Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

283063ed0e...18.exe

windows7-x64

7

283063ed0e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 01:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    283063ed0e77163c6783f9a650d60208_JaffaCakes118.exe

  • Size

    2.0MB

  • MD5

    283063ed0e77163c6783f9a650d60208

  • SHA1

    40e0db17c4961c4b1fcbb2e293ac24afdd272e54

  • SHA256

    b7dcd7609d1b1361e3b5d539fec1b44e284eab0afe5cc8cf1c3e7780c4a06e89

  • SHA512

    3f84bad317a25ebcf6d68ddf8b5c3d11fcf45c970f42ef1a01a4a91cabd1e4098fe9bfe112cca1aaacb61a8aafe57d08b0a16bb655c8c85fe5353b8c0d4d29f2

  • SSDEEP

    49152:Xk2li/s7rZidGlmqGCQs20gmNm9gNMSlSW9X9x3P15k1K4F:02li6NvlaCL202gT99XVe1KK

Score
7/10
adwarediscoverypersistencespywarestealer

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Installs/modifies Browser Helper Object 2 TTPs 8 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Drops file in Program Files directory 9 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 6 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 4 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Modifies registry class 31 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\283063ed0e77163c6783f9a650d60208_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\283063ed0e77163c6783f9a650d60208_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Installs/modifies Browser Helper Object
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:1780
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c "C:\Program Files (x86)\Gamevance\gamevance32.exe"
      2⤵
      • Loads dropped DLL
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files (x86)\Gamevance\gamevance32.exe
        "C:\Program Files (x86)\Gamevance\gamevance32.exe"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in Program Files directory
        • System Location Discovery: System Language Discovery
        • Checks processor information in registry
        • Enumerates system info in registry
        • Suspicious behavior: EnumeratesProcesses
        PID:2812
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c regsvr32.exe /s "C:\Program Files (x86)\Gamevance\gvtl.dll"
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2976
      • C:\Windows\SysWOW64\regsvr32.exe
        regsvr32.exe /s "C:\Program Files (x86)\Gamevance\gvtl.dll"
        3⤵
        • Loads dropped DLL
        • Installs/modifies Browser Helper Object
        • System Location Discovery: System Language Discovery
        • Modifies registry class
        PID:2256
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamevance.com/aj/ty.php?p=srKz%2F8v1wsH0srLX5uLV2e27tdXEsfrs%2F8DGwMDFxsK1wrC0srK7s7X%2Fo%2F%2Bzs7Oys7Ozs%2F%2FMyA
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2752
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Gamevance\ars.cfg
    Filesize

    95B

    MD5

    4adbdc0d6a6b8d322bbd9f45c0ff3226

    SHA1

    2cbf933834296514803377664cec6fa5dc43425a

    SHA256

    4020153bdeb2bafb58fab6afe03e4932a77df62fc2342cd6ceb7c13e4f4fb8b5

    SHA512

    4fc42183fe52ed9b983046018f39f1c463c3770fe692f80ac42a2da817ce23df5c955a10e2cca227417ac86053634077ef19fa32e057cc969f403a79c4304e4d

    Download Submit

  • C:\Program Files (x86)\Gamevance\ars.cfg
    Filesize

    107B

    MD5

    f74a4aee3d5bf3fcf41cd5bbe9c48a0a

    SHA1

    1ac5388d2201bdae409ff8d098399991ee7cd2c9

    SHA256

    655101428e1fe2663f739a45d59d7ee4c5f3907f67b828271307ec3f144b8f09

    SHA512

    f310ca68e6eb21d3a6e5c4115b65449cf2d14e01c8a41762b63d9aa29b8fc470e0e1ef3bad522be62324bd4cfd997b63c864cc92bdd1b1c538e76e0da4b5128e

    Download Submit

  • C:\Program Files (x86)\Gamevance\ars.cfg
    Filesize

    165B

    MD5

    8478f57085c8e15e9c89261039c8d8e0

    SHA1

    a97cfe6012ac727babf6023f144defbc9a2936f6

    SHA256

    041001a8cf8e6b8657035f49b32bdc138c55ac7e4893bf5cc97e70e5e4b31176

    SHA512

    dcdd51a0eab99c59d60388e7d872d19c43a3790b4f6d3b82c9e10aa2ac4790661fa82e4e79d65b25c4ec085a8f5d8fbad32f25fba1a1cd84345eb1541242216f

    Download Submit

  • C:\Program Files (x86)\Gamevance\gvtl.dll
    Filesize

    263KB

    MD5

    33837759071294ec4c777805c764790d

    SHA1

    3a8cbd794098819b82278ac1511caa45acb97642

    SHA256

    69f86e13c333c776f071527d077d7edc63753b33fd5dcad418838cefd1354f24

    SHA512

    0a2e09fb24b32ec998782171b743b830329e6c289adb455c506c203c7fc2947a3384430a192ecce72f83985f1fc5ac97a12ecd8b92d1432aff1aa601799a42d1

    Download Submit

  • C:\Program Files (x86)\Gamevance\gvun.exe
    Filesize

    251KB

    MD5

    0fafa975a718f3fad8ef6c0ab2885e8b

    SHA1

    a5908724841bc34e78d17d6a30ba7a38cebd1609

    SHA256

    b4a7c2d123ed3d0ba20c5039596771f34f94b340b8033217bc70a60e1c9eb698

    SHA512

    3cb7e9469cb3725c5d447a9fe7463936f5e7a4dddba75e2919bc240720435c1aa740007cf56ad221b021b8774467a3b58d8bca067d072eb20bc294278b3a5b3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d3f3e4317a82b492c815931135b9aa2

    SHA1

    f6e0355c702e35f0a134c3b95c576256c7fae84a

    SHA256

    e51410f973a245e9d8fbf41d21a82225cb3aaa257a475500eb925a42e7e212d6

    SHA512

    2fdf6e77b5b11711f1c5f973b3bb7c579e94afdc533a67d63636b79f755947d6ff32e335a6c34b5215bce8fe394166a2b1a299721977e3165237d5c1d0d4d4ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1033d647f99059a0642ceca9df02082e

    SHA1

    94bac0c454a1b9ad94dac7d33465815190308fd3

    SHA256

    af8d874c015a180ceb4da403851d4b0558a04d081ab11a5f266804ae984e9ee7

    SHA512

    e270106a374572c3c558448accd619d15daca4a7e0e1b0e664e191019a475ec6383a48a4061a07693e9b533590c86aa275ebeee41d520c9dfe1a7b12df1a1c6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70ee07a404005055348f4dbabb6b4439

    SHA1

    28dd3cd98e7004bc0ff492a7084fb0cc0df19f9a

    SHA256

    bf405981e91105068d4d5af72806078b2a8dc6db380e3fb7e321afe27fc1d04c

    SHA512

    2bca16225558bae4eb87d6932fe736ebba16fce37c4ca2c69a437e7a04f77ff807e6afde382a97e155ace25effbeac2a3f1a580f03333c82ecdcc21ce034c6f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ef0d8ea25b3e565763b2f7860414fbb

    SHA1

    f711930857a9d3a1f70fb7e3f793d96b9b80487b

    SHA256

    aee326949885ca1ebe674dea1e4e25447820afd3df7464ac9ab590b9d196b6ef

    SHA512

    259d1275342dc588e2bff0b894b2398fb7dd3710c0defed6974dd5651f4d06eeb42eb3ad790c4fe90af9d3defb81f12b6fa9904822149379c728374fbbb147d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a0dc0b06819954ab080ea8b43e3de59

    SHA1

    3dbcf4c2fb8e75d7e9feba378375622a9fe5a13d

    SHA256

    1dc738692cf6dbca21cb34a954eae19e6a5ec31dd43b31be71bdf7ee64290fc2

    SHA512

    41f3ad10283f9b4acd9de79e1e28cd086ef1e3ddca370a547bc4179be27702045da4feb460587ce8f80f5614282e1f6b8d32a5c3df4368aee6e3ae712ef6dc35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c02a33edb8290c64bea3f5181042771c

    SHA1

    2e02af3962edb49b41d84d5ce538558293d1a1e4

    SHA256

    53d475583aa955436fba0f7957401edf3586dd19629ecfab1d77f1df84ac4c55

    SHA512

    656e81130d2fabf98a0833d99b13ccf648e3d5dc7d007f67b35b40f1d90628a1e07c41ca961e68147b24e93dcf2cd3dd3f10d9fd2dd2c98a0d6511482ff0ed47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e745b49b277ef64399f928ee3ea6df5

    SHA1

    71e3894575f9cc5b62d479e2b5c40f9206977eee

    SHA256

    99ce534e96f672de049b270ecc9a5810c41cb499097d0ac504d4c7f8486ba7e2

    SHA512

    7a018e8da4155acdc18f52797d8610b7810d26ef6c7c3677121bd2499983be909985fde8d6e54c0daec4a9fd130c73de68ffd3507aab768872745183a08167e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14d604d3c57aa1103c96d43a8d4d1364

    SHA1

    96443657eb0dbc378787ad58e7c072c6115ab4d1

    SHA256

    4ee3c03519ddc2b0edb2de5689f31c8da7cc9625bf451a9432a95381c832b9e7

    SHA512

    bc758ffa3f0e448d75dfe50921eb817966d208dc524519f175b9521eff0a66f9aa9c6a45502a4eab64d872aea3cb66b24d338c59ed4808c2f23a40f3fbe96dbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    712515c930e310c24ac1c1a42ef90496

    SHA1

    4710fd068456d420d67b2f55b966550d20c0be1a

    SHA256

    457b12fe3fc32a1e4f160ccf8af1adf228e44e00b16ed59dfce37429fc05874d

    SHA512

    22f01a0d203bd9ce9b787833902681d93f8806cee089a1de26e49261d34826f45345a10ba7bdffb23a9a23db3b4f9215ab4382574772ae65d422d9f4304b27f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3318aa4cc50fa10ca34b008717d466d6

    SHA1

    f1729fe50ac01f52030e92338de6653a6859b335

    SHA256

    7e002dcf8452f300b447d3396a71eb6c490f49c5817e19b964aa48271612a28c

    SHA512

    fd52d0a5bfb8ed8c55fd66c9ec40ae7eb9ac88e71b621334d2aab5ecba67a67bb6ed13fbb17c84eda1537f3714c7e465579f94e6c2f69a7ec2f6b54438fceac2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fe916bda3801d99fbfcf5abaa813e16

    SHA1

    9eec4f242f2af694740e086ae49d367ec1ccbde7

    SHA256

    1f9ed70aaca1f1c2c5c1e54b3e1e0ed0ae737dd733e517004fd38d0cb2f16ced

    SHA512

    f6fd06bb391232c2463dd5fec919d921f9ddd55d18b6c8c5637c7948c7a8b475afaaa1e75c4c830420d7a18863d94cb04b31beec87a8be923244fab3b4aebb21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72e55d13305b74b3b5194e7d71b2c1b4

    SHA1

    8566309292073f5af9b4e4471fef61a8b4c4a903

    SHA256

    52b3a0a468d92e03e4614c5791a596641c438701dc3e52386f4bc24dc514c3b4

    SHA512

    d70cb4347898176cb11364f49a90bd72c91ee47054e203aca94a182617c8d21473711db7afd2910160e9c5bd733c84337495eecb537ee4d2f281f1986b06b9ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca2a9283fbaec2643a4b926d65b6b3b2

    SHA1

    dd281763fa22f989aac2165c7e5112663e532a75

    SHA256

    bbf56eb0ec35b3634a2e9080ce4d859e06de247f8cd27545206cc93ca13ffb94

    SHA512

    2e76425b9be748f30c7ba81286912783ce71b0782b87a80bd27485eea16f3861118a356645b5ab7d3c4aa5dc091a01ebbdc481df70a0a34588c0b5337a8d860a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c99b049f9d4700dbfa19124b43aab282

    SHA1

    752f5f55ba7ec46a51901cd1f9d343f5f452f398

    SHA256

    09ea98b0559e9daecee247cb1b9acd7d0546bd14bec8a3ec75331126b1119f8a

    SHA512

    c5edf9ad407a0dde610089a2af1eb207ca2bce278fe759ddc54883f4d3cd69ae54317444b84d22e807bdf999d2b93bb8dab3366eaacf73a089e497e9af73fb11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba8d3d50a67379c4a6e140ca04649813

    SHA1

    8b16045598a9c377c7e897da4bb9a0f545cedda3

    SHA256

    aadb7936162fe46886d855f3dc4474e19fb32fab6358c37b89015acc0ec13256

    SHA512

    25e1d5d1d83e4c396788675074b0962bbf33cee234c762dc8eecdd41539176edc2dc350068bcb46d97391df2ff031c9624dfc498afa0e54c250f8ff2961dde8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5342e93c2ce0de41fc17cf4201a44748

    SHA1

    4e9211dcf858c48415586dcfd7cc56de479dc255

    SHA256

    6faf9af6b07cf39794dba70dd0ee4295ab5dfa7e306e4670dca8174f7da47c12

    SHA512

    08904f347ecaf905b32476b77f47d9b4a398f3e7aca5b50ac7322fbacac4bef0a3f1c2ccea5dab8c66b36fc60b812941de1fc53864c78e092b18d248c2a70e7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d55502a0ed7d49d515c7ac0b0522cec8

    SHA1

    7a01c675ca7ab5c2a29d79746d51f4329a20c1b2

    SHA256

    64297bdd059f2fb68d5b46cee4e7370f7226b4318181bedfbb705d0dd8db6486

    SHA512

    111ad9b968748069f3e4cf1476a525f5da62d2e775962f1e064e95108c3e7453c147dce70f69e0bafa3d671daf0a8a3b82739c8aea0f708af9a74900e4ffb9d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e97c611f94ac4f00338302288cd3cc0f

    SHA1

    2479a2dbf45f47379de098326e9061bea1284825

    SHA256

    e1729f303b398c7d8513ff269a96871d1e2a204a044ab9c2b80bb31241514961

    SHA512

    30796d985ea26c04739a3097108e2697d0d431c9b4820c0b46fece2f7431f2d0504ceb1e25a948d7f8f9038c4184fa8d34e960c6f838b6e4b2f4ad70eb5600ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a2c46702f3ea96824eb19d0e0e9f052

    SHA1

    0661c70465c7bbc2a80d0413ce353b458a3dc6f6

    SHA256

    63b23e8f890b2566dc065fc46db04e683730e04dddf6626c3f6c77bc932f89ce

    SHA512

    6948c349018fe65ae928ca8dd19f7c3b4710af26e01f45be44aa81961d50de162e4f1ae3dd6a1c0d660af36177334799a6c882b9fd853b6a569ce3815c2238aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd47c795470f92ed712580ef9edc6348

    SHA1

    1de32e65e77844d51fe098cef45ac91e57213a90

    SHA256

    88fff8bd47d4e622bfb41b92bafaff9ea954e151566c05eff84e517c0fb1a1d6

    SHA512

    ff18c0dcabb6a1b3b07c450327d4325f56ca2371506454709945c4ea06c7ae28ce2e6660a862cbe8e94b5af831390f2be024143a5a3e771b1614577672160196

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab119F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar11B2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • \Program Files (x86)\Gamevance\gamevance32.exe
    Filesize

    245KB

    MD5

    a88e91d9adb87e3b8d6f911c78387406

    SHA1

    06890603c2f72a87d562f904be500714a37945ad

    SHA256

    f58e26b0bea136b8864059340bf1ab7c1638808c49fb894cc567e3a74ff5ad91

    SHA512

    99641e3ff4433ecc24f87f9f3048b717b06a422364a4507788b60dcaaffb16ac6dcf4f2e1fefab198db225cc4c665de67ddc741cb236078fa0cd57c65659d451

    Download Submit

  • \Program Files (x86)\Gamevance\gamevancelib32.dll
    Filesize

    222KB

    MD5

    b02072fa100078c67c2dffe98f372b11

    SHA1

    04284147e2d7e1d8d9733c29de789d97700fc205

    SHA256

    cf78a1ef1d1a5b361d6189d7ec44c208caff642c1cd3183d07fbc1208d08eba2

    SHA512

    fec15267bd5b7127b8d2bf2dc176034594b86377f5a702eb984a4275ede43402da1e1b05ab006ce0cfb600b86dc914163a85e5a4f5b7434f0e8b080363b74053

    Download Submit