9b2582a8d121e5f680c3af0f1a1e0f2856af112399a28d588067f014018d8f24

Analysis

max time kernel
143s
max time network
148s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27/09/2024, 06:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f9eaaed0fa72fcaf061dbbe41a2bcb2c_JaffaCakes118.html
Size

25KB
MD5

f9eaaed0fa72fcaf061dbbe41a2bcb2c
SHA1

0986ab04f01dafe304e89583cbaa5616a9a7a896
SHA256

9b2582a8d121e5f680c3af0f1a1e0f2856af112399a28d588067f014018d8f24
SHA512

81a7ffce66c43d37c95ed73224c7bc8f98fb0a3c2fa4adc61cf2c6e16f48ca4f361484265786e18425179842ea667c6414e0a291daa050fbb22b13222e6a7db1
SSDEEP

384:koOhimqSfar++PuSUvuuzZmD7Jz+O00vnujKr/9RwHyu6/JxJrqr6tphcHzw1N1I:Uar++PBUvtsRgy9UK3q4A

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433581178"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10476a67a810db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000e45597e76da3ce1093a3c8adf563a970db07f17b44279fb99167fa20830f1641000000000e8000000002000020000000c47fea9dd6a30d15bce12ff7b67e35e5b8818ff612c2c8377eb36e01fe43c6c220000000f05b473586840839db6aecf5d51cb855d163a71e756354d44a3e5dc35b67d07540000000262b36a3e256e1b50cd611efeaf0fa683c71648b0360915bfabf25a936be814b397a59a5d215e8bb4774769fe6b99b4eede17b4f9c74c9be2956104d97d8cb5e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000095b66bc6ea46d9a605e16724da5bd0c89fe5c135f60cab26531d8857c362fdc4000000000e8000000002000020000000786cf77f6e65b759c2dce2846138ab58675003fbc8aa77eb7eeda05e85152c6b900000002636b863ffc765e6be2a2104a4a9367ab90c8389ac2394f372c4bfe64b0f2b80f7123da02ab3d5c034544b5186b3bb7e8ff7501b5bb5ca386042864b735b1cc7c933d60582d13f2f155759c5362853721a39252c956015ef988ecb0846dc89519d267dedd26662070dc68dca690fff59b5e0759fc18bb3914045a4d9dfb4e9e0ad6812f84c60be229d0c378e14f8671b40000000294d3b3191ac0b46e084705444cbc2ccfcd9345c6c3267994890c333cd135a0aa4c5d002e7af67280d8a0cb54402b9e7b2d5594870e82d1a0cf4206a732cc43b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{91FEF111-7C9B-11EF-A7B5-EAF82BEC9AF0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
572	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
572	iexplore.exe
572	iexplore.exe
1988	IEXPLORE.EXE
1988	IEXPLORE.EXE
1988	IEXPLORE.EXE
1988	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 572 wrote to memory of 1988	572	iexplore.exe	30
PID 572 wrote to memory of 1988	572	iexplore.exe	30
PID 572 wrote to memory of 1988	572	iexplore.exe	30
PID 572 wrote to memory of 1988	572	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f9eaaed0fa72fcaf061dbbe41a2bcb2c_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:572
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:572 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2eb513f5d30a138d24c99efc9fb3391

SHA1
a8f3ce422da243b0ecf1ec14462c23dd925958c7

SHA256
2f2ef0b5c69fb4e65271ccc9471548d2478b7dbc9477ee8572774bfc2a1dc1c6

SHA512
19c619932cb831e854b9d5dac590b1572000bb6d70a0d61199821c6d4b1e02f394dee426a9ef94b8fc591196bf4a28e6d4e0a18a684aa3c2dbe4377d5a23c2f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
25c5e4b6abb9c8e542866f4dfb0d4219

SHA1
10ab7fc90dbe386585788fe3fa14b87645a73fed

SHA256
5a470c749d2973649599a79971739d522c0588d41fa3bd9d989a0425a5b03232

SHA512
48522a3f9f565a09cfcce4aca7caf36ebf741eb0e45d70a2c7533dd6eca8a3230b7163d62cc5c16300aef625d66c0071890a569619641276a84b350770b1d860

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d9d7a7a9c9dd760f06259656eb6da85b

SHA1
f42930e13daf6b8880d314cb69c80bd4c8045c64

SHA256
1bdfdc7067f65216310a714e75d11013ee0a477060ef70f9455d49a6ee89b848

SHA512
06bef4e906dfd5f4ec441d08fa77789c1f0f9f5e0bfb397f051125b59ce4591a32eab42cd997ecacf5362080f72b39d54d8c91b527e0e4cbe94997801cc067bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
19971b15cd5eb8c583ba50eac5005f0a

SHA1
b50421c57ec9cbeb53a4d0ed9c56ba8b49f2388c

SHA256
81daa6bf1fc92287f50e781795ead4e9c7e7a8792e7392d10c85f7561f836929

SHA512
da61d25cdf66b626fd0d796a6a87ea1d47b37978abab6919f9b1230acbe650cd47df2ba9b9e9ad0b747ca8c9bb74aa94bac54a5d494d52b9b4812d9117ee9a18

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0f39eadaa1f3d904819a706b8a6f755

SHA1
ac46155a16846eb1d6cbc2bd5e3042f19514cea0

SHA256
849e04eeb711c50e4ec001873bf76b553b42ea44d09ce5fef3808b3d88f337b8

SHA512
39263a9ac51f5140302f1b722cfee097e57789f7a37b1ea1a3a5556ee8d52f45b10cccc03a8cbfc3c41a2a82799d18a21cd703c1e66cab983a2f3abd074d7812

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8f11ce5488f8adfe6f74a1d6d6906c1

SHA1
c74f3a4d09215ad2782cb83b247dce61030fa99e

SHA256
7814113bf22c1a02824f0a5f1a571786a3df3370e0ac9d84336a0e9b487b2178

SHA512
7c4249fa8c9c7004d01a2653cb2c63ee1a5b7caac1d233ab8032c57ad2357937f403a9c7a71c83b94ee30a5187c1047a17d0f1d4194d775dbd1071ee2faac5d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c36ede08eb77cb1865d91b815b70af3

SHA1
cea26ddf7ec241cba294a10966a59e91b7bf5f1b

SHA256
a1553a3f60ea00f0c4ed05623a43b3798fcad557117d4a1843ce19bf8a0cf0fa

SHA512
b08a81e10ead64b0fab18547c2fde9ac21a86237bdfed336027cf20f12fd49a281bf921ca99e961fe85c225c02f09caa00e1aa6ed64886ab8e901087aad17bda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
094a16b6206c74da0fc89134bdc1fb2d

SHA1
c60c7f1c09edc2ca4d7e8706c9e8b4c0e19782aa

SHA256
c601621578b9addb9972c88d10ccbc70ea7488fed98948a282eb330342f1ea73

SHA512
228263b16b8499e937cad32feca5ac3d0436e98d5199a3fad61e5c5998434284952da9abaa29625b653d19eda9426ae21fa4d02fbad4e4f953a8f63f93d14f5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3728c0aaa03034b6fd92afd339faafb

SHA1
b492411dd488f2f24404b71d1aa1eee13e259277

SHA256
4d8afa40244bab867c84c17dc22b0936c7d40571b72f8624d3a761b10803a20b

SHA512
4ab3c54ca7a8bac38a711f9e7a6ac6371da7830f5a230dbac13d34b06715a9ad5c6ba850c0fa93e18f9fb53ebf3dee467198547cd003c205849b06dd0c2c5393

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
55938e3cbfcf65be74d8eff2ad102473

SHA1
4504da857236dd10e7074cf8ebdb74969cb1437b

SHA256
dedca10c21cf1567e738f2bdc4f290fa2b3ad20434849b9227c2485b97dc1994

SHA512
fa16d5e0660b85cb4423a308d94a733e6bfa10c2121c46d0e6df97d093269c3d7c78e3b731cde4ac1a764660cae1b566d94a9407727e35f1b93c83b97c4d240e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e8e6dd0ffe45925ae07464ef1b597da

SHA1
7c591188c7a3def5813e6de0e2e02d41bab66cd1

SHA256
f6c77f0ef9cc64fec8cd3e2cdc25b37bf949eeeced5b7847c73f6f611bb06288

SHA512
24f9be805880dbdac4bf4326c5cf5869d1ce9d6d4ecacb50605abc92b99c187a329f138b11a55274eb46e616306813a6b46f8d911d281fee7b7af36e328f1383

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4c777b2952a4a9263b8eb44c9042230a

SHA1
509d81a8a1c565ce0f5d6a43ab12e19125aa2a3f

SHA256
810ddd1915678d5312b4f16c9c57f4db7a41c258300b60cfdb1a1f8e9e72edac

SHA512
c2d21885e9c5993e9b47893753c81638cf725c5e0df18cd7f1c66f564b434c9368a4739a29b00e26097fde29239cb2c940c34a16d354285a34dbf44c0213a464

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb85877cb2365924994f9b71c07267e0

SHA1
50e151c4d82e5bee0c04ee8a815ca80fed40a7b1

SHA256
4b419f2d9f13b8624fcc77159de6a3d6b3c31df6c77165edb644e1fb1f5ed121

SHA512
7a71f7343053dad5cf876bb136b1a4ea4e19fbe802d9b71c8e404687bcc6170ab4c0bdf1bb6aed91c824643252b54df128c3c1093d49d4a1340b97b64e0c3e8e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bdb28f323201121fc743fdf00200c234

SHA1
06a97bdede2e9f96e94d520bdf3c111c481715bc

SHA256
374535abf89f247bdf0e85016d1c67593547cab11efa109fbba95282b676985d

SHA512
425c2153e6ba9f318b4c08b25fd8c592d2a25bb21627ea429c843aba79f8c294ae2953035c68a758fae2a7f05fbf072cd5f5193598cb4a1828df8bfc6260621d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
848e88e31bb528cec44f4a27b8213ef9

SHA1
25ea0fb098769ba5fe1181c3b909a0a6ff13b3e6

SHA256
ad815fc233460ddc24bcdba97398ef9077cea2630f55b7103feffc934043c83e

SHA512
4aec8585a30828dbb47cdaf34273094aabcb6d738bc1616e013943c6cd03bb74e4b4baf5dd0df2f6c29d246da8b39ee17507ff94cf37ef7c46bba341bec87420

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75b762f13cc04e1b0c555980377dd498

SHA1
71ac94bee8bb01cccf454c2c770f3a395cb80f9b

SHA256
020bef653528e48e2ef184f6481342010c8e1edcd75c5fd00efb9e12f4628e36

SHA512
e3557387af05f1fcc9b84ca3ad8678b309eb9767447584071cb2c1ada7a12ee2e6c51460ea278961a22de9b6c508cd107f9b8acdf2798280deb1dd4ef2315020

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af9ce9854da4a285701fc6df312de1bc

SHA1
f666239fccb49bf438d897dba37b66ce57010482

SHA256
9ff0644e84fd8c1e52780481976453511097a921f57c9f61d6825bb1ea4b152a

SHA512
a11391b3089d895dc975f714ab86e71b892f0cf6b47886eba3766a51394db16de12e07ada8d7006108211c2eadb3e20332c7bbba22fad4603e2481a149dd1c41

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA9A8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAAC6.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit