ebf21dc4ea69f75d1d042998d63baa68d2dba9014e5b20e1fba0875c2244683e

Analysis

max time kernel
141s
max time network
142s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14/09/2024, 01:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

df4955b145e5a2f1c1a73ed7042f7bed_JaffaCakes118.html
Size

67KB
MD5

df4955b145e5a2f1c1a73ed7042f7bed
SHA1

c7f71aa8b0086aa48fd7f8585241c54b6bc3c8ca
SHA256

ebf21dc4ea69f75d1d042998d63baa68d2dba9014e5b20e1fba0875c2244683e
SHA512

46097d5eb82357c118bb033d63a2c0e8727a164b5f2ef56be59d4c8685885140c356b535609fc79f45091f3d975d6ec0574afb1ff573e4d93cf59e075b18eb91
SSDEEP

768:JiEgcMiR3sI2PDDnX0g6MmL3oTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8s/k:J83TzNen0tbrga94hcuNnQC

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432440988"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000884e65dac4e57e0433049a92779737a44e1ceb347dbf380a72253522d5cc16cf000000000e80000000020000200000005e797f4ee2e9760499353819e3144b86f32c7ee40afa3f246f3637b82fcd25752000000049ad20fbb729482b7a4d7fd6ba3613b0ab699f83568942c58346f5ce76fb734c40000000b078c9f52975c6aaee3900855cf059a7a818a0fefa53be26d3934b97374276d55607cca76df9d89db1baf62fc69005d19dcebb76ebb633f487242ac49b42fc82	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DD035CA1-723C-11EF-9527-EAF82BEC9AF0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00faa4b14906db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000d2814d13cd450f00745ae2cc21bbcf31e3e2eb579bafbaf5a1b4d69e8db4c04f000000000e8000000002000020000000c2d84ee00c8c1d2731a2c7b9941c315a192a4c5badd0681158f425dba9afee2c90000000877dfe07fd960052095406be36b69f616636f7aabc6178be29da8c7db012fadb43e924783830d982d22499c6c69e3bee76aa9995724648e2c8991adfd7aae916c4ab7f69c1685a29913b65f70642d28452b6f0c8884612f09f6c2edc58f13843dd2df4a9bdec8a9938164913afe8fd9412dd1eaed9fa0ff957def94254856550c7e78294d7d7d9ea17b50c238b14932240000000da594d34764b348d4f6207f5dae864beaf3c67c82d0f9c81eee1c56190cb6a7e3cbfafa8f8005d799ab9e9fbb5dcc2a59745e916c2e834c9f57b015a337445f5	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2140	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2140	iexplore.exe
2140	iexplore.exe
2788	IEXPLORE.EXE
2788	IEXPLORE.EXE
2788	IEXPLORE.EXE
2788	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 2788	2140	iexplore.exe	30
PID 2140 wrote to memory of 2788	2140	iexplore.exe	30
PID 2140 wrote to memory of 2788	2140	iexplore.exe	30
PID 2140 wrote to memory of 2788	2140	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df4955b145e5a2f1c1a73ed7042f7bed_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2788

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b651260e11f3579f573dc9cf7b0a47ed

SHA1
1b18fa0bad345d8ea6b7edb93d99223c98cebb28

SHA256
89fad6e423dfff706ae70ab6157f9a7f4c7a000eef966b1d7177b333f9e3eb3a

SHA512
83c68f4fd98b0d7cb0ef5c02647ffeb0d4760d4fc33636b821f6c0e178bc688a025eecf039297779fa01f13eab2402cb75aac0fa44912c8d1cb7b75b357a3b62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d24adfcaf9fcf875677fcea96aa9e6c

SHA1
1b65c5a0bf6c3e57d71e0187711b743712ca2b3f

SHA256
13b2e2777c5c1073c71cc5db5842024ed1a328471fdff98b4f17d4f77ccfe31d

SHA512
36e74a09a4ce110476bc1cb4d2feff5c7b3f240aea96faca2c4c07f14e0c02d0e2c070d429bb0bb0de0625dd3911b047bc18080c8f23ad5b29be16c63b74c611

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6c488aebc1e39924081c2c69a29257e1

SHA1
ccddfeb8db2c1104424cca1731145e26eb55440f

SHA256
e387e77098cdf93349714a208a0637b35b3f3a3a0efa3c3c2fe17e8b3dd9584d

SHA512
efdf13eff7235139831aefb0f5e27fb4b07505f5efcc282300c81ac9f93e8bc338a6d201e27257c7befd671ab7d1fad3955e7589e835af789683710436b1442a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f194dd1ca1451e581d6600a2c303e43a

SHA1
08ec5fb7bf8d5f4874019241b24c98ac4cf24e6e

SHA256
c9baac31ce4012999cd31c096c7310dc4ab56ab45f03c3229be84695e6fb505f

SHA512
ba0914982d355d123d49f79a7fdd6fb87ff2e7c654d93c23398f2882502f5e8c32f4d43d1c543fcef38802907ea34faee3f7eba61c0fc077fd9907824ccb0ac3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dce7e0e03f59265b88dc1b9ef8975b93

SHA1
50c7fda9ce822bd7c8bee9efb8ead2cbcae68e85

SHA256
545df95beae1bd994478e89a7cf3c11971ad110ec880ae3bd1cf2f907cc5a3bb

SHA512
ab2cc27b95dc990bf8e64508fcef22c975e3fe6a92ca028107538446d608bbeb14ddd11599b2ae6017cb22e4d26717832240953ee6dc609c00b93a3304086807

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
06c99ba0c93d25b778f4b6005d17f123

SHA1
8303cf2e1d8ae9e12a3572ec45afc3ce72217762

SHA256
04fa438304a8a448e4fe9f12c83e955e5e4c25c73f33e83ca2d1ddab4d3c830b

SHA512
56a8c5440b66deca321bbba663172b80fea38a56cb2a9aa9789232c7bb91ebde5979df1f99520a4251558f41217f460487ae668e6e089e3dda4ea910a5e6e819

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bba90e60efca66d2c0cc8d6f639e5823

SHA1
cb04b8745fa26cf563e68c7b9169d901cacdd3cf

SHA256
fa58f0857be0bcfafe868c6ec204b19202aa74e5719c664ed9a8ae34978f753c

SHA512
7ebb13152e695097c91b0838793cd775a39213b82e14fd3651c38b722b1845387c4c9ba5c1fd0dd50209cdaf3266c1d89bbe3bc25856deb50a4e47cf06b8958b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8f6cdc8b336d0e8a4777e9eb9b8ea4b8

SHA1
cf9e9b7259c9a0f810e7d6211c473c6c04eb7b98

SHA256
737175304051abac968e0fb717685f2bd8e94f8657be91c0ced94281e28eef32

SHA512
59bc91c6264b19531ade41554eb7bafa7c136420cbb2dddcf0bdb6e07c8608dd8cf7c3d019003466f79e90e9dbe1fb56839c4151c6c36f11908eb61c7b487875

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
502607c59bf324563bd9d5ae6960a30c

SHA1
09f8317b4e11b5fdd85439a0849c2add70f971ae

SHA256
edbc8aed8e6473780a6cd8f5bdcf1f4202f19282b5dff6006031e669aa8e03ac

SHA512
70c4cb056ea9fe4fa9e7e6024fab68c367d8d16f2698e8ad2e20ab0449f1465959e4cd04529c4ab90239e0d37209ff9cfbfda814b405a5f1873850c48d8a6c3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6ef8612690680d45b56a2e983af188d8

SHA1
5e35e37a2a4b654c0fabdc7b6095ee9166dac732

SHA256
8fc9ecb6e06d424ac7b9b13e67c3a2430bfe7cdc8d2b20dcc6e1a10f58cb07a7

SHA512
ad5174d3e3f0dc285fddaf7b20d64fed457c2d5f03e8768dd127bdd351d367c086b217eab57a14c9f4841de67ceefb4e0fcda1c0491816ffd4663bf93a10f6fc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d4f426bbfb70ecd88442aca82ebea1c

SHA1
cd6df9230b1a89f8b4989540f5e2a3ed06a69f86

SHA256
ef5a772e588b7312f2356b997341dfb1243acf71bd8dc77c1f49d2a9d368e824

SHA512
c0658f9e3039a00d67ad87434a524d6428378655fbcf120d8e7d83ba0b1b267245bc190cf3adb8c52d41d93d5846d5eacb595ce405193e243d6b12e03330471e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
11641f1cb70e27ef1152254b0777c93d

SHA1
e2631f6ccf23970e507d46d0194d29c19a890eb5

SHA256
46b0dd6913aaea5be0a92c364f5691aba4bfc4fa3d4942e0c025fbf3dc5b9b18

SHA512
d2d2c7661ea8c8a4f6fe3db71e43de8dba98c67ce7b7c7cd5f1eae54b8ea9b66c7492af2027283c707104fa780957a515af641c5e70056eaf9e89b2dc96e37e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d71448974014246eb056a64af2580ddf

SHA1
6aef50459618f7ae8bc1a3a47158bd9d783a4393

SHA256
d5c470209a4aa453812ad266e60cb53ea58fab6a2bea08b848ddf3061fb88593

SHA512
a21284e833dd4ecc0950d5a0ae3f9e3261f92f43282708da79af39d3fde3c173d42b5e5dcdd905ddd18592b22bbdcbbc6bbb4bd2faee51edede5de74cadc1dd4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9334419c629839d9066c10124650c1cc

SHA1
1a17149e269da3b33cc223c42ac831d42904bf3f

SHA256
4d20d917fdaec4c4c4bdf65f4e42ab62f5db670bb8d692e4964341c3d734c363

SHA512
6347de21199d2697eefb1e7d9e296db1797e8a0225d0c646944541c2742c3234b4e91530a5830dbbb9c8bbc2106100c6cc389eb7ebf1b4f737814a791582529a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eeb94cf63cfe81224e0de4f4bd36cc0e

SHA1
a49f15c8d3b3709fb93e44905ba5a60f80a18d75

SHA256
0ac218ccb17ca02482a63806db935d1177a31549324e463db524d5ccdc9b2ff1

SHA512
2ddaf8990b725bd0f508779570e4d437914c700cc13a316e0afeb7f08723e8e8db4064fc88d4bd824d7fe6695a29c2555ad53e1b879162c0b0c1b71dadd7f382

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa0f9c8b32acf15fd9fe028a10b2adfe

SHA1
928cd2820b1da183d31fc7d331958474b9c0e08d

SHA256
0278505d587ac7e2ec88ba105bf1419e13fef42cb8eff31e5b56136053c5b9fa

SHA512
1049c811af1638e2720b1fdee03860bab790a413b908512dee65fa6675bc35732168b8d80af8061dcc60904deefb57b2de7e41657449de3783611f9fc24b4cb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e3bbfd5c09f0fab3d243b6cccaacb8e9

SHA1
988aa2fbd29baeb64ddc80257cae0c658bc4d79b

SHA256
af0138270cf4989949df01db2f0c36ca917aff97da587cca9a3ae28ed9513979

SHA512
ed5c1895efd1ac355074ddc53aedb30e842a79227662dba2e3c7da5229de20fbf0468b27d1ee10907a98f01565d66dde13da405de7267e1ce4f5d5dacb9d6e52

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF9B.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFFE.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit