51cfb081613befc9b03d1632263e3f71f1a1759c260c10047e6732db68586d4a

Analysis

max time kernel
136s
max time network
133s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-09-2024 05:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ef307a525a072ac0340d8ea0b062a2af_JaffaCakes118.html
Size

14KB
MD5

ef307a525a072ac0340d8ea0b062a2af
SHA1

5871ba197afe5e457f068c4266e465a8c4833eb8
SHA256

51cfb081613befc9b03d1632263e3f71f1a1759c260c10047e6732db68586d4a
SHA512

2acb91c617675585912dd0d8d351462a73bd33a364108ae5e5fdb950334781bbe7ccab85d5bb7454c66bbcfc535673bc9854cf68eacce4ee7a4a549118362211
SSDEEP

192:Cyi9FkMIdjbXjdcvOd9wQFCVCf73Ny1wiM19GcCHCXmkVk4CWjhn70AvVL/7MMzd:Cyict/ShQFAi79y1wiM1UHCxCWjG9orp

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433060197"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000827eae72ea35b4cb3ccc5ec7309ab081d29354485952eb012a94c8d630ec081b000000000e80000000020000200000007174a8a02b02f7c92fb709220b33d3889f6ed71ccd7c1ef2f8684cac29736b2720000000f1ea02e45d91b1f89fbed8010977b491822cbc3368ff15adbe19cb4d7b93794b40000000b44ee2097020f8ecbac2e296297ebe8ee60a273b33e237a32570253f54544dae29e68f8edc6ec994dd3a59372c007d11fba9e561a8c97e568645fc2f808a3281	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30f3a968eb0bdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9187DCE1-77DE-11EF-BF4D-465533733A50} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000006aa817a0ced74696e0c6146f3bcd7f26b32793e709ec0df5cc354a1a48d4d0d0000000000e800000000200002000000067054c225e3b2da3cb60b852fbf50c68f010468e0c5eb99187f832dde5a87c03900000002a0f65cac2a2fea7363d351075099917e83f17d0a36c786ea78673b272a19544269e1adb72981e8856bd33cc0861bc20bd0414d18a0ca143d1e68afed764bf78eacf4a038ae1ae1110db4af662e9e63e3fd99838b461fbfb719e5dc6a80f8b563f9ab13c2fd833312bfc2d859836407981f50511ddcc8ffd26ec996614843d6b5495cd3b42213c4f1e13f7ccc48a8cd0400000003f8b7d659e503c24b2d3ae20eab635caa0a42ab8d774739cd8fcb3ff0faf5df73b2e24521e60ecf3f0b97dab30ff980d77bb93a4d55a026564fe982f54fa0da8	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2068	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2068	iexplore.exe
2068	iexplore.exe
2336	IEXPLORE.EXE
2336	IEXPLORE.EXE
2336	IEXPLORE.EXE
2336	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2336	2068	iexplore.exe	30
PID 2068 wrote to memory of 2336	2068	iexplore.exe	30
PID 2068 wrote to memory of 2336	2068	iexplore.exe	30
PID 2068 wrote to memory of 2336	2068	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ef307a525a072ac0340d8ea0b062a2af_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fe23f4906ed5ed18c736f826374d3c69

SHA1
a4648edddf1958e31b80946b1444f2bcc02fafc4

SHA256
b358204c3decf65c6f3a9ed439f8e9e3bd8f6178d3f0c227a0ada14c086e3e18

SHA512
7e0ddd6d0dcf63dd73f73ae5fcba3a43e70aa02bed489b007a4321e1b17477f45efa52a4e3346164c6064b178fd439fb248089bf210c51a5dbf83bfe18d63c62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ead3df6166dc98c52d66a397db4d9e70

SHA1
dce2a1ddb0c7b75c761c1df45c9fdda88bfbc6b1

SHA256
7e93ffea4cc94128065f7d62cfc2307981c29469ea99442bb80d4f2e3b8d9aa1

SHA512
b81313b603ccfbe8b8742c5c00fa347f763ec1ea4ed2df020d434d5ac828cda1c8f5a2b0dec8de5dc07d4067f2d980138ad8b6b70f33f4cc995c8bfa1ae06134

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5837dd9bd71e8707a70f7fd56603f768

SHA1
bc901974c4e349d765678866a53e1af7dad67c06

SHA256
95e1f60c59246e65e97fca99e61fbe863db149e3259df1febb26897d4453eb4b

SHA512
aa6e29f7bc3cd006e4ab0578641b7b6be59422b7cde4e1674ee69ac8f47ef8a1481eaabcbf8c6396feff899c780a3bb94f324ab0a97cd0bb6b6d922a0cabfa21

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6ee53dc911d4e393210406d5be9481f

SHA1
5cd06cc12f5c9bc63b9f52f34028bb9a6b7e82b4

SHA256
13ce7c9a9c166e4ad441e861d320a66daeab9b54ac58a638a859ae5fb2216953

SHA512
a86327cfc730936d612c290c22f2da4da15fda73980406ba73019bd624bc2ab9276c460b857cb9c738e676319877c31f3f63a405d4951eed4b5b03ffa8dcf2a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
deb57458aa17af418c82fb142ca382c1

SHA1
0dfd336c849b0f6c0bc15d6104496c0bde53ec7f

SHA256
c193f06a6a1a2f57a6220e93676412a6769ffec29c7d42fbe209a506d2f60fca

SHA512
d0fa218c312cdd5307a44e12a882ba16689413e0e8af189d973f55b8afadad9701c8ede0fa2a9a6dc3518e75dbf364bde76a1221e00c032951afc4d8b47e084f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
99d7b9e14e9430f2d5297f45abe4d817

SHA1
800f6057c59721c88f896d9c06d271e9c4b7b694

SHA256
0c4ac5f992bf1b4c25d7402f72e173a7d39985c29c16d74569de4868fed2d03f

SHA512
646762e635768d0bcedeceac14f1024e77cabbf4cbc53ebed57b97f922ef7e64aa768e83a44effa8c687ce30352361657be3b3afa11cb9fd7e920a997c614940

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
acc5769067c88cc22a68d0d0dda3d806

SHA1
6b414948024fad9ce39d3dc6122024b22893c0cd

SHA256
3d7bb6727411b0a931dc0d7e9d4d5bb0220510345d5f6a7373c8211988f71e54

SHA512
3df94b9a9a92dd4c6efe9ad7d1845a09bd69b4c9360c7675637f6167a583a48b5fc10e930da3ba0423629fa4b97aa05ccb50801a9694248536ce1edf1460507d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
85729cd29a9a3bbf5a5de14da17a1c4a

SHA1
39254e64e1a955eca54614861b2fc6597e22acc9

SHA256
8a4978b831dc5a4d6788670704170e9c27579a547223d02381dd3e2fb0db8eb6

SHA512
86cd14d687523dccf0de231b8f427a1d194bb994c75a5a6abaf4d509a64e9f79ae558d4b7220374d4b9846cf1f9a27f7a48c8484d31d8cc7ba10e14425483ed8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dba0516da449355ff0eea93fd33ce945

SHA1
2f323cb53b0e43dc301f609f3d0f3e218521a2da

SHA256
da90a8fc330dff5c720f9639a29bb55da7d5bbfd95b2d8075862a628fb626566

SHA512
dbfc04fbfd35f78b34efa7793b812fd425df6c673d6172f754dd06427b41d04ead71e9053777a3e990aca8b21925b4a7bdfd6875268fa4a0ec8993d1ffff8939

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9493681d133e3b226816c13d7d91d8e4

SHA1
28315ae895ef1477e206a1023ff73c600a6defcf

SHA256
2c6522ff122b2b3737fa3aafd36a10a69702756202a3e7a0e9be03918ecf475d

SHA512
e1c35d205832193690162c90d8677d4b540b05626a76958ec457b900f81556ffd5cd08bd97a0bde398050b4ee9f1cbbe568a2ac57b6407cbaa2286d51b70abcf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8be39d16b2f4c629800516037c4e321

SHA1
bff1b048b16a3dbfe00fd382da973775d0f1fd11

SHA256
a196dea9aecc80c2b8cbfc87765fcf55b2e2c7579a73c8bc27aea4d9aecb857d

SHA512
39a64774d9a0a18f0cc0e6516487c2800822e49081e31a957bc760d472380171b0f3910271bf32b568413b3e5714f17e7e0015f95c2fafd29008af56f060835b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8e705f19110fb66a9d721553632fb665

SHA1
3bedf6537ee0ce22a4307785bda22c9028f5bf52

SHA256
a07af7b8a2fa4f4dea97be43a236fae3a9b5fe2c9a01f9c2a8e992f45e8a471e

SHA512
417de6631faf719ec28adcd0626ff50b8ad713bc4612dfcc44bd96a82a485408a741749a324314d1b125629f721dda8b1c0800b4df887ead7d7acd0ea0206165

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
651a4e0f81d34d2ad8dba502912c9f43

SHA1
cb874c82c2b2c1d70cddf1d336dbf2b37f5b17df

SHA256
c278a7c4878eabb67160cb0b06d1c14f7b5d0ed8a06eb08f00c9395c510b9b6c

SHA512
e5b0852c4c207b9de5174e863a272754fcff2e99ead039ad0703c5afb31d26c505d9938ad75c61af74ec014d2d0638d7670a9af6328c1e6c64640e55b1b47ce3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c2ff248cf32e2ae0c320b0211903ec99

SHA1
551b55436175c33e5da698c64a57fb968e1f1cc2

SHA256
2677292e159f63bb6df32686bd6bbcb78cef7ea82486f02fd1114f8043e38ad5

SHA512
b1f9ad29645ab63b541eded3e0ed17e75cbc2e4171682762887afc4d95cc2a600086056c9ae94a6b45d06f3418201833aabd684e771a2e9fc445b4cbc06dbd1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
41d2cd42e7fdd0d9441550cccabb03e6

SHA1
7c54199edf82abf6c0971180d2d14cfe39b82fe2

SHA256
da735e504e36cbc4a67cc07aa42e3f061361563feb125217d2eb36f1b757b4b1

SHA512
96355c0365ff4cc6bcd20528e061d50c2dbe280dd0d55f3650a84c4c6de1db7b7584cefe6382b22aabe3274c7dce4915776afa0987cc12189bbbd99f84bd5c6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
acfbcf1174f12fcfa25140f7df8d0545

SHA1
49f52a1d39cd42834dc7166a1a90a8cb3b8f1a7a

SHA256
c3c628aa3471fdbd079c03b1128939847cbe4fc1ad1fc718cd56059e43e8a84f

SHA512
91606f3930dcb31427d4c954bbd2c8bd125b1356edb01a66e5246c27c8cc12befe3501b5320fbd9914f3aa09420fbaf001fcae36ec76693deebb204c9da4977c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6a86e1e0d62ffef614b6398092c8020e

SHA1
d3d8eb4f69ca6583354133fcada5236deae711e4

SHA256
ad9e12137279c9809aa47fb6276e16fbf2e5f45bf3782eb555a833447c0db505

SHA512
5e9340fb6b4fdbd9fe18c90d7ff1f6207f70aa5dce695504417a565fc09af860529684da42f1695c01d15ac47429ea30aab6a97579fec0f9612f72f33196e3d9

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabECC2.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarED23.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit