58a43ea12b4f49321a7d39fb04e0629f9aec2bf9276d1668a8864949491d386b

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
13/08/2024, 15:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

93ad8c1d8390b62e06d252a43aec219f_JaffaCakes118.html
Size

6KB
MD5

93ad8c1d8390b62e06d252a43aec219f
SHA1

b08d357ecbf6c7c19427112d3a543370c5c9c544
SHA256

58a43ea12b4f49321a7d39fb04e0629f9aec2bf9276d1668a8864949491d386b
SHA512

897d9ae7ac252de0a4d4a2274170c9a0c204b9da27543fbdf4ccc6b20dc74492ac29807ba943835d9ead29413836a1a0943454ca12566d741160bd7016c37dae
SSDEEP

96:uzVs+ux7wg0LLY1k9o84d12ef7CSTUOeAXwcEZ7ru7f:csz7wg0AYS/rXwb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d990900000000020000000000106600000001000020000000aef91b3a1a68cffb21f69dda0727f25bbd5f7e7d314d9fc0cdaa7953d8ba422d000000000e800000000200002000000004d8171dfd4d0c6a9ea06bf5a99b0e5c7992d893216507d08be6f00ac0b7b85320000000ba7a28dac7d1af545eca23938f31b48b0ba764a9d60ababf6587e7ffe694cfde400000002ff07d723e1c9c723b9fb50fa2fc19df08d3de624f8c862bc4b71605e175875429f56fbd5663ab3c0c5ca39176f9d58d1ba8afb5102b68fe7c08144d78119a7d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0879ef895edda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000000ac7ffddea712b43c1793ff87f5a0d259eb9197569401d795c7297a3eb0bdaf6000000000e8000000002000020000000f7449f1379ee975be863c583a474884f3cd06ab5e4a28116a9ad0154abfae4f790000000d7a1c67001dad6ae4b64a279fa5f68d452532d934d56bc6df4027bd7ebbd56531a2d922262bb12f5363b0531df9fec609e0a868a5fca9e36a6ae41146929b29f199818b86e5c6f4a902239074ab459b7b1a1d22421e4a3462f43275daee90c4116f096ab6f98ed3342770fa4d7c0453210b05b37e4ab149e8cb954bb2df02cc85217f81cd3a7da82cdf20689b89ad1fd40000000491f3213d463a6853e51657cb9922b2da03012a6769ce5070ae38eb728dd198d2cd297b51bec1d74b884a52da0c1202b0c317ab2647f1e0f07a85cbee886a818	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "429724966"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{21BC1A71-5989-11EF-82B5-E297BF49BD91} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1424	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1424	iexplore.exe
1424	iexplore.exe
2796	IEXPLORE.EXE
2796	IEXPLORE.EXE
2796	IEXPLORE.EXE
2796	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1424 wrote to memory of 2796	1424	iexplore.exe	31
PID 1424 wrote to memory of 2796	1424	iexplore.exe	31
PID 1424 wrote to memory of 2796	1424	iexplore.exe	31
PID 1424 wrote to memory of 2796	1424	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\93ad8c1d8390b62e06d252a43aec219f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1424
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1424 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2796

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bcbbc8c1f862d9cc0cefcf3c029e2ca7

SHA1
f7894f3df8484b6e5e090302b562b621416bd9e7

SHA256
aa7a151d3fa505a191e81bad524522abf96e6738997db5eaed7f78b6617165aa

SHA512
09d01cffa275b62321fc19c5101b521a94ac806c34430479d2d41e48d0f92a6f159a9664a21e79bab2512ef45f18264a46c4111bd9427e1b9b937aa21a8213ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
055c86a2799b486f60d2fb5f739cdba0

SHA1
d4bb8bb81784211361936ee19fbfb455229628d6

SHA256
4259c82b207c32d6ffd6055bf4089d5b63ac88fa93c002f25d43b85bd66435b1

SHA512
919fc3ecec069a37c6f731a339f57f9fa28ba90fc284aac4958b6f34b0247b1ad75cbfa2b8d23f672fa4757fedc1f9d39549e17464fb959fa70efb891c0ca8bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d260d6e4cab757e98ec45454db64b96e

SHA1
517106b13f3c1450c9d843199f13e3f1bf6ed60b

SHA256
32e8c4255215db31529f8910d81181aa040431800261e4c5e85b639624d210ce

SHA512
50e7e90e5063aed7ca50a6b3bcb966145d30a9be351141df3f844ac9c3b24af1818b007224c5f974c36f2fd3f3df09600956908e99597c2addc274ec6e04f9e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cdc578bb463ba015c147cc4a3794ba66

SHA1
6782baad5216bbbec79858ab3fb699a92042de57

SHA256
5dd5dad2bb0b8cd2bdf21662289c914b7c0b6e0213a2be79126861471193391c

SHA512
14c3d832182ef37e4cde50fdc153e8ef7fea299d2457aaa4006fb112d8285be5990a614fb62ce5052af9e2c2afb9f2e8e218b5d41f9c5a726c3557641a126077

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
733c0e031ea05b18f66d3436e1d1a862

SHA1
e6d528872be134416d138543d1d3f59fd840c627

SHA256
136b84b4ceea05d3669148b375a57ff802bce034c352f08f8c87ef1bee6c8af9

SHA512
8bd012dfa347f49b396ea955d16597e03045c89d9c12e1ac95aec8c37ce5d692a63ce31ed5e5675ba1dfebc5d4663faad7c8c31f463b6cb5282f326cf5d40e1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
16b3a77a9578102d8552dd68507466b2

SHA1
3091494fce4361cf3a463ff0ef8fd3cc654d988b

SHA256
7b5a62c991bb5c71affc5c867a9b6030fa6e17b22f66758a198165e7bf23041a

SHA512
37e6b421763422ba563648a42da1ba9b9f9349a794d4c4b70d6dfdf4e502c3b4b8b328a38a5d54aa362d8925a33941a101a82fc0e79a2e24c32c3ade8d0e662a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bd674526d3627dbab95034fb3baf3d57

SHA1
38e316a87b085daefab3ec8a9e98bc3abefc09e6

SHA256
757ad161d85175c71e6914b01109045cc52a97739adf4a9ace437f3030d0114d

SHA512
e1352299118f343f31e031a591579a47d08f1e221f442b6784ea6f3dac980ab8440d6844a0992291d7ba9f54151812aab32db0f5a30683e0c6a05d7554d4c8e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1bef8544d983fab9e11148fd3b14ec7a

SHA1
bbdbafda43a07b97590d10c45b6a3a853d6a50d8

SHA256
7d2650dcefe2251bf826fa3af80f60c77804b4850cf3e4484899fc253d416fa7

SHA512
0d5be79be71cbf4443cc21e2d3ba8b2b42225f984a1dbcde680b51eca44027c2137a4e11f2c2a6ca8a54ee415b19a52c0a4d344c430b49b11d1644eb95f369f0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
43cb129395f5361184a53640267afa1d

SHA1
f7511b1aa38c59fb61187d7361ed894e97bef9a1

SHA256
95b641f7df43a47f1c6787c639820c8d207d5751cd3e17bcce3debf153ba425c

SHA512
bb45dbcaff668824037e27abb8aacae728068ffe49335f3d5b3d65fa185031b90167cce6835e7320749254ae26595627f7604ce1a940d322a50bbb2e4606fe9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0e8bcacb27fb856ff1424027663d515e

SHA1
e3aa8062632a1c0e09c68d01993658184b648188

SHA256
dc2591037f7913b46b05adeec3ffb65d8c27e66ec0f4697a3030e894fe78ba17

SHA512
4687f0a85aa59774f03be71e0b82141229030315c1ea2ccf1f7c45ed1c542efccbc80bb2f73f09edd4500ebdf25f5fa7302cd446cd0d6d23b45a16de691ae233

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dcd68c12abd9e9bceeed9cc78841edc7

SHA1
847922a78f515b8dfbe53d42e6e85cb4a22f1f17

SHA256
17e253707d98a86cba344ab84aafa4a21241af3177257a1c69ff2bf5e356e1c7

SHA512
9d365765bc10e3c2c8b23681afb93b9136d97a76e281601820677e9d9328bba123b36523cef6b7fb1e7d6e76dfce37b276aa0c40fcb8bcb8f7fe1fe40e94eea1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e4503a58821c785fbde55692ce3dd48b

SHA1
924492d974cfdebe82d539d5efd64ee04947eb1b

SHA256
5954e1aece4e0b7af9ebb9a5c3f51cdc006b7e728c78d586d89f7c4a00b5f90b

SHA512
fc9d314b5a32203eb0749ea118d6d07352c8d228b4939b0e2df9d409170f8215ab78d8b6a629c00bbfd8e66840490cb042060639766a635ac0be3e7e91f55c68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d90eeb3cb498c92617de2793d2a6a6c6

SHA1
3355c6334692a7db0b98f0182b5ebde9f1d2f674

SHA256
35985fcd3912120020bb9a3bd2bef84684e2a1b0e68868880bc89212625c3af9

SHA512
0cd03cca04322c82fd3df3997fd66200ab48869ec392a4008982810e7d78f3b2d607fb61a3db7ec2a925eafae107c0c15c3e9a02bfe84300c42b905f80225d7f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c5089da25484564dfd3cbb553d0b5fd

SHA1
f54050e6ecdf8a6454a2e23cedb2ce9815a72946

SHA256
9e340e86b077179fdc6bd800ae764fdbdb9abc2c6a78a7afe7284d4cceb7324c

SHA512
0d2f1c0074f0e46dcab91f883059208cb9444f28111763b4426ad75a953e3e2130fe01b2f7b17e51c56f3be23320e25436743bf4fa9ffba5284b8e0b061e1778

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ab572d01d2a6f526171d97b0097ce855

SHA1
85fbfa85b5b27b48a435078fa7008352bb7c4c4a

SHA256
3208778a05a567e5582eac0aea1820ccbd66a87ed33d40ec73fd682fe285c39f

SHA512
d5809641b4406aa5fa7a14cd677e2d3d17cb7010cd097ec07a3faba58b386610e90fde965a39eb52ece98675920c8913377aeb2a51f97cc3c9915e30c3e489ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2b1591c80ec9488a33d77c60dc826a4f

SHA1
ebf7cb396397e6a36075cc8eb7285044fd050cc6

SHA256
42a9055c8577e53c9c53d36c41f8f792b8d9e7486a1cef256b29bf3c84afc43f

SHA512
e25d5b36a7eaf16e564393cab6ce7783f5417789293d3d3b6635accc590d7fd0c7ec823467be3d9d30c1050c28a4b18ed701a188786768d87df868d0b853802b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4d5b923afddc8397e8a851b661a12d2

SHA1
7fd70eb2cd75960ddd5ba8c0d1b8a012d3cd0ce8

SHA256
307a59d6e8581b1ba790d3e74fdd05992da3415277bd5a88f2fa8cf39b800a87

SHA512
ce6293756ae55a39aa857289d4b4ec499c2af357febbeed10ebf7f452a5ba1d1baa84fef624b46b5ae8ff690c3b1b900481cb50740285051de1f832011fe984b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabBD6.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC56.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit