14fbbb542103e9bc64a9da7283bbae7b0004d1ae74cd75ca4de2303fc8486ec3

Analysis

max time kernel
135s
max time network
132s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
22/08/2024, 21:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b92e972051553662714766edb8e15e8e_JaffaCakes118.html
Size

14KB
MD5

b92e972051553662714766edb8e15e8e
SHA1

8acf9834038af7c109b44b19f1708749a78a50a4
SHA256

14fbbb542103e9bc64a9da7283bbae7b0004d1ae74cd75ca4de2303fc8486ec3
SHA512

a5d258daa8babb79cc773a575775a18d03065449ba7102dd05fb7bae258a731c97df43e76fd849825e91d293daef041c27279b35d7a9c6e962ba4c7af1d11346
SSDEEP

192:UWaQdplMB/pd+xq/aQ31ZWcfj0qu87KII6D70WxZr68:U4Wpd+A91ZWCjJu82II6D70WxZn

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000001892c1d6b9bb70177d3bb992438904cbca8025568242d2a452b0ddfe04f96fda000000000e8000000002000020000000a8e4799dcafca752f00a50046fe0149d042de2f363ee8343b54f3777ca7bf3c720000000acdfef6d598f6354f2d87162594b73dd0ce3da765a10ead77b59256f4b70df2e40000000cd90ceb00ff38e61231ab96fa90ab45d03637db8d41c89721949db34db248505fc3caba90ccbaa10444199ec8ece73c1a74aab32609b30ef55005f357217504c	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430523393"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 204892f1d8f4da01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000007c9833d7437c2e0f72cce5c471929c0c75222b0bd0dfbbf4babd06160db08f92000000000e800000000200002000000061c9722f479d10efe47c0641fcb57a13959e103687b423dde05efbaf40772aa290000000f0df150c1352bd9090167ab5b260f201176b340db60565b7a87b850b371aab13a8e31721eb7c001306c00fbc0772741d5db252406b338d05de13dff653aaed65277014116001728363de44506133b30119596b2cfbfc5e9272ee9c9ed9d492caa1411821f540e3b72f75567af09b0dbb1468c3e924e7bd03aac687afcbe5a03537423bc4090360ef35195cbba88c351a400000002c5872a1efaf4b1aeb6104ceccecd32c7252e7e7838a2bf467cf70957526d34fa15a2ccf64d2961dd720789f58325af651062a51a853842c7c94212b1669e4ee	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1CCFB541-60CC-11EF-91F6-D6EBA8958965} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2604	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2604	iexplore.exe
2604	iexplore.exe
2628	IEXPLORE.EXE
2628	IEXPLORE.EXE
2628	IEXPLORE.EXE
2628	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2604 wrote to memory of 2628	2604	iexplore.exe	29
PID 2604 wrote to memory of 2628	2604	iexplore.exe	29
PID 2604 wrote to memory of 2628	2604	iexplore.exe	29
PID 2604 wrote to memory of 2628	2604	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b92e972051553662714766edb8e15e8e_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2604
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2604 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2628

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4cccb814621ea8d603d30e3691f30900

SHA1
405e9b92eb49a81fcca78e5664ffe49e7b5e625c

SHA256
a0c58f892732aadb1d151d5e76bd8ce5c0fa773c3fc14a312838ee7916279de4

SHA512
f62d99044961569f5236fd4aeaac8337f3f635c1b19feebab607faef73faa8c1a76a4775dc557bd4bbe5423bfd587b65440cebb88096d5fc82fec86905ad7ea2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d0fbc26eb483a2dc5bd96ff2e97913c

SHA1
1ea8862788cac7b2159cf71af74edaf095c7c0ff

SHA256
365007091e3937d9dc6ec914ab04c6c69ba05586d1823bdf53c4505d8e11981a

SHA512
db6de60cd18ce834bceb24badecd47253077666adb1fa1120b88a391301952f72013c63ea06e15889ad1e7ab9e60cbd68a0282582848db38b005364c04e08e44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
76179c89f5af2a0d4065904d6bdfc931

SHA1
d25e18652d0358e44f1f2f12842bd2a97df5d32e

SHA256
a836d52ce63c94e0f26e44b59e866c6e76ee0bcc96f2c3dc0bf4bca99f0801d7

SHA512
0da9df3821b7d7dce49060bc5c77462146dfaaeeaec6d747d04f77577f4d39883d58a5039b79067feba0cd8f242ca0df97dff8e127c69df4684e1781aa0068d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
79234e70c8501fe521132d1ca249654a

SHA1
5ddac3a56457c10a8e3e84c53e08cf825f6a386c

SHA256
d49d6c830cec3f59fbd7abf221d86f30781653639b9cd4e26a97be0688288726

SHA512
eacd3a2fb25521c2627b52a93b45b290e2d37ed8eb0278838adf387516ed180e253793081d81ed09bb82040a96a4529e8c87aea5ccc177371f6314424636adac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ccc1b80e3193ed7e08d23aacce33161

SHA1
0f794a4ecb03c2dc3191fe94c3404eb2b556732a

SHA256
9dcfe8ff039d9a4bbf495d8216d6c4a96f95a2ea5c83b2ab4b7ae9586946a8c0

SHA512
7516b8c9a668dde106d1faf5279c61700d522ffcbed0300982d31c13eb0c1d863536f7780bb812c08923e84e70c11fb5bdf16b39856fed8cead9f21bdb6ad0fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb008a94515b04a25f36b0ca918d0daf

SHA1
c71a8149df54ece1273f6df5c2de5e4e1753f811

SHA256
a7cabb4187b92756567b6d0d6f0d10724d2a7888f18d93135271d4efed8396f4

SHA512
eb9c3309ae1a835b62f3440599610dbdde7a06905eb2b19858c1cde160ba7175c2daeae11f35d071a2ae377809389c68c974a1d94ee755f55549a738f7b034c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f34451fdfdc7657231d41a649f4a0d3a

SHA1
9ac8165d3cb98c3b94b9ff273c99c26a22dc4f2f

SHA256
acde3adb881d758f13c8c4940f708ba99d70126034d92309b53c0aa1b8ebc07d

SHA512
7848f86b7c6d774849f96c54b19c3fc6bd9cd321ef4197defa4e15a61205d0120c6174be3dff596c105a841bd84e895bcdb227eb712b496548ae375b1f92f64d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f43ef35de4290f3fd98efb513eb54c57

SHA1
1cca1b54bbf0a6d87c3ef7164171cac426e18da1

SHA256
ff635e3dd06b8e015ac1ffbcc8ebd48fa86d99168e75a4423183e98b6735c760

SHA512
bf6f5fdc0cead4e2be628e284233adb6c1b290d5c64eb24685391167060c8b9bfb6a3faa60d0a097065f51d010a28fca726837d1bb3e0a2914b5e451bea17c2e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
724da08453f1a747ebe0b5e4c1416a91

SHA1
c2094b97f30280c02cee03e960519b3e2f814b5b

SHA256
c697ef01d9f855d241d0c67c4273e417923cd94fdbe742b7b4c58b1cebe3c882

SHA512
47cbc8b0834ebc4c45fc606367e58287ca14f869cc82748fa1db2a16315538202fc068a6af5d168114baab07956c0ebfc03339ad9de104c950e6899012f6a4ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
36dc4642e5060eaadf443e7a5b80da5e

SHA1
b7baed2b5eb55d1cf1e3158a0333265027f0d31b

SHA256
019a467b0bd574db945f009f6d0f143638e4a314745e7d1daadc2fae22e8f642

SHA512
5d87622396f68e83d8573d5e3565283db0937f2c1a2549c1edb148c0a0d96277551f0fab44fdba1c2074f00a82f57e00ba4ee9e4ed1d155e6ef784a708c28360

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e61cd05fd39b23c51154548d23301c44

SHA1
d00f89f5550adf6953c113d3bb8311d7d0880e4e

SHA256
46e9ed200d6f3e203b1ab41ca719cf1d0f1fbd98d577220ee686c29bca2e0db9

SHA512
56d2f6f9b9eb0906cff53ffe9b7415d90c10e16b80608047efc4a365574ead3a8b4affd97d52778d7097e2cc744c2212da91fe226191ed36001cd8d2558f6763

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
551864afb7c5404b4c0e0030e33fda2c

SHA1
96c711a38aa00ecb835eba292c6d3aaf9f37646a

SHA256
280fb2ce1b14d9ccf9b0d3bee763533981651a7254b5de900ba6dcaa38ca33ab

SHA512
22c53da7d7c420574a5c8a1ce69416506f14544c136f2906191e169e5ac4e2c2875ab94c3a599dbb4833ae24ec60178dd573bf166c9288b2c28c1273645521a0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9dc954c0ba068a328d5c3d7a2040d54a

SHA1
6583e115b23891433b7eb046f5ba060f9e0d04fc

SHA256
e2e2943cd766d4a389851686f4976fc8d38ed3379f5543c56adb7948e06dac78

SHA512
d1147d77f1f8de486020cbed6034c68e0f8a2e3fd54f50c5fa2184e5c7b4ea18d02f16708db998b348166378be4b2ecac2c353650aab394352f89b9f78d9dbb8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6c7bcd2a4189752e353caec752a91b32

SHA1
a86337fd953a4a37d7d238f885f0a92004cc7197

SHA256
faa6ec670343885ab85afc96edb7f47a47e9cf2c3cddada8ac39902e6da46455

SHA512
a4f5561c7ba7f8e8f5b17d05e6220afb3c7dba8358b7f53ca27968135bafcd9e054abc3f6aa48f5d607c381d2d3aa355d5790034fd94ebba918b786624b2ab42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
80597368530ecfb9236f98a3ff7ee1f8

SHA1
58d31276347e0ebbd2160c31e5a33c1bb4e49302

SHA256
7099973a4bd3424be236087f71e38eed5cf939e42c050db6066351e774655a9a

SHA512
0cd7225cc7fdbeaeb72db33ddf838499f1071dc54c6eb3c9407879b2bab0dfb53a168b44e85c22ed8a7a46bfc85c90b766853cea6eff602fbc6d7097ed70e32b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbb4e6ab294b2f309a87143a60f4c464

SHA1
3befd07881eb97d00b0ba03ea10c26b611278eff

SHA256
a9387b527280b8cdc9d6a8cb92599c8530d9971f084aeca6eaa38fc1b5ad6c16

SHA512
6e71882f2e4bdb79531872dcc4e0518e752da40c59ef5a0fda84bd0d2d9263ce41d1910c306a12e0e7aff1e7b5c0a1b16bfd5bde116ad68700a3cbf73f0784dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92da0a5b98fd49ed58693c6f562034b9

SHA1
53688e734b2cfb8b6c8a446b8de2783907ea4e8c

SHA256
6492b26221a6d9a3bf2385768beeba049e8eb9b5b354ed19b3d96386e209983c

SHA512
062aea619a8118ebfcb841d70d2634bceeec2345c4226887f9313d967a3aa613cc3b881da13465e55ce523f8c658b255ab47a6f6ba97f95756cd88eb43d3f92b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB2B.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBF8.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit