a3e7f448b03220da6f42cbf97026d272ed80fd28fd90678e7bfedebb846cc85b

Analysis

max time kernel
119s
max time network
140s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
20-01-2025 09:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_e2b897a3192db8b9100d7f9f4e7474d2.html
Size

57KB
MD5

e2b897a3192db8b9100d7f9f4e7474d2
SHA1

29efd25f820ad947a8bfc78d0745fad5871c1088
SHA256

a3e7f448b03220da6f42cbf97026d272ed80fd28fd90678e7bfedebb846cc85b
SHA512

9422e558664cdd0a624e143d7c0c943e78a490e2957f33f8cc879c5bde131fdc524cdafed1b4436ae3c98b2d2b1697d81518ee67406d2bd523f869a22bcbd486
SSDEEP

1536:ijEQvK8OPHdsA1o2vgyHJv0owbd6zKD6CDK2RVrojowpDK2RVy:ijnOPHdsR2vgyHJutDK2RVrojowpDK2m

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "443526543"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6E18C0E1-D70F-11EF-8B45-D6274BF0F910} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1672	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1672	iexplore.exe
1672	iexplore.exe
2508	IEXPLORE.EXE
2508	IEXPLORE.EXE
2508	IEXPLORE.EXE
2508	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1672 wrote to memory of 2508	1672	iexplore.exe	30
PID 1672 wrote to memory of 2508	1672	iexplore.exe	30
PID 1672 wrote to memory of 2508	1672	iexplore.exe	30
PID 1672 wrote to memory of 2508	1672	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e2b897a3192db8b9100d7f9f4e7474d2.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1672
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1672 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2508

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
53d0cb0efff060e3ed45898cd5ef6d71

SHA1
6978b7de0865224be9900a2c721b1accbc2d9cd6

SHA256
be90a1193947ec594131ea10b9f8a4783ff54b763bab66492883c6cc70a07885

SHA512
a5b6839ad338cdbf1ad7610427a3ab99b155f1098783d5b9ff4ae174a70935f236ab536c60ef6b0e1f9f11414011aca8b924ae0a27b41ce343ad0ed0f9006839

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
0ce83cdd2e48b7f3fad245f14272da24

SHA1
0c15bd7ac05e2738faeb0aa2757ddf32cffdb6dd

SHA256
da4016e42ecaab0dd553f247190d16d03a622df692506288ed8847decbf9ab97

SHA512
f046f6b09ac9f03ce39c828be01149665e617edd55701c714acb6dfcececcfcd5a95265be98531ded172d952b97e59da3642f054db6753717fd32e4d839fdeb9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ad29c4e15409f7a8d3d4e6f172bf6ab

SHA1
21b40a3a0684f0732942783e42914a7bd063d4a6

SHA256
d02f6a043a871a277ad5ede78900c97ea830baf8a22b038481d8198dacabd047

SHA512
b924d205d50a07f1253d60e0713d5dfeee43f727f464b9a2754792b1e77db5e94064dceffb436d118ff0a1d0b6eece84c3cf8ad45ada237633b88c98556c3057

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bd3ee6d7089cbb323cee2b0b5ace890b

SHA1
46a6a1bc86f7e066a45b954fde0b572f9a37cedb

SHA256
0fa7c02bf264e197f9acb42acdac0d0cb59825c6ff9138d5f90484ef6cee615e

SHA512
129b2be4105ddd19eefa932a3252c544470e42ec477b1d588378f840dcb5b9eb185d3e5e4c7fc170222ea0f209cca84d10c707a52b60e32b529b0e1ed4530bfb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
248f450d0ea2ddecee4aa33490050c60

SHA1
31b36772b100468cb3f342c0839250564d772e0c

SHA256
ad3683764e2722f720cc6089b4c0517af7592a677a1559f3d0f07eb4aca6c7ad

SHA512
56a36592aeb81be83e80c4ee72d8f1cf8b257f68da80310d2c48870d454b95950ec0d7ff17f33eb00ab766c63c4e795e60667d5295a0b168b23d2781809433ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
02895a9b026d1536e862d562e3d23dc0

SHA1
e44d8e5b41d77231b0a2678f2ab4a53d90c5375e

SHA256
6528daed2aa867ddd7d0bc65bda8bad73ed72e2d0424e4e04833adf4aab9baa6

SHA512
a3c605cb9c2f9bc06f07ffb0031065ef532ffd19d1f890ee425d1c77b8dbbffffc78124ca8132d6403c83ec09c681583dfb949bb55cbb5a15cd88ca2988530b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
849d4919a5eca8bc62f92c66e49336b5

SHA1
054cc4212dcc98a003b6c1aceaf2b08655c70792

SHA256
bd34fa7c878b1fa244221891c5ea4b7e260d4c6ee4ca6cc0cc7cbaedabb89b9f

SHA512
81eac30c5252da2cfe6fe5e7ddfa57f029a50870144769ed6079aad79eabcc38d15a7a7fbe82ea9f5927d1af34c03bc02ee749ad7b93a18f79d11a9d0e17ec63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3bde5e3309d49526cecf7bae809f2d0

SHA1
ff65227e46fd0db02e48ab66c2682f6d880ef0fa

SHA256
14cb116d1b64e90fdb484ca945a5d959a5f87cc1706c05d465edcbbfa1effcbf

SHA512
22f563d9d00d22e71320caeb46f256a96447794086f3852f9b0d1dbcb54863c4b6caf8166014fd9e8b950ce25140dd17cd535c13a1952f33e517aa9543c83873

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ecde9b070ad9f96d42e647c4398d3b0

SHA1
bb9e260f389125156240a55fdcf76065ab7eb76e

SHA256
53c48f7e2cf871f044d3447bda2cb99af05641406b9cdc07bb2ce220d5a6d165

SHA512
a131cd5e91e5907d4322d370547cfa5aa2e73f01a730d955c0419d81b4af1c0ddac6cafa1eb43decf92a1d2ae8d2ed3aea71847ff7ee83c2b7e16937aa6e0cf6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dd84b98660fb655d4c8930640b45ccf0

SHA1
730cfb6f57346b87af23b84b6223d56021c28d2c

SHA256
3a4492f751d1a2d0e796f8fcbfb2e1e1aeb55c2f00a21662c054bd0887761439

SHA512
f3abc2f9d4f0f2112bb88725e9d32f844698cbd117ccc43186318aa815cb68924990e2c8395abb19c66b5cfb59d7ce614bb123e068d724ab362fba20de978d32

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9a692d8537b277d9db241267f40e5571

SHA1
dd64a3eb0153f1d26d93c0f9dee2f0dda8734fe1

SHA256
342300e3ee3795bb3107293c5f0d3563be898fbe3c55b8df67fb650200aa7072

SHA512
4f0458c11b206c81d0de53b2d6fe892fb8a7c036a9d566ee3c75d3e1534f6bbfd60b4f6a3f643db1b3f678ecdfe260f4d21cfa41230eed4ed659d0417cb69bb0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7c9559584d75bd993629f76d5e2538d3

SHA1
17d3659dcedb259800542df67702b44b55c28db6

SHA256
be2e0c7e1284b30fc43f83a3a340125064d04661d3b7978bca58da061a866eac

SHA512
bc346ff3d9c1ae084f636225a4a538983d2e3b2c10632a5fbd8e167c7dea6bcd5493db3d929477e442b97e8c3fe39047419594da31db3fa165ce559f00975788

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b0fc8936d8f45242dab802da0c81796e

SHA1
195b9821ffeeef7315f37eba8a5d76e33595c818

SHA256
ccb5cff36bce747e2c84ce709ce93afd1ceca26d4493d9a6e51f75e870125e9c

SHA512
c5b3d5c7e93be7cc476937e097963f67fe01c010e7d84a3174a315434150bf51b6bac72d50f2ee96f50a0fb8b4210b372dc0f7d5c7d4398f9b11bb43df3d2abd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af419d6202bdd1527af6bb08c6c228eb

SHA1
df4747867205df235be514488236d6552e8827fd

SHA256
aeae4aa856a536f946ded53675f12f0e04018ea1d2a2b03781fac18ff5912916

SHA512
8baf0b698b471e0db49d5db18d768e735458dff27e491284ccc13b487c8c5a172415175fb00693be755b06e37e27e2a5155e86a2333867793586d4fea1f8e98d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
41494bddcad81f157b3546b0db7ba82f

SHA1
3393b6013ab3b6e17ff5a85950ecdc169d571420

SHA256
996684f2b757871030b147e9d9149859bf2c7d7bcd81302fe5d075192bfd50e5

SHA512
f4c4d0e168c2e7079b87e2483ec52fb3c56206b558cdd7e7820640e42a3dd6ce0b4f00763cd17ce796f0c02cda0cc1f63d242430c79c94eeff2f719b9b0ecf4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03c30a12cc4c204fbb117c09094a8f13

SHA1
693947bb60f08488195ebcf99bd0bb9664a75c4c

SHA256
b3a094a459571c8b73a1bee32124c894182c0143f853317dbe8efb3a0a7b9f89

SHA512
e2751f3f13e2e43e51febfd5aa7c8b36ea162eef47cf39375d08ce257ee47e66bd74dd6311a93f67df47a0b2a2c4a3d05dbb050afd7581ab38627e95741775f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
671340004e698e53a0027ce0296edb3b

SHA1
a3c84b693d438a53d5b5f5f47539773ca45bcdf6

SHA256
1009924e518ebf13414292a90f11b8255252e9264363e3c533cdb0bbb7d108fd

SHA512
3e89fcd723fb0e389b639c3a726fa367e53f9c0e24c25efdf24fb584db7e90cfd8ca0fa20173d12d6c71bb023e5f668224817167432f55569a7493345d4a185c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a8b85aec9b1640348315130088320ea1

SHA1
2d6c9cbae6a8776d0dcce915842868e4c060d8dc

SHA256
fb498bf3ffeb8aab4349788ff9a67fa9185ee19869d621ffdf1ecd7281927259

SHA512
7d9ea6bc3ab30053d03c7043d20f9f05c4af36e9640dcfc1b347065b30d222e7d2d5b3a634f8444bac5a0ea30e5a48682309e66a176af41ce11f974c8328e88f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
20c11816f5fe70fdb7ddca531e279060

SHA1
b183f648b379d64cb845e0aef3449d3e5cedee03

SHA256
95d8d5dc1e09a9bb1a58058fb62dfc4883e2ea0a20ff58d71040bf36b499a420

SHA512
a4081c0e45b892c61414e8359b85496633eba0a06df3c2ccc5c9280ccc2f71dc722f3fe97c410d4c15804fa6f0d51810ac82c111e806fd9966edf82d3d019358

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9GP4P3HF\f[1].txt

Filesize
44KB

MD5
95a94523884fb19385819e02efd08ff4

SHA1
c0060ec538fa34036767ce04495e463a87c86375

SHA256
fa999dd10a098010048174d02c3cb8a7d3ea9a3371d796e7ee7f11aed4ee9119

SHA512
b3da685f80cdcb1c9585b813237854354b7402d81941b9c68d9726443d6f63736e8efdc9641ed55eafb18e7d31c63179cf55fb49cc994a366bfb18f8dfb5b4fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB57E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarB57F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit