6b95ee3f446bb2e5ffa1c02b2fbd66f1178a35324d8a87efe7ae7f7dbe5c255a

Analysis

max time kernel
118s
max time network
128s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25/05/2024, 02:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

709a469d4d547b4cf22c0f070d5db9a0_JaffaCakes118.html
Size

3KB
MD5

709a469d4d547b4cf22c0f070d5db9a0
SHA1

87c125f9bd9f38d7db9a16f1085c593ac1c2494b
SHA256

6b95ee3f446bb2e5ffa1c02b2fbd66f1178a35324d8a87efe7ae7f7dbe5c255a
SHA512

f89062b3685c1271f13e72863b504e5a5fa6e6b238304e25c45bf575f32e4cadae36b6e37d92eef113fb86ba24d6f36b567794d10b306bd8f96f6de693a35638

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008f3327645f9147459973ed50c887221300000000020000000000106600000001000020000000a8e4d4fbc3ef52602730f00d394b947e5366162694f94359cb108ba13b20cfc8000000000e800000000200002000000002fc5dd6b2d8ac2a502025a09b275b9c4fb89923822235ac70948bc4d289f81890000000ee89ef4ab042c9d49e534c4317787f093d8a28e25c39375755caecb6412705ce47f7c6fb4ab49c123810fa021802795c3cd20863988f514766245c6e24d52565ef2254ad22893837a84c9156c77aa00f0e77d073691a54a2cc8e8006d386d9d6dbe4cb7f8b309a6c0bbf013ff35a055396e35e64d9836cded72c80f33cc168ff9c0d6c50372d4ba03f6ad53c2edb164640000000804235fe731689004c2df4904d18f2879cab34f3596df44616d2765dc51b7dc8b8d5c4eef74783cf30e4fec9fef8716ea3666ed3e64b87373af5e9c5d0321ef1	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 1025f6ed4caeda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008f3327645f9147459973ed50c887221300000000020000000000106600000001000020000000495cfbaecba13b0d03b147b62882dc5c0d4d4471f4ae9e03de07e322c92dc56a000000000e800000000200002000000089e469dec37476e7db0cd05474d0ff2df9f9c58e102a9755bf40bc3293a19f9520000000a3bf7372165d1b042480ae1c44a3d7e49903ab43814fbe8d9e59f0ac99bab40640000000c07e66396ea7cd29b8e88c6e750d12f3cf0b6ffa1552c2dab21570cc0a3315b43cbaaa8c0b9000a86dd6095b60e678f3a3e36dc8d5f3fb4aa537073dc2ec8305	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422766675"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{191F4EB1-1A40-11EF-A8CB-6EAD7206CC74} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2220	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2220	iexplore.exe
2220	iexplore.exe
1156	IEXPLORE.EXE
1156	IEXPLORE.EXE
1156	IEXPLORE.EXE
1156	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2220 wrote to memory of 1156	2220	iexplore.exe	28
PID 2220 wrote to memory of 1156	2220	iexplore.exe	28
PID 2220 wrote to memory of 1156	2220	iexplore.exe	28
PID 2220 wrote to memory of 1156	2220	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\709a469d4d547b4cf22c0f070d5db9a0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2220
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f8544cc2fec21597a3ec6986ebec1423

SHA1
930b9487f1a0702610db67771db61298e23864e7

SHA256
7cf441d86e2438ed8b174257fd716dfefb9c50d743f8d2336fe42b6e11b0d399

SHA512
da550a1e35b8fa6f08c9c79337e9abde37facff638e580d64b8772bf3d5e571306b05be7c5724bff7075df99197f5c184a9b7015310f1b15216fc89a9f7649aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a97721fc61481494d3816c743f806db3

SHA1
d7d53cf4677e29f07a277e607913562ea8610d2f

SHA256
9cebbe162fad61f7a697e948bc33ceebcab94ca131a064fae125944a3029df58

SHA512
31f19f8c8ee2b6c781a126db61d1c25bbd933f2bdfb32f9b084d6c88aeaaa0578518d616cfd5b91c97c407a095498dcc6b8f72c9e0e8e7a1b3830b3347b7ac8d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
082e6388d3d49f7c760d8b8ee96c9396

SHA1
e984b5c4b178299ddf0efd4dad19a8dcf93be88a

SHA256
2d351c4021f82181f26ffb33e28f56969c38cfb281db66ffa0c6f6b600b27908

SHA512
a9d48f33621541673db6b3d1e819b8c04430c6e11c7bf5efbe356e8f6b48cc4c1da42b773212c504d8d6b858c4e06e4f9a4ee49c52db2e110a44eef89746a0c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5733b8f66edfd358ba137ceb1e82b9b6

SHA1
3e1908f2bb695093399b84b764615ac7af5879ee

SHA256
e81c99f3ac6ee58decf192cfa3489ed3507142baa269fac56eceebfe0763265e

SHA512
f6493ab5734fe497fcd5fe8f504c1bdcf090c57ebd1389a7721b053fbccb1e54adf52bc9658fb593d2006f729fc119c236cb49e58797043591cc075641e67db6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cfaa915d1e0c2275d58bb8654e19e4a

SHA1
4d76940f67136de299f0b9f910cd997ce0b75ec2

SHA256
7b6ac999950d3e4511db7b6cfe6146e60bc2bd901defa3bdc0b406ea6616c7a5

SHA512
2fe167bed08fd07df35ce53c782061c6ca7833ba69c8f62930d92a0087d24804a52fa5cb816b3a728ef3b4786d732b6e8a146611b619f729c220792f7775c3c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9a69757f5843e01187f1009f680302d9

SHA1
09a953152cb68f8c2d26780dd654effa3d6999bf

SHA256
60d94f660e3944ecd60fe96bd94d0db1ab942438a9f826ccdac8b0b50355d5ec

SHA512
2d1dec4c80e719548c56453653db6832e4614c2c442ac3fcc51dabe20c1970bd5bf1b03a239181b4ef503da7341637357da01ccd9b10bbc7189ff96c80c8bac6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
644c3a4038472a669e0b36d5ddc15865

SHA1
b7b078cb229a671f09e7caed5ce19373e1d241a5

SHA256
f83c208701997faac5939c4884a4469b39ef45bfebe1f468fba4c8f986e06568

SHA512
10b15fc93c9be741801aa46b60d0c24fab910faca6c988c983c625b7510cad3567adea66466c0c6cc633f5232427f76f42ddec5b4fbc0109019f37f39360ca12

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0158b9ff8ba99e1ad3adbe6cbee84af1

SHA1
9e523e4058a131a0e5fcb63ce21641bf882b8a8b

SHA256
43f4f894a773013cebd0217151041d9ec742ae147ec96245b5216d36d1d7b431

SHA512
0345c152bf72112701e7d01c55989a9bed8a5f74e0100244507700b3a4b6b283ae546b311374c8f38c20db4f49fe43a1e6c28996185b3dc99739bc487ba2fe5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
addb92701323849eb229307c215d5b41

SHA1
67265b27caaaf32c834ad0a9f38066d4519c0247

SHA256
e777e860562b47e7b718d3e7f90662c22333261d0e746babed3e7681b81be414

SHA512
e0e324716384ee577f758726e5c89d6beed39e1d5145d68f2f4a191d269a7ee159aecc976d82579eba212e0b2244b2f0089cd23efb99ad9207ef305ca47da108

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
550747a04068dcfb21507f10ad6087bf

SHA1
d5333b6043b96a5e47784a29eef35e55019a2729

SHA256
cacbdf543806ca361b9d3609d6f35453f2e86662b02e8de617edc795f5ef5219

SHA512
0075f8eab878c8fa8538392f07a05dddc3ff1071d2574743cc76c9daf0f853292d1ae670242194a03be6619220586d169d8603d5fb4b1ce19890b6070c1cf3c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
543201085a5641dd57035a8c07566976

SHA1
c0cb67f064c99fd716c430506cf41946dfecd4b5

SHA256
c800fa8420441d1f8877225aa472ffa99e604a40c9da3d1c81d73b8514083b30

SHA512
3e369f97129d373fd5a05d885e2f0f2c918e17c29c1dd2a81933e06746777f99e489f028af58b4827331cdac5cf33cb927af1f6f425d899248e8c26852d430bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ed2e477ed0589fa86590c8b09b3c0776

SHA1
563e465b5b7733b09f3734d91972d204d28abab6

SHA256
dc11b65f0d91271827c2a1b8b2276214cf0a4eb6cbcbe234af91c30b8e7cd316

SHA512
cb2bba8ea5684cdffb7af94c328e6d0e34963103baf8cd001309d0510ade624a9dd30c618facec2f6b55d68b13810c3bfafd4d820753ab8108175edb6bc2d93d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b776ef36c7949254c7276405c7c12299

SHA1
dde5d9a13a4716514ea8624d0b5e4e9c20ce3ba9

SHA256
7c9a38fd87ee3101a04bdf1d556b425df53d272f7f1c28055fb49ae6861a3f0a

SHA512
d572fb6e9b6db33e6e12ed7e3b97de7cbf1fbd4a3c03d0edc9126d481e71e406d33891551358fca2b70bccd5fad243fa7fbdd1e8cee9b93dbf60cfcde9912278

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0ac3ff29b82d22a130349961f62600e1

SHA1
6908e21ac4ba3375cd67fcf13e0ffc758d504889

SHA256
c13d7f665f8579b42e1016a35acdb1bbba0008eef55b31de224f863ed266178b

SHA512
dfb61897b2cfe5f5a6829bd8525ae20d1e430e78d6f745be7fb19d3971c88d9796e91af496900f355a530c78c64eece8bb0207d7f671ccbe192e15d3b8499c60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3298b0cfdf61264bfffb56dcc8db3998

SHA1
a1a42f5f1b5b81e569c763bbcc2ad0dc9921adbf

SHA256
8abb2677a6f1b058ef0fce18201cd03aea443c54d82667201df1bef67fbf0fe3

SHA512
c60bba4c5f13911bf51532a9c6ca0e71b0a958571e10c03e6bd82c862db5ad5a969ffd117915e09815c35ff11fa2144cfb92e519335804a67ae2387ae94baa07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
44c73648093c0aed4b3511b46c1049fd

SHA1
23d7e310277e8f658c68081817d4978f8733354b

SHA256
a563dfc6649702e1a92d124b824f478550d7080c31276e510a9ccb51fd122583

SHA512
b1ff7f97aae5b9624d9952539d9e23d6794c54ca117b814fd2541865939753e551dce16b03f0706310f4533ad8de18a9f5b9febde31d5e1e883b8e38d2c99215

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8fb14a9aad6ed293cfba2b29933d90f6

SHA1
76627f2643e366f4c2c760814551ac97847c69ab

SHA256
314fa462c87aa2571d62beb761a40a3c302ae5130c20b8609b47ebf2a41cdef5

SHA512
231730f470562f75212fbee8ee594ebdb02a5c9ef3a1b63d10b79ec6d16f63afe37920af734388032686100180d95e82b83d55e471acf93b96a7b8ac7c586ada

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab35D3.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar36D3.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit