1be0d95619d2d12f921e5457dec7c7590bfd72efa49d0c74faec69f05f59c35a

Analysis

max time kernel
134s
max time network
127s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
20/08/2024, 06:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ae31e13827967b52d74cb08a882d2841_JaffaCakes118.html
Size

9KB
MD5

ae31e13827967b52d74cb08a882d2841
SHA1

9c505387502e830704e11d146e4b4b60e8ec6509
SHA256

1be0d95619d2d12f921e5457dec7c7590bfd72efa49d0c74faec69f05f59c35a
SHA512

1889d70f252d41ef7fc6458b5a0602dc573abe025575391cdf0515288b0ceeed32bf0a1b738a98ee71b0e65975e058918174667cd9923c1362e346a4c86a7549
SSDEEP

96:uzVs+ux7s4LLY1k9o84d12ef7CSTU7GT/kSxQDxapJO5hslVHcEZ7ru7f:csz7s4AYS/CSWWoEPHb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430297675"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{92E2C111-5EBE-11EF-8D15-7A7F57CBBBB1} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecca440099c424d92937bb9b1db2c9200000000020000000000106600000001000020000000cfa6e404c0e4a522b56774067b0a394a259c5a8072890231d244693a053bfa14000000000e8000000002000020000000ae391a77f5fa06fde9cec1b9cdf6ad7ea813281c8d2de29cf5c6661137cf308790000000cd7451ed2d46ad124a898cd306cdc2e54bd87131d4aefd651fbbd4bba725140948d19b340ba4032791eb977d788a23aaf45098fc170221ebe8c638a6e315d27ae118ba666d7d371d6235474a911c323e1525e53cd1fd0ecd7ff820a6029aaf095fe3b930a83a5fadd3a7aecbcb0c55c496d0f040d408591a45f6a1e183792b06f605ce46ec2a24ae9831ce4a15bf90814000000088bdd6ce630306b1a2dc268de64891dfed9151146989d25af0e4879ef8afbf1eaf8cdd46a77a652f9c9a3bf222cc6d7a894c8f26b2ba6aa85a5150ade8c161ec	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecca440099c424d92937bb9b1db2c9200000000020000000000106600000001000020000000795939645877a44a1e5f40026286678a7837eb4b1b5521105b3338bd5b0ab6ce000000000e8000000002000020000000b2755427e7982513acc58ea827fbcb48891d674caab278f3b5bdf93da2aa82dd200000001be03dfca6ff1c026e947b29723bd4e61e7059c2bb386dfb7d347bd036979bac400000008a7e1d2656888788818bd14eed5612196cb34d6bd9425739f0cc44a4abaef208fac13569e8dcd4ca91cd3337120ca27f5098771afcbfe257f2e9a227e478528f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0e6cb67cbf2da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2257386474-3982792636-3902186748-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2400	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2400	iexplore.exe
2400	iexplore.exe
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE
2664	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2400 wrote to memory of 2664	2400	iexplore.exe	31
PID 2400 wrote to memory of 2664	2400	iexplore.exe	31
PID 2400 wrote to memory of 2664	2400	iexplore.exe	31
PID 2400 wrote to memory of 2664	2400	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ae31e13827967b52d74cb08a882d2841_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2400
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2f9295fbcd594eda35508755c2499aa8

SHA1
9ffe99f900414e95ce996894fe05c1c33db7bb04

SHA256
715776c17e6689768a4a13e668afc46c63e28261bba8bfea75134dfd4d2bf945

SHA512
ed1215cc37d6697e58253bdde8ebf8ae46e39f627881433b7814f014c121c432acb8157811e84fa2abe1c200dc7082b8936b0da243a2a5ee43d24ac0ce3171df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
848fe4fb6695169c5def2a2068857d20

SHA1
856b0c3929bbda9e5067d3e29b724eec62c57253

SHA256
53e0d7120db1746d7a8410e8e66e69ee1c15da964fec4d0f8e23b77afa31c9d3

SHA512
19565271b1e207622aaf27445e441351ff93ea5f4e879a1fadd467d8d932d6209d493013ca9127828c881eb21eacb7c63f6f28fb84b8d48627b68114bbff2556

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d66d9c5f118fa614e54718366a316760

SHA1
2158b0e323158031de1bbc9fe20d02b772b5f9fe

SHA256
ab78a9847f205e4b607b3b0eaaef4b6feac76711ebcc123872716e3d054e7a03

SHA512
45d2040ac3c3819bd3e69cf935d17e82bf182879be023ac1564c6960a848763ca08852b90f182662b89990d609e253302450a553a60263ab4f2773d8719460a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
37c1bcdd795ad6fc7a70f489bfbda50e

SHA1
c44a080080e9b1e2594a97103c5e9bc40063012c

SHA256
2086e13677c28faa694905456b658cce1f00f84e39096b2e6a7df85f60dfd656

SHA512
879c1608cd81b54509df13c1ea82d665b2b348814264e011f9b62a5ccb13249b2f6c7120d978e8da873744b7a1114f7617d317029ae78e176d1953c290fd45fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a7d01cc7664433be8a8928789d6ba6ad

SHA1
ed35953104f8b853929a1f879dc3a2e796a0f8ac

SHA256
cc6227983f08203ae4ecdd5c4aa13b80aa3ffc9ff38c912aecc51b4c2b85b77a

SHA512
4edef4edcff79dbbc9883d3dcf9be2386bb306ed632033afc269a75e53207ad57123ebf486644d792f623404675f5fd11b87d8edcbe1511035cf62cf1dab3293

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a35513462ba364830b552c020c08e101

SHA1
9f4e1bd489b71f77df9a12c7ead02b2196d40d45

SHA256
badaa3f4cb920545c5366e9c7be9333e544729894b83b7804113af755355b884

SHA512
2fddb8a6ba8488f5496f283f4f97089bcb9a336a0bf3aa141ade9ca5375daafe6302104f9a686fb51d4b21cd4ec5586c33612b189d17b1b4dd2e5e67279274ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a64e6a0218b6eb9befc3eafaed6f4b32

SHA1
6ebb8c29547f17fe04ab4e5c13913979def23ee6

SHA256
cf76c98ca92b1a06d7950ac104266c8301b29b0a45a9ee2799cd73b41d29ebb1

SHA512
92109a6d08428a788646c5e0dac8330378d11aa1670d299e4f799b8baaaf0287d81e741354a4c37c8b0f99a1360cbb2606313ff19aa0dd7e2383d7b9a4bfad3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
df0a460d99bf4590f185581fc53a17fb

SHA1
57d17ff595b359863d7f3bc5e9f130344cfe4449

SHA256
aea9f3f387886ab7347bafccbfbff55efefc08af11eb647804815236c54ec097

SHA512
ab16fb9a81649aee1ddc5fe449c742ce566eaaafa22f64f9d3a4150cd828a7ea77cabf240689e378f01d4e398db73854e72b094104e2a6758d82f85be4a46901

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e0392b9cf839a0969d90edabef8ef62

SHA1
7fc68bd6df1812cb6536e5a22e757f23cba95bd3

SHA256
1ec718e78d5c900b2378a4a840c72f27895aa07fc299e94f12c2dbb5af510a12

SHA512
7b43ca1af983cd65c5c7cfebdf6a14141ea57f3fabc0a8173714e26469f866e52a2363cda34a0615c443106698962d31c04f6c6bb7aa9ebe003360ac1967ae99

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
114034daed1b5a6c5815d368bb5494ed

SHA1
c1c47d1e492ba377f1b762588777ff66c80dd568

SHA256
3f877fe2f588a4237c76fd8c0739ba61d41460879a3129d4df5b1618ccab6b9b

SHA512
a7ace60ccf330b52b3bfd89db9cf7194eedfccb3ab98c207ee894e453a593d49cadb68138bff55a8d4d1d2c02b136fd262f5ff027a04f940fb83143cf686bd69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cd68daa6c19c2b2df37622ece0f99beb

SHA1
2ec5a1fd5bfb53179d8f27b6c348bf7a225338ae

SHA256
1114bdb5444c1459a0a55d2cabdce45e9f4b3170f5115cb2bb20e07fef0b3b67

SHA512
578e4e5f8d8642969f40e3293ff88d6a35647974517114dcf451250c82dbcb4602af557fc404ff80f69896e4642efc1e3f665998b0bcbc88a67e697f0dc2c15e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6e3b088d55e6afb9c67ec0503694aca1

SHA1
f7cb5e8178adb386103ad2ea33cf1d99518c8fb9

SHA256
2c150b38e4a86b577a33d2311a6e0b3d107fa28fb2c297d32725a2c24794c8a9

SHA512
57acb2107368f50cf4d9dbfdda96f0452997ea3976a35de013851c28b04e6a89a5ba453b1d69adbfa59aa4bcf027eb5f3e276124400599e65b34b7496fa9f14e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
88766d61237e54bdbdcffbca22365874

SHA1
05298d3aa3e320a465d3a037237adc0da96804ff

SHA256
69a64f9bbef53340cc7e43de18e642b4f9c7aab51b6e09377b00704c7d1ebf5b

SHA512
a465329264065c53c5d2c02aa2bf3c7b3e3b49b50eec1a5511d04094c6d43c3a71458388588ab0570c940781b6d8a20240983002e931ec54593bda27496652f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f03cdc56373c56d22b3067b3fed0132

SHA1
91b4be9303a8590466beb36d37348ccb2539b08e

SHA256
b4e6fd81ccc1a0c66b14d63cc686775b74d100a83def62156a98e09bb4d22cde

SHA512
30b55826e808b6f43864361cfa1f203fc2d090c14c0df4ae63863320bc5ff224c9bdc6cd9415aff2de35bbac0229d7ba7c68be93ce8e5f6fd0c30bb3c5b43d24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f1ac60c13f4e9150fc6f5de3b1b3b99d

SHA1
001f49ee8c68b27be8098eb3261aa2ae426a5dcb

SHA256
c7f8bd5ce615c026af722414e88e601510ddf51ac2692d4c6698e0c7198b812e

SHA512
6bcf76a7099beb55be06bcb07b7c85a83465e0b4c3e29517f54258799e3838c0ff5a3ddb8bed37e8ab766acfd4ad01b4235f3de569d70a64d2a47a8aa244084c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fb1ae9df82d31bf1d8acd88af24da9ce

SHA1
c669ba974a855f613875fae2d1a8e8c30ff5610a

SHA256
b7c82250a44f2c18c46e9f9935f2b13509d203c1303e7b9a988356e4f6ee4e64

SHA512
937669b5238cd1d1f1cbc9724f705b0990e6d284b188a242d460f98c6d885bd829875940dbe8b4839959e41832f14b95da7a700294c921c63d4f1eb1fab4e7d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
30c333f2a7b18bc2b581b0d7cc6390da

SHA1
20f135d00526ea941c0612bbc44afc2f0b32e247

SHA256
ab5435a2274c33033234d2d0652cbfa3ac95e349e3c339f1f639f99010746a73

SHA512
542c784135e02205af0ddd921d6a9c758b7f45af55576e51f72d8d03e878305a6adb625c80f963c20ed31c00fd7dfbc2f3c733188bec79b3813574d7238c0613

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB271.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarB2F1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit