b39d6286894c9891e79275ed6dea69303732d86adf220aeee4a8ab2a7d9d2f9f

Analysis

max time kernel
121s
max time network
129s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
14/08/2024, 18:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

973f60bd4c094606ebcd5180ad1b3093_JaffaCakes118.html
Size

18KB
MD5

973f60bd4c094606ebcd5180ad1b3093
SHA1

6890705bddefe0c1921d912513672353d540899d
SHA256

b39d6286894c9891e79275ed6dea69303732d86adf220aeee4a8ab2a7d9d2f9f
SHA512

99b20143ce240122a3d5969a233949cc1c24aa86300812f9c80af75802f491168af6deddf1303f95b614228caa52a9d8816398ef7667c601f90e02f7a35dde28
SSDEEP

384:Fo0JCFEu2kcuJr0rZ0ipuZD8dpe1Xu0qAqkqG8n8IW5qIK0USvmc52cMuciZczFd:FfJCFEuMAK0USvH5XMPi6zmImap6+re0

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 39 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "429823037"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e337bacba951544a9a832c52e69bfb000000000002000000000010660000000100002000000030a61c24c3ff9cdf887efee64abdb07aed6814a1788e9e3faef26991a2714e44000000000e8000000002000020000000cc4631add66ac58e01792b44ba20cf5c5a3e629c032f7a48c712a00502c336c390000000c6d20c4bbe362b5d16d914aef1d5102a75070ec4f82018f050d4ae8079f9681ae29b67390dbea12f6e8364d775cf7e59e9d605dacfaf6b717476ef69096f3e0778e5e192cfbb03099435bbe3825de65d84aa1b8f41788f54a32f2d4c5210700d2033acbdb136871c9d6512d7d499c9f919d5b3513088bb7595dde25ea1c190357ee606997ecb56d65d0bd9adb1d10f4840000000cd5e254bacf13449dd52276eeb647e4c8e796017d5fa151b6160bd35a80ae8204962e3251fa3098e91a402f68495ff73cb1fded8076319cc860625dac9085786	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0f9984e7aeeda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{77FC4FB1-5A6D-11EF-8AE7-D6CBE06212A9} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e337bacba951544a9a832c52e69bfb0000000000020000000000106600000001000020000000535e7454aede21e017095cddf2032f47b9f1f2940af0724f8c9113ff6ce04357000000000e8000000002000020000000375cf774263621cfd7710f00ef63c79189c6d637e6d4053a5736025035d5132520000000e70123cc62c9f7cc0bcb860c122a1d1c09a373d72c2c90481fbe581db4c3aa6540000000d5f924a93c32235771e82a301f06fa15ea3d88b68661d1e300f434b7e1bbf43323719cbfba6bdbeb8f3b2e27b66bdf4e81d6469c21a56de0f9ff3f8a43e10d47	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2356	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2356	iexplore.exe
2356	iexplore.exe
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 2764	2356	iexplore.exe	30
PID 2356 wrote to memory of 2764	2356	iexplore.exe	30
PID 2356 wrote to memory of 2764	2356	iexplore.exe	30
PID 2356 wrote to memory of 2764	2356	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\973f60bd4c094606ebcd5180ad1b3093_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
026fba4d01d866e310c25ff003e4c25b

SHA1
bd996ceb6028161b96ea2e95ec88edfe92c5629c

SHA256
c4ae1e5641b22db976ee3f46704ed2df9d6a802168625c8880c59f0ccd827175

SHA512
0b2e0d54bf19006d01fda5c8fcf89bb2ba68038546c39c244c6092d8d47338f42c2c855cd0320aecbef2550ade4084f87cccfab91e1d7f02dbd90a0e9484addc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7da960afb66bf53389aa1032329c9f33

SHA1
bc84c671496533ab842cb70ac23314a0c168938f

SHA256
2b9a90f0d64a47434a626d1ebfaa4a17d4d8ea06753f4bcf2539b9466e308586

SHA512
dc420aaf8119d7311887f560f81ef61dac59e41c62c5a448a07d12b5ef398760f43583a36a4f1dc77fd15ab2447864edd5e0c49edac3070b30fde28527202336

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b94cf1abeb9032a7e56076ea3b92aef1

SHA1
8ec8da1243356987d70011875eb0e4c47c2f642e

SHA256
f9a99bad4151a5f1761c8b5d1856f7926c55249494311ce8c5eb661549227c8f

SHA512
03fb2bda07e384335322c90f1bbf3e51ab52be8a436ff08c6f37c548908969e1dbe6e39fbdc11b835aba6065c6b42cf763a7af6a6203105a1ac1b59b5117de78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a8b7384d10bf27943e3ced3741f0f941

SHA1
ba292af8ba8fe78d644836b927eaa85efafcf5b3

SHA256
73f5681c203ff346eaafb968634bec1037ba55e0ee87f7b7f7f91378c8f28ccf

SHA512
cc1ec2e66432e96ef13d712f182ac37f6c573b8b101dd143f243188bfa784465f295f74accba719650afe5d92d09ff6327d8de670b7063239232361c9ca7f498

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6f9e97e43c1cbf99c5508c7aead01173

SHA1
4a7b5356da80d6988c6ef2b158625199490bb731

SHA256
de286b2c3a047725931c7a07bd6392bff2b17ab5162f0cfea6648b1332e9bd16

SHA512
b419e5ae518580d15e1f2f923a0c762cab7024e2624e6275a845c15851b88d945e5e65f9663d88b187826fcb8fc30530eef334803c1c09eee8f3b6b37fdc0c55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0cc9fff638cd85f8f060325415192fb0

SHA1
26b17ff74835cc5d47f70d82d3b1b88b0399fb9e

SHA256
24e7dc5de374fb44888bc4ea5ba9b475daaacd473b0dab53e33d4e03de0dc590

SHA512
fe5590f82cd534031205f057732ef38210f21a702c9694e124186a7ec0fce857132d9cb9454537ab34353a27585cdd711708211862410813d5b6cedbfe513ac0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cbd459a0d26ff384fecec066b36dc7fa

SHA1
50d58841e3fd6f199730c34aa6da4c4a14eb1ccf

SHA256
1a772c528034beb62ebf7019ee3cb88573452ab7d319f7dd562eb0231a3072fc

SHA512
a3bc6b53fbedb9ddfe08af1942082533d18a365ec73756e907e6d64ef2273d425cf658eed7f31985a3427f6c456801357f1b22048435268a41d7391edc6ded1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
89d4db032547985034671b3493682a43

SHA1
c027a783677d98221d1dc6851fc7dac77270b1e7

SHA256
6300dd4aae9c5794ca98b6a9e552338a34852d314016ea94f3149b4bbec8bee6

SHA512
b7a76e3c46e73a023168befd6320a3bd0323bfa2c922969fe33700c58eac4a21fd7bb4903d0fced7cd59e85982122c2fa0a7cb8b916b281927fe3d0dff062cfe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d300c3b6b909878b4cbc86cc08831c95

SHA1
c8ce94a312a25bf609ded5dfa85d5b2675389e2b

SHA256
5175ec5c7041d44409ef3d2977368dfabec7965ec37ec31107999929027c6020

SHA512
313681b0fd02cf2ad8dab7e66cc574a0d530779a30eaf31f0cb1aa7c461b7d82199aba2b0532d006efd05031111da15448bb28371d4bd03b87a1b10d893b97bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0491616d5e29474df6cefb3703918b21

SHA1
39cb4e2be75c4732c365e1a25038799822fb2d3a

SHA256
56fc3f4be7500854330b468dbf77db615f6086cea4101e367946429d62d4c922

SHA512
0de8e43ab83e53345cdc1361ddbeadd2458d93e6c98727af0eb5940621078d90970a9e129121748b2e6e9b01647980236b316f2baa1b26edc97126530b1dc627

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4044c9f79bdc30bc1103cbb5f541c74

SHA1
dc4ee4534494816ae2ab4f0a0daa7fe7b613bef4

SHA256
ed71e5b1cbfd68e8ea18215ecd9ccc83856fc791daa871f518c4eb09d951065d

SHA512
443a365c99d56c0017c5944d4f9846c62377fbc0b5eb849884ef9d2796038d9cdbf73476b9e6af781ff51fa97b9202658cbf5206a331ddd12ad89ebff3a55ec8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc6d1661d490332c9512d5515ff9a27a

SHA1
cb6aa78b99070c7e42817a5412cea2bc0723078b

SHA256
3455b0cb604cdc48e93423b4c183f9fba3fb3250af335925072bfbf058544914

SHA512
2e0a2708a80dbf05fe52d1ce58fb33d9ebbed0eba2b9f3f7da1845f83a191abc0b45d2cb36a2256f784da8d383e55b8371f0a57f15ba84c857c72901c7d803fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8c3ab8f57bdb15635239a26139f79f07

SHA1
772d08df19b112cf14b6ec73aa440f994921d8d7

SHA256
c347651c4357e24468c814e022e2e1cc89820f2a236bd2388df4fdf20a4e18f0

SHA512
06fc448cf316261b06c8e84dc2cd055d70191594dcf07464097b67d6e7254841a8ae51b00af66cd5885948dc6204750ac950159933e57e066d86c6271ca0864c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
04202f01cef2bdbd9583b5cda7aeb961

SHA1
5efc85361628ce0a8c74bebb4bb6a47238abc8a2

SHA256
8a7c3742fbdd6cf2251dc17a0a4460ef9924040ad5c273e2b756006bcc58248f

SHA512
fda183a7bc7825ce1a23c66e04184a0eeaf1074307cf948d6f9bd81c85db227bc6f3f774e5e4dc57875b227f8e48d115e73b472849cbbd66c2c3d141322f57a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
59e2ac73c0f7cab89f43b189ce40d685

SHA1
0a229d4379785b120e90fdac3ca47f79179feff2

SHA256
0f24c28fb9c95485801c758f9a5be744f4b6d2846d5d4f24f7eaeab682eee0cf

SHA512
59e005ee688950c80c679a11718ee6f887ab7e4440803b7d663bf986c86a27d4a62eb712f2699a29bd0a5989d4060dd59470123428bcf29eb7f881c684793d56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03da63e1ac905e6f35b41eb92938f5eb

SHA1
24daa553dd9363b927667694d37d922f0f7d995c

SHA256
6040921a6a4ea149dd5e5cd3797078f34b7c7eabf50340c6bfc7b883c838faa1

SHA512
5102e5eed89199bfbf2e5a2a2d7c4784cceb539b7e6e1beb9de99c806204fe1f78df1b146cf51b4a3b8ebb25b2b90ba303cb8da403ea9e78db4f52fd1b33dcf7

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3046.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3105.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit