c8a1f84950123b96302aa40c2ddd14fbb9a79f8b29db68cd1849c258c434e699

Analysis

max time kernel
117s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14-09-2024 07:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dfc629e976cbc81e615aca6666abceb9_JaffaCakes118.html
Size

4KB
MD5

dfc629e976cbc81e615aca6666abceb9
SHA1

3308f65ad5275b24c803c7d89f082a8ff43b1dfd
SHA256

c8a1f84950123b96302aa40c2ddd14fbb9a79f8b29db68cd1849c258c434e699
SHA512

4bb970f809346cca5de9f57a3ec6dfc295082b42d087334a3c76f20213deb535804b5dace1146b682cdcb5fb1b368ce56f85e8d64dd9abab3ab224e46c60bfcd
SSDEEP

96:oVofiW3efFTRi+U/cFrOUOlbO+STSTqq6GY:oVKgri+U/cFrLOWe0

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d90700000000020000000000106600000001000020000000131810e7e806bb687b582419e95abfe1fb55132750c67c1b12e529e4ec9f3938000000000e80000000020000200000004d4054c60f1fe8cfa56e5c51463f24fc39d980541070a4fa76d11df141c849ed200000002382205160ce7c15871a4b2428a8df58008a43f437ffd3fc68d304d2a40551f7400000004eebe2a66dd69f98a6a0f9b84f36433021f64b4fdd35932ed1b958e01067e97b1473291681ecf163767bce0493b3ab2106d3b4794d9f072e54522b8c17f23286	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d907000000000200000000001066000000010000200000007916e336b98882ecd446f0b483c18db16890aefcb5c524c1e4a2369c85101686000000000e8000000002000020000000ccbdd2370b9384f24b8d6f946140d2da2d969b8829e6def5c7f6d0f9348580589000000034b22c57c623dc44c4d656972b22c898c72cbb5491810b0f7f10f2d990fc15bca6dee51ad472f13e5d03db9bf5523c55f3af061fd86b335aae2f36d0d66522a90d92f6c98ef7a3e57fd69d9a96a66eedbea6dc4218ea69481bb691247544c8caba8799b96734f4e56d63db4a6b2f457ccb24b497b91e4cfb72894c897f6c45d09213221a44522485075b2d8bd001a81c400000006e6d9fabfcb41cbd148cde30513a77e1ac91e3563e026b37e906cf0c72d50b91e179a372b7d7aa8a14042ca3f0775ca6d8b2e3caf78a9e56e53dd70e9c5a8a0b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0b6e2307b06db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432462246"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5C5BB611-726E-11EF-A7A5-465533733A50} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1872	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1872	iexplore.exe
1872	iexplore.exe
1588	IEXPLORE.EXE
1588	IEXPLORE.EXE
1588	IEXPLORE.EXE
1588	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1872 wrote to memory of 1588	1872	iexplore.exe	30
PID 1872 wrote to memory of 1588	1872	iexplore.exe	30
PID 1872 wrote to memory of 1588	1872	iexplore.exe	30
PID 1872 wrote to memory of 1588	1872	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dfc629e976cbc81e615aca6666abceb9_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1872
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1872 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1588

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b9e92a74dfcff955eacc3470571b674

SHA1
c1a2fdf2105377853bbc1ddd2617ae5f7bb2aa07

SHA256
8086f057daa12b20e67e4655bd9b2d0683caea3cf63085758924e1d737a67cf7

SHA512
30dd63aa3fdc306a1355e2b19742466130d69fafcc009c778601b4d0d109d8be7a446ff34637722904e438eb00da93fbfadcd133ec7e2e4b858cb65c1e727572

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b80b1867499297c63574c3bfc6bbafb2

SHA1
0827b870977e57a7a1e44ba8975e465711abb0f4

SHA256
17099b3cfe4539622793835ea592275cd644bc661df7a0e0a736c1592023b143

SHA512
5293d0fdf46164cfe288c571c8e006afd40a6253da2ab09af9ccb75dfe4c616d8cbed0a44b0d54df29ca4e9722b864a1aabca116e728956d5cc1060061a160f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ab0e7d8199a70c6b2ce47875ddd3a609

SHA1
51bb6d1f5a8ce8903ff5262270f7e6214b875bc8

SHA256
a690fcaea208458f495ed8ccc464040f389f229b074feb6641d1ff83eb2d4d66

SHA512
81622720ac2e2058dce132429180f3d480e9d8431314de22b7c6dfd23b86a5a91dcce381eb0745847381e79b4678759877488ce9aacc92a2e37a2eba1f1049ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
62307561df116338cf7528afe2f70ea1

SHA1
93bfb43f0b5066dbe19824e15f9356eefe4453bf

SHA256
fa9faab59c3c55ff49ac43f39ff1d9d559fad8fde1403b74834d914e19d562ed

SHA512
ebd8ff293d1cafaa16bf111fee78ab04f383fabfa2f9db24eca4bf369f6db8d1447bb60b473734c398d99e2bf817e950d05c3a64ddbc46b2efb7eba43bf40597

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67e8e1ac6d8c64b1d5266b895cd5cc76

SHA1
199d7f14f11ac76e19242533780461c570c7657b

SHA256
923db2c07444953c2001c3c577baab98b59502e686bb8437df48c9eb9cb79977

SHA512
b9c17166e340e1531d560706defab74e0ac3716b3bc29195a1c2f544138c99c6af0f63e76eeff8bde5d991a16de6ffe7da9934fb01e6b17d67f18c3b59b20111

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d25508f3174f27d668e8c4e683a005de

SHA1
a6feff7f9e82ff1005745aa3f4591c35c14d7d62

SHA256
7d2abb972ced6b888f73869adc8ac360f068326c2bbeb205632e272ee0d2e8ad

SHA512
5ab95bb577f6db0e6198f380a30ec4efb25ea72883e070befef3e9413cb7cc20aa095ef63f2fd6dc148d347432181547e378213ab66358738e18163b2747d47c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1db01b77a1e9d7592033787d43ce815d

SHA1
21df03da5cbd299316c5b819802dad41ac63cc85

SHA256
459c5f1c3e8185056fe384203d5c5a1f877ab2cb5790fb23fb3e6fb047a3665c

SHA512
85ad505a8cc4bd49cfdfcca390a40d4355f647c3303c2f2efb4514a5d4079dd3da41821fa07be303b2743737a63e2239c04d0eea03a7246fa48a5eddce6f7428

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3493da09eec1b2a2e05de8f0c99824ef

SHA1
ea9a3a281c1e470639802ad760ee420e7d9ed9d7

SHA256
f8fa0132b6e078719c657ac23e4c3b918a5112d0094f62ee26170c7fca456785

SHA512
49a7ac70965d08ce2c6fb649683f329f3eec392a735bc878b2ae250bcabc775e7e6d83a3aa283bd08eb08154ef8f52e0ba7fccf3b00da0204111c3cb2d0f2868

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cb7144dcd83a42cd61a12f8805b8a759

SHA1
9ba48425994d81c9e7df9132fa34d2b8d628a984

SHA256
5406e7c9954036134a1d9f01eaef87d9b2dbce8be5dc13faec70de98a586024b

SHA512
b8808ddd4152e72cdffe6494e4e97a517e9423791e2b106ccfcbe6ecdf6af177250320f05089c1c1946a1c6afc5c24676f061d2b0a4fe10b4ffe137fe532f855

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7b2cf634fec92638eb8744b2a7830e70

SHA1
7123be723c15b56d1be85d08c6ba32f3582e408d

SHA256
1cdc678f808a240d7841beca88a3624fa3bbdb1e2a71c4d43f229857643b9989

SHA512
f6ab74a024635854d6ecead1a581ca8b98173b47764b48b933e8075159ef681d611477b9d65ff618214b03438328e0cbfc1e0a2d411543e61b842a0fb24fb459

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4d8f733ae0711e7994df800cdf98ab7

SHA1
e516c746e8505208d068097f77502069a18e770f

SHA256
7a94592286e813ce3c55fc16133a1973923379a42d45ac77b6c15f9573e80356

SHA512
733938b07b4984ba8235a451f48e896bee434852fbda826ea7e8a8d6b9e47b164f499b7ea8bd4a879649707c38ec608eb917d46c94120b7d53f385fb053d77ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ca26d14646606d002b83e4bc71a7c71

SHA1
b27edd45145bdb7b4e52cea01a4f3e3869a2a05c

SHA256
10c6492e3ae891c4d7713ea9a1027d43f0fb910d0e33eab23fb574d0bdfdc526

SHA512
75ccb7882cbeb0356e4160e65fb73dece3aed1ae2a98d295f5e5711d8a8c090b1a79dcbee652db0bb66e47ba3cac10a6ac3d1c313dc34e6b859bbf04e94d18be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1738128f4d689c3c719ac7248c26beee

SHA1
d3526f33bba716af894a1d5f3df0904747b9e03b

SHA256
2f8a57e424fc767e4c2004922c2f6ae0ae79fbbe71b518074caf5c39ca6fe6f9

SHA512
98c9e17ed85bf884949584c5af392ffb8f086357a7ca4c2be0aa51dca9733840bd255ef16daca4d6979dd62bc7242093c3be63f4e398c1b1efec0c449a960271

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad3fbccece6b546400a2dd4a9c8f6deb

SHA1
b8d929a09712e47110886b2adff45e3cc8de61ec

SHA256
307372bc07c8073a85ca317eae87abfaf70c32e70986dbcf015b6ad2551e4ba8

SHA512
c106c3974c26dfab481f2165c0b86bbce5c0e417eeaec32ffa7d0ec14f6d5f9788ae2784a1f24dd9d37493c933988c2a9d8411bb8d4554c3203fe0cbdb2d5faf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
644bb675c34e499a2bfbfa3b362241d4

SHA1
6ef3fb647aff16192d5c2369cd5ae21039a2879c

SHA256
395b836d0ce683e8ae5d944f2446fcfac49fad7c2ff58b3764e40e4007b65b46

SHA512
9bcee724a0a00f840c4f3b960195dd699bbd2010fc032a52ba84ded0fced4e9ed8353e22f2ee2b23392be614db96d98f6c88f304c49a44bf6b367aa0935f947b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
26aff1b742d482e0a82fca7c98aa7f62

SHA1
11ecd5a10811580dc043704caad9ba0159fecc6d

SHA256
b6cf3fca0f6ef56fe6380696c618cce8e7b00971febd187f80aeffe88590017d

SHA512
d0f4878e6e89bf32823d16fdaab74e6d89ecda1a220964bd995d9181db02b783d8f50d05360e692c28d043de0e7c32ac6c4c65f55df840688a20a6955644e724

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
593ab20107cb76dc2aa7947dbf9b3236

SHA1
b5eb8bff4a4481fc224e9ad2dbfd9a73f5972522

SHA256
83eb6b7ab01508eee2ad1e36a9c5a54d7f1c09af954d15af18dfb54b12ca2e63

SHA512
f415f7c0ad7e51ead414fd55b17686f9b69f811bbbbac568c0c765840ce15a006f0fc25d2c5574887c3271006cb3876b62bc07b9f1af79eae9fecba659da7b94

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD3D6.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD446.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit