67169383da1c7a5ee577cf6b86e95b2e2ace1cd3e44211bb9e3b01a3c03ab50a

Analysis

max time kernel
121s
max time network
148s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18-04-2024 13:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f80da6fbc654e3b4338dc7ff705e59c0_JaffaCakes118.html
Size

24KB
MD5

f80da6fbc654e3b4338dc7ff705e59c0
SHA1

20a67e8df68e0d9fb128893a69fbe62b2da8262b
SHA256

67169383da1c7a5ee577cf6b86e95b2e2ace1cd3e44211bb9e3b01a3c03ab50a
SHA512

7cb5a4cbc08151bcb1bf2b0bbd333f6127557960758e8c1bfb46d46d3b057a839d7f0b154cb9f49a76ed6f68b563ba2c5517c7993faadd579a0b61e43776cdba
SSDEEP

192:uwTxb5n8P+enQjxn5Q/OnQie9Nn9eInQOkEnt6EnQTbntnQAGLnLnQtNqMBdqnYN:5Q/jQGCB

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 41 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e000000000200000000001066000000010000200000001bf52fcbb5e79092926ac559f35e253a0e38b5aa37638ff8e9dd0223c9989b61000000000e8000000002000020000000273ceb5e398407c7074b03dcfe01c88ae38266f70042d65e382d441dc13af2ca20000000047e8af09ca1b3993407a9c7b473c44bcfbbd5640e6121a85f6c89b82b0968fa4000000033663acdaf3ee443a5c2356cbc192cee5b86ddcfdfe53dbd8dc4a1d568e018092c621c1fee4bfeff52c6d3cce9630b77cdb9c54c34dc851015a96ac928e7039b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e0000000002000000000010660000000100002000000080f96a225899855d8f8a487701d9a46f61e7f425b26b19de7e1055d533452b09000000000e80000000020000200000000a26b3f2be69b04dbb0d8a1d53085e3c1ff000e297d1c5bce8404d49bf9c6cbf90000000ea0da4d657acd443ba5f320232bf9cdb4f00a24c97be74897d43a678a83254665125236be16f505a5972642872d5807cd7b4de68c70968215a78e238be48f4b314cb8b6841590e726e69b8d8772bbd99dab4ea42b216a753bbab682feace94398ef525ac71ccbf4d8dbdbc29ca650ee46df08273414f3bafdab07889af825e5d98685cd75c6e26cb3344a9cd5e033c8640000000a22d0f1a415c6d90081f1433bfb4581119a4667b0a4195a81d7d5268dd9176268c5bb12acb18b8e3e0642000ef4a90b67d5dcd0b4138e9b4464ba6dd514f7bfe	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "419607399"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{542ACE91-FD84-11EE-80D9-D2EFD46A7D0E} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 5044292f9191da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1612	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1612	iexplore.exe
1612	iexplore.exe
2676	IEXPLORE.EXE
2676	IEXPLORE.EXE
2676	IEXPLORE.EXE
2676	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1612 wrote to memory of 2676	1612	iexplore.exe	28
PID 1612 wrote to memory of 2676	1612	iexplore.exe	28
PID 1612 wrote to memory of 2676	1612	iexplore.exe	28
PID 1612 wrote to memory of 2676	1612	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f80da6fbc654e3b4338dc7ff705e59c0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1612
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1612 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2676

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0cfde338d15555ecbe37cee059a43126

SHA1
a7d7b33183dfb5b17e5f11d1cc953e9c67b4c29f

SHA256
acf3891872591e1142042ea27f71f8f4ad5a6df058f37a8f0ccf952997b52b63

SHA512
b0ecb9edc8ed4125fafcf6220243e62ee883314eed7ce84b58f449a3ed015be37fe7c5eb901ef6c78c24282288eb82bceea17a97edd4b85578cdbee054158490

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7e0a4d5cae1e6629cb0357ef2d0b701c

SHA1
2b15966c40d028d68847f8517dc4880d91ccfaec

SHA256
b0361a280b9323678d644dd4e5b367fd0c2c7f14f39561a862a9d3aa4fe82a76

SHA512
a4055de421d150fbab85ae9e23dc39e9853c00b9dd5880c58bea649e8377a38a7d3f5a2202c43ef791e6381de3bc952f57da75aa66ac7c721219f5fbba3ed482

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
007e701b568edbd4f832cafb97c4f0af

SHA1
e18635f0632e93cc089a8495bf22e9b00287f137

SHA256
983d73459b82f4dea44baca1ad6adf6ea803f3a7b16ff3d25798d95a632bc2c0

SHA512
32da7edd45c5f87f144b3d9b4ea9bf0227c2d2164bd93a66b91aa72e765469a4f59ac2d4ed3b7aae98d8da3588291eb0793d33f9b9cdecc5eaae051ff7b1f69f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bdbfeaaf08f3229b5126649b00c444e3

SHA1
e7c8c3e602a6e35fde213dea64bad68380a96f68

SHA256
a4da9b81de8173b4c2ff67e33f856efaa105a3657b745d5cbcee149ac3e46d02

SHA512
f8d40f1da1f7827c5db51fbd446eab2a77ce8ab9c71ab700a2fc6eba2d46f63b208842886ae08f5c78c91de85623b4cbfe1b6a5fd157f3325a781611271b08f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80acd8d950d9ec36f632c4f1a8b9ece5

SHA1
a7e7810c6621a530d1190d0e0d20384207d1e836

SHA256
866db94f64dc68a3d087b6474c7c6b1731a0842dc8dbce722866b3f13ca5f9ba

SHA512
1c3a6e1beabf5f422a4f206ce2bc9b22f1653b49317acf4bdaf98995f0cf1bdc9b4738f723521c8f0d6fc8e57d0a864607cbfd3b16e1dc7d69ceb57bd75b4ed7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6849f2f623ef9edf3f7fd68b24ef327d

SHA1
30373648e4ef73ef7d3bce07b903131ede05676b

SHA256
12188c150a6afd13e54a8cc373ba38d9814537226136d0278df9336945015796

SHA512
1bb480e2c153adf95e1a397be7279d3eae0fbddf4d48fa8172884ab99fbf70562ac8d019553847a7d1e852b4aacaeeb18d09282e9bab3f5f83bc586ef25d576b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1d65e3531e45d0a056e6329f0bcd43db

SHA1
cb0fdc57dd2c0c80aaa735b708853371f94b462f

SHA256
201edefe61df0ca661d88623647c303fcedf740656bf3e426744bfc138c898be

SHA512
eecf7a1b236e91d7632fe661b0a420c400e752043229bb09e873cc23397034d4f608f9256fde34c2d25ce000de9642eca690d0247c5bde658d218023058cf243

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
79a2f343d6f4eaa16988f6385d4c4957

SHA1
4a40bce87a1de6ddb9ed546081b540cdab9a031a

SHA256
68979c7aa12d95760d10a0547ca77e5074d13a2d6d2c978a784e508535a4dbd1

SHA512
f26552dec72085ab8320d2d67197f0fd428cab191a1a7a3464e2041e0439f2bac33283f6485a835be4553a237f245df170914f00e32cac4578a3281dc499f46c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9610edc806d6b715f56c97c99e7cfb27

SHA1
4e327e46447afff691e69311ce36ce0df8f0a262

SHA256
e364efc90f62748f5a1705e256dcdb1390814d8a5775e37820dd56f8d196a1af

SHA512
cc4f7e288b825d787caa8bbc904eeb7dd31818817f9104be3db154529db6bc2581bab94e29636d86836fcf9dbe334bb488d7e103419e696c138f648ae229afe5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
11184a8bdcee9f57ebe1a0361d108e50

SHA1
1d730a7e1bf3de2d1419a87db2a37d66e52cd376

SHA256
01d2d40279b80b5b2a036ad0d6046d46efe277401edc676e05f4634872c76c8c

SHA512
49aa312f08750288463d1a4a73de68a89c5f870c9613620d7d9f5e7d91fdcc79cb111530f5cb20b5e5951e5747144335624f70b5504b5b55f875159642b623cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5720742665fc9182cecbcb3c8b10a07f

SHA1
1d444d28006cc1c5632b863f4968fc23f6106e25

SHA256
c04aecd7b6e4f491142124b5a9fe45cd3d8c9e7c18d25c3d21d6042cae849810

SHA512
c7e3a8b2a359372ce823f6056b3fada25caf5da82ccc28701b9deea45c64724ff0da23e4dcd74f733c6109213dd55331dd86ed3d6a8a15d04f4e564429de4709

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7119dca79121c232e1708e1317005443

SHA1
72799b3ff96d9ab90baa499dff168cf6acf31c30

SHA256
004b3a1345ac744c23e948a47d8f2723f083af243a0ccdc25438d4d6f070fcb9

SHA512
cbbcad89ae7d01ec711db23b849b6258a942d19b9a8284086e9de9a8550224740a938eba279b547321f47073d93fde35db7afdc09f9f573ee98bfebde3d48e9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e41f4c1415f53f91cbf8c639e10dbe25

SHA1
b914d4b3bef747b2ffc5311af97f17ace16ebedb

SHA256
e87030f7f75ee754e703b5757203627f42ae4c3c0f98a96c369c57770c7d4d53

SHA512
3dd315247ed68e5bee248fb6897fff44e4f0b857daa0cb04de67a77168dca6df55f3cee2cf106dfda706a8b4d35be427052aa77f109e135f6d46ea64563965c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ba6f37feee24da5079505eaabcd74e50

SHA1
c09669ee68d7154f200218c3d4312cef9343b3a0

SHA256
458dbfb9473bd49e584c1eaf9de29c5852a1d851e4f2e222c9776cc0f535e3b7

SHA512
b051995e11bbdaaec07a4eef7a422221db6ee78a0493f2bbf40c0c465e0640f500bd30602aa07248cc8fec45c44ff30aa433a83e5b175f9d2062680e6415d1e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
87232cff89e2c2be3519c5b0d0f55f56

SHA1
89e79e7ff32f9c0ef33f52fa1c00b1ff9c99ac23

SHA256
d8cc4cd518d8e80697890d0681204fadd2e5e61526cff61a74dd5b9bbbf25fce

SHA512
3e675ce414ce58f4637a58ce6460ce6f9f44263ed22f7568df3c4ad74bb763875d6da43600bc43b39d6df7f26a8fddd8f90e77a9bf60d5ada6a18b8ef04b411c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c7ac24961b38b94aa3771fe741f17191

SHA1
95ecb36393f45f06643e09f0443b50cd8ac37151

SHA256
4e331170ec5f2fc8a029f84a8df3e62e3107062580072f720f0489c522b6fe3f

SHA512
482573975ad5d829651832f52ec008e2a3a4a13bbac916737cd1cf3caa192889218addb0a9d1161863581088fa7f28e9e215b166ecb1134f59026bd3c1826112

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA03A.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA04D.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit