952deb150afde3adb6f321b1c8cab5135b78575ba5c23f2c8380bd3c129bec38

Analysis

max time kernel
141s
max time network
148s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13-06-2024 10:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a50e61e3ac6cd9d3adf90b5584920d8f_JaffaCakes118.html
Size

3KB
MD5

a50e61e3ac6cd9d3adf90b5584920d8f
SHA1

ffb5461a268e207faf889ea37f30dd86df8a5613
SHA256

952deb150afde3adb6f321b1c8cab5135b78575ba5c23f2c8380bd3c129bec38
SHA512

cc45bc544455b47e80adc8d340a1461ba2ec1bc15abf0b44338d9fbcdbd68d542dd1496edf4fc4d3881b9e3e1b7f0218df710e86208b29565be63c3f358196b9

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000475c2cdcd3596447b658720af99cbba100000000020000000000106600000001000020000000e43f1ca3798c5c93120e0377071f1bd99338e011259b28c934969769c1c44ced000000000e8000000002000020000000de4b2f79f86250f2ac29ad3584d552ae57c1f10be100bd2268107e58aac2320590000000b761aa4dd470225e8dbbbdc94969e36912bd411c7721cef2de237f1819963599b63cfca772037331f872132326adc998324b8e72f8fb6d9170d2f24fc2c11253eacd31a629c2ca5eb0272bf2689fc02b34d6cc12cf73d923cbf4cea2c57baf0e320968151174c9a23b2c28504ecbd982bdc51a2606561cac709cc90de54a455cf18b9f327db0446de7dae6d5ecabab294000000018a99f0b30b4ef7cf7452da120a2896022f55001937a7a97345160499e6ce84cddb9ed640978ff48590d79eb76c39202c2407aa52008786d1e85a139fd829fe0	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AA613771-296E-11EF-BC57-569FD5A164C1} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000475c2cdcd3596447b658720af99cbba100000000020000000000106600000001000020000000562fa9906661ce2917bb7c19a2658abc238c847dce059bc682b7ba36b76d81a2000000000e800000000200002000000078006029a422185cab4f7c6ae084674152892a36aa8dd9aac953403fbf73be4920000000d71dc3fd4207f8e17ee5cb1b056aa59beed1f954d4e3781d939ddf13a936b9a2400000001e940bb82fe289c35adb3f0faa8b7d33e1d4e4d0b524d8037ec7644de0eb72ac7c8ec47bfad3b9777c7d636c67358ea70d048facaadf3d6dd344ae3f3c0ae315	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424435943"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c081337f7bbdda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1132	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1132	iexplore.exe
1132	iexplore.exe
1188	IEXPLORE.EXE
1188	IEXPLORE.EXE
1188	IEXPLORE.EXE
1188	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1132 wrote to memory of 1188	1132	iexplore.exe	28
PID 1132 wrote to memory of 1188	1132	iexplore.exe	28
PID 1132 wrote to memory of 1188	1132	iexplore.exe	28
PID 1132 wrote to memory of 1188	1132	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a50e61e3ac6cd9d3adf90b5584920d8f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1132
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1132 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1188

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0978afd60e4817668319872714ab66fb

SHA1
ffa1f9df4d408aa0a191ca12c57e5e89f72e5a74

SHA256
63efdcdc9f768ca2ef5d61bc53a38c61bea648d8b8c5c7b767a1eeb8b5e4ceda

SHA512
8c33eae83737fd59280c10dedc3f52fa872409a63ba091876de589ad5d590689d25613faf9c34c94347027a8fc30c2416fe0895e5d8cddd88bc1579c531d267a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e7e12f2f2fdc289bcdf417fe0faaa36

SHA1
94a643cfec4c24c174a9f5dab57c01639bbcc683

SHA256
3a09fe0945fcb3b5e44367c168842760d86b41c2e10820649710c87ab85b9fae

SHA512
99437e7ad31f716ebf4566da576aada576b100f397def5e9fe19a5404fe08cc1a56589e41e06dfeab43fb6a02265fa55258c71631c3390b330f939c656cb294f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
11c4923ae0d254d80caefda8149f501b

SHA1
c4eaff07f3bb789bb51840667738d87e48d573f4

SHA256
f4080e9da71dacd256e60d37558b94c2ec5757c55206e4cb9249991066c11f1c

SHA512
7c07f52bc55e354d770c1204d7ac69914c5c7c1ce16df1bb4731f55629819e80a0e41fe1d10d56ad6f5191daea57abce0f177bcb3c736b855b3261aa451a84b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c01c5e4328fd2077c4b5d7356480703e

SHA1
f6d504e9aa18701d3b5a42b330ee3d079eff4f66

SHA256
03249b6354e3b5a8f2fca42c5061bd3881775ee460f875d22e798b5864ca3f7c

SHA512
8a2a58acf116a1eebfd816211f5302c6c36fa38d2058a3f8f5bdd8eb5526c8b86bb4d5ce6e39159eb12c474860f82112c02e9aaf9700e4209f15f88eb1e6d025

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
983473e33efcd58d912772ca2a09b7c3

SHA1
054dd7d7d8bfa8e103addb983211398b5de3369a

SHA256
54500314bfb73fa21de0d1c7e11a4e202c9d3b562a8810b6b3594ee6819535f9

SHA512
8f44ac723a7a2f5418ba2e9f4c4d11a3f5578d497eb3e7cee18c8fa261eb510f8e30883440c997249d0aa88932050dac08f8946ac19cc287a8d59dd7cb99bff5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
413d84a3a7378e5271691bf6047d156e

SHA1
80835c446e2a0c9c6e195c0d535f63af77e7cb1c

SHA256
e79609176c3c722f304bc1d9dd3ea02e06cadbb96973296cc89cb66676f7a22f

SHA512
ce08e8aa119c0588920a1915ee2a1c439913d35ae1b1407a100dcc3585f1c43e220523867b086e2703f51fddc3898b69ca16c58295973c42d1e86f2e08a35ad8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0342adf98ef364f2213b0201c5d52077

SHA1
9e7b86a76fc58b67a51802db914ef07ca526398d

SHA256
8ad6f41e1f95ef5c707c596e4802b1e1d1f112ead4abe9955e4b1d6b932bfdfc

SHA512
0788951665be2b841e8364a73bbbb7decf9134154e7d143719eec1437a05f085b2b045d72dbfe97f475648a65806f80d34066f7f0567b489051ae78470b292c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ce9e5fddae68bc29053634037727f10

SHA1
65a5815449fb11b06f96d8e53f54cd3a42390064

SHA256
1f752812b775d134ef160734370d73e57166d431b552159ae73df4407e9766d4

SHA512
49b4ce00c2eae1333195126fea36776fbaa140e5d9940fa94d86d4d7180e3ffc975313f08cc4aa83748a68f426dab9fbb84269ce7651fa8e26f923a8ca2afa88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
500d86d1cf4d1181edaf4bf80de28428

SHA1
d3171915c1829e58477763b82dc543f5ae68c14b

SHA256
7946a831134aab770c31c404a0049f60b4dc74d9c362d9ca28c7097475309064

SHA512
800c136064af85e620b16bd81733bf6fbf8b4e557037a1feb89065cbc6ff8cb1bf95a37f0ad0fbff69971e77e2dac85a85b3991f1b9475af2d9651bb5c84f1d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8bc7410fa317f22a5596bb236552e0a3

SHA1
e5b6db28151da180c2a5d78e1a741186157a77a5

SHA256
250b251070cde93308c1583cd6e880b4977880591895e2e941fde4f48c2c09e0

SHA512
9725430ebac5c5421558eb9a4df19b9f8819e57f5800574d73c04ed6685afb05ee1169794e54eba15bfebfd59469802a4faa683dcb56b5c6ae95d066b111fa65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a95a83bb6e2842a9264375f06cab3fbe

SHA1
a8521be7f4c508eb78ef36a959be43b11e386028

SHA256
c8486d381091cc544523f0e18e7d26bedf65c1106d9d8962e745a329ad388238

SHA512
7e36b676fc5c39cde1857b4274b6f6ac5d41c43e6e708c792236fdf506b900e6bab4a3133227c23e92d646b6b1807e7a084d56e3198e506454cd504412e57574

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0f5587a7f5115eb5dc3fd441868b542d

SHA1
625210e6a0442e23f28713a09a3be7e2947d9999

SHA256
10343d14f887c8c6bbc4db6d3334044c0f464ab196eec5d4a2919438a2f940be

SHA512
19b6430e78981ad4702cb000adb337d769727d1fc140d146fd7b0637a097f0aced1977aba435a20e8e513383ce72f82f90d61c05360e87d9a183fcb3ea0e477c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2f0f2d7ca7dfc6ae3302cbe0e0ed461

SHA1
0056b60dda4ea8a0057a6412f253e46437eee6a6

SHA256
01007ef8c0b3ef28b8d7a818b6356d9ef55c00b9b2ff31a89f51aefdb28bbceb

SHA512
6e6f4526b58fb597d7b79ab82990c27afa63c0fcb53ea8bae58482af3670717a5f1e7c174159d824a0d6b6e0f89587c208eb9ac3c7cde33d92b4189b8ffda79d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f859ae7253bde1fa949820649593d232

SHA1
4c152faf47ac9a066c99ffb4424cd7038280c27d

SHA256
3117e9b548bbcb67bc0383bf75fa6d2080c1840df27bd61d033469044b60b96b

SHA512
8c8f623036d1f9cb126d98ed790e19950b52a30d1328ee93ca945ee3f70ef6f47f7e83484c1d508e08ad34243da08298d4fb93eba1b52c7c329f5a7955293a0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f8a925f4648e9463f86ca746bdf95d19

SHA1
39a690e2830a8e03dc2da765dd8a5aca938ef4e3

SHA256
9f7cb4a3cb4e1e309d22b869633658f20ebb39597dbe073b6fe1be80c58eaac3

SHA512
5b1ba31f47144e41456dd1a579d09218459150a409be2bdc67324f2d70577cee3bdabd3d86d9635c3d90752969640b6b9c874b4e4511f8a0c9d0dc58f30eb49d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87cd364f7b38665d4b86d78ca19513af

SHA1
2e1948ab6b86d49522c9aca82d5e782c6d62a6b6

SHA256
c58d27a59283dc3a677e98a4a36ff1fd0ec6353e3ce341e54686c3a15060af66

SHA512
6b2b5d0c26c792d4d17fb45d68f70a633f984ec19f92c07f024343747dde27a5365790ba1d999d3bb252438e35a17f85e15cea401dea979099ac4c5378bceeb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a90b24c0a4e3bde5c3fbe17d4ff3dfd6

SHA1
c190f5d445cf23fdcf03e28544fdd55006b66fc6

SHA256
4bab57d39161ea64361db8e8cd9a73b3cb87d63f64fb3c55a31e742d095e0380

SHA512
9c23ab579706fc9fe42bb77544f11433e51621168e948fe30962fed649f8c335f183e312c809644921e6d6961b032eef417f5b501d0e769ecb3d947144ec20fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab39B8.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3AAA.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit