02a2f043df8cfcc381f7b13eb74c9dd6d011fe66646d2a9e00928283c96dee51

Analysis

max time kernel
81s
max time network
132s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14-09-2024 20:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e0fac6a752483d360d949a525449ab37_JaffaCakes118.html
Size

9KB
MD5

e0fac6a752483d360d949a525449ab37
SHA1

cc48c647729f94c24d12882392ca1b70aa27cc0b
SHA256

02a2f043df8cfcc381f7b13eb74c9dd6d011fe66646d2a9e00928283c96dee51
SHA512

755de52f5a4d6174544cdc4771f822614e5ea8c0bac81c883a32af92f67c3d674bdff9124a72d2898fcce5ea8d55037374b2799710a767dc5c9520441212e4b8
SSDEEP

96:uzVs+ux7x1LLY1k9o84d12ef7CSTUOGT/kNQpglVHcEZ7ru7f:csz7x1AYS/TkgPHb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A23DD3B1-72D8-11EF-B6CD-7E918DD97D05} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000005cd38abab81627faf6eec56501b5043e80ebdcf36cbdd8177bc47c40cc2e12c8000000000e800000000200002000000063df759994ce337314c0a264885557f81d8323fb131ae3595afb0ba56be42e3c20000000b8eec39c92b5dc4c8625fc4b6d77246a811f89e9118dc5725eaf165132f4174c400000002ff6845c65cd8442839ebfd815acd1d512a5840efecabb74de0d8cd66f7934636c077207db235a76ac1e52c5e7ab9d68eaea716f3e1794b6e29c400ffc494214	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 208dc677e506db01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000b1e2018fe20d981cd5433e7f1ca9a81f648317fc78053cda75cc314b3251e1e9000000000e80000000020000200000001fbf92b7e6618e93f740487bb970122fcf04e695b45a69cee622c29fc40d739a900000001b7872e22d604d11062a37539ffee8e3b944905c9bca2355b7aa7a7cffbc8c9d1b9fc20c420848667da67db5e5caef5a17938c4d0fe9e0fc72811e548e18ec0cc65ee692b3e3f24810fa2b89c498b1a7d3b9a52fe9a54b4b551c028877bf8f50d8b7f70366c0c31baf1f329025a3780efa8c9cc9eaeeca244d9569b1eef99f2f2618fd68e9d4a2419cab116010b9fafe40000000d0f8fa7fbe26a1f4ef194f9df7920b9c3a043fc4afa880bfe14d6f7dd650b8f25dc62eb833a38ab166c5070a00e75f9829eb40d1e82c1fa03f6352bf744813a4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432507892"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2216	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2216	iexplore.exe
2216	iexplore.exe
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2732	2216	iexplore.exe	30
PID 2216 wrote to memory of 2732	2216	iexplore.exe	30
PID 2216 wrote to memory of 2732	2216	iexplore.exe	30
PID 2216 wrote to memory of 2732	2216	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0fac6a752483d360d949a525449ab37_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2de046587851c39340561a58c1eaadb2

SHA1
f3e17f9868088173e9025812fd00168968395b49

SHA256
ffab8427dc72b44d76894793083b0d7b193e86480ffa8db8b45630d51798216e

SHA512
3b2366125abab20fe1eab89bfd8c044593fe33b6fc04dad33f0eee8865b1b46f3edb42babcbde46501cf02a66a71a1ad4277bf6f770377befd7fbce3e62f0fe5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
edd3f011dffdfe2b7c6d8e5b3e94e6e3

SHA1
948da46ad09269956283e6c4dbf9ca5bb46cc0c5

SHA256
34a9d9b136ff2ecb4e81f6d7f07b58b4a9898685117d4194d0196c8c0792fe89

SHA512
d8fe7cd352c57209a601026f7ff339cca17eaddc05da977d2339325fff59abcbb1f7ea3cfa3e3475f98163b12f43f76c8673f309149eb93a3f29c962b40dba8e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9ce2d49d3551cf4e64cf2f86091cabff

SHA1
3d6e674218110b7c9af71eb4d3861af597b5b484

SHA256
b846183744d2e878074f5302542808c3b9d151ff08af791f94e42a5e540234ad

SHA512
5c1e2351d481569ee402bf3f260548dc0b40c8f1f7593f84f6a3e3613be9bfd56a7491c9ca02d66043d87059b7246f753c3f5fc675a1c97533741b25571d4d75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b84f433f3b65d78e242733d1c9a9e764

SHA1
58f278f3950823eff888a3496d6664088139a83e

SHA256
26a9ed72dcc5bc961055dd3ce9e6920daab1f9d4b762688bb60a3fa32ad831eb

SHA512
bf3375803714fbd3f9eb4d940de54267bed06f48551ccc812eeab464b219c6c22ab3749d42e09ab29f23232ba1129aa281dcddeb5979bdcb37faa750be8adcdd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51da81bb21c6cac0504853555a17b4bb

SHA1
f7bb10e35481084e2a3357f53680ff5c84abfbdc

SHA256
44c22084c68c9c43ad9bf3588110c0b38907176d127cdeeab9e77519495404ae

SHA512
92e650121e51054a276f0b4dc8bf250966703e2d261ac821a4f6087f4a28042e8ef7e555591820eaf75989b92fc05ffc1089cf7829e73fa28668e2eb00bb702b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1726522c39e4494d5100bf89249e1954

SHA1
56fe5b0e7d260a2d4c156d64515b52e989e416ad

SHA256
a5c4f39c03b11d9ba1d874023f93d4c527fdc623b5718f459a513720f8da0cfd

SHA512
355fdeaa524147716d6151bc128ef0a294b4ffa515763e21f6d7e5302713f5afc4c2158946fcf4f7023cb892a61f9dff2781b074a716199f1005e9229caf4574

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
18937053e4e91acd964c64ebe2c365c7

SHA1
1d5b7356865c61fd2e110cc96c11a684bbeeb9b1

SHA256
40844ae141845c79e549b1695d1c340e61deda89787737b314a7308027f1a606

SHA512
ed81418730d06162f267b64e7ac88762cbebd92d4293161ab42cd56a3ee611f695712d9783ab3f5a8dceb5ce0d8dd28d3bb3004aa18afa03be574c9037db7a60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
081db18fd1a88aff3a6cf3114c24e054

SHA1
49a54ac79c0b7a4b141181ca9182077c96c552bd

SHA256
4cbd0e4700fbf1f3b2aa54209096eab6d36d5e4ec6ac7f20d2fec861e386b3ac

SHA512
c232f40ad486e5c9205fd26391bf7f1d27d92a1be7773b382425aa1b56cad67487f8c2588a2960b67e4b8544bed9d68e0efac04ce05840397c088133bcde39eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7eee461919e3a0f42aebcdc74747d57c

SHA1
d363a263d3b813d1436da70314c27110c6329299

SHA256
0e7e4929f4a340045a1b66acc3a747344593dbd1c0229814a75736b08e6367bb

SHA512
f8dc54571ac5e5858c47e6269360d918535f66eefb75f567eeb2ae86baf89f875bea1e59df98e368340d516b92c365758243a0432f71123e1e50c74735243907

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e5d434fa790d578a24a33dbc4f8ab612

SHA1
287d6db995634fcf83d3d59d273cf4801a7bfc18

SHA256
fb0bbffb97c947588025cb966e31ddaac72a99c77d21e4205dbe63220cdb49fe

SHA512
f39d155ba60339900f7942b517d955ecd0fde02db448d4c1ae8b91b6492aa9d25b7925d30152994123abc756e4fdf9c902ed37647a134cfd5b61f1c5cbe3781f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a53b7ece01c60fd4199b984f5f9deef8

SHA1
a67c2985158627a587f5665b3215fbed869a4409

SHA256
5edc760530c8c4a6f9c1f917b5d09f34a4027dabfe044a243af28b1139c1bc03

SHA512
7eef5ed9cca395a31b62b87ce8a28f62063205604c8b12f9d42e18c7702607d6e4e63231dce6a2e83ee858d75a028f397af67e2b8a5a3555bf3d8e0049d2acab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c62af6d7a8cd3aac8a1036f6a601a418

SHA1
62a1f8fb3d01bf14360a08c25957061c3db49632

SHA256
de9ec0985eea293f3afdf5baaed39bfd527cc3619fae0af716c024e0549fc1dd

SHA512
e098a6cf843e59cbd2482de6b80b1839a358551d6615afd09826661253873935154e413f8d5d928d329dd5bb6811e5b599fd3c1f39fc3370df1059f8d70251de

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6302194fd4f12f93e204bb9485645896

SHA1
9e7d0628f3c475c65460743b4c21793564bf1ddd

SHA256
1925c8e5fe348cdb900ad22db83d4bf1a532a189d38580e2f5238f0511a890ad

SHA512
ba1f1e8b70e76c1c8a31db8f3302d28a0b9cc6f9e44fc666386d5bae31ed9f64985f13a9d5afbb1a8f3b4dd5ef251fe5592df2876d14ae78145568b90c1e4311

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8c53d300c3e17a2e15796f5d8afd442

SHA1
881a724fb50f4b3acb165e0f1ef81990760451e4

SHA256
6abb48b6ee887ba60e9606b7770ffce32471a0a5504f8aff2c66c197c6f9000c

SHA512
7fc11b3c1219cbf06d74ca9d81f5e93155dcb56f65dc9cbcb3017c3e3b49eaf4b7f715731b4f43161888de0249fb6b8909b6c5697e6b44b2735f7bd5d1406555

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f5fa22709cbf9e6469fdbabb9da0fa72

SHA1
c5ddb0d28791152571363d93966f5bdd4a29b98f

SHA256
cd887412485aec948c3603994545b40bfd6e449ccd3ea016db090de7ff8d8d2c

SHA512
bd60651c7ae17ff20488aacbb1fca6fdda1033c986ffa5b109f944dfa7206876fb4acad96f438095c3d13a406ee1c5ad796dc192b2ef57b89565b9095ba64581

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c3b1951447d9ae07c6bbd6db84bf50de

SHA1
de8a962947dcd7fe64031f00b70fd76c249b0878

SHA256
f4e0a07ae438fa9d1e9e2c6eae35da4231dbb3928a070cf33ff02ae30f6d348d

SHA512
240645af136fcb581001dfd5e03101756d2cf94a3d9c97cd88f0184131005e13e3cb7ffa2b2f169015669521e4fbed866bf98a8375a982a8aaf8e45e04558e42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2221f73b48d47b33a39b9673c7e32741

SHA1
186cabeb77108d8a851b358e6dddb7cc66c86cdd

SHA256
8d3ce2f5ca26616d357bc2d6efa050000479293fc6cd8749c3b8ee5b8f20f633

SHA512
8b86def9c13d01d214e29a4c52847f668bb6dcb755cdcc2f4b20fb82e0203564ac51f78bd866dddf6c0379bb48927b45b31ba2a804bea428ab657b670d9df8d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab89BB.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8A8A.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit