19137f3a00943de26c166e9d7d16f6b682572b191a8fb60af4a8cf01dffe9d92

Analysis

max time kernel
118s
max time network
131s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21/09/2024, 12:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

efc92baa4a8245923054bff06c66edf0_JaffaCakes118.html
Size

52KB
MD5

efc92baa4a8245923054bff06c66edf0
SHA1

e78301e229ca3925d11e1762600a91b43660e20c
SHA256

19137f3a00943de26c166e9d7d16f6b682572b191a8fb60af4a8cf01dffe9d92
SHA512

429fd0ddef13a24e68aad5c6a8bbd3ee77bd5be1d86d00159953dc5433756c89a36992f524fe0af686fd1e7887f1747c8ceeed47c4cfa80217a4a91992b8aad5
SSDEEP

768:S5izyIWyUeuQQNWmLHtKENvEZmattO5XmSWUVa7UAZbAztobauyusD0D6xjyn:S5izyI2QobNSoa+5X/tuFwo

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
6	sites.google.com
11	sites.google.com
14	sites.google.com

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000b7e93af6970f2e0395749b0fd72c44bef4b271323a55b24c7e62b3c0e288e1d3000000000e8000000002000020000000d6c50281d364363f1cb7b2fae15c86028c7e57ae6b2b1389f676ead37c3f0489200000001581ebbcd6a2514d24b83b0b5569ad1ffe8b3832a842a76084cb2fd83da4fecd40000000bb5ac92a4a6c90907bd38b33352fea0d9a21c6f9cda43924a6a783e6ba7240bf4d7c902b31f544b93abef2fd82294b6248394230058dd8ba4136e4de1290742a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433083292"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c073012f210cdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{564A1F41-7814-11EF-BBD1-D686196AC2C0} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000eada8b2f9478a07e17849952267b0f231491f7ba7e15bb4a40c6ea62d9b4618c000000000e80000000020000200000005b78af089db6769340044d61e5dc72662a307c3f956f198b4cb0301aacfe015b9000000060d6c012f8f2e173c359b14066a103df800d5484868bf8dd0301feeb2f0c0eae29edecfd4bf49274268322898b61fa9f1344c16629bf5dd393c026a3acb547c17947e2884a2e5b84d24e41d5cdf28efba43c74d9c5b9a1c4cbfc487398d07705912a9efd1714d07eece79bbc30e1d34bd822e97eaae875925a5a668cd4ee52ed79c9571b1642a8a5f62276d2a6baed7d4000000005792e2d20b04855f59a34d8c5cb61307a510bd015dbd3e97347d822939c3820e39e07977ba17c68092fe1caf8395339f7250ebfec6696c1cb08a9341ee6cc26	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2384	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2384	iexplore.exe
2384	iexplore.exe
2556	IEXPLORE.EXE
2556	IEXPLORE.EXE
2556	IEXPLORE.EXE
2556	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2384 wrote to memory of 2556	2384	iexplore.exe	31
PID 2384 wrote to memory of 2556	2384	iexplore.exe	31
PID 2384 wrote to memory of 2556	2384	iexplore.exe	31
PID 2384 wrote to memory of 2556	2384	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\efc92baa4a8245923054bff06c66edf0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2384
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2556

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
998fbfdd18e3f93b8d40c37772742afd

SHA1
3df0efa26a60c9bfc1f2fc2f20f118991fd724d4

SHA256
a0e1fda4ff8d91e385fd0cc62026893a33b72dca81fe4d486e6c1b26bf4f76d9

SHA512
64f1d394fa36f3dd846331b51373ed98daddbd4098e814be6cc8f6f60f16f3cc42fa18ccd4ece10c0a6c3bffec229898b22d314ebf2cc815fc67e91fe40701d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
62322edab6af72fac6d6d127b696cfc4

SHA1
ad2de708ee644668f2510e54664360b6655bd054

SHA256
b95440300ef2b533aa30842bb37ecb771a89ab79bd1f8642efcc60273b3c553b

SHA512
ea9f16837891c7ccdd790d8a75a3edc4e66c88f401143ccaea2184bf00910a3c73871f51548f0fa2156142c8cff8587022a150d919292780135560d427972e2e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a1218a20b9c1bc8a83ea6a7cd042c488

SHA1
10b135a1e615dbb4d8481cc8964aa1076e1a7499

SHA256
17c7d15ed053b965bb487e4ee859dfe7590ea0a3f0bb6b8d16fed2dbcc20875d

SHA512
2b2b7ed2f1fc36cf98592b31512ce994e9766a472635c39e03486322d0fa376806f6b94ec00414585ffaa2f49a8719e6ba260f339a6d89eeb319adbdaba6b387

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d79a36727dc2fdc7f3579233df385c1

SHA1
3b68f987a9064899debfdedf046e4a9b8505bbe9

SHA256
a97aa91a7c27ccfcdb0b2ca287d0f3dae1a38e072f67239f04e9b3a5525dfe50

SHA512
5acb6f3e655a186ab73ee278f5c33e809587b96aaa0a12078e003755c3d45918a1567911db908a0c00daf9363e70dc8e60138b6fc872a442495b8b7f75e344d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3854e7b3ca9216da003407bb1af21b00

SHA1
eae2dc9f1cbd453e40c2956bf3b85763860846be

SHA256
677b90c2b3c43f2b5861adc7913e6a1275644bf67e756e5ffa69620575fd4dc4

SHA512
a1ee82aaa5bc9a485882472ef3e2c60b950f572bcc18fb9f4ad0de3522ea0b95ca102905610971649744498c4497d48410131a62a218976dd5d96c96f6f44e1e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
622c91b40a81496b9d8d45e7bd8067a0

SHA1
400f59dbc645d3753116a117f755ca903bdda124

SHA256
bf2a9869c050a5c38be66b6dc34c563cd7a5301165b28d26b1b1d0ffda3760b2

SHA512
8c60cdc6d3dfb9ce692b00b592343a9287257d993c18c9343784bdd1c9804aa19e675f9ed819c66ac2a46a4c1625f2568fb493522fc32a528f004bc8e63e8c73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b83fdc07083f95d52cc856fe2c9700d

SHA1
e24543db282a917dbea6be1e548712e5e4fed706

SHA256
36017f087b2306447e9893c26336778fe592753003a2a2611e0b39abebd87bb4

SHA512
dd477bddfb44111656c48fbbe6b9baa7a0307faf3eaf7f3dd71036eb4c4ffba3b80c6e788b83c685846b75721709ec3c9e189ac394128d7815c1a7929796d818

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1517374505d4e2af04c0b769c85bd79f

SHA1
93b4bc1452f00bafd9f08bdb6054237c9689c64f

SHA256
2b701db28f84a28515321cd78fc6abb61a14399c574d8bbd7b71943bf41c8e27

SHA512
3b5d40a092e07ef2fe99ee83337a3ae1d0af786f617a744b19c287ff6510adba1bfa13b8ec7a7c2963a478da13b666af28b79ca5a09b2822df962a218492b51c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8e862fd8637c7e70f9a0cc7555791bb8

SHA1
e03818800d10b98da073e50771f788329f33f255

SHA256
3a9cf82af63a3c1a0357c8d3b0531a28a6e8cc702dc735cd608ec54d3c7faee8

SHA512
4889423380f01f7664cdfb7d2bda06813ed2004c0dfd07ec668418c3e209efe64ddb6074989870a36b9c9dd55ff18fa96323a802dc22b8514c8f6652e2b9a145

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01f369300f4b8528351c3e454ea62c19

SHA1
7e36ac94c8aced0ac0b6b689f3fb3407db35c747

SHA256
19c972f279028176faad931917509bb60a522ab0bfcd378f9cf9fa1d87356bda

SHA512
5680f255062da3aed60e4bf1b519ea2a0b08cb10cfa7bfb1c5a7d3ef67eeb711b4e9d216d50288a6da71dfe896d5dd555d4aeddbfbed4629bb3823013b0d9d10

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
71c1cce0ceb7511336254358a559b5a8

SHA1
4e3b0855f3666d190ea17f0a4e0e1bd5af6ee904

SHA256
c3e699ad4262818a9733f5ccfc96cc8679cf38987dc616ad54059c07e074e760

SHA512
222e55c30969af422be9b574e861330c0bc9020e1d6e2c5a73c7bdc1141e27dbe71bb2d90f983f8d12641e60bd4bbdb583925f773b65cf2ade1030bc665cde02

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38884e677ebcd1cf75d08ea651e34ac3

SHA1
3cf5a3490440b75511d361945312e27ddb82314c

SHA256
1fb0c6e7c643baed88f9153b27c946d7a352a2d30d04cf8c8ffed0b2848be5de

SHA512
d245082283e0b7855fdf3f72d9d32b6f874e4ec7d72ee125d63e359bfabd03fa7efd24ab46174c5a52d8f89bc7d6664abea01002364b08db7bd3c68a7933bc26

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
916438fcbef52492eb53741f64929bb9

SHA1
0d5d048c39840edc40a431d4134f3095515a31e3

SHA256
ba61a946e0e85f19bb55d989233b549b36eac3b4f536fe74b68af717b90859ac

SHA512
cd91555276079c94894179c73b865f28f2cc9810b033bae37668982e7edd46f43e00aa3178a7d159e6a49f681dfce2a8fd1708c1f7db9a34c0adcd12eb8d93b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa31980785cc412289085f214074cdd3

SHA1
768766818f4ffe71cfeeee85efed804b922417a7

SHA256
a7e8459de65013b20e9e4f2ca4b3213fc6bf793e218a8c25b3483a60e95d8c9f

SHA512
6fee999929322de70da655a7f8d8dc8ef7cec593b0ab200efcfc32c39c9c202ef4565a72166c578e8f67026be023a2585207cf0b1ed66c0286391a998dc06ce4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78b694e2d44d9ce2ac2251e206c4df4d

SHA1
928bed90409a758767ba548c182fc307673770be

SHA256
b710f17bf97c5df5c154ebb31eb6ce7734b5f48b4c704e8a373508e8108fd387

SHA512
9ed89dc5695d2350be5a1ac8d5dd2355753c9436048e6e50c0b048f29bd102a9e22e05feee75da728db4d09e84b2cfffbce7d8f75fef686646dd2f0574ae4c0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e71558c9e14ebe8b7bd5e1daa28cee6a

SHA1
ab592ddf6b09483c02895aa64effd3386bfc2e54

SHA256
6dd6d94d4bd6201bf9e95161e51604fe1436af5ef0663b8228e2f9971dcb2f40

SHA512
478f7e30c05d5abe846aac502b36eba33e91553be1d6f2f31e13794a8372f2b4826b2476bdb23c3a5bbc9b7e87a1cadfae2f543bd8c636c0f829d6f4c93735a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4f61f50f4bde6c9c0e9c2b5f300fe6e5

SHA1
f708e0866c1c77f4198c48e1a6f2c1f871d07b0d

SHA256
b05bc3172b5d9aa960f4ae14055eebbfad521337c756d1d72cea6309490aa04c

SHA512
a22a6d38cb80892bdd011fad8cc7a71e383551d19c9624a1a29d277b9db419a02836efa06476d615fb620d6d72cdb04eb34c3ac237bbd85a618643d517e3a694

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDAC7.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDB76.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit