9f69dffb01f5a0b10aa9f242b2f7864509a9eeea5858028600cf9b33d16ea9cc

Analysis

max time kernel
69s
max time network
135s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
02/10/2024, 13:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0af534441926e8c4ca5877d748a57a55_JaffaCakes118.html
Size

6KB
MD5

0af534441926e8c4ca5877d748a57a55
SHA1

ea6deb29c32e71364db9ab1bed04f2a602d07479
SHA256

9f69dffb01f5a0b10aa9f242b2f7864509a9eeea5858028600cf9b33d16ea9cc
SHA512

92747154ee88395aec35a8015b2cf11186a29c09fd1e5a750878b659ae7f46e75d50d6e74e946272b019d0c0eebebe81b52bb11414a290914542145cfe6b39a5
SSDEEP

96:uzVs+ux7BILLY1k9o84d12ef7CSTUebolcEZ7ru7f:csz7BIAYS/Xolb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50775688d114db01	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434038647"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B2DD65B1-80C4-11EF-80EF-5A85C185DB3E} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000003967adf2df292164763c2603be81993537bff4994326a864bda0896345f00b5f000000000e8000000002000020000000ac16037b898a2946d367f43fda22e41b80925da4ca1d2c12fbeee01a967c7a7090000000fcc1c2b98639de277eefabb352349b9f145502e2be48bd889fd8389ba28cfcb2f8a87812c9025ae4918d6ee306bc21ab4c3ba46bec45cc8e5f02e35a7041a8721dd1ed868727e53b88cf9c6c93898390cc3291da9635d61558ec4046b9e6c90bcb9faff581135291ac34248edc8a7f95b3343dbb2f4c130e254fc150c298f3c6416cc4db75277fe025064337318b8efa40000000c501cf81603684f872ab735cc3c0b061275bc49408b755ab868ff8837b4e26f5bda21adb3202097ee7fdfa8667703695bf4da50c518b381a6aa6ae4337974e06	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000090cf8b6dd125a7fb35325b8c8a0913b6268cda7ca68c58f3e870988dc91a1ad5000000000e8000000002000020000000d00cda3fe4e45c2ca293b8034649f9116dec837d5319a6f9cc7c7dd1a8a3e7f820000000488bbf81b09be912114d2b4e832d35a7794c86c0754a837cadd1f829fba0bd4c40000000ef4fb3b2122f08200dfc317dad30f67866050c2fad18b898bce9b8d5c38bc567143a8c6cfdfa5e1680fac943e314b8ec6e50eabedf2cd17b9f359ecb67590dd6	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
584	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
584	iexplore.exe
584	iexplore.exe
2848	IEXPLORE.EXE
2848	IEXPLORE.EXE
2848	IEXPLORE.EXE
2848	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 584 wrote to memory of 2848	584	iexplore.exe	30
PID 584 wrote to memory of 2848	584	iexplore.exe	30
PID 584 wrote to memory of 2848	584	iexplore.exe	30
PID 584 wrote to memory of 2848	584	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0af534441926e8c4ca5877d748a57a55_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:584
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:584 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2848

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3530cfb429a3241fbac2d519a9d6922a

SHA1
dfef00cf93514cac2074ef39acf584f6a4e41d17

SHA256
f63d499af765f854593a073e623d02ec6e6733936907bc5292a388886c0ffd03

SHA512
769e92ce0cbaebdcaa6a5ec9eb6bdcc7721d8ab852be8a480c56c44cf487e9eefae08b37f262eb1f714927ff7f1e36ae7db870112c69810baa1475a637909249

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a4494d1eef6565458373125aeab80c93

SHA1
7bd4c97031de74e20166b89a5c814637e14d82db

SHA256
8eb5a131d2bea6ebf92259bce58dfb5093f5ae6d29e19205bdd3ddaccf42d4c9

SHA512
7a3784a8d199f0019bae318d0d687a2ef921221adc334939fb8c36b0c3591c3c11a8cf4eb401245117650c4aa7810c84f5d0deb1587638b249599128d6ce4b96

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
70c8f0ed67d10d3906ea4280f72c69f5

SHA1
efab98fc1d9e98653456476aa78846778c5a3005

SHA256
2ddbcda42d99ec82618e8acac169e642df28df254043b0105eb17f6d8df8ee2d

SHA512
3743593017d97005c0e97a150e2dc06f1d8f1c315c18e0a3766c15a047e3bf4dceca453bf0497b6c452c596f339b4afd0cd8d713b62c9a9d89995e1230fc3110

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e0f228d3083bc6bc41319e30b093b65

SHA1
c3280e7af5a36b6052c3d59995eb54b8c805ad71

SHA256
0673d4f3dfeac1ec8ddc951496251ce6a11dbd41b7cce74cf50de195adba36d1

SHA512
9e500cc5eac1e52fa753f04da531b24713f72a621a4ad657f0f589805c2991497f8fd2a1639f6eb87443b74af9bdeb042c6b32238cc6d9a4200e754c8b38af4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0133d3354a3609377ec7248e4e85cb4f

SHA1
14e80988903a8a86d54c0c5aef12a7349b82c0a8

SHA256
6e253bc2a88b3071ade861904d92f65ddc8a38c8296c4b8cef01a91de0062ca5

SHA512
1c494a3b7b3c6c36b9a906c2ad1edcd758bcffb58f8068a9d91304758e0405ab1ce8e7d97a17ed562fa6f8aa677dba6d2f6ecf78b1e60cd9aac7e5b48b1092f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3a8129d49ab88746dae489183e7eeab6

SHA1
7477572c5d22a10a0931ffec91cfddc1e2b7714d

SHA256
93ed29257768b86bc3a9c0cbd3a4734b6a8c560ea9a7c1b553449cb9ccd7ea8f

SHA512
4beab8165dc42e221650386aeb99bba74c3fbf2839ace429aa8a56fea56fbf87f2caacad6c5980ef7cbecfa39e90c76e3ab29db57fbaf2a909cb4d5ae8d02259

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
651c89f4dfb0b2ea124e5e54fa9eb519

SHA1
ec83b4dbff9f804e0ba36a83b5f5ca44836e0fc8

SHA256
986f2ecc61f1e370151f18e1d1c590f624cdc6e41a55951591c0195cfbeab99e

SHA512
e27ed366e051ea53771fd9f3e9d403b0f4ceff9ddf90423aff7ab55dd6eb29be609c8907a20b4b644cce24a3484aa585fdf739ac5be40e6fad1bec0151ceb205

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eeecb287109ceba1091814711094de22

SHA1
06dbcdcada1405c236ad727d8dc868f14a9d7ece

SHA256
585539f6f13ad6fa83f6caa6c07616bd3d82ffa7bfd3e87e6d2ccb7335abee86

SHA512
a7c69d75a5e5633d3579667ef869dc3d3cf15bc7b95bbcab759a3d7c73b5b5c7b74e0bef242eec2b795c4e0ca663e5f0976d5d3bdce492bf294f6427e113f096

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b06ddcbc6d1e4296d29e1287347af26a

SHA1
797b6969fb3089ff551f512e0dc6db8a05e2cce6

SHA256
dca5a57b04f0b669b2e61751a3e865aead51bf20b8b304397327522172f26711

SHA512
5e5b56a329c98c134d77157c87b88c5af8a8cc2ee0116760b659ac676effa444bb27819cd29d058a3d9ec8c2a82b2fcb3d52a0f4accc0ee036fa5edba9c1bc67

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ef1caadb407bb23cd4d72cef81814860

SHA1
6225a1a34794b5eefeb9ee4c59f8ad2de2e9212f

SHA256
af3c0141322f0d807b209a96368c0815e16fcd5b837971226ec17cef903e55dc

SHA512
e7505eaa3c79a12cf165bb41efee025e4112eaab3ad10868ec8a8a8d0a6266fb49d3b8ba8e5cf5585fb5761250279a6ba7416bbcf91fe85f69fa443d4da78d8f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7b1b78efce4c1754b6fff35ea5d7d27a

SHA1
457d2d1c666ba32b92fe3dd607c736ed96d80a4d

SHA256
ae9202a447b55ec5d28506da88cfdbf1b5c8e540fcac20bba0939b1e0c383bff

SHA512
2147dc8c929edd2aa58b89b8d1ac5d728c1f130c5011b6bc2ae35a1cca5d7cf5a16c5d6909b4051a5ace7706a90385bbed066b6659279284a8244965931319d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
98c8b2257161fdbc335facd3e27fd2a6

SHA1
d86dcf29f08015e1e315649545f2e41f9d06092c

SHA256
fbc04ed84d54b1c3c827c68f3f85797a097b8e4d507e1210224ca604ec45ecab

SHA512
4dd867247dc288409ef760d1332942dba563234a53b80c84c85aa75499dd9fbdd4e63b127b47cb55bfaa65a91e831994ded6d1b293efb768c2b08be38034c7b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e58a221521167a7d153ed9e5f5ce1a6b

SHA1
56e47e9757c8b07c270de8b1672a85921ad8c8d3

SHA256
ab56e2551ea37a209a2a05bc7a3e473c94886d108353824cbf9a7ac635bfd7a7

SHA512
038c7db69feb4d972194e303f1070a29d5149577a665d8840c1564751011bf481636b11bb40c61e10dc8141ba01a6b92785503a8eeeb5542e31cfadd88df82e7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8047b32d98053dd27e6362c49f527f60

SHA1
15867029ec9c3ad3c061d8786070fd39d960bf27

SHA256
e9ce3233202fcf1690235f5e196b466a5178e6dc90d67d467e8564f6f580f8b4

SHA512
e79516d305c371c73e6de7e0b75f8283fefd26831d0b7efbfe403f987b15bd81ba6b50fb60956a4e4c0e3a5d5076ec6dc0ea308d0d0cd0268ce50e6b1fd38ff4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd6b9a315448702e193fbd86e79144e7

SHA1
047defd2c547986495946b0e1c1b619a55f00475

SHA256
88639c11ce426c20d527432f172eabadaaec014a3303404dc58836bb18592ada

SHA512
cc25f3f1749d21262372c14808e2dfc99fa8a701eca3a875aa09e66c722ae9b954fd04e296c179aa42ebe06a435bec895b9a5bf4f263daabf7e9fb1f9b9d9db1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3769907e8ff510006f7203c02311054f

SHA1
3adde655707f469e6c5643445a92c70add1de518

SHA256
e6ce80651329a664abe2c1c0a98def2f3b957bf877c37e1455d280b92c39e012

SHA512
2a93395f50e2d13ac8853aecfc557a2d5c0b79743f684352f7d9aae9c9e7d398dbb7913edeee0abad06a55996d9b4c524cbfda3cad29106df6cf71a26dffd405

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
82e44d99480287102e419b70a8b965b6

SHA1
0bec2d29f1de33aca3ccde0e178ac0ac5c78a4bb

SHA256
80045bae200216b93e9506d43a2b3d97799657baea412e6c4fe5828c882e0d12

SHA512
a146d7e97e6f1bcbb15cef6808fca41be489955a3429a2cccc52d4731ea3bce37300e2e4265d5c900b58e1fd47c6aaaa6c7d9daf18823e0e9efcbb0b8c9a40fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA9F6.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAAB7.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit