9aa31e084b70af96210b2948fbb290e33d478497ac2509a7d62d5e5adcc1bd26

Analysis

max time kernel
120s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
18/10/2024, 10:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

56fd956c16078f9d0827893ec22be592_JaffaCakes118.html
Size

11KB
MD5

56fd956c16078f9d0827893ec22be592
SHA1

444aa1c113f5e45d6ca90e3a539e29dee40ab58f
SHA256

9aa31e084b70af96210b2948fbb290e33d478497ac2509a7d62d5e5adcc1bd26
SHA512

71ea4e5f1da4534d2e0e6d835fe58fff551567809cb3f83dc106308636c9af20ef99fff4c858baa67d909cbfb1378305a9d3432c3ee71accc4f64de2539042aa
SSDEEP

96:uzVs+ux7WLLLY1k9o84d12ef7CSTUVGT/kG5pJ47XTu8BdF1lxw7XLjlVHcEZ7r+:csz7WLAYS/cSJuXTBPyXLjPHb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc50000000000200000000001066000000010000200000001c05c3c1f4416dacd9686be4c673672263ac60137f41ac42eb9a9e9f7fa92403000000000e80000000020000200000009c1beb6191f0f363dd4f113e2e001f67fda0a732f43f7c091ec355026568261690000000f3b93b2e48a9acd00c46ba4bd0fa80c7008a7bb313d933aeaea79516641fcea7cc41839b8511f06c5cd75492007b75556f8aeeb4852b087e45b1cf1db150006dbfa12c1662276f7a547ec9974de39a64aae514bf669f9efc651068fb5bed40558f4ae80da4e8eb1664159a3b25847862a115408ecba5490c13e14ebf909e3f81581278edef682ee2f2ce8c9283ecca3640000000d5261f3cd0d82d57d55e52fc5495b12d304a32b8611c3d0e257de43ff1f8a687ba9a69b16020cb45bb201190f607a185f875e53f16b74fc5b7133a89ace55be3	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc500000000002000000000010660000000100002000000071b354b14b21a6ac2b174e6db603d62d0c7ddd2db105dce978538c116ab6ffb7000000000e8000000002000020000000b8e7e0d97df1a1b9b7365ca0b4b9e7af627ba9a9fb54fb2c6422cb5050dbf48d20000000a9e351cd386ef4459f4229e0f0031813cee2147bb4a39f0dee134c6a3cea9e9c4000000051db362c103e833c3300849d7b3b55a8db390f5df6d3280d17c84fe3f700757ea19e70cefc6857308ff89c3e0ea1ec2ae5de1c7bbbc0bccee92383a47e398cfc	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "435410032"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d02e4a8c4a21db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B517EBE1-8D3D-11EF-AD2E-6E295C7D81A3} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2424	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2424	iexplore.exe
2424	iexplore.exe
2432	IEXPLORE.EXE
2432	IEXPLORE.EXE
2432	IEXPLORE.EXE
2432	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2424 wrote to memory of 2432	2424	iexplore.exe	30
PID 2424 wrote to memory of 2432	2424	iexplore.exe	30
PID 2424 wrote to memory of 2432	2424	iexplore.exe	30
PID 2424 wrote to memory of 2432	2424	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\56fd956c16078f9d0827893ec22be592_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2424
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2432

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
57abc17437d78586fdbc23fa6d989f85

SHA1
12aec0d749119cb3edb881945ddb8e1e89d78462

SHA256
943f4659b078ac9c44a19e028c98604ca9dfee63be044d6573b14fd9273cc255

SHA512
6afaeb7d7abc68f2d2879e98ae2cab9522b6789258cfe83487f87b62577c9e90e90627cb1166b0e155633b6f3452a4840da743816b9f999c3f0564b348df6737

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e47a527e4236d101c732d2c33754f483

SHA1
121da7da495232ae2e312123698e23dffe80eae0

SHA256
3722aa78d47d02e6c38dc058179e4a36f9ede609fdf99caf4f8c6315478be35c

SHA512
d60506d2c7b953c10f57b813af24040ca4ba5174800c333026c4b24fb781a35f80b52c0f41ddb41badbedeca3fae1cc6ff5e7de2a81cd0320f3e331c8a38d8a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dae267eaa90b284fffc11270fdc1b5e8

SHA1
4d4f4da5206d4e3ad1dc98870c7185701321b420

SHA256
8b5fd6eb6d03626ba431243c14cad9c01eb0bf2b4fdc2234445e2a2c68836988

SHA512
ea473afe308837eb737a5b025ff04f606ad66dc818b764c885d28eedb24f3886cec2d1ceacbfc7448817312c8f933454129e7fa5e3425d1c94b75d03f38b22ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca1f34e6b4b9cbbab619cb5683ee964c

SHA1
6d7f60e37d0f3abc74dcd8f78f2383f2e17024ff

SHA256
90fa963a5a5e681c4fb9f8f952cc30be31c8e9eb1f6121e1a1b0179f078a42e1

SHA512
601db6a83336d6a2b7c0d77c60afba669497bcfac2455fd59ae726dea0a7b80526c472b69aaafbceb56dd63ae5271ed505112f22b8a9866f5aebd13f8a54799a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
177e9c43cab543fae7f32f065354f53c

SHA1
da0d012a181ddb5e012707b3cc0c9d0e7c519cab

SHA256
71d9d7380723ec4a3aa4dd94a80f1e2728164626519fe9eeb8b01382776e8b41

SHA512
50a88cefbfc48b18e72c5a8874848ad6e295cd79e3dcb717b348920b604cc0c32c7482338d42ce639e12c6e85109b3808c2ec54434446125f0571562ee4b8547

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17d86536d5af39b589cc871fe2cab3e5

SHA1
2723862c1ffbc7e4640d33360fb97a9770dee921

SHA256
84a7b4ae9303484065f894f68d7044e6fa79ce83a0abfd9c9e3083ddfd602072

SHA512
18c339a714bca8e303dce7abe0a23ce7523b6a96dfd5ddf3e10647ca4597ea33a3bb0fea3d70a095cf56e6c9cf3fd48eff5f9d996cd3b06bcbd4541a787e5a35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
640ce80659cc272cdfc545fc68385c89

SHA1
1e29b65d61d207e76114f19b9aff274a1b0ae2c9

SHA256
b8843d19df25a0c51288f3329cd06d83f11baa476fc6d419cefe0edc189756c1

SHA512
7f791ed6c185d3d73344df3590f7022affb026e70f80811b6f93c440c7e2e9c2e2f5a906c3fab4547e6af6614c2ac1cdeab0be8428ab1becee0be406ecf2e909

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4c9b818f5644661cf8c3516b6f45cdb4

SHA1
fb337a200a752fe4a2e9d74098873c2f03874ee0

SHA256
c10b91845cbf560798f3c3b614d5d13952e1c8528ca4964e16c613fdb1b7c80d

SHA512
72a73826a503bfaea1afd645d5ad3744113df14217cbe9ca4d881ae46ce4cddfd5f7b8e08e68e2c05257660f2261db68ba949aa39ed4b03291f22d14457cddc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
136a729bd451535d567aaf422f5e096a

SHA1
456434e76abe81b5cacbb9423533a3b602fce77f

SHA256
48947ec61275e811f1de757e8db3e65a03da74da96cd9c1173bbd3f49262510c

SHA512
fe008322a1d543238dcd1c1582ac93d50312dda1a34e0ad052b79960f9c43797851de430763eea1ca42813835a90f263455065785824bca94691cf3bcac6573a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
93bdd83dc63ca9f0fed8a0bf9e491919

SHA1
21f4d8650bc4a1b0dc202f252ba24e7ab88400a2

SHA256
716120863ef70aae419d3d663ac65b7ec0b208a154ed6aa5ad14dc463793d90c

SHA512
3bea48400a2d51ecd063d9d37cecb43efb9ac1b7ef512c2bfc00f38700adee93fd1a8a77e7df0eb50cbc1ec65ba63c1fb177a997d47373358e41674a4918416d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2650ebd2cb82f5277f58763f1d68b51a

SHA1
4820b809955b6b1179c3ca85d3bd0e32ddc2c702

SHA256
e1b6c9e9ff8de19474d1e11cb31335fc80622655ed7279790801d3d316287ee9

SHA512
c41d7ee47bad5d47314fe6c736fd5aee94bd67775dcfd2129c2962375153fc362a352e41c2f42c5ce4359e534e411425f8b482513f6c163b5cb5ecb5e54f9349

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
203d54da9def355ce4bda3359d014c80

SHA1
f1454efda24795827cb0dd9f0ba900b1ba52a9fd

SHA256
c6699b6d5a5180d83202dbaf9c0c79285c2b60875a9517b97a5bf0f592e6f7cc

SHA512
288a788ab34d92842733b5dcbf7334c8e1fc4288e8d9827e518f4a9d233096402bf6d16248d934d443b8bcf297e01405f66242682ec556044a5059bc124452c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e5e361c88d34c7b99e214d711bff9710

SHA1
4b29f080d9bb2c55cfe13eedbfa92d9ed6c15821

SHA256
85be5ebde6b558c4a224c0098ceed7dd6417d47b78179891c6408701f09de22c

SHA512
7e64309e6446917c2867c403d368aa9136be92161b53922fea5fbb3fbbff8b5a77c4cb6a517e7f1b6cc174d321d8a52711fd9b1d7a3691b61ca3cb970f3db7ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8f4026e4ce44ce4f29b1932d94df8508

SHA1
5c66f829fb06f5e68254ac7fbcce15825ce34cbd

SHA256
b533ea85914eb121a95d41cf306627ba7283e3fec08d5f5702ce9309178e7fc8

SHA512
eda74a3ad5cd0740af52fef2859f3dfe3ec83925b6ffcaca5a88a89b503b11e08fce1709ff51ed8e0afd6c13b63e58dc8e1738c61102034e9dcefe930869436a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc485fb2b56dcc4718837044e423d9cf

SHA1
e6cdff0b065136b5545f864354d0b68d16ee110a

SHA256
215d5a572e4252c59d3e3c3b73461d8c151d277e68f8fd64b9e3f1e51a8b09ab

SHA512
cefd1173a6d8dd22a60bec51e3330f6497300f563313b1c1a8467804b6cd63ab4cd7b552136e9e4accee1458e4f45208d371978ea18097aa3e91327f899095fa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3fb4663cbedd392df5911505c006741a

SHA1
bf332a898c3e2c41285c70e1c3841fd48f7a94cd

SHA256
0bab71f615d762e71b76b90433bce5ca8717c9b856b8a461f9a34dd71066e775

SHA512
afed71ef8bc9c488a3e2fcfdff00d27dad42aa6ce1f1bce48a41d6c6322664d3450e4a236166fe35847ef0548ab23d022c5913cfed3ca25028e6ded94763c6a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1478f702c8af3f4db4d2efd9fb1b8319

SHA1
0d8ea7e36a7b1dee3231bcd756cbc06756793d13

SHA256
27f574d2df2220597765020fafd5acf0a77cd47a3b408815bff695bf9918cb44

SHA512
971e4597ef379103230ca302db0820826e2392adaebfd9af809df978ab081d34d83a955b078f67ffff8fda620cdeb32184d44692e462b01ec473d3783a9d5a78

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabECA1.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarED42.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit