21d966b11a81ef37595a9c72c25acbb38dc63e38ff590ed6f1a672b0bb00bc0c

Analysis

max time kernel
134s
max time network
127s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
17/08/2024, 07:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a19942a78eb3c1e74e4f2d7621c48b8a_JaffaCakes118.html
Size

10KB
MD5

a19942a78eb3c1e74e4f2d7621c48b8a
SHA1

b382e0004320f450c549faf83f009f65df0fbe70
SHA256

21d966b11a81ef37595a9c72c25acbb38dc63e38ff590ed6f1a672b0bb00bc0c
SHA512

f2478493b8361707d0450a5558c35712c035230410dacc8df8a4e53921d8309320df245cc4ed34c482d0d8dabc950f2fe1e039e15fe33a8e538f19969e9957ec
SSDEEP

192:5Wx4lIoaNNHofpgDXgcImmm7mmmW3i1rnzBS7j7mmmnImmm+jNs7+HB//PnNwWwo:Mx4lI5NHSeImmm7mmmW3i1rnVS7j7mmZ

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb4700000000020000000000106600000001000020000000d5f5f96bc872ade51e44483c4283a5e7f26a15cad83215446ade8ba2359321ab000000000e8000000002000020000000f43937aab457504d41950aa52520e0d5d467ede35a154620edca1660950b9fea900000009265decf45bd46ebadec06958acc08bc923fa064d9d5991bbca85ca1afe610944b990e309a276ea572cbf23a31e210692f91c059c2551875bb554393bc775d0b6b14302f2405d559d9673566d68412bfee6a198a78d6a735391400844cac7ea302a406fdbcad17187d51619021bcab70cd5fdd868a2f66da9383c9ba8094450fdc3fdd5c6450976ef3e43dacbab4a3f340000000d6e0a809c1d51580f324ca9250bc07c1f46ce52e5bef62abab94d50964710ed458d4fa69c17691c05874bdc1a185d1d9beb6aca212c803048bccc6a703c741a0	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a3d5a058b71c4645a1a6b8b9d2c7fb47000000000200000000001066000000010000200000008246080b7eb1f24285515a47c7490439b9a5376a2ca7458e8f6d413ff168017f000000000e80000000020000200000009bfb66e5875b715263d19c4774cda4b05ba5a8ccc83b96e2a68b4dd0c267c59b20000000193d880bd2edfcd018be44f0ed1bd36454b3ef78fddd6eb22a5efd6a86449c32400000008713cfabf4d2b35171ce99d71ad42218d731c4e5c1beb038816217b643949b6657836883ace03d2e44c4dff56fa4c4508a2344617d8197b6b9b12b80f43bb5b9	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430040033"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B44C5E11-5C66-11EF-B4E2-F64010A3169C} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60e1d68873f0da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
824	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
824	iexplore.exe
824	iexplore.exe
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 824 wrote to memory of 2712	824	iexplore.exe	31
PID 824 wrote to memory of 2712	824	iexplore.exe	31
PID 824 wrote to memory of 2712	824	iexplore.exe	31
PID 824 wrote to memory of 2712	824	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a19942a78eb3c1e74e4f2d7621c48b8a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:824
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:824 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd572dcbbfd70550e3fafeaa3881871d

SHA1
4283dffb00dd2d4a3073997c432bd2ec8c5ada6c

SHA256
0a7762e356bf8dc2a038842c493bbd0720e74f0f208f7403011613a8647d2a5b

SHA512
bf6dc346d34cdb490edf24584234c24f7634264fb492d30c1843e9bd493e984af1a2a385563d03cc89fdd3ac86408f495a06fe732f5a5ba1bf58d500a42e130d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6fb1af8c561ecc5db16336d95319396d

SHA1
b8c28d01c2a53114456ddf1e33ba0944770acaca

SHA256
c722e3d49acef384109b787f679a020ae2937306b98146c6467de12d7de49b6d

SHA512
e730e07d9fd85e7714954a6080652850b654a1b899d5e1f4d00a56a2a61cc48cb9d5c990701b5285f5dde6e88b2b4fe6a029931f3168eb348552a47db60990b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87077652c7b269b03a0ed2187c8e5d12

SHA1
f6bd4b90247c83ada1a5a3256801951b6eefe37c

SHA256
1e62d76cab8522507b58a22081d1d52caaaca2465f7db14dd74caf0a17e13033

SHA512
aa4bcd3b59b77cd8cfc8984f793a03b37305f8bf972b055da6536b7d518c2b52b1b510611ba2ecc9bbe6547d7d08cf8b25fc03ffd650c860099b1c9b8509dc68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
693880462121bbcc369630885ca04f90

SHA1
078db0563abbb371352fb4441dd311e600a1a65f

SHA256
a68163dec1293f3f26ca0c7ea757d115a6238c31fa0b2af0474aa07b867d8fa4

SHA512
f6d437583ce74cf683e84dfad4a1822cd166361e7a16201ff5302c3107e564ae6082e91029a682b2f07e53a52b800b2ff40a210b357228ae2a92be4362551c07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7767b18872263594fcda9df6c984a616

SHA1
c39b5d25b443e96edeb3ae2e19430661eb47474c

SHA256
fa457571331c03893174551e63f01562386bf4d22336256f37e762928e26bee3

SHA512
2737a21562828b1150008c5dc735010e19007bdb9af0dbe3326bc150a836d220d483819175e059b7ff350865afcab26fc2fcbe60a159c9cad34f384175ad0cb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e2efe5cbd65f1911621ad4e07a2500d7

SHA1
3bdd6065269fc2e108f807f0361eccd11cf33ef6

SHA256
26b0e8b1d7f67514a21e14a680ae3b81bdcba03a95af829365f4e580c51f6937

SHA512
49765369c3be1ef4839e60629d40f7fd21cc514d147bfcab934930340973bdbb98414ae43b5766f2d93ef762063dea7180307257048c6b370c33066cfc774e8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94612cd3299ef6c8457949d277688f6c

SHA1
bea23a543cdbd20c9c03a0470f226bbe35d3c625

SHA256
933709830ba4a9e973f692a805c673d3fca201f7e46d07c8a2b8b36b71c94822

SHA512
c9a6d0d0e056aae6bf86ea5263d05d2cc0a0842a8be0ca9346f31398fa09267ebca64e632b4219662e5d0fc2617cc4809f24c08243d42228a2526bf177ad7bd4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
88de4ae27a91ef90257bb8241b8341b3

SHA1
bda0898b31d22c4aae7fd29965cb4b3d6c709baf

SHA256
524dcc09ca04e7d4f7bc67b3edc34f01086e11896f6fedabcfc6fba98ca26357

SHA512
be73c24f7f29aac6e260cb36141eacbb1a32d33969aaa60dabffbb9d75150dc7eebbcdf1e554c591f5289cca31ba88df9e571b95740f67a8254a234b82bb42a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8744f0eeb8a7327edd473f1a646d49bf

SHA1
deae18cf04d0093db56bc0ee92b7935db1db076a

SHA256
0a77134100172844cda86919eef73826cd1ac7d0e26b8ad0388b6ec6e2e9f25c

SHA512
697f73783606cd6526f6b8b6c57ec3a6e6dc0fc471546149d0a34750c709f242025157017e60b65e1d83974d3b2f12368d6898a08d9bc2736c106e654131bc25

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ed481b861af00f92e654e59c78756da7

SHA1
2a7f2dd10f110b436a2567919701e4b6d8a8c4cd

SHA256
dd35f6d01f4561940ee94d3059646233a3265438a75b160430bcc99c5d010928

SHA512
e9b6761570b1e49de951b6d736f6ea3145a5df43f75372a9895c41db1f119ef4afd5b2d7e0e2381288665cfcead23e916ff35254a23c5747cfe67110aa7d40b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b5a2a5e54f2ded7c2898514feba0606f

SHA1
1eaa91376c2ff9bf67b29c4061e0f614257122af

SHA256
779e11750b678e7f8137f974744ba551c2267e7ca5fa85508d53cf013d979fdd

SHA512
6213f4840e2eba18b8525ec5e2b3a24667496f0bec78d1dfdc195e957ee9d5d6837a06e5d1dcbe60ad4a5dc41ef345de0fa8e028f54829da74b4023557dcb748

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ed23d7070f441cd37377a17b7bfc2b8f

SHA1
683f7642e583969e695564b3ac896dc93dd4ec17

SHA256
eae1b90c2043cca887b14522c291a8ac47780655bb16865b12caba7fa7586317

SHA512
68abca6cd82e50e5d01818be60f9c2bc46c716671ba5d47bcc5abaaf545599481f1336cd81534cfd97b21c13f422aa326e3675ad3b1ee5a058acd4fcd2a0bd11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dcf65d044f2cc6281cc7c4347762c9b4

SHA1
f953d668c1f4bb9faf09381ed88344200064e1e3

SHA256
2d9c9008888dced987c09a5b1b29f29325495019d9f98dde66c1ea51ff653f10

SHA512
5c82d806a23f5225ec7cc4be129ee8d901348676e1175ccc4e7854217255b9502631af09f2bea3aa6f828a451257a49b9e87eb88da71be7c1522e689cdef9c4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d5eea5dc1d3235d4ad103a8fae43bd8a

SHA1
f476ee85eb6238f9c39f65a646529b5072122197

SHA256
06bd587ce106e1121778394e12d695a2a798235badef481e0c26f1b4568bc700

SHA512
5aa447f562225fe84989650a3014bd6ed111eba60854121a792ee064c40cd73a0f102162c684a4ed0d47a16bbbc8b16e16ad28d9c1dd4b795c1dff7353e9f876

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
592671e751bd617525b2b411c50a50fe

SHA1
5bd4af3f5a6a88fd2e83589abead94aa5fd7993a

SHA256
57f2affa853399a5862604129d0d3c8b4430cad402e245b01e8e24d94d936bb0

SHA512
b392fdd5d06d19c608d8b184c9dd595c8d777071c6f2c2e42095d57232e2d016c7c12e413c4a1f98af0df0e51b6ef6384986037e233cbdf0e740cc539308a957

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94feb15b0eee7428db7addae584d226e

SHA1
8f3b2eae2fd535c5f8f7d06e50ed469b87463336

SHA256
7327fbf53c04d2c6c919d1ad2f9630002bbb53944c7e01115a2dc88f96ca541c

SHA512
0b135c3bcdf1368d10f57080fbc39c07793414dde2b1c7401568ae54b893237d9069b3b89d42b13b8d7e45bfda90d2251f299f16c910eb54ee098be6cafc0313

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
737b19cdd1dc9064325712f9aedfdb63

SHA1
81cc67cf009b9a0219b7c4d5c0a56104708b1b91

SHA256
b6b1f055e476ff996a7d7608a2bcf3cf693ac8627be100a1bcfdb7e91d14b656

SHA512
40e68f13b7c6751c1cc232947853c47f0eeda7006460988ccfc156c37f07f9c5813f429cd271e74fd4b42131ab84dd0f01bc90506fa52bc5cf9998f6ade6d85f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF79B.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF859.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit