c5756a04f89d9cc2185330160e00862361ce2b4877ce896c3b50adedd4a5dd7b

Analysis

max time kernel
142s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25/09/2024, 11:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f5e494838cb769838d043024594d5373_JaffaCakes118.html
Size

15KB
MD5

f5e494838cb769838d043024594d5373
SHA1

c12b685bcfa2e8abc210df293ccdbbef82313bd9
SHA256

c5756a04f89d9cc2185330160e00862361ce2b4877ce896c3b50adedd4a5dd7b
SHA512

a052a831c0008945bed85e662b68a7f3766173f5ec5b0fe83e46bc31e0fa4088e3b65bc33bf5abbbb0f548ec6bda42d28123dfb0884b3b68692c4aca0adf95f3
SSDEEP

384:Cyi6MxPTX/3aAYYhAi7zy1wDHMg2PZ2Z/bGVglMSO6X:Cyi6MVTPuYhAi7zIoHMTGsY

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d90700000000020000000000106600000001000020000000dd01d86f1c14fa36edea43736d06b269b11facba4a7e48b00281aa04eee77aa0000000000e80000000020000200000000ceeb50406648c486bab3d87381ba2ce2b5564775af3ba6839b1dc76b7067eac900000008cb148e942757bcc2f60798ddd5dc6709b91b2900cada6cce088369753f0632427321b03fadeb728e135b8a72c875fa60dc76f07c428ab6a0f9e3ef171ded94a685c8e40941c05d1aacbcd0a7b12dceb1aae6ef225c86e535509ddf1bb6bf222965f31db51eae482f55dc3847ac94a948b1feda55a5bf33971d8fb86746793b2c6cf20e4a699fb3bc8fef2511560c3e240000000fc4a3a0a16716809aeb61811d16f79dda87a324291370c1f6f05fca8cb8e2d6409f2a87455dbdd70fbeb4c2fabaf922e96921bff9ecfa6ece99d4b7ba0dccd0f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c04803c63c0fdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d9070000000002000000000010660000000100002000000068ec15fb190b79523ee2d034872cf72713640699c1c9b4ae93bc10542d70b1f7000000000e800000000200002000000095f583730e5e3b96b198586c63fadf0141fd7d71e994d7204ec0b5f57d1257b52000000007cfdb9f511e3de8d5123893265acf5b9249c46bf8eb7a5cabdbef72d0f4e1c840000000b96d662acf4d97923be467a82b71cfa132871405bb240b03f5c03296cee76b4ea01fcd79e3797f2cd10fcc7e83fb781025a1878a05e1c8027d2281893d2fc650	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EF8029C1-7B2F-11EF-9107-E62D5E492327} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433425008"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2916	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2916	iexplore.exe
2916	iexplore.exe
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE
2964	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2916 wrote to memory of 2964	2916	iexplore.exe	30
PID 2916 wrote to memory of 2964	2916	iexplore.exe	30
PID 2916 wrote to memory of 2964	2916	iexplore.exe	30
PID 2916 wrote to memory of 2964	2916	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f5e494838cb769838d043024594d5373_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2916
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a35c09e0bb99d9074783dd0ea89547e

SHA1
63dfb971f4c1baf6b73b8ccad5470f657cc483fc

SHA256
b1f32c1dd739312f44612510ffdd0f50782bef8ed21b31c2f817166a98d55c13

SHA512
f85bdac0a73a6765e7f8e5b3d239933389d23ba0a00ffa24aeb8b432094e15800ff3c12b3feb982f826b8d6bba819dd271de73e043d32193c2135785b58abf1e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
117fb178341c84b93c46e5ed3e3759c4

SHA1
ef12a3606697b78b75b1fab74e6888d45d01c58c

SHA256
96157ca96faed0a72f7cccb7db0a143a678f0d19c3eeb12ed9b05d2f7f50154d

SHA512
11c8139012fdd0bda74eb247f53c6fde509371510a004fd04671823312e4100edc39bd6af0b224efd37ad9641b8469f7aacc4858019f0943c67550f0270c57d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5d87c2bd143cbc7d6d48be227f97a3d5

SHA1
47c51eeaa3536c396ccd2d8872cd7c6e2676d29a

SHA256
ba3f192f5d75fa7b8043814cbbd6cbb0c40e1c35718356941ad92c75be8a765f

SHA512
1dcdf48b76bafe82655ab72d52ac2cf1012e747da406d8ccb4d4edb1487d6aa0926e221f0ff059ec9c38f45d5be4e4f0f010648730340d095005fce1375397cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d1c29b3318411d0d3c5edf717f63c4e4

SHA1
6880195c5c3c73a69fa2c992dbcaecdb7d3a1fca

SHA256
4fb80fd553b89134da3230d2d5ee06c40e59ec3578543f4b30c4555aa4a92a94

SHA512
11550ed5f902ede0b5b879ac1f56a06ef16c46e0934df87e97c5a40150e3251b0b2e08e6e703df7dc2422f67281547137b84b489879a23afe008d58b4c71e011

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e1df71e8f74cae677b35bc707f9b144

SHA1
53c93d712c7921193eeae5f177001fb6b9fc0462

SHA256
bf608abdb74d15063b3ac5eb87e9b9688107b8679b37bd6056b7f7fb059309ab

SHA512
4451aefca72ffb87d0622c2251ed32b7d1f2051db179870854ddfaac058b7a3f4247b4c326a87c9a9572678fe9163b1e5237efb9a1b7b764ea4fbaa2f82e27df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dc60ae6aac6f5d2b224496268caf26ae

