47e28f804605cc25ea04f772cc6fb6a24f3c2ff54ab89e301dfde97cb043078f

Analysis

max time kernel
136s
max time network
134s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
26-07-2024 14:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

745b166c2b279e21fd5b70e26bd2fab7_JaffaCakes118.html
Size

14KB
MD5

745b166c2b279e21fd5b70e26bd2fab7
SHA1

555ffb9c989471bab47aa3ee32603d135e01149a
SHA256

47e28f804605cc25ea04f772cc6fb6a24f3c2ff54ab89e301dfde97cb043078f
SHA512

7ba4f6da4671da71707faf4f520d24732854c59997ece6415ad9ce0481511e0da25246dbf2ef8672440d919b188a4db903fe81abe6c5bbb8ba5cb00056b37c86
SSDEEP

192:Od6qYNPMMnIooSGI/idP8EigKbqjY73WuNpx8ikiuNphVa6eyS8:OMxdiiLqchehVa668

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b7000000000020000000000106600000001000020000000c7ac819aa689f3f31c37f6d6b18b95f66b891b11970efbec9138dc3da03e6a37000000000e80000000020000200000003db68db06eb1d969f21ebb052fc46219763de78f78b3c1e9540b87ce3005cde5200000004fd6ce1646569bc5eab0f7feed3ba703eb57e18eef30ac06ac1c24b70f0f47d94000000094f3b7bc3f25db393defaf0969ca7ceb81a058313303e987cec649b7255a90915486955e32378f8d5503718d7452bda785da22b1c0fddfef00f1fad236419dc8	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b70000000000200000000001066000000010000200000007b2ac0f3c200dd69aa2be00acda7f46a1bc443018c0c69d7e2b44202d991793d000000000e80000000020000200000002b3b0f0d8a5a1d420334968aa71e957a851d088484fc8d6a73453b5365b17e3390000000eec71ce0d9b2fae889793bc140c1df281637417a6f9e88f712e912c121cd7a24da8632e251eace0f2b13ee296bcb53dec8eed2a4a9d9cf59bb4970cccffa02ed42600bb0aca94ec2603a47420d177a453ae3eaf66d39d95733066f515c8caf93fbe6022ea8ad2833f29a0c69c4c320ccaf07e13a40cbe2c4d69e1b3a1dd045f05618d868b671dd3e55b74500ac237d314000000046a9dca725366702b8b57d248f9f9d2c9e5d25000005ee1a0201c441801074d82a193a536c75225f095c63deb61645a617730576d1a998eddb54eea01ba4664b	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428170476"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0cb59ad72dfda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CC19D5C1-4B65-11EF-AEC5-4605CC5911A3} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2360	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1876	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1876	iexplore.exe
1876	iexplore.exe
2360	IEXPLORE.EXE
2360	IEXPLORE.EXE
2360	IEXPLORE.EXE
2360	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1876 wrote to memory of 2360	1876	iexplore.exe	31
PID 1876 wrote to memory of 2360	1876	iexplore.exe	31
PID 1876 wrote to memory of 2360	1876	iexplore.exe	31
PID 1876 wrote to memory of 2360	1876	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\745b166c2b279e21fd5b70e26bd2fab7_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1876
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2360

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
471c6c2ee1af76ae0a60667cfab1299d

SHA1
7ac024870894daa858539011bd60704d6cebc74e

SHA256
616ce565e382534c761f55433a948f86a090d7c806941a0bb2c100a2de9831aa

SHA512
58e9471e576c85e7c19493f95d578b2403c95de3cd2bcdd4dabdb0f8ef647eebe082c862d2ae99820d2c6546f98379c3bedc981a2f5afcf797fa50e925e2b507

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
263582957e1d4679ec81c711e7ea8850

SHA1
a8c014eae359e01ab81d38ac8ede2adf4af8bcc8

SHA256
87a874117786000a01f145b39fdbebae985c4e900a49e6e85d4da40e704f0246

SHA512
89ec9b90e543842094be32176dff8fa5e626109f4e43d3da188997f0b4f24999aac51e3a9771c7988e5e493c321e67cada0f6fed771bcea97285c48a90554ba1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6bc2b7834b7b44d22ac26735a18ca7a

SHA1
35545512077e19d3e84519cc187627d4740a5bf0

SHA256
cf31f723f52c84548001785d192d4e9d9b33bc5b22e582089027116a5139b8e7

SHA512
dd82659ceea84e9023d2292590cc405c3d766a9f0468ace0f9e5a648ec68bb1102313fac334c89726d6f490425ef1e2e86d475df2d1c77245e0e322fd13607b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
666031bc90dd565a6512185e50c4dd04

SHA1
2a34619bd3be8cd6265dcbb97464df289b35e12c

SHA256
debe4abc708e78c9779428ae7ebb45350aff4b8a0f98fca87a06274f0b8598bc

SHA512
d73e0d91324385224056d79441d126891e281914e522dd92e79e4fab9736ddecf34cc8883906fb177de6bf6fccd3cda6dd0f0bfa101efd9f0eefcfa492982cee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92a39c7264c0fff9548048628bf94dc8

SHA1
8f4273856fc778762998afb66d1e72f309154f11

SHA256
27a8b6dd665968d03addfe335cd5a3a86508a219d441154ef91fa2f01c15d335

SHA512
922e859d6bc3249088f477197316bd6917006be52f929d93e8dcd53248bd831b140922ea1273b4f8b646095f39f7e23f3096ef15586971acf4193c56d0145831

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ca18eb680dfc04966e6e5e593de23a7d

SHA1
c55b7c003639eb3a5c616673af186726df40a1d8

SHA256
d28e341aa0f6fa830a5b96a5daf1d7738fcea2a74e00de821c802f6404f35519

SHA512
51d7a68cf50970b695edbaa04caf1aa5142c921a65b9e77396378cf8995749fc42f591d99bdc4a370e59f06c253250f289e551efab1ec7cc353f32f344568ceb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
510aa559f84066ec27146d13b7d9ab7c

SHA1
2c0ef4996909cb752c6d9c1ab76f3c1c326f3198

SHA256
8f28326cf28492cbe285ef5debd8ee145b88c58afa786dbe0015ea417b641a1f

SHA512
a27c1b0244b1e2e1d47978879df5641958b010b3505f683426d833e0d139849d5cedb7f660587daf9b5e91e9e5b4364c2043845634301cf615a8b588caede52b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc15635e12bec4f2fec78afa4397ef79

SHA1
96ffdf1cc8cc22b13707d0d948947d2b0f3c5e5e

SHA256
7814e3dd96057fe95fe2a8826dbd0e3767116a77aaf666180be1472030ff41d6

SHA512
808b2917ae2ff25b5f238174e8a5c057c049f572713aab1e74710797beb788403b0493807ddc0cbd2e41a2c077e352736c261c383ccb8ce95c90c0a2e6cde619

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
65744db10c34218339efdb4731d81e0d

SHA1
ee8eaf8e707d31c1247a70f3db5921b63c3908fe

SHA256
a7ababebf79caa5540e673f23457cd47cbcb0bd7272564cb91691ca504391eb6

SHA512
4d24cb15eb8b3031dbf098d6bcbc39f2630c1dab5017523bd454c4b6b0df3cb8e57ce8e2dd5bb16e099904673b88ff9378fc53c91e9576f0964717dd7d037381

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d49a65af3a389fd2f7461275ba08bbe

SHA1
44296f5c128c365ecdd220b1a9e60918c280004e

SHA256
ffadb19fbf322cea92e739c6807445e3ac69b5a00c916f7f82c8dc2c8f4eba6e

SHA512
aa6a5dc90fb945a3dcd28656c775d7945648fe9a120f224001b82b0f9089dec8559add35478c624b9370dfed9d18351ed82aac326aaef04550e9ad6efc28af86

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
392359dca13bc2bbac8be3a3679927e3

SHA1
a7e9d9ca7653756616de502b52cbdd34047b826d

SHA256
940a7cf07814f7cf46752112cb2c46ac512b02ca913015b0a08fe1181ec00498

SHA512
bef71eb3e2f6cbd46317529276cdf6fb7971bff9c337893899266a3ca27a1eaf6654a34d107ef68ee9bf8092c801363415e7d739ca32324c4165666b50d1321a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da3da0ba161c2b480e21e6b009def488

SHA1
6ecd7cf497b945406218dd301990dad2b8358006

SHA256
27f482f8692b89c1c902920eef47db1999dbc03cc7103535bb38d2495a12d5f7

SHA512
61ffddf9860c35898c61459709e9ba75e186de7b262db29b4f3e56b9b4f4cec877937b2865ec37f797ca4e03f7c1fc0bf2f401a3556ab6c641c88e147759f87d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2a8224c4674949101bdb6489c0910c6

SHA1
d68a5c9691c357e33bdc1bc14e0372205128a588

SHA256
1adcfc4d22b718b9e9d212bb1e5c51708a887609834487b72ed3e7fd787498be

SHA512
2b11f262259796843a5e7740b81667ccc6b1ba21b1e71825b75d56dd0759300c99b8f809035e143e67a7d94e020c21dcc471a5906f77eacefe3d8b3a9b260d3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
accc54e2faac9c9ce0590eac5f7ce2ba

SHA1
3042449d841eba96480ba0a06dd221c1d8a7ea59

SHA256
12d1c41a879079d377763a3402ef9d2e648a37c929f1eda5739d694cf87dc87f

SHA512
111dade1df0c73b095c75838d05e0b4b5705d7c4974703af65572662dbd7c11ca93fb44d0aa2c44cd31fc4593805409d95b96ac41d9145f4134ff875734bf827

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f768050892d24f3b4980168d35917106

SHA1
dc74ad5eb1931d64ed44e0ccd83bcc30cb16c5ae

SHA256
fb098a1799f2fe081abc619d5289c902a9e39a7fca972da183e4717b078f9748

SHA512
f398a31559cc526366b8c4649ca2b0d8709fb901c33ad19aac2d6c4d16794c003a4d59ff55b070380a56d3c7cb191204259d38a6fabf24889ffb2395576341ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e555098c4a99ca0aa1cf3d958cb80b5c

SHA1
153b1a59b8154bbb16593d70d1e0c20a58cdb1e4

SHA256
9781f49877d51324fbb9903702211a0475bc7e51849a9e6c785c0809f31db09e

SHA512
e0530d6cf1320b1a7d5dfd3a6c67a21d806f4c24223f56e82a892defb8b14c2e3e40464e3e3d3faa05737cf4e51ec4519765126bf253087b2df5db831da9dc77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3dde7f8bcb1a1a324b5669aa967e000f

SHA1
286f70d881ba9fe84f991761b09ef9d55c993787

SHA256
04da672c60760c57fd5c599a0a207ce905afb85e6ae349930c941e3f632e006d

SHA512
835cb35ba70fa12b054159243b9cfb1c529742eaac617aebf4f903a95f160d770a88bad39415d0f05f69731c84bf0014aa5590d00f50c6e85a15d422758f08c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC9D7.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarCAF3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit