333767d8a122af8130a5e669a3d331be8ab5d68053e3bb85c330d69eba6d4120

Analysis

max time kernel
145s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25-09-2024 05:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f546f92c615114978bafaf237fbf5eb1_JaffaCakes118.html
Size

48KB
MD5

f546f92c615114978bafaf237fbf5eb1
SHA1

4d06105ff89ac5d36b8602a60de2aad965753c46
SHA256

333767d8a122af8130a5e669a3d331be8ab5d68053e3bb85c330d69eba6d4120
SHA512

78f5697944e5d8413f53d6919843dbbc8c1c9abc7b903cbb88cd64486bbaf13612586fe6a1bf08f13bac60132eaf20de3abb2cb7fbd8b6b72e51f6b30f114504
SSDEEP

768:V/Vt97Rycy2aWzkHa3Z3MSuBTSaemAELdjqckF8SC0/ZuOU:Ht97Rycy2TD3iDZSaemAELdjqck0b

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
1624	msedge.exe
1624	msedge.exe
4288	identity_helper.exe
4288	identity_helper.exe
2856	msedge.exe
2856	msedge.exe
2856	msedge.exe
2856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe
1624	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1624 wrote to memory of 4220	1624	msedge.exe	82
PID 1624 wrote to memory of 4220	1624	msedge.exe	82
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3380	1624	msedge.exe	83
PID 1624 wrote to memory of 3016	1624	msedge.exe	84
PID 1624 wrote to memory of 3016	1624	msedge.exe	84
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85
PID 1624 wrote to memory of 2824	1624	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\f546f92c615114978bafaf237fbf5eb1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe59d46f8,0x7fffe59d4708,0x7fffe59d4718
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,1400569290572395642,6594330148452058958,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4828 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4440

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
474B

MD5
bcf0c3a13ada3c631268f86d5bc21327

SHA1
f1bc8e2a0b2c943288af75c5efd3710bd8c2ac42

SHA256
d6303204f32a93e4fc46f01c69f8aa50915070efb445ac6837ec85617168a18a

SHA512
bacb5835efadd4a9ee7ea2dc697efc9ed763ce86a6f989c972bcd8c733ce948569f537f799fc87432d5378d73c17bb98d24eda1432f4526cb695038a6c605013

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
650b1fcfe70d7341e149b9170833a804

SHA1
9012904a8f72a64572c4a51f390e7a9c8a6a35b3

SHA256
ee39a5ed328fdadb639aa557621e1e8fa75819fef53eb7adb83c5311524ba389

SHA512
44e447fdb5443f14d2e6356289ed62ca15752a51b46cb3f8a4ab108fc11435171e2116a8db1c6a4ca3594754e740d17aba431dd62565c1ec1ca87dbefdc50db8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
57fc0f1301c827e1d9cb2b67dd8d4851

SHA1
e66a9b3f6e220d105ea4bce087dc27c4e32cb5a7

SHA256
184d72cc65c368665448426a90dfab0939e6a2243fe2f009a3225554add8c5fd

SHA512
6f30e5059b442210ba89f8d7bc5c6554e84a20ed75667782235873f17ec31d48efeca33a0558c1b1c8b905f6ef4bdc12e2c346dbed041949620486b06960f5d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0860acbc844fef1cfb7b7429df7678ba

SHA1
b054e45c03710210aedfc02b6144ceda049c812f

SHA256
473bfd4d1ec344d6c73f8b36e6fc917a8d46f937747cdd82f46fd04e819cc216

SHA512
2d65cbd3e10cee163ba2583da77035e21682e023135a0d6dca90941aaa87b19674e8b4d4ecf6be30c8cf85a36997185582577fa9905ae733576c77b50234e795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
e437082dacbe16dd7ee3d9aab737b7a4

SHA1
cdd28a0df4a27e39deb289576239c525f457d0f8

SHA256
8af8b92d2fa6ff1651db3681533a892fe9cf2b296c9fef0343f1f3b41676a309

SHA512
bb67cf8fd1df43b166be35a2dd4a4816506d7c24fe499a88ac2ece246a9624e4b10002abfc405fc12fa79692648ed07848a63c8185fbed84d3a9e6fee577b27e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580470.TMP

Filesize
371B

MD5
93049dbf46f9f286e85ff80de35aefeb

SHA1
b85d0d9a1fa0bdf58f52a1f23b04a93bb959b0ac

SHA256
87f5190817d1251731be31f1e8af40e1676ce610caa7e76fcfbfeb9be9ee252a

SHA512
60bb55015384a678fbcb7bc6cecdba986a9e572a695e42bc51571f8214ce14a54646be7f18f6d81ad58b53b618cd681dd6d85cc6fb6d015e87ecce973f2475ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c26c317a75b5b4ad63d45ee7a25f78f4

SHA1
ad5bce44e715c7957a41f6206a54908fbdc2afd4

SHA256
ef97b212a956674e87418ac91535ea35587c06a6f48ed9cdecfe80fd93243693

SHA512
cbdf9d628e7c3d73053ed44a4e606f7a009ad2665e11f17b1d2253a85514edc8e9eb08ce5f2721ba3b2e3456979d827c4d908f3bc6c9f45eaa7053948599ee0a

Download Submit