61b7a4345b5230192c40d44b23e5dd0dee7b1895a690478196bf610fe716f954

Analysis

max time kernel
120s
max time network
134s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
13/10/2024, 03:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d94baede4f4dd7f02bf08e020866f9b_JaffaCakes118.html
Size

35KB
MD5

3d94baede4f4dd7f02bf08e020866f9b
SHA1

35a2924c6422c7549b36c5db32b77ae80c697d07
SHA256

61b7a4345b5230192c40d44b23e5dd0dee7b1895a690478196bf610fe716f954
SHA512

6dc9456e295417a2ab08c5f14a7f39c68d406a6de5dc673fd6f8ed7f9a38bb7952b39cfffcb80d2e6e55cee31a7180a03b0c05da29e44b6e7183b8f1bc143153
SSDEEP

384:3MxftqeB3sdbWWGUjCNvxvRc98oWKehVa668:8x8e1sJvr6vR88me/

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000346fd72bb5e949c449124b36ec829afb64ededd9c796a0a3846643d5ac347bad000000000e8000000002000020000000de03b4c998d959572166abe29a1084df233837ff8f28b2a7882fce5114746f6e90000000abf4795cfa3dd1dab3ca49f9a0a94ca1ebfc778b3332c47e35834eba80b2198381ddab73967f25d749d2de13f8c6a2e0c60559620cfa22b04bebc0a9ce1053e77a3a090fdf6062e1041ddb20cd2b4fbbed0e5cb8a834dede8d999064458622584332a0625146e164549443bc8be92bf5ce05c129df71f1c15d8c458d4e2594f032f728432fd5c9969f34fe5dd914735440000000e0938a53256b6e04311763512b0ae3492a643c88e6d3930d9a26e333bb86e70d2d8af2f666e230ef78c8ff4d9affe57380736e16cf50b0bd7d0ff0006ec96636	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0f4af44211ddb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b13190000000002000000000010660000000100002000000009eab72f7c6b01c5c97d80eab71e1775c64682a494af84b09309bbc10d1b4f46000000000e8000000002000020000000c7dad50fd6341e24036d23be5502fdda65e64c930bde9041252c53236e3026f820000000affab2502194ee7b3d856942fd6803688abe8e0a97d93b8f160fb7105739e0224000000098bcf293408e83307c19f7c8034af0e8685c3e5b1fa4e73c3c18eb4078bb785058f88d856bf33e12943a9162c569a267926787d35dce6b740169cdcd8dddfff3	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434952485"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{652816A1-8914-11EF-A276-7E6174361434} = "0"	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2868	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3012	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
3012	iexplore.exe
3012	iexplore.exe
2868	IEXPLORE.EXE
2868	IEXPLORE.EXE
2868	IEXPLORE.EXE
2868	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3012 wrote to memory of 2868	3012	iexplore.exe	30
PID 3012 wrote to memory of 2868	3012	iexplore.exe	30
PID 3012 wrote to memory of 2868	3012	iexplore.exe	30
PID 3012 wrote to memory of 2868	3012	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3d94baede4f4dd7f02bf08e020866f9b_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3012
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3012 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
217b44193c8d4796b7848300b296e834

SHA1
811c1139cd845259862ad7407d3e5d996e5e47e2

SHA256
ef1b3b3b5f791a5ccd11c15fd53801aa5174c175b0417faf846510376419702f

SHA512
127be14f7922756bbdc4bbaa62a3d1055b801622350e04afdae10835d2efe0aecd035bfc8dc05de62b5b21edeb345b5472d9ed50c18c5084f59202706cabd552

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4e73c20c4d4569c25b5423465565bb59

SHA1
5721c83c5b5acc14c377633d379c06718f615bea

SHA256
2306f1cbdc6e6883763b1b70eb5514314ea9fdbafac70f0ec703be2d4a1f6091

SHA512
a006c6d43028d6b301cc45dafa01f2dbc765c41e469594fdaeef5d578db4eb81c2a644c2dfd258f67bbb49537a5e6278fe1c8310ad0a35a2e35946e401ef47df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6abf901b4f1b7fea591c939ff24a00f

SHA1
12f7abf395ee9d64e7ffc216a9df85368eec9d2a

SHA256
692190b608427ac72f65e70160f0cb3c40e844f78700c5f0d017a16bbe39222b

SHA512
1e2866f2c8128ebf1196ce129c48cf6a754beea84daf2cd5afa3edc5b0cc635cb4a8642f759950218d0ca88d5b405cdf5ac45476b8eeb996d5cf1c2eac427d7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1df08bdd04092af2d9cd50c10a9dc05f

SHA1
f5099edaadf2a93ed64401d7362cef9fc75d0785

SHA256
bad248177a92570386317f5811736919f403568f08c511aa901609962717b882

SHA512
e9276a015229ce504d7d1adb2128d489271cbad7ba25f4d9a22c43fe785a18aaffecc52a493c3cac8416231a18eba32dcae5d269885d4dba963c04c2e1200fa8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f8b7eff9233944bb3c273f22cfae36d0

SHA1
34b6dc639f6f850f9ed2748d470d3845530c8710

SHA256
5122c11d5ec69c1eba3abeb7eccb9a9b0f9b47b41540e90c0f57cd6affe21844

SHA512
e780cb76fc1fb48fa16230a50dc4a7539501b309682cd12cca8c2390d0cf46ebf488cca1f54d7c2cdc623a0a096884bde1fbfc2d51da066f092fe0e5f4242ddc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
900e96c3706320ed7c636cf805575209

SHA1
fc24b3fcafe1cf24e042091bec4278128437199a

SHA256
00e49725dd5af2af58ac9601e81007c6f3c5f738f4a841a414c845b90a071bba

SHA512
f627e2e70d64f99cc0bd59ccb01bdd51129976145f573ab0bc04f4943d22a8f5a670324104a5a8d15950474bc6a9b4c0d496dca18b4df3ec3c0ce2c4eb159ac4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c071ef33772cc080e59a8e152f78c98b

SHA1
3eec865147c2f9433df49b982eeb9dc2d4f38ace

SHA256
b78b64b7c042e80afc525193c631eee1b5f3a155ae13457d0637ff846fcbecbc

SHA512
c0ff29daf65c7f5013af3de81af6bd2e925370b3b1fc16e9827378ccf74d5308746f8bab107b6c9e8c10055436cae8d32414839df8ab88eaf800b2b0c52b606d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5bba5bf6e97fd082f312f793870568f7

SHA1
41e292f9559fec8473f4f478b784f55c64bcdd2c

SHA256
ae20c72b08c8e31f98a2ca2018d570c06a1aca2a4281100ccbda837eba5e6889

SHA512
6acb364892b531b2f4638806a4c610d86efd0827faad2807b56c73e655ed17dcaca5bd194dda6179969cf2d4371787c77af15ef390a93a8d8153cd7ef5d7563d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0730eca9dc1faa9e3334d37d52d1d75b

SHA1
8835f2fa8acdfe44e098016fd67b1887106fc0eb

SHA256
fcf28e0d335801edf88d4f32dc604ddb5f826356911f035b8a4625c6d72619f7

SHA512
05c05eb7320a09d5cfaea093b0a365dfeb9ab1a485b3d678b7c2d11617da89796e9c40dc31392fee0070d424243e7e689de63e8d13db0322e74e9d57c781699d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b5e9d7507d5003398d9d10d10a7f1f9

SHA1
af13eb93083ff8ef69d925f2104483cfa8be8fad

SHA256
1a5e043b1b9766381f822422b42e62a7769b8b3d219321a677a64817d41e3a50

SHA512
cbad62a52ce1c77e3e7d9874117eb0a02b8426f2999d6ff5bb7585aa1d95922fb9de9eae2d3f2a2e1dc0409f657eea87e66eb584b871cab355c66d34200d5376

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2bbb3874232e746098aaa553afa7a2d9

SHA1
a94a6657292c810e08dfeb83aede16a1dce00a96

SHA256
00dcc916a75bab2948a4cc193fa6982249dcc262635482ec9cc91c9ebea86ae5

SHA512
b90240efdad64aebb2dcc077c11da6db8e34769150568dad7d264d8100e98d9d740acb4c2658d24ae83d6b90039a33427405a9bb06a02d0cdf49afd319c997e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6094c13ff133e657296d06e582765aee

SHA1
aebe93713e73635c804fea2aeb69625c7199a2e2

SHA256
7b2556c3c16684d2227eb860a463e298b670ae4f48ca5698c0f8e80b7d4c6431

SHA512
30ab2af887fb5fcd723fbcd78ae168c70e0ad873ac48224f4cda80f296fa3b602bdc35e195f756f0b93f8fd3336b5f00aa2d27770cefaa76a95750b60e5c386c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b8233e290d7d091998f665e6a640588

SHA1
8516b459a0e3e7249a328adf6a327b79553847ef

SHA256
3f6fa6ce625b58a54b444478052fa44fe36967cb9395ce15de17bc8835ae8c6f

SHA512
6d58c9ca3de4b14ce441f70cfc5e6cf43945b4fa3dd8404d0ffc473d01f77adc287eb3a2c7b90e2c659d540fd825b70517a2f19021302755160dbef8bc20950a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5983e1ed3594043e7901f6fe051344e5

SHA1
7d044a846fe513f0bbcbef1290e9311913a1138c

SHA256
24216c7336d496958b63b8ff499ea6e6d7b11632538000568b1224c1a51148ff

SHA512
d713c38f3555577da3b1ac7eef764fc7c0ebec8b1268b6fda11dee31d090d06149be527ca715bc86c97e3e7909f319f9c86958b9f9693daa61595af810c30b53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
49a2241f1c158e953e759c0d560c0ebe

SHA1
ea2e056bd304ce7eada17e257c7b32e578c3869a

SHA256
d250354bacbaecc09b0a6d806b6879ee9e35b7f3724b38740a24eee466b139d0

SHA512
861dedfb53ad4f7638d5df86919d95054e134032e839701864fc09860c6fd309f8c279d6d8258d2bebced3f19ed650886b7a0f282046fa9573bfae66f8e6f00a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78d42698eeddccabe2604bc1d540d630

SHA1
32535de1e20caabf592fc5ee05b7a4f6e0fdf116

SHA256
6ad85e6ba6ef3fd82f4b4ed20cc72ae57053b7cb47bb84a5d751852f0440abf3

SHA512
4e4f442e4833ede15f5e9c6563e55d39b3fb70920c6f7a35d96cec9cf06f4e3ff876ae9dc5866bed6dabb4f88fd0290c356fe1f441cb58ff69d129743c52ab8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3eff587a3e67f03b797ffe27ebe5d83

SHA1
6e6e681580cc2526227ff7c883ad8837fd7ead0c

SHA256
9b08f2c199d4e89adef6f2aee2c8751b5332297ee1ea9c136ceb29ea5ef9c4b6

SHA512
540bfff15bf62425f61ae2d80cfbcbaa10351f5ad2b811f9a03ba0b3b5d2929855f8a6d4861d68c2404c0f3a9882ff01177304dbf33e36d2fac68b3dbe16274c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab54D7.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5586.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit