71f44dbed08cf4b4f5513c4043d683ac0168a5d72285fcd7aa484dfee14dad47

Analysis

max time kernel
139s
max time network
136s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
13/06/2024, 12:21 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5822a6198c5723ed7d7fcfbd1995be0_JaffaCakes118.html
Size

55KB
MD5

a5822a6198c5723ed7d7fcfbd1995be0
SHA1

0d7c5dc4714d5097da197c98590dae9884dac954
SHA256

71f44dbed08cf4b4f5513c4043d683ac0168a5d72285fcd7aa484dfee14dad47
SHA512

ca6993bd4ab5b44bc279a57e3d9b290546094fe97b3e1b4df568082de0a3f7756f20661e6a661708b40c940760dae49c3e475af39033cd073b19d9b91360d59a
SSDEEP

1536:tT5BNm3Ez5OdmvvtNgSqjqyqZqIq5cltOTZbiqfZOWq:vBNm3EjvtymtOTZbiqhOWq

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7B910631-297F-11EF-8144-CE80800B5EC6} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000ee93c3124b4ce3203982693022ed976ce3f4daf7a69745a0cd8c2aac37740961000000000e80000000020000200000000dbe614583aff05a14633d20bc4de7a09d2322f6066970ce2ececcfd9075760720000000d717142641792ed1996bd35700127b9dbdfa714c48b3f9a5a8bf7fcd0414592a40000000e86ef364b94ccf11cfd578a96fdf1ffbafd4e0215d9fd5c01a609ff35ef1f44590ab7ec8af6b366ee0bd7fc0a16487db4234079528f45f243b7ab107b49f88e7	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424443168"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70fafa738cbdda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000096a8010de5a8cd545b85a5dd87594978022ae3d1ff80ed2d045710e4e183ccac000000000e80000000020000200000003653102335a59f4bdd66c6ddfd8cc3e4820a3b61bf0ea03f340051f17f517514900000006a54272b21c19d1c6be659b31a14f756eb67ec00ac649548cb1fd864328c858b4ed8287332a41399ccef0bf56b3c46b4558c2f7f668de5e8bfc5e5193ced5cf4fe1e6944980335cbd6cad84cdcfb20288616634747a15c4c90ac453ecd72ceb835553614300c73f05367053235fd0f5a538ebc858a645bcd8cc4b9747eb00cf01ed516a12eb9d8f87f46f7b6414e6f6540000000bb7ccf1d48d0ddc162cd2333430f389e27d8720017e4607947780984a556453a4bcc3022755820633abba542f81810df0b2630cc14275223c65893a22779f808	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1688	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1688	iexplore.exe
1688	iexplore.exe
2632	IEXPLORE.EXE
2632	IEXPLORE.EXE
2632	IEXPLORE.EXE
2632	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1688 wrote to memory of 2632	1688	iexplore.exe	28
PID 1688 wrote to memory of 2632	1688	iexplore.exe	28
PID 1688 wrote to memory of 2632	1688	iexplore.exe	28
PID 1688 wrote to memory of 2632	1688	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5822a6198c5723ed7d7fcfbd1995be0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1688
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2632

Network

DNS

avastkeys.ru

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

avastkeys.ru

IN A

Response

204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

845 B
7.7kB
11
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

999 B
7.7kB
13
11

8.8.8.8:53

avastkeys.ru

dns

IEXPLORE.EXE

58 B
119 B
1
1

DNS Request

avastkeys.ru

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b5b17c5b057e1e42d2ec0d817ae1f66a

SHA1
c5247a0883d46adaa64349b755bdc09504592d91

SHA256
36cd3d5e1009198f06db7e3fd8cf5068c74a28652b05d54c5ce4f55d9a4647b3

SHA512
c06ed226572d0d7c20034f30dac1ca2519ba3abe1bc3287bdbcae7ffa80612633addb7a4cfd181e9019640c6ed97184b144106d86a02e24243776057cc346c5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
436ccc78fc14c5f218672278904c1bd2

SHA1
ba8428ef6f0ee743976a46475e01be9bc15fc9cc

SHA256
7d1bad012fd60b534a69686285025f072bfc231610afb147885f5fcf165793e0

SHA512
20f8c57013600494f2f9b09de6988a3e0cd6cd692fb8c9978a52b0087ba60beca7b7e5438d829f735ecf678998c0a366d99eb224fb3fa520a071451ab9c7e049

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
beca85d211c36cc7d45aa4b0b1ceaaff

SHA1
0223776f7a5d77ac1cca83c2e263e87a0788f9b4

SHA256
186d30d479b87dd74ad36de3f5a532b1c3e106883cc50641905b0e24acac2bba

SHA512
2934616f3db71fbc1864ff7978213be398c044538eb20ae8fac1ce75dc539753895d051736a9862cabf153df69fceb35d8eb699fdfa8d704e0d9886910c4920b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ff84fae3deaa7d635fbb37a553ecee19

SHA1
eaab2d17d4cf8314b1cebf41cb01c5bc9abd4151

SHA256
f732353db0f3e17ccab2c86519156e84c43f7fdf6cbd87ef81a8a197d8b8b7b4

SHA512
14ec7736225ecfcf15632c2e09237946fe8885648f38c8ecb3a987ba28db4847aa1de525e7a24a156779ec41bd6210b2544842d934e1e2ec9a71cdb8d4cc6876

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd987058e073e5c8bde8feacf07b78fe

SHA1
7248cced67b486d1c454ab27e9cd1bc673ecf1fb

SHA256
e14d8409d3d6e0960bd025bf89acb596d0e870c103c8f39e7c9427ff56b67764

SHA512
7aee87c5cf3a6d1b0d2741a3abf173ea7f7bd710e516111a48868d1523c2c0f56239a760340080816eea7dac218b66be1b520892bd24f8663747fbfea0f64148

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ef5c7c75b69cfb3ed010521c9a3d905

SHA1
652eb73a46397bd6cdebbf7af0b322d391443216

SHA256
a165cff4ebbccb738d3dfcbff5d23f77a1ccdefb86081e44e99deb27f514158e

SHA512
f278ff8f441f26865ec6f1cf69e2f3dcf4245151593755c5c3583cdd2de710b8f4e9914b4d2840a2392bad12c416fb8daf998a49cb023b43a71651049cdf200d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7cca5b30b3a1d9ad31abe833d74a6fc9

SHA1
24cdb2c3fc3424f51f965bc8288ab831990bc232

SHA256
15987822178a312064f985d456fd89d476c8d514fd4994ce7e8691996ce57cb3

SHA512
7040de1d5d81c59acca851d7402affe48d89ffa0dba948a898f92a5e5826554ea5fdec4c4a5f0360bca44953dbae3038c5a2865d8a1532f2d52ebbae8b3fcd89

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e51c4b9182ad16f0cdb44afb35cb7ce

SHA1
06d3a9386348b69a3f527093d6c8fe36de2f9dbb

SHA256
38405ca9aa567e64f47866dc9e45f18dde902b9c6d54d02acce26f8a9b3a6eb2

SHA512
350dccfa5df6e57bf7903d099eeb90aab3c071715440c8dd8ed359dfab6e999962b7c9b457602591a0a824a7f32d498968991048688fd3283bedddc085e3783d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c423c3f509c5b6b2c55961e38bed903c

SHA1
2b0192f1087554908b6402920d65ce1cfce788be

SHA256
753987be9b2852942a128106eb3236d48d0fce578b989e3dcb9e8822f1340261

SHA512
edb72c29445c9cce42a7480852cabe95905aaa37293d59495bd2966d30df180fc46bf7358cddcd4b9a6c95612e8f097eb49d6c94d298654e66219d8dcb8be2f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6567c4b9e583ab1ab3cb051c7d1acf55

SHA1
9d559fc4f1b06631640d3d6713c3c47ef37f8115

SHA256
36ab383699ea30e7dfda1dec3aff353931e239ce3c56928545f88b9cffae94d9

SHA512
c95037a132374b278870076f27938ebeb67f7513691ee86a5cbe467ced445d59707c01a56396eac7874eaf10c4c1c77b96874640c0d635254979315d864063c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1b42c7337d0b634ae9f20f13b98dc76c

SHA1
2e604d0abd63282a780c6fa15af3e52c2b2ce71a

SHA256
65b16aa6ee511817762b288f0c2f4d484f9d900d630e188bd02a49f68768f661

SHA512
92122dd189b1b243d5d52f656592087cd37247975b967e92e796694aa225611efd2f18697f8d84985ca790c6f9c48c205e15fa4efe2f4e69a7fa05394088e94c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca6c394708cf1122465d771098377119

SHA1
a7fb25e05e604749f852206daccb9b28437513a5

SHA256
a0fb2d78e938180e59503cfe7b5b54412bacf84983efe68c5db022e703b91ba7

SHA512
7739395359ed8f45dc975bdd43fa8424f889a84cf2c97dd9696e70bc2327be7efa10dd34076538cbdcdb6b6d4ae9e07657d347de9fb5ae248d11441d7b068563

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45878c07c62199db8b055e5a3b57fac8

SHA1
fcece6e0b300177e8b7d4798d50dfeeb4a369ad4

SHA256
7dc6ec1ca8cfbbe9309125ab5429b636ae952053a778c3b21daf93d5e86c40e7

SHA512
21141cac7dd13702a0a7056023faa9cf94074b0f29f3c2872ad67f6910c77556fcde6c7077a17700ce15df333025c0793d723b97150ee4a69087682402fd50e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
59a0d576762debfd3dd2b8ea420c5854

SHA1
03b941379cd565733c45a8e9ece80690f0019b9c

SHA256
a0c34d4e52c6d14bec611edaff3d924c7ea75af5841e18c367fb3fbcfd938542

SHA512
1ba942ca016bf5c9f1d63cdda59d9f3716c9ca55a0a23173be48788fc1a5e0cfe291557bbc694d91b5d12bf4bd7481e1ceb8944a7dacc6b86be4bc58fc8d02ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
008362e5ca74133f78b9107b93005300

SHA1
49ee1e455140a5bddbf062a0b2dec7c635fd5340

SHA256
a4c38ba3c1a3571b3ec54d35c2fd6c664882e98a886444d45b31e8195e0387b5

SHA512
f3bd8f0d0d1b457d0dd18c3d3e444d3e31606d922c01c8fe13ec3e8caea432debe658b08933544a8b569fd9928c4595a8ac6072b7d70499a73feb27d5591c885

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ccd027e1fbaf8f4d2ac9e27e2c41ca0d

SHA1
979e802268779182a77d5a22c54b22ee97900594

SHA256
97b5ab32619faa89025219deae078adabcc6b6d32440d12306ca8ce946311831

SHA512
72f01a23806a81275b0e3597527c006db01cefdcf940e04c5264ad1bf2cd687cfe0631765946be6c5e69cf251bd2014f6648e10cc4ace1aa395c72c2b77524b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b46e786c87a651e01460614c33a48192

SHA1
98a03ba3bd0cf5908d3b63dc589b8a82c49c8b52

SHA256
ccf1946cc6dd9a5e2ff7af8ff9a1030dfc6abc295175c2023529d40dabb1706c

SHA512
2ebea15571293f3a6baa37d7f4e93eb50fd9ad660246256a2a833142343b4ef4c0ecc111013a3baa106bec2241f72f8a90e8f9c93bd5db5a42eaae4653b8fa08

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab562E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar56BE.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit