d1760119d1c26e59bbfbfb5d176fa4763fe27325482ef1bc30311147aff574b4

Analysis

max time kernel
134s
max time network
130s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
05-09-2024 21:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ce0676851b5e30e1bc5fdab7a5e52cdf_JaffaCakes118.html
Size

6KB
MD5

ce0676851b5e30e1bc5fdab7a5e52cdf
SHA1

5ce58627e97f328e9fb3202f4e091922458f8e0d
SHA256

d1760119d1c26e59bbfbfb5d176fa4763fe27325482ef1bc30311147aff574b4
SHA512

4aa9a8898a663d146820528aeecb84240bb7d898fd79c9fdc79ea19d27a7114203988c69ce992edc0e2c20f2c7cc04ce3d04e48d19110fe417a00ac4024c9f74
SSDEEP

96:uzVs+ux7yULLY1k9o84d12ef7CSTUBZcEZ7ru7f:csz7yUAYS/Qb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431735274"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000090f55d968be5a7179ae2b076875682506e22869a45dcbc7158954124752b421c000000000e800000000200002000000049bb7010be7bef5d5f93c1a99e081d602c3a071cc9de818539c7e29b65d937c390000000255ba009308bcb48251aa594a239ef506af02dc5a0ce812f31760c052b44eff16a103feaa696b9079c9d028d3163347e52f5dc312dac737b5a69f1a4b550473dd2eb5eae1ea78b67d154fdf2a2d552e88c7873aa9de07f607fed2fb76abd896865edc42406bbb992f0f9e4bb368fa5b9270b6ef5e722f92b8437129d32b6fbf501db35177e14fd5b5e8533de57c7dbe140000000df5a81a7b931ca342401277ebd6d70ce847399d72739dbc56f50805935e099d1c54b7174b0a7b2486af810284ef8066e60736cefe8074ccc1d47c14027b8e9ed	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90383295deffda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BEACA891-6BD1-11EF-BA16-7E918DD97D05} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000068438e5eb43a65a9205beac08620e6dab3bd0d7bfdffc0aa70a8937e27fcd1c9000000000e8000000002000020000000805c2099418128c93e799d2a1f2e0a1c971578aa556094f52b765bb2a73d1d3e20000000c888ca5916b7bfd812051eecdcae2f57474765d93fa5e5857e2a1833c01a4ab640000000c1735af79a3c542d780e321dad6c421963fd50b791be35dbd58568dcb6f46edda141310f98e1531c6e4d0b25fcc0fcf67bf4f43d380f7ae0a08d1749254a4c12	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2600	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2600	iexplore.exe
2600	iexplore.exe
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2600 wrote to memory of 3024	2600	iexplore.exe	30
PID 2600 wrote to memory of 3024	2600	iexplore.exe	30
PID 2600 wrote to memory of 3024	2600	iexplore.exe	30
PID 2600 wrote to memory of 3024	2600	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ce0676851b5e30e1bc5fdab7a5e52cdf_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2600
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3024

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
16839cedd11d85a413996cabcfe5270a

SHA1
0b4ae1c1795045b1dfe35fb3db91197105d8b0cc

SHA256
62fab28591e4a9206b11541ea6191185a3a3dd6767a2454a844f5b0cb56d9c43

SHA512
6c9ed5381f48255316f9fd1b44dafa4f18124328de9c6885d66631d32c0bf6d4c57838d1b8b7c9fbf66eb4d2a3c598cb6b7ce89f7db889f5eff1ed927090eec5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc3fad28c914c94a5ca69a2f421e324f

SHA1
e1e81e44f245a94cd6949a89044746580915564d

SHA256
1dbe6a2278d707de415c372546ca42f041c8ce6a4b2ce77b7f80f53213c42001

SHA512
92cd55914b3f6fec55182e9b28a0c28cdcdd44d666a7b0a47b3a3a29f0965248e1b6746853d7b0307f1875ebd553cb46b674d7b36616e73248c105e08790758f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f66c85f09c7fe56e7b7916ee4edf34bd

SHA1
715c67bed201f71ce1849abdaf4bfe760e634801

SHA256
b234a269fab3350bb9a4d38b8c8f391554d81346bf77f27aea9a069e19c35566

SHA512
d7c83e8af270101de2d0bb5da775f642f064f05415c4921d0de288e89c98db82890ad15070dd7ae85f73532d45e409d6fc88c84e043098e3045b4bfb3d27a78e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ebc723c6c19746efad210830986d8d57

SHA1
6735d69c796080d1f1198197609b3f148f853b9f

SHA256
222f5865774b6e63a65e33bbabf4a64702efc4c45df469ce7586fe6a84ae80b1

SHA512
fc1a550615d31548ea43e78c900324f05e1b8ecfb3bc6057dded9a635ffa9f6816dc50a41998e1a2d700733dccaea6417fb8ef22c368fdaea5c563e34d3b9dc4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5db2feda193ccdd94f48b037b18debdf

SHA1
f19dcb20694ce2c2dc6177f7a1855ea76929c8d3

SHA256
c3b6a6babd8c9029e7ec2cf0d462bf58e8a4a0ab763f803d6ebf5cf532f5a60f

SHA512
d9bb1ffb1eb768b39f23e2b03c91351a36c566515f6c82b1899c7c9f25ffaba11956e309ca16b1ccc9b3535eab8c76da02352b073e2188477c74ba70b8e1c8ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1c392b2841d1a556f23af5cabc97ddda

SHA1
bd6d9cf9b204866a7ec46961ed2ff1c1eb336776

SHA256
ae92ad01e6b3fc07fbcc179c829d9d2f6d20c50400f9dbf16ba0271383d1ee10

SHA512
892e0bf59c7e5fc790b90959989ba088049f3ff27514bc07d97395feff802bb8e190b0053fc1ea3da9b1f5b5fcab7c4642b59ec9cfaab81f2eec563c4ab7ec59

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c96e75909210081a2d16e724e7cee41

SHA1
c8bbf8e58e194433f10318360581f2f71856f96f

SHA256
2cd19f98db1ee278df4bd9fb84f65903446a816212fd603b710923d717f57b95

SHA512
29f84a62849f90baf32614983b9ea369557301910fbd9cab21a024cd3b66af4b33e43242e6b8fe0efcd36092e66a23835f1fe89f67fdb56b1cf0cde871e617f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
607648f35e1dffa20c52085543f5aca1

SHA1
92bd664c72e58de2ac7f40c4ca149ffa3a1c477a

SHA256
192c08fbc57060afa43ff6354d132781731a52ac74b477425e562e5d65770d01

SHA512
1658a26fabe2924c0c7766c8ede2393dbe1ca7a9f061b086ce37ad6cf1b1b5af137dbdf40548ce76a5377fa8acde916a6e02b3d861c497bc311b9bd67b465f64

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2cd98332320ca5e1638882ba023fdd3a

SHA1
59658211b026f117aa68299f7625a031d62c83cf

SHA256
535aa5189e128fb28cac2aa1e099222516bb0e4a466ac97cbc2c99dec7fd08a1

SHA512
9eeb21cb4e7cef56129e749f47b99a3396d1398a102a2a7d2628cbc4a7362f109cfcf55890f8a3cf7558e847837fa5800a18b8a423299c57f2ef5647dd06b75c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b62e6e6a69710add531b8ab1fdf67266

SHA1
0807b769510e56bd022f5c71bd4bdd5ba3c92e05

SHA256
b3cfbce1180b30bf1b55b96f3444df5ab0480165c8baed160e9c2767bfbc348b

SHA512
bff87f5c660cbb75525f702b7fbeebca36baabcbfd1b1e3fcfd448d5565eac8f91c53c02f84aba9acad57dadc6a8149c6356c8bd073d67e8c9b65adecbd9b9c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aa0207285aaeace0bdeb301eddc22154

SHA1
aaf7045b5dcaa83f909690307b7aa220f9eb9028

SHA256
d07896befcdde02d23c3184fde0c416cdda7db5fe822bceb485800a7375bc0a5

SHA512
79c78287a2c31f233f41d5c38b404ff19ea08384c73a4991502ff031545a242f68af375d23b47773156fcdc26099023f982d7f03dcb52b3b1c016ffbbf34663b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc8c127c79f257359f7b465d8daaae65

SHA1
ab3753b7f41ba718627ee0fe0e3d0437f0db9c0b

SHA256
2b23e38e5db5c0177d3ea763fe70afb9bcdc74c1edcb8cddb18e87f8f0c602c9

SHA512
01fb527534da5655ee90e7271f20295411322b158460657a901f190a50b889fa96d1eea2a7de3c8174427ba31badb94d55cce93396f17dacc8db76f37367aa70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ebe7bfe665ec63740fe22d08918696a0

SHA1
e09fa39868dc955fe8a7b2ff514f8fa4f3007d76

SHA256
d203db2f7b4e1a99d80be1a303f9e70ea335eb06aac05d05fc3f9df4c1c095de

SHA512
55e9831a94a38d601194d9bd9fd3b1e9f5003d3d8c1016939008409aaf10e5309c5ccf6466c815f5fcb8fcb441eaf65dc397a901ff098a81f9b78cac9fc3b2b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7127a21df2347bb128a5cae3924ee56e

SHA1
187bfbcc4efcfb6beb37d27b282c7af39625d384

SHA256
732b3313e6a67e1949027fba93c4a6866b3db1d1b2b1dde0ed8a3330d01cf83f

SHA512
3730092afdbff767b881ad4a1b741cdf7c87983fa3faaa8306b3036c737ddef5eed79e1fe469383178308d18d30e12edf5a38cde6a905c7be4051f618085a9db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d094c0252b44bd4b152e7031b083bfb4

SHA1
2772aa5c9aede60f8bd901fa3b3ec26f9b1a7e6e

SHA256
456ad398b88049c143fe6d2801d1de9805cf5cf58ba41cbc5fe950f2c8567bf1

SHA512
427e933160973c9b104d53282ab719f039382469c0ed6a3ae2f0d3d8c96f168d596fc3069e77e319a3d3315ddcdf94879df82f695be723df0956e294f8a71804

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a36833e080fc7a04ddf23182e09fdcdc

SHA1
8a6a8f1280647c39af6777a967dab29f98a22e23

SHA256
8f351f21cc96ae2cdd249612302c0bad54107765debc435f8d0fdfba42731bff

SHA512
f891c62f174f12053b2801735cdd5989b820f1c787082f18c077ef4fa3912cf01ea9338b62609b541462f375c82ea87fbf6628b6fa3e817fef6cf73697045463

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23ab6e048253670f8635a2b8f7000617

SHA1
2b18ebde2aa8cf609e64f3c932dadd2b99a90d0c

SHA256
2ad2dceb35ea28c8d5058135f080664d49b4d9e9da0662595a4e97e30fc13ead

SHA512
ec13eac1163ef3dc57451bbd53a4e0becafdee4b8b50b404ebd63f271f818a2c49aeaf913d79d930dcf6d5c9a9a83e2f342ccb495812685f4d52f4cecaea1569

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD0D8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD188.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit