43fb17f6e18783398accf5066bcba3dcd9c612e8e3bba5223810e0404de1d20b

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
22/08/2024, 06:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b6b5bcbd47be68dd1b1cb2abcc49f9d5_JaffaCakes118.html
Size

6KB
MD5

b6b5bcbd47be68dd1b1cb2abcc49f9d5
SHA1

3e1c525b942d99cba54661b4dc714f858d0212a5
SHA256

43fb17f6e18783398accf5066bcba3dcd9c612e8e3bba5223810e0404de1d20b
SHA512

98d0dd5c3f0383ce8f6ca329b038300e914744718f42320b586126e51d7abaebd9e50298c578c71bc791bdb9e246cbbffd51ea5eb8951a19cb97926cabefb76e
SSDEEP

96:uzVs+ux7DqLLY1k9o84d12ef7CSTUcJ/6/NcEZ7ru7f:csz7DqAYS/L4Nb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{09631581-6052-11EF-93D0-F6C828CC4EA3} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c700000000020000000000106600000001000020000000202c2946f955bad9400f897b810015f0c93137445102a4a33abc8b4edce215fa000000000e80000000020000200000001595e5cbd1faf95726cd60378cd29794119c306550e034037a958ab52d0460fb20000000fb70dd21ce40c654aca587f639601cae43769597385f340c07c24befc175b2474000000058e0956ba5cc64ce9c848d5252ff3a3d84648dcf519a439910624da339c2a02bd4421da67a9908ac9fa3d514c078efba4766530e0a1d61d9792fc84925456549	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c7000000000200000000001066000000010000200000004f2e6d920f70d72fd3ef0a22c7ed983313988d81f528f432df42be7a022d6950000000000e80000000020000200000000794e7fe343057898758c31070e940274fb872813d1c78eedb5b87a23e4160a2900000000d198722d6d313480ff719b2b5709bd8b950b7a14a8c360e79aa0a286e90282874c9c76e0e22ea2729744b000663f9cc29338284d98016bdb7dc0f15f1a479367fe9d84775dbe08d6483efafa8baf296887cc6fe286e387749b70928424489ceae480e9ce8d50dbfe716180616255559c1aa7a7186a31981e7e90ccb3a479fa688064dbd05337cf5a3657354183162e940000000c64d0aa15eb163b9a3b53a6505b3a3651f1ff32e4b958479001a154035b0a154dbf5b7745a2355a5694b427df4ce895bc50000c3a29af20c3dae463105387d8a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 703b72f85ef4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430470960"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2516	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2516	iexplore.exe
2516	iexplore.exe
2972	IEXPLORE.EXE
2972	IEXPLORE.EXE
2972	IEXPLORE.EXE
2972	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2516 wrote to memory of 2972	2516	iexplore.exe	30
PID 2516 wrote to memory of 2972	2516	iexplore.exe	30
PID 2516 wrote to memory of 2972	2516	iexplore.exe	30
PID 2516 wrote to memory of 2972	2516	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b6b5bcbd47be68dd1b1cb2abcc49f9d5_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2516
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
22721756203f9e1c0e9201b3fb7f08d1

SHA1
56c6bcf69c999d4b42912bb2ba718b74d5cbc073

SHA256
d30621ca7aa3f124d08474f8f6f384204743d7c85db87adb7eaf39ef5ae642c3

SHA512
c25177a187fd80234ff1aaa896188fa35cac24f1216dd00d80c7745f47348880bccfd88e713af01d75beb952eed6bb5803286a7330edf9f156554faedafe8d35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3fc9c0f437cd89e5f842c7f1e17e7899

SHA1
5b5d26c98b0bcf39d89ca66061e554b7957e4f9d

SHA256
cedf7095b67f8ca025f8d6564de3ac8b15fadbee54be9aa1f693eed942737c17

SHA512
44340644d2a0cccd3909d22345073a18c5c2e12b1d018c1cf7fce82be3bf723d1d0cd006befc20ec0ef296137150574e27e3cda72200833d32a8936e1cca7e42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
666fb7b92fbca116455d76c09900f13a

SHA1
6d80308ff8ce74d89122de2038a0c25ef79a3f09

SHA256
7e2b4c174209c7329f7e7801afdc2678b0f4a4f297015a31f98f8bbeb7053eba

SHA512
51bf3410ca14986d4f312d3face248c5faa3a89bf3b6415ba1818071539181e0e3fa4a427b03de944026b0fd33c1080765885b2af0de79737b5934c70799cfab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9c6d82b3727912a6e66c3d64adfbf624

SHA1
b1103abfc95ecc13d563fa4a372e933654184319

SHA256
9e5eaf2f44549ada5095db8ea064833c52d3fff654039a9fa39e9309081316b8

SHA512
e2ae75fdb2c5fe608984f6843bbaa8c703f0a68e99e9ad7af323039a6ddcaa15b809a03ef06793771bbbd62eced0d6ce5b0e2200defccd3357ea5402a4596b5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4f6b56c9f585cad12cf026508a9daf70

SHA1
0fadde352c9dfa288d98e4e3483d5dd1c7a168a9

SHA256
46620e3f855aa051a4ba7dd2b377d101de4ea09777bfd24c1f53cf5edc86170b

SHA512
ed20ff267c71eb4cc8504f32d738e4fab91934ba9a911b9016c63c53c7e9e50ec776cc90ef85c30781be139b24d7334d601c993f6359bb097e2642fb2a55f81c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
946836985b005b46d59bd0d0a755b146

SHA1
faaff05cc628277d08c5a33177657a1bdb86e841

SHA256
1a71abc2978b35a61663c07a5528c02211a7f46b878b83cd6fc224c45281607f

SHA512
0237efecb99a5be6764ae6251336f9ab3e584c2f6fc6d06ae5c8c2c6bf83fccb5d4d9459e19735b154c78219fa3309cfeb1db9eb17fe071d3ef56ef4f412c368

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ff1eca2cd31ac6963e1d520044ad77c

SHA1
0caf192b2b504eaa9c39eb217ca95b33fed11bf2

SHA256
152ba9f47de9e14a7bbc4de676052a58d84afa0ea805598c27807ffef6b2da9b

SHA512
ef7e38603566b5ccc585873f30c142b3b49af4aa5f7054a7bc2528bfd47513e8d9fa43590873f397ee04bbb14205b4ef9a050268932b4c8984fe7bfa36c0ac65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e243193e2cc94b57cda100c56e12b123

SHA1
08d2702db0a743f550e33872e1545838bd72e6d5

SHA256
9066fa6fe551085bd85426380c565e71e7030351398100917e98b85d847bf6ec

SHA512
ab1a4b42ead52de62423a76b49308046895e0ba46d16f982918cb04674b5b2f6d040e119ecc94b1632490a0e8b1e6cbb5457e4f9278fd35b0157efab54ba7afe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c2c2edf947e9497c820b26641a4e15b0

SHA1
daed6ce2609d086e7d0d8aa417268f1712f2b148

SHA256
a66b152dc2758c9b4c85193cbeee0463fa4868bfe37a7143cd5a277e828461f9

SHA512
f73fabed532376f0bd4a38a9bf2cb0d601930f160d9ce65a539af9b391ec45d49e28e4fdd912b128369520c3be5a828469cfff08d9fd98055da1c101ccc092dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8fa0b6d4ca236a780fb54679489239a4

SHA1
6b413e72c01a8fce4f1b58dcfb01f119dbd82701

SHA256
341f7373ccc9e34b52e92935966bbf518c58ed4235488450f470bb9991671dc8

SHA512
720c6022aba7e33f7dff26a7749e67ac0e054cbb5e95f1ed02bc280f37bccfd29dae6ca6ebbb8828ddae79ea27de6f24e0a5b74ffe04fbd5d34a736dbb2955be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e1ff555c5804310faf1f6b5b5a629bb4

SHA1
7b0a8306e7efe6bd841af57942f23fb218020944

SHA256
af0ab105a8a8fcfafe9ecd0eb727b7daca1febcb5a189b97d8f6d5178a641977

SHA512
125964a0eb90e71e7479cfa3c8f3153d46b677b731c25f038336bef7ac1a8c7241cdc4c646776fbccf6fa2610c0c340d4b2785cc76f4ad9a264f2f53cb3ac49f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6e8b563faffc15c7f30e138fc3ab958e

SHA1
625b57afc93526d1545419995a0e2ba7d51d38f0

SHA256
a0e6d7ae8159776fc9f9e876512ef9d41595a9915dc8ba6058fe627a8810dc14

SHA512
10cde1bce1dd6e8e5a834b4e121750da5f2645d8bd3fdcc21a291b11d780c24f958a3bf6b9f49b2d216cae51aef823edd23d558e01679ce79424aad0de1c0271

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b779b131e172f7a54eb22665f44e3234

SHA1
040b1067531b3fbad432ec4a35c3e6468e2fe18e

SHA256
d0c1245dc2468d9d3ec80a7d344e078d56c93040e4d0d11c161240a3b2ece6c1

SHA512
938e74eae5d02fc79398b37bda64922c173cf633b7e1e4c2af436b60d0ffd668c394068204a71159ca01e70dcbbc13f6b809c1967279335e92830ecf63ab70ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c82bc8d4b8b7e9cff09dfc445942bd59

SHA1
558b5e8f10b577e1327b5dabc937d0a1d4413620

SHA256
462133805ee5aad2a1fec4a9e3dd4050e607129b5c75b73a1934dfbef5f94c2d

SHA512
31db415c641d5c1563ced68f035a0624f17bb1b7c77a1e565d4fb2e2ac1696587a5f186f85fee9a5f439a600d0114bd4f49c94a0f75ef85b122fd3719bb16aa9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e069481e9edbf1d34025755549f0c078

SHA1
8762f37125ce8846e0dc1fe0eeda64182a617617

SHA256
063df0b36b3d22cee9f9ac15f74aa608cd6246bf022708b436f863ab402a285a

SHA512
c9df0213a4348c211fdeb668782c5cb0395a76bbdececa75595916003aa054fc1d44fbb427091d837409757443871a5b95f48c5ce125828666dac115b079b097

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0ebb1f4a98113444bb81b9d2766d0df

SHA1
f30d8010aa339a461e8b8a6085b304a6e5910acb

SHA256
fcc6cf1541c0ff25d3ba7701a3464079cf462af3dcc22367f05f84c2cf098f8b

SHA512
dc80c05c5bec4a69e8a6ca758c1cb48b33e8c3a9a87db319bb80a6f8deb8f82b854caf290c461577e82768dcda694668bb47f2431ee5ed980b61a8b2ec108924

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
00631df0c16dfcf50e9d4a223f9ebaec

SHA1
3a4e5083af9e93a109e10f9ea7286e7a9ac01497

SHA256
5b9bdc156b28ce9909ccf986f6d9e6933ca28548128902fea7d6a13ccf598df4

SHA512
17b6c1e3a72ee591d399429d1da7d63b69ff52945fc6e333ad7aaced54c512ba07eddb6dbc64896d63b35cfb2162fc5fe5afa032bcd39142df77d0b0dfa4467c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab736E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar73DF.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit