1930d23cc3f1196630da1cafb11de3a558f36c56ef22b190d3ece4d24b4d0109

Analysis

max time kernel
147s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
03/03/2025, 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_4774a3808efd0c2db5ac9c365456028a.html
Size

101KB
MD5

4774a3808efd0c2db5ac9c365456028a
SHA1

20bbdf85f7a57058a1ceac3482ad1ab4f4cc94f8
SHA256

1930d23cc3f1196630da1cafb11de3a558f36c56ef22b190d3ece4d24b4d0109
SHA512

3553fdef91341078b26828647a56eee01d6b957ceb148115081c214fbd22b2d71314592f65798edc67bfae150a72cc165cc0196250902710f76b01857dbb67c4
SSDEEP

3072:y3YoYdp9jzORkRzpwJPGoduhAoduh+r/hetMHKUp:y3YoYd3WRk8P6DKUp

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3520	msedge.exe
3520	msedge.exe
4272	msedge.exe
4272	msedge.exe
2692	msedge.exe
2692	msedge.exe
2692	msedge.exe
2692	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe
4272	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4272 wrote to memory of 3484	4272	msedge.exe	86
PID 4272 wrote to memory of 3484	4272	msedge.exe	86
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 4884	4272	msedge.exe	87
PID 4272 wrote to memory of 3520	4272	msedge.exe	88
PID 4272 wrote to memory of 3520	4272	msedge.exe	88
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89
PID 4272 wrote to memory of 1216	4272	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4774a3808efd0c2db5ac9c365456028a.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff6c6446f8,0x7fff6c644708,0x7fff6c644718
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3100 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2080 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,8268487696271602346,18177566198691680387,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7000 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2692

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2792

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
25f87986bcd72dd045d9b8618fb48592

SHA1
c2d9b4ec955b8840027ff6fd6c1f636578fef7b5

SHA256
d8b542281740c12609279f2549f85d3c94e6e49a3a2a4b9698c93cca2dce486c

SHA512
0c8a0d1a3b0d4b30773b8519a3d6e63d92973733da818ca9838599a9639e18df18ce31ebf56f46f6bbb7d89d10c726f4d73781e154d115a6068a3be7dd12b314

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
94bd9c36e88be77b106069e32ac8d934

SHA1
32bd157b84cde4eaf93360112d707056fc5b0b86

SHA256
8f49a43a08e2984636b172a777d5b3880e6e82ad25b427fef3f05b7b4f5c5b27

SHA512
7d4933fae6a279cc330fde4ae9425f66478c166684a30cec9c5c3f295289cf83cbdf604b8958f6db64b0a4b1566db102fbcbdcdb6eca008d86d9a9c8b252ff16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
20KB

MD5
162b642946a24839c05530fb1e6059c9

SHA1
077376b7a9f0305600a193d03f7efabbc2aaaed8

SHA256
03c8a9d542b931ca3b2d6a9236ab3af3f4897171727eea729d75b1bfcbd472f2

SHA512
fc77d2d1e7797f7586dce55e85046bd490c8821b8edef88a014ea5e7c5da22c258a9133e4fc303e134c2778e4005433f876e667c93187d399dcc1443695c3ac6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
9ed96cd271825d63d5969e5b0b8879a8

SHA1
d883beb85415994f747a2d69b9e6d584f1cbd9e6

SHA256
222d01ac4dc71ff3581ef5247219a712c5e79d0afd4a95c72b8d4b0443d4b337

SHA512
58576196dcd1ed34ccbf953fa13b83ac6bf938b0b128ed54bdace032d3d118dd0ba45d47795c462713a59fed81c0a50eff3b6846ac6e4040c01bf201fe3ffdd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
f4350c85e3479d10708c62b6f8b43cb5

SHA1
bdf0314a283ea2209406f538a44042c4c08d4957

SHA256
7721673719d732edb0b4ad33c0449e85154b5c2917ef5519eebb39fc3d6c8975

SHA512
cb2caf911a46942001bbaa616dfaa72eb8fb3b51acdab12a79280a7fc7e2684aed80541882df4bd2cccb8d09d4f55267cde9b826c449c23090f2c2016d40e2d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
3b627c0196d7354e67557eb05efdba87

SHA1
9ccbc37b6760de3a51f5a2924591df7cf5ccb224

SHA256
2d808d0155f41be32c2dd7dd81b64abde42c74e291f0dbb7fa5cc85f9b79f35f

SHA512
b053f7cdd7c8f4c5500c47164314b81e76b15d5c3adae8c3cb6d6ad700b3d37689e042f1217da9e7e0076b23885669157b9d0b7335c4ecad6e3f5dcf4af96dc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
da9c924d7a5c005e4ce2beb81f40abc2

SHA1
3a2cb11ee60833bf7957d3617c7142bc9ed9ade0

SHA256
5239573ff4184241d915d4b0d0c6237091a1fd934f62b1797161e73221c0c1a6

SHA512
b5cc6c7fca6888d9ee70ec97151c88fa02ca4ad41d41014849607f0ee64e992a5439a06fbdde0f357b0791882d67db4a26e4d1ffbc867d701a7e87c3a7d2254f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
42cf87bd75f7dae09b581bd753840877

SHA1
c4dfb12d8ebefbb223b6b1445500b56e240a75c3

SHA256
225eebae3f10ee23d4eefa5400eeb26720d7295ce83c1e5fd4de0c5c4594a6fd

SHA512
7802f4940cb178ada6d4defe2022c06df93f61888c42e56822e1bf4919c41c14880965770e0971bf81cd01906520a81fff476a33c75892a45896e73f6d2d0a21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b6cf3ebc76051368bec8ad8e84672038

SHA1
e5a3c8d2b561a229949a95cad1b9a1ff6ac47aba

SHA256
3001fe0ede586ce63218f7c65edfe270aa47f4965d6860222fd353c2ce6b7d64

SHA512
15df6e68b2644445afe53713ecdfe90e8329e4d2a42975a1c964be3004758522d6cf9c0c910b16240b20a845690a98a781299cdc54d122a36b4f494bfcf1a0be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
bf92f6e326bd46af78bedd4386710138

SHA1
d92e849e4db7b7aeb66f93521b13f8efa0c2b1fd

SHA256
73460d0d3262301e66de1c672e606eebb047c565682745c572f6b4a1b77d7e78

SHA512
e8514995cb10eb194b34352c0a66e882c6dd025be48da55a7d71af6b6a1c137f20fefcfd45d9630e4ee966439ed69001147a386cc3fb353d2e05b34f666f17dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
869B

MD5
087c875794c643f2ecb0125b2c742772

SHA1
4b660c81fa1ade624a675a64f83af3d8a04f844d

SHA256
712b1d3e25473448775039c3498c8a6719f1b4d72fa80c60ce5992b1fb1f1aad

SHA512
251c93a8d9fb387730a58c864ac1e3b03bb945a0fe6770102473e32064aae31fce7b8cacc9d498047c101b5906e69b9b6a4d923cb31ebaa01e533912840b1278

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe594973.TMP

Filesize
204B

MD5
9f0e7580164d925c7b72651c6d72b2e1

SHA1
b9547c75dfbc2e8fccf3085e50c35bcd4466fa88

SHA256
258772ccfb7132b350fe8327c3acd99b89ea7e2a333ce7da361ec8afae19f6ee

SHA512
39376dc1d248c000467bab9196da9f4682a70f6077da353fdfe789db1ca308434b6c3a8776feb672d7702bd2a748831f7825bd43f9a8aa9a066da6ef635bca2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0dab647ebd96a3b4e3c48c462417c749

SHA1
0694d88cf1b69afc1329c9adfd7abcad2485029b

SHA256
3a7765da85dc9f298d0e25a4259126d6a884582d55b70a28f7b9b6859667b4b1

SHA512
e0d1e30a7b5ab5ed52abf9890a77633f0758268577d2e3b6925a66a1b415844e52832e5ab6aa87e4eb7feb6c490ab7e3811245c290fab04241d283f1cc6acd4b

Download Submit