7bcea8ecc0f61e320ab11e5977b40b57304c9b06664c32c123f46483366c7f49

Analysis

max time kernel
145s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
04/03/2025, 15:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_4e392e55190bdcc7455a43e1d9e269e4.html
Size

129KB
MD5

4e392e55190bdcc7455a43e1d9e269e4
SHA1

df99b9012c577ee8f0d796b433ab8b26cdeb89c3
SHA256

7bcea8ecc0f61e320ab11e5977b40b57304c9b06664c32c123f46483366c7f49
SHA512

f6c512f8d04754169d5d70aaf8aad92e47e89d33e0abe72275781894a1f409e76fb7081fe3d1b57c1f25f90bd73248e3b4b5482c29193ac70c5acb85717dbeca
SSDEEP

768:2nk1ATx+Bw24Tp7VbiTbidNCiZW0HI8Jj2ECFcsm0IXWhCFAmmv1p4ODMtFA6cVM:2ZHbiTtiZdIdECZpZDMtFbcDO9tdM0

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
640	msedge.exe
640	msedge.exe
3024	msedge.exe
3024	msedge.exe
2748	identity_helper.exe
2748	identity_helper.exe
4720	msedge.exe
4720	msedge.exe
4720	msedge.exe
4720	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3024 wrote to memory of 3764	3024	msedge.exe	86
PID 3024 wrote to memory of 3764	3024	msedge.exe	86
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 2148	3024	msedge.exe	87
PID 3024 wrote to memory of 640	3024	msedge.exe	88
PID 3024 wrote to memory of 640	3024	msedge.exe	88
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89
PID 3024 wrote to memory of 4468	3024	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4e392e55190bdcc7455a43e1d9e269e4.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8197746f8,0x7ff819774708,0x7ff819774718
  2⤵
  PID:3764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,8367454628058241360,4925670582251690794,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4884 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3092

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2204

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b5cfebecbfd715cf1c2e86aaba6753c

SHA1
c2d783bdd82fcfb68e8d566bcd34ead327ed7c13

SHA256
6fca1fe2a780fb27f0493353a73b9ae02e9671b51a50b07566a322abe3b25cbf

SHA512
b6ba779a8bb083a12f7f100c4c338d5902f2e2762654f70fb578dae4c0dccba1c7eec4cb0b5cbc1d8567fbb02624a077fe9f60573dbd12b78da4e5ae618a751f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a690d53f0215760186aa07b114ac4561

SHA1
601015b3d5837e99e481db0dcdb0ea33fa80cefc

SHA256
8ee92ce70ce780b9af998d760d7226892a37c4a7ca5bddfaaaa5da016dbedd93

SHA512
935db7966c0c541b2894b83af14586dfffe138a2a18dc60bfd9d076fb724410841b5536261a090ce57525f8a7dc25e4bc3b133fce61569beebf4efb126607a7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
395B

MD5
08aab21fd2dcfde1813badab2baa8b36

SHA1
ac0e4bb32cbc8068dc48073fd8cfca64b8436c56

SHA256
4f0e1edc2892410bf0d0f4ff0f861260e2bb57d971f9267fd6cd65a534c8c899

SHA512
a83d8b1e68b3a7a90a1bc4e54e1615383c46fb5a8d79abd656024fc97eef855ddc92ce953a9cf3dbcf6d91b203cf37bb07462f3a6231f89968bbb6ce01babd2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
de5390a447001962859d6cf90678fd5d

SHA1
9943acbf56f4befbabcf58cdd73c33c91471eead

SHA256
f3f8446fdc683efb9c051f2c5483008b25e6caad0342cc27e928277dc8bbffaa

SHA512
390b2a26a7dc037621ae76751485c5010c7afc2e74194483305ed97525115e7e75599cbce3771cf08ea07dc2ed0a4691c6c7cdd3865fad93ff66dce0ea3ce256

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a17fa7af23fb5eefec96cc8d763568ed

SHA1
c93f153758799678b193c0942b703ca34e701326

SHA256
808a7324837aff0a6aa1db0736c0683c6f1ab8b329ab607f246f11a8c0a7b440

SHA512
12a3fd16dea0dd6c00a820878c947a051f94a614d9ee87726d545e897874ed65ecfa56945185b8d728201b6f95b759d2b6b36f60bcd51e5b1fc406081ded8ef3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
668037be7d9386bd0faeab7d2cb851fc

SHA1
6d5396c2c60d6ddd46160d242032804a93f0e1e5

SHA256
9d6a8cdbffa1f04d1152e4d2cd8c834280c3ec85b77d14e502478465a5a05544

SHA512
c7a746074278096d543f1afcf04b3a59f1b9bfa5a91271b0575acfff44b45bc7f1915b986b235b445aa2b8bd6cbcf34a3150285b370ea685082f96f424e578a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
9ac7d64ba533facf33c12b2972d57175

SHA1
0ebaf3c94cc3e9b9b02d7547a09bb717a947fdb3

SHA256
3a40027ca447bdbc4a277cc817c600cb359e26ff350c7bacf4c87e8b35f556a2

SHA512
96c4f83e1963bc4f6367b8916a97c8185cdbd9e33dcc89a541f1688103296226c017c84e3e41fbaff1ed197563871183f620562a02f1f0bcdee117247a878e91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c1d3d008-0baf-4856-b21d-9d71a3126f76.tmp

Filesize
5KB

MD5
aa966743fa51b25346d990d8786d30cf

SHA1
c792f16606d842d775c46422682c8acd73d52e44

SHA256
0d98e59e2a5059d4628410f6a0f804025d1e89aadc53fa05956f26282c4d85b8

SHA512
5105f7343f04532557c6939314bc7e4a62b97057357ade10409bb6bee52a05bbd8f6beeb43d0282dbb462000de921b224c866d372d7cbb230a83fc4198b4fc17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7d3709aa33e1a4a3ddd35422bd362267

SHA1
73da112dda7fb26e6a6ef2522ae60f586f9c65ac

SHA256
d9b74f132f0d954157124d8f8856d926f7016e6b0f428ec2fa8923136064cf2e

SHA512
8d34433182334989531cd3217f5b4a1e2e789071b9cb7232e11f24ef02acbf439438112f23111f5d275253d711fc40e7cc939a3a268809fba45ddb8900d99320

Download Submit