9d1052f8efbc8961555a8c85c1b011d315fea6f9b73bfd20de53d0cd66faeb8d

Analysis

max time kernel
134s
max time network
131s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/10/2024, 09:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ef50245f598ab3a20ebc4e43db2d1bd_JaffaCakes118.html
Size

24KB
MD5

2ef50245f598ab3a20ebc4e43db2d1bd
SHA1

868ecfbad4134c6bd3f3f43313bc6558d8baba34
SHA256

9d1052f8efbc8961555a8c85c1b011d315fea6f9b73bfd20de53d0cd66faeb8d
SHA512

042f9fc6c32f5a50db969283db8799c4224e6fd7a1573a0c3e2d605b11f5985c270584e4b633a64a7506d1b49251fa6ff795dcd6dca3db3b288322f4d3773764
SSDEEP

192:SIX+5lLFuxq8/4/POVbWVBnkqyEQW8uwYY1dAKRdECINPyN0DCCINPyNQnCINPyc:SIXALR/WES0w/zAVB1NaJWptZg

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CF08CD51-868D-11EF-A27C-4A174794FC88} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70da1ea59a1adb01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000078a0cc6b0b830b4fbbc12dd3fac6f54200000000020000000000106600000001000020000000917524a487ade11aae3a932d7b7a99d37d4ed25dd9b0d20ed7aeb2a49c28f4ad000000000e80000000020000200000009aedcc96c3856a664e03da0fd413aeeb758471b628b58f0b0be135e25bbde54a90000000ca7d316e9989bdd43d4cdc1269c2b93b94cda947ba5c919ef73c3cf4a7f0743fe9cbbca5dcb8446d20a78cb26c5c2b9f8f4e47c84cab30006d27aac1a08e8f7253032b97b4888b247d7732284d3de65c2a6064eb7f3548bc38dc8e430baa32b05593be501a0325215ebd350547f52e05fcf8d6d83af2b4eda009414c3d17074a3928d2894771cb7cd89d1571cbb6e6c04000000082a1339857ed322290738fc23a71417141fa96ea4ec37143d3eb77187f50f51f0498cf982f94a90c79ff746e37a8aafc56d9d47da100db561f50407fac275add	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000078a0cc6b0b830b4fbbc12dd3fac6f54200000000020000000000106600000001000020000000fa99b3cd6b96865a28549c766381a47a6ce867c5dec40fb9297c20397410038b000000000e8000000002000020000000c1ec495a86b36e9bafeb088cfb687b55679b5c7a0e7a76c903e176a123c8f0b92000000062de32828b0afa697ab1018ee148821c2419899e9190fea5bf465daa2478b9e9400000007c55dcddd46db5a595e96c57e922131310f6a3afa11b4f905caa4bb677c7c3af6b1a18197a23220c708b391e52cc5d8bfa241ed9ef71ff0b3a66c56b66931166	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434674777"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1488793075-819845221-1497111674-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1732	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1732	iexplore.exe
1732	iexplore.exe
3048	IEXPLORE.EXE
3048	IEXPLORE.EXE
3048	IEXPLORE.EXE
3048	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1732 wrote to memory of 3048	1732	iexplore.exe	30
PID 1732 wrote to memory of 3048	1732	iexplore.exe	30
PID 1732 wrote to memory of 3048	1732	iexplore.exe	30
PID 1732 wrote to memory of 3048	1732	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ef50245f598ab3a20ebc4e43db2d1bd_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1732
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3048

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c7cd33c3350f8f9f2af01b7ab1a98a2

SHA1
796d6154b87be51e7fd0005891f82ad78a1a3a9c

SHA256
9af923cf022ff9148717b2a44e3154a7f8605f476748aa0065c9ea5dcb80bac2

SHA512
8951b19840c8b1d9a669e5311df1a05aaead5c46841a352250036883da6358c26f2b68a3e49e63e47af94691b1dcadf02c625a445472ae7cda62832f4acd7897

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
95382ede042d02ec80e52d79c482a57b

SHA1
b4346a2a133e9fc19367127a1d3254f29745c79c

SHA256
6727343fe85e55a0f06b6ceb82652bd3081cf8bde0a9c49535b2c16a914a65b6

SHA512
8cbbafa1284b2570e3ae542a18851f62311b1d320c1bb57ea2fea708b9f20b6d69728f63ca8df27b6eab17e317c4282481edc0a3b45c3d330eceb559f135465c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
00ad2fc9c8524cde70689950af0132c2

SHA1
5c6b03f4aada5182db8839349c10f9d7add50225

SHA256
cfd040d7a550faf4104d07426625843c16b704715da59e73a5895ff3da39a61c

SHA512
be1e052efcf6845541a627f6f4769b90a1784b9810566f00d48c10876b90cb7b42fe465b5574f48a9a435849cffdf8a52cee3eb3cf6ff402a58182d9dcfe2dd3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
298f1de96732b619e3421922f938bb5d

SHA1
f6ad1cb781ee76bd7c528441c7c34eb9d80f89d0

SHA256
73af5972bb8d382068f0f1a80637357792d768fd0887c2df11f6daf9b932e14f

SHA512
6bfed085cb4d3e07da94cf47941e83e17e81eb02647ee3cded1e1521d708cff455f9200fa0323a808562dae764d05c4ff99e105f7fc4a28d97af602343d655a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a239b27eafb9667fdd1a2ef8f7f3daea

SHA1
ae0ba28639765e47e016185b5ba062d54afbd360

SHA256
f1bb11b7bfe06a1db87c9d427878ad6cf134ea388a2da6e553e0c964bb6cf781

SHA512
df32e79bd5a549b4a57b6721a66f93171a3e9565e22a49f5045c229a84dab776e2beba72d2979ee4e25a319f7f7bce081d2623f068927473dbc8fa400c0e8862

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5035f045ef7662668cf01e18bceb0c5d

SHA1
bcbdb5dbf19526da049df481a6713a659e309ee4

SHA256
6c9247a505d8abe57aa1f5dbecdd496de80cef7e7ef1a287459dd67c669ade23

SHA512
e351321a1c36b5ff09952d6ac0328e7aebc8c556d932da1b4ba736df35ecaeb659747838f9678d97e528ca851328c5c401a51776003e001ca0e5fac3a0c33723

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b6d213fbee7b9bf345d7a9845422630e

SHA1
c84b9f3748eb1364a591275e87df9c43f463cda9

SHA256
ffabb86dfb6c0fcce560f74908b869b31b70cb4c8e97d5fe590563401d679381

SHA512
efa99bd80d4a8c069d26a132369ca8c32755072a98f089b8d613a267209f2480d8a24543861e5f21579a28bb19bfa4c275d0249609ca6984c2894f96343ed283

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87093b3ce37673498cd291f2070c6130

SHA1
550a54065ecda245cc89c9c85364b693fe0673e3

SHA256
37a95a9ffe0be88daa4e21c5bf94270233b20a1a1c93a0389b21624e01273f07

SHA512
26a92655dc0362629c9aba51489d7162744f6f14aea73f6dcf7d53f6406e15e81d717afd3c7f90b146bc09f6590075ecf43eae40a5582fe86f4f404fc39c046b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad2e85bdc9f895a6fb7c608f3cc93fe7

SHA1
352d7028985fe5e3508866a40907bab6cc01c24d

SHA256
ea78530f389d95a3441c872a9d78074caf87a190514ac0b64a76e18329fb50a3

SHA512
a566038864815ce69e569c76a46aa40898a488bf36c0ba11fc3b0737340402e31bc1553591731eeba9441002502d0872f88c9faf3227ffff1bca879b146aa817

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
62b391a4d40f2575d66a9cabc169788d

SHA1
87606f911ebdb9fbaf677c32ae456e5ad4107e5c

SHA256
f7633528d79973d979138c0a6f060e4d7e777e522946225f77ea11ace1598d67

SHA512
3be0387143ee7c46e8c0ec958d8422f22f700d91537a070ff464f019959d4ed9fdddf3d84178d3d8a690f67839f4602daf5475848632fb5f3334755bf686eaf3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
886efefd1b999da77da7e6d9f3ed10af

SHA1
6f9b7f664c0a4cc2fb78e9a3bccd9f48a17e2458

SHA256
eded79f74eb11c1c2aef0b4482e8c5d8473539356a2b90ae575c13d0d3d81ad9

SHA512
73585c183ad9b799e3a242befaf5bb4d1a1aab809a1e169cc241465c7b79c51d7ecfa3a42f54aef2f56370e881a180e8a123911a35d08ec67e3a98474561a031

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7e70144fb0b99a6b22a1ddeb0c59ef01

SHA1
58c8162e6047a136eeacf4bfea1c3023607493c2

SHA256
c71833c2951d2cd1db9801f73624b1cb89fbd64971dbab7b23b8f90c3f9f9aa0

SHA512
500c0ddce1dcfa66d1264dc504cf94e412b8d6b834bb0a57f7a8a95dc68648ee79c4e9bfa113b623b97e87d38ad4c2c298911306c4a9182fb0b36480ba1d8e19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a1dcf27b1a1dea3dc87fbb781c465e3d

SHA1
f1068378edc53c477223b78b7b7ee468294e583b

SHA256
a669c4811df78447fccc1211207fe13c0ed02f01a79b75c09e02bb4e35fcf189

SHA512
2bca506abd4bd698e039bcedeb3e2217c2b83f9fb5aadcb2c2c6347da0babe71f56563a7e15e681182989f295027b80c0a4b152c7cab0875a43247d4238e6890

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9390b99ecee4b0941be9ca97a22dfb20

SHA1
80d321ee2228a587dcdb35ccf5dc0fc97736838b

SHA256
75a9aab51fc59557c7867d65097b15b40c02b2ae6e9694861b86aea219a74ccb

SHA512
f9c234e42b51d7e1b5e73f3034894c33fc003dc001a8e3304d81d90483462cd0f107e09a834d1aa6f78c7ace72c8af6d9e5a961c8a222c09f203a95c2cb4ab3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e858dd36396820ab84cbd113cf4eaa3

SHA1
337d3c0634b874cfa21ad2284e73e97cbd40c51c

SHA256
b970d360b7e18adc78d1b80c918acc1d242a436aed4f7666d43ca42e0effe2bb

SHA512
52d8f4035ba8403c00fe7f268524d7ac9c415d7c705c170ab70db12a6fd777210e36f1d8202429cb7f5771b212d9f3b53d48cd5047a1bd387c269884f8f137c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af9a450570cc099249b7e7163d102dee

SHA1
372ffbee4cb1a447784a6a92d3dbc78ec6ea34ee

SHA256
f31ab906aedd8037f0b10bcece159b1babaa809228b1c1321db51bf05157618d

SHA512
d7518df3a6cfdcff7e4f12afb277a35a23689685dd726b1c70e0d271d2d41b7fa733b2b541d0306771a35e539ece34e736bfaaa80b19778dded7ef1c3022e846

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ea560f3795e079e6a6e34a8a0269194

SHA1
f5441720df69cf224a323a867c09aa0f2c05dbab

SHA256
440e2fed90ff4fcb975a221288629a6f0601afb244c32981583aaa73a8dcee2b

SHA512
f06c2001bf5ffa61a16ac14740a231512ae5c250fa1ca5e9526b84911af1edb857a1ca25ef588cfb1056b54afa812cb6f05bcfd24cc5bf7638b7bc3506f87d3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD0B8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD12A.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit