0332e1aaf7a7d8d6361013d9f2f2794326ad9e9628e9138336030e9a115b10a1

Analysis

max time kernel
144s
max time network
144s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15/09/2024, 02:21

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e1844f3148945bbe6ff961224d9f2d6f_JaffaCakes118.html
Size

293KB
MD5

e1844f3148945bbe6ff961224d9f2d6f
SHA1

5056f898afea789cb095475c75565ec55ab13ca4
SHA256

0332e1aaf7a7d8d6361013d9f2f2794326ad9e9628e9138336030e9a115b10a1
SHA512

dd3c86a399c286939b80f9aa45478c9b05bbd35a340d495c4f10692a3f041817bad914f7ae33653419a95efdc93d5743529efcd7b9af9bcf751d6bd0c036db39
SSDEEP

6144:Wt7Rlox983lhuzPHqqqqaqqqq7qqqqN/qqqqaqqqq7qqqqN+qqqq6qqqq7qqqqNw:u/ob8zKqqqqaqqqq7qqqqN/qqqqaqqq5

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{42B9C711-7309-11EF-AC61-4E0B11BE40FD} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432528775"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2688	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2688	iexplore.exe
2688	iexplore.exe
2704	IEXPLORE.EXE
2704	IEXPLORE.EXE
2704	IEXPLORE.EXE
2704	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2688 wrote to memory of 2704	2688	iexplore.exe	30
PID 2688 wrote to memory of 2704	2688	iexplore.exe	30
PID 2688 wrote to memory of 2704	2688	iexplore.exe	30
PID 2688 wrote to memory of 2704	2688	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e1844f3148945bbe6ff961224d9f2d6f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2688
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
e935bc5762068caf3e24a2683b1b8a88

SHA1
82b70eb774c0756837fe8d7acbfeec05ecbf5463

SHA256
a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

SHA512
bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
062c16b259550a3fac345ef5dc459d9c

SHA1
00573881e02d59029ea1f30d98de5975b93deb64

SHA256
94654b1c80bec70e6f4156f55b3d3993e2fdb9a1c0aa925e63f9737f1ae089f2

SHA512
f0fd606d449aa26e6e11b1620a6a79dca7eb5989887425e2c0e87b53fd1d9b51ed5f2524f3bf2cbb4cfc1f4ba90d6602e35c3ca577c5843e12d61a3d826ac66e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA

Filesize
471B

MD5
1c9dcd69e02bc3ba38616c62e5474e8d

SHA1
0ff3bb37c6218251c7943df522f70b9ec7a7f291

SHA256
e4c4194903f99e56fa5973d78781263d7bcb5441f66cff16f9af90482ba006eb

SHA512
5f7d738c33f7ff783afec329b63b477bebd5edacaf8d73baec4f3eb6379e2ced9e0bfbd04dcb50e02f3213b3d788257c84f6183ba9fc2f9a9d2be18e5048c421

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
90ba005298fe7d22814a3b10b552abdd

SHA1
624ddc2ef38d9fb606b2f8a843260cfe0d28fa55

SHA256
faa8fb9f0659216d89d0f6eebda9109588dd87a52c24bd448526502fbed2025c

SHA512
d444111f0a773525a463f5df638821175ea7d4530ff20afbf0d6b6a3cf2abbf26278f6af7be4c5d89ba893eab835b99f84fe59ec4d516386330a978d2f92935c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
e56faedbaacacfee43ada5c4d3207e36

SHA1
f20344e87c66df445cbf9a738c2ed862603c3a04

SHA256
f097516dbb6b0f6d1f29eb1ffb59c88a4410d425fbdf2d9930d9ffe2ccf0c993

SHA512
a4f90ee8e3301a1a057255e915bf951f452f28abc266344cb413b19e8eac3520254b3c16f3eeae069e29b2210557c8fc21d552d39f3d8b3ab328ded8b3f7624c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
8bdaf7cae051d12a05f27ef4ca5a69ba

SHA1
c47e7035c8b7cb7396fbb34c0f4b9c678aaa2a97

SHA256
b953206ede3fbca80f5a1869f0e2fa2ccbb902caf32965e8e28ed23f537b4712

SHA512
b4e7a4ce869eb23fdd137bb3103b07b89ca076ed0853c8929bf82d32e7a3902b9e68457963b5848a0d19589bcc42dc876dfc60c76f887d1c692a3599a16861e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
95cf81919309aa6a6cf4353cca45f4cf

SHA1
9083bf53fa59b72e017ab2b09415632e393ac46b

SHA256
9f3f0d8c90cfdaf18fd623dc6096c625d0aeed4423ed783c2abdfc14130e791d

SHA512
e7c201e81a21f770a2c539d4828d440078b63f9e987dfdc04d42ec2f6cc0bca2141e759d107613570c43d9e1b82e6b0401f46ab675c263c9024e14a16d55e89a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03937ec4dc8cf26b29102c1178a8ef3a

SHA1
d54ff0078e42d00cfdeb21e159a2960162c2c286

SHA256
d3f0dde75962a07e258a7a1b2c44c718090f8df9e5378524b2728cf6b5485314

SHA512
31307319b30980dc2d3c4222b36c17613b33ce58236f36e510a414915c5529f3f85a0be1f7cfad5a1a66a1bff2d055341d78c12000ef69210c318f8032ac7cb4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08c724233d3f419c83a1af69a607f273

SHA1
3b791081976e999ae32d81f6ce99f52d28a021f1

SHA256
447559010d2ed4b61c7271ed22f92b06d7f782d5c86d526d3d08e07ae26abe34

SHA512
6309a7ac029c8aa162de3434c9c25909d9b30bbcc8b5a0796fa7739da2779cac000d3b9680ce01f8ce2e3a2c389245e41b2e12e5dff77e3d1b5a5978539d56b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0e2f15c16455e3ce09934c77a8e25d97

SHA1
34e3a1537029ea2c0f5b2db8b5241c8360c30a93

SHA256
ff318e5072165a46cc22746558e8e6a78a0467a768f055b8d6ba96427889eb35

SHA512
98492e4f5cf6ce709d816b548765385232ff96949f3f73e598e44738dcc86d06e8e34fb25b273c2774949539e64122ef6a4b2f72d204ecec397337fb45615f12

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf6a47442b2a12dcc556cd6b0fa0ad96

SHA1
20d6f969e882be81f5c7ab7a3d99a50e594b42c8

SHA256
6c967cd15db0d54210888cfedfbe059cfaf3fe2f7bd410a8a0a97a1f3364c8b5

SHA512
379d1c0aa3c57ad6865acb99f1d6ea672fdffb7777a70a2dbd55d1b48759e712d8bf3820986c997608f6d72d47682f5b95dbad22cd55956ece2447fbe320374b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5d2bbc2eb809476366ca272e5d298fe8

SHA1
8f72b254f904041d80717518a35902feddb8d1fb

SHA256
7b87427d423b54e4a9a4df46badfe44a4e41b542c51a529f84ec5ce34a2d5ab4

SHA512
50f9ba00d4d204018516193cdb75cf07ce5c58906dd5c7c16223a61f7c4cd5aaa927563c190637d49a46a972fdf82d1636e31aa5fffca8ea3a901acc8b8f7315

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c61c2e1eb12cca8491ce9ea94356e421

SHA1
bb672ad094d52e52287f0915cb2c6ea350b0f57f

SHA256
b69a3bec1716b0d9cb1871d8df025ef4a427526b33deda20f3fdac544b1908e3

SHA512
f4caf19972c49963c5687ed1b6258ed1b19dcad29529118d70a442df0fa7a727e914ab2a268cfbea90e73c6eb439f831334a2872e43d2c6913595e579cc46f6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a0d092ad71e8a397eac2757cba9f681

SHA1
9e76988803cfa4b3ea75dce7ef7da969bfdbf72b

SHA256
df07c636d47b5925fc817c45d33bffa7e6d506f8bf548aa405da11b01069a73d

SHA512
3016e77f583ed52d7de855d6a67cecc0f9720895fdb6cc5661bb91386c00fce30ea53dcb3886afe704665f0ad17f0aac79941f25f1edc4c191c3cc302ce4b5d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cf5a43a2c2d9c7351d410e0e46fec001

SHA1
0727e0d1d581492f41ca73538258381661894c25

SHA256
fc87ff8f5a1d9bcdde8f61bca0a5c18f76b7b597e93788caca7e6a33fc4cc28e

SHA512
d5dd8c1fffde38b23ae45465a0b2453d2dcf35293a4084170dd6c2f9438719e734a3033622e7a78c23e69041d0e51afaf0af560b21c5db50707718cae7c585c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
259d30280cd8e6ce614b133fb8d122b9

SHA1
db53cfffbdd37594702fbf95973a6eb05c896f2b

SHA256
08c3e262747a8eb52b5efffe91788ecc7efc18a456accc5fc5c795303c28ee56

SHA512
68f575937ebaf6c8680e390b2dec14d3883154dd9f929955c0fd2869686830e6d58ecd70fc8a2efee7542d37b5d4c34354659fb6f346b47147f4f7d690e722ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
55f8f042a9de8976a19238fe2735df3b

SHA1
2c9389765f02d05a4ab65dd6838816537d95e7be

SHA256
6c259414af8d3a8f2b828176230c04c303a6793a34cacf5c2cbe2b98979fce46

SHA512
941a08f1c4521bcc36e062732e14a85721f84b63079f7d8c95a20a531dd99ca682bb81610d9014e86aaf7ed16d1830f9bf40a783ecf4e7cd648eae9382a3c68e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA

Filesize
402B

MD5
a45e9bb3fc1367bba4ca3cb525100f63

SHA1
297e99521cb9df4ff3595f8dc521c3380ecb7b87

SHA256
a5d19b624872a863d39cbc53e4dac0897616077d7f8eb0eb8d68bcf8b8001859

SHA512
7e3da38cbf98e5965242acda609d5c0f4eca67fc15c9258dfe6f793904ebd2c3644ea98407b2a336d4c770e29102fe84f2980bd86e756e21ec6a0022ad98277a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLSLTMYI\3213516723-css_bundle_v2[1].css

Filesize
40KB

MD5
63c4931bedaf29098be5f9434e25a907

SHA1
be727a3ca5940ed22c4cfe89a05fc4bf46d6f94a

SHA256
630e4fd46a40c9983b7e8dcdee9366f5f7a921e8dc6882281dfced08b5744858

SHA512
f5190d3ae9f79d510d55d1f998d9079d52cf96251f93ab6cbad1198a66277c4d08d3c8747526c54f8b47dbeda64de781d1bffa25dbd037751f1120cbdcdaf3be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\get_rank[1].htm

Filesize
114B

MD5
e89f75f918dbdcee28604d4e09dd71d7

SHA1
f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

SHA256
6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

SHA512
8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2MOPHD\plusone[1].js

Filesize
63KB

MD5
65d165a4d38bfc0c83b38d98e488f063

SHA1
1c4ed17c5598a07358f88018a4872aa37ae8bc07

SHA256
b1320e0dda0858c87971f7baa0d53063ad2a429d232fd06b0067bda8b9eeb0ec

SHA512
abf4c755d88193e7e05398b6f934fc561d8e2adbee7d2170af399e145e54a4a8a93988e4af4e28d6240c0bd1bda7035ae97f67a85a471088820baae8d89f3d41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1738IZL\smile[1].htm

Filesize
178B

MD5
bd2695f4b079c71dbddde3436286fb9c

SHA1
733c05da132193d6cf1d8e242d12e2525c03bab4

SHA256
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

SHA512
5b73af24d095f7593026d3f211da6775d91c2efb5cdb0e0258ccca8edd3f8645cdf80d8338c863794d260f4bca08637233be3548d83e7225518dee2f47560798

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF5F5.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF5F4.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit