f0ea922d8e8f5d47aecb4f9f449d4e331b3399ab595c0963d142a40fc9d22741

Analysis

max time kernel
70s
max time network
135s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28-09-2024 01:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fb427e3b6bbb2884b356bd66b6f846af_JaffaCakes118.html
Size

750B
MD5

fb427e3b6bbb2884b356bd66b6f846af
SHA1

d6ba23371921cc0ffdb9620f82dc2fa93caf2817
SHA256

f0ea922d8e8f5d47aecb4f9f449d4e331b3399ab595c0963d142a40fc9d22741
SHA512

3485202e25686389c82405ccd406a7dd8fb428fb6c4dceee6227bca2a5a652b2930b30c2445df03221295123ab1b092ea4ae39bc2645a94c8626cb8634f3004d

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433649366"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{548E6501-7D3A-11EF-9E99-E699F793024F} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20970c2a4711db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000079d3351265100d99eb653d30530b21a30328c10bc888be3f344cc9f912710bec000000000e80000000020000200000001acf8cd718356d311a2811d15d56e44eb06fde0897f5246b24080bc239dd00a590000000b9b6b5c6432108ad185d7208dfb9c97409e274280d55351ced2fcfe63204ca0b6ad5dcd0469cb577e19ac9d5475122e8b9b48fefb60e6ca6ae27057b913d40de03c27ee1e4200d30f2a927a74d2eada039b251974411308c3af7ac1e7a9e37f95a041a21adf405ce1ae3d81716b7e28147eca96fb04bd08b1e5205050c47a594c0e0b8a8e82d0962c5c684c9f144f1fd4000000051ff8f5791dc64cee2430386f4efb50870cab6ec15ee92a62e0183334a92d255b8c6b3be2d649f2b1363a9c2ea7c8134af81da6dfe7fc3b80f0cb7df2ef93fae	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000047a1e7f2f537eb4254d59e348775d65235352b81b46dd33114d6c2cffc7e5687000000000e80000000020000200000000a129b78bc6957276d81c7bac98612bcc5f4ff9805c9e233e7f3729c3f34d5f420000000a75f9f8aac1b974d247e2bfa4f9212b589d0055da19c84c4560a0619e4091aee400000007556c46f99aa47320e7ca0f66c51c00ee60c559fd148f751131d365a5de21c613bf60b1b90742d175ca49c185786c16dd146cff07c10ebe502cc27df89aaddb4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2068	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2068	iexplore.exe
2068	iexplore.exe
2220	IEXPLORE.EXE
2220	IEXPLORE.EXE
2220	IEXPLORE.EXE
2220	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2220	2068	iexplore.exe	29
PID 2068 wrote to memory of 2220	2068	iexplore.exe	29
PID 2068 wrote to memory of 2220	2068	iexplore.exe	29
PID 2068 wrote to memory of 2220	2068	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fb427e3b6bbb2884b356bd66b6f846af_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b08ec5bb22a2621db7d5dfbaa696a484

SHA1
e47d797049416035faad79ee2478ff68ad36c393

SHA256
4305537c57dc570917195d8ddb3064537085161534bb3a529e37df9a675656ad

SHA512
66e4d02a2a63b5aff4d3b7c7f80d0b6ed6d0472f1f9edda1b51edb6e6c8a7f18044e3655e00a649dc60d140a2d70678e09ded7734b7bc8a6ec367cb1fd129164

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cd3b0eaf97295e68b56597c1f05c56a0

SHA1
e3cd8a640cc8c14da8eae9d269994ebf8213ba0a

SHA256
0377ae38d00b417fbd51f0cb60b0cbce1422d064c73bbd98be70c676b750108f

SHA512
7f313134f01a8159a105a43627e7dc7fbfb9a4b3f7164875b1a3b9a38506abc1df375d378b12cac9e75751afd19ae636c8dd252854aabe6e856571a11826390c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cc335327ade9784b7f45e5dde92fe493

