72f2a4be5936f0c819571dd8b20c94c2ef4465f45c779fe5e041c801b544f29c

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21/09/2024, 14:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f00b4bffe62fd4de766ed55ade626551_JaffaCakes118.html
Size

66KB
MD5

f00b4bffe62fd4de766ed55ade626551
SHA1

cbc1ae47ff6f22083a310f0cd44c82ea964779a4
SHA256

72f2a4be5936f0c819571dd8b20c94c2ef4465f45c779fe5e041c801b544f29c
SHA512

8486cd78f221009f8b9a21c62138f01ee06ab5f2d5861d8edb768161edeb35ab1d50c078c889e758c202ac166200d6ce89070a56b558c34753b9d62f3c3fde11
SSDEEP

768:02JeCZ4R6melVwn0H3nzzwTlabuW6eLymZLWO:02JeCZ4R6meNHXXFuErZiO

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1028	msedge.exe
1028	msedge.exe
2128	msedge.exe
2128	msedge.exe
4172	identity_helper.exe
4172	identity_helper.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe
2128	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2128 wrote to memory of 1576	2128	msedge.exe	82
PID 2128 wrote to memory of 1576	2128	msedge.exe	82
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 3208	2128	msedge.exe	83
PID 2128 wrote to memory of 1028	2128	msedge.exe	84
PID 2128 wrote to memory of 1028	2128	msedge.exe	84
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85
PID 2128 wrote to memory of 4880	2128	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f00b4bffe62fd4de766ed55ade626551_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe59b146f8,0x7ffe59b14708,0x7ffe59b14718
  2⤵
  PID:1576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:1260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:1256
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2188 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,15893266185225136024,3398716514732941146,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4848 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1688

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff63763eedb406987ced076e36ec9acf

SHA1
16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

SHA256
8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

SHA512
ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2783c40400a8912a79cfd383da731086

SHA1
001a131fe399c30973089e18358818090ca81789

SHA256
331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

SHA512
b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
723B

MD5
85068a7f7383bf5049f80cb4e2514e76

SHA1
418865641c8a00fc43490a6630e6a2b9c3b625fd

SHA256
dc0cd8ea0fb30f9dec094e91d3fc7e2aed8ffb89c9a0e40c27bb7db2f0bc07ce

SHA512
2ef43c174add04841964a54240b7fbc0837b2362c9c0160a7fb0a45eea9c15c08e8d017a600e92dd0c0a815b0d5c474175419d299fd565644ebe5f802816211e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6327845d1edd72b2a6395b761e437b46

SHA1
22ebbc563f20bb161185a5a0b835c518a0e62906

SHA256
173328eb422a5b642235544073b4eb6974472b9ce9f358c0c6f74fd836205561

SHA512
699ef22fdb6f28eb6319a8c4fe204180adab933cf34498bbae1634643c7bb0d196b6b105c249abdefe242a38df65b8dfc406d8395ec796637f6c400e7bdc0d0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b1a31a8bab7162f661ff3838f3084214

SHA1
d962d8419d7741fa578457bcbeac81b0ad111f51

SHA256
736f3742cd03749848fd832dc385525854cce8bea10d05b8a9588701af87e33c

SHA512
52ee804ad970cba6ffce54ee31b40b9fff72a7af0b23f75372a834ace1ea54a0b9f9d34a8c7d164dc1ccf9b242e0c4d446acd8f31576422660b5d3223823cc25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c7f56ccc6690094afa577e7b32a1550c

SHA1
ea531e58c324c3168ae6c43f92313fffe2b0e030

SHA256
7c01af2764a48434415f230ae74dee7991c90b02229f2b9bc5e12301c862553a

SHA512
94c2e6730d4e088139eb9600f5574e53d15fb0d878309e449c3b2c2f37e98552c734d051115993885b684f56462b12b9f6df8361fc47b9fbccc5077a2c78b17f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
3d4ab3f54190b986a3fd0d0aaed6de35

SHA1
00b23f3f18c8e150c3dce64f74abc316031030d7

SHA256
23957c35603891b2149d93ea709eba28e477422d5f29abf9bdf92e5ddf2deba2

SHA512
4b264a834ef1a85ab7136004114a62d5fe574482ec1b5134a5a78b2474b6e6e2f3f0d38ad9fdbc09044c6d8ace0fc29267c4cd21f7c4a4ca4840dcff09ac627e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581306.TMP

Filesize
370B

MD5
f137ba26d3e5cd185b91e00ee1cf06d9

SHA1
759594d20325f1b3a399cf20b2e85b1c7357665d

SHA256
4a75a96696b3c045aeaff4f6b5c78fbcf659847863898392a5b7eae9406fc9b2

SHA512
c555fd9ef34838534115d65f0336d40f93944b553580ca80b493543d7c85a03623fadef35d71bf4837ece703d5c960767bf15b99b12cd6149634b779034c5dbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1b290de31833dd9308610bd4e5993b0b

SHA1
aafda5c66c34eb66542a542f4a0da35f835e0aaf

SHA256
23625a516ff7751831bb4437fd7330725b8d98571123a48854354f6fe6da04f3

SHA512
3e6e53d50ba7ad8cbdcd9f1768555250d83d0f2621bbf9536b0b25d0393a2c331858f2e53f075ca99055cd2ee99b778abe88ef812e06b9e1635bd998f42432ab

Download Submit