cd1d713b739735c8239b0c441ad60669aeb770e336d5f3d3c27363b3c2d6a0d7

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 02:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_0a612ae70a94f23d4ab5fc01d52fc920.html
Size

28KB
MD5

0a612ae70a94f23d4ab5fc01d52fc920
SHA1

18f08d6c473ff7b9838ef4c92aeaf06fa6a8501f
SHA256

cd1d713b739735c8239b0c441ad60669aeb770e336d5f3d3c27363b3c2d6a0d7
SHA512

bd81cf04134a3b0816318c8ac3a914adfe70e8be78c11b19972c66e1b6ce5f143e45358943ea7a61c4da35cc167c56d045ea5118278d346fe46cebac176a1d7d
SSDEEP

768:PtZRsV2+63kPENbAJZYDN4n+Gy1JlwswWuR:1ZRsV2+63k8FAJyN4nB

Score

5^/10

paypal discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand PAYPAL.
phishing paypal
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
2108	msedge.exe
2108	msedge.exe
3452	identity_helper.exe
3452	identity_helper.exe
4828	msedge.exe
4828	msedge.exe
4828	msedge.exe
4828	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe
2108	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2108 wrote to memory of 624	2108	msedge.exe	83
PID 2108 wrote to memory of 624	2108	msedge.exe	83
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 60	2108	msedge.exe	84
PID 2108 wrote to memory of 116	2108	msedge.exe	85
PID 2108 wrote to memory of 116	2108	msedge.exe	85
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86
PID 2108 wrote to memory of 3324	2108	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_0a612ae70a94f23d4ab5fc01d52fc920.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5f3146f8,0x7ffc5f314708,0x7ffc5f314718
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:3324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 /prefetch:8
  2⤵
  PID:2704
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,5714641054089161085,238606393048226801,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4760 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4864

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
897B

MD5
44f0bb9210b535f5e926938f4b4c7aeb

SHA1
90d6a8cb2e4ad8ee92cb982f397c8c5dfc455db4

SHA256
432ef1763fcbea80527bae44fdeb0e5931607b7d2452f466428121fc8015268c

SHA512
87d9b8f34de9ca9382922c2fa4730002069d5a37bc4fe683042b1aff2a512cc613a37fbb304637e745deac1de100d9636a52dda0d04192b64b8529e869daa9d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
866B

MD5
7d141ecb13f3ffc08cb897bfd60fbd6d

SHA1
c532a5d8cd03f83c38ac0e0a803c15afbd43813a

SHA256
d9a008576880d08046a6c65bdab98172936b9b03a793ae71a8b93dab4c7a5b4c

SHA512
e188ce4ad6967ab2cc385e0dcd509137287ee0361ed3e7775faad4a28ed45b52a77c1457d185dec7b32d796a2aab40c843ddf350bb1ff20d278598a78bb7a64f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
33e8de05e3b9f88eb21b4def29a5a7d8

SHA1
97cf4aabf1ce7d2e54d8d4d927bba80aa4bbc6d0

SHA256
02edb1b42c406223cbe9e5a214c64a4e49d88433e3f0c47eaff0a4ac5a4d5b6c

SHA512
420bc3be05974f371f4f707f596607901671d8ee5664fee842344b2ec74e2b8f5dcb48486ecaf5ae1eef2e4cc0bf24b2e2648566b2e071b9775aa3c39ed76cb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
204B

MD5
986957e80bb36edba893275b19c40117

SHA1
2d62e605b1a2743c34e97347e2ef8333733530f2

SHA256
5943ad928f15a654bbadef0a09c0ed948c4b8e0fad701fb4098e5d073a218f48

SHA512
2b000457d8cd2a34820daa4564ebd1c777e4bc58e023a152ff810ed5156340ff4c5a21e0cfd67c789fec72691698b813820269f853976850572ff9dcbecfdf67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586731.TMP

Filesize
204B

MD5
6bc4a2f228c0a43c76790ea329fb2cd0

SHA1
9149219e69cb036ad213913d8db41e846b01bc19

SHA256
41f53810f4ec9671841dc01d2551f9343b2f5d37728a63561366657f16d18ad0

SHA512
6f012c6b0933e24edd674d82fb81bde3b0dcdcef4e2b5b263cea3fecfdb87d1852dcce562ff911ebde3c8e83524b3332ac8f7b699cbe26811d0999f7b4ad3e40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cd082f27-19d6-4ba5-94c1-a08a2e7cf0ec.tmp

Filesize
6KB

MD5
ed3b7d9c85294b665bf76b4ddff31196

SHA1
5eeca3afc5b16609b1f866702e49d36a087599de

SHA256
370fbe8c320e0d271b9e0acb82dfce32c408b096bfcbd139af20e4cfdd4ebef5

SHA512
40543e66d711cb0837ec2618fa971f094e7d2558706abc5fd824f4fdf94daf08cb504928c2192a77010a8f89993b2f41efa10c887ab61a9c5a33dd7174b07dca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ff382814-0fb3-4984-8e7d-aee33b82664d.tmp

Filesize
6KB

MD5
0d43e12c36b513e6230f692e72106d47

SHA1
14c94c926fac650f257802f9118551122816d5a7

SHA256
d671563f052ef5bcbd1b463254a4ef6c237b1f26ebb6936a557fa21e71390852

SHA512
51efc0f70fa4db0fa90b4e7d3ec059d27f85838c3fac4fa75dc7f178e66cee196b431540c8b155aeab4faa08e91037778c1dd69eb0220f198ed132f874c88680

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5958988afcc8c65a8d8289d6c2d7401c

SHA1
484181c7691e24228d38bc3ea3cd9a28285ca192

SHA256
e0a661951f30a2495e57ea85b853358d52ac55bcc93957cbbb6ad8d8ac152e40

SHA512
3603a0f80bb442fd7703b2bf67cb6bd8803974c7a68be3a6dd85a766d423d85e7176e5ad339464c3a3752f478d0125dc31ba75bd7d106c1f04e6ae9ef7c1b03f

Download Submit