d3dd17c492e57abeb683e84ec6f0c0b9ea0b85400c647a0fa00175a48e9a92a6

Analysis

max time kernel
121s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28-09-2024 14:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc7e1a7355a2ac21ff4d4721e6f9bc1e_JaffaCakes118.html
Size

5KB
MD5

fc7e1a7355a2ac21ff4d4721e6f9bc1e
SHA1

85a407991cc5559681e1dcfa1500285f3cd6a863
SHA256

d3dd17c492e57abeb683e84ec6f0c0b9ea0b85400c647a0fa00175a48e9a92a6
SHA512

c5a698b97db8cd89c7cdf4de752720a92618d03d6a528ae031948c492dfe3d90ebd42002af77242eddaa94b8bdab109ad7116cb31d7bedbd44027b5a185bb12d
SSDEEP

96:n5U0W+LULDIB5wX52NfSa1r+RZ2KS83rqngtvWSt78bLDIBiWbtO:Wc65kPJ+RcKx3qgtvWm1a

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000f78bc55a2d04398f19985251eb25824a1347af911cfd6cb1d28db20538ccc7b5000000000e80000000020000200000007218c034236f73642c122de5eb76c72cf27f4968ad737aacd1f9bc61c11e9b372000000035b87c481270d9f338a6ff01316531177a96a96998485ab51a55db7d2c90a87a40000000cba57fdc7900901357e79108575d06b75429c45e5fc6fb3378c09779801ec240f03a8bf849b71622299905919d0d09ac68c2dcf9263ccdfa41511f4ee3a274d9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000d3d57e5942b7294899ff16d66499f61b03d40b49cb227c3f9038cf14c78a9995000000000e80000000020000200000003ad529734aafe26236b16b8daa83386057eeeb203c69182d54be0a4ddccded1f90000000da95bc3f3d723200b235061f9ffc204ff5d82dd7b6218d3b4951cd392455f40efdce2b15d7d85406e5ce3ece392417897aa6e4f68f11841e6099264cfd4d81f5d8dd5b403c32c20344d0f53eef48eb81121ca3c685045b13e7049c355cee0207fe7594c82cdc5079a310f87ad853f06036cd79016aa48580224ecb181d24fb21ebb3a21967d3f83ffbf05bcd86dc5a1840000000ee42afb247bace625c20835db8915963e34fe171fbc7f71bd553c2e14af28511fcbd64ec1326b78d8aaac11cbec0cd65f0da9c280d62914606c312999aaa8b8c	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F60BD871-7DA5-11EF-9EA5-F2BBDB1F0DCB} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433695590"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00765de5b211db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2348	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2348	iexplore.exe
2348	iexplore.exe
2520	IEXPLORE.EXE
2520	IEXPLORE.EXE
2520	IEXPLORE.EXE
2520	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2348 wrote to memory of 2520	2348	iexplore.exe	30
PID 2348 wrote to memory of 2520	2348	iexplore.exe	30
PID 2348 wrote to memory of 2520	2348	iexplore.exe	30
PID 2348 wrote to memory of 2520	2348	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fc7e1a7355a2ac21ff4d4721e6f9bc1e_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2348
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2520

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
80a7b31e9741e9aaa3ac9a462ab8ecbb

SHA1
9f588753ff27c2afac0e252b623e1fca7b45c8d9

SHA256
0c49870c3ceb953e8b51dd02a1c6dc73a4778a0ac2d49540f0ae71eb7d8358bb

SHA512
79bdad384bb25a434a10946498b930cffbdddbe27f4593d95578b7cabe60c97fb498efdc8d1bf895ff0cd109534147bc0032142fa84c9eca067201ed890072b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d11bf97b6679d2bcdae428925b8544f6

SHA1
c0165e3a078add33a8d92e4f30983d19749d1ad7

SHA256
0e5bc51616f74318f16283243ad94794c616c9c28088e22eb6fd537a5c172346

SHA512
03cab1c2c47ee771fbb677535797744d78f46e290cdb6c02a62935264d3d1b2c16678909d19a7be452341e7c637cb780e39204458a1b9ea2c71799647a17739d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a12605553adf68705720dc8e87bcb231

SHA1
2c4dc504afe163fefed3420bfacc7e58ff30d0f9

SHA256
7786932b2c372714e594c43827da46357a44090a01e7d626c176311c04c5f817

SHA512
e2bec6a11b0b03637c61ad8511522dffd4e540ee2cbae508540e8399df86b46e2dd71b0c2b4fa98bc101fbd061cd6bd5750de9f1430f431b7850ec81be4cdc70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
733cfff7a7211f9339d4fc32f689e4c2

SHA1
5a201f858fff82fd9cd939a36ebb4cb7587eddef

SHA256
2f3e363c3920942d525489b71ab495de78324369dcf1dd0e7ec078516d12b0eb

SHA512
c6ee2b15318889718edeb0cb6bc33186b0be29d4bb9bffefeadbafaa91d3afc7a4952d5ecd220bf5aacb6c7400d672f9e979b73fd07dcae145a037a11a4e3367

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
84987b83220be5117c35ece5590d4013

SHA1
7c254625161248a4783a12c8dfd243585a5ef954

SHA256
58c51b377e811bbc2de77c156ad6a1ae833a7b6b84730a354ab61797ad3ce278

SHA512
1f93b283a073008c6caf890d41f85001e46613157345fcf9359d4787142e3adc20325dd0ced426d50943b9cbcd91dea18ccd7f5990bb2d0341331f5a1d134054

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c90dfad0b00059ecb700c40fa7946704

SHA1
3cb1143bd24678d464e7c73a89f61324f66964bf

SHA256
afc2d3e824d272f9259b55601352e4bac22eed3ee456bbdccfe6f41a213e5987

SHA512
9ca3886b47eabfdba41ad97d274db5e38dfa4ab7c092111b2c323277f61072411e95bfdaeb9539acb30d24f992e7fd290d6c40298e50c21d13b7002001e89f7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2972838a5e6e8c29e7dca1fabd59a096

SHA1
92a32a14e6af41aef02a1265446b4c9bc4aafdb9

SHA256
ff420f9e94ad137f66082c3bb99dee514596e5e11dc56ec9ecb8416e3aa89075

SHA512
f1085153ccdecc6c49a09b9e85e83b62aae708f0fbe3938ff409c849efde4b1680cec25fb5591c43f8bd4cf60636b7b179c0b1fba491a9fcacafab1af35083a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a8bba9351bc4c538da76404d63426e8a

SHA1
a2b507af5213a4cfc7158c7937c5531ae732c1fe

SHA256
f4a7ad6505cd1d4b362b38fb42de02a546a9f5752f306fff37d852d2932bf828

SHA512
be001a4dd22b989bb07701d3f6bc63b21a017eb15fa341c46bb0bb8bbc7ad10d359d62d6c39ba18dc5230e7008d4599925c8995a2b085d7cb0466eeb13a2dd8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6e4df1b0cbb21e28f1981d8caf0d219

SHA1
d455d862aebf06440e50c90769120162334d56b4

SHA256
f7aafc7e24a2f85d2697b105784739551e37387cf92b5d1f55f50606dd177b0c

SHA512
21f6f2e7332ee6b1ee46bd3a4b6589290d99c548d793a0559a591fd2fcd96b0386f800a9059dc1605e5a30cb4bdbd833f6f0e154cf7205bfbbf3bc8191558ceb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a451003def093a59685ebed53385c91

SHA1
a525a99221e4f7f9c91b71c4f12b11f55828d125

SHA256
88cb46a0f2da332ddee3ebc5b70ea990f14b2befb565e08a968a01be37899302

SHA512
49c8ab3aab2d87ce5c4d93c14c4e1c6c19c90856b56c43cb4a298ed6eeb01ddc1a02035e44760dfc6b4bff409c7b71f57962b29df20da35356891054171e1da6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d14a6e388373779ac6889efec89ada0

SHA1
ec3e5da921c4e427ec06f73b1740db1f86833ccb

SHA256
63d4c425c26eb329f14856156301239f27b2ef995ef640b4aa577be62b7faad7

SHA512
d970416d5fd1e6dfbebb3a81c1997540263c39eb2541d8b8d4f4a9cb49ee27338b2d8de63e3b4647721642f7871ab2e8d358f0aa62fde71afad7693b3ab60439

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d700b650d889e9a912571f0028c352dc

SHA1
8d8ec111a1d81ddd3a735e425fe753ba4f190b7c

SHA256
91e60b4c81438d4b66b80f46a14e3fdf260f59610da8d014db65fa2d41b52936

SHA512
3af6ac4bb6f04e319bcc2f2e8274caa568811192fa322707f80409c95f5ea44c7298aae5001f55ecdaebee03714f3ef65140bbcbc96b3664ac6c7e4d318931eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2431ffdb59614fb5b3e46360db7ff139

SHA1
cf0b03d93ab43cdf8fda88fb7348dd12322cae85

SHA256
61c38e53e39826d789413b5c34e5cc17e99d98671e6df32edee8a5133b79b957

SHA512
6a9768663370588da6f8faf1e180218aa66bde82651e54f96dcf94fb3ac06eda0aaa070364aa02db372b5c98855ea1ba010c79ae95c3aea2a188cbd7ea04ae84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ebbc6c75f07fb8c46180b9628fa380e6

SHA1
97d0ff5e359dd1e84f25b32c9b36afbb2ddb6bc9

SHA256
9ed19d19eabdd3d8c8194504cd86383c8abc27f151b44e66e0b73a04be0f0e91

SHA512
fa155464be4466db6336d877cab7542839ce3ab6c9d724ccc6e5a60cdfbb15eb372a723dec1311e5b3d7a40c2e8f7db825c279f135e82d56cde6bc5f93147648

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9754f0f50c796d2919dde2dbfe3374bf

SHA1
9fad684a5ff291194d7dc2f97d6bb6b822951edd

SHA256
ad264230551b5b144f5973a3033df841b757f76258d72c7a15a93130c0fa624a

SHA512
fc43ab9b6e877baa508be7bb1613607344defa7ad9e635780be2b27e493b5d1d272603535fda163d6d4192ad229de72a95b027941ce0791e8def8d6119bf2263

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c194ccea8d017d2f12028754cb674faa

SHA1
c145cdd7343135b7087914629b4aecfee68cb7cf

SHA256
bbad747d2ddad9534dfb4633eb460df49c47cfc34b185886341b12e449900ad7

SHA512
957395c05415504d6036241f0eb4e547d8e4f9c3c2b15fce72ffcb8f77d9ca801353ca5892eea8a615f0d7e9eccf0a38eb5684ce25f31113d665eb20bc18f2ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03cde6218561ed5d5e92a9bd71ec6f11

SHA1
d84c7a7a0cee148c27751bb9ba07796e56de26b8

SHA256
9c47636493ed5fb37b6722419424dbbc979ece68bab39131133ed6752a6f6e1e

SHA512
af851387f99b779f293b84954bb3e05323b05835b50cbd86c5b67f35d34d6cc002046122842da4524e762bf7f6ab4ad7da167946e32bfef9f15a496dbf18de60

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab89CC.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8A5B.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit