973408c5b82e4efbb743c3e0d079bb611c0b77f2e43305468756bc3f1d4a9daf

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
28-09-2024 13:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc71927c07ba3ca4d78fed212b54a4a0_JaffaCakes118.html
Size

749B
MD5

fc71927c07ba3ca4d78fed212b54a4a0
SHA1

b938ac9bf6e01fccbe3fb5be836796f7f706acfe
SHA256

973408c5b82e4efbb743c3e0d079bb611c0b77f2e43305468756bc3f1d4a9daf
SHA512

8fc04c36009386ba021a362a9e1afc05663dc44e81959c4c55cecc7c50d253e13e20767c31ae8a105dfc69b7b345b39d8ed6c2d8f59f4f14603e8cb67ba3f90f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb90000000002000000000010660000000100002000000060cd3947e4b03cd6b45d85e7639eaede620d53ec7bf961a27b152805190213d0000000000e800000000200002000000034a087492f0cbc6b95f2a5b045ec2212e7322ae13b5b351962c6604feb68a2b720000000e0eeb3f6387d72d20bbe79eb353e8cdf52d978f75d85e818511c3535dc5e9c75400000004ba56e63d84c4a518d4c36f81624656399e19c06169385da569afd6677b4c237e20c34c677b76187ba789dd30de3f1e410eb12218a246329cbc1ae5bb5e195f8	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90521278ae11db01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb9000000000200000000001066000000010000200000000603860981830c552ab8be4abc81320043b61fb91303173de95bd1b9c4fe7d65000000000e800000000200002000000098ea9b4e09f8df951b2b1b39c8235ff3293613d258c1632366c61300ae76eb839000000046fa0afb4945a2d6c70fe5644c7acd030280b267a99d35643902394d978ecd7dbaa3505e41a94df799ab843134cd8f02c190599c44118905bc1c3f09e1c3d1371057c781f89fcc2f2d3708716cd29bacf77e741edd789aae7f826ca2ef3ec70e70b47f7f4056ecd7b8d3469cc1d2676942b085ef487aa2bbb96ea8767b3ecb3e9f8ced41371f2e8cd1874bb4e137d6a340000000ca1537d15dd72a1302b9678d2b47f3c62934f0ba436c7ebb468e1e833b1dbee0ca8179dc72e0a432e1f0643ec29dfe23002a657f6f7690206216c70005f414af	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B04D3031-7DA1-11EF-8EE4-42572FC766F9} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433693754"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1956	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1956	iexplore.exe
1956	iexplore.exe
328	IEXPLORE.EXE
328	IEXPLORE.EXE
328	IEXPLORE.EXE
328	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1956 wrote to memory of 328	1956	iexplore.exe	31
PID 1956 wrote to memory of 328	1956	iexplore.exe	31
PID 1956 wrote to memory of 328	1956	iexplore.exe	31
PID 1956 wrote to memory of 328	1956	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fc71927c07ba3ca4d78fed212b54a4a0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1956
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bcc561884a13424a279465eacb112e2b

SHA1
c564eeb6bc84cc220a83c07943e1587d02a32a42

SHA256
cb0aaee5604ce5c4bd78e7381fc3d1f9c50a0e0a6392de86f27b3e50d1a62042

SHA512
8916803d3e676b2c8c09fbd96f406cbec5f7807e9208878a00d53a5c08343a0bb870df396a1795f96ed9c2334a00a791e911c998ce217fcab681cfca9e7ab794

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
65221504628513318342ab4ad2849f95

SHA1
a1d3b4e9f191957f7bcb82bae77463ffe0ceb911

SHA256
f414177ae172bac6f1cacd618fff8af81097abb977ecad1632212884ee89a1a2

SHA512
5362bd2bf8b93f082ce50a838f3f965cc218890b8e0afbdb068e8483cb71d2c473748ad55998c17ebc974a88334abbd729971e63b1e2104e007a504c98da79db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cc4722aecd372d33d3e6d958b0435c09

SHA1
2e3c763289bbbec1c0856766f528cc780bf955a3

SHA256
1dc5271667104c19056e22b65f85ac3a8e963419f1516ab154e159a834f51d14

SHA512
469e981b4f437fc5d42c35db2219665528aac30c8ea23a77e985f41c66d57480784c0a7338baa563af573430f9656a028f3e21f69eae40b6d01bac13492623e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a717d6a2fef78c022e1308d8d95805d1

SHA1
e3d39e0c53033ec8cad8360c4c363d7bbd263fba

SHA256
ea2e030fe91ce4bf752a8ea31079ec0f58ac272961a34bfb8754d6d7f461cc53

SHA512
ec5e4d9e3f47b387cad8cee7621d4c7a04e4a26552b1ec70c4c89429dd9245f6a2c2243c1ce088a6f6fd97561087bd92b6c8ac967a5caf279ad8f1400e05bd9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20d976332103599c6ad1f535ab1da843

SHA1
9fc635fd9522f21528c44f9aeb734725622f9fff

SHA256
902cdd9bb0416edef576894d01a90f06f63e3c922952d1b903b18285915b4975

SHA512
87fa4fad0fff83cd2e61c5597f4724ae9f63ce60a07b57081f132ed545d9d81cd5ca18bcb0c524d93fe58fca1b3ea2af666e5c94d6d914091c60533b741bb903

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a2a229459e26c9139085f30a1c52a86f

SHA1
d121f7db185167c56e8b9cf426c8fcd202c20818

SHA256
34a28666cb1863c60507cda1fa959519e232c5c8c34d1d229215ce691aeb79c3

SHA512
4160d6703af84afa7f42abe16f50ccf90f2472408840291d5000025d983963941bcc314760a6a3eb746763916cb039144731bfccba850c59d1403c0a74d771c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8eb83d50e7c8da089af0bacd8922e344

SHA1
c46489ec55113f8e4e0a671352a268ed48062dd2

SHA256
bfa08c59534d639decf9de9f27a7186ff499bd3dba29cb1b8134acf77b1ebca3

SHA512
7b6493cd86d0c1400a59da97e9553b4c1312ea2d2cb08d287cd61c96643b3a47700595ab374c288706bf08adc4a33cfa51ec00a7951a03a18860dccb05b8c306

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
666d85acc2ff151817ed9eddeb8e3ce7

SHA1
bda7f5d0a9a7236fb6778bee172611c3ca771f34

SHA256
d5287c0ced6783f0f847daac92aae9bb5bac9836722d30bc6ccd3526a32cb976

SHA512
1875d6fa4819dc4e859acabfb01354367a45d3d369f0350f3eff6a34f1aa92a3479392a53ecf91c072d28326599dc1dbc7e09c31d1dea0a144cff10cb0f9bb6a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c018dd5f7d6ba8175bf6deec9503ae46

SHA1
4b606deff334f71175dee8e2348cfd0192b2e76e

SHA256
6ffa3e6011f39c7e92fd3342e946b10953e10e1637ec15d9acf71782f1bdb04e

SHA512
f8adabedacd06b57976eb19c6cebb074537acd35262fbf30fb2920ab88136d547a38ded24342fa9e72e75ab955663a76749c4cbfba74f9f55ed7e680d12262a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47543efc9904e448d3aacc59133dc283

SHA1
b1ab4b3194179d278f0a844c9abcb8de3750b1de

SHA256
bda8c876866c6bff02d80f4003a1193a7a4fc425ec2be0b8180e6ca72f5dd348

SHA512
fe6d9f0f4b38a880af860c122707394c21cc9c53ffacef6b5dfb6b2f2a55df6b7a753c1483829a6b79918acd6764129abb6eb9024ba8a44592c52253ec741939

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
815308e5fec1eb265dc8e141c5c17dde

SHA1
83a7944f17fdb42d48e1f8611b77fddd18c99d10

SHA256
9c460e497815305a0129f86d9eefb81e583bcf0a5dcd6a15af351b12667815fe

SHA512
7bba2db61b1ff236d3350261c580b5545cf344b1a467300e2f950fa9aa4998e388153d5411adb0bf8a47b9104c12e7199d15d22461fd9636302a7c16521745e2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f9e64a69415d78de7b8150e028e91b03

SHA1
27ec3eb12e4bf8bed9bd417924587d94635319a1

SHA256
7d821124633f513073e1daf74040a94cfc770901874cafdd3e9e0176b83464ee

SHA512
8e593cf8c6147df9fad43efeb3dde57f304d14705cdcba67fe6120ceb501e7ea130e64a17a01da9f513c9effebb4aa4dc4d92e12bfe0838451bb646632019865

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a61d01123d5ad02299815b666e299b4

SHA1
6f2e561910e526c29754a702e1460fa49a4e4707

SHA256
5bc76281d27f59a7539f621f7cd9b356974dc370858297f4c9dbe702b2ddcf37

SHA512
18eeb8bf4fa49e06eb3ccfd06a052dc14b562206c35929fcd04bededdecd5270ac662c0914e0d0986607bf64b070a45d8c022fd4c45d3cae12460c1afc55ecbd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c67eb7a3a9b827bf2f2773c91a2b3f0b

SHA1
a0cb74f91fe414ea30f126fdaa69f0bd39fc5046

SHA256
158a5f72b50c93d266cc422dafee602702ed5ffda9f681f39a991253c070f504

SHA512
d2862adcd80a6434ae527b7418a01f7303842ba8398b75c35d28dc99d4ab75ed607cac327d6bd16e554b3e218197737d984cd7a22cd3e0070c215a10465706cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4cc3fb18573caeaec701f3d99e3c30bb

SHA1
e1a200ac4b2a5a5b60d26cfde4287307dceb546a

SHA256
8349fed47609fb05adb919556581cb3776b96cf7c66a73f11f905ea4755e1065

SHA512
f43d58111300f6d3017c3015d7aa7f7487aafe45e723c7eb0b01ac267230b0feb61027ba2ef25c14a90366eacf21c95a5b23db6dac7ada5c886fbad57e048a56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0dfd64fd604b06b9e9d948876e423815

SHA1
f54691e05c0642342a9096486b448016febcaec2

SHA256
b6ea2ca4ea80ce32a3635212224cc5078fd575f52f0cc9e7a5222751f71abc4d

SHA512
2197b582c6e346252c4604f287b74c3318942dfa223517895e09dac4ca4a9dfade50b60281e6be4cb93542c4afda098a5ac1808815595f0eb1de7c3ac12233e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b996c7027130032856ba94c6f2b2d7c

SHA1
800e658303e658e17fe07551b4a989499135015c

SHA256
8d9ba94623183f73eec57d9a591d75e67ee7c9ee7d288647636cde89b3b2f757

SHA512
2da9a1e894f556ac01089135cbaca403cf40c8c83bc47c7c38233be80dee4ceb36ddfc29d2671f9f35bb8676cea27e165fb96da8a497fd46d5d7ed5d9d82b0c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc0019b0702d061c9da71c15d4c4f391

SHA1
9e2051805e3c8d801c93244e36f1e12113e78c1c

SHA256
8ce9c43c6534ac44e7d41a9db340d3762cfdfbf6e0b578de7e33f62859693248

SHA512
221751109fcda52f6360d156661773eb5976d886df03e82c0138bd99c1582246004606f477369c2fc2dc5fac23c70fc93516819625189a22acad19ea6db8941a

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE331.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE3A1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit