421fad17c031bb6c84125be2a92797f41980a8319e0293bd9438333e4e86225b

Analysis

max time kernel
140s
max time network
142s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/10/2024, 08:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2e419595510709957148c4f78a757a86_JaffaCakes118.html
Size

17KB
MD5

2e419595510709957148c4f78a757a86
SHA1

310ca59d68ae9914f48c2e15315c50bf8d151b9e
SHA256

421fad17c031bb6c84125be2a92797f41980a8319e0293bd9438333e4e86225b
SHA512

f60da2093bae9e09bc3b69a8d782aed53cd4122b8fdeab604671d3b8b6a40e2fe4eac4b075cde7576be1e2a476c74e100e7f69fd958563ad38a21b38e5409a4e
SSDEEP

384:BEIh4sPBa7SyNuy1uaVD2A/svtQut0btu5btobtM3nri3RT7hgHh2Ld6v5rlNZD4:GMPPBa7S6zPwCGOsdlNZDALYwKu

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434670594"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 105927e7901adb01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d907000000000200000000001066000000010000200000005e80d2d7731148a03a9f731d622f68d560f66344474993581f8475f94af40d37000000000e8000000002000020000000109a01e35bc8cad496ce443fcd25c33bdbc351299a2fa172ebfbecbd01e8373d9000000010f411c940afeadcff966dcced3a9aa55e500771f295e16c9c0f637776e0a5b144002b513761b96fc70caeddd7e90356ddaba18e21390dec4894fc3ec6ed38d00c0974754708f1a281d5610dcc528418aa6ab2e9ca8709062d6144524f4462e3b149b165ffe6b66e600c1f67b57bb154e56c689117f317ae3f6e0bf4fc44b7bdbfbadbf0a14c40ad08eba0920897a36c40000000c3fe1f8cf6781cdfccfc1c265f08cf68f419e9815cf7821f878ae68e9f91827c54f95becf3d5b51a48ee0290aa3e3b9351d67987a4c93a38f97a687a5089af4f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1253CE71-8684-11EF-8F55-D60C98DC526F} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d907000000000200000000001066000000010000200000002e868db3fbdd7af88fa3abfe30500a30ff134977707843cac9f3e1eaad2f5d7c000000000e8000000002000020000000376b9f2c12e2b326367c15b456aaef66eee6cec7ce62493cdd26de837cee001720000000053f38ec21be76e310e2e59bfe4ca54099e6e2ed6a180d36ed80092159c2f45940000000670c74f495cd1ea9c0cce4d862f0821f1cec93c005a51f1602b1204a8a3ad75db8d0ea4c1078df103177f271922e2fb9aeddcf6bdfd8e03a3677724ac1bff0f8	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2224	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2224	iexplore.exe
2224	iexplore.exe
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2224 wrote to memory of 2816	2224	iexplore.exe	31
PID 2224 wrote to memory of 2816	2224	iexplore.exe	31
PID 2224 wrote to memory of 2816	2224	iexplore.exe	31
PID 2224 wrote to memory of 2816	2224	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2e419595510709957148c4f78a757a86_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2224
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2816

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c45d3efbd0cf05ae9cc8bc3e63291a66

SHA1
b7aeca11b6198bd06c2f446c62199d3f9f15b525

SHA256
a02e497bbc0ed10303c5dd112df68ba691a1e661255a38e7ea9ab3c94beb3e0b

SHA512
55c5f7bb5523a724432d41d6da1d96037a14fe8133247ab9f0eb274322b910712a524ed4e7c306b5696c4ec9e8b26649a7d25024eea16461d1f106ceb79f58b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
915d07c18c66e7e476bfad87e8d58a8e

SHA1
b2048ef27d87352a1d30a77a0102d0f0c966d109

SHA256
b8fa249551e7d0d930dcd2006a17b49fce38d7b85280d52cdf4b656be20d2b87

SHA512
2d20d438d371d1b071430823f8d1d73a1a7e2fb9634fe47af71862a92008761eb29b22af4b8f8430bfbb55539da488e2b51301afd6089a5d28ed4524dc6bdce2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cf28e89125393929c3bfb3e9ce6af4d8

SHA1
462291f6fa8528611e9d0265368fa54dfcd4acda

SHA256
4c184256b25132fa4c664ca549ef25b9421da8414b3d05e07a4a5bc974714f41

SHA512
a9b257c91b77ec75c30c97595b37d6a90e3bf4fbf9e7f6615e8be809a7c418c07c6d07ad54cd4bc24cdd66bdb8adfb397cbe0646fab8fd25b20d65861a4000a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
258b316fdd68bfc51f6f728adbb87d19

SHA1
5483dc64b2af9ad5ee145e93e7cd606f3728ab7b

SHA256
297af0db605554d4377cb7f5e014a1b5b0cfd29f9272ee98044de9388363a9e2

SHA512
ef822b3bad336a5942b6b7b08432e4fc1755fae70a4be60af4a7322c52f09fba7686397fc2b7fcc4a482b5f2be8fca3ac71ed9960660a0ffefe6c949b50af8fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dbd54f3e0c007de57927f0c38a1315ff

SHA1
ba9458d71a59dd657a445238a2060aba7328c4b9

SHA256
0ad22124bd41b2ed7a6edbf9a14f819ca975da5a9cd926ea0cd219a59cc774ef

SHA512
00c9d58bc3e2446bbacb0a9fafc3bbcf0aacbc02199b6a011de8ccced5f3fe00dd42d0cf3f27cb3f0765476a5fc5522193536be3fccf7ce2153252b69476df7f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0f46fb4693f927f91f8508ffd294d7ed

SHA1
f0f5b6e2319e0ea7582d0885a96fb53b5dc533bf

SHA256
0a3a442a7094a85901d07d48f08af771ccabe4b5dda48b892f62ff97a0ac9523

SHA512
4a8293cf46a4859e76d2aeb029a7f49dc32bef0b38ba98b1366a656416103a0f4ebefe451ac32ff68642071c79d71a6e825a6b2fb7d29d3af5f8843528b0b452

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e1be074052b335f3ef7cd5e6418dda69

SHA1
763f4440b14532d597d16ce3635edfc9dcc21fed

SHA256
6674b9f57bf21e1fe4057a3e9795f1b5e6523cb60e237ff678eabf79574d9325

SHA512
fa40bf9cdcd26e6b64f91bdd44be7d2702a0830e49999962c421946241854bf942217d04b09ea1a4a4461e64a61330246ee1a1c9ece2a1a5aaf1a9059bbe2ed1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20792cd9b0b62052225b91804853722f

SHA1
5a9b65ae477f424a3248ddd6e0878835e584f0de

SHA256
3989c15af422138c1f6d540c93392c0293e0be0f6d1187b3b604cd77be10c3f7

SHA512
f4030288364955512dd2c234ab3527bdcd9c05934a7b5149db68748a833c5a698ece35ea6faf22e26b0e8b524bc39282a740e39d2f13c385f3664876315d112a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33bf3da52898e1dae69f10ffd4642151

SHA1
c32badbafee359d83b3a8680fb365af8167f40e8

SHA256
d5edeb4712c3fefc53d6dd50e04ee9037c3db28b4e85c8905a1bf04263034c51

SHA512
d78f67b3cacc8e143ddc859f77c4114464d3992dd8f481f1d45ea445876ddb25707d1e8dd7c6a93abcc3d5631b5b0cee4ab9fa3a131b988d219aa46386e5bf0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f243de31f9050ff9f5efcfef80a19683

SHA1
5293f63d5fe400bbf78f012690f92e58e54b3d1f

SHA256
f809a0a4f12db538dc1a3306144e958463596bb44963c5fb1cf08315a306de6b

SHA512
94b59159303f814e37e0c47b10ed61595cf8aeffaeabf9cd14f9ce3eadb2e07995c29384f6da199059c03bcc411eb2e37141a473253096ab87f92436536e23c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c3caba1fb9e2092283258796edf1e948

SHA1
9b93d28f483c72a924a8cc80f708d685cfb1fef2

SHA256
bf86b740025d9d62b83b530618c427765c08bed42385475685f448bb43334300

SHA512
1d2486fb3753a2c3f817f1ad28a3b7da2b62448e4b716dd821f306417d0185b00a753cf01f4accea64b2c05a643818219dcdb1a5fe8bf6c7dbcc0e65b3ab07f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
303b8d02eb177c48f83bb92735828f38

SHA1
32cf657b9554153f3939b92ef204d17ab1dccb25

SHA256
2982ff6eb75f5b940dc1fc1c4fbf5880913b314fe971325eec0b62b37b618706

SHA512
f3a59ea01524acb77d601c5f47a0a803c93ca79eb69cc072e0a51f8568c055bb069c5196ebcceb26d7005ff248008b6885a92aee50c035f0fce08a1256fbb358

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5232b4ee0a5e5fb09ddb9c4de01cc933

SHA1
e34a211e5d4ae4a3fd3d6d94f893966a0299058f

SHA256
636246db0c9e6a33f0f8017a6484f271520dabbb0c298f4a9c694931052c369e

SHA512
ed49d4d4b207a2f901384c7ae7420eba60ec730e199b86a45122485bf77e6c35648793f8888132e2deaa3920607dbf7aeebc80f225b04809029d151a0af315e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
119c42b05f2991aa1b6e919c3ac3fcaf

SHA1
2827186bb72d7ee2d8ad45d6bdc9d7d444ba1623

SHA256
c420f3f1f2a5531e846784a1a4d64528f91026307d81adaee5b8e60526787329

SHA512
a61d37152733655526ae6d4308399f0bd749ac468d3a0e2255b81a8ad86926cfe2454623c525797e88bbc481a535dd9f646a37b92243a1ad9eb96de44c5dc428

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8258516380ee4473f6cbc1b7c232ac90

SHA1
18f2e62d688ff8d6cf6cb96b825deddca28a7223

SHA256
1f9b1c0a0c5941147e78ad23da81f0fd8243c669a2359fc30c048342e95a2c2e

SHA512
98697b07dc9b114f96d091249a29db70b4862b5268566137489ba7428af66ad9716f68a9e1e426b3e90340cb41b645bc7de41d8caedbec2230de606c566d3fc6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1a7bd4e010a7b31e5642dfd2b85788ae

SHA1
089a7caaff8f9fcfa3037e21fd7536ea59381d94

SHA256
3c61e800d25c54aacb46c8c8c8e89b193672157fffb4c39dac8d0124bada37b5

SHA512
ce6993b5798c34b15130849d61a70360931b87ccaca42af20a82bf9f3c46c8d4f8b5f1149dabec0c5e620cd85b7c5a6542f839e9fb54d2828415b822d9e0f878

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b1fcb86143a50b0236922ae06e02dd27

SHA1
a6904c220c3fb1733d66323ec43b24338129d05a

SHA256
76a429b1108c145f10c0fc7349ffb147d54046834a691aaeadb2857932335798

SHA512
89f61aac85c605c68085f3f6ee5a09982b40d08dea22b2239c013eac619116ad7a4f97ec1f62bdac01e7868f1eb754b092ae462de82af609f9aa426d20d63d8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab40.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit