19

SHA512
f3d02ee130f03a7425b8c3dff9475d017de8b882ca943cccdad02b66cabf1c43c67cca415cf17efe3d6e3bff896ac7e1b0c56e151dfdb1853379c2adc28a9dd9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d6e6f5ae1b357cea64b5b62be8d9b8a

SHA1
3f337d33cff30848f5b06dfcfb1e74f8f0bfd692

SHA256
844d9fce7786fcbfe56e8ae0691eb1bcaa43690d5672bdb907ea0d4034fd84c7

SHA512
830e0826daf0930a5a85a757b411382de299bd9df5f0295f97cc5a0035f29da2ca76f1216b2eb63b24be17a56ec15067967c8a9f54a0860dee837e91b8dc2723

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
43aef017338be06be0a68d262b25f624

SHA1
baca0c1dbd0ef665bf0bf58bdeb97dc744bc6634

SHA256
5f7bb665e4c8890c1ee59b9cdd2dd9962475be2e43f26bed57380b1146d07827

SHA512
01d88ecbf9340992c621a7d8bfabbb4cc2ced43af5646ed1ce2f7aa1b491005b8a1e5f983ee347ef4cb88f54010d0485591cfe6ee856db06271f36d94f439370

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
819c802c22e1699042734bd6d1849e09

SHA1
70aab9667919eb86631a3a57ff8e0c589c84bba8

SHA256
71d2d0e8d45189c155342e839d1e15e9c121b65224f04d8109ac8570c755a70e

SHA512
f59bc855ea62419d1cfdf9e352519bb0b46877d70540616b5582bca61417b9911d00b8a01405b840dfbba17f377557ff0847db4c20541bba9cb66db2d3709d4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
84a7849750d6d8e670ee0498ac918744

SHA1
3642e572da825da57ff914e9873774db7912a1aa

SHA256
d4b54ecfe47f1783b9118d88f9c035b6dc559c31dedaaacaec104828353dae56

SHA512
b43be7884861c45baac1fd45ebd9a17c5ec6fef2b32b4b8825cc6467769f4e126e9c258973ceb2c240f0c8f3bd61c8f5d54060a5f7f54c8f8a0dcbc402c29a57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8df8a8bd726c519d4e062a27cf4e2ba

SHA1
bbb9f4aadce6eaf114a8821ed37d3a629cc3e061

SHA256
d58b3692da8941eec82b37e4851e2fb9657b986b6fbb39ff797b068f24b731f6

SHA512
99f189c4b319c4fa37be9394353b2f1fe24a79be398f5694b6bab0187988cc6b87239a08f39df6c0689b1b84f8a774f1de711cca290c641fb969c23e69b1741b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
52e30db38d47bd4d4a13dabfbc608895

SHA1
4f82981b29f35e1fa782d210f1a73da0ff255129

SHA256
b47d312e6281e65b829b6a06ac51d2a523ad884db96eecd7fc6c75a0d3eb9c67

SHA512
fa0c3cc0678b8d250e832e56561271e213afdaa230a3d804aa0c99220d5b6600201feec272db20fce6591bad6d46cb7efbe9d91b541251355ec965f611f8af7d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0f2b7224ef16d70c0edc99fcb1d23e26

SHA1
bf4a4963ca06abed133b21d169db582089911950

SHA256
39c1f6b748dffbede77adcadeae0ee713c0a78d9ecf1696561c47bc80645303f

SHA512
6e4017c28c57e2d54f3398923d7024fef4c951b5fe5bb5c64604e0803b66ffa64bcdc7527dc16409f9ba7893ee8f51feb2be2859f174b762326bcc7dcc62c479

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
529784a8081d752781e2b071dc98889b

SHA1
192b23ec6dffd08b3bb210c1b0b395b32e4c6a4d

SHA256
ba05ec421921ff20120469df52944581a18c5fb5e352bdf337b9cad74186aa72

SHA512
4e83cce877001854bc48baf29151dbbc6e4043cc4fee096d74e6501a75645c3cfe14a30c8e0475e5c23bebde744048f931f20efffe1cb373d79e6c1fc1c9c537

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c33ae5326fff6f58b32d24a34c38b941

SHA1
08ac4ed04affa358c4112e9638559a327481ba89

SHA256
ffb12ad3b16896b981b3e3aa528f3b8d6a6697b9abd62254fb0400db2cc52d06

SHA512
6009c911fc0008bb7b33c52732a191eeb2ba8339825c31eabc5804f7dc13a38419a122b4866eaa8b76d1aa2ae1962ed1751aa27b458422822b65bef53cfc3153

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d328f7e7fc9bf40a461c77b11dfddd4

SHA1
5b55318cd2759beb875c4c81144b7cf6d6d01e76

SHA256
895558d2afadd4bf5b379ced4551100461ce0f95b0591036724fa39a22d2ec2a

SHA512
83b47a51f797042aecd5b1b1c2957e5095693097c804c86be8494ee165f7c82f898f95c7f279a83b778b86fd4cc7de152866180b2ff143bec9dfd9568765232e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4f9a46de414b823f423fc4cdf4dbc17e

SHA1
c5bc79cbb6d7e0e4dd8596f07616989feb588a84

SHA256
913500654b75fac823b24e55b38f7c08f8000fad86209f7cce4a0d6957d9db8a

SHA512
caae48328d1eb2fed2f642765bf4eddaa9b28c40a8b22c249ceca2e118a6e542175043f96f677dd2c1786d5f1e94dc4c83fd293daac6971b1458303d2121b33d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8ec0e36da5eb4944200594d0c65c83cf

SHA1
3f7f56a90e3603717c193ce047f055ce58e6cee2

SHA256
b8b9a5d893b3fea935c108d5fd2a7fd63283fed6259f4a0b0ebac84e1a1ff9c7

SHA512
3e749c6bb5ba3355ae6a7e6d373309f931dccafaf266944d6e3806d3cf568196688384fb2028f90a240ba37332c97c03b87b92402d5a19d6d1f9f8d1bd82c2ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc7be4a13e7d31d12d64c0ab44be202d

SHA1
6ba36fabc7b2b7ca60bfb2627c595adf1b095e7f

SHA256
fbcb5c6477c5379b2ff85da0877e39259a3499898b93077ff45bef9d366b8b08

SHA512
beb9654d0469ff55b684699bc3e1b467f43d33a220a8bf8e47b3c596deecc0ac02c95665112d1202b7414008932d331747cac08052ae896c3465a34a46c9ce77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8627291b49d5ef5100c3ffc9727c685d

SHA1
c31e1d209c5935dfd161bca44b2bd839f4b9c9a0

SHA256
12f04448a1e928e6d69a53e8b5795a731f9cc81a9bb3b4e5ef5596ec3235b018

SHA512
4c2aef908beca6096828b067e927a149dffd29eb211887bd1290b4f5b937380dc4bab5a889189cd267b0227e01c9ea721c240467455818d200952e45b1fa595d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3920f37a525503787c71ee0b204b4896

SHA1
eef0bfa83bac49c4dd562648395e33d2d713d8db

SHA256
4b6469d1f9ce7a2d6fdf3fbc142866a577c03de7aba56f65a1701007ed931d9b

SHA512
2842073712557de73e9a83f42cda8a53648c12385a846e1349c3f048ef0e37ca26ba0fb116f5d68ad9d9bcfe04c33de110ce0d1718968f56b900bf40d3bb5998

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b7aa983adc56180d05dd8ceb24b6d4b7

SHA1
970c5b0a296bb523a7ca8e163cf67a4ecc806d99

SHA256
c180c6ab6caa1699bd6969cd958612b02c9e76f2ad3fca330dfba13496e61aac

SHA512
311b16cfe6d6d9ddb27533307d41c5a2a6fcee113fa2da42ed3e4546dbc70fcc75f6a0590ce972acf25ff273b31befab84ead4a851f2ea66c485c8886295671a

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA49A.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA50C.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit