e3239e69349d96558c6ae69203858dc882c91c4464b5e639303a9292c06b0fec

Analysis

max time kernel
119s
max time network
137s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07/09/2024, 10:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d1c4641b76785731d6cc17f282f9cc63_JaffaCakes118.html
Size

4KB
MD5

d1c4641b76785731d6cc17f282f9cc63
SHA1

ff09fb39df85f1d799b92258e0fb09036c4d5512
SHA256

e3239e69349d96558c6ae69203858dc882c91c4464b5e639303a9292c06b0fec
SHA512

70b770d00a37db1d8870e5c829d3529e990655df55de4dcfae7465af8f9ed19b344bb7fc05177eb458dcafb490e8c6f1cc856a90da6ca97c16de2a96aa3fe284
SSDEEP

96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8oDiIQ6GP:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDv

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 705a84321401db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "431868265"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc5000000000020000000000106600000001000020000000a65c77bea62b0ff512637ca3ff6c4143a984c9accd3c341cfe44f7ea2c7b12a3000000000e8000000002000020000000fa7473fd28d3859acb445592174470c6126b9dff70c73bdd097c2cbd65c724a5200000009c5b4516173c0289cb00071763397bbed0af6493659d5363a5f2c9927ed8f8cb400000002c10acc4a0206de2d1aed99f9eb10651f20b3adb24b838e358227890daf1ccf415803050f080851fdee3302e05ee8ad0e69137684cf16655f083c8bf58309828	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc500000000002000000000010660000000100002000000043b6948ca86b6b9bc693955a9cb8820a818cc15de42ab5bb49bd0b2798b7d743000000000e800000000200002000000067bdd5ccaafebd208674cc35e0b5fe32dc83970eeef8f0acd3f1434cfed4cfaa900000001d6b80073e277dbeb7b1ee578b2a385dd6985a49ffced6e23abfa41cdf36b1a956310be9e915db1211808c12addbebc337b11b53d90b424281a06411f9aa3417ded26d4464f0417ad2daee7ecf3f45bd9fcebe9750795bbf10d755254ec7dcf23ad408797b6fe46a2f8defd8b55473d214106693b5a24fb26a227246043c42003f291333adebed53b1daaf2823e8b338400000003a9c7553b48599dbe5e2fe82a1f134af013f04483f5cc1b5cab4d942af9df1bab019f4ade24e75b9c041771168b5da24b1ac992437a1ae1b769c14ff497c890d	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5E155631-6D07-11EF-97EC-7ED3796B1EC0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
340	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
340	iexplore.exe
340	iexplore.exe
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 340 wrote to memory of 2568	340	iexplore.exe	30
PID 340 wrote to memory of 2568	340	iexplore.exe	30
PID 340 wrote to memory of 2568	340	iexplore.exe	30
PID 340 wrote to memory of 2568	340	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d1c4641b76785731d6cc17f282f9cc63_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:340
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:340 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2568

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9795d2f1370c58c2567238be78cbe658

SHA1
d2b24f2a0fdd90665558b49fb5b9b1def2544e92

SHA256
da8a6fd8c5a1b556c44fff8d40b69edcf1454a672ecc17940af40d1a32ce4cc3

SHA512
e646f16442daca3bfd9d5899f01d47705b4ed51d1c7c361e45984982b067316ba2b99b8991f8aba019b588ad21abeb3b929874d54fe80a90fe4fc02a51d1cd64

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
baaba8f38c3184936be6a1673243f835

SHA1
35233b6e7e7464227630c6c625a0b1f82de7f815

SHA256
f439c194c87370d1b9a76b727802f2d961ada3e511ee30dd2cd383bda0192f35

SHA512
e2cf3e837cdec56c076bb18ebf91e14058d9ef0d8d63171ae0aef3ab04b917f44147b344318f079de2994a676e7c3bbaaccdb16118db1a93bcd73c380d7e7bd1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
609776e730ae256588417ecd68226d79

SHA1
49fea1f5303c398d5d0357adfbee92521c9b66c3

SHA256
5c4c5ee3a52aa1fb5f0fc784a17f014f86f2fcedca96a168baca803ce9657eff

SHA512
ba6c230e60d1c10889d569142960ca5f5b48ece50ba19a6161b311333abe23e1f6c65d53c31ec78630933c06c3068a3048c00bf61bb92394f005026f5243881b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2ea7492d0d1a2067ccb2798f5520719a

SHA1
380d3b78c96508bf37bce77239b3ad31c7c6389d

SHA256
c562a90e4ac642d744e110f4037ac0f8c27011fdb651f7109cb590a9243689a9

SHA512
3688dd565e0382ccd179b10354a541ec0f8b807b2fb1c9ae6910cf75146189dab79fa176111f662a8264a2a333eda0ed22000d3bc73d2088254d6ed6b4b60841

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a6e8520997d3ad7554cb0a9be41e3cbc

SHA1
119001a0cbaec245ffba7876f007365f807b66a7

SHA256
2fdb41c74621c14b328025bc2da1225492c155a5d495c3982fd8d498ca88cb55

SHA512
6122033f44640ac0cc3a38b9ddac9eec3b5d05c7a396d22d259c1e00dcf28c7c9909e5bff1e3cc87a8c3d713fa5616443559194ec25c3507c04a5a55c72bf7eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e773e3f98f6c857cf1071483e0392f17

SHA1
2636127514a91275fcaa8f873319707f20fa59fb

SHA256
d62e6a191a8d700f7f94d870a917e27073c49724bfd7ccda5cd5f78da118a7e0

SHA512
83b9512c56471d7bd41b187322d793ffbfec0565638b98174fcc97c5b90cafd57cd95887ce70f0311144a5bcc168e52aa293df354788aacb07dcd522f4326667

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cd3074468c4e2413b39e2eea6dd0d39b

SHA1
239d571239a6c6985fe877a5e4ec526c23c718cf

SHA256
bb7fbd14f732276ad77164940995d580c43a9fb9171b10568ec8611de38ae9eb

SHA512
d833f495026f73facb7dd222cc85c2f80c5689b35e99422d484b16dc74d2f8aeac1de7a2bce8486b27fa00273b499bd6cc3950f3eddc5b8d403c0d238da2a603

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
37e4cc9e1e17c9ec5354605fd380d1d1

SHA1
01d70fe40082e0c86b04971fc1d751b1f5642229

SHA256
3e771a0ed1ade1d4e23aa1277326e2666aff5a57a33e22293e19b35e9a637c1c

SHA512
6ea4160f2efe3d969e955c9e21e9e215feeaa49018378aa6e8217c6d6b2a5e54ff492245fd2a1b95f53d11ae4c053cd62549a3b5f345396ad2580a7bd7ec1b49

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
115b401e6961d9ece29939fff0f4df60

SHA1
ac0715a2d28ffc46ca14d571a5da8447dd4fb017

SHA256
3610a5f11e370503d30a633c11e231aa908649af238af60c58575f2fe9241ef6

SHA512
4297bf38c8401bab1a5134e92e4a56ccbc6230efb3d514780276d0ff239123fa5d8a376aade98dd13afdc223582e98f5db12805922773ba8f0fd062b7d7f5d51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
36bf27dbb2b3dcae805d0b937ccbe8c2

SHA1
c71b91128d6003395bcbd5429e8f0d66df1e0261

SHA256
06e9522e0e392b97b5abc03e3913d51c2a591ef7d3b15784c1eb338118039d17

SHA512
8ad6ed629aae37fd81e9986d4e557bc113b96d0e812d787900fb51b70ed741893c422bd36b916655ee3fa45d5cb02e168a145bc3e9c15207a2cfc0a4743e436a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e59128cf7ca23c377cfd7ed4cb3f00f0

SHA1
2314e5b9d48a40a1c561dae6c88c64dcd37ec333

SHA256
c1ddb01b2e32d3d698201e01da3e3fc2d09d14afbaa32b22c2044a827884a0da

SHA512
84ac242bd9979e235a43e1ca988efba0ac0567d2893d80b98e8fe66ccfa5ec167274cb723328e5c702f8c8042949e976d0b5f23fc4c95647a782ea34d21e9280

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3bf2a480328cbd00e8aa57b2eb8796c0

SHA1
a20bad86db134c2790272e3b6ba0ec8969b003f8

SHA256
91fe176f102549dbb7ff0f058027fb41a58a9cb509d249415fa10693dca02a7b

SHA512
a2911b5349d64cd1a013e5f9088318430842bf0a0274a31101281a850b3679f0228139970553ab115b5e72b4a8c718f693e5616b9147c0c8b4d55632360e56a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f1a1a09e4dfe3cef3dd447d04f846ec6

SHA1
f688bbbdad02dd27b170cedce4ef82a018223b60

SHA256
6fcff29360beff2b44d17dfcb482c8f1898a48b0f1926de53bd9d8b75f53c449

SHA512
a4aaa3d227a996089c7e9adfbf9dcdb9abec655c326d93cbfb023a050275e17fd61eeedab5c9c0ada3589cf81684ab4caaa3afdeb8ac557ada19b58c9782cf9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
77d84276333bc0b2ad1706133de2a1ed

SHA1
86493687f645aa23b2a25115b8645190148d9d97

SHA256
a1035ff2188f587ccd4cdebfb8a7ed16bdbcbe8fec404d98ea37b49601e5b403

SHA512
3164a7b3d0c41a7277c275e3711b7f2c42c834587005e0df618f91add31ff6595916120ed09de5599aa0a8cea73c478a0e49eb2946fd52b59eea1f40a991658d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
684bc2888abface2e468b8d53c41f884

SHA1
4a0d8a2c91d8ac67283e0db36684c188ffb778b4

SHA256
7f2887d6e3c0e009e35eca116644747877df285be5af3fb346b148d9eef21c24

SHA512
d28d26144554e402ee1cffd3321148d105e7b54f868eed9594f882409f9fb33991572ddafbbf219ae37e7f437c754652f488ce542abaea0891838e29882529dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
26436ca6d7def88307391ac0cd6573a6

SHA1
9f4cb115f28569a88d107051874b86ebcbf3e486

SHA256
0b330091380ba449a82832c074f9bee34fc955c99e17f94c6b16854dbd448e73

SHA512
d56f9ce9d5e560e9ce4219e692d1994d2c4656e323a265a27442d3c0ee0bd66306bf66f49ef6ee9e59e37d83d1763decfaceea7a58a394710ebd412efcf6a2e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e431cc348e91271b51650dc509305671

SHA1
a593f17b585abb3cb11a8e7b3f93d436024a1f6e

SHA256
490d6864096ee23b71118670e2be9deb60c276ffbf923dee4e6e248121f156a1

SHA512
14f2ae16208f76ee80fd3cb6fdfe4ba6d6b1ef0651620a5ba65b1ed2f4f006dbd5ca5ca8a49d94fedc4d974ab6f26f8f98d4888b74e666cedda5180d8f9a2036

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD9FC.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDD99.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit