f2f34647f683f6cd8a510783777ff658d3d1749b75af2879a306bdb6588fff1f

Analysis

max time kernel
120s
max time network
130s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28/09/2024, 00:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fb2b765d30d5838298b5689a8a578766_JaffaCakes118.html
Size

5KB
MD5

fb2b765d30d5838298b5689a8a578766
SHA1

b1d49b6d0e7b5b020e17ec051fbe280ad165d4f4
SHA256

f2f34647f683f6cd8a510783777ff658d3d1749b75af2879a306bdb6588fff1f
SHA512

3b698d90e9900a307b4af9ecc304f18d5ab9fd136e3b347a4966a9727a801792fa8a7f9efab8987fb6791f8a3dc0a5c8f4193edc17252f800dfd59a104cb3173
SSDEEP

96:4+BYYr1SxdcobsOyGx/Jqnql6RT04Xb/8tU6K:/Yaob1y2xcqEdPrxL

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000953bd8210872ea40aad5946cc0771cd300000000020000000000106600000001000020000000cb068386b8c38b8ae04eaf715ae3b5beb9f7a0e7465c69bf9552b0e9a241352c000000000e80000000020000200000006c881a92883c269613136e31501b5cc67ab2614ed64781a7e72cf993e1342a7390000000e75e22259f0e91288ecb6bd1a9dc2bc4d27c4800f5a26e7b254b9d70bb519593a08eaaf6384c4cf418df04e95f7994ca5f753b4f019c1b28fdfedb493a93d524f84296e1ef0d5a502b79f1a3777cc3e9144cc9bc84b07a55b469889a9227ed595fc946939d54a939cacf29e64a8c6a786da41722462f7ea27a9b81eac82b81f49426905b619d0142aa6c1b1660db58414000000075ef6c5837c02ff5b863d916e2c10fe989317235b64166eeec4a50ae23806cfebae2332a491d69d1c50a6c9a44d7bd954eda93b791a4bb0498b6c2046394e96c	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433645037"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 106bc61a3d11db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{405233F1-7D30-11EF-976E-62CAC36041A9} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000953bd8210872ea40aad5946cc0771cd3000000000200000000001066000000010000200000005ab9492656a982561a8232dee12d2e8720a0c4a18e65887c300a8fec1887c8d2000000000e8000000002000020000000d93de05c548985eace087f50837a54ac3c197f59a5f662544726adf8f07bcbc820000000a98a8b801bf138b1028c17238174ca851bc2ac2fef492dc0f9fa05b5b6d4774840000000f8eeda1ce64b8b4c0a1cd62271f9544c8d3030dc868902ac5326e55553c4c06742d58c3d895c7687fc1a3ad5c0b7fb571c568aa16a74f0877f239a3539f5b641	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2572	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2572	iexplore.exe
2572	iexplore.exe
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE
3044	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2572 wrote to memory of 3044	2572	iexplore.exe	30
PID 2572 wrote to memory of 3044	2572	iexplore.exe	30
PID 2572 wrote to memory of 3044	2572	iexplore.exe	30
PID 2572 wrote to memory of 3044	2572	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fb2b765d30d5838298b5689a8a578766_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2572
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2572 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0b5d4af201cfda480b1f91171162ddcf

SHA1
0cabe40eb093e73c71b113dad462a4b17554c02c

SHA256
19fe5cffdfef4ee2182502d54fdc663e31fb396ccf48dd61903230c9687d858d

SHA512
24dd7e9425156556635355f59ed371c5c348f3f826bf79fdc2d777df3987fe57e96755a2aee2a93c56f841ccea1bcce371279b8cd10e71d06aae2c1c280be62d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1adb74fc6133068e47607e59b95ebfc

SHA1
db993a55912304936e14defa5c6cdb885d39dc49

SHA256
217bad5acde5138b7c5d8c19d115a1d1dfd93c5b059d890fb8c5592594b878d7

SHA512
2d58ac60499b479ea6d877efa2720be820ffdd9ecfea2f7904a3a245dc8e5ee0f1d531d2a7efc4ee8625cac60d129ca8046849b9990de0edb56edcd4c073fbed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2475e8d7a1d08a574d337830c10d2ba7

SHA1
16013fb3874e02938d5417153e9e575ef92c85cc

SHA256
0fe0718368cd30fd11823ff9fb7b88dc97dea7f4b4cc46944a2dcf52531b7e49

SHA512
06b3e875abaf6c70d9a35c6cb7a19849aa8d06fc99d2a6f0111b1dafe2a4b8c1e5a577c2e5d2fde30d204707dec68f3b6217b58170ff67d7d3d6e5589094d4ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6904546e74683f42fc5db6d1901282d1

SHA1
709e2bf45d111c568a3d7f3a64b7d88eed4c334a

SHA256
48cb7d8fdd310b3c61dc56c82315f434ba797dcd7e6b3dbaa9c804e8f27d56d7

SHA512
a25f881b7e006d0cf690d9b6dc904fe632780a20752dc08edeaeddb9b734e439cd5741d701577fe8de4f66b54de61bb4ddae914f79745a898eeda3e7e41c05c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7d438260b1441de9501daf38fb8aab1

SHA1
78c8c4ac3cc0806fee55c9e94cd8bd2f52a65086

SHA256
08d83fed65f6d34408da88f078d552e417b5f2a656c5573fb7c82904fd8e00e2

SHA512
9bbf1a1563c8a7b705f608fb1f14e35c4152b3454e7a34b5a49ed33fd7fa130c051711c6b2d0bab408b91764fd273e81d5234613d2de05a26a382cdc36ddad78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
52bda039d285a9be6be60dacb89a3be8

SHA1
d405f7f60f2dd8fe0311abc2582e2cadc28849d9

SHA256
f20beb202d20046f8fcaca0037c2fb1dc1734d5c05f219188fc4f5e2f18a8f84

SHA512
cec594efd824a6440f3822d10ba3d2c10742619cb400ea853a181473496e3387a529551317126d0082df1591ca595658019862a6b2e8643d5226e607ee4aebf3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0e693493c10f6c3273dd9b390427c79d

SHA1
a2478180816bd2f61b887157f14f289c68002f8b

SHA256
29075ba0599694001b8f12227759a009276b7fd6b1dc90dda93f7f1643ba4dc1

SHA512
1b59ba5232d3b3eec6ab5e51739f84ad309605f14b4389603efe297baa4af2f0dae9042eb16a6f4432dd3926683f21b6344e9a77623eafd403dc573f9b7059c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54b946c630d4f616a35abc6a193b20fd

SHA1
f9b89fdd432b698f9cb8ea4d9117f82b7db424f3

SHA256
fcace331f56f5ffa79411028301b373f5d582d6968cedb83c17d1b8cd42711e2

SHA512
5e4473161c89f8c61edf7de09b2078244cacc5227935110751ef8b6a46d722160c11ec5c0659bc5976c48eb871f44ce7f4372bc9e714092411be07e7a56d7196

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
02a1b4c3049b738f42e427fbc5aefe93

SHA1
f38f9d189407991f61baa023fe8e139c13600d98

SHA256
20b8bac22beb2b19167d11133517b0dca2a7255aef4d3b1c54b7bdfae00832bc

SHA512
3a08254ca37996057193ec91709d9594a1fd3be6afb1491afdf3b3f3f66ec9a6671a505d170aa59d25a2f37397b92b1683cd55f5cfe421585dff80f4c308a3d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2355dd25ec5703fadfa45d23e312f1e2

SHA1
59dd254e1e4d683eb91bfd9cd72f7af9a96b92f3

SHA256
cd307f554047346c6e27b2fa55e3db81a911ec80a82326a81cf45b7a743bd3b6

SHA512
803d27c396c58bfaf8f14095873a04058d58a0ee34c2ca6df47e8a71c3852a3544ed1bdb871703158de846a0dfb825acfc27dfb80e42a5a3fb0c7f4d597ae427

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
61345649664be28fcb9f5a1d445fea7e

SHA1
859ca72d962e6b2e6bea5242c85c4260dc69438c

SHA256
a71d440914f5ea22a7bb2bcf179f7892fb8e52b4851fab8d931245b02d9d2675

SHA512
bb48fa9ea4b807d411227daf3693ae914c82c6c58faf62cc4d59d6b257315c61d4ea91ebdd91dcd913cdf212da4cb523878cf26dbd6a31d4c55e04bdc15681a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
031acfc412a9cff3292a014d50f64e59

SHA1
6ffc21d51a1431ce50f749573c936be2d73a0e82

SHA256
895b04a46932375f6baf4fbad5890c7bc8cc80a42c7ad834d3026aa42cafe4e7

SHA512
95957820c90248d69ba2f3cad13824f252aaa4239d8cdba25437af78004f5c423217e99229de013c2366953fe895fd371f7cd479ec54ec304dee4e96fdb33f33

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e01ff685c607067be26cca057b09f583

SHA1
aa8eed1373a760064050e793a6207c86c58f2ba0

SHA256
876e5ae2e7e3585d07724c239e1be6593acd53890e4606da7f68dd3038df45fd

SHA512
2db8bbeb514922ddb69b3684872abe4678b9e16b1cfe0e3e83a612a85fdfde1b94e963d421f733b9ac5383946eb84ecb4cd6962e17f2b672388246e6594222d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb528406d7dfe1343c53126ef5f39f50

SHA1
13e4733f49211502f2dffa28666eae9559036f2c

SHA256
eb7bdb781ac6034eb1b7b576bf534e2d6977032b27cc2fb374422bb1c22df324

SHA512
5b5de64b89b2631bee68a7ad0d931755821e7585f407e156901a2caffef29243ed6764991d4d19bad9e9f8a14aff1e432c16584d97a92e4d4b8a68f9b2f05062

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d611b12e68d34094ba25c68074337f5

SHA1
3d8f9d2b1ecadd683f4424f6a3ea5f43681f7d04

SHA256
da04f4769c07df0d73c54565e8ac93b956b9d4c1ec30a2df74e4f5f4f9ab94a3

SHA512
5ded31b9ab015e42ed4143472f77e0009fde02656b35a5f0bfe0a415fde6bac3489c85b736f324f723baef66d961d4468fbf79b707a1c1c58fd6b22f214c31ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbe12879de9d14d549aab2169e76921b

SHA1
06a8b407186bc163f5a60e55d4829200b6a3cd22

SHA256
72f3d3eb4dd47b52dc3cece23b48f7235253d0cf15f189d0416491bc5a0eb80f

SHA512
af3192fb91c8540376fed9f04b502d5be1de0ea216fce2dc261e2302d01d29859ab534949bb29ceba15905d1f11129510799cfdf4ef8741cb88ad8947d544c0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c95a57b7d6c09a5e7d83fe5fa3183418

SHA1
4e66abb3c78edfe50148dfa1874717f6a8b9e2a9

SHA256
81b634099b414fe106dc3be4c835a2f80a279f2581b94f68e1c947f858b6b083

SHA512
ffac66f22e0c282e053428a7d5c6e84264c68534f3c69a6be7da04c126fd69914bed4d1b609c848ccfcbfe0fffde71d30196c401f8033308335b7adbacc378be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b61a0f0826ab0ee51382511c2fa2c4fa

SHA1
902ea883a7a7eb097ae6b246123fbf6ae6db6dcd

SHA256
e70d5f45579250e373f3d499d012c8d98e9bee83bedca7c9866665de6dce3207

SHA512
ccb3a45bee7a5ca60ed326da810857e7cf002b6ccfe8726a451d23c345ea6f9d135d52e146169a8cc0b24c6719687ea946baf045f732b9a3b25321673b88468b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabCF71.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarCFE3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit