125e85ce0dad18ab58dde838a02520bb1a6c0023de38b63e3dee4d99b512077f

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/09/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e11bea87741dcacf78699f1ed94aff6d_JaffaCakes118.html
Size

83KB
MD5

e11bea87741dcacf78699f1ed94aff6d
SHA1

e5f202ede7e0076cc140da6dafab1023170546d5
SHA256

125e85ce0dad18ab58dde838a02520bb1a6c0023de38b63e3dee4d99b512077f
SHA512

ebe52c348158f8367604d4a387488f11c4f34b132f6d690beb1c245e5223f81e1adac5d1b79af72499a9758e4865463c8802023c434657ea05b5b1339124e1ba
SSDEEP

1536:V746wRwh+6e/6TOFOBOmOWGgKYkSo0ieg/9nZKL4u:V74GHmRkAtWGgKUvieg/9nZKL4u

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3984	msedge.exe
3984	msedge.exe
4016	msedge.exe
4016	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe
2348	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4016 wrote to memory of 4908	4016	msedge.exe	83
PID 4016 wrote to memory of 4908	4016	msedge.exe	83
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 4272	4016	msedge.exe	84
PID 4016 wrote to memory of 3984	4016	msedge.exe	85
PID 4016 wrote to memory of 3984	4016	msedge.exe	85
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86
PID 4016 wrote to memory of 3604	4016	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\e11bea87741dcacf78699f1ed94aff6d_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8540646f8,0x7ff854064708,0x7ff854064718
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:3604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,6899815751232689498,18381350068180296292,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2716 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2348

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
23KB

MD5
a0423f1305547bb6b8f5a4fb1a9fc2d8

SHA1
092dcf1fe57e6bb53821eb754e04188ee70602d5

SHA256
6add651cb411ed9ce9a17883c1522920a6ee3b4eb676f5b411e72d1a5e7de6e8

SHA512
b8487c60b40d332e562cc5d4fc7c515e3b3c2c82311700b788905754c1376ce6f0da650583545a4691d51f04ec5da0c0204997214d167c85b788d4c85236c4c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
23KB

MD5
33a83c16527e4531fbfca2631f653674

SHA1
87a63514c262ba4bffc52d2ceebb3ca14353507a

SHA256
1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

SHA512
f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
39a63754f186598daebdb20a211775d1

SHA1
f4e214e1e83d53fd7d3814faec290d50a1420877

SHA256
6803df377128f0079df7365334a69e61101f40b72329a4efa02f1ba7d4bbc33b

SHA512
0fff4cddd1b0137a333c825d54869fabca92cd91b7e63b78faff662347fbc4da39b64ae8036edbfe70dce38aa30ef2d8bf2553ceef7e7fdb25358a7e2a2693b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
9fa026648c5f1757a89fab01116f0ffb

SHA1
8076ecf3c0c831914b59ff78f047d62c5d3f8919

SHA256
2d64cd3657fc041db671cfa38c0ffc4fa2c9a042df86ab048df6eaf12a1d3663

SHA512
20138bbb849342799b8a8a1452ca368de6ce6dcfd9d24c5cf739bc3f7e82d91bdf3e8305f0dbc40de757503bb17fc728c5fa441de963c4c2e5b341352bed6378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
76ee57bf1ddb3ff6832ef5c7ee149c7b

SHA1
8fd500521731257aae9485f88fc26e877feff352

SHA256
8893f6e8dbedd3e1999e7cee099aeab809dd0cd3803cb82122b1aed8b8af2925

SHA512
b89fda2d6af6e39e8b81ec70d733775ca24920c514bbeed62799b21dc880f4a8a5c8bebc634565d95fd2a70a86062c2a58efab2045d5a09aabb1d3755dd2eb29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b0c1487bc011a7b767a45442c60c05c7

SHA1
86bf5e801892055a79c5f4f1adb536084b258d9d

SHA256
032902a8579c33aa8bdb9bd25ca17ee6937eee62c3e4d753c05b0d963af8df5b

SHA512
75dc20ddf63dce3f4ba7f50856d8aeaa9e92e3fc60b3476bee4cd553729582cb2c6a7d4050562ac8392fb4247bbd5c5335c540fec4fddc8975da41a5709fe7bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
99642cee4e42aa01fa74c22632542c7a

SHA1
37a172e1ef977f7e840642826f4377f51b328db6

SHA256
e9f796b71916c4ff070552a5ab5eb3b1a5031ff58bdbd1123b90589313b5b0d3

SHA512
83e69c16404a701edc4063abe86680007ec5d6b539e441a8ad4b9b8b26b768ef8d69ab716cf085df47ee476ea0e9592a9fd011d26e0f3b9cd2440dab43516a13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2e84a494a35c9252f5334b7b282a8b89

SHA1
78e81c52c245bc1077e62ce9f0b63bf6559fa39a

SHA256
88935da5bf7e4acfa51f09c445dafe325b7dc0ed36fe11407d7e299c5ebfb7bd

SHA512
ac9eabcdda2ffab6163faac41bfeafaf6e602fc60ba2cceb2a38c9e5191fbd525f5e975830a4e154a473ef2dba141691ef6e4c8c6f68b0e70803def740fa929f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1afcda8e6ebcab7bb44f3e85c4c3705f

SHA1
77672e2230daf66dfe64bc645d4c8e53ab4582ac

SHA256
78c0c8371ee8a144be2e4e85c9e7af73edd255d32319d8e7c15cc8eee4148efd

SHA512
f1439aca7c43a3bf8854596576c68a6b7765339af32a3fe6b013172ddaca5f138f8d4aeebce8e27036462a55e28754c4662eac110be200ae7f1fe9732c1b95df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
c2dbbfa5d29299a17a83e1e96938ad89

SHA1
f5dd90edd6a8b3dda5f4d49e9529d9db1a4f595c

SHA256
cfa9b330b31c9077722069e0d65b7cf28c11d49295a7b27bf17a4f07e4192194

SHA512
d9006eef8853f889fa2eddc3f75b3e5593c536c61d9509928fbf4277f51b7659ab3e369d638af41bfbb217768d783fa3ff4399f464f72e9ebf41641fd7021429

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
366B

MD5
203d90b55ffb16d2ca6b39de7489de6a

SHA1
6efd88a8b04e012072cff697bec8e953bbfb96d5

SHA256
7958345c779c1741ed3c5518e964b9f27b2ee70cf148c090dfcf31c7b097e4d5

SHA512
d048a399d9c8a6314c2802f9f432656913ec8fc1b231dc2de346c973f193437a4b0a10187fd5811f5d8a1903cd8cfb7719d4466759826c2bf8f21129337c3644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
97f44ee046e2908c9580e3363b025ee8

SHA1
6271f88d11182d44f4e60756df6db368b7f7ec97

SHA256
244076656f257a8e7d7696a5b2ed0a0ffa880a767d3b37644e39da8e53833454

SHA512
c479d05dfb8519e21d451f1c007739ba22a1ad94e24c48cac4876e3c363426b1f256f73de0f6f8b415ced6cac6159df9b6f067f0d8a6e5e07937d4f4bd596a17

Download Submit