9b85d6b53e95645934338f28d52fddf584ceb8e22583ceb6c34af44834d52a63

Analysis

max time kernel
135s
max time network
130s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
29/09/2024, 05:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

docsis_cfg2.0.7/doc/index.html
Size

6KB
MD5

e9c374514c9452d307de0d074ef95b55
SHA1

de5c6d0c2059b841a62d6a86abbeb23ac221b6ec
SHA256

2b7e353dd45a3b0f155ef904a9e6c178fcef24d95922ee960df6cd6f62299af2
SHA512

97237609c7d968c7a7d3251769b922e4286d415da1f25281957313570bcb6717f184b31c112231553a3ee6d34e49525d1cd503c18f9169acb9651ef10c6a2552
SSDEEP

96:jAwfzDRHXNJsCTSTGhricBwmupEnt0gM1kfXxQ8IUAg5w0orw8Z0p8qBNoCcqE:jtt3w9TGViUupEnt0fCfhA2rp8SRE

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433748858"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00288fd02e12db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FC1BEDA1-7E21-11EF-9982-6A2ECC9B5790} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb47000000000200000000001066000000010000200000000753974a9c05fce968a135a9aee774a2f9fda839d8527c8416b232b08ce34497000000000e800000000200002000000091c131258c2b9aba12f54c6f40976b824f270df7bc5d503271d19e3ed902964c200000000453fbe364177ffaf1aa95463fc77e297bedae8f9000aa6a849f58274665568840000000160b198850990f68d101957df31c9bec7e1d0f6c9a9705890a9d28370901663682846e6fb66d2aef0849bffb76736944de27ee23ca8571afa4c5e904f5debd7d	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000ff8c6ce8f83b5e2754c1c738c04bc1d9bb1111ed5cae7e28a39467ddc5e6ce25000000000e8000000002000020000000b5ffebf1451b4adbde21c6713102b16f2c47d1811bc969e58e26d4f4acb8b311900000002f9974082ee88fe2166764dd725324b0c75d04dc113db099d2455f0d744124638f4e828a97863c5bc8601758dfee6d14e9df4be7794ef38442d10d530674a4a8830770a5698610f05072d12521895ae10fe66f8744ce318c0f1bdfda52324916593fce8d8f9d4164248fb5087a6a82902577ac5c7f9fcf67730f3ffa7e569cee54b28464ee1eb31511ba65c27e7a3de640000000c5928e6da81862158343c4630b936e9e703feeb08bb879eb5f2e2f710cd1cd71ab83714afc7c3274b4a481a3b13d1b6cb83f3161aac306b9afc04d1ea2f508de	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2096	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2096	iexplore.exe
2096	iexplore.exe
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE
2940	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2096 wrote to memory of 2940	2096	iexplore.exe	30
PID 2096 wrote to memory of 2940	2096	iexplore.exe	30
PID 2096 wrote to memory of 2940	2096	iexplore.exe	30
PID 2096 wrote to memory of 2940	2096	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\docsis_cfg2.0.7\doc\index.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2096
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2940

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8eab6eff81a85e96c1ad425ececdd1e6

SHA1
8ebc822f950c3bcb5cda4f8f545a1f94f941a562

SHA256
fedab9e59ec212c77c7f5fba54f28ad6b96683a2b9dabf5773bfec680ec5a0a4

SHA512
c5d0b9644e5cf9b9ecec8e12d2184df2570abefbd20d183bd8a74abc28bbb324ce11ca9a32fb0749ab3badf02fc5cafc21e33a8116f972c7b8647dce2494bd9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
22407572f25ca2eae474edbd0b7df3d7

SHA1
7c8bebe94bc68d457785b3e960e6a088c89e78c6

SHA256
8426ca9fe919017933988557916e7b67bf3e9c862fbbf37fd7c47d55ad274b5b

SHA512
79f224e7918483ed5253bf728f6805073be19332bbd0a9556fb95e93ac8d8a9dbc0188a783ab1afb752f2a7fd043592d38ad58a0bcdc768d276120da1e8e5d22

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2dc85aa592da922101bcc9495b7f36b

SHA1
6eaab98d1a6f348071891993111e901f9a78d0cf

SHA256
3272ef9df8b98ed184dd35c4f1568f93b50afdc65f3f0957bdd9d032e1bcfaff

SHA512
aae25efcfb0431499b435fa19b40ed7efdc087afb13111614ded1f10873fd290df375a1863d90ff8f10b697477f0370eaa21e2451daf489ef2b1444ea23cb955

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b2c3ae8520202a988a12c6d9a0e4d5e

SHA1
e6b0be87ff1d4b8914201dedaca5ebac82204b43

SHA256
0e52b67000bcd90caf6ae27956b072026480dc9687231eaaa36e8cdee3e3513f

SHA512
48264d3894c807ebd1c1d79e62604642532983c50b54f4479178ec4661aacc985a31c8273948e8344d27488327b742dfb297f5b541fd5bfcbdd75728bb63d7fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
158f3b5d476cc6e79a67b32a18e9abe3

SHA1
8f97c0bfc982610f1f3d244601adf9fcd03dd2a3

SHA256
6864cc646cc97db72682571a870401b7b45a573eb92fc5fb6d1414856ba177e4

SHA512
60bffc0ce27009245e2177439b778042fb4398b71ece4485c8f29f990750e762d3af150f3bb7e79c4d1a997ac09464ac041d7c2eb55c0e620b11af9787c25305

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17fe06c130e9edaaea59dfb332fcd3f1

SHA1
5460a6b117400d22405971d641c5d6c232fdf85a

SHA256
076b03a3057045ae1b4d6257a468b56a2fe59094b7a746f5f6f4c9eb96869650

SHA512
438b151e4184afa3ae062c1c21de4e1ed44979aca1529f72587434e10775ca496936cc6f21c278e28c9910b281875d97d832079103dd69bdc55b108f2dbe0198

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8eed1b1e3145c756d7f76fd0cfdd45e

SHA1
3377bd4692cf5274d27eff57ce4123bbedecfa56

SHA256
e0d4983db06315cfb3ceff8989d3e18d8cc871aca1d67a9288fbfd155ca83053

SHA512
117125142fdaa1093e96ac3f7a0bd57fee76b2e9a7310bdb77bee5246401c45f7d1f492cd2b1f378b0b2ee1b624f0bd48af8203bf95f1555d55752e9f2c50b4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
53a68ba7b500abe17d12339a62b0e731

SHA1
35118d20b2c3bc9e38761dd0be180c7b251c3a79

SHA256
81f5af49d8f53eb8c71538a3d58b4cdc4e3db911314c339b284f5ed33e47b67c

SHA512
c0ff1c9f9e5b44d114dc6c4b45557c4b9693210d86011097e69e6cf097de0cdc37ad62a19729dcd2ceaaefd00367d90a33e385196e4004b658d6517b5073f7e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1daba3880c4766b30ef4e7a5ea147e23

SHA1
fd9e08ce3a0a1e7293dd888800c3587778755518

SHA256
239e567b9e4c237fb4671901e9180b4336e413a35b21a97ad906092c8526dcae

SHA512
9b0ccbb6c107d5d34d9e6e660199d6694972975495c051d3d193c7d88501778598bfcecc7d3296d8f088c94e011811562435d7949d9330435494cf2e0cbb6a1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
582a293e15d942f81743df8b23062c7b

SHA1
62481c107fe08cf7330f40cd5edd249fcfa9e08a

SHA256
2a086f59b140b973bb36bb47256e24e4fc03da95ae34151cbcb9a6247b8c9aaa

SHA512
e28ab215a7776d51e651c57326a24de5b6350eeaa340880dbdc4f95a0f3b08f5368187087610c8344b2c929ee0f46144a135f56b8fccd3ea07f073848466f557

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ba93e94d9607787505b66dd6c93a5f9

SHA1
892c1f61e2c52bcff0b31da96f93017100650592

SHA256
e878ded78c0caa3fdd0ebac5a461871f0fddc9bd467890b2637492864c59b903

SHA512
c1be221d1bc12637d8552ece1632d844e1dff587649119686d7fa2a5cc202c69bb5750e6820f4f80f848c5b80fc51b0a19c251abc2704e5f331db2b518e7a456

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
173413d08356061b93babefe62fd410b

SHA1
595438529c5da3bdbb767ca6bce6040e501bb81a

SHA256
da65a9665d1728e4a8dad930dd2fcc98dad4aff79ab1764e8c52b65b099f68f3

SHA512
dee05766e904fae19aa82c118507a88924086b323584f7acffbc4e0946b135ff77779e2d5338a30a168eacbfd52b9e02ff9b6c4c82c2bde9706b48027038963b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2ee18e6ad79c18a8f75c49860b3d7a4c

SHA1
8a63545638ed33dae57a1cf4aba0dec78bc2e9d0

SHA256
535f4e7e4861cd45161148c41ff60ec582eb5bf5475520480cfd88e1c29bc486

SHA512
67de832ab6e845e23631ac333ac2388cfc0b2c14201b767a764addf436a8f4bdb80311d205d2ee78fad7d850a3e7d453e47297ecdecfcd4ce658761d783bd44d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
802eaacb68d1d62e77e9c71af34f1cea

SHA1
4b86e87b0329f092ea56b5dbd38833722f5031f2

SHA256
0b73f0950432240e8c1b6108f9f12364fd0ccfa7492bbf41437af26cdf5f6553

SHA512
06327758538f43a5154602541ecf5ed9d615f4b7723041bb76ade78280eca48502a0b00a817a0aa3293cd0f5b06e32aabb86b7eb2083b38f083bf9da9f06bba0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
de11a39e28903cee9e0cdfcf26a10a52

SHA1
d8add92f6691d29a8a4cea0fce5e622801ba81bd

SHA256
6f875c4119b7348e3c9aaa6edf5ae140bad3b1b6bc60ef9042aa4cb6b20398b4

SHA512
46e70ec0cb356a24d701e029592f9dd56b8e54066d0b7b9723e3d1f3f5780c75a2b436efcb9c6f905f92e9692c788f49e96c0590bfa896abaf7d2be8bf3129e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b80009c48ed6f4c73e49beb9bf59ca7

SHA1
fa49b4894c27ab8215b6a143cdd180b5b3dcd9e9

SHA256
f2eb773d484d804d2842fa890dc7f2c43c9d1e98d4e62009436f336da8d3b20a

SHA512
5e1618eceeaef10234d0f99dd7fe7ba8f4b7c3a7b2bb1699030315268d93a7086d60d45746fe6a511e2876eb3b09ed2624bb7f11d69b4e7357fa5a4108fac071

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6849d2765e2f0858cc4b6cb8a1bd607d

SHA1
aedb01d6188cd0a49d057d3203869345a6fd1303

SHA256
9a5425881550915ac9d4bf5490175358e2d6572c7f81ef845ff4d98aa4af9c83

SHA512
d5d3c017ebf24dd3a1f12b4a2fe5adde4d26430f1e0f4bdf7587a24ef5131dcece18a98f6aba54eb897d302ca76437698e46b7e919ab2a4eb02a7a25900cc423

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5082.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5115.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit