e4c44d0aec38fdc54bc656d96a921e31874095749001b96fa672045034be7b33

Analysis

max time kernel
118s
max time network
138s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
29/09/2024, 09:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fe46ab0b9b02f7b28d71ebe41019a8bf_JaffaCakes118.html
Size

460KB
MD5

fe46ab0b9b02f7b28d71ebe41019a8bf
SHA1

6488b6b3556e0a995ce5abbf7d1537ff0b138394
SHA256

e4c44d0aec38fdc54bc656d96a921e31874095749001b96fa672045034be7b33
SHA512

38207bb679ea4305789f24efad08f73fc455abd46961dbeec04c2542894e9b8c09119a4e030d8c8b5f3ee35f234fb4d4dad7fde6a98a46bdeba0f5047fa28eb9
SSDEEP

6144:SCsMYod+X3oI+YNsMYod+X3oI+YqRsMYod+X3oI+YLsMYod+X3oI+YQ:75d+X3X5d+X3S5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{57B5FB81-7E48-11EF-AA6F-523A95B0E536} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000051eb2f7bb0419af44f5e7d3fabd01feb3184e2c706938966205e88ad6dddf9e6000000000e80000000020000200000001e46d1150bced1bc44b10bddc1f3d2a80a03e9002a808729c9c6d1fa2162c5b520000000a048a0533f826fab8926be764a2bd4acca8601ba670e741515302dce491516fc40000000ab306549f0f4d74251b51f4457aedbd8eb2274f3275df721fedd5d3eb4fb789b8a13f639cb3525e5a92ee1b2e4162012ac00521104b9926515cb835ea4a75569	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433765337"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50c05a325512db01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000745ff55e0d0ed3b3ecb21f2762547c03725d5787e570e4c1f7db8cf18d84a7a8000000000e8000000002000020000000adc5795de8aec3db2dd8a028afaf6ef524add4a0fbd07f716bdf6488179febd990000000404e46f60fb721e5c08a8ec39a2e23bf02e3622b0ce29677790f9fba1dc19657dc3f3d64b765879b68282293504fb70942a798ffdd7eeb54bfea792f5fe6acafb3a35743f08f6a7556405901aba411c1a6ae627a167e4b9f06ea5b7db29f2059cf6efe3dd12a3136fc200eaa8c57490f60aa9ae035470d1c666a72b6d864da86a309594eb28294b8a5bc53f1b648b551400000004cdae4139fe1e72335bec0094157bfdb6feb8aaba5a40f319a586813afb88aa08b39a168f73614cd911d987cbaf3751fbcb6ad9eff6573fee59f345ebc6cc307	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2528	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2528	iexplore.exe
2528	iexplore.exe
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE
2780	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2528 wrote to memory of 2780	2528	iexplore.exe	31
PID 2528 wrote to memory of 2780	2528	iexplore.exe	31
PID 2528 wrote to memory of 2780	2528	iexplore.exe	31
PID 2528 wrote to memory of 2780	2528	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fe46ab0b9b02f7b28d71ebe41019a8bf_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2528
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2780

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dfbe0c2f31d18b1603030fbb6a944ad4

SHA1
56b517fa2e83b46d78ce5836bc630a6a5f37c06c

SHA256
8de0eb39c221849743db2a59f1d777888e23261451dce5c251d0c1fdd603842a

SHA512
3e36eb83583a2d366deda75d722cb76e2984cdf30c1c18e00bdfd3405acabebecea3cd04aa744d2b8b5c34394631cbfcd8fa89abcfa43942d80103195098d49d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d13381c7be6ae4ac7d1b0217c9c716f

SHA1
013095da67285c6dd69fec4d4c5858818adce13d

SHA256
f6e3336df64f7c10bfb599a95a170e8a28b57869930d5e97448ee2f98434034c

SHA512
a89fd4d6517f991e34b5bdb4c65e3d09965fc28979f905ed5126afd301d22f7d690c98329c1b014b213f577beadf771041f65301f4d3830cba545e07c18766f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dd093814ebabf6d0d74da85a31e27007

SHA1
070d2e3a1c04dfecbc2acdbfea1e72582611f11c

SHA256
dbcbc313e57606ba1dc4bc4fb977ebd50b2f9568421205c7a6474ce31e459037

SHA512
1df72201ec3675229906c6a8e3543d51109c9bad35c42caf0c849024b6f1904618792ee2d104777fe4fd2af2a4454d7cb1cbca7f9bba791947253d6a73b2bcad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ade67ae2f66a67fe59d7453a1adaf2a4

SHA1
9d050e8875ef7302769312e49051ce768303a2b1

SHA256
42922d901e1d60d85f1f5cc8a3a3b763a9f79f35c0abc255e4d1577c311ef994

SHA512
0f36bcd43bbc88a155b106755465f14a50e2ef9491befc758790cea0087f9f5e6633c21697d43db700b83b1b7f6f8768729d0ff6abfc5f29bcfef1b173ed5f1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f1aa7daf396faee943942798880a679d

SHA1
c3c7a13135b34fad251ae95c0b15f4ad3a5c10f4

SHA256
8a17b53698d21da6c0ee0e850c4336608d1716e96a165e57b8c72e6893fd3038

SHA512
6a1953c919f787ce31334894e5ca63bc7bb746802e167a794278ffb540067db0c7b0e642f1e3ea61bdc05c59f374fd4ed829e2225c570932992543cbad7cbc4a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec80b91cfc6a23002b08b7fcf25806d3

SHA1
e1564e054e5bf811bd71b59b286536ac7c0e4749

SHA256
5a163569d20bb6e88ef104df6a08ee86828e75dbd17809120653e76aa5acb451

SHA512
40a4a28b34812eb591aad2e9c8ab4b1462350c6161b22a4a731c93b932f53f305e99cb4640eb3385b6b84c98dcbdf65cd56de5e7f6732fe0aad7b20cfdf94eba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8fd4b2cf1d74c8aa8ca7e5e6aa5023b

SHA1
d7e6b61df3e073ab9154c4d266099238599fe1cd

SHA256
01c8f0d1cbd8d26f596e9a7d95f9e86ca8c49c162113c8125e2d44e0886a6e04

SHA512
0d1d571cf60e989eeb24725ebed10c47b79a36feacedb4ef5ed71f6571b90dbc5d2861957e3c02ccc9fb710de364a81fc4e18194ac43aa25d773c41444ae4f9c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2dc9bc7c6ec8adfc285b80c4ce456b3

SHA1
ff8d9e50056813da6570cec9c26c1712589ec6d7

SHA256
aa8e8721eb2d80395c4d8a9cb8d762e4277787ba5a40e46c4c54567078750857

SHA512
166f52740b0c8bc63b8f863eabf76909d3d6571fed6fd822aeafdb10e0dd69ebb91d3deee9865610d06ac4eab7dacafe27574e487e200eff8f6a704f520b6388

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e94f3607d596329ba92bab61bd93b85c

SHA1
b913817d40f71e15c65f3d55ceb106a2019d1bc8

SHA256
512d203d054a3f61b4bb2b6403809b85bd45a721d091d46383439c43d8e30f57

SHA512
156083c66853e83f717ae611e9841cb650b62a5cff3df1d89556e8c2d159eaa3cc387fa98062ba1e080cadfd9f799698bc38b61c2930765f6d822de6180707dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1756852fd738f276582dacc0c0ebc8c5

SHA1
f1093a09178ae17ce6fc0e626454b24a89ff5745

SHA256
6ec28bc34a7e532192f8765d2eeb936b2dd71f996277540ba10f72c836c6db5c

SHA512
03f2d172f4be1adda2c623aad65347e3c8895bb2e60faed30492616e8c9d402ac6312ae3761b895b903770c5c685116a5686f97dfd58c24eedf7089318fc50cd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
81cf3ea2a982e3816bfd852256318a0f

SHA1
66dc1768e79170fe99e3860ab8997084fdee5063

SHA256
12c3802f3be19e543ef5dfbe2295485466590ba4b17a88dc2a4de5a68f5c44c3

SHA512
4bc870e0cc2102f33ad44c0ae025b84dd90d930f8905328adb550ea1d2bd875837a8790cfbf78bce8756818fa8ccbbeab37b9b25cdbf0248a88ce7ec3e150eaf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c707b452ab28451ecf156a453726cdc5

SHA1
b302b659993e7e9205c6f614293c54ab4bebeec1

SHA256
d48cb4d1a532b8d8d8e0ab11fc936a42dc06b38e27922d0143992cce4c378dcd

SHA512
8ac9a1c91576ee255f015309549a0d24384ebfbcf6f035cc9bb2a04b61a93eb0d4a7d2e0ced04c2bc8ed649250ab9cf2d252b1c41d50661e328df51e5e89c424

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7604a40c7900ebc6f475b6bb1e389be1

SHA1
54937b968403c0e10097e3ee322362850652341e

SHA256
bdbd05a6ba755976720a16cbc4d03196b420762423f4e92ededa058ff7f8ab5f

SHA512
b8f7f2d43113d52634ad603e9be98c5ac1f032611ec29b4788018683732ee4c949b52cb64e404bc3e5a9fa3249b8b201ddc84b9db374ecaa43801d1a0d396883

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2b12d5ccfa3e3268435b649bf4562b6d

SHA1
8a574a006eb9aa8ab8175e9c890cfa43eebbeb07

SHA256
0cd083ddd1c053ce3a909b0fad76efccc78aa14c720ceae723a568d04aad82e0

SHA512
2443d7cec7d294925521080bd579e9048be28539aae8fc85aaf0dc615a627bdc455528de56fb1d95451ef2ba7b7766894323a6ee6eb8cf927e74ae82c9efe1f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78746d7b2bae881f0c17cc5c1788015c

SHA1
39be6f86ef0f11d4c6dd3bbf77d5e2977faa2521

SHA256
ad173c37383866e612afeab3e022715ba520a469c9a5e12f2493c3dea87a632b

SHA512
fc60327834a0f42b613ad933f302a1f86d01ca79cf7d3a242e1f854a4a3fe4d0ca8a90e470b592a5828defec5b29c3bc0f44f7baf2d8290b35032f522fc16101

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0eaecb99b3c777bd2c2578517a6c96ee

SHA1
451d649f9d254fb32e6b84c883b4ad8ea3de563b

SHA256
2555660776d1078ba992b2899be1b59225249ede3c955fd61d35eecdce676ee1

SHA512
0bca305747c6219a07fd68188bac510b957c3d2e3b538b8b57e551a25052456cb036cb5f4579db5c3980d155c6fcb5e246919631b2cbd3a6c4dfe66382e31057

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
315b991e3b153659d2b017f1bdfb4ac9

SHA1
03cffe16d5ddffb5c2a6c578709f7cefb5bb9786

SHA256
b81aef4ffcd022397680b47e12b1daf33b9d0ec14e019bb3ab45478080589d19

SHA512
4bfbc58ede0dc24c6c424a75e03e72561be53cbc44563dee19a2a690a281b32f847fcf1fc4b4380f7041c6c50bf704e5305d86f69256150d4c63494cf4876020

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab29C2.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2A80.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit