77e4e274ec00e82c3271426a8f83111927d4da8488fce48247de307d3316489c

Analysis

max time kernel
73s
max time network
134s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
27/07/2024, 04:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

770074a14e2eb91846a8b5e614c8b606_JaffaCakes118.html
Size

6KB
MD5

770074a14e2eb91846a8b5e614c8b606
SHA1

45c6e5bbd9e82cc69b681656839c1b964dbd794c
SHA256

77e4e274ec00e82c3271426a8f83111927d4da8488fce48247de307d3316489c
SHA512

15ca6fe6e77226c5d8b114cf40739bf7d8be95798dce24543a2eb0849e04f3e1a4ae6221ea339e860b965e6c9d0df0ec95c4b41987542cf1ce7f9edaba257987
SSDEEP

96:uzVs+ux7VHLLY1k9o84d12ef7CSTUzt/6/NcEZ7ru7f:csz7VHAYS/G4Nb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428481615"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b70000000000200000000001066000000010000200000007b1a77626ee3eac97d24aef3d3155192f9feb66db72940f62fff1f75d709e176000000000e8000000002000020000000ebf5b0e01c4c8e132be07407c4a412145e498473f7965fcb85fc20edb22ed015900000009edddb0959e63c908145a10b82c13a2aa1c3477f6baea1a9fed119bb82eb7097ce6a51042643f9f6792f144a30edda3a487c1173d1f30dee629fbf73dfefb551a0d7f76615383d975a56868d4a9dcef0af97a7364163760964f80424e5de8ddd3f561762d4df05f148df73061b1821a89e6afbc6dbe3117b87ff8b0b5ca8f5e41bf54bdc16879673621cd3e7301e1360400000004ee8054961c85404d2b55f225b3e15d61f70e1c4e1700a0b106eaf85a8c1ae8bf836cd8c2f75ca116d794372c1b456878e84e4820fc11c1242299648a27fa345	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b700000000002000000000010660000000100002000000038f82b13d0ad2288c5d1e481073daead31a385857e8fd5a936a1f464287c67a9000000000e8000000002000020000000d76c6c12dec6c97508b703c4d0a4c876e30d8d037a1c34f83164ea6de4625d29200000002c4426ed7e7c5c804b295cbf78e47452108d3063bdb5f51ccf1e648ae344cabd40000000fe69ac901fe2f08826b22dc9b626d377e6c5190d46b09be52c8780952e85bc9b9af0aed10e0251a95be06a38bc5b109e1079b7892e32b8a6e44e5d2b80337cc6	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 205f6c2747e2da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{399115B1-4E3A-11EF-B99E-46A49AEEEEC8} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1656	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1656	iexplore.exe
1656	iexplore.exe
1184	IEXPLORE.EXE
1184	IEXPLORE.EXE
1184	IEXPLORE.EXE
1184	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1656 wrote to memory of 1184	1656	iexplore.exe	29
PID 1656 wrote to memory of 1184	1656	iexplore.exe	29
PID 1656 wrote to memory of 1184	1656	iexplore.exe	29
PID 1656 wrote to memory of 1184	1656	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\770074a14e2eb91846a8b5e614c8b606_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1656
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aa1508bc53d1ee0d3ccebc7c843e6821

SHA1
fe6e6d956e5a7ae00bcdb5e90944eb1019c92eb9

SHA256
cc195a9936294cc9ca25f27f5d89b7ddb4c79c8b320021a10058435874901977

SHA512
78afcc077f419edcc124725317dd006d2c8b8ca9d60eae1467d9377ec6bc591761a2ec1dbfe1d4eb33a8d8be69f560593ba14432d04936fe69cec60888991439

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
63b0e1b613d5d003271474e4f8713ac6

SHA1
4baaf8e7ff0a1699873a71231924555ab64df8f7

SHA256
83be5683edd1c7c2b541970dae4cf486b945195fb73222fb6f2b9fce6ecebc75

SHA512
b0866d315af5536eaffc50fff9342024f08a764377c3679c1b15b418217b8d522f8a2399684423850e9247fd9e5ae3da24c79d5a218086cc3db8d70f56412ed4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
118dcc272b23526032f8f07a6bd7365f

SHA1
dc77c49a3dd6a665424df942bd4ab96ce1d5888b

SHA256
c33d4fade2e6eab0a52afd12c4eb6c27fa633a1ca6d35847cb9bc8535f007827

SHA512
c9e42e9ac194125dc4d38ca161c1472eebdf40257ced8c8e272888295ed2eeef8e1ca1f7a8a20a8fe97234a798e90face071530c2d22996b7fef7640ed8b5642

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6de305a11405c6ae70b998e7011557ad

SHA1
a9a44fcea7c0c07f030435b00feefe347e3caaf8

SHA256
a38d84416d6d5e29b84246f465e1bbc405c8ae1173396f3b4b25f5f57553d7ee

SHA512
d720f07062d9330f77f072b6e0e8454174c276fdf28b01228952e9c630b977c85798a86f9c55e039bc9a523bac8be4ac01e2f99f841f5d71b65e56d54c026dee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ced4beef3fb0b946ef6d0f36a8724ec7

SHA1
f90ba83cbe6e3e33a22785e43d7c9f4bd1ae2a4a

SHA256
265ff19ed19f701e106c4c104d7341e0797b2613dfba599cfba181010a7b2e8d

SHA512
d2f2716424c330931ebe3bae8a936fdfc6de060a3b3915fd67eeb5743031695be6e4a44e741ebb543c1beb96a58aa88b7465e4102f2875681a8959c8ce7d13ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c085207ced3db368980f530072abd62f

SHA1
e56d89be4de2bf21a5766e21f0875493e46000be

SHA256
be54551c77f7f500829c6ccc452fbb604fea29a07714b39123b9e518b2da6fc9

SHA512
7671ba0191c71eb616d6cc3c4e1257fdbbcc3a7f7c0d8eb96488b572058c1a711f5bad63df176e6ffccd7a7c08d44271970a37402f86e73fa0724a4512dbc7d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce91daafaabdddb4c94a86976be20eac

SHA1
1e8e126c53206bdfd807fd530f0339151163078d

SHA256
a9dc85d4a28a675342c6e9d0b24447809f58d1eb2be576d3913f20635311a085

SHA512
ed9acfeb11c5ea2f6798a76ab0fbc960fe0a188f609c62e6ae898b65fbce1541626badce2c6346d862c373d7b9f1fc32af577c4fa3010463fd63d004d8e28f11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c5159ca08382d7467c8336fdeaf3a973

SHA1
0a253434a66e50bb799482f9e75fea21549e285c

SHA256
c7de3f84ac57f8f8132ac0e2f9eb5130282ad17a53aab2705aeb028e5ba29257

SHA512
1b2e3f22de366e76ed6b667485806810ea34e62fde8abc096bc3e0dfa87da1faed43fc72537d63f80d70081708c065ac6050e593d55136612ff97a91f6350d15

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3a81f9fe329b28aa4e4935d6b79703a0

SHA1
464a9b9fb94a36d4c5da462226d7c83bbcb30ea4

SHA256
62183a3065fa68f01890d084145d9499143225299e4307cbad2dde42883e4127

SHA512
bbfcac3b48985c9c7eaaea3a51953ee5dc2f11cc41bbccf94e538e5c182452561644c9d19d659f48500425a4f580b3deceaf76af110db932cf0b4f44d6cbf491

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2e91cb3d54cee84e89dbc74adc9f397f

SHA1
99501be6f53f7ac44e6320923b58b5907f51711d

SHA256
314266fea7e56737f5a77b0e0aa0236aaa5eab063c2ab69c8ceec2fdaf607954

SHA512
74cf5fa670e2edf2d85d8fde63544b98f4f760bc4a469fcde5b3b61dff99124e074e9b277d80de3c84a5e55d784cbff93723b80c390f3e4363ca13d658425196

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7786c640cde3d8f1f3035093f077521e

SHA1
10674b69b04d7afb83842f40940a3c04ce1dcec7

SHA256
e189d8f47c4f1826ec8d7cbafbdaf067fa9752b007fd30c7259b0778b483cab9

SHA512
36562756289a425ec6ba84da8673414211f9abe2427d48b6beba7bce8906adf4d276b52b1b28fc40ca2ec0a6bb3512f572a8b2ccfb1159feb7f3ffaf57980bf8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9da27cbce2ec744b8965a36b0ce1ed9a

SHA1
775f4f58f17b75de812bfd5ef9d29e33f10f5933

SHA256
803396cb4a839cc953d157a854ca78e1e1322b894523b23a9f8eca9cd9698ade

SHA512
2094ae1712a01bcacd0e08e9997143dc0fcddff2d4f9b5731104cb56728e9b2360ba77aa6656e83081bc453dea1d253134491bb229b094ffd5476fbec00ee83b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0188bb6317f86766520e85db6a3265ba

SHA1
dd64bd98b10693c875d9a4a747c02f327a4a76a5

SHA256
93ba7dd8f605491187eef15d9cd54a13c2b02f5926793cbe9b20722555313596

SHA512
68a4341e1024b769de2ff35cd50d082f326d5eef71fa4bfbc2d7840cb2779e6839dc8c28fcb71844427b2f03e613e21802e4152f7076ae74bed03334ea165863

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e5f9582929ab2957a9178fbe20d0d0c0

SHA1
87505bbc3d005a2bf94c9ce54b59dc09e7affef6

SHA256
155282eee6dd44e895cc2e6e3cceb4b8d6bbfdf98bc31083633759b4c74d59bf

SHA512
ba3b5e4dd5ba021c1d7f4bf920b631c1d2eac4805505133bc75ec481d406fd5da0ccf3841c9e9609a1e3f232b892469c3fc9fcfd632778c7a5661f87547409e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f7bf6c9d66f2a1d7197bb7b355ba39b6

SHA1
e236a53ea0fca8f424fc930846d6e5c62a1f5d1d

SHA256
67583ee614d4309f1da306f4a264d72792b0afeee8c20a4445736bc196271dfe

SHA512
47dd6e998422ffd87b0bc3ff5e344dcb380cafb942ac249dfa24506fa3bbb3f2a055a1a6ac025dbcfa1f2f09fdf3a241cda87df3ab42a400315996a1334dcb06

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a148355f6e800351047ba1926f747e78

SHA1
ec49b2738f46ebc9cc9f7275a9b58a4b68d9828e

SHA256
0a9420b1a33fd07b3883336f9f44929e5ed7da6ca1b119efc8957bbd8db14108

SHA512
225ed8e1288624a9935bd2724d38d56531020f7beba88c42f39708d15a7d9fed36a03cd318bfd5c1d0be1c0fff559d4f76df5f2083bd630dd857fcd73135472e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
22ce9d1bc7979ade7ed98433d6715470

SHA1
1945157ccc55651db759001defa535474a10d037

SHA256
2bbf0961340a2a50b0e72d05c7e804f8d19c5889341d5b3b35c4607118b6ceaf

SHA512
a4438df9c466d0d7815b0e61d3d67b1571aa0e0cb1ea935a06982e236084e789a612f95013dff4b135b47199f389a8e3ce285d8d70f73c944d933eaf77ad5636

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD950.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDA2F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit