b516ad8d0e209bbcbf352a71da0aafb567622fbecbb160a2f7408905ea756c49

Analysis

max time kernel
136s
max time network
134s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13-10-2024 13:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

400ec3318726777dc3848a0f036a6e96_JaffaCakes118.html
Size

23KB
MD5

400ec3318726777dc3848a0f036a6e96
SHA1

8fd6ac0e1c42f40f696daf60c07f4a0f6cd2061d
SHA256

b516ad8d0e209bbcbf352a71da0aafb567622fbecbb160a2f7408905ea756c49
SHA512

47381dff9a080b93f1b7dab75d891c289d699c22214e0c69f9371f6493ca6554233b04541aaef838a341fc3a97ca1b584d205d6c90d17c80ed2576a05d6c6c2a
SSDEEP

384:wcHVlIc6tk4/7wdGTHLYvW5ctqHN6Z8L/gvkaguLZ:wcW7wQ0T8rgcaxLZ

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d90700000000020000000000106600000001000020000000bc9ed6f8394014c0ef58dbd58e0da212a0b56945dd7289bb7e9ece9ddbdc6444000000000e8000000002000020000000406a031114fb44e0fc97abb3ad186cf88c34a246482b1dcd541a32e9b45a84a520000000a7b4f20628cc95a1c00864d15d39f61d409e07de787762f83188b8bab186bb2940000000e06e064885a86ff65eb2e2b0d53567493ecefb39b0b09fbabdbed62c1bdab326f07b4f20dbcc4baed13ac91408057dbbd95baca20755c8d060b57eb9a272af8b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434987228"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{492294C1-8965-11EF-9F7F-EAF82BEC9AF0} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 5055653d721ddb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d90700000000020000000000106600000001000020000000e50f3b277ee356e47ff503f68bfbfbe70d5067e700566e595e2fc743e741e9e9000000000e80000000020000200000001be12507007838d379eea594f2d30a7d4a0acef3f6822057c270c4f9d1ca4e1c900000004731dd8a91834f4b2b6f9c2e81fbadcd178a853927ecadf85c39c78346dd67b466fd95c0dc2c7b9759f887e196382c99d156886e3b0e1967b8b255a7decefb4bda4d9559ebbe9e13ee80e1a16123dc994a89e0322d2ba7f56286508de563905f0b0bdf7724b3ea4126bb7cde0be398a3df8e6b59611079a2229a561cd2086bdaee5710cc4708763dd1f775a70e8d3eda4000000036631127e4be5e8c81d24e3da714d40dab3aa7d486965dc59dcb535962326aaf21ed3429fe113272f4a8a58b3d7cdbe06cbf543c1b2d7715a5a59cb7da71b307	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2656	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2656	iexplore.exe
2656	iexplore.exe
2832	IEXPLORE.EXE
2832	IEXPLORE.EXE
2832	IEXPLORE.EXE
2832	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2656 wrote to memory of 2832	2656	iexplore.exe	30
PID 2656 wrote to memory of 2832	2656	iexplore.exe	30
PID 2656 wrote to memory of 2832	2656	iexplore.exe	30
PID 2656 wrote to memory of 2832	2656	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\400ec3318726777dc3848a0f036a6e96_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2656
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2656 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2832

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
993f4dd8df4eeeb882b9b9fbed6a7966

SHA1
ed3c96aab64acafd759fcd33d6b24e50aa3715bf

SHA256
39bd437ba7dc6fe0ba155e4b1aeeccbe1f4e90d390fe4d176154f3e6e647342e

SHA512
fe823f065435465602950336de421b5523636b174015f996ed508482c299cc88cf54d9fb505ef107720db71d20d2cb7dd0cdf72c1f0f35d5cb4a05757fa9083d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
65afad8857c79ca0c311057c4fd42506

SHA1
ae49c6a9b1415dbcf6893350ba5e4323c4101b92

SHA256
efeb006117c325cb8f61ca0ede8fc9c8dd1a69f3e2cd774bcdb9178ecacd87e9

SHA512
203a70c696d9d4539c4558a1e1ae1f80302331c673c15230ea24e0060db121385a573640cac3bb18cea280c8684925bb4ace1dfdc4082aa9b380d98460a536b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f2eb3dffbb0229fbb1a0e927ed8a8d1c

SHA1
3729678f307b5f92c56f29cabf43bedc94ee2750

SHA256
2d6e6ade5e960367cfe68df2a85d2233892270bafcbbb695068c03f6d7716052

SHA512
9514c5f14c135739905cca044fb072980a050adf4de899f190f0c5eb9aec6804ea44fe4aafa86945612dd69267dc52b83b7cbd272086ec8092857b5e6374f2d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
621a5a332da025b8cd756c8f49ff283a

SHA1
e99c4ee0aa5d419b09038e87feb6bfb90178928b

SHA256
fda3adc3435d9a043eb6eca00a59915f6367eefc5e9e7468c5b3bb937a893b4c

SHA512
b032c3ed70a589d4d6275fcfc5f8143a071e8029077be0756e549a50077f641d6ade592c31b1ea023acc77f780e44f742db25d5d2e15ffe56f3aa39d05be953c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1787923e7534c98d412b74afb2cfa9df

SHA1
c570b659ad7673665930360c6b924ac13072ce3a

SHA256
bee0bae5177978877beb82f42a5b6763aca025b9126ac9dbfefd903b3362daab

SHA512
4abcbaa4f1ce6d9e43d6e398597f584f26240df5d16e53b669fc899ff337a433bcf614e4c728db1f57f7f9e3a76d2d45ff6e4f978890a23cbf4b08828990f13f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f9e59b2ad856b66f1139b7ce3d96983a

SHA1
e99b2227fefcc5d3c7b6758c8e3f3754ccac16f1

SHA256
0e47110c7d9e3bdb9fd404503295610626f725125896a0686609f2bf3d455537

SHA512
d151e3f80ec92c58fe303d51d5f6ab2b11fb27da00301179a4049d71d31ad458d4eb04bc6174fd2d27127f967c7dd2f1b64f5403955952e9d91630c066792c82

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
515fa7bd5a4cc101c95a99f5bdc8dc2b

SHA1
6334ee9a213f030b3a1352afff3b81f2c4cdf920

SHA256
c7b8c38824b26466785a6e0b8acead8879dc6af83c286f1e697168eb6bcc96e9

SHA512
76422c4b9b29b72115d45ab4e8af6231fe752bdcd18421f86af9569804490d363b565aab1979677e27387ffa7ace4257c07ea2e41f6126a0639e00b6c9566dd4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dd1fd18729897aff8089c7798095471a

SHA1
8cfc0b87a6049db3f21fde2d38ac0c102029d816

SHA256
fa18c547b262427fbd8796eff43b996c94d8c9f75d7d3ec363747292e93d2254

SHA512
699e125221175b0116273946f99dfdce2700871dfcf11eed17d35c8968be243e2992454020f4158daf1766e18cad3dd94f46fc9f844abd5af369b14fb02c78d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
97208982e6934beff8973909afb6f024

SHA1
af00f83541bf4dc23c93c79786e546bf6b243b46

SHA256
68211d239feffbc9e48b879fb972d840dd0f355c4e3a7d1696e586776abc18fc

SHA512
aa83abaf9ad30188f4013c1c9d23f1877c1e1a1f9e3141f6d608b2323fb666c56c918149c321fede6873eeb067557c05929c7f1b2b1d1f688ae0f531ed5d112a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
212075b27d743ca0d50cf002e6df5e5d

SHA1
34fcc558c8f24b985d23cf0b0dbaf67b5f6edf6c

SHA256
00f040facb48b2188ee9b202a17a98ebf207173eba6a4b63708e02a17390f071

SHA512
29da745e51d6a813cd3032273b8314d25f87d2379fc0e9d067b4401b47660d8a6a636331784fd1b32f30b46cbd842afe609e37ac26caba15e8b6d68c61e924cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a2aa1257a0914a4c5ef5a79563c6ed49

SHA1
a409debb7c4659afab94ec552308c713eccc618a

SHA256
6135aa8bbca31fbc816a0bb85b2108887a6b192e21c64237366cd159bf537113

SHA512
78853e035b3df4bf066e1ace8722fdd2a643a95ac75cbe28aea4e6d95115cca52fdd1a50380924e72bb54ecbe0220e78465f07d68e55a1467edd5ba902a9ba2c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1f2cd4adbffba643f457d5dced5b8a3

SHA1
489e6d12f6a5832f1ea73784fa9cac0982f4ed3a

SHA256
bda9dd0a7ae3489442f0c6b2c8ca58addb25fb900bf6dde5cef1ae33f7e8b342

SHA512
86b056f54aeca2adb7524cdc3ac868f311aefd7e99e9afce8a6dec1713fa2862493eea9a4255de6b42ca660cd35339b3bde3db7201325a7ebb64bbaa1dc3e5b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad70a49e82c2cdf3840b43bf75bff24a

SHA1
39158c670ba8de6c1a6d8162c66a35a401894329

SHA256
c478e0df9dbc5b9280dfeadcb7061f0757895b8b28a86e95b818d55721820569

SHA512
a5cf95ddefd9ee6676f9d9d5a76df545d1a12fb6f490fe6a25c46cdad9507e9ff1f1ac94e4642efeadd64c43e572dcb6a9c02cdfb544646d0e6f6cb169f7096d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d75c688dc8c0a337f09b65a2bdecb5ab

SHA1
29272902387588657a6280114e4ba54a46516673

SHA256
218cb9433367cd9f0acfcc4d94c40eaaf7680f91e00de214040e663af12a2ff2

SHA512
9a5ae32bb9375341c636d512ea594334a40c4a4d7915707ccf9785f85d455da8e5b5532b4af07d57505e70daafaafb7cbee313ab9264306b3503fb9e5f60e8bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
691a7282381e02b9f182ab359b9a6ce5

SHA1
f2f4cc92d09e989771171327ec814150793fc23a

SHA256
9bc5ed5ba567e40dbe40a66e57e7a94dd3d9a075dc9640f86d0037558cd2dac9

SHA512
a743fd4595b0943d4549230d86c1357f2fff16561f587c44d4bcc7ce6c66eb84303e3aab7dd5764940994973fa4767eaba4494907dd2d71039d68c54f4ea33bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2f9347e9c2bd559c1e274a23ca927bea

SHA1
94a448ec73410860d5bb43dbbe254120794e4bd6

SHA256
f047858700341f21f79a0c43c3c0712ac5519c11cdb45656689cdb6b631cf36c

SHA512
e1c2058c4a4665b3c22d72a350a43ac1e20cda3d5c957accfcad44f4c4f78e04fd45cab6a650bd08cb5d9da6a7f41b0d532be14863379d6da3cb61c61705f5b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d196555f47b8ea35e3ebd9eebdbcae9

SHA1
a300ed72a7b6fa07525fabeab75b5550dc9d74bc

SHA256
1fad95d5707ac8af6d169afe4d14942843f525cebfc45226bef51fef8f5f14a5

SHA512
fc76cd3a5d65680f1fc5740c281f673dc9579439c5efb04c77be105bb097c3f0dcabe1358138ba8bf496565bb730a32ae913723343b1f86b68ccd04425c3217a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3E3B.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar46A7.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit