17827c45a9697e52d2077b8b674d1f634d511ab49f08cf4f5928ac692c5389c2

Analysis

max time kernel
121s
max time network
130s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
21/09/2024, 03:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ef04e1328a7083c2a8d2cf1841a3dc9d_JaffaCakes118.html
Size

46KB
MD5

ef04e1328a7083c2a8d2cf1841a3dc9d
SHA1

e1eec092ab8af0c4b596c92199561409426dc7c7
SHA256

17827c45a9697e52d2077b8b674d1f634d511ab49f08cf4f5928ac692c5389c2
SHA512

ecf87635daf6d7b002d8206615cc0c28ba78b03baecea0b91e125c89047b975f4de9581e53060557e8e2c90f5496ca2d9c80a1732a5d4396d577c8f1cddae793
SSDEEP

768:cbDjoOOc3iKV0zmRlmhZn0T56Wezo0DCDdWOEReohDm:6kOOc3iKV0zmRlaZn0T56nrDC5WOERep

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f0355100000000020000000000106600000001000020000000cfb103cb025f81124c1f32565296c8bb941ff649f429a0922e384a99cbbbd755000000000e80000000020000200000001362624de7e781c85c76a9bd7dc7247a3267ebb0b1626e5bafa39cd31edff40a200000009cf260ba5a610943da271f9a311490eb1de5044b7143e856d9cf9adc37aca46a40000000dca9fc96936fd75ca8dca31f8e195f3c5e34f58fb9638eb15f12a1a5e482c19d6ed4b3e2bdafc1a4039073a144899c4b5ca3d00a95b0defa6785201fbd2d1959	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f0355100000000020000000000106600000001000020000000df59be299ed86941ddb5b6506577cdddba55a5e0e8f7d92fb4b701f6655072c8000000000e8000000002000020000000c8ebbd157d9060fe8ab620bb786d76784370eec1267bb73c5c71914eb47ec6bf90000000319fdf9213c77cd8dbc26611d7ba7bb185236c2f08304c73fae38baff12cea4d3f1e47c62b1187c8ff6e9bf302d7711def44847b227e639bb0e891289c84905b5a385f85686b6013dbcd81ce0e8e400ffd306e17c245e35e0f95050a7006e62902b2a8998351a2b12792412689d080f6513d990fc7e0b79c2a8ccbd54b8df3df11a7a6cf37a89af5faa961b710d9e32a400000008a4fc3f5ef3e502f27fbba74eeaed6a5afe6946f082ff26c4e4dba25f32e2beae49b4e5e0a9ba03f9b453d596a07f606733173702850143912f805b74c667cea	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433052604"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E3FAB1D1-77CC-11EF-B0EB-7699BFC84B14} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 300373bad90bdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2240	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2240	iexplore.exe
2240	iexplore.exe
1580	IEXPLORE.EXE
1580	IEXPLORE.EXE
1580	IEXPLORE.EXE
1580	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 1580	2240	iexplore.exe	28
PID 2240 wrote to memory of 1580	2240	iexplore.exe	28
PID 2240 wrote to memory of 1580	2240	iexplore.exe	28
PID 2240 wrote to memory of 1580	2240	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef04e1328a7083c2a8d2cf1841a3dc9d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
448652756b051089c92864f549fd791e

SHA1
f2a07e48767cc4c181f06d898c443340a0328351

SHA256
bc02ed738a3a1c5eb287c92c45e734441e4b3d3289cd59d2ac4d354c646441f6

SHA512
3df3c3a2762b57c9398a08c27209be03a04cf468bcded9cae8901edbeebc5e0d5a389a7ad54d364077707fcebb44e7eaebb1f3f29e75d4dccd76d33b422527a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
185b0a0a582af6088299b07907edca7f

SHA1
ce5b6c6c0e3090b18cf0d8de8accb1e9992518ad

SHA256
9dc4bdb7085d54297b02e6f1af7648e71fe8a75c1524ee2c7ae5b67e475ca038

SHA512
d48dc1c67b23ee1ef36a27ec388f1f86740099008e4a18679b79954af03746729fb6419236b81bffd928fd1837a2a3decce77250426e5b33136ecb0da12b9473

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b75d653754fec77e715e8a55ecb28152

SHA1
845ca9ad22ddcc83f8a9cdf40029d6691116eb01

SHA256
1906f805463fa1423e11c5782c76013705b15652939a3e7ef3ab095cdbc84c01

SHA512
a1122eb1d7035621f75ff5a69ed5c673a5f670ed4adc5186db98db7771fd5e83f0878ac04220bff95ef08c5578b9f6e61d6fe4d3ce5ef413b32a42c2e520f6e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b3e4678c6e9ec7389b1bb8f66aac5ba6

SHA1
ee1997086000670d4344cd5060215b3f2eedd1df

SHA256
c5e7279a822e46e554f8164c2c10d5da9f004062ee57552c7e0362954c1caed9

SHA512
17e240ea2edfee6b1cad9a45cf1ae912b7607177cdcc2784752bf9f6e836261669d0df56721c136f3fe59975a42d8109aa607708f937f0b9cf6eb2e683f040a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6caabb1c7d79fc3e890b4dbdf9e96fb6

SHA1
9ac91e235a3fa7ebc6d274a9d65596ed5ffbd314

SHA256
858541ee2c65637309caa5cc76c7064e2af00fce10cebba0806f9594f6c0f5f6

SHA512
2d299b3f0145287a5237e32504dde0f5322180f34fc42c3374f5f839adaaa3eaed6b373d09ea06ca23e3148976df9258b1b797ae8d63519c86544ddb432fc0a7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2b22efea876ced99c565539f9289d716

SHA1
2ae6d7714ec072590aa75e8b49c0204cd151fa81

SHA256
6dfb7a99748432b05bfb31d4b89803b51581fc3ec0db965a503817c67793b191

SHA512
abba82600bfbc59460c36ba35cd5ab6bf511db232ddc70f2144d8e410c31b94fefab415b8829d780dd30a27482028772fc9e4e790455bc1e9b9da51c567fdfce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6cae466749b2cac65446a5e01ba90ff8

SHA1
cbf71e683ad7c538fa2926d00bf1ed0e8c176399

SHA256
89ff367bd04d18b9cdf1addbc03e6647c6a6e0937cfaf816fecd339bb3a989ee

SHA512
c5b0f75aff10004d1e2e8fa8b964bee56f9d7dbac424cea7181523a902492e30b6341260ec6e81cc59e0481b81967349a8adcc787d21b73ac300227a7cb0d1e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9dd057d9616b1c28fc0f5309af3d5b9d

SHA1
68af289cf24ca6ba33e73c51998d5dac97c2b4aa

SHA256
f124e50f4634ecc0e53f29e87eead0d97bcdb3122cb4515fb4e6283a48a92c43

SHA512
54975b96c3e1b2d8bef7c20ebc261aa2f385e45209d57f2b9ae2a875612d7e0fe3eba618c3ce01132d51e1bab87a100fa281930e8430460b7bd3bb54eaf771e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d7b6a49d6dfadcc8ccf705beb6c075f

SHA1
61f70deba56d6f1013ab60db9930d7fb59d35bc4

SHA256
b19f293a81d5ad25d34d82fc733016c80e46b384216fb9ecd529d279625ad5e0

SHA512
716f748606d152079bc60865b8b6767bb2486c4e34ec15164df981dc65ecc09c6a9776d57daae9fef5700574160fe64fa9218a6623ad7a883756f5ac63aa32f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
68e29b7835dd3c2b61898cfa3ba2cba7

SHA1
7513e5793da2ee1fadec61aceef0ab1b806a653c

SHA256
aa0581af4fa55d33a2190d3c0545b98e57015d11e6bc6fc360d2578945dd8fd8

SHA512
c378bbad2e0464c431f9445758cb6bacc0a36d7c28283213e09c2427c386617e23d1756f9fe49a885eaa06b2ec85421703e94a05e2bfee385d82e2b1f7025607

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c3bebaf1e9da5ed42336b6c208ebb210

SHA1
930812c26f10e84ba8a9693a5256c75740a0c093

SHA256
bb99e69af66346f074581c1bfb116347550ffe577926fcd285e2e0758a64d433

SHA512
0da07baaa739517cc07cbbd5d467ea933be8465f291012e5996dfdbc1a166c033e0ac546a2d11f349a0f1ef195b1a1549490b1bd10b62495aa1efbfec8493655

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d48cfc6adac09edef0b89f8908a0666c

SHA1
338162dbe23be03325672fb6848a5897379d02d4

SHA256
5e0ece8c96cf069cab7be4638741ba68aa93ae1e6fa3d325fdf8748dc55f183e

SHA512
6297e5035cbc29de93fc7698d59d0e084eef01cd68d6c08008562fb35c25ac74a390dc0424974a229c315027127f65c62c811933393fc82276e966da4e7e718d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
28d15a57c0e3ff28967969295708d347

SHA1
25be096ad681e92ab168316ec276e19f9f0b403c

SHA256
ee5cf1c357633d8f73d970cbf834e3389b34a4fc268c67371967eef6e6e92eee

SHA512
317054f0ced6574fccbf58bbebecad48c0cfe01cfa6e8e42c860cc7b7eeeb0970fadf6e85c4f6eb3cef83e557971199dc7ff27904de416bccafb12fdfce75022

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce9d2de9768d0f4161bd0cd2fe839fc9

SHA1
5e99fe450eaa4ad00a5da68906329ba3c0ed83cd

SHA256
bdbf7477004c5b23e158826b3368430727b05c2a21bf03d3d32d1e9585b5a016

SHA512
41e97de2b0c5886708fdd59c6c47ce80457e738cf5ac1fa576fbc20532eeb33dd35b60888903d3628cc3ab2aa66a443e3fb8ee62d122829b7dcffc9d2620b387

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
19ebfc28c01fd5e3d9f67855042cdc1e

SHA1
239e47832836b53ad2a2f93fa1f2d7ad244a4179

SHA256
1dddd1acd0d57cce151cbc1f30d52f071c4c7c9bb3f6a336c81f9ba701eb0f1c

SHA512
c6730eeb614c0aedf1c5e8069a849cf3002a4cb25583829a392826b345582e63f822034b3c1352e5eb248f5c2ad60b2a104e3f332c4df944a73b4e5d32f54626

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d2f5c5944feffa870b3c1986f13e284

SHA1
0faed76949d17233a2a085a91813c745ebebb02d

SHA256
61c101ceb82b278bbba77a82144c080200e8fad572fef16f614d9440a0dd3079

SHA512
d11833e6cbe0ac9468c3c7b431e8561447fe2b00043ebaf425a7b22bd24c2f38aca21ef699049174000ad0c54ff4a6e3df8ea54f90657020707d81ccee65b4ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fe6e127c1eda3f74dde416a1ee5a5092

SHA1
0ff227ca4c1d4ffcf08abe0d53ea895e298607a9

SHA256
86a5c44ab60c008f8ac6738ba5dfc4268169f851c841f3ca04bd455a393cde39

SHA512
7e73ae56308354c9306e64435836a06c7e073168dd97e3ee28822741eb3665588ce5497e9f5e186cbb0ee9c6f69b0077cb6563f2a2059823f5bef6d6bb5d517b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD0CA.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD178.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit