1ec65f29bfb7eb4bb40b5d72965230ede0217552629017402a3cf710546e1f2c

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15-09-2024 12:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e27cf3613ebde0f2c0ab73fea9d8b436_JaffaCakes118.html
Size

972B
MD5

e27cf3613ebde0f2c0ab73fea9d8b436
SHA1

16fbccdfe5c724de6e0a6b7fa684da729cdbb18b
SHA256

1ec65f29bfb7eb4bb40b5d72965230ede0217552629017402a3cf710546e1f2c
SHA512

b704ded0b77d0c6953346ab31bd957c397cdeb76f01cf52c49d15a5c9c4ef873d545831ff0375e6aa090cbbd2f7d32ef18aa755745e22a19f3c57b3f27f093f7

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000f7b1f78a23e5d8dd7df1484124dcec4d8e2017871808d4931389ca9beebc72f8000000000e8000000002000020000000969e7c260838d4534620423452a8ddc44e67087284c5560bee58897ec94e32032000000097f6bdfd4dd114f055b519b5c295c677117413e8c953948a15449b4c80d60dd8400000009495b6ac1884ec2c65a92837e9e33432b96d72d9cb2b0b0465687eeda7aef3e54589f9e85b8db16e52e1d39c2caa6a6ec047e2f9fb6d1a4544652799ae0c477b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432565457"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 7049637f6b07db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AADEE871-735E-11EF-A0FF-7ED3796B1EC0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000f3acbfbfc41c5bb4c73ea3d93736f0bd07dd9079732de947427baf37c1586a51000000000e80000000020000200000006612648f85425499bd66dbc1c9a6f776911804ba59f2cd78a50f1db20f43800e9000000034b4cc863bfd8abd902eaa35f64bef5e1e1e6d2fa2be7abb32326433b59fe505f89ca9a0c1e4c20d42bf54c0bbe619d7de99c58d21fbc67d84617032d478e0d2003240ebbb914f01acaa4e1a44ab933ed23aa5ec73e64a75aba3ccc7ff899526aacacc3891ba3805815b715b1df0970356360b830030513a9d985c79a9ef00ed551e189f8fb87181fdc05271bfa4338e4000000067ef923e564f1c24cd8ecf1e482389693ba1ca57a672adf9afa3fe3a7f09486bca320504310f94b79d2f192ecd6e4bb689956b8acb2dbdcea08a86b4266bfd71	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2216	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2216	iexplore.exe
2216	iexplore.exe
2784	IEXPLORE.EXE
2784	IEXPLORE.EXE
2784	IEXPLORE.EXE
2784	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2784	2216	iexplore.exe	30
PID 2216 wrote to memory of 2784	2216	iexplore.exe	30
PID 2216 wrote to memory of 2784	2216	iexplore.exe	30
PID 2216 wrote to memory of 2784	2216	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e27cf3613ebde0f2c0ab73fea9d8b436_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4643c4098617c3e0884d53c986d2dd9

SHA1
06134241f4850c4835f83d4cd3239d62bca38cdd

SHA256
33525c56f41adb5145106bfc0881c8f87365bad498d1c178b1f0013d9fa19a8a

SHA512
59504e0ee611f7e0dea0a822ece2f2e58321faf931f1c4b8043c4d8752702ec327d0be7f6af1fd86d7961b2a6fc51e610ae9060a9fae7fdbcfbcee6315c2e425

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eff88dfcf381a68f1fb5af4cbadbc2ea

SHA1
aa056b80821f3ecd0f3b8a6cab84ad620eca2b88

SHA256
1558d849306e013e6254423fd3f77831f1e115f3b6ff0fa9064bb783d701d35c

SHA512
ae4848ab8a4c9f7980bce53d45565d8894f7c4266e350ae2be0860f831c7b53b9ff14886edf6a31f0682d52b8281f4fcd6996e106152b47101b0bb91ff31d806

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08ed8beee223b9ef82dc068b207cd649

SHA1
68dcdffb9a077eb76f5b368a4be165552ea55f2b

SHA256
240b97e2680ef28620fea5b65cba5e825f2318d230772786e7c80a1d7007040d

SHA512
050478928bbc209ca18c38b9ec889de1b42d29195e24fd9fc8575874180c3d7891b190b0608b5ba80f519e1740c407270544e7b2f7120faa5cde13ee38dd6592

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9bc20a3f8ff7fb24fc10a65997348c3b

SHA1
8dad6cfd01d525c0074d2f0a8bc1b85bb0b10842

SHA256
dab6261772b1c012b1a0c07f4806d27e91f080802040bd0fb9f802b4d35bbf36

SHA512
97de5ce17211eb183e1289e9a744e9d729c8551b01eaee88d0fcdd2a8c143674b273a5caf9ec2f9d12ef912d7e98b1feb9bfc6ced988d6c6138ed351cf363685

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da39d1ed2e2df4363d4d94ac6d158cb3

SHA1
2eaa6b61b65a81e9765e4b36a78858c67ba515c2

SHA256
155f440fba82233559b18be26c389c238dc56ead2067e74c32c57de6d491e266

SHA512
f57177d8f05098bb66e37a5278d7b85140f2d630b079e7ce47ad7024eabbf8381dc4921baa8136fa6a6e1c9125bef7d326b27f64b0f0d2f38333dc516e385070

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
440e788c54e7e4884acd1410e5a7b520

SHA1
c75a55105c11871de7d5ab2c27d174aa6803974d

SHA256
d7cbc31c2936fcbec54b8cf7e71b4f6f91e3b79748a6f48270ac5416fb61e5e0

SHA512
77b0c37820b2effad985a7fd67d357fc61ea1d4523a8c20f73ab683a69e8cf134f2f1782e8e4d4d977b10154855f3788e6f1b6d83cf77665a1df46878b9fac1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
026c3d0c7627da7500f278267010c780

SHA1
8ed8a28fe280b96b4c9568f1c5bf6a0f3f4865b3

SHA256
9c51ee9187bffba2287f2130dc6bd1d92253d0a9d3d14b6d19cc8240107081bd

SHA512
cdc92f90f8ac9ab06f0a5c6b19ef8752dae2da997035a8d1e5c9c84978d00411e7fd2c88696ec22308c5c0a84cab3cba00615cc9ff56075cffce1883386a369a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
626c3c321206204147ae2f96453941b9

SHA1
7382ddc1aa1752a78f2cf73e38e3bc286a7f2d4e

SHA256
d0447530252e7d3977c4cc4d56e4fae5b3e87d407ec5e1e05895f8631498b191

SHA512
5470ce127264990394e6b45d76075168419c8a457cb44c780fc8139f6da7d7f7ae142f437910d1b658ab32fc088e9bea23442464f195bd2ebe26f4415a8a940c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a976740662ca736c4b7304f4c374de75

SHA1
8586b4fa9f321b879f403ec1fb1a03c6fbdcd402

SHA256
c64a0ec87db8552ae43ad35005ce3c1c383b0048f629f44306f5f34c5080cb71

SHA512
5cb0e1377174eaf354dd1ac00f93008079e93416d1db9221ccc659775070ef378a4c32e6bd8f0d147db9e348c95b68d198b06795d0f5ce68840f7d1b0a72e521

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ceb1a81b906c1b743db26d8984e13ccb

SHA1
12279b5ca5ab27dc92d02eb8b0fa82c5ad6a496c

SHA256
a10789825aa98389cb51a95236653c4746e0eed18526548e68a95c7b0ad16674

SHA512
a6ea68086aab7d51af6fe381bc693d0a6ca1bdc1a21fefe89ef8bfcff1f4c189d12814d3ca9bae3574cd85823e1480671a035cd977ee5443eb3469bd450f166f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
15388a7e7ce4344e89a8cb45c5893677

SHA1
dfa657eaca70a282363bbe9a48394971665bfbb8

SHA256
07d721bd35b3487f09e963b0a2b51ea90c03d0e6a2e02c61ab1801a01d2b42bc

SHA512
3eaddbcc7d45f6159b697fa16801d9cdcbf1360dbe80573274f7e0eafb7e99f0680cb3ffe58734ec3ba74ef08dec712953895065757051e39dd37b7177582a9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d83424d3064286303551404919254e7f

SHA1
8a010de1265ed66a6c711ae3b9e03b7bf665b6d4

SHA256
cf0e4bbdeeee0efb3bacfcdccf95c615138a2843bf26034f8dd7d4d92c1c6033

SHA512
71867711837eaafc688b69fd3c3da8ebe082d1179cb8ba388cf762777e0370ed742000cb36c29c8968eb09daccfbbdc147f96ef1736b79d98191fa4c916e5c9d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ae21672203cbb7e8b816e3d4303b8ba

SHA1
ee12c79d116e48a10d75dc905ced947069e07f30

SHA256
62b28ee0f47d59a48c6e5186835dd4e00f51365798f3398116ba3f456fbdb581

SHA512
38a48ac37824dfdef174567f483d6db1d4dddb564a19891380b229bbe31050f4607337096cb239e49f82e1a4d492fb2fa2f7530f48496545c4f7912030cd91e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc00354f1a86d46ca83ff2c8993af563

SHA1
2b4259aa3dac431a76d772ece5765d839be771b0

SHA256
aa0af87a085ee84b0b1c9b4f8b50d7e642648073d43d842b0bb719376373d248

SHA512
e1c7e7785d960c0968ee11b6581bdad7d11b7a323a5997afb65fced95e234ae947ff698ef546deba5382a25e16ae7e23c38af29a3dcf0df8764c15a446fad848

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78149c4fad8e8db10605865c7327eb9b

SHA1
1699d03293125f454d13c9c581873136cb4434a5

SHA256
8d8ef0f5e62678f0ab2627b732091fad059368733789b118eba67e5e14ffd5b9

SHA512
5b430b3e9b4995255092aa324aa8333f5e086cbff003780b6d2e4e9cedec464fa07e397c2d02a1f55c2c763898713b8dee9f675c1eee15004b0f4879107683a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2f9046d0647548d197c0f2f541367de5

SHA1
99192f9d33441c60a0f62da5fe5da7dbfe9656c4

SHA256
3873c421db7580e2aa9d85fb533ea9afe542b397c9349b25ac1263ddb34f8cbc

SHA512
646787eee017af2e9428e476dca38292e5d7364a36021ce412a24a02fad13ae075abb7a311b268472ed75cc4bbc0e16e1bb3421099bd816ff1e3bfec1fd7b6b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4240ef247501236f2b623af0ce01189d

SHA1
a5f9369b738f364c9a59314be147cdb1689de5fd

SHA256
59be75db13343bcba82b44eafdbc7e5da72e0b142fbcad332f96fdeab78b81e4

SHA512
9202dfd88beb6c284fffc0e65dad3c4d59df12bbe0450845adc138ddb553352d131191077d8dd0e282dbf7564db9b616141b94e41785aa711f7bcb9b6cced01b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44feff4523081415c26d1c217f64b1a6

SHA1
77a3652353cafa7aae8fccc85d70e8450a848c1e

SHA256
2f3c44d975d841050fc39587e4adbc3074befa82040d670f584992007162ab80

SHA512
98348a91c353d7d6e4edbd17273f007163ecef2999acacd6aabd0801b5ed146261276eea64416d4eef479348139b96aa175cb739ca2c44fdda0192aef695fbfd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab985C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar98DC.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit