aab66f6c078ecfbf6769d8ef4a45aa7ab61782ca97944c0d8b9ff5d77ff054bf

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2024, 05:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

38b03797d7b08f3f546d278763133789_JaffaCakes118.html
Size

57KB
MD5

38b03797d7b08f3f546d278763133789
SHA1

0641952ff36e159da83ec6d83d09bfa9261e5fb6
SHA256

aab66f6c078ecfbf6769d8ef4a45aa7ab61782ca97944c0d8b9ff5d77ff054bf
SHA512

d72bbfe371c0afaee1dcca4117bdcc160e4a0b77dbbfb1fbbfdf930a591f3beb7372f214fcff132e84b47ec3d88a8607ea81ac3a7be28d2e6821ac8bbd65dd9b
SSDEEP

1536:gQZBCCOde0IxCWLVJf4f3f7f5f5fbfTfhfJfzfcfbfxfxfTf0fHfffB2fWfzfMfH:gk2Q0IxdQfDBRTLZx7kzpprsv3gerUi4

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4624	msedge.exe
4624	msedge.exe
832	msedge.exe
832	msedge.exe
3608	identity_helper.exe
3608	identity_helper.exe
3952	msedge.exe
3952	msedge.exe
3952	msedge.exe
3952	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe
832	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 832 wrote to memory of 4592	832	msedge.exe	83
PID 832 wrote to memory of 4592	832	msedge.exe	83
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 752	832	msedge.exe	84
PID 832 wrote to memory of 4624	832	msedge.exe	85
PID 832 wrote to memory of 4624	832	msedge.exe	85
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86
PID 832 wrote to memory of 684	832	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\38b03797d7b08f3f546d278763133789_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3a5946f8,0x7ffa3a594708,0x7ffa3a594718
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6076 /prefetch:8
  2⤵
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6076 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6077148734243755322,12519794215870500916,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3952

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1432

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5004

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
215KB

MD5
1585c4c0ffdb55b2a4fdc0b0f5c317be

SHA1
aac0e0f12332063c75c690458b2cfe5acb800d0a

SHA256
18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5

SHA512
7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
33c62d7cdfbd2f1780e5d2cb1ed70969

SHA1
1d448efa68765e8fc559914394e5e164d528b812

SHA256
13a3c8bcb7532f02e7c15fd0d727037b468c9fdb605f20015ff3cf351cb6774c

SHA512
17ee2fc14c654df086e04444b46770b4fb29eb55b686d51f6a50f0116c65eee365e3958c5e1afe7a060004442b1756f6c12ae54da76fc8850eff82755618872a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7f4c0bdf7419b0895da0a4d57679b0f5

SHA1
6aa5965afe0276d71f9d92fab52058e45fbb05e4

SHA256
64455eed9a8425f86b1d9cef03fd9eb44d2186f595fe323bb744df45c08ccd6b

SHA512
5c8aac034082121a62250cd5638a6b47b69a6d1c1f5ece146d5bdb8b8bec600b04f7c18585cb84a39b50e3230a7b7bff839d10e5761225a94d5e1ca8fc139c77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
08ddad1bd96359251dfec901a19f0c63

SHA1
227eb22624885524281138583f7c6e80ff0740ca

SHA256
adc33cac09e33bce160201133894e9b3f04a7f5057636688444b78690779e488

SHA512
6a087cb7cd5b87c983512dd0bf57b627f59d99e4f3253a6b173ebb3d3a1db4856f7c5ebcc619f8c232dd3dc654ff6b67158e1762f2d62a00e9f01d21559ec743

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
064648868b2eaafbc24e85a1ba16cb5f

SHA1
41d89f04605e047a9f36d4bbb49fa9e4b71f0403

SHA256
1d259f597b02c6137d623beb2dafe4d1d9e8bcc8d49fb1b966b345d95c73f54e

SHA512
338c387fa286ce7e143e0880ca9986506b07ac58dae827db523742957cc54824fbe9ce3adda91146d98f3a329983f844b3e011fb986cbb40905d08fa62e26542

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
249adcd6603ac88997bbff198c184c12

SHA1
bb466f49d7ae85b27aa841abb3491b069aa4059e

SHA256
b6f2e79488540ef41e1d0ab9f002e6acfe98f3f29c5f06aacd0c7836625f217a

SHA512
27b7485506a8c28b952a0a3721f7145e63eb6111b0b7b78db6b6fbe1b252f4ff46052833bbffc64b4754c34ebd076dfc5333cfd3d44bcc70729fe4ec269d3425

Download Submit