SHA1
e3851245471d345f4efd939b92e6ad8e3e09722e

SHA256
b13cd28bbb0019ababc8d0bca42123015e5595c9c69d8e22801edb5f635bb340

SHA512
37a0f9f8ef3c9142a6f6f8605fe6c6af60aa78c0d83ee225e346fea9e7f1c0ba9cffcab5d2a9a68ce6f71d2a7af8431a81692b3c7d446886c53a199bff538efa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
95d67fe2adc277cc2a434283fc2a7495

SHA1
c2f9b03d6478dfdcd8b868582c3d65db8d447ce1

SHA256
7de7ef74f88a77b48d7da60e8b2ea499d900f6275b1a41145253ad72448c970b

SHA512
0a50fecf60d0253f256ecd9dea6f86d3f8d06eda85f398a81a1a520246be7fcc1cd65c8cce0c05f4536b025874a072baefd19b24da0a11f547e2e48803a25101

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a170add829c3f613ba1c8e95f804f1e

SHA1
3c1de034d32b1c43b4c2d5cab92a58a95fb9baf3

SHA256
ce2bc6c1c3b703dba7167dbe032ad5224d9c07edda8f7d6c35f5bacdc9d47646

SHA512
b9217e6af2a1d8377c5b33cf5272ed8748466f2e1031c91af77b1d03fa45304dddcf0a55b45e9b7e0edffc816a80ae61b5317136a5b00f8252dab41bccbb8a9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d0a907ac92e679d5cdf617a108cccac

SHA1
c00041f1d6ecc6e22adca4bc67eed5257cda3421

SHA256
df4b79d0aeebcbcf5f9ba5a12fdeba3fc757de14db7213427d8049c76cfe62da

SHA512
0c300fcd7563f96742debdb77f0dbc87b2cc524ea8062d39d0791474e023df90ec670d69bdf913058d63b114e65f8881efdc8a736ddb57a455ee3e404ba31dd8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a829a504006a3500c60ca6ba4d3afbfd

SHA1
4914c243e2b9db3b37fa0e043883c7c7ed0c0cef

SHA256
54c8c73a8cd1a3cf768650470b41ff79aa4ee8ee58c278803463fa6eb6b24350

SHA512
6860ae94ad3b4cae145dbacc044df8c5db457aa37f73f9168feb885a56e75bb0a3a5ed73326d510d454a587e6e99368aab3946f6954e620acdd6b769a007f9a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8c0a2220345f1fb28564d711f359b40c

SHA1
de13e0433685c28bd47127bcfbf68742e958ce47

SHA256
bbb32a6de60909893bab75a0aa788b6222bbfc4e20aa4ad494d0968c24c6aeea

SHA512
6b24cfc4972c85d80ce26982d7b6135293a8e1adf00161ff8b61a1ac4c14acd31e7eb3f0e97dc160cc179e9940468f4cd6466899b5699f058f2248aaa6b2b7f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b7f1578008771e8d6bad5a8111f22eb

SHA1
bc0f133fefab92e0e72e7e7254cec5ad1533921a

SHA256
48cb21ab433de7641fe76889ec8a30022603b2ad73617c922a5e5d13dcca8ab4

SHA512
3f3d5e1ffc41574061c6791184e87e196dab5210daec5cf2c1e87ad880d3120ef6ffa077253bdb93e5ab6318133f5f2ae691c6111ed7187a10e6fd2719b86828

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
76bf8efe17825838e5aabda079ade6cd

SHA1
6363d0032a8e9edc86ef8c09927ec97e4cd9fe62

SHA256
6cfddfc1947127f53d7579480c40a1d63c96509d8430eddf278bedd702a056bc

SHA512
e3681f7fc498d7f111d20f8e5292ce19091d14cb6abf714318e3e67be3f87c00d39fb785545482a2c5a7bed5708d81cb1145182c58e17333d94e82a0504164a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ea7a6abd39d4d9922343f0331050ac01

SHA1
c2c90b749dca2545b8ed4a59c7e8b8c5ce10aab7

SHA256
a66e7431b110a0fafe0cf86a56b6b35decbeee66558a248096ed20dfeea16aa7

SHA512
7072bd0d445e3ab24a1b621b469fb9681e6529f4232c04843376b846cc53d00c8421b63477b9bed9d762ac6e90bd2c5670802662e92f6c7418d26f50f1eaed47

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7b674f281c48f9241f98649a7988e78c

SHA1
5bf8886770d691910ec3ad6625e48a216b868518

SHA256
fe12e2f01a9eb5e60a9f0bb785998800f822ac11ae2fd145f47af209bf78b711

SHA512
6fe15c63ff76ceebcb570cb4d4ae9dc8fa100cb69e24e7a07c0c535d3a08022e32b744764be19c1f459c3ca018eb3d27431ef64b8deb5d75c08bd722b71c6389

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
960450ddd60bbbb97cb6bbd94f9a4742

SHA1
f80d183e5f0ee9bc83932017994f119340ffd832

SHA256
3bff1c7831ec0d2a0067d7b864a3b96f7e9cac1ebd8bf0fdef21ba82958163f1

SHA512
c660e6f00df59071efd4997343128aa71d069f1a180ab2a5e449295cd31904b6b81ba56d405b639a4589caff38e794cbe59f5d8be3acc89c94ba93fe34cb7424

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
98d485eb5c6f3c93d5ed8b17988ee645

SHA1
012bf07184b5cdce213dd4f2a9db02667a2b5a08

SHA256
17144fe8b1c4b5afe17e3c1c88a6ede46c277ac2c8da27f4dc19dd6f37628f94

SHA512
1e6f63a5f1d435ac91f13c297655a96aa53fab18fc579c4a168eeaf6ee1e5b9eaa766e705413d0bbe2195a93b8860857e7182efb660267c4f5548da33e528961

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDE8D.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDEF0.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit