6987351a4babbb236c321e44c5f10698797c7966e95be2bfa21d349a5cb3a4cd

Analysis

max time kernel
70s
max time network
134s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 07:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ead337dca29ef73de93ba67f06343634_JaffaCakes118.html
Size

2KB
MD5

ead337dca29ef73de93ba67f06343634
SHA1

a9fe38ab0788f0cdf6711b419dee39bca4f11d8c
SHA256

6987351a4babbb236c321e44c5f10698797c7966e95be2bfa21d349a5cb3a4cd
SHA512

5e8c713878badaab2cd6fe96069edc33598848270226ab6f61cc248f444f08ad94f4a4a9cb3b20fb0a22ee3c9e0ee232911a7241992d30270595401cf2e6e547

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0158f5d630adb01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432891819"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{881CDA41-7656-11EF-9E99-E699F793024F} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000092961e1c5723d03f7b29169bf4eda8ab6c8f9fb241d511ede33d5c1bde5ac120000000000e80000000020000200000003804d613445f2b2893b7d11674c88c31ec0b2fb87421e32c35559115fcadfff420000000efe628f017c929678cbe346412f6d4e19c866f7ca71c9b5d2c17e26b1f2e91b7400000007e036bc70c57deeead6d741439015f9313d5d365c35356643ab1de84c74f76e3087409631963cc97480dd5f7f9d1994fbe57655923c770ee106eb5ade33c0596	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000006ad4c301341678a813f6aa7cd3ba85151e6685e0e47dd6f033f97e5d0e4abece000000000e800000000200002000000059309128affee54e89b98c372305372686382910b7a3c8e09090a7b99e57183e900000005df9e5cd2e4dc0222c79985d239333ac0da4b0eb10206bac9b3eaf15ae6fb2d19d780a194c003d2d681da77cd4b28b695b6208d3e281a0a2da7d5ae38e4e378a8e1fb7ab90866c044f813dcb51807e701fcda824d84870cc83c651f8c1f964ffa11f886bee0e4fb73f240fe41c01abcb9505c0b49a62c39dc908013fddd594340f85e703db15fee34376739bb4596ead40000000da6f1fed334784f0eb909a24494789365cbe9a3ef3719be300ea5b2e16bd87c6440387a3a3025222ac9d6ae57c9949ddee979429803ea24b827ac32545619ec2	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2260	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2260	iexplore.exe
2260	iexplore.exe
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2260 wrote to memory of 2764	2260	iexplore.exe	29
PID 2260 wrote to memory of 2764	2260	iexplore.exe	29
PID 2260 wrote to memory of 2764	2260	iexplore.exe	29
PID 2260 wrote to memory of 2764	2260	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ead337dca29ef73de93ba67f06343634_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2260
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
df416293a97f8fcb2d13aebf53954c2d

SHA1
c09bc41206b5134d9706a27891347a6857419e39

SHA256
f39c87e4bab5297998fe067b6ebc78446c5b158cada852a20f3ac75d36e8b1d9

SHA512
86755b006378265078eb4dc57b517157a566b076e2fe4141057fbd982883fb9e563efadf1d70fa1f93cc1ce3b7660c91e0a6ad379c94f0ed9501838ea4039a6f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01533c449fd7ee138cd2c73598114ad2

SHA1
45782eae906506dae539f8487ab27d761649275f

SHA256
dd66edb03ef03b8b300034824f10b97c66f201d83254be7d0c256df4a6d2e426

SHA512
99833e929158b584ad5a5101b180eb6cb62cbded230e56f66a25ae1fa5925e1ff7d9abc3cfc30f071997a6dee120e2fcc210a89cb0efd2a9cdd728ba310d4b2b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6bb13f63dacb42ced5f7140f94917ff5

SHA1
fef3db9ae3d1ed10ba09ff3e7b862aba6f46507e

SHA256
44a92cf1fa28669342ee7aac6ce8eb4a9f54ed04180757400456eba7dab5b7c7

SHA512
f7829abeca83abd3dc5e34fa6c297f2e62c50e27d1cc1cecfcf2d340d690d21a9dda7933443c00994e213912bc7fdc3e392702b8d2f03653855203fb53327954

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
00cc01754754406d3a777bf061a5157b

SHA1
6316378a0f2fad3dba38ba70c1b9f3e5c247d2b7

SHA256
72c9db8054849eb0066c32c91f49c5dd4e7f9085d1cd6f8c23b38abeb0f27446

SHA512
62a4f04328d6c8fc097ffe242d24f005366ccba43efd49b8d013d9419d929dd896aa15ce2201cc73bddf881f5bff477539e57b15fe38662b117ef6a1672800e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4980759a3f4e4dca05d6106520041a8f

SHA1
42fdd727bc0b9b1ec38cba7570f2df1a13197324

SHA256
226f7f95fe2906a5b3d7a01b7ef6a133e174c754bc9672842048c9bf7f58543c

SHA512
37065454405f0df12838688ed650d3b2e2a47f541b3893e4ed06d04ee38cb0a97486862193094ba235b4943afb6f367946f37d5d47d127b5f6904cf9e2626d2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
772940e90f8caff049d4abbe13ea3ad3

SHA1
b8aff0dbfcba40c5ab67ff95cac97733dffdd474

SHA256
f9e21c35799460c85d460b1cde6cfde9920aaea5c5d5b3d24713414bae8b6a6b

SHA512
f337fa5a8fb52c22960e50316b285bc46d1a47bbf9cd66124ca7c013adb9e4e66a136a18a0c5898391f04c68ffc20aabb714818ee006c7b383481d9cfa8d35ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a727fd0ca88d7ee71024667697d95a91

SHA1
7fe5c7784a1256e18805620d944781eac71ee221

SHA256
346aa14d1ca165360a5176769a9df6a29a0f32bb17b44757e5077b530174585e

SHA512
5e26e50472eb3049e44b106514bf2a6271db97dfbd983ed7ab1f12279ce02f8c644dc65afc6a84a14ec86eb5a76b1b1b9810c8ce2b944863c2e42316f650e0d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75e986ead5a20c0e6d208830b50bb8de

SHA1
ea8df6ab0ec78cb1c3492f17e29202b084d2ef2a

SHA256
7df3696debcd6572b992f7cdc22fbccb0227b2cecc91e9404d451573198a2726

SHA512
84bcbda9d1a68de81d031778cb9b831352c5cf6b7776c9df9ba8bd357a6b825e0ac3943e972d0b9a213ff3f35f1765a30443e36bba3e70bf7b50b009d1e41611

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8f7a8c94ab00bedbdeebb72d1d5f3b24

SHA1
ccce120621f24fbb3b6de73c1e1f78d2702944cc

SHA256
8c9bb46c525e160aa7af09182035dc2f85af5736cc1d18bc6a64f619ca4c3fd5

SHA512
c063e42c6f727b30236ab3a433d3efb29d5050d03ceef31e50432bff115f9a4bec080f841adc7f6b2834e5fc9c69a8f0d26fb99015bb670ed856fe908e09ae3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
df546ba4a9be4ec45bb991875e864bce

SHA1
4bb930d8c6c3a0177da6c1cf61e2c50872ad500e

SHA256
eb4091e6ac0eab15c9f95e51f056267a93d2871d4cdbbe4e3bf0f65a5265002e

SHA512
7047b0bfddadcff0469a9a7b15a6ecd4c27d78370259ea43490f857282434f643df8a9c02d957f0913279b9b43665879fa58d1b4aab13ebb7c68155a5c35c998

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8080c843d738eca6cbed7a9e00508916

SHA1
87f3e20f75982e76d8450f92fcf54e5005bf7c2a

SHA256
db0b0b81743d980a099f0a33d3d9d603d2490e9e36779a8289817042aa10f314

SHA512
80af7ec3ba878db6ece4b917e3d9da24d3e9b889660b340d91449a49439ccce164af4dbc5fadc806f7dc945af3291c62f71d949f6d87a9f9a1a1c73dc2ab1de2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9331e97a36c8d2e1d686d74e0c1edb3f

SHA1
dd0c6256facc346e65ba164b61f54921a8278913

SHA256
f917de78708d2aac77f6003cfff4e06bd8a6f964b679719562923e740f1f1d50

SHA512
8c13a5bd241136bc5274d45284676c1981c7807a6a6e25761bdb39281bfea9099f9091d1401ddb1b3a0bc90290bcca6376840302fa8c0fc9c6b7564d7feda8d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb8f471360fd280c398fab6a44e46e49

SHA1
6e745549f6e3dbade7e9f196539ef72d592c2aaf

SHA256
2e4d4e88b470da2090d0f600546a4e1754f6a6f9f91ba459d73a6f0a0543c444

SHA512
88bf7d197651b3ec087bca79094c35fa2b84c32f0a722d6f3f63d4bb9565e8756a709514d55c0a94fdd8634d7aa45c799f706228b65f8d5260d8938972d7c44d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
441d2ac1d76402a1e99032f72b233549

SHA1
48d652a88b330f07b1bd9a37a149936cd5c0ae75

SHA256
20b9812907d356d1bf8f3b4fd68e91ebcb0d0e74ae30b5116cce7fc1f32f6e3d

SHA512
be7fec8be0c17b6cf77768a33211daf994911b84e5297abe3202fdd8a4f295fcfc94cef971f994664ef84cf9d55ba5fa2edd5f28a11a749c4cb9be1abec136a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8cce036981108e09eb3170d6d3d45dac

SHA1
64b1d54079a1ab6a50d57d75d4fce213d3f5b7aa

SHA256
273da7084079cbb0184b65c8f9b12066ee7e846bb2a6613d2c9f2d333ab00209

SHA512
edca28ff5eaba0768fdf38bddc4e0cff1548b4d4121efa67a10318776a9791dbd960b3474e8cc6d3ab1fe9a2a700214403e1a71ccac5750ff0d5b15a5c143ce8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c7dcef2a1f72bc0a52bacdb5c60af805

SHA1
043cf6c1c2d5deecf3c8ea23976bd30b16259c77

SHA256
932d40696acf196c4fe5780a1600af24e10bda17ea5b14e407e6e88ef4c48f4a

SHA512
bc066b012697732025dddc2df543c64418f11385c204b23a6b504a8eda25d696921aa31c151e6ee6f891ac8b3159ec6635fabbe04ee4b7316214b91e794704c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
106451c97f9c850f0ec03de276465758

SHA1
bce6742a9e7855a6ec3a00c21a59c243ecebed71

SHA256
819c59916ca2568c4435a425607f43c2151a8c81b3400a733f1abe23100d035c

SHA512
8c35b06f6cf200aa4c040f8ea005c69a413c773c7b5b396ef6d40bdd7d034accdf586852ad5232f49af3453563a8f11bf019aae3c5fb6c3982df5814ace56da7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d59bfcb0b6acc3ded75e42cac143b83

SHA1
b5f05197d106baeaeb5572424847eae87ec0e1b6

SHA256
4b30a058cb68685594a28e718245696dbf750f52acd6eb084116f38f6a56b449

SHA512
62408a7dd6a26a3141986e8d0027795aa02c68bd9933507de0cdf290a482533ed9098db2af6909cf73d5d4cf127670a7b7e68704b78acbde6e99ff039397d9c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA95C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAA2A.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit