b1cbf2665173f69437439cd28869cabfceb27bae5f813173c3a9a4365caa9155

Analysis

max time kernel
134s
max time network
128s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
15-10-2024 04:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

45d9b43220cb80ab693354eb1406d784_JaffaCakes118.html
Size

97KB
MD5

45d9b43220cb80ab693354eb1406d784
SHA1

d3532a7b08834d5ceae78b8f38d4bc8ccd50e33e
SHA256

b1cbf2665173f69437439cd28869cabfceb27bae5f813173c3a9a4365caa9155
SHA512

4572b9702956ebfb6a70502c93838caabc7b3514a58cd991bef395df051942006c67905bb269edc44d1823d1c5487b5b7289dc5aaf5c1080e2bcdb14df3ea99a
SSDEEP

1536:01Mizi/FLLlGQBUSRQl4p47LQyGPfLFoy9MTZlwBdkrY8mgHC+qpEyfn:02iUswBdkrY8mgHC+qpEyfn

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50eb311dbb1edb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "435128522"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001f44133e2acfb04b9fe77fe5b5aabda900000000020000000000106600000001000020000000d941c107c31bb7e5eaf83d905e014b0638447fc6565fa9b701364e7b456e241f000000000e8000000002000020000000588c5c64cab777706e496397a5ad35fa27244fb46258dc4fbd566273314fdc57900000004c147d4325da0ebd1e8bb20c5c069422a078438b34d8e5965610ad91b4199ff89d765bba139f72191877f5b4c90861158c464c292a9644974c08e470b2d0f59168c5fb0bddb7cfb1f2af98115cae28c1e7fc9aa58cc90a8c7abe63b1bb252eca5fde5ab695225bfe4937ad1e35c909a58634e61199aaa1d7f5e7613f375e3330bc7d85e51681d9b4a8b50b22a2c6850340000000f6962f809abfee6ccea754f613bdd79e7a343e8aa6e6f524a6ab25be8b1ad0b0074eba084cc48ed710419f95e8fe2ceb6cd3a2dbbbee93af5b209041a772b1b5	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{441AF271-8AAE-11EF-BCE0-DECC44E0FF92} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001f44133e2acfb04b9fe77fe5b5aabda900000000020000000000106600000001000020000000a10fd8bd211a73a074ef0cc9afb96a89993e3a2bc368a65ec23a993e215d7cdb000000000e80000000020000200000007d5b9c3ac031844fd5df32e79223900b4c8dd1aa602d892407e88a558075b6ff2000000039beb12881d32df3c22a38e6dbb47f0d0a9b8a7c4c336c97b28434f9f7b2870540000000bfe108a9797f63c7b7d8f8327f5dfed913fe67c2233d63e8a4599a4b8ed4658814398de46df0704533af2a84925af128f8d2340a0924085574a2733dcda6c4d8	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2140	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2140	iexplore.exe
2140	iexplore.exe
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 3020	2140	iexplore.exe	30
PID 2140 wrote to memory of 3020	2140	iexplore.exe	30
PID 2140 wrote to memory of 3020	2140	iexplore.exe	30
PID 2140 wrote to memory of 3020	2140	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\45d9b43220cb80ab693354eb1406d784_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cfafa2afe8d64784f190b217d5bf3215

SHA1
9c27f93378d1729dc2d65b620d50316fb7b39227

SHA256
b8c9dc178bbadc0633679534526cc37d14fc68fd40a19974b183189488070405

SHA512
e71a8d23d9a22ff3b7db5c0953d8909fbafdd3f8f38268f41f8930ea7011b32664e590a223b315e909141dcf780c2bf3168734495d9e62d181b6184debc6449b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eeaf1d252d35cc2bfc1b25d478d08cab

SHA1
ffbedb7fca5f0900618fad9b54e0f5eb04374e2f

SHA256
90535660a860367a93253e5a16cbd1eee7607753b7f69c5384bd1ffa2ad17345

SHA512
fbf3511653622f704c7e1ad8d8ce830d1f52921a7cf1651022b513ba2e1f35578b7a439d6004fe42fbc7d356e48bef3f5d4463141718295655115e4d21cddb58

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17053d8209fb6c8b637710a3a771d915

SHA1
3cc45d09ac0f50c3db9de74e34f3c5d555522dbe

SHA256
d1e97f0e27ead55e4d31fcf8cde01c21184ba2526b3c11986ba95f208b43ff33

SHA512
7391dd800c1ea16bd9e3a5cc91bbbc9691aef7093421f51a21118e54fab24f02094b4f3b85314df88a01ad942f6e2bc8fe68c1aed7c63824cae8f512b3a7a4c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
15dde4ac18c83962afd572e506c3a401

SHA1
c941fed0f0146617a896b574e288993938ab658c

SHA256
8a8ee3991954796c6d844ab65515b32fac87cd9b6f76a4b899d2d2b1cbfe6042

SHA512
5c11d58175749e78ab33f7aafb586d536e50228f695330391848894177070417f58bbf81474c33056e6bca1886fb01399ead0beba0e3faa9288b82a25c13a703

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fda5e23ba0ca6875fe9a6b7f31d9edc7

SHA1
ff41218ea41b0d5d773c557e8af483b77e9cc432

SHA256
536a9983afdde0ef9113e92fed15934820e7085fb3b0d8d8970153e75fcfd591

SHA512
06f2df26c8f80d60c563a5441892b05f7458cd42b789278c9a9258497024526ebf4375d4cd64f87c77666bc976d0b334d943bb31e557eac2ab2609b1ef3820d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f00ba023389e7f97f0999718fe791d52

SHA1
e805afacaf7cf8b058b319accb037bbf2fc7db06

SHA256
72d769a302cfadb02effb73e250213ac5946f79fe3213b6f5a83f53b5f722798

SHA512
6be2ef09a01de202517d63df4ba0b44f518edca741f5b12f7ec9c03c494b7a7e5ba0f19a68c3adbcd610d0581e8d7ac93d1716f5eb7216d2b194c893f1e6a2e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
432dd4dc554294c02bbe7a22982059de

SHA1
c246748496edd61130824f71e0a834168776394a

SHA256
901d0af9b449aa67d9777ec968147ae39b0beff44643cbb12c9da8da36a6355e

SHA512
345b1bf81adc793e688801b9269fe8bbeb78659b5683354aa010fdac1030c549947b9c4c54216dc0941e224dd7cb94102a53d0837aa9cb6a202fb3a177f49ed3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0ebcc199067200484bb2285c27c206d5

SHA1
641583244fd93059445a669a55d8442c940472ee

SHA256
40ba09bf33b40299657610adfb1934b29bbe680784f0db2a54241c067acd3346

SHA512
c9250837ecc6aabf6bf51497fb20b2c9611df76f7acf973fcb1027307ff0e27ad199e2c91d8dbb853a632fdcabe9d514bca619ac432ce14fbe64394c970c53d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
60c768bf4d3ff43b6e97a6393a7e85f7

SHA1
5e77b4ebff7d6ff7a7c5fc6b74fa0163f9ff28ac

SHA256
41e52dc8975b4703e63444c8ce50335d77b27e011cd8868c1f6fbaf725176e98

SHA512
48fc28ec96b2916fbfba19f7f24a3c2b294a89dd9e72fce94fc24bf65abe588b7821832db630d85d15d38537e1ab544e8ee93550f93896c19fc8bb570cf15d2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5079c66e0fbb442196923600229ec72c

SHA1
6e014b0e31be41ea7bdca8c216259109cc71c7a5

SHA256
b459ad06f7b3eeffe52cdbc4cab8c2b34d02ff32c15b528fbcd65cb0f0782f26

SHA512
47cda6adf1620d3b8e97a1c0662fb783ce876756f0b06916f1ee318575ab82211f74ad5efd5a89b4d3f82f96db4229378d12570bb453722fc3cc5827badbad47

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8ebd603e64073472a501585905278d86

SHA1
35243c3787b61f0ca2330dc50c1a8cf9fdcbc560

SHA256
8482665dc5151505671f3a467b31766a66c6d7daeb1f7c15b4e06b2419ff41f9

SHA512
21aadd9079a7d7f924cabaf738ed0725a48706b9dcfded0dcf08e054d7e6dac33786bf7536496c5b30276ee6a424b3ffb1e454c6ee5f346e559806ee796b839d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67f842bc0ebbbc67287696b9319bd6e6

SHA1
2a16a92749d027d0df22f9332eaf445fe60e885e

SHA256
00a4718e247f7192815670994ae22bfc6df0a84dcbded074bb6280a2497e797d

SHA512
1ab83b2ef6c591e7ae12fa435d63587dbe866cf9b761e8a3fec2cefd5e5cedaf0eb6545644033dcbabd7b08b1e34149059d31056eafaf6b2a790d9d6bba5ed2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b251552c338781ddd17f6de08c26d2de

SHA1
b56fb9fc1b9b6b82425dfdef9021b817caadbbcf

SHA256
a2945d8a3622c3228a19eb14176fe8595d3a703e904d2f62c11c6f274e185eeb

SHA512
4b36d51b70778d0091adc9e49858e714fa19499c44ec7c0f555d05aa6ccc768ad8f651991cc3ad70143e3f97955c9548fe01327e9b6eedce7ab5d6e89695cc97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd1bba94cef176639e7bf861b46a522a

SHA1
84bbf38cbfc9a4cc1e608afc45116e9c06b7fd7d

SHA256
f38f732376a78cf62b0a98dc260c29ee195fa8ffc34290c0bd1659ea6ba68bca

SHA512
748482d2d6cd333ab89296bfcdf319445c523029e93c0cd44844b3fd6011d6ac47ef186c9707c77ec6e0bb18575df1f92b56074ab832070a6dc076d44aa20504

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c01c4e57824a1ee3c9ece6b818fd5c48

SHA1
0b536b517d7e6f8243acb5252dc8049fa338d58c

SHA256
6cfeb60bc6e1da5bb36dd20ccd09fa0ed65070f3d8cd4135ab32f6cce3326f3b

SHA512
e81407a5ab10a169daf67249949c7fb9e688fefe66ecb8f7e1d6d4ac711f6791cf1b617c2cac1565e23cf84b4b743752088c75aff1499ac2c8771c183e2ac8f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7fc76fa5209bcdeb60169c03893247a3

SHA1
1955ac6064cc1e5f9044e42bf6fc4893b1510360

SHA256
8d42e33a279a93c2ecb76f936f17963d15642e5388c27434f3a6a4467ebbb824

SHA512
e72c075f7d2d6e85a2173ac7980414b978a9fb8a3c9f85854f93f4caf104051c13d00fefcc5bc841ceecc29c5afdceca14734ea1ca24b0eef3113397d8e6835b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E1IWGZ4\jquery[1].htm

Filesize
162B

MD5
4f8e702cc244ec5d4de32740c0ecbd97

SHA1
3adb1f02d5b6054de0046e367c1d687b6cdf7aff

SHA256
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

SHA512
21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF2B9.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF36A.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit