28206e7988c0c3bf0077b0dd70cff038f3091bcfb458cddf361d679115546ebf

Analysis

max time kernel
120s
max time network
135s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29/05/2024, 13:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

80ec615c481e75e9269c02c32386ebdf_JaffaCakes118.html
Size

461KB
MD5

80ec615c481e75e9269c02c32386ebdf
SHA1

77620bdafc3f1134c7680739fac82825fed05597
SHA256

28206e7988c0c3bf0077b0dd70cff038f3091bcfb458cddf361d679115546ebf
SHA512

af481fa75e598e5c777c9b7ffb663315186c72fe70bee5dbb61e7f543bf09e21f5163a3c3c628d9f203e8c3e6584f34a99c1bac6d0065fa3b46a62ee4bd3e41c
SSDEEP

6144:SOsMYod+X3oI+YcsMYod+X3oI+YxsMYod+X3oI+YLsMYod+X3oI+YQ:d5d+X3k5d+X3n5d+X315d+X3+

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AEA73A01-1DC0-11EF-9A09-E25BC60B6402} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0efd087cdb1da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005060df3a49d8b043b1ea9a038c94b65000000000020000000000106600000001000020000000ff789562525a8a2c835a89a1856da1784891e7125e84d240531ec1b22952f0bb000000000e80000000020000200000003df595502176d25483ecc16211a264202b778975795359611e6cd486be0d3f87900000004be09b44d2edef29206a8fa3e37e0e10c6c6b8eb6bf751103284f6078c881251b7e6b652ec197769600bce20e4f72a9a3268ea8038bc4083c0bfa08104338bc13dd7b57bd4acb1d029223253b4e2a12567b7999f294fa7b7c56319fe9d66ad7e2b6992f0d33a13ea920c357f864e4f822a0622f6299d3781a3423ee84aea1266bcbd0b9c450ef6696d76533bec98a3df400000009bed1b3b78aa124a4aa5704d69fb79bd7179e8ea98344752b92c552077b414a9e9b60aca691387a9ce5fd18d45a40194645d678035d0d18fefc84e4f6ac1ac4d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423151758"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005060df3a49d8b043b1ea9a038c94b65000000000020000000000106600000001000020000000680c14a1eef742f9d9c73cf9bd615f44b94b6247c9bafd42ed119d0c591a4e43000000000e8000000002000020000000ccc97c47c4188620ef09189aeb06accfe66c1ef63f76d45953fb2501bdaa1b2320000000b048110221ab19f22e0cfbae81186a3211797fa4129f35881a18560ddca7d2d940000000b34ffd1c64a7f7938a012e81d808cdafd2b4d30bddcde5dcc19dba823c7b74eab50e92cac33f2907fe6b20263977701ae81fc0eeee1ab5324b54559c7b91ac3e	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3008	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
3008	iexplore.exe
3008	iexplore.exe
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3008 wrote to memory of 2908	3008	iexplore.exe	28
PID 3008 wrote to memory of 2908	3008	iexplore.exe	28
PID 3008 wrote to memory of 2908	3008	iexplore.exe	28
PID 3008 wrote to memory of 2908	3008	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\80ec615c481e75e9269c02c32386ebdf_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3008
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
35e16f297b02a782aefe6adc3885504b

SHA1
e8fe313a7ab7de6dcfc35bede1b0de95b0b7c9e6

SHA256
0f642d47a952e0d754341ce4eaed57c5f51dae48ad71d1f3e7db25688696ff69

SHA512
60b8be0814cca9baa6f4d7cecd76d77b20ccd80c5942f567ca6ff532564bbe2e2796aa9efabf93e222b2d5c9111e88722dc7250e6c359c8414d95995455eba4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7de187755c012666efe3872e3a7b0128

SHA1
7830b2e921c164fe34b8705fb283c3769d1d0840

SHA256
8223ee5196f3ecdc994bd02ef71629d65f28be5957fb7af1138fa06d2716afcc

SHA512
ad8f31f71e132fe7fd8ef421c827c2f62e7810e3b10e0afa9e5f287968042398f06bd618a889f88220057536eb517d235c5ba8e5070e7e10b47a72cf69e069f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bfa52501cb16c24a5831e78e1fec6408

SHA1
7ffb81c76f990827e5560bfde7e836eea60fa549

SHA256
9ac08d4c189a86f119fe38f0c85b5ced305429e128953b8c8e06610e39b3e050

SHA512
ff585c9b217b8f837eb1bf8cce69d3e5d8ac1bb7308ff51ce753e986f04f4195bd0223fa7bbf8c32e63cd7246c06b0c94abea75929f2bf2e2b8a6b2662d89f22

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e632ff1dac87b985b8168cbfe4d1a81

SHA1
00dc15f51ca1a5cae770b756d62e7a984c29f893

SHA256
3135773de360bd8c42243457e2c81f9f132d1c8775e7ffbc90234979704d5001

SHA512
a84e8f41b5bc7c4ccf8777842f546c46c77f28da851d5b0c26cae43872dfa70ac5f061ba80b68c690fe965f4d0bfd84d0252f34bd2060bba07ea4ffe29e923ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78152e4f6725b7f4f8707622360d95ba

SHA1
b0445a046bac70fc33c110cf7ad7d215f9c086b5

SHA256
d64c0be5c2c5881d8e6968eb6e7a4d54b32393be3ece0d546c6f299966f23c4b

SHA512
2271f0a146b714236cadae074a58450f8b7bb3b615f9608f244160fc3e84db5709aab2c72a2a8f49b82926984b161c882135bdb8d9c080308cc695d875ac60a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
099f366466475e913d4289a232655b15

SHA1
d115199368e0175cdaeaeb127018b6668f8c8c9a

SHA256
678949e33b3510339b221061687e76e8acd9b71cb14eabede56636be5785499e

SHA512
e7a69e9acab017efb82916121a4078dbcb53ad328c66298596ba8eb16439bb2e687e0b71041e174aa39fa3f759467b6406fd8b63737c99aef5bbd3040bf9c370

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a6453f03ec34707d6923679028be2e2

SHA1
43c0f96095c692083d79c7b8e6ef1c95c193e355

SHA256
2d697f6502a0abb1d57405131a79c15df9018b869dd9ae5cd31a3767853c9f39

SHA512
6d8ab9e69c08b55e2d831ceb13277acbf16b5124b1e59a3bd3f7e8066a9e787d48c0ee4ada753282ebd905621b4cc316a974a5735eaab667cb3e6bd46e417c2c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
476c4500dd6d6ec20545ecee6651ffaa

SHA1
346a1f6a3280de24cc5a00aa98e3edaa5ebce127

SHA256
e041a7b01b0c77a3547e8a18f1a2cee6976db7b43d68c2fb096315200d61db5b

SHA512
f31f9bd4c8eb66bdb2e78019011a9879c4dfc616b0c0f5fe4153819758c0a1092db8c7c58bc1c2e702a840d8782da05afb2eb4b27c454a5652ab98379074e9ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01c07943f773c52bf90f15ae26a4b82f

SHA1
60c0163af47e6bdf25b0b1a65f7b2b2d26500748

SHA256
e57d3971660970f9332aa2c8e184874a57cbf768552d3f690429b2a060efe2dc

SHA512
0829604d7f94e55b7a8f16b7fc5b849dcaa63804b6728d4657463e7a232617c50074133621e0d50fc4faf0461b0a6ca4edec27164ff383f8c9269126db24b7be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e10cd472b405f1bdc7665abee6d59c72

SHA1
839cf4e791213cb41a870fcf4a04e98d5fef0d20

SHA256
16f4bdc70618e8d75e2452628049977beae5e20213214d0823fb0008870f4587

SHA512
73c2bed9f13d698578f32079d8120d576f60dec7a1cce278faf67c88d895ddcca471624ae3d3e40496f8cb2f0e525e61d65ace7c6017a7aadffab274255bc855

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
735c6849cda3645b9aab27d93fb330cf

SHA1
fc2c3be4f2b1f8b0e057040765b1d81b17ea37e6

SHA256
87e0a9857f8fd77c772000d7deef2f10279bc9c54ffdd49d6b8ec3622ade8217

SHA512
19f8b3c9586ded694a9e1deacdfa41b11191331501ba8e555fac8a34f69c2fef39ea17fc52ef1372c63ae10cfa529a08d58bc917e5a740d301eabdf59ad405ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ea38e5f8b6ae7ff1d42aee8c2aa5d49

SHA1
4cdac884bece3635addb449c989f707a41ece604

SHA256
eb6568b449e77ecc9f3dd005df45254eacd3367daa4e0e60a6d656db59fd07b8

SHA512
6054c3825c4a4e03f9d6abf43d67158cb4de4b892e6e59faabdb8208b59dbf06a44295e4ada1b8a0e6088a736a215a4ccd655f87d782f4d3c40eea77fc9a05e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
620d4d3520356fe9032e96cb9287d040

SHA1
086765a9a64d275a652a545bbdce8943a0a9bec3

SHA256
bacc86791430afc4c276eb310cdf7398a93b3aeeca801ba80de04037eae9b3f4

SHA512
50cee16854128e514cb952af71b88585060f6d619f9e63699d4b917c1e2ff64604d58d1841921b914ab9f17729b03726c050f4e6311b606f93a8fa02a94c2a7c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
160e13044a79ca7bf58f42647c5b6142

SHA1
7d056c9cc1e997c7102095304954c57427ee4f0e

SHA256
2ff3de0b695ccd14a0e1ada919cce620c504b8d0dd518e53c5ed8621c432afbe

SHA512
eca006b4865e7603dd00b14e11f4367f360f74f7c45f250d245ed949c5b9484ecdf3ed4c4105f4d219e360a23fb08714073d5a27685e77a20a81115cccb724a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aa8f7481e26e259d0363a803aca436f0

SHA1
d08cc78d631d0d2fb2b312332a91944593329a7d

SHA256
7a0cdcfe9c8ed4c16d3feb358a5a92c4104022b97337f21895529ad11b5532d0

SHA512
e36caff099826dec1c783fafb1305f7610f041a701291402873074980247e2454f65488572ba246e698f56308422041dfa9d3d63aefd458498a79d236a87a44f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1fa28db5d19d5f23cfc9dbcd292956c

SHA1
6f40acf2878c3529c2c74910a891a0aff27615db

SHA256
c8fabca5a02b21fec593b7d6270a89d6387e2c0eb37cdf183d5ba502286117a8

SHA512
4f82adf699394376a7ce36d7f74a6bb6218fb510e93a617834777c8293778d8ce9a9cb4ed73438572606b4b30adf95230788d29a173335dac69b73a8d5f017c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2e03803e416e1ac8241913802487048b

SHA1
e094012852d97643b82190a0b21b2400830f95e9

SHA256
74e20e9aae16324265b357507f3d42cf3fc43cda92f2c477bd0d6b814266b31e

SHA512
ee5193271f5900f9a986b51b6477883607ccd8d90e8df62eb34aef4ccfea3c034aa6be3133ddbbc4621d883703bbcc1731f107589ee7dcac3eb094522fc89371

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB896.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBA83.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit