Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

31883f9b10...18.exe

windows7-x64

10

31883f9b10...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 18:43 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    31883f9b10fb4cac9fdb49438d3fd8e2_JaffaCakes118.exe

  • Size

    35KB

  • MD5

    31883f9b10fb4cac9fdb49438d3fd8e2

  • SHA1

    c75c73eaa2329a884e150659155d8950d703b19a

  • SHA256

    869a349f7dcc69a13af993e6daa20a490fe0bffa44db15ffb6bc03cd1aa1adbd

  • SHA512

    65f114e45ccf2706b1e5883288d5b95d974a2debac21713307c973776b3f7898fb49d57ed2d33a846906ba0e62b4c0f935c0c2ded082eee997bd914fbc6cde85

  • SSDEEP

    768:lwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647D4:lwbYP4nuEApQK4TQbtY2gA9DX+ytBOu

Score
10/10
sakulapersistencerattrojan

Malware Config

Signatures

  • Sakula

    Sakula is a remote access trojan with various capabilities.

    trojanratsakula
  • Sakula payload 4 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 1 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\31883f9b10fb4cac9fdb49438d3fd8e2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\31883f9b10fb4cac9fdb49438d3fd8e2_JaffaCakes118.exe"
    1⤵
    • Checks computer location settings
    • Adds Run key to start application
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Users\Admin\AppData\Local\Temp\MicroMedia\MediaCenter.exe
      C:\Users\Admin\AppData\Local\Temp\MicroMedia\MediaCenter.exe
      2⤵
      • Executes dropped EXE
      PID:3628
    • C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 & del /q "C:\Users\Admin\AppData\Local\Temp\31883f9b10fb4cac9fdb49438d3fd8e2_JaffaCakes118.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2804
      • C:\Windows\SysWOW64\PING.EXE
        ping 127.0.0.1
        3⤵
        • Runs ping.exe
        PID:3304

Network

  • flag-us
    DNS
    citrix.vipreclod.com
    MediaCenter.exe
    Remote address:
    8.8.8.8:53
    Request
    citrix.vipreclod.com
    IN A
    Response
  • flag-us
    DNS
    g.bing.com
    Remote address:
    8.8.8.8:53
    Request
    g.bing.com
    IN A
    Response
    g.bing.com
    IN CNAME
    g-bing-com.dual-a-0034.a-msedge.net
    g-bing-com.dual-a-0034.a-msedge.net
    IN CNAME
    dual-a-0034.a-msedge.net
    dual-a-0034.a-msedge.net
    IN A
    204.79.197.237
    dual-a-0034.a-msedge.net
    IN A
    13.107.21.237
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=
    Remote address:
    204.79.197.237:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MUID=14FDCB55130867B2006EDFE212E8660B; domain=.bing.com; expires=Sun, 03-Aug-2025 19:24:23 GMT; path=/; SameSite=None; Secure; Priority=High;
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 436E5982ECFF48C193B020B00A83050A Ref B: LON04EDGE1005 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=
    Remote address:
    204.79.197.237:443
    Request
    GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=14FDCB55130867B2006EDFE212E8660B
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MSPTC=Dko3MzneIULVwSubVOcb5hyUp93VPL3lIPKCiLHummE; domain=.bing.com; expires=Sun, 03-Aug-2025 19:24:23 GMT; path=/; Partitioned; secure; SameSite=None
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 598D2C447585424E9AE9FCF9C2B73144 Ref B: LON04EDGE1005 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=
    Remote address:
    204.79.197.237:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=14FDCB55130867B2006EDFE212E8660B; MSPTC=Dko3MzneIULVwSubVOcb5hyUp93VPL3lIPKCiLHummE
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: F752200671D742F8BD3F58C1702D8D00 Ref B: LON04EDGE1005 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
    Response
    tse1.mm.bing.net
    IN CNAME
    mm-mm.bing.net.trafficmanager.net
    mm-mm.bing.net.trafficmanager.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317301732_1XU9VS499YTY2RBMB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239317301732_1XU9VS499YTY2RBMB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 552873
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: AFD756A58B4244039B1625E35C5500DB Ref B: AMS231022012027 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239340418575_1DFGQU5CLQUV7W36O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239340418575_1DFGQU5CLQUV7W36O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 468734
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 3D36C394203543ECA30EA862BB7EEFEA Ref B: AMS231022012027 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317300897_1II1YIPQNQ7MCYUAK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239317300897_1II1YIPQNQ7MCYUAK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 431275
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: C78B6581D2044936B64D9627EE627343 Ref B: AMS231022012027 Ref C: 2024-07-09T19:24:23Z
    date: Tue, 09 Jul 2024 19:24:23 GMT
  • flag-us
    DNS
    8.8.8.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    8.8.8.8.in-addr.arpa
    IN PTR
    Response
    8.8.8.8.in-addr.arpa
    IN PTR
    dnsgoogle
  • flag-us
    DNS
    237.197.79.204.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    237.197.79.204.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    55.36.223.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    55.36.223.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    citrix.vipreclod.com
    MediaCenter.exe
    Remote address:
    8.8.8.8:53
    Request
    citrix.vipreclod.com
    IN A
    Response
  • flag-us
    DNS
    citrix.vipreclod.com
    MediaCenter.exe
    Remote address:
    8.8.8.8:53
    Request
    citrix.vipreclod.com
    IN A
    Response
  • flag-us
    DNS
    citrix.vipreclod.com
    MediaCenter.exe
    Remote address:
    8.8.8.8:53
    Request
    citrix.vipreclod.com
    IN A
    Response
  • flag-us
    DNS
    99.58.20.217.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    99.58.20.217.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    29.243.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    29.243.111.52.in-addr.arpa
    IN PTR
    Response
  • 204.79.197.237:443
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=
    tls, http2
    2.0kB
     9.3kB
     22
    19

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=3816ebe045494a3389f5b80f45336cb0&localId=w:5B67E6EF-EB19-3B8C-6273-F1B27270E62E&deviceId=6896204247044651&anid=

    HTTP Response

    204
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
     6.9kB
     15
    13
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
     6.9kB
     15
    13
  • 150.171.27.10:443
    https://tse1.mm.bing.net/th?id=OADD2.10239317300897_1II1YIPQNQ7MCYUAK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    tls, http2
    56.8kB
     1.5MB
     1096
    1093

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301732_1XU9VS499YTY2RBMB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418575_1DFGQU5CLQUV7W36O&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317300897_1II1YIPQNQ7MCYUAK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200
  • 184.22.175.13:80
    MediaCenter.exe
    260 B
     5
  • 184.22.175.13:80
    MediaCenter.exe
    260 B
     5
  • 184.22.175.13:80
    MediaCenter.exe
    104 B
     2
  • 8.8.8.8:53
    citrix.vipreclod.com
    dns
    MediaCenter.exe
    66 B
     134 B
     1
    1

    DNS Request

    citrix.vipreclod.com

  • 8.8.8.8:53
    g.bing.com
    dns
    56 B
     151 B
     1
    1

    DNS Request

    g.bing.com

    DNS Response

    204.79.197.237
    13.107.21.237

  • 8.8.8.8:53
    tse1.mm.bing.net
    dns
    62 B
     170 B
     1
    1

    DNS Request

    tse1.mm.bing.net

    DNS Response

    150.171.27.10
    150.171.28.10

  • 8.8.8.8:53
    8.8.8.8.in-addr.arpa
    dns
    66 B
     90 B
     1
    1

    DNS Request

    8.8.8.8.in-addr.arpa

  • 8.8.8.8:53
    237.197.79.204.in-addr.arpa
    dns
    73 B
     143 B
     1
    1

    DNS Request

    237.197.79.204.in-addr.arpa

  • 8.8.8.8:53
    55.36.223.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    55.36.223.20.in-addr.arpa

  • 8.8.8.8:53
    citrix.vipreclod.com
    dns
    MediaCenter.exe
    66 B
     134 B
     1
    1

    DNS Request

    citrix.vipreclod.com

  • 8.8.8.8:53
    citrix.vipreclod.com
    dns
    MediaCenter.exe
    66 B
     134 B
     1
    1

    DNS Request

    citrix.vipreclod.com

  • 8.8.8.8:53
    citrix.vipreclod.com
    dns
    MediaCenter.exe
    66 B
     134 B
     1
    1

    DNS Request

    citrix.vipreclod.com

  • 8.8.8.8:53
    99.58.20.217.in-addr.arpa
    dns
    71 B
     131 B
     1
    1

    DNS Request

    99.58.20.217.in-addr.arpa

  • 8.8.8.8:53
    29.243.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    29.243.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\MicroMedia\MediaCenter.exe
    Filesize

    35KB

    MD5

    e2056e9a35b1ce3cb4f416bf186b6b51

    SHA1

    e9288c4e121ece5ff04eb99dce65220016b8d7f6

    SHA256

    4fc2340f1565525174b0945363584b6e2642efd05c9ed9281df07b37a71a4912

    SHA512

    4efc5c8a0ec2e3de2e85534bd00de113e2e5eb9d3695ead0ea5b3ada4f1a09f75a195d1f0478702b38633bf2021bece311ebe1db7a0b03220fb389023afffb9a

    Download Submit

  • memory/2860-0-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2860-6-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2860-11-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3628-4-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3628-7-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3628-15-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.