6cf321748a762b6680ef4362f0b8e33f19c90854ea1a845dfc35730544297524

Analysis

max time kernel
121s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14/10/2024, 13:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

427c89dc7162156250ea190b32521a6b_JaffaCakes118.html
Size

88KB
MD5

427c89dc7162156250ea190b32521a6b
SHA1

62ae82446ffedb97ca4a06f0a06f9f48937ee1e2
SHA256

6cf321748a762b6680ef4362f0b8e33f19c90854ea1a845dfc35730544297524
SHA512

225ee540ae96f8a52b2d31a33579b0c963aadf3f5775f872d18b29c8d7579c917c0c0553cb775d75997edaade9fec0f477a3280469bfede0bd1e6b6541c0e483
SSDEEP

1536:gQZBCCOdA0IxCi/5DVGTC8nCIpapFUPObr4lqq1k+N3/LbwwsuxCRoaWQ4ud8+5R:gk2+0IxbPd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f08d37fc391edb01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000218a151a6f57250d176c44e467fc23d47ede551c91f76736cb8f52ae3dbf952a000000000e800000000200002000000022fdbcd7e36b6a05fadc030b7c459844c28b9dac1b46f1db0e55a1c5c9b6dae59000000017b5ad912cd4fca8f36e0c76bf33e112f3aadfe3064c566411e3f288ed3c171d677d50cb951f46b6a29f90683b41d9ccaf82c37bb6a38283d7ce0668dd74b85c397419372b172b64f13dc54ed549877d3d2f1acd11acebf33f8362a176f05af67a1e5f565c17387a369861d11315c11be3a3c9384915657b3f7eeaa749c948a36617f06283fdd05cfbce484f97f854214000000056fb9ffd70b13fecc760327efa9e95c341f1082ec780116f9b50ea4a6603f445b19d1f392dcf9f20f412275b39228d5394dcdacfb3a7d0e8a61cc37b5071f450	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c40000000002000000000010660000000100002000000070125fc627482912221f0b1fdec3e524f008ec33d73be25803113ff5da7a2e96000000000e800000000200002000000073334a91a4bb28507c916ddd1e5e583c5a93e1959d784e884ad52c8823f09aa620000000ae2d1281025b3e06f2acb9de52fa5f09084a7663df4f05fc13a2bd5c4d49e4bb40000000a5bb2663ed993e3ff23da96e859adc1d50300a8a86229149ca1912d325c6002986cfed01148b5165f8cc2f99872992cb4e0bcfd4f2d1a6d38741cd9ed56a371e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{252250B1-8A2D-11EF-99F4-E699F793024F} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "435073065"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1680	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1680	iexplore.exe
1680	iexplore.exe
832	IEXPLORE.EXE
832	IEXPLORE.EXE
832	IEXPLORE.EXE
832	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1680 wrote to memory of 832	1680	iexplore.exe	31
PID 1680 wrote to memory of 832	1680	iexplore.exe	31
PID 1680 wrote to memory of 832	1680	iexplore.exe	31
PID 1680 wrote to memory of 832	1680	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\427c89dc7162156250ea190b32521a6b_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1680
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:832

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d517728fd07d7fa23cf1b00135b51998

SHA1
185b7702a9ceb092f5a9b054f230fc2aff18d8ee

SHA256
a569a2850bed594b10798cace3a74e3d542a7814aff520606d524395bfe6b14d

SHA512
314a90ea67acbf966b27a9f61acdb2b2d9b1d533ba96abd7c51f86b405ae725f1db1e85ca2c5a0bf0a8ea8759a1857f252616cae952e00a600df1782d35e112c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc9a39089598a6c87b0dcd8353cd1ef3

SHA1
39140962a07d7170f71f7294ee7df90946754bf7

SHA256
918543ebdef70c606e07f1ab59c97a5348489a92e6bdb9ca4709f5824ac29ada

SHA512
2a81b3127967d35d937ed4b67a8a236a9bfa18688641705ed349f5f4e3d70fe283196d647f1e5aaa246ef0ba1e1a297135d6b6379798293082aa331be82ac896

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1329d416f1b5da02700acf3adbde10f3

SHA1
4dbf4fc8dfe894bdf1776f3926f3c2796447e9a8

SHA256
9f9eb162fa2e5425279d67f744564267c52252789b0785a4446781292ced78a5

SHA512
355fb6fe87b581ba2a4e481e41e6677e960894e48464218fce02ab170c768a90c726dfad165848e769c59f5c6894a6452a55e654fe6e95a4330ed6d7fff8cce5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
66b9cd8d8c361b8aad8445e61dbb2d4a

SHA1
bd74ce7a7d7c56df9518dca430f5d47f77d65d36

SHA256
ef428bc164fe41fe67fa69e8289d3f032259adc4572e1f46c04b23e650abfbed

SHA512
14f22200cb4e9feb3235fbce17e96dc8cc7fbc8f9ad7e29d84682544ff3b222825b87203a0d1affbd77961ab1798f7ed2513d5977fc29658910fb10b97c61dc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5431d317265d56a372ea9bf41b76c79b

SHA1
e62f16776344fb0f7257210f2f9f7a1ce1d90d3d

SHA256
d489918144b92aeb1431c1bbbc4bc40d9a5d06f3cfd969c129ec6434147bd5ed

SHA512
9adc439a0c7a4f66e428fc713745977c34a28a72cc368436a97467b3a179f493c834a06706ce1a2813d9869474968b4a686d82ddd82abf226401291a918813b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
728b820b11ddd7650f2acdcc9e64c68d

SHA1
336efc88017430a2dc498341c092eef81a39086a

SHA256
fb7b7342c6b89ea0b62f6ba5f6ae70a76201286c1873ca8c811280b7a39bc959

SHA512
993697bf1d8e0def3dd5af5d366cbad26efd31197cb8a55818c804324ff3c315fe10072f199ef602b381889b471431e35aac34af8496885862395335ed8cacc0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b846701af7ceb450f02e9eed86ea7db2

SHA1
a41613aeb74afd457617f9cb497b2cf5e2f913bc

SHA256
be8ef759e7d4671a947ef845adc1648c7467df25e67016b5e1201f285778a27e

SHA512
8ab7dcf106373d7182df53f8f44a03cef76af8bfd48261a15bc02d384e4f6d70fb35238fb181edc7103d0022ea78be9111e2e81fce5c8e98a9175c95aedb3d88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1d5310bed2a70488b3cfd33f1dab2c15

SHA1
c3847e1b15c5d95761b987879ae5a5a2a58b8c52

SHA256
92a0831c5e403cd117fffe1eabbc737a43b96e311a89abe8581e4ce9958b2532

SHA512
8fada145271b189ee1c0f45054ca2adb6a760b68ee2ada26c08728ef19fe7bf6e40909d578e17b1b83eeede2b2c31440f330e0f80f61c7089fe6ca8a6074dc75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a13e65c3b1254e14f73c3c3196aec9f4

SHA1
bb48a6e26a7afba32297cc0670c0b5ff6c848b6c

SHA256
4a8a38058d3b149e30f3d7998676e1d49e3ba970e2e30ba180625d1b8e8cfb94

SHA512
3c1156b17e49588e8ac9c3f1a5f5b43eca4902c0705e6530949f6f9dedecc318566461a1cbfb2f3b0b06c2535e2a4d2e5c99d6268d6e1822a013f8a290582767

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f726285ff9f95ac7fbc075a10f6546e8

SHA1
08ec2295d69a617f72f8a4507b84b14c91be05f0

SHA256
e730d98372e4339338f1b4b6db512efac13c2c218ae4f492237fc013e633362c

SHA512
d375433c54f6958022d52e9f55a72e0d9848bf675e92e91fd667dcb8138d5bd5562439cb072e840af7e2b0f2b95023d52789573c716143d37d867458b620a5fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
236819038c9236f6b8e5f84288af7958

SHA1
9341793d1693e12d388123f54d25a9d91ce1515a

SHA256
90609e73ebe3bc24ef8cba4bc8f3d80a9de91c1987ce39093fd0462da61be2ae

SHA512
fc754e36f090d4128178f039f3925e064c92593d64567c8cd43b8ee050fc26be99eaee09e85ca813bec410d9c5a120f29d1a38c76f492f10d60777ca8743ce81

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ec6195fc609a248d0dcd146ca7d14cc

SHA1
a242b44d305c5dd346a033cac58be1c4a19d240b

SHA256
05dbe35a7f71e806457e0edf8516aaa1df495cd7e7cb2ee525d991d6070764f3

SHA512
f03ec937dffe3fa2878978262fdeb4c62f7640c9dbcf28f5109944f51ab060194cc49ddf5de6a57ca6644123669ff5dea39c845a82c7be62ed9aa7aaa9cb5ac5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ee0d79ba9d8d64d53df34b734728927

SHA1
6f16ab5a0c79ff1628922f89b2b0d6a7b54c3e71

SHA256
42ae2d5a3841f349d96ca9490950c8fce364cd52d15d58b5cbadaaefac7a6d67

SHA512
2088e6524ff8d2cb6ebc2d20c388d4426ac724bf8d1db958c13360349eca5b75a07ecc50c4e7aee6bf71d5f41360541b3a30fc352b900ea2f9364d8b5fba309c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
babf396c7679c0f35f2b54620879dfe4

SHA1
1937f20578a5e58574f364653f46feae5fb781c4

SHA256
c31eae327c540a68dd1bbafc8e912a81b26f0663e3494d19a918e2c702db44cb

SHA512
fb75b5cf07b99f3428444d50d19f47b593de98dad44f22c8324e5de596809d5f11763c38051af91c6a067ed8a3cfe931dca6797bf352ea0aa16b7a45d4dcf93c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d3be547f233e442d8270e683b0941cb

SHA1
5faf39d71be23cbc1ebc21a9507569afd1cc0b20

SHA256
aa1fef66a798a33b95e26eb27ebf860f4b01c0598ecf2c87d188a94d2b5b7886

SHA512
8bcc48a8b23245e9692872c7905003da2e58181d1833a6ab4fe3f929cb7f9f7ff858332a0592b3827c48c9f91fb7658fbbba58722c52ffead8599d3e646afb02

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0d5d690bb0466ce63f013dd08a1c4ab

SHA1
f7e4e7134b0a40ed1a70ebd1959d17b03271b672

SHA256
87a880390bfc12baeb38f28fee77a1d741f2168c76ff7979f146c33515a56c2f

SHA512
55de5d93c2a043213f39f7317de03c90cf688f0dd4ead1dee67568849a4015d8996b0d5c658e461183c8c958be41911ee8629edb2cd91c6440281210e37c8837

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6656c147985f7db1c2d13e2157f14d08

SHA1
3db23e7b2fd2ba15778d3a6ad0c8eb3fe056976b

SHA256
19d5741a59f0945383c83b3b534f53503d7176f2c2ffc95110a3e22824e64d60

SHA512
a99b7d0b85022fbc7dec2469e89869c6b9d6d3209d2d8752a27fce43705d4f112f5be8828b32a4963f24b09fdce2af77a1049fcbafd0c50fc9790f7f1fb67a92

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabFE4F.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFEB0.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit