d04e148098a6cb588e8dc3cde0f9c03eee615355094a9d17353624b32f1fde2b

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
17/10/2024, 23:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

543d85ab0353fc23787e3d33596d7399_JaffaCakes118.html
Size

18KB
MD5

543d85ab0353fc23787e3d33596d7399
SHA1

03b4a3e297a76c81de321150f612ce7358697dee
SHA256

d04e148098a6cb588e8dc3cde0f9c03eee615355094a9d17353624b32f1fde2b
SHA512

40d06e9f8e81ecaeb8978d41e890c714df0690d2b770008a42d7c70b45f6d46a26a91779b4a2fa4bd1d730fc53d86f2beaed6775b40b3417129ecd37aa7127c9
SSDEEP

192:uunChEsbbTHgKCODJyjXIRKDvo/nymbinQDsd004aUulSbv0KrZ5:bnC6sbbTHg8DUFIinQDsd004aUcS7f/

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c4000000000200000000001066000000010000200000004d438cdf9a8ed3328dad241045e85ab20b1ca4b169128c6585bc732ce37d1e7f000000000e800000000200002000000096dd1b4fc99d2ce3d1ad03dc9584776917a4c75f7e8a2be813d5f5b823d5e22d900000000b853233e5aa7ce19d9402275158912961517d650f3df74d9a1194313acf4a0442c6799b9623346d40af59b19cfa71fee4ca686b0252dbfeb121cbcea26d912decfafc3b2f3f05764f8031a308708911ff8901d43f2b23692dde593ff30cf57a20fe683042b5069ac85482354c0f5466d969dd359373e857994e0deba07175c008eeed2a106512fb85d87606f990c9a24000000021a91b37a6e6d9543ec6a497add871533825b066b4562b4d044c85af53e7a0c77141d51d9dc123fd9b409b3cb9d2afad6abfb82d0286036499afafacc8681230	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "435369843"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{233E7751-8CE0-11EF-B9F2-E62D5E492327} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c40000000002000000000010660000000100002000000046a3384796334de3fe9bf4484231d573e12891ad5bbfa8e395f1a76f49e92def000000000e8000000002000020000000ef30b4e9669978593625dc50969e6a0ec3c560efe70b96c9e3dddd755266a5b62000000077ae64299d10636dad30141bf930c690df6470dac15aa7fb46e6c423f976db974000000009409d4896cdd6f0fe14056f40b020f3ec6dc7439d2e8fa139d291d264e9a52297f4a3043b40f85ea87656daa2729c4a7fe2d2811cde1b5f993f600aee8e2c5f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 304e43f9ec20db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
860	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
860	iexplore.exe
860	iexplore.exe
2420	IEXPLORE.EXE
2420	IEXPLORE.EXE
2420	IEXPLORE.EXE
2420	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 860 wrote to memory of 2420	860	iexplore.exe	30
PID 860 wrote to memory of 2420	860	iexplore.exe	30
PID 860 wrote to memory of 2420	860	iexplore.exe	30
PID 860 wrote to memory of 2420	860	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\543d85ab0353fc23787e3d33596d7399_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:860
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:860 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2420

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d96f8da8faec89e4931b8380457a36d1

SHA1
20c71b0559e9ff43983253e4e6f7e80cb26ff112

SHA256
2ee0392cb7334f744b88bb3ad89244a22fb09ff7e01e90c4fe305a97f81efba0

SHA512
0e353f4242287a3fdacc9a3a52ffd1ac1ab2340838e7c58e6c516f09780280fa7d9885606b44a699a69f26f801521db56c95ec618a71ccb414a3819414211830

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2f85908e7d3a90067c610e1d4f6cc9c

SHA1
46ce8e31b3b5c51bf3d83007756fab079e049f1f

SHA256
7dfb5a3844c90574ce2ee5e8403863546aee5c6b63caa13200797806b6190e2f

SHA512
74f4a4aa82081c19bc0d3df3e32a3b767e4d3c49786d83e7b8d3cdf207ef6a07ce5ddc2e4f6c2a70f3426acc29fa9d17634b2b60dbcbd7dde83239b4c0fb451c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f8564dc3327b04b53dfe37ed3b70a8d3

SHA1
6bce00c7ffcaec454aef9168d5758813c6c7aeac

SHA256
04393455c058edc4442f5febb4ffbd9b6de3d36678c2870a4463a2c959fa2018

SHA512
e71632927635b332c668ce410e36515c540072a9d112fa46227b8e34f6415efcf3855ad0eeb2c39f1efe57c9b4f8a19428b2997189cd479bb0b5ac1daf5a2929

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2ce5a4fc26abe710109d9225f8274a41

SHA1
c93305014172e28dba3dbb2017cb4cf82eb3eeb9

SHA256
dda130d6399d973d21f2942730e1dd8c544f4d40cd0060c929e04a3987ab7717

SHA512
09cc4506bb50e3637142f4f600223e84cdbfee81e4d3e2362ad208698aa5244b5da33b1370dfbd506454e4fc644d01d4809a88502cb3ae1456656e3eeda6a877

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fcaed45b7db8dc4a5aa3eb4d02e13382

SHA1
505d5c8d1018d17690c4d3990b1ff020d61892e2

SHA256
5c645850fd68ffc8ea02ea25f903b471781757ae10e1936abe7b48020929f629

SHA512
4430a6b69664858ed8fa954676a784b84aa0dda88945bf66947c8b5cbc6c1dde9fa0467b3283e2032c7ce8577445c0b1749b2bd4c2b462260e1b511d00ad29ed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c94dcdc81df601d1ba6ef57024e3a838

SHA1
600eb6688f9b638a36f1f90798b2e2953b865b30

SHA256
ad6c0595081d92ab0b36774957109028935e557a850b589aa46c13b98cc6105b

SHA512
109c45544ad18f261f351376e488c169327c849fbfd5f54c9c4cf3b4b643241b52a9340c59f3425936582beb698a73e155e8ffa98b1a985b38d29666acf7d27e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cf8b9238083f77bd1b771353b84cb4db

SHA1
11a9559da22df5ef93c1882833fce7a67703745e

SHA256
5043faa9d8f3b2932da0b7441b45db9e42c31048930441b88695b239558a2fa0

SHA512
b5c5452b20caa9e0bf3eae169d542d3cfb7d472db9c2003ce9d3f3a7c8c74cde504b7cc006b123908f16a182a054a072cfeffe0d698cdfe422c5346e73931076

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08978104ea53cee96be84251d0e33bd0

SHA1
882597a649e8c458a08469ef54410dc61c8573d1

SHA256
f5f8e266b66e12b12d8e6b34ab86c39e9ca9c2ffd168b54c29a863ffc11ed2ea

SHA512
6917186a926190c29712e409ae5d1c0dfab445cab5855363fca6f57123bfa9ee8f1aa396fd1036f136e9cacf64eda40906c74cd134aed8142bcda5a415726d33

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a6275c70e9ed7d0ea35b71bb2f7f2b88

SHA1
f7b2531bfd022b1db94674bb036a9b7053426fe6

SHA256
8e895b7037c39c2e082a7118b25bee00c0830d5e10f09f9f211a2695bb02bd6e

SHA512
76376a6f98879a526d31c3faa79a0c5e15e2b64195c5de41e98a20d72d82bd1bbcd10a3a266067b5218aab619a6afc7b23e3d2b2fbefd18e7753f152256957f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45c035908b69bd9093098d746d225531

SHA1
60de59c426a40670f0f2d7387b8d9da53428e637

SHA256
2d0c17faffc80325bf30baae3bdeeb09b777594a3f6956da27466c8aad0d8558

SHA512
4a3d82a2b639840f966dd443b737a8eb3b9a4dc3f41c8673de071f21b58564595af67f55a37e5867eace0578958fce0518395d0abc85f9853fd3554a4ad7fbbe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c54042202b1423b7b419c14659e1d1df

SHA1
7360368bbcc64037205a8fa074cd91170330046d

SHA256
4dcae77d34c86bb0d0502f7953ed6fc4ee149818dca350045dac569cde66a19e

SHA512
5aa660aba63f1fdc0f26f1398d75afc4d9399630c162930a8fa09163b994ae7ab0e7b2c630de61116c1c01be739303a2b62ae3d1e3b53a13890b6f9f218796bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b7e1cb3ee1508f398741a5185f452dd

SHA1
ccf3b31f16a47b6c7c2e65d8300863cc915feca9

SHA256
2b19bee83ac22c2ba292620fddb5d0d9852da0d5b2a5ea6aa341d16c1e978fa2

SHA512
571289072da53bfb7b3fc13e6a7e2a29bfe2a46c790cca78808c0fe23110eef85510249ba3efa8be6055d37249a458ecfc3bf5dfd10a388bb8465f39d64658ed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e60f2572a879166bdab1c1ca5a5b3743

SHA1
e0e95e19e1b79c04ed46acd0a3ff3959aa040292

SHA256
e245790127e4e343b8fbf6180d2733b962093e8831038e51c6200b700eb8d62f

SHA512
0a15cbce6617fcc19c3bcf0883caf0537af1c299f212eb0642a02fe5237eb99581e6f72338c8ab869ea6f7f1c60ed63a348894e2391dfc9c96abf2344bf94cc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b1050dfc65876a8d9080b6c5855c8a2

SHA1
033afc728883bf16874e5c693b1b9b693f720dcd

SHA256
6e3da9556e2f02e24a29875e47a6413f1ae605ce1643836a53437e652a43a99b

SHA512
78739f7c263bd8820b57ed0ff564f90e33ce6c4425b02ba6cb351dc18e9fd6d9fcd1374017fe9562736426384708181f7117f728b167b9decbbd66cc5fdae903

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0535cc917c341eec2ac0d1e6e95df3df

SHA1
4c6bea47a7069d179918c47fdc07ce6788017e0a

SHA256
645a74f05fe654a9f33f6cf3ed42f12a7cd3d2882e28eb54a9897ef1f5cb3b1f

SHA512
e455367e8bef6651d732370e6f49ad443455ba42035989687a2c951453e21b396d031be74e05391bc71f67346888e5d27377202f257fa719a014f4f70d943bcf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d7d401d007e6991f6965547be798409

SHA1
3ce8a66e3db726d04b0e4388da6facef13181949

SHA256
443006f043e0e2ce6f5b047ac6d5e33c4d003be674b8a1b34433a826bc4c3798

SHA512
ca27606f2fd2a88f49fcd9b1550e7833df5e1ba3d3803bd6e70e513c56e80af606611e60b20619de29dc6e17c0caa858eb8434e2385af60847b1431898b1dab0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d9242e5f86824650f754437ebf185a1a

SHA1
49f1791fca7314f2bd7f4b42dc81763e94413e8e

SHA256
2009cc6df6cc902e111f2d7929433063b018444d93ca4bb910070f335e014016

SHA512
3c9131f75d7b5027fb1bc7f0acecd6e1edaceca6f8dfd1f95a293c3d885d9980609c87849c3b468959c17a920db8d83fdf4baa6041f8ef874b6b60dff534321d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9856abb29d61f547c9c980529c077153

SHA1
8bc27272185c368b919e7229a3465abea91746b3

SHA256
f72079c2a66cd67ced3cb8a2047ed27d7b3c8c7c558a20b52cf32984b4b815a3

SHA512
8d662cdbe95eb3b735059e99b46653ce7007d69d1dfb91b885cf1d04952e10ed67fc5d8f3cb4354d08e294c1d25bd2387b5267b31d42a709a0b9a4617aaff27b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB230.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarB293.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit