894f72607f16309b2f377c24aee7fab59311519508224f80f93124e605c63aac

Analysis

max time kernel
120s
max time network
134s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29-05-2024 07:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8001735959aa4072564885e993fdc769_JaffaCakes118.html
Size

4KB
MD5

8001735959aa4072564885e993fdc769
SHA1

8b443d24b5d7e55ac3d86fa02492de3bdca5acf1
SHA256

894f72607f16309b2f377c24aee7fab59311519508224f80f93124e605c63aac
SHA512

058d895a4a33f28a909c7a5f87fefa8519111f85e32250614a71ddf31e1d110893dacff4c1fcd4672b2ea74434ddce96f7341f4b6d8f02e6c44850608d135c45
SSDEEP

96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8op0b+d:Pk7yY1aEFHVKtF37sNjtXATIQFM93pD0

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00bf7e329db1da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004b0ee1b31e6aee40bf369cfe0e826b450000000002000000000010660000000100002000000035b8782cbe117430242bb80e9fd7aa767e8fec7c77d8d045c53e397a64f3ef74000000000e8000000002000020000000b803cec2ead48c16004580ab141f74b254f2ecb6d96922948adb027133ac4f7a90000000ef836510c89a7b68309f1a156a7175e23e76723e8767b4ec984491011001bc10d2cf0b138da0b373116da1bcba4e001aa1fbc6d4fb7176a2d363ab1464ee315bd4671033c91a679e3735d4179d7e5be14f5500f943027f6eb72b57e40924e6b0d36c0b1ad2af27af351bcbe3527facd94dc84316d380262695a85bd71f8be23a875d3c5ad18ad72d6a5e0fece4029991400000002c4e7b415d187deba766512030a7b19f0c8beb3ab77b9712c409cc3dcdbcaa7f099b766c78e8a1ac5285a916232f924ea8a8bc4a5ebfe891e12448dc70b54c01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004b0ee1b31e6aee40bf369cfe0e826b450000000002000000000010660000000100002000000059665b130acbff8a9fa64b9aa142e14e5432fc033518b3045748bbe1645ac68e000000000e800000000200002000000096ab280a7c3171adb4d21796cb4166851c954e2175e03b65a6f45dddec31a66b2000000052d3f1ac195117955a79eb201e43b8c80655e77e43ffd4dfa13f7c3ea652b68040000000669e438bc6c65bf1785c8434e2cbfb4d3eda8f86932356587c4feebc6e79a0594f0162a4970b8ba1b608f0840d9cd398ff81fa361c04d85f4c0df58aef92da59	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423131005"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5D781671-1D90-11EF-9FA2-EA483E0BCDAF} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2244	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2244	iexplore.exe
2244	iexplore.exe
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE
2744	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 2744	2244	iexplore.exe	28
PID 2244 wrote to memory of 2744	2244	iexplore.exe	28
PID 2244 wrote to memory of 2744	2244	iexplore.exe	28
PID 2244 wrote to memory of 2744	2244	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8001735959aa4072564885e993fdc769_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
083a5aa53b731778fb256739a4efa72b

SHA1
4112ad9c2b71fdf030a153ef27a597d2a627397f

SHA256
df3a7a231ffdff14b5c901c177961499c87c86b5c3a8daf2933d5af1c56eced0

SHA512
ffdbc549d3e490171b6f2c2477e0b2f66e961eb3df72c670f6b1a74a6185595013b257ac570fdc34128804122bd9b485ffc2fd4090485ec12ddf8b7b13972865

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0b813dab8d0aa17e3a8fe935425b54c

SHA1
a75677a5ce64a06f2a7c24833c7905dfba0076bb

SHA256
3a4beaf814a52aad732252e9ad081afb83773390fe0b20bd8f182eeb8523067d

SHA512
ed007dd2c439c2f83d0d994f4d415cd60796e48bd1018e5a002d976d450f87d70e03b5ce3b8111f8049fe7b23a7f4c6e7d57c55cc4c993907c17234b2ce54e41

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
525a7d5f8d33d8e156da1ce36c378d55

SHA1
564ccca65538cda43656e9c75328c83cdf501537

SHA256
e459b50780d95c5041647106795f0d19097f0e59f13aa4d4ed668bc6fc1ef620

SHA512
d9c54e0f3938d3e8ca6456aa158aba00bffaa4c40676d5af4dcf8fabf6697426ecd17ebf412200e6233df584321fd1430793f9132eeb2caa98fe95b6d5aba244

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e6b9bb56eaba151f5fcee16d658ae87

SHA1
881c53c12d968fdb2d24f153799c947c9b4ccfa4

SHA256
c690ffb875f093eb0757a00f434f8f2ac659cb869cccf89b6d5b2db9ab973bf4

SHA512
32ce3d4831fcd7694f2ee416ba6afe78103101f6745b69fd88bdee68578264e9c0827e454694e7607a46177878e7514fbf573a96d66b9e5e38e66166dd9dedf8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dfe93594751106b480f9d5e078be7085

SHA1
a1ad7b70b38f9eab4b53a5913370dbf5c150022c

SHA256
93e2097e2ebb222ac78a388c4cf15e62b309566c0127ca45cb440c521febc35a

SHA512
129ecb7dbf72866cedd85dea755e8efa3bd5cf056e2b1b87d6e420def2ba1c4b7ed3bd43bede25d3060cd6a64bd11bfad30dd3f1c91bc0d6b5e9cd9a7971b048

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a73eb351e5a139d85ea1ef945c460033

SHA1
d8b199626d309d3cc06bf5e7ce7f3092ce1c7755

SHA256
aa3e97815d88b091e39c77929198dac8ea2cfbdf6d0be92848cc86991755f062

SHA512
7cb03cf266579e6c17c821f8a43083616be3ccb494487bb79dd223c0b6fa16a86044d36550e4f20cb7e29f266b74c831fc89dd25aefef489e3c990e999a424df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c7908e75dbcd4d2036e7918a569dbe0e

SHA1
5cda6637bf879fd879946bf8fadfb3b3389e8846

SHA256
2f1f2a2cd915875a94614a648a2b5e975be3c5475c8fef50de076d9e25d0756f

SHA512
04437cb3e7a296b9210bcffd16ea3c84f385a5454bde71cff1740f96150ce1c4c5794e5c5fcb494800a396418c6656b4a2d36c19d186d64de616e7fb2b5d1737

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8b0d107c0a9dede9ee9f88b2eb224d39

SHA1
c61895baf421b3ace74fcd3a68fe9acfd1b3f1bb

SHA256
f79650e842262684fee7508ba6b862b333b8c0a6cfb75e5607001c486b71abcc

SHA512
4380cabc7f2d20c319e31cb6dc31fa0dab450b8ff472d8ef9970e25e6e5a089fc4d371784d10baac555c5d6f917048c8fa6958294a14a18b8d69aa7d0561a55d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0b779c85b931224f31cbbad637c68f8

SHA1
d1d92ce4d1e4bf624931d8a2a8ca1b3f16d5f5f7

SHA256
b0701b02140cfea35c8b6461fbd9a2cd2d43aa7803d7b303a9550bb0fd78dbe3

SHA512
2c5bde065ee50b57da058cde3ab8b123a8c02ad44cb8891835c62ea3f97619f27bdacf35d6021475e70b83e5167f68eb60633a8b6b05da396c1b2767e3b4be25

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d28eb24b830332e8bae8e41cffa49b19

SHA1
6e3c59a75ef727602710c7c63dde2663861eb60f

SHA256
635fb0f3d859348a96e5559451ec5fe15a3394c77f041da6487308405a2f08b6

SHA512
0db443183cb587e46a44bd35b5ad432fa9ff75bc8ce80448f71346cdeec81925135c90776da5c0738ec256f9fd92988758ac765b2e674d3d7a8eee8996619069

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca5e25a1697421a7cdc9ff39514bd6ae

SHA1
04390869e6155f3121c604df3a8dc42f132edc43

SHA256
74cf13345aeb50a05fa694da77b72347cbb84af44cf5e470eefc3c3bf04c1b86

SHA512
49a33c198644d573f2e211aa8900cfbfad29b423f605109497abab2bc431825888dcce55b911ed1662457dba64c658ea0496a4370e97d647136371b7658382ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b66be4b031e3eae076c7c68af40e2c2c

SHA1
7b726290536a743a3fe3f9534117778a2d03a41b

SHA256
c0b9882df7c5c12f62e83f2a9abc036b9bfec2964924eafdc0b19e9cbcb16bc7

SHA512
0e87a7646953f6b58f85659d452bebeef5358baa9fa786b03e8732843888c6f6fe882bc1c0002c2ae3d755a1c4fa552080e76b95b67f65f8752f8cbcd862b082

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
14249beedf6b88f68d949874234e23be

SHA1
1b941e98e324d86d914a571203d6237ffe34d05e

SHA256
8cbdc66c5692ff81b429658096a4933328ee1a6e4cabdd36741f6fbdf67466ca

SHA512
67be1e1c41931b95e94c93249ce1fa534d4be46a3194066327216bb81af63868eed446c0328536da6c6ef6091939073957325789d4aaea0c0393ef17151dea65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b1db252a49e6a991ee08ce68468bd7bc

SHA1
0cef62e4070cc4af50a8b76361d1e7014c4153f9

SHA256
c0641745d895dec49d323950a928cdcdffe3599e066f3b9ba2037511bac78644

SHA512
75fbc865e494bac03375ffccda0cc2486dbf21a207120a3a979d4ffe265572b9e38aa2c184989029fa9956ae8a0d0f842e867de485e97190367f5a2a52f4fe13

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ce276a06093f157624474eac52d0528

SHA1
5c612ca31255462275cea51cf11357c3845f6ffb

SHA256
6c6ecb74ce857ebc9bdbf71b8db7690f442f2e929c881da65478b9d44d5f5d95

SHA512
ba90efc76d5065579150599398618d8610b56404145d14a173aa198d7f75aed79a6c6da751569420a5c51c93f5cba59e66aa8db20b52a2c169a4d14c98d53008

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4b8b51dfb8f3c6a16d3f9f09120ad3ac

SHA1
13f43100c07f93d60b378f32826b2f8117ae209a

SHA256
957713df6b2fa42f5b1d53e706ffea3c0b1739847b20083032b249f5b41e6436

SHA512
660ed95c66d830d5b3c6cd80a5fde812a84fe09150a7315d16656ecfbdbd36dace3f5cfb4bdc19acf7462947a855f214d086c9b2f3cd8135e63e893151bcae1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
52c82ca5acc4c169ecd79bfcc5ff841a

SHA1
600bfc6151bf3160b9fbbdfaf45fbdbe7ecb6dfc

SHA256
2490403610565cee8addeb8c9ae54eb104ee05b731071f753af48dc1af2ce5f2

SHA512
cea21d4cb280f47d4bc87fe5f25ab2548e84a74f9f3b1878cbc8aec576db42c52f73e42984464049cc10f5180538a8be5083b4830d9911818976f138ce54409f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA660.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA76B.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA78F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit