fbcb7c9836b02c47ddcd2a6875b671437358096cffc37e9909dcca8e824dc93b

Analysis

max time kernel
145s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2024, 00:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

37a206f4d25360e1923c562a09c0da6e_JaffaCakes118.html
Size

20KB
MD5

37a206f4d25360e1923c562a09c0da6e
SHA1

c2a5b80da5691e8bbc6c8c6302c01fa444540a08
SHA256

fbcb7c9836b02c47ddcd2a6875b671437358096cffc37e9909dcca8e824dc93b
SHA512

7dca1e0a6d1a34c50a88fb66c2c6336ad6e51ed5dc83431cf5a03c727d2eb06f3f90d6c87ba0c0c447854352824e52c9bb0cf1ccaf27a54a0ca9e9ecd46bf1df
SSDEEP

384:M4lgAgCbbt17kri+Dap+vQQ0MW1Up75Y0VVqEO2OEJzmDUFI5:84bor9LDB59VVqEZJ2Uu5

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2344	msedge.exe
2344	msedge.exe
3108	msedge.exe
3108	msedge.exe
4084	identity_helper.exe
4084	identity_helper.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe
3108	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3108 wrote to memory of 1168	3108	msedge.exe	83
PID 3108 wrote to memory of 1168	3108	msedge.exe	83
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 4968	3108	msedge.exe	84
PID 3108 wrote to memory of 2344	3108	msedge.exe	85
PID 3108 wrote to memory of 2344	3108	msedge.exe	85
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86
PID 3108 wrote to memory of 4220	3108	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\37a206f4d25360e1923c562a09c0da6e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd3e7f46f8,0x7ffd3e7f4708,0x7ffd3e7f4718
  2⤵
  PID:1168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2628 /prefetch:8
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2080 /prefetch:1
  2⤵
  PID:664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,18347576721264783356,4264539946649703749,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4820 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2468

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e55832d7cd7e868a2c087c4c73678018

SHA1
ed7a2f6d6437e907218ffba9128802eaf414a0eb

SHA256
a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574

SHA512
897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c2d9eeb3fdd75834f0ac3f9767de8d6f

SHA1
4d16a7e82190f8490a00008bd53d85fb92e379b0

SHA256
1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66

SHA512
d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
3bd56918cd9ce5543f6edb2c6201837a

SHA1
024004e83b7c09330adea8acca4820697a72c335

SHA256
0e8c01739936c8f42deb6c78a9cd702bbf9c1f33553c0253935460ef592cb15b

SHA512
a9166b2a370531a334630b95fb3aa7485467ed1b8424e0ef41d7f409659d7dfb54a717f65c3dc8a5286dd90b390d3da877d07abf76b24e3aa18a9f765c1c35c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
54773b99b2db836ef0bc3d71ce9e0635

SHA1
934743723c9ff529dc58616d7cf4aa55fd47580c

SHA256
e6eb81f471b3c26e8939df435b30d9525d1103ce4134a0ad15719b7dc9316930

SHA512
00a3296ca1487de4e572bad8c4d8fc77c59b431517090baf625863786309435a37a36379dde9ccd1f776398286477b0844a44c2310296bdf7090cbbc069e7649

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cb57c6b59bac4ab2cb13ad0f9fd75c3e

SHA1
69eddbb1925b9637601458567254357a409dfcc5

SHA256
f98449e37dbf97919fe3ef392f3b709b48051b4bbdb17ca5793399380a59f321

SHA512
75934f8379f86f13b39538f5457610ad2e2f6ac5d07f9737ce78a6856c473e52e6c0adfabefe3ad5c0c6dda1137f076f98258e4a0dc0f5a08321485399f7b185

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7080548d69d9631f9c81999117ac7a33

SHA1
fadf603c992f1b10b264fea940b91a879246de43

SHA256
b54265e5f38ff663a67514ad3d4545e72569d63861ad4b45d886c3f760b4f635

SHA512
c65f20b234130c16629c26a4d0b4f153ca6b2ab8058b3a5edf5e30087dadcc7f9b755740aa1c7f29f5a30615a12c377938d4c0a40246205bcfc0e3a3170983dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
895a8662a6a8c6f50989ea7ee44dc55f

SHA1
c99d65c374271003dd6271e5107cda796c158e6c

SHA256
d546f9f396fc06c84ebb330993699922f82bb4150fdf90dc3d9c9346be5f07b9

SHA512
4a6e34d6ad8db30a5027a25342da4c8b0539d7aebbb096b4ebb22bed42f75e821c003b039c6eb4cf64cdf2834a162a451b8657248e320b3eeb4afa133aa1be0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
52444b38a66aa0fd45cc7fb01ff9c54e

SHA1
0ad479a4bccb2a4c0bda6f327e90108d459c1e05

SHA256
e0700afbdaf34d40552c9ea18fd065f2ec7a484e418deaaacc4cd300f340cbc1

SHA512
128de864081d6a03a7657a331b508a8237d8de2929f9c162f0e8fd8b4ff145796a9f8901bb6c47d37530581279b1c11bea026d8de0ed946b76c7b066321d9874

Download Submit