461ab1d5c40efd4f04d7866865bd464ff3f170434178abb81caa67459a3ecdb2

Analysis

max time kernel
142s
max time network
143s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21/09/2024, 21:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f0a76ec675275b8176c16b1739c86a42_JaffaCakes118.html
Size

11KB
MD5

f0a76ec675275b8176c16b1739c86a42
SHA1

43730a19be763043799e0fa510e865137f995831
SHA256

461ab1d5c40efd4f04d7866865bd464ff3f170434178abb81caa67459a3ecdb2
SHA512

4bda6cbc3889da78b455a6e8d9d2b6647540d22143fa719a19d985dfa075ac77342ec891791b7a5516476dad17ba9d3ddcfca4681f1f1287286f7d40ce696bb2
SSDEEP

192:f1QVUVqt1/kJrxvuiDOflWRleGWR/DceRbjmAA3crLUmN4tv8G2D8u2u0pVvoK1Z:f1QVUVqt1yxvuiqf4RleGW9fjM3SLQtv

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000953bd8210872ea40aad5946cc0771cd300000000020000000000106600000001000020000000554ba948a9364dceb1c10498dd43c29edb0358c32014110f91060e1d5e2df9aa000000000e8000000002000020000000b5ff2d471cc45f9f911ed407a9b65988db0dd54295cc93d455b783f92e920bc090000000c8c07c0ca7a23ba9cc28146389bf26b6cc9f0a46dcb0a42df9d54defa27f73f7e5a00637bab658d4b22c8693b31f6482d3413bdae43544190c38d5a31e7ee54349f37755c26687cfd9f6a407da4f032730bf28438314faaa496d90167dac2b96cb8b426df8357e9ed75ed3ee10d5414fafbbeebab03278a556981f9de3523b9d658a8f191574e525b60bc56d4182241a40000000f434acedf243495446c0337c73fc66cc9772afe2ffd5bacb4a9b6b3d80b1367df9b1c3b949cb7cc6e3f515a4efe55483b8c367b6333b406acf75dd9c7563392e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433116196"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F4511211-7860-11EF-9AA4-4E0B11BE40FD} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000953bd8210872ea40aad5946cc0771cd300000000020000000000106600000001000020000000cec20a618cb8366915a2fad0f6b8b8dd1b7a3ebec4708915aad884c038d5301c000000000e800000000200002000000005bd6a6194a17c5e24723885d2e339b8aa854857853a1566443a1afb08883d5a20000000b5d24b2b04aeede168c4f3ec248747a5a5f47345ac806e15a5cf3072dc99347b4000000077ecae120e94fccae31fcb6a1730976fad50fd5715c4fab6c340f1781175c71c7bd12e6e25a6ba85d40fd3f2d8d762c285a0c70769a29ed1958159b843b709f6	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 508b5ccb6d0cdb01	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2280	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2280	iexplore.exe
2280	iexplore.exe
2460	IEXPLORE.EXE
2460	IEXPLORE.EXE
2460	IEXPLORE.EXE
2460	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2280 wrote to memory of 2460	2280	iexplore.exe	31
PID 2280 wrote to memory of 2460	2280	iexplore.exe	31
PID 2280 wrote to memory of 2460	2280	iexplore.exe	31
PID 2280 wrote to memory of 2460	2280	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f0a76ec675275b8176c16b1739c86a42_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2280
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2460

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
373b6e335dc4d17cf85b29ac5d6ad3d7

SHA1
af39020b89831245cbce47a068acf5e8e40aed6d

SHA256
6bb84c00d969fa7b6dc6f0a7e3cdf93f8c899d4e627843314f178795b8462ea7

SHA512
3e5ec7a020ab7c0c29dfc63e4368cc42e97c2b3d5828ca33dd5e7aca779bd155cf254d6e3507b9a369c960d760412ba026f4484e447cf5b50e37f0f5261593bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
edddfcfb0e9e2b841ea9236026ddac44

SHA1
d338a1d4e11890a0501f47910b02d68495941bcf

SHA256
c9254191887681e91deee1ffce5576ef85931fc9e6436698d28db27e23632bba

SHA512
5a3b01708a16581f022305d91add206e421b0bd7bf65295d0834c422c0460b7918cc1f4b7b7267651e1c92453f3754d847c5b1c3799c4b7cb4137c3a2d779a9d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cb38870ec6bf537f97276042f42c9f56

SHA1
bad75856622f810669c3d8dde1ebb05010d5a32c

SHA256
ca71e1d27e1218ae77272f70972ef5318fc30e7413865bb2eb3a9d6fee4a3cc8

SHA512
b4ec513438eac38d1cc0db16bd894f56d3ab0e5f2f5e1718e2e553a9ba3b0a35883c7167f4aaba99f8930105302bf209581b9380a37a36088230632e02856c1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a0bd360790962d0215a0d69fd7434cb2

SHA1
5cca382648e5b3e37b265714708ef8d7c8680e07

SHA256
37f4c213fc5cc5650bc56d359a967955f8b00a6c6a59a74f3410d7e69e395705

SHA512
356921b9c34a0c39f85067297f38db2374374b7f5ffe213779788ad2400aba8ca1a3dc4d987fd81374dba066327d84db871d7d7445c545580be6c9251f6f4e9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf27ddd88ce03483748c137110c64536

SHA1
cb1db4b272f8da43bba71363bf8ab100da6b0e6a

SHA256
c694c4f97a7965ed8c4e2a63d590d3a07a54a3e76bb4625da66f926c53ff7464

SHA512
e70c593c91ac3c21bbb7ddf8511c97fa49cae2ac4f8d52666ef4291e0cab42610029d7b8a07eaa89f191e0912957e044c1974bf90162dc3597593cde2a0781d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b9b55a91006ac9ec0870a7f4be6e0241

SHA1
e61840d1beadd25948d687b431a182c7c2a4d956

SHA256
3a04bb6d77c5e733dcf70a13aed979c5cb669b00bad7153b5cdd6172c3d20866

SHA512
b30dae52362faa98ce58a0ce30434268116d854a5e1095b81950ba26225ee5e914104d47c85064a96c2c394f9c50165952cd2699d67cef7d02e77755aad89e56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87f3546ce78730a87a5b956c4a8fa6b8

SHA1
9444c9b73f6c3e88a1217b237a7ca8f10065af51

SHA256
720c260f09cbd6c488abacd3a4ec1c5c38ffca2a3264b489f548b51650ae7c06

SHA512
52b24ba7ab7f6312041276a75f1a00b2bcbcfc4f63e46a9134b6b65abe0e9595b7754720ffe7ff2b8356c0690a919fca288204b021e0a94cd9dfa5c1bdb3740c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ed149810ae02477d6857456af201208

SHA1
08d5df389985b700fd0bd525f18e462995ad7be1

SHA256
a16fecff8600bb4cbb2abb4b93aa54fbab2e59eef546db4fd0f019f7e82b8993

SHA512
3019fd1adae482f329d8ce2d7f87de77bed0395238e49cdfbfe80024a12f2cd15985cebe4916ad2e760bee7807c119baebda1cb5abda782959a1888c198f1f03

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
164f82ee84050f2627359331c670a4bb

SHA1
1ea5b1b402cf9f6179df68c387cde3ed572dc7bc

SHA256
9991c19bd36fb83154ea8b501a74ee4897ae07d144ffbe2bc836a678acccc6ac

SHA512
cdda5f3e86b76e4b5384945af6c3cf341b2d6f06a902ee9004a8be87a7a1ead06cb75a4c441f028257c55f00b8df517a21b61f2891d664dab97807f7456f98cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
510d407c8524de744522c3f183516c10

SHA1
3316424620a0567c5da19ff9462b396ab95657ca

SHA256
899526830c84879c89ee0c19393b4c6315f1ce524bd68aa41d27e21c81844fd8

SHA512
25eab15a8110909c13a5d6a191f29b330aeb8002d14b446c2852d05b7ff822c9a542bef83d7f6fed28be4f437205a955341fba6a333568fe0a0915403248dc1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0df5f728bcfad171c8fd080b9b998de

SHA1
2ecd923cfae97e2de4dff653c78965290baad944

SHA256
74354e35e7d54fc4d3c1278f65302c0917549faf655f9ed2f6d9316538dfc79a

SHA512
f97147c823583d74589927e42296c79532012b5ebaa572cdd81c4a24f4d8e2ca3971c2ef13f682eb83d015f7ff854fb08cef35c62704ba03da7be46c90c2423e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ed0dfa0c67c4a3e1dd306bcf5fe557c1

SHA1
25be7d5ea8e31aaaa57dc1449dea89cedfba37db

SHA256
539b56602f95ca3f21a20856873567978eb31560f84c9a4f76967d92980c50a8

SHA512
3a3161b4dc844ae579623a86c5123ac9196103e9b0496c6fa91a107b1417ea583d6bbef5241ffec4aa5979db387d701cb381ee7f6341c7af429e52a64a225cd7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bd3ccc554309f10921e690363f0f0af9

SHA1
ad7084904c93b6c57936f49c1ce5809d4921d6c6

SHA256
7250862f216fecf15ae4e178948ce72cdcf45a15d104d18bc2c86f17fef77789

SHA512
6ef24da61bb0afb09acdd4c49381c5864e17eba597387fcfaa7434394c8bde2cfd50e9c4faa7f6f8ec38460dbca32bc2725d420f2a184f9fd41d9072f6b9904e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aae01ea769d25bb867ce9c05b7e0b4fd

SHA1
f192f31224000063836ee026c4bf3cb5a232ccb4

SHA256
320d51f2b682beee96fb99537b5cd54f759be9d26c57d06e4e551c62faf78572

SHA512
fe4c691bc35dd66fed163baa120ea26399b2a03fa6d16081af9f277a4987859775fdfe6adef4e4cffe9e385559acd217c64652cb687cc0ad1cf6c06a5e372cc4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
66d21b4a1a64d9cc50d2695788db9917

SHA1
28ed0f54630510a6be22e50500b7e7238c826259

SHA256
339622621bc7ecec1b62a9ace4b72d8e44044defcc9faa8a972725a695a80f46

SHA512
1ec639ec71e7fae719334fdef99ae0327c26df52f7f441352fefd1686799191a2a817bae18106eb2794825410247926f7cfe4550e5d174d652ae380c7ae1e665

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47e924548998034a18d21f7ec1503994

SHA1
1a4242fea9a59c6e4157d9ee95141f32dd75046b

SHA256
5abe04a9249892e93e719448573eb433c62c6ab6987929228746a7843b0eac08

SHA512
5cba9e2bb97ceee6b35eb8883e517b879cf4b95bd673861037b39c48b563043b51c087e073336b7a4fcf85b6f986f4b8b0e0aa34f0c5747b46ff4d9f3849c227

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
04aed14780fede851293aafa14c033a9

SHA1
75f5172df41eee371d65d3e07e91fda0e896c24a

SHA256
7f03b3371bbfed4c87ae028c521f872f356ccb971c60b02624751f5a59025ee4

SHA512
e120f1f97275bb1dedced83ae7ca9bf55352f2f2d9f97f7e3c8e84728d19ee681501a8a6fb6f37bff37ed800d60606f9c5db65b33bd1a42662132a7aecf3e212

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab733.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar7A3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit