5eb938872f8a6758a9c2fdd146ca06a3be85425a6dbacbedf53a3b383791d7d0

Analysis

max time kernel
150s
max time network
127s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
29/09/2024, 11:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fe78aed248bd99a67ed3110de85eda14_JaffaCakes118.html
Size

11KB
MD5

fe78aed248bd99a67ed3110de85eda14
SHA1

b927d906adccb2636d3dc9020b01e1154455ca2d
SHA256

5eb938872f8a6758a9c2fdd146ca06a3be85425a6dbacbedf53a3b383791d7d0
SHA512

615c946bf7cb84043e900a8fbff9ffd26558d75a9da2dc2841b59be98b2179b54812f11fd6a593ebbbe43f593cef3fc7b2a72945e9ad8401de552c11c34cdf94
SSDEEP

192:tLJGj8aSdZp8m7x6pVprpDpmpNAtEe+3+Sj0AVvfgbt2tJveR3IbVpHpI37GCm8r:tLJJaSdX97xe7ldSwTS9CSJmIPJXQr

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 700aea546612db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433772702"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000008d368805053e55a4ad58e8697d3e33c9cb07235a535ebb230c0ea60cf878911c000000000e80000000020000200000009bf7387efd3603226300ef478a865f273d70c45990efc54c9ac9b61239d4634c20000000f58cb1a0dda0c5fd3ac215781721e6a4471040fdd2b292975817b56094800a4940000000e7d04c3b681feec1b0de2a323d1ea6707b05908ea8730c151493e69982b6a9f3dc86a59994727bb90ae5af2a1d568bd57ac3ac94d3b552e1833e6d3178a1cf66	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{806A9341-7E59-11EF-8B76-DA2B18D38280} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000001255e55f5b50e1092886e94c85826ccaddbfd2a2cd0f92ff5e80c08bc57786e4000000000e8000000002000020000000b62e6a91dc2d67318211b6fee12aba21f80b978f46b628706dafc136d9f18158900000004ddf32de1abbc49edd0942cd638e649798b93013f3e1e5774178cac1ea7d6222bcac361023af41180d1d165f0a58076bb3087f8e31f05bec4a3c0bcc8b62dc0022c792d0f3c568929e103157ffa7eebcf58b4f5984d7fc8122ad34647c6a32dcf771d8007c673a875e204b74562bd6f4cea017010f956a5e756f979752f39aaac502b981748b04b86912892f18898c7f40000000b40fd006e2d117bd94952da86024170c8de99022d86962d2b3672f6879507c4317a6fba76b1a030ae9d5b22354849357df7d4b17d84b9ab3e4d2fe91bfa3041f	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1232	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1232	iexplore.exe
1232	iexplore.exe
2088	IEXPLORE.EXE
2088	IEXPLORE.EXE
2088	IEXPLORE.EXE
2088	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1232 wrote to memory of 2088	1232	iexplore.exe	30
PID 1232 wrote to memory of 2088	1232	iexplore.exe	30
PID 1232 wrote to memory of 2088	1232	iexplore.exe	30
PID 1232 wrote to memory of 2088	1232	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fe78aed248bd99a67ed3110de85eda14_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1232
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1232 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
df1d7df76859709a31c9d2f9d02ca3cc

SHA1
b09273ea64f1a5b90b57b729b67c8128239231ea

SHA256
61d8aec6fa1003d1191227d387e630e454dd962b067ba80cc0fee41bca1fc658

SHA512
8f7dfcd3e4c65ead0afaed7e371786d83499930542c953bef4ef5fabc2dac29a3e36bb5d34f5c67ed75d284af01f058eb48a9028fb723fa25175132102f5c8d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
159af1a1ad7508caf9960127df328b2a

SHA1
d744576aad74a6c1b26e64d240428ad59fc405f5

SHA256
447ee5c1e5efd97155dfa49339c0e9b827b73a232c7e7b16db2d4cabb25d8004

SHA512
b17fe4d1cedfc7cdf4926286ecb3c762f2d638be528a02c65e6e80f6e78e7658cf12c446a58c75a725e79ff8843e5e3f6b3b5761ecaf6ae78d84ab3778dcd0e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3646d0cb35d2789b3f483efb11ef1120

SHA1
6e3552407d12049d824f55978c8c1060f7412ea8

SHA256
322adc8153b1b592cbb0043d51a4ba7a163a08934f7856f7168020772303af72

SHA512
2d0c776c02d8351f72c7c017dd60c57ad55686d2237ad969dd25b547a7477701a5479a44065f6336f9fa1fba0a408d737aac3150a0caf633c222edb7d9e9ddce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5fa5c049b7263134775b885c4950632e

SHA1
3b1d81c4c272dea039b06c4a486cf7c8795dc80d

SHA256
c618a27696f258a0fd2ac47bf16b553a7c53b6aa2e999fea4945d1ff8a8e1188

SHA512
7973285b312be7949ace7b33e6d3a985d752f571053c530bb03d2cb4c7be84c436c7d727822741902781921838a1ec3c0d68eb151712ca3bd282bbd66b8cbe27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8aa4b47d02970c9551adca8378898537

SHA1
dbca46e06795b77022158c899cd0fbdf0ca19482

SHA256
42bc1cefc30a3b19fd6528f19c370bf05f5fa453e09788c9c9c9ba930a8b2229

SHA512
f5e5d6dad83943f8870611bb399bd717e92a07b03cec9c2726d4e034a2406c36a2ce232b797c98ff836cd61a659113082655d5cd6a8649cbc0bbe7b00d8f7009

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2cfc7497a0061d614c921d5b0b1b4639

SHA1
0efcec3a84837fdd419b295fe09293d345a15924

SHA256
0d313ce76852264035b0e63ef9be55b7f81756c0d1be8fde62e98949fec2c72b

SHA512
928202006def774ba0cbadd30900ef8d6d5b17d698cc8337133556c040f75d9bdb1e545764224d9af296825a38f25f9ec98536bc1129fdbc8553afb6f1cd0885

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d69601b875350573adf578a45c20abb3

SHA1
3a6649649a703cb2e963b5f7b00f6f829f4de9ce

SHA256
424556aaf5787ed06ed3df7828911c12074f4d0fef6b5db77a9a3eaa4beae5e0

SHA512
3e8b67ed1af73cd985464080b26c9c8eee0eba4194ac2225e24bc920b26176a566936e72e4e6ddc5c09ef58eb9ae586072feddfbea3f778f8ce624b3dd54c291

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
334e3c643f42ad85d7184c2ca94a031f

SHA1
b7d2725f2d2b48800c58fdb31e454cbbea56b919

SHA256
06ead4f9908e116496554dc1281a7a2236cb8f820077615d30356acba193f5c5

SHA512
dd23081080775608ded822f822f94989c3d6dc8faee330b58d8a78aafb95610fa470f796c7b94bbaf8f26c7b0327fb4704b0abb934bcc5e88e0566e9c2dfb59b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b78b5cc72d58a34ae979639ceb509fb1

SHA1
9960a8bb2554d910a9cd6d6fa832b886961c1cd9

SHA256
dfed9267e79f0209c5008257a0a366f80d7ccb567eeebfd9ca3491f47ff6c42a

SHA512
3cfde3ff22f57416ec7a51783ad893f32a9c1478c1a05f33376c8ed866eeeb241aee79da49e0e7cebf9121d6114208a31408fbdbeb25d463cbc632993f82c25e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
474eac25702913106ffafd898b86c3c6

SHA1
06d10cc388a18af7fa5f2479a3a22251f6fbe13b

SHA256
39108f73011b8c81c53ffcd57123a43ebe5be6696bf917272ccaa4342c608cbf

SHA512
a950f0067015fc8eec8f195af3fb4cd39c0a905b69c182d77c4bf4944fcca50fd9af91a9778bec4a7ffc4f13a4df40e56c458289f350847a20ccb845e2f82b6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
354ada654706bae5f161ff4f33691916

SHA1
9b0f323f57d3a94b8c3e3185aee7aab8909d29f8

SHA256
5886d11171318fa67c4602e356370390b9723229ae743c1ba7eb1983fbda7d9e

SHA512
d75c7df647a54e2fbf887745d11d38fcf17f3a1ee88e1c3e8e186e13f9bed87aefe7bd242ca0d81d0e5e568f4dd39f08a31f92e152adf4197dd5bf03b7f6b885

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
36949e4a4eb23119314e3b8711797458

SHA1
5b4634cd55f7a952b5d2ea04018d4b157f33026d

SHA256
98dc1afea83958dd0c737e9ab03fd561d3e9d6d3824c5531765949e7f63a3ef5

SHA512
19b04c7c00a3556a81b067ef24243f5932f376454d2847c5d0e5fe837fc7d9385f554facc0e975f6db35236656cdf78a1c0951f8928e18464134490b1dd87129

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f889bdc9c67f909d009abe0089c6b5f

SHA1
e72e76511e5b0efc0e1ac55f2582a02118d4a4c5

SHA256
aa9d66687f4624475720d594d10bc00e8f7df258179ffe24e3ae964119680073

SHA512
58d5c8e2926010ecf66f9515d840e2541d05cd2f9b7613a39052cb094d21878b4571cf694a9552d787c33257e98cd1fd397539260e99a3fcd5bd5aa8a6f847d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75714772a4e8c16696de1ecb1deab4b1

SHA1
293b48f000391ca12960813ccf104fb42d387e76

SHA256
e06aa0f4468ac229a3063371dfb5fea6d6a28d8f2c136a44fc5c06663ca59ba8

SHA512
6cb6742980000264bdcaccf278aea7d1387fd7e379cb3f0f630974850c51464ce47c7439c9f9d3089220c21ba7c55b30cc386ce8386288b731d0a917f6bc1b02

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d08b8f8123c40bbe1bb7aa50f9d98859

SHA1
cc3845b32e7cc5113874f8580c248d394c339cef

SHA256
5c02285c92d1a3df2e06d84137ef6932ea15d5406cb20b74300e385c277994ad

SHA512
d4cd669c7f6ed7a6a5eea5c07bacb3b61ff9c78ae5554f9b3fa4b8c1ea7c283316ed40d05d532a9e9e774e83d8d78c0e4f89b185a3d7be74b296b06f7fedcd4b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d0eb4bb9fc13d4485f4e48ec19444ee

SHA1
68fc3806a9056056015882e0e87748dc7edff3b0

SHA256
b8dfc958df8ee8157717083b20c50c5defbb3e9fa7953a1a2754ffd932120c90

SHA512
1b8a85264f4b1ee6c9851115d1eccfc2eea7dc56811d39547149edee1fc89fe4d1453e86a9aefb22748660ee6fd4cb290dee8271d508bf863453373f1b4cbf05

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
39733c5c46723be7a70a5873a52ce612

SHA1
60fedf20ea1f2ca8f98f2fd23e44b6ed53ad4938

SHA256
a7d059d4799e818f8ee93751b9e0fd959db75fd7f63c0b4e80b4fcec5b419700

SHA512
0ac12cc86629a91e1a93021fd0528b5f5bc729d27b433b1872c3e3dc4b0bebefee7be57b5735fbf12d4882f4e8e9b86314fcf10384b3ea57d1998e77e41bcd51

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD848.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD8E7.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit