b2c9225d9c77ffcaf22c7c3a428aad9e8b7532ce7ea14792da31bfdb1056bd45

Analysis

max time kernel
74s
max time network
134s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
11/09/2024, 08:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d9f4b4c8eff3b7adef142af8b961d5a9_JaffaCakes118.html
Size

5KB
MD5

d9f4b4c8eff3b7adef142af8b961d5a9
SHA1

219ceaed3fce269964261ab4ef627d1efb2c7efe
SHA256

b2c9225d9c77ffcaf22c7c3a428aad9e8b7532ce7ea14792da31bfdb1056bd45
SHA512

241f5b10ae03c537f507e1ae94faf34f2939f6322e73c656541d1c53e45e4bda41a201e671dc4dffdad39382acac2e062205e890b77d2e1040d859e8960dfccd
SSDEEP

48:cTr6J2Z28pQ2qzbnQqjIRyDTALAnX2/Q25CXRnjigeXCG41U7nA8OVInpSYiBH3G:hfT4bMeeG4KOO6oEkrEDgWbHPcrTzk8

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{848B3101-7017-11EF-B2A2-C6DA928D33CD} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a061d1722404db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432205048"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000c540a12a30f71e07d70c34a1a458e72bd7d4b2cebcb0ab5e2e5ca759191cbada000000000e800000000200002000000023c285c3fc870579bf1a0d34c7a79ada341d907e0a2ca1e6c231035eb7d5343890000000bd4d056cfb5e57348d610a09211a3906194236603bcd81e2e781ee80bf43bf991f4baecf874bcf5773b8d008201b00d5e468c9bfbbae6cb060ba54182d02a1ecfed922cad574614baabfafe4faad7630e4e7ff29f38adb254550868f226eac62c551f5795acb809bdca42e112954e5464f79a4737f080162120a3dab8007297f8b5ebbe03da643ff6c678fb26f75c0554000000011dba9dcdb8b3ec2bded4efd71047ed305ee5bcab95fdcc894c5febb25862bcce9ec6551bc74cb7e2d539843a276b56ffceafce2e1b4bba6d6a2f1b3ba4e43ee	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000082e33b084f6d18a9c960f468329a54bc69caa62a5126b3838f8418882f71a2d3000000000e800000000200002000000071f6f801d8e01e1a622e03f6ef9f76d797e7407b43f91a362dc8e8beaac057b320000000f0b9c8f9bf96cf2d97ba4ddec0b8dc265a2dfc36ede404647a85efabf8220eb0400000000047b8f591087a68a460230e37f82de0bd9a3f4afa1fad80ab9608e4fd0490cf47bf3f1be349e3f7db0dc284bd05c894d476fe4130a3bfda0c99796bcf8e7257	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2376	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2376	iexplore.exe
2376	iexplore.exe
2212	IEXPLORE.EXE
2212	IEXPLORE.EXE
2212	IEXPLORE.EXE
2212	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 2212	2376	iexplore.exe	29
PID 2376 wrote to memory of 2212	2376	iexplore.exe	29
PID 2376 wrote to memory of 2212	2376	iexplore.exe	29
PID 2376 wrote to memory of 2212	2376	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d9f4b4c8eff3b7adef142af8b961d5a9_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2212

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
57f0764f93bb2a96710f1f1258eee993

SHA1
9705821ea625f29ed3fd1ddf1557fb7353afbddc

SHA256
31cf3c1013d8de6a2766ed49c4421f5441091e26f330b733238363eda30a22cb

SHA512
ecfb2a6af27f0f5dfa104b3987503d76d243cc5ac35cfc6765efa7b12c43e8838c4e1002976924e05574bd61e802a3ffe2744595d928379c8c7119f5bdd77d97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
208ede767c61fc4fb9d87f5d8bd5096b

SHA1
e32a3bef43f57dc5057e1c44fff17889df00cbb3

SHA256
ff0d03723704837993cd8cb38f912e009dd2cdd11b570fdf4e59d1dd031be720

SHA512
704206c6fdae2e70023177bf4fc44a5a7f277ea4c630b4b9f16db06fd45ad7587803bdca0da39d8a4c8f960cd2ed8b9936a1ca688b461dad47a1c0e12bf7bf23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ce54e20ed153d554397771af2523a45

SHA1
f87eadd179312bedf1d1426e86b46308c5602010

SHA256
c007e40c97d785d9dd981de6fc6bdf3ce5a1ea284fa59ce3716259b9da9a98ee

SHA512
7ec162c7bae1d994b8862ec15e8c88374c184bb6336071f3ae0f9f29eb3421d1490a9f0bf1b0adecb25319c62a280194100aabde852b309e618afb72732b4b1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f2235618e123c4545d33973e230d74fd

SHA1
44810d9207cc8437bab394adedbe902bf45dce98

SHA256
d00c3153f1742fe54405810920978350bebf62132fb7bc0d543daaf16a428c13

SHA512
27ffc1074a8c542a49e4e21f7b8668f3751d81c7fe0723a582a3402c1a463b3fa123c7961116561aa0d19857989897cfea1f728fa5213128a4b86ca2aaca58cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
374d35457d79801529ea1667a0a880f3

SHA1
d133251ca87bdba7b4e9fd8708d9fd2eadef095a

SHA256
6af14b2edea38a08ecc54be43ac60d34d8ef61d8601ae63d5449c1ab5c2d41fc

SHA512
162dee9856aef84164380bc8d726163f900cba2169b75ff3370734fefae6e2091e644ef99d0f31b28f64ef4392822bbc1aa537018ae998cb37236646faf8b6cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f16cbf4c51686b78e2ee751d7babdd9e

SHA1
80045fc675b7f9ce2d531611f67b82db1d277dd2

SHA256
7413d7bbf7853b8c95a902990072e4273c75a1512191c2db9f74e28d979afa7a

SHA512
1180725ced055fd8f14f7a9d2705f7300347b2d7fd2173a1318198862d43ceeebca5b5f06e6f282c45cd2d9aeccea0c5c972d674cc7966c34a1496277be2f761

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
58d5445a633d093426294f54d4df6d60

SHA1
20a441aee62727bba21647cb74047512ba299693

SHA256
ceaa1f857cc63c8887a154feadffbc4b55de7b39f955d2dee7680e7bbbfb7aab

SHA512
6a6ca6c570626ba7d7ca01a178f36105438d3e59aee5e4688ab244096bb270701a85801ddff884ee9f3fb5df842c1f20f54aa2f838334d895d66de82cb971eae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23f1c57e99b0cda4fcbe754d36f4020d

SHA1
3ead40648cead10baeb6b229407b9885828cee18

SHA256
b049cd4241327f874ca270a9c462a98111eef42a311950d6280587e8718d1e09

SHA512
b60366003026612af860a0ed2cc203934e48b04b13407d5d7ba6ed1a3051f7039a26b2fde957d5e9d09b462371300d02ac2cb7c9955b24aae992328439f4e0d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92b22c68608262c44b51e0308e1aa838

SHA1
8f9fb3d0ed332f1a33f075f6a29f2fe97a476775

SHA256
9286e3330e05605fda8ecf6253cbf38150086b370d19b8159eb617755fe298de

SHA512
659e0d20ce497c3d9f33ef2909a5de6d43733a20aae99f38b4d79c607c34f45f100b6d0e8433c1c2d324ef9b9b7bcbca84735a7243f2bbb2b47de96918bbfc37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6232583a3723069112ff1dfb913d7fdf

SHA1
2c5d8994e022e40b3272a4199d03d897f3b47759

SHA256
525ab5a28935adb531261d50914db91a57f0a8cc89f4f29e13a128639c6b13a8

SHA512
2973d9ad65a166f42b9930f63663f994ec2df83dd0118be0d43bfa626b1c0db2e5bf5ed329eab60ce4110039a3c040c05e4576e0b3011a39156dd670abc07d00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
371d75d129e83e0c35a32b731aaaa28c

SHA1
5c334e4c5ba12dd34c435f3925bdd22fb5be97c5

SHA256
906bfe11a7f8c73d6cffed4a1061f063c4027fa8c122d28a8066ea2c4c8b6b9a

SHA512
66ad20e3dc109e3e7b6ba70153f22ebe327d8bcee6aa4ab4311e50a035eca7acdc2a13802a1557694dc4f9f5e1a5ced273aa68e0e97285e521c15088aa75449d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7439874bb94ae9b2fd4afbe45aa32218

SHA1
b2c63a525355e96a84207728cdec263f948e7563

SHA256
5d6c8bf5432a6bbb258a836cbfd9b723b1b4665557fd54ace0b460c35a73b5d7

SHA512
2828dd979f0611196401284cea9de0735e18f67805feb039429080efb4730882da4f40a435715333f0908fe3533bc647daf5ac3d286bc879ded6d63383dd20c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f34b3d3cd3db3f57de47dcbe57607369

SHA1
bf0a9b1d642f241846f7212f9a6f6766a6ddcdfc

SHA256
8264a0418f8d45e06eae153bd3cf9f0508f5d5e3c4dce97d0cddf8226899965f

SHA512
4cc905bcba3fefc9f26298b9c60c46af4573af3188e7260d9b2827374641080596475e718691b7595c50cd3298bdfa81e8bdc4dff35da1a51677a228aceea733

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4c05d46a6780168d7a2bf026efff34d3

SHA1
8447ea2a05ae0290a28b61f41d699c0883d527c9

SHA256
45f7743064b458b39f6c221bada256efc018275381d08b0ac8edcc98060d1a71

SHA512
afa2bdc67acbb07f278b41dc517d88332b2ae0f763ff1458b4d8b69c6cfdbef1cc25cd33b3487e3fc016bbbb5c887d8d1931cceca49305aae42148ed76ee4ad3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e49557e89244c4580dac382b32e33961

SHA1
3baff5e61ad1727548dd8e901380470370c0023e

SHA256
a02f3d0877c5531fd97d8ba4f4a540dfdb2c245d77c7aeab4a6b2addb9aeec48

SHA512
d12b9fe5a39dc31bac22e6f079cadf499eb5f9dd9be5d82e0af1c9a33968672e313051e259d8195d24765eaf223746fb73ee704fb466b05d77b4553fd170b04b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce437021879e833e6424c5d120a4806a

SHA1
83b119ed23d6f497445356f3e65969ca2c664ee2

SHA256
5a325b8aae65612943a6b930c836a83dbd6bebbcba300d63dea277cea558f5d8

SHA512
240fbee4ddccb5219cd56cfb879a4346eed2cbf9d8b60cb8cfed689aae985a5d084fc41664cab77548a2be6b9349e280521ae8d50c17a6023d20e19e1377dd07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb8892cc4d9c8a25d329b3d1f507baa1

SHA1
794385c112e239449203628926222971e3a35a60

SHA256
074df3379f6b88ef6023c3319935e5b870205e2d0ccffb49c2badc4419e2daac

SHA512
4cfb36708fa2ca7fa5030fc2d5ff03488bd975ed06234a0953be2c5116e753ae203dad6f2a93ea28f708a31c75280fb5b9b7393a2d0a9ce1a2001243eeb93246

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF309.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF3E6.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit