d967171b28df5436652bd8d312866138c8fbc94e012e02085f2f794ff9ecb418

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
04/10/2024, 18:35

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

147e05070f6941c45ac52cf30c6a5053_JaffaCakes118.html
Size

7KB
MD5

147e05070f6941c45ac52cf30c6a5053
SHA1

bfa1d5aa23c2122dcc1af8a105fcae09733e8459
SHA256

d967171b28df5436652bd8d312866138c8fbc94e012e02085f2f794ff9ecb418
SHA512

a7b0a597301a6f4fdda6450f62efa4c3a215a27204c465e9479831617f7931a2a23af31b804377faa332c6ac1826d978c5f2a015595b13110796def426868149
SSDEEP

48:ImMq1Up8vmbBsrgAiEgVr+CflxYOZAyNGWBXtz44xt5YWDrWN8awQyj/tmxhi5Mw:SIQf9NBXYwoDwVjdCqM1dRQcRC

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{60502001-827F-11EF-A1D0-5EE01BAFE073} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 900779388c16db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434228775"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000051093219335f0884ac2a3877f68e42fea3cb736710797581f08b1abe6dea48c8000000000e800000000200002000000006cd808ee3219101d5fd36fcecf4569677443d72c2bde454e317916124f928eb20000000933e22c03c34e98e8ad3b07e5ccfb8fd3c62fe8971267cfae961e4bbcee1c4fc40000000440e4aaacb3af473ee3780d6122e1edd508ed115b9195d63089604600db9eb4e4e461e81c3bde711ffc8aeb14b9c5023af82a39b55c74b5e6402349a00cab4c4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000002cbb2c9bb38a2e7f557473249ea95ce5482a30ab2dfbed116301f40ef015fb7000000000e8000000002000020000000cb42a1891ab9cb6d97aa1704d7bf5660b84ccf5508fcc5cf9d376e87ecf0f1b39000000055a5fb6cab81674c8aee24aca1cd7978fa4365d5545e3f4c3dfb293338f53407dfc90f8e9082296467840f4166d47db10683ff801e2cfb76942d80aa85757fea216de2f2ee443c6c23d0f93caef08960f5bf4d2fd4d559687fb996bbae30f473e0a4124233485ee3b8260d9cbc0fdb728f5fc9cc39eb21b2707784452b8a156e68f346f84b14f446b75f293ba7b6d23540000000704ef1d811abe9fdb4ee2ad273015f1af9ecf216d1e9558190b7a7f9c0db83f6d832e7ee0bf4df70079d240d81e32c3712315114977ad805cf503ed4dd8806fe	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2700	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2700	iexplore.exe
2700	iexplore.exe
2616	IEXPLORE.EXE
2616	IEXPLORE.EXE
2616	IEXPLORE.EXE
2616	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2700 wrote to memory of 2616	2700	iexplore.exe	30
PID 2700 wrote to memory of 2616	2700	iexplore.exe	30
PID 2700 wrote to memory of 2616	2700	iexplore.exe	30
PID 2700 wrote to memory of 2616	2700	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\147e05070f6941c45ac52cf30c6a5053_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2700
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a59e416a0bb42e79821523dc59794b6

SHA1
9e59f54a047ad466dcdb2c804db8807cb16705d6

SHA256
ea13bfb79435dbf0b0503ed41679a5decfc8b4d019d978644e4e94c9997dba56

SHA512
db79556ad316d25d3a3a6feebc192441d512149c98b7268ce7217561ebe89ce34ca92f2751f4c5a42b0398b01cf0875a8b63e5d50182fbd4910246abdcdd3f20

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a87d6136a65a3517c8ffaaa3722704e2

SHA1
7a6f120d1d501b77772721e5fc87b0b4b1a717f4

SHA256
9cd42b99cea98188a53ccaffe39ee8c9efeb836e98f8aa6526e25bb446be491b

SHA512
275fd3fc63ea1a1924889d6290f91f0233879fac5fb0d353f919ce637860f8e890cfbee7a017795808c3f4ae749c9005e8394389dcb87395516f97fde3b634b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c653e506b3913ff44500353d7830ec1f

SHA1
f9840dfd671ce429c07b6f25f8972b39544fcd66

SHA256
dbcc682a0c6d116bdded2b9641d6d49b345a5f058be2a1aea341f4208ea19b64

SHA512
29fb732a25bcb4aca0d58aee37054e2ac5c6f815a32352184221c60b0bed05fc53ce1bf7aed8b8c88c411a223e8511b9a4d4f0a626412752e0762399d8eeeb28

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eb4d5acc7a87589238f54df688199247

SHA1
4590f06b1d6a70141d6450738d7f62f9e4c6b061

SHA256
523b4b1013fda4d1a840203f0a877af52b0922bd1489bc2ab9c8de7d6005ece0

SHA512
2f3c9ec6d35f1e6e85452a30357cbd2a387b807fc880a7f87011747cc9c7f7ceccd97be0d0096ca75fddbbdac74b450c700d8a9b24313b7a30d62ba5ef60a681

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
466a0681e11513f9ec1129aefb4204bb

SHA1
e2a9d68175507e201cabc8b1ff34676a97cce7da

SHA256
74f23e5b1d1280b65a6dec117bc57fd4853c7eab0815a0786b9a32be9ea54ea4

SHA512
5f01783d5dbc9b9dce2f0b89fe5eba60ab1ff64eae2dd243ff84b003ba38646ff72818cc499df3693b4795935481f8402e989f4b4793dc5aea75edef783c1f02

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b7eee6828d3107f793033bd94aeda3aa

SHA1
cee473ab810e276f54f19f215b1675bad6335535

SHA256
f89e88ada639b415c138630451d00faeba1e91a4f932be585969e89b970700ac

SHA512
9286ab68c511bb91f3699b08d2e755417a5e0617b112f6f197aff3581ab928276d2c6ddec4495427c680894f82e41d8bfe1b2369ee4d39d9d14b4a9675b656e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6c8c24c20fe7aaad93de8201d125d7b

SHA1
cd09e740106d10fba2fc427b822ad4ae4f622261

SHA256
800ef790e0c1cd1e3fd643eb6eeb470b0a06b35ccd74c3babe34f8caa7a3f716

SHA512
9516b65ed95268d39bc150485b5d944c2ebd6a60da57544879a18b42352d7b18ba99186347c1b9d461d5b4ef32af216e64945133fefc956ff51417de0b98e753

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44a6cdcc7739df6f54e2ad43b364c04d

SHA1
12a2dee8f1cd248b4d610ab21a5ecb8a851a956e

SHA256
ee96d05b7929af38f696551fcd053955812d7553209162dae275180464291bd1

SHA512
d48fa75976dac5a0c1ee9fedd3753d2245cc29ea5ece3c7b037bfddd9ee45df0f264dc56be7a1148fda2a3cb827304e7f9d74bbe3cde3bfa2e78e959a741b4de

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ed17fb0ea2da19414aa861bc86fc701d

SHA1
0c9560e5c82b5957d5f2484672a6ec8b1dc207f2

SHA256
60f34ad67e81fc40d79ac5f1cd09673e1704aad32fd6c967ac9ae3dab9e1e7d7

SHA512
31eee888ff2a91889d50ccf87b985380b398bb11a177845f6abd6ae352902bafe927366979754ba88aaffdd693aa6623fa2f9dc0e68c90dc0dead3e1ccd740ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e61fa921c2341f8e3e71da9baac45ea0

SHA1
014ae7f9482d079fe20fb8ad34972fa99bcbf7d5

SHA256
55ef2bbf4fca8bcaf62c111a64711b1d7dcc84b12851defe66af203cc25bd908

SHA512
b427f5c7f01a3579f66f03a4f531823d8cd2e3e7f5b1619fcbdd7c8785a9080ae868c49fa4b4a080832171f25242cd75348776810e671a77d210ba6cd0036c04

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01e08381f17ecd766fc167355cdd1466

SHA1
efb98c3971352b8b373d19093a13fb8ccf1a7145

SHA256
7e9bdf802e9e23c80d48985f0d8c0a006a20f873ea72ca59e75afceff39fd57e

SHA512
01c9078a78ffcb089425cd98fe91c6ef2a78c10fc96c5795eff096e72206215c2bfc813aa4fe298826435131c158078c55c6b81dde0c4151d3f8e9f305bc0c31

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4ec8e045b648a23552f2cf773e52f44

SHA1
1d7c1c771cd41a169047b18f11d7d1bbfaba61e9

SHA256
04f9e61ec49836be500db27cd289f4fc35b2085d4706e880c1c7773cf1e5f07f

SHA512
60d788d5365867c77d4f9d6e8838cd18bc40e201e9cb7f5c8a9c03947379da7069f867a19f98135290355ad49e0566dccae0fe3464d4d2b32c989d747e38e81f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd19657191be6f917a6f1dca7b8d599b

SHA1
0a19049b53dfb5e5d930d831092a03465b5cfe36

SHA256
4bf3265f3e21d02a10878ccd442a93d3ac9376ca23f3e38c2ac49c851ddd9117

SHA512
58fe0732c5b2dde09a416b05931b779e5abb50224a8df9d4bd69613e68859caf9eb1881c650e83b5dc882a857241249a94d10cb7c5e4d09e8eac453decdc7d79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0162e5819623e50b7443b1b926a30388

SHA1
bc939ce614141b7cacba8249044c2b855bf1c867

SHA256
801ea523cee895e1db80a06a13e0473f745616a7709644dea58c562617fc6cee

SHA512
9554ea3a4e81204774591d442191e19946b8123bf7615a67b27698a37d746c071bb3939a32d1b4fa420a9a7af4d3a97346ffd553b8a1d980b5c521214925aad4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
04024c626917ea29e572192364b07f07

SHA1
ce555eb0463ff421e7ef9e622eccbac0bb4ce33f

SHA256
d419ad37312faeb37b31ab8cf857ceee01bc04bedf206e1131f886c6a18070f4

SHA512
625f65cc6dbfc2dc652e7b50ccdcf3719f41cd52dd5d76e8ec94e1c834a2dcf01e6b02859cca481a6c1e106092fd01c1a915c6f2cafce37636cd1e0d09ba8a30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c13878cf23b039e116b84439fc96b67d

SHA1
c3513455c2d2a3fff1e62a632acf8af1d6a7dbab

SHA256
fbc642226a3958e729305ea168e3bf37860d0a80860adffa45bf67693e76ea72

SHA512
f6e87e056cdd66d5053bf90446f573f4d6544687ef7b694633c54f0600dab844127f52a988e531f7622bff3e85a826608b7dceea0c77f48652fc61c379800f72

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a8174be1b71bd49afc6134a3fc54eaf

SHA1
eaab2266ee27480eb23dcdf91eea30f7c4091284

SHA256
5d2400b2d15d4bab361b1eb2f00bc2880f436d39fdfdd248bf65c45e3a71b9aa

SHA512
b9a78ae279e55ba8b92f235f4cf9b9ae3d35bd8e868429102bb65ea51099de993c25e696d23a94e5547e8ea73c243f3bfe4fc9c0015bbf5dd900d75606feebe1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4C4C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4DA8.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit