c923f80e4e07e54e83b1e2615988f4f0123a2846e09684de2496187f2b932d82

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2024, 05:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2bb3e48ede70c1c0f105ad15b69a362f_JaffaCakes118.html
Size

113KB
MD5

2bb3e48ede70c1c0f105ad15b69a362f
SHA1

85ca23bba1057261a4e4e51f03f1704560e2b057
SHA256

c923f80e4e07e54e83b1e2615988f4f0123a2846e09684de2496187f2b932d82
SHA512

033127b517f893c1e825f085fc4f41f2ef06f6aa49510030b52092bc7bbf75efdd6a1da394050192b284d1250aecfd00d97bd81be826704a5c31e03d190a4ef0
SSDEEP

1536:RyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCsQSz:RyfkMY+BES09JXAnyrZalI+YQ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
1552	msedge.exe
1552	msedge.exe
5072	identity_helper.exe
5072	identity_helper.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe
1552	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 3544	1552	msedge.exe	83
PID 1552 wrote to memory of 3544	1552	msedge.exe	83
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 1924	1552	msedge.exe	84
PID 1552 wrote to memory of 2968	1552	msedge.exe	85
PID 1552 wrote to memory of 2968	1552	msedge.exe	85
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86
PID 1552 wrote to memory of 872	1552	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2bb3e48ede70c1c0f105ad15b69a362f_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff160146f8,0x7fff16014708,0x7fff16014718
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5416 /prefetch:8
  2⤵
  PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5416 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9194185786444267263,16695721531473354503,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1892 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3996

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2328

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
dfe907e53ca03cdb01715cd9ddfbb976

SHA1
7f503f7d4e0075fb9da35c49ade3eeb4090e3fdc

SHA256
689e6415676b37b70fb64c0021a9a8e47f3f9998a88e5391c77ac5167a5e10b7

SHA512
4d6e8063f72ea39be95f5fb1bf6b3dc6584d0c8f5c91c6d78a16dbbf9dda11ba788a65dc21dcbf456b8a0fdf05083500f84cc124a9a76ba0172b4135e6b3d270

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
12103a0ca931cb5772aff4259fb34b9b

SHA1
17c83b29bf74a55825a8135a7c1ad183b374d0a2

SHA256
5cbc75b71f1097c9dd29c5de9726f001cec779a5f43119cbbf016fc5430588e8

SHA512
b6d604ae5c1c4ae46301ba800df8c8e05fccee6b9d2fa76faf33e01c676b9400987e23812a53ebb3f38ae0c35a0ab2c8c1de02ebef1ee94818c084f112db2ecb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f051c540282822953ca8eff8150d4ec5

SHA1
36697c53814632e8af098ebe782a30445515726b

SHA256
57eff999f05c1ae7d6acd5d61b15bbf0255fbb0105dd52d9ba2384e27de953b5

SHA512
d4ae6d405fa1d217239810b748e5c2eea0e6548e44f195b26c75ad0f785b82c8854fc40f45297a6a7bddc14af9d296f7207cefca5d6df76cf4ab1ea4212725eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4670e767673b2feda02684b0463aa0f9

SHA1
a248cc1a7b17d7503d1b271050cbd7bd9643a0e4

SHA256
78eaa5573ab4516beeae105f486cd0d088a34827f22ea673bce13c24832ccda8

SHA512
94c3e75aabb6926c8fbcd3908ae594ec93aad363db68a74ef3962930e06e9e9e50c1c74a0cd336435d55d6541aa274bfcc543fccf2c8e574c4e94b948c027db5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1dc3c35a64e5f88068bc820aa9eaa128

SHA1
d27f498a6f78e09a5703e393e32904fb110e7c53

SHA256
b5b3ee9146ad8a89c811b5fa5d8a29b842772edda8d007a4839fbb0c449fd34d

SHA512
aac5172a90ed084974894db5daa8925dc414d0529010902dd55a615975f43ea9a9e9b46c03ac8e75d83e8e224d8848ed6f03182e722c1fdac92fa7b617054384

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a4a4117ddc2625e172976219d2dceeba

SHA1
a29f395d1de7217b6f36a917f47655a7394b07af

SHA256
98ab2197d06cf21bcb5cc9c3d3a81fa6d1b01c4349a00ec23e087a7a879797e4

SHA512
2721c1647cb244b129c89b3389e4595d2579848eb0b6ea7a4e366ddcd8f1037fdf2081928b354946a1ccca8984567afd4768152f086607052e41dc51cac102f9

Download Submit