SHA1
dff53bc9350581f19f1a74ed1e6e783be6ada7c3

SHA256
bd0d6e128b5c8f139838ddbb9e3af36ca573a51e585c2b43f45cf4b6cbaf16d0

SHA512
56c697c84b191c5d52ee5fceb7559ebc3aad0531f158665c6515b9cf909ac53e83450dbf9ef81ea3ed2fbe822e343d30dbb19bc0299dd6c62f1b5fe4fc1c5722

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f86b2ad8f5fe2cfeb4c006e783430da4

SHA1
69c94131c50f099555acf001d7a165946ef31fc0

SHA256
e4d0d5694fa127139c9fbc3db3c94acae2a43e2ad39b050fac8edf76b365299e

SHA512
482a62dd359165b730b80d6da30180c68f921c2ac6b1fe3c3e3f0545cde39b0cef3c00ec6591b3c7cdb339fdd196f5c0ed0c44d36881073217ce046cae7f4dd0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2205ca03cc8e5596fd1a08bd58c30813

SHA1
5e5338c354dd0981705e96a2519ab89b63fc127d

SHA256
8a76bf3acc9069abbb836181a700e627004d63715890e9ce464f7e45f02ab320

SHA512
b9c8a7ef1fd6ded2a46d188f3b860b55cdabafbf6513d2dd9089b41772a89e01323a3497fbabed256c77c7e76bfac2fd84709fef73fb41af6e6b5713bc844fe5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf23ff24ddfc38dc8bdf907ef0fb8200

SHA1
580b4deaaaa6aec15fa74bb20fd2f7befb9837eb

SHA256
4562cd6f8c556c0eb1fd43344370366ed66d0ff97188a305fe38ae23b3d2184c

SHA512
ca22cf864f0929e8e23fb534d81c3204bdb81939295453e1258973eb1c55e40ae8fa4bb49be2a30226fa6b1800d0f30a3e67eb0c503934bf915a032ca9c1d955

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54668c9991854a754b3e733db527e612

SHA1
1e48d26fbb584cb3f2136979764a9f6a04f14fdd

SHA256
641c464178260b4cbf90d793e43496c3e1c6c4208eca3befb34e54dac15d3cfb

SHA512
61a919131a185ca05f69944d61b66d4bc2e23de1b9e1abb8df5ad0e9298d9e26a1c2e5b43e4c204b435e243044dd5399d68201c7c436eea27096be4c9793d79e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
105334fcffb443962e3b8a9ed438b4b3

SHA1
5d87abcb1645ca70cc7d2e58255561faf3ffc0f1

SHA256
b3c8a957ae37d7f0b9779efc7f3c9365818cc54608db4639baf61369d88da946

SHA512
c00a28c61dc7c0670cdc4daac7fea4496a70fbd345f988dd6c1714ecc490806f018e572262390909ddb098f527a0557a2a581a85647ba5934666aa617f252278

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a38368d39740bb60105da63e0b0b30aa

SHA1
0e0483a6d85f6e6348aa88f975b567b4819eb4cc

SHA256
824b1e1797d81e43cebf03b7c7ad507fd40ff883f849bd26ef6aa351232f4941

SHA512
c6bde30bfd67a6159581f863b9472a07af7734186981b5fc344f91b58ef9f5739d191a2dad5d5787c18368c400a926ac9d3953a6a7414d2fa61e73efa7281463

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0aaea359672e09361590ebe945aa8473

SHA1
560393c6266fca1988b2a326707cacb181f8051b

SHA256
0c0f2bd1a8775f1da558566cb6d2a9e4d5d87d89e244e3135a5e3c409074b57e

SHA512
1b6b0662e482ec29ee0963b0784e687cbd8b7867cfff5a955ed7ad4d813ddd57df478ef1c2a03ac11419dfe44c7149eea8ad78963fd5a663ee61f53f5b81ff7e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ae58ea5c52314bfe4fdcba80f7308aa

SHA1
ee1cc8415abd9b8d62dc1a05623e8f6c402940a7

SHA256
fbb3d1fab1107878d6ee9ec8ce460629676232f158ea929d730a6b3f62c7f946

SHA512
b5ec8d7c6c32fb24a91cae1071badfdeb8e8c03ada9ebc8eaf678ea07f50e866bd29f9ee7a0166c9a9765cda7718c6a109ef8cbd2d1d8b7ad920c421be58597d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f7c3622613a61d01a7106657b1c838a0

SHA1
2e868f02a9fe3940c8b5db6f970b64aca859b5fa

SHA256
4035587bf4328de4940facbb33f51fa984fa7398b89474cdd6b08aad389fc0a8

SHA512
e8200609158f6f349c4009b4475e990b08dc3670689661c1dec42d98958bda8c39f076239010b3e8d532ee8b2c33cea5dc588c556b99ddc26d2b15eb2d86eb1e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf3e6adfc1fc873ddab285897eb10e97

SHA1
9b2dbebb2dabbee1fa5c2314c3cf79fb970b135b

SHA256
e0a8c9563e632c9e6ea9a59bbb72da2c2a837dcbaed9bac3ea079bc8374ee20e

SHA512
90cb12c9c37f5d5a4f678b3d14f0872b561b95dc4a47a0c6859b1b691d446060238017ded956584eb53dcebdeef94a36303345cff85f5b8e3ea7daaf20a449d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b521118d8d4341fc26168efeb1c21ac4

SHA1
0f50d50de5b2d521bd96fd2c48dffc3e98600ee4

SHA256
b38856bf5cb31d93cc28538c18344da5af6d0657edf5ac7384ad7ba961f6b560

SHA512
6888d7822e2a614f5b6acd1929649b6e311c12136c85ec150b738a0ae8e01d6ef28e98283d8b44a45857a29771da555f9186f4e8a52b9710796111bcd970b334

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1a8549085da6c444cd30c0857168973a

SHA1
f509133df2bb50fb44d7f72e6c55c68318375895

SHA256
3c41ff5c50658e7114f57f1695fc857a602c06d59b2e8ad95daa4bb2888be9d6

SHA512
8a1fe88c50b6da35052cef17adc3b59f802aef28d7d000b81a7855359b145ca85c6392315565314e556ea6a117bcfd77a9755937327ac495281894812a1bb3d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2241ca9452bc61f4cfc5981896eb6b25

SHA1
6798d9168dfe7ec4713ca7cfdc1efbd7dd5111b7

SHA256
1bd708eb9cc6e273791a2e2b50bf43588621ad4c998d06b08f36211eb95edfb6

SHA512
d2549e51f37daa5f38ac85176b213fd243a86cdd5e09243c4bcb03fc383cda991c306df5aa6f18ecd1572af2917a425dbb7aa4f18565ada7a5748f7d2ad57bcc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45050c1e012709f0afa56868b9472111

SHA1
f7d38c2f97378232479e41423e555d03f4caedf1

SHA256
2e16072b7db565f4f69b6c34735b6dbc3a156ebe18346734a298086000f9f73d

SHA512
8face962879c65cd6945b18e53823049b73ec09c1c72d22ee9d9f74877fbc390389173a240de89454d085db4325214b5bbe4ffb4affd2a69ebecba82e87ac5b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee1c9bce53ae325a52ba69212deba5dc

SHA1
4bfb71a0afb3dafca58958fdc9c0b917869c7f32

SHA256
0cc8037a4ef0a02fad1d28a2ceb41d3e8bd68139097c3b811432fff5c1cda533

SHA512
d868c3b71f5e19621cddb6ccb2712261029e3f5304fc1c2716dfbe30c416c96cf3b8cf3b82e1c3de2434e4a87c45c9dfaa5681a97c0c006eab963423882dbd7d

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA91E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA9FB.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit