188ddcf58ecf24f23cff2b3172b4bb1322875f81667429d8a5b2cb446015e2f8

Analysis

max time kernel
144s
max time network
148s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19/08/2024, 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aa2fa4d6c2ed9ed6613c861e0d3b7a8a_JaffaCakes118.html
Size

2KB
MD5

aa2fa4d6c2ed9ed6613c861e0d3b7a8a
SHA1

4cbabd66eaaeb4ec5677547fad73fa5f253a38cb
SHA256

188ddcf58ecf24f23cff2b3172b4bb1322875f81667429d8a5b2cb446015e2f8
SHA512

e70a99ba52e75191a8b2dfea853ca1f6844db6e11f1f2f798e98dc5ecb85f6f119e673b8b9237c248bfd088da1b91728724e1dfe73797408eda16849f11809d7

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430215775"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b7000000000020000000000106600000001000020000000be3fbfe75ab992e46d4e14d0952725803bbe02136c39083178ebf84a86d6e20a000000000e8000000002000020000000722944cd1ae502021f1b5cec34b0134cee437c35b86096b911b72674c9ba4844200000002cf19fcbc69281dd022107e2334029b21bee35f771ed2b14ad29da89ad36067b40000000ae2fa3174f32ff7e5df2f7d6d1d71d13fb9483358aedf192bbd896d5f4251f12c06bdc9797f5cd917fbc8068ac704ef3e1932450ff3e0383958103055a2b4ded	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E1EFA7B1-5DFF-11EF-80D8-CEBD2182E735} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10a56cf80cf2da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b700000000002000000000010660000000100002000000049d4fd7120c434fd2d6278852e07c383c9b1b2c8c831fdcc71e9419ee474281a000000000e8000000002000020000000fc55ff208f18d17e23586bcad1dcba107e5de41a8531f6c2214915c8e19df5499000000087c9752906a2277cedb40d4d4d16c1202d779356a3f785640a6ba06f5a7ee355956aeb6d0c470e5f9b096b26f635b8a893ec53bf959ac905255ef379671342dad9262d6ea244dee497391afc6d99693bc07a80b6c4bd4256542ffc5a631d3a83c4eb0b96e9190cd652a4ba529cb2e531e4d94e61551a942794a3aa42e722cb200256f5f76277aa6818825e72e4f9ba11400000000a2fee4a2836732d1866a27663f768a4eecdf99f8c3cb4bdf0a42c5a158ba2031b8dcaef650a8195479f0a1709dadc0fe4f67e1e2dab481311b9c678f6854d31	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2296	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2296	iexplore.exe
2296	iexplore.exe
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE
2480	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2296 wrote to memory of 2480	2296	iexplore.exe	30
PID 2296 wrote to memory of 2480	2296	iexplore.exe	30
PID 2296 wrote to memory of 2480	2296	iexplore.exe	30
PID 2296 wrote to memory of 2480	2296	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\aa2fa4d6c2ed9ed6613c861e0d3b7a8a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2296
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2296 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7c7a6befe24e6352f14d60103c16f921

SHA1
e6596ca870efc289b5c6d9a8b16e732a8eb71f94

SHA256
3a228d17fbb0292ca8eeef07bf9bed5f2bda292d8bd6509e16a7e774c0ae4563

SHA512
271c641e11dcb224a93fa0b42aaef67bb6dca6f05c5011c7e6daec6b1312fbdacc2ea3dd64595303f09abec40ccfd4863c81d987e94f00373c79a7bb934d1cc7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1df17f57ae31e853058fff8539d81f6e

SHA1
545eab1135a61b60e002da49b026c0102b48b733

SHA256
47d571e0bdec9015077a80a997cb2e2fa902a230ddd2b3da15ad4f3512c509c0

SHA512
905787c8f4d46988de07808cc1602ad9148efbf014d343be4c3406ec82ae60556e66522261f63d586b7e2fd7ba699ddb6d8ebde7834c07190a74a855fce8b404

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c7bbedb00962c53159f64ae3c24e94c1

SHA1
5d2d5973ae1ddb8a3cb353d1a6dcf9014f515f5f

SHA256
f800141c014079dba4445c5baa0fdd2706b12f8cf7a854870ff44bf6dc191ab2

SHA512
6ccaa7e25f6dc08a0b04c852351a8ee66a85fc1d0042832876808b7e6d15f6aa298faf3df5bd4aa6097080786af28afce67fd615e86f7aebfb94e41ac5c16a95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8140b5dab0edad521ecabcb5376f20e4

SHA1
7ff04c5e1fa21325ca9d620aafa5c4a1fbe614c8

SHA256
1205b7e722199af1bae644cca032dca5b72a181959c31992fbf5e0c0a1eba595

SHA512
8d2936831189b2a5367fb647edce4d540bcdcb07dcb1daee1ea2cd31a22c03c6f53f17dbf2620bcdd2dd7360386e88a2c35240940a9472b24070ab20b85f721b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4bdcffe104ff7a13215b491ecac2a421

SHA1
8fd45014826306df98b41883a38f2c40a9b37167

SHA256
da45ada47aa4772c4c9d21dc9f73c0da49ca7c240e2da9126f016bcfd507f04c

SHA512
026775f1d29ad98c8e046ebf90add5060f03acaf5399407a6e97f00ff17ad6efb49ac1deadb30d97a944bdceaf5c51c3ace19deccddf94fc5b09bbd242ff0fa8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1bc8b8275e9a52d2a9a2d66d18f5b363

SHA1
12fe96cff3e4ec995755f04f6224021a9a532b23

SHA256
16491766f4390b2065a35c0ec53a9b3839cbf1b0a9297ff5422053bbf42a7288

SHA512
71295fa5fa0d842088bda02effba37ee647ab856aae9b8ec6668c15fa3eb89e75c94ad7fc0dcec616fa10d9e67362019fdfcd190ae70645a86c1f8778ba95844

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
40060650bf86b95b011587704ba9cfb7

SHA1
107558d7bf5645dae0171a48f6765ec8fe755b20

SHA256
56a032f61953db2d2b106edba467725deb37a62068385be4cdcd93285c65d1be

SHA512
7a2fabcd6184c05b3a5c18859a75cb16f0688d0ab3d1875aa634b30db50220a473b80eccab39a003c3a6446eda73ec1b68c593229e17562875966a4bd3f46936

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
64b6533d80396a260e7ac882d4a9a7a2

SHA1
545776d87321eec3e088366e517d47885cd51f1c

SHA256
5a10401f5fc6937b237adc63fcd719c85b08a7abc9d8ad107301155bff1f15a1

SHA512
18aecbff837d9da3f399cef2d369f0c44a78b3ddebeae9cc03bf1d53219a33f9344f7a2da47f5cd9f6f6bbbfbb18bf81ba614df95a1334fea66c38e2bff118c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6d3681bc55be4799acc551851ff7f94

SHA1
529449d244961e86c6c6d305cfa752c707f22e2e

SHA256
888dea4c4da43dcdaa926e5ae47bac39cee74e3a8ee4a414a75b1d5adf7d638e

SHA512
68dce6b1d41868240131e15dc911499fa00f876cddbcd75e71ecf091b37832504dfce513c3b76101dc40f39397f27d6d89706bb5e6ca2f2d4f60bd4e79bd7f40

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e9aa18de18538c81c12850af3079b6b8

SHA1
94c3962cee8e554d43e5ab34352a599361dee83a

SHA256
d6000d2f2e84fff661fe55191e93a5a5b24732c85377de147b8aaed5acaffc82

SHA512
da3d383b464db03fadc62ef92fcc711fcbde3027cf29c40dd749600d07e93489fbb58de08c3a051aaa84b753881fdb47b7957ef32066837fe4596c4f8bb232e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
82227de10c8fe603ba5ef3aa67e3d6ba

SHA1
251fede747983ef2b2c601ab14337733a372173c

SHA256
cbc00e22bb00730aa1f06ddd8007086c358de307f69c3af25ab5237821c8bad9

SHA512
46a646622fe697ccfe4e5afce84814de4747d13ccdaa11ff08d55ee1d9c8aaa850df5c19f27f1ef3ed07ce2f17eae5777aa3cc76494fc3264135318f6e1e5b19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
def177111e655cbe6c1afa9166be5ff7

SHA1
54ec8d1507985d38c49d497a4f799c0164c7a0e2

SHA256
fa8ccb8ff83ae0815475d0e8d6560b6a243da5d015338f945a0881b2c12f58d1

SHA512
414217a8031e5215ca3451f8c38b9055f77576a2c5886ca0d58bc758b8b7d195f5a78f0d85ef3f17eecb4f3c374500e5ce757a44eaec317f2698ab5e71a8d4e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cd414c84a604ec840b6820995e4deb82

SHA1
c282d90b0d148711d03e26478e467a1824098abb

SHA256
bb36054a7e6985a016a5117cfd7cfddc59f91bb1b7efe79b1bde2e61f9f832a8

SHA512
35d0b4a206bb05f256d1b4b74001949ce442b315aa5ad3782f22405c2b728b4b52bdaa51daef214ddc193a815755fa86a2fa4557d97eeda18bd7591a26c1dc8a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d073a16a52869a68f91a79e33728f34b

SHA1
e5fcd34e91bb09c2035149928d4caeb58b6ac0f5

SHA256
ca659d106a4cc2494d0c13c51d97ec0c12588f9eb99660bb3a675da6540cb01e

SHA512
5561e5385a4a3e9f2778b1c0140388e556295761dd8f363318dda611594e4376f1dffa9688794f5f24d52cabd80bf9ee45a53f58e28a8372fca58b3ac2b4aa63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
85ddb6d337d6b8668ecbcff5656f2c83

SHA1
679758c547bb968082fd6ab2c7e1eec8153b2cad

SHA256
91b7b58becbc3a18142cae74bf6005a8de48e82c5e656ce3ab5be8fca78976ea

SHA512
bb12b6312e1939a7714e4baedb8bfc81018267dccae65d4dfe008170769986939e2ebef42deedabe8deecfdaa6faaa70ddc09678f460e65bdf0a51451baaac74

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a6cc47e1367c0f4f1902147ce99e80fc

SHA1
dc868894f3f067bdee7b7f83e87b65ad901d3543

SHA256
edca1730391738d4a673bc9716c08553d6e012dfda7695d6a5724b5f4f463231

SHA512
4e3a2e57b77472eec675d0e7a9c1b278041862d49f3e90f0f080cf731f05859e81bb74deeae8d1396288fc14a390956d74d6ee47f26706d57ff98602c1b06bad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9c03ab24f2d04185d564e008c5a8e75e

SHA1
6a7254a6d1b0c5907e69908067e176673068af9a

SHA256
05c8f9c60925034cd30c8ee41253d7723c4dfec4e3d76c6f29c2bf8ebbec51cd

SHA512
afb2401e9d270d869dd46eea4a382f17eb49b772c5ef5f64e8cfaefe77646f42a28aac9cd0a6947e2fc0a1a3ef284c032f973cde97b23ac0223498c646d86e89

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1DEC.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1ECC.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit