e9ab9dde139960b48795bcb9d1fbb7a0687ba5ab08f857877001f739d344ce26

Analysis

max time kernel
137s
max time network
131s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 06:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eac6f6c09b7dc09280f64870686dee9a_JaffaCakes118.html
Size

6KB
MD5

eac6f6c09b7dc09280f64870686dee9a
SHA1

eb201141c44c98b90320e2ade8c55a88c64189c7
SHA256

e9ab9dde139960b48795bcb9d1fbb7a0687ba5ab08f857877001f739d344ce26
SHA512

dcf19ce941fb884f5b7a52716a21195c0b42ab8c3e4671ea60642990ab40970b37e65d9e1f5115dc6080670d423a5664701f05350fb3c9e7b581d1934af08d49
SSDEEP

96:uzVs+ux7QWLLY1k9o84d12ef7CSTUaQY/6/NcEZ7ru7f:csz7QWAYS//4Nb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000eca4077f5d8af845c9fe67628ecbd8ad18ee858a676b65429459700db82639ed000000000e8000000002000020000000bd3278b380234354699a29ff750fe601df3fe1346d6e9d756ae0e1b4beb42fb7200000009341c3ccd497d6b132dec6d43b0b434b6c3f13fb4f662b1a7e5e3ddcce271f77400000008394b465fd8ec3f887f5c65df9a13fbe66dea1b5687646f75657e161362420b4ed34c3cbe00b667d3aadda97ec793eee7fd23247c337edf24891a34b6e5dc84e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 0009f4025f0adb01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000ae617a24cf1ca1a0f52c228e7294d3f1f5b7b318d142504e2eb79c89ed3cb526000000000e80000000020000200000007d3e016134d1fc618929876f306b33037ce69435ded4103d50f128a5b2bc2672900000007bec460c0334d037e856a9901915eb4a860098bdc3b07efd4d34579fcf5178f66a0423a1f13d01e1f98a89d9894a1a45a6a5157d7661cfe290d85419a0487ccacac72f004ee6b1888a67a0b74e1aae1b8641c04fe04cd5f5144ae8c970de1ebfa083971f5d4ed4cc84a9d4d54b1a27889df0318466cfcfc78d94c6d9a1770be1a93747925fcaaa8b98a5f0848b6b978d40000000c4bf95e4b0b7e9727af01648e328a5aab8f24b562fb9939b77aaa4f368bc006a82e0caf1a1a5c08ce1143a87a1cd11d76eb8d5312c3fe60d970e75fc1ed562be	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432889908"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{13C41C71-7652-11EF-B1BD-EAF82BEC9AF0} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2972	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2972	iexplore.exe
2972	iexplore.exe
2500	IEXPLORE.EXE
2500	IEXPLORE.EXE
2500	IEXPLORE.EXE
2500	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2972 wrote to memory of 2500	2972	iexplore.exe	30
PID 2972 wrote to memory of 2500	2972	iexplore.exe	30
PID 2972 wrote to memory of 2500	2972	iexplore.exe	30
PID 2972 wrote to memory of 2500	2972	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eac6f6c09b7dc09280f64870686dee9a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2972
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f1a93f7a649185cc4d2337fbe2bf0ee1

SHA1
93cbf1f9212fcbd8abcb0149584be65392e8dcb6

SHA256
15584611e267abca3bff7243a94cfdf57db97b52b7f1150f818cc09ca7649eba

SHA512
da693fcce2c4312d9fef10670879f2de2df823d6b14ce98d4c68df4f8efb3c2a6d83e5e93507527a8e288f3fad1de49a1a035fd930b31ba63cda3d82ddf88978

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4b2da46439feae51512532301232e4df

SHA1
13890764da4f9734aae1ac5b8acd4e9c74a8e1ee

SHA256
8736c427cc425bfb9a2ae6974809cd98e1bfa133cf64ec4861341f5614d2bb03

SHA512
beda5d99a2471df4bb8ae95371bcb282e564f862b573f9ec39d5277db4101b47034d6f132b4b3ce161fdfb6dcdf31f76a6c89bc66494e7e31c43f68593ffd4ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9c9beb5a969dce0679aeca4bbe29e72a

SHA1
b53db01ab264aabb2032eb16e90cd2dd9e7872cd

SHA256
4b81dbdf0d3c324e6c50f70383b64d83e6f9d60b291749992a7de8826f979791

SHA512
5950660b72c7ad430cc4bdbb9f72bb6d4f7e2a5fe4ad564e84fa4afedffc3621e018c71e0e8ebaf2d57b00e9d3bd9935d4eafa9fe4c568f14a6ba240177a4174

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ac466e09e3c579bc1a7ae3e84cae046

SHA1
72b2c4903bf902307c19187ab85f6399e289024d

SHA256
d693b715b75f0dfdba607e7c560cdd72ca80437a44ef5cb602969289679fff3a

SHA512
a707e56ab6fb78b80af683e1714c78edff53d0078e53c4b166f93e44c01fd277a2bb552d3109edf76f35586b6a86905f4a302a3f8d6103cc8abb08df2e749ed6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
57caf02ba554fab98bb2b3497cd5dcd1

SHA1
82658b26aa0d0ecc9e0e64f7497fc92f5c22721f

SHA256
b547e679fcb2086e89230b86a79bd655f0496bd55c582482785f5cf89427ecfd

SHA512
818f3639dd7e25f77831828d39f200fe94dfd33da877f1070c4bf9f0f3e78c9dc3a55d93cff88da44e4ccb6fb379d7a6582e3ada25c12c8f71be0dbb5641f2a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4a400c58fd0f450d642e54d70f6802dc

SHA1
f2ca095472010d9e8bae08adbdbe0b981f19d31a

SHA256
e516613c231a6a084af8a45f6238a2599450820ecbbc0d07957aaa019bb68677

SHA512
3e1642c03949f9992c43fd703b6d8e892884e80cade1d37a6007b0052de711669e3418523226359c588d71c6e1007f54b0683120640e73491e76d7e2f312d5ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7648f42fb614cf5d38e670f72e0dc1e0

SHA1
9f36e67981e260c2467d66a4e8760c55ed09e321

SHA256
854978f96c88103ae92aa590e4b1d4d959e43046e51f0ec036d6e6e6ad968be9

SHA512
dbb903cf1740584bc7e223c52dbcdd75650c373312067dc2fa7833f0a9027d2266538979f16a8ec126414f540a72de7a2035eee94230f81f8a9b560ff7779e42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f0b0618cc6a39757013cb1ef5d65e6c9

SHA1
92e234f581a3b7afb6c5c315dde58f111f9d2943

SHA256
d127dd3b12b0eb00b526e506eeed07ec44eba1102a96bb2173a25b3596e728c8

SHA512
0e37d88e6a04d79819800895b7bbba8c630778fbc4879bc30ca22491287d54ae95af37b4702b12adf0d3519bcdb3b5afb2e5744d9ee5a5608bb5bf7afcfd2b06

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ad808807d1a06cd2518dc0724f0f921

SHA1
6215dc9e2c7bdaef93ce9a8620c03a3f4ea1d1c6

SHA256
97dd34e9f15582930f6c7a4e129ad34720b6642ba077f8cc779689c93a07dc57

SHA512
615f6d14ab14886e73c94ee41f379ff3e18a5bc2e5db74184528ee254aa05e39277a53067bb9548c5bc0f71cfeec3400e54ec8b5095bfb9988e911ef2f412536

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
923a04e07ce68f9163ef3230b6e89ce4

SHA1
d49bf19e8343e98eb609d4a140cee63b33c8c12e

SHA256
435e286e0a296221a12249a683dee2cc8be6b09c353c6a596f7666d85727234a

SHA512
d2574fc26559e651976bc8a1fa7c0db1de5923edb2b85fc483205baf614ac01a2437f661ed4cc4093873052fbab09640e0f8d9944920ed2e8998c3c153e21b1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dfb9ee47bee33d501093f57a52b62317

SHA1
4633e11ce13223b843a7f529cbba9aec588c0660

SHA256
f6e2ce519523306c5b179a7688de357bc4558559e893b76057a6159dc14d2724

SHA512
ac5e1ecadf2b151652e43bd7ff91bc7fd4dbe505fa2aa94576fb5840b3013923bf90b136c8e557b9cf8dd43a5f355441d8d36607907f2a0d73a68bde4dfb0124

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d583080f8c40bddedbbf0e6c868a9201

SHA1
c1213aade493eddb24232cdcffc12a24b3c85b19

SHA256
51192c45dc324cd72c2562bc5a658bc9138ee005b1487c76826c914fd90821d8

SHA512
761cfc6e6412b36cb8e28ad811d555cd7a02fc8f182b18de9acf5665160bc1aa9450c680508bcd6fd9f199b9c0a2bc810074601ebbd30ef65742f8df51b44263

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
10531ba87ceeb5dcf4ab03650eb6f4f6

SHA1
2b9de7164b0c1e1c2d6f18b78e92fbd6bb764e01

SHA256
0c2fa25403c8fe36597531fafe0a8fbde5b2ebf8c1ac0934183fa16b07f5c169

SHA512
8c5bf8089310b84fea6a629ce8f32ae841b4ebfcbdf2fe8139310b8ef3b78df2fe416efe875ec93353a20a4228e19acf634cd6aa934364041c645834b6353338

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1680af2e17cafe62c433c71c67efa46c

SHA1
cab4206b49bdd901067e6cdde8fe483c6a07085f

SHA256
cc52f53fcd8a1335b8a24e6b16db5547b538007d653264f182f802d6fd1c6197

SHA512
7ab50ac4c232ec37a71c1116efbc4671f7e5b7536cf657b548326d99f02d20ef0db9d426b802c82e86f44e3acfe99d929f878b6c41d20daccfe57a51d2936165

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d38ed8b6ba389bb2fedf8b0183e33b72

SHA1
a4145537a3f37ce6ca3d69bbd9d666135de5e463

SHA256
3b6394ffd469636939e5baae313c796241610dd9be2a13f6f20a7e357f956e52

SHA512
25fe124ab7205b68c6a2494a657e35c7a38ddb6a233e7660adef5c3771b4a90ca9f577d3c38f29cee52a98ca7d8207b73fd9cb1edb9e5bfbaf5c7d16339b9ccf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a38ed827d5deb1aa37ef0bf7191d8814

SHA1
321d79ca5f84c28f2c1a00a8f6e7cf7df1cedd84

SHA256
afd5c3a900c9e93b5475d0fde3d68d529286faffc9906b3044de7da3b7c88208

SHA512
120852bf7c3699c0d1939097ddf30aa791ec7b5938e596880b772f4accb17055980d6190e325310de733c4f08b259de807530c67882acff1e7d780f122a2293e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
70f9451399e4ecb27553e7d176bbedc1

SHA1
281c101108b68beb70089433c4988817d7221c27

SHA256
db91ce46292cdffbbbffcf69e783722488fbdabdef646b139e2e46c6d0af9bfd

SHA512
7d55ed3789865101dd648cb4aaf7eca3f81c0a406dc0de7d3082a8940d5cc4b24e59cee4c1f0b1cca0107306e24c06ccef4a9fef1061912c8c9eabd73d1be380

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6E4F.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6EEF.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit