1687b7d392f6979efe910887f323919e8c9462698d8571a6f4a310347eccae8b

Analysis

max time kernel
117s
max time network
126s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
05/06/2024, 10:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

97d762ba85b45c845afb2ed45bb2397d_JaffaCakes118.html
Size

120KB
MD5

97d762ba85b45c845afb2ed45bb2397d
SHA1

710629ed23d3a3105c31e8123cb0069f10a85cd5
SHA256

1687b7d392f6979efe910887f323919e8c9462698d8571a6f4a310347eccae8b
SHA512

4b53a9a63fd39d814a6968aa0fe1663339eed402e56103141da514b6efe9ab687db03db30018b50728d73847d224e621b427b53c5a0aa466d912ba3e13221c5f
SSDEEP

3072:5QSuqd1s2qbYQXqq0l9cES7pW8Sr5Szxcbd:nYUq0l9r

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b0000000002000000000010660000000100002000000019ff01f92a45af5868e231182d3605571aa08080ae7562ce3b3bb3fd950ad89e000000000e80000000020000200000002515cc532bff37373725b17d37fd2c588623d84a71bb78f429a9b81c61b5b9919000000031c72827b54ac9361fcf41ca4c397194bdfd94251795391cd00d99225da1a478439f0e988e7d53fb93bc8b9e806571eae02872f136abe579602f291ec8b66a03227e67dcac7394c31616bd10626bcfce13cdfa95f5ea155bb39dc7e0abf6c1320105ed5f7ba634a592432c4531cee28872a23f694e128fde20287594cb6ee49146607dce9440b6bbe5dd8ccde861471d400000008752a3419390a1781bbc2ad4364ae6a6e38ec393c4099ce411cac2336b235438bd3b5ac0f88a2e52d175dc5ba69b4de95c022db97c1f878c139356611264e3f6	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{67700C71-2324-11EF-91CF-DEECE6B0C1A4} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e037da3e31b7da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b00000000020000000000106600000001000020000000e10bbd8f1d94a88f4b59d57207b3e59ab7851af3acab80134b09e44d5d8f7cc8000000000e80000000020000200000008a7ad9685a81544ab3698a60b3304dae0eb2f8ddc597e879da8a36fed4ba9b75200000005d5b19f96395ae9dd88fb3fb6fbec02e7176b46d0b57fdbc37bb50ba586eeafe400000002737f222e3ee2eed96c964e35c8ea7986aa83824491bf0f26a6dac4ad1c5c44fc671b71a1478c34c5855a7ce1a1aa45b739a6957cd53dd8c49bf777897400dc2	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423744340"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1776	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1776	iexplore.exe
1776	iexplore.exe
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1776 wrote to memory of 2020	1776	iexplore.exe	28
PID 1776 wrote to memory of 2020	1776	iexplore.exe	28
PID 1776 wrote to memory of 2020	1776	iexplore.exe	28
PID 1776 wrote to memory of 2020	1776	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\97d762ba85b45c845afb2ed45bb2397d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1776
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1776 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9a4ee1fb6918d6250291bcfc030e23c0

SHA1
ef813bf457fc741450aed1b4bb9cbbfab45b9273

SHA256
c54ecb04039a39faef65741b5f77ba63f247e417030ea299bf8e1f5bac67e659

SHA512
45a2a9ca95705af4e178ec65d1ded141b3b4787cbb8d411aae666620a2f5975681d2672ed4da0d5925d656933e61fc85a83fd4e34e26fb13e3a74223fadbc252

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d52f80efa94af8f91ef273805437e793

SHA1
2c53c34a647605461de6a413f923b425f5732e37

SHA256
358ac4453eb85827497b9b792142a7ffc9bf1f74cbcf3e89379adb7676d3a50d

SHA512
dea9402e92ca6caf73288fb64c89bb5931d9149a0447ce4e7f3ca6b40802c64e69359073bf01081a738794831553af5f8c19c48d15778e7e356b66b36180bf92

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d3077429f4164748783a1202cccbc75e

SHA1
c475b69bd6e5d185b39654ee810fc6856fcc4196

SHA256
07c9cd645cab591e94aecac7e346af469f3d7dc745ac42009aef449a1e9030bd

SHA512
af21ae77b970330d724066a3352112544308ea73354a23d87249baa2af76404cd1b1a57582b2b6542e6d0953d164f68e9ee4f61dca0009f1e27db6c803bac6fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23e2e55d8c04dcfb4d0db8112fbb747c

SHA1
95fa0402f344c0eca4bcbb88af15789e89039a65

SHA256
3c2adfc16016b6178ebfc154dd02a1c61c7c6092d00dc5af7abfce7c7eea4e6a

SHA512
b28704531ad6baa684422e0d2ffb209b8212493926b786e6a22761f736f86699f36f6d5c3b515c37360b02523173b388fcf8b5baae5be397fb3c6296275f1c84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
65d31f02ff3323edce5297ebb980d06a

SHA1
e6b802bf2fea2a21ff532d916c8c05a32a9983ad

SHA256
ff01907ef748ac9f4b6e21793afd3d140417bf170a967de028529f71d903aebe

SHA512
c83d4b1da1396730efb9efb5a03cefb6b97b2f2960d224d10d05465d3ede8fbc79bdee236331623b9c32004a2c1470db67ff249a44781b2f014acfa0b2fa57cd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0aa4a2674433117607a9e5f2d4984333

SHA1
47e48f7c8f41dfda50f0f56f7deee3bcbe1715ad

SHA256
a5fcd0b1d760b431ab9f6040f25c1e402559f2db66a12fb6936763d51b30e4b1

SHA512
dd660fcfc4e9f219be7af5a62b1c9b7e4e08bed097ba023571dae5858e3addd5847a66e260bba305b869013eb18ff30321b015f73ea1fd60450b746b6a3126a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
531cfdcd2c5935fef96e3cc39f3a4cba

SHA1
3e6d6d9ecd400f8efc177ed5d98dbfebec254f0f

SHA256
3764e3e4c6240f421a962e85930159d1091cf1ff267320453be2a749334d734a

SHA512
50aeacffadaaba685a1bb1ad79a97f472ae1ff226be14f95e1466ed7ca8f0b7655f4c85b5698302eb58117f120055bb27ee4aac95fa1a1c302d8dcff462ff1b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b025225dba632a6897581e2fdf4d3d7

SHA1
284e18b2decf63d8f9a1a057fdd0275e1e98ea21

SHA256
471e81f469e03ffbf968e3592946fbcd6c92283ba6a764ae8f85d57c94048f2e

SHA512
0ab4f5086f3c91a5501549ad19c6bade1c68d51c06e5484ee5b97eac67b0492bdf8aa6a5e1b16de22c576cca9ceb65e0f4a6c2ad5aa70ad417c37929f95962de

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0260219e629690e8d142d3dbca78fe74

SHA1
77fd4b16faee6403a3578813805ae38a6895209e

SHA256
89d5798cd2be6d8690832ac3989fdef4ce6442d975091bd1520266dbbeae86d7

SHA512
e35aa8b249cad408721b14567b89038fffdf8a83f1e8e4ba59564f71e018c769f4cc289c79d6adf3413609aa239303b2a25570319e40ec65f87acb19766af99b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9dd9e959700ced26b1d791d83e9bc2b0

SHA1
62f4bf9222e9040c9e5551cb3ef9084d5ce1c485

SHA256
2571eda5684f0befc0db003f38e68244b76ab0bfed2c5f8d3cdeac173756869c

SHA512
711b71e0135ef9a74812dd25b8f50a47bdb38d9b326a4090825bf4284485650f7b05b00d9346d5a0274b6528ae70f5c249e75eec952dd7e72171f13763d01c15

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
64a591c9af25385a6dec8309a06e8f4e

SHA1
90c26f86f6e0bfcb17870f2ecc1bcde209b0c222

SHA256
19764deb5b9c04ea0b2e19675e1a19972deb0e5560f0660aded9c322f08f668c

SHA512
d7c9cee90e20cc36b659ef5c9ea3e66a0e508cfbfc8c51f531215fa8f41e1d2c5b31584bf8adf97acd1a95fbe6ea8e3879136adace40e8e764364515c56f9f76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
276ed2e393b198ae73b9f0540be7a8c0

SHA1
60ca8aa2f9771f4833f77b90346d0bfd91198b72

SHA256
cc48175ba5623adb773ea11afb16517c5906b7afe8cd22c9ae638734939fa6f9

SHA512
bcda78e57c2cdc01b2fd697d7175962e4deef09a921ae135e25486635f73be56c96afd76d12ddf12cc81541b4875d295a575cbc20311bfb1e75f2eac20aed4ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6a86cfa2d590e1c26eb3ab95603d3e17

SHA1
b390268da1f0a9ce84c0f1430cb8b21373125229

SHA256
ee0dce52c8ec30f9cb254a450c426122f913c2465cf5dd7195dfa78b4940c639

SHA512
4454a94f3c01845ec9ac4edcb577c9de6cc3e8a34ab7a28a6f26bd3560af0f20204daf3bc8d6df5efc02d2051e8c51d4e84167ef0d3d74fdb41f04f4874e5ecf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
642a2404ed4d3f425e9acb43052abbc9

SHA1
02830b33aa47439b777eed0d495f42efd51634a1

SHA256
b3e041533c80a1751b29d468e93accb918134b73fa162d02167b89933ec66b94

SHA512
0462aa43bca658467b4ea2ca9f3309ef7cd195f7ae176469f7ad0130e6f295f090fe6faf7db30c043f545321778cc3edd294dcb765a4c855b3c191d916b2b06e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af3acd506c90b8c2d26e53e3f7dad247

SHA1
1e5aaa62f9acb0b1a0b58af454532cbeff3e63db

SHA256
ba0b5a9f14ef75164ae12bbda3d53b066471c705a1080a87521820a30865824e

SHA512
b6bbe88656a3d41c5c88e3cba47b08e32b3df02bdaf90faf8cdbd33fbbc380c457e3bfb1b9064dac676e4b05ae0f395eea43a2049af8383749ee13ca1f80b2a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5f1b5c7c4a1d23576c6e8d45ab1b14e2

SHA1
808ba82a1e9deec3294c933f2802c2621553a1a3

SHA256
5bda4048bf451e20c619349db204e2e4f11d6682942511d585ff0714c643525c

SHA512
ffe2fc9ec5c9053cfea89b6894fe41cd6fd473527107eb2aad406f592517b63c3242af04db9a782443f5c71a510db9ae2611e91e25f4cf8112cadc0cf85d1455

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3F23.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3F26.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3FB9.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit