fa252cd2d27d733ceb51071e7f56fe628cabd2e4ea4e6f7425c77b9644094be4

Analysis

max time kernel
140s
max time network
141s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 05:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3884dbae78158e615d996451b9f1a2d0_JaffaCakes118.html
Size

8KB
MD5

3884dbae78158e615d996451b9f1a2d0
SHA1

eacf3ba207d42154f0828f35a2cd109b5fc7d600
SHA256

fa252cd2d27d733ceb51071e7f56fe628cabd2e4ea4e6f7425c77b9644094be4
SHA512

188ee0ddd6f6c466a185ba6b60a43c61807318a1285e62a8e3cbcf6a2442115e49248f3992524174e5d58d2a98b92edf269eabc61f9eebafe6724903444e5f16
SSDEEP

192:+nP10P8QqH9Hj4KYHVHAYwKHCkY+7WwCQzG4+kNJBEBruP:+PzQqH9Hj4KYHVHAYwKHJYUW3Qi4+huP

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 41 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421654053"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d07a4d682ea4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b00000000020000000000106600000001000020000000b36b956e81d2bf563a049ffcb3a5d4c99b0f22dae48fc46a55416986fe1c4322000000000e8000000002000020000000e6a3613733d04f998f93f88d745c9e95d25dd0bb57d649f26bacf80375d9908020000000fda9a222cf3e2dd6c90f53af118e51984c47d04e5032354d5a876264d18428d0400000000d31f3cfaa249122d44ae1e1d53d647539a283b006c20d4964b22bb37efd8836426392d8b2ea00a90311d6a4b8a29e9f1b66e0b30206b6d22ef3b27c95b3350b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b000000000200000000001066000000010000200000004e664dbfdd3dd6a0b68ec57e28b62521b6415044874f7004e70261789ecc121e000000000e800000000200002000000083a957aa567b2d3ae08ae408cce37df97f5a135f656ba7c9137ea7be8fbe4343900000007b3f7bb5ceb9781cefe201be8d0ede5298ab34681ef68409bf9807a291a47698f8b97cb2ce3b3dcadfc459dd6e158e8f6cd77ec628e7af124483a74869126625cd506d426322775e579ff07bdc865fb461ca0aff632753fd81309f7f52255155988acfa2dba46ba0e6f371f89e0aa38bb3644dc621b5dfde11ce2910c68bb7b1b07c231661f0c41611b6b423a2d9418b40000000ae4e958fb823be24146407214b369086f929cd04fe60e86eab1df8c7cc308f2b4e09a0161b9760d016629d40a3d39feabbaffb0f354c68ae761c047bd0d494e9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{934952E1-1021-11EF-9B88-D6B84878A518} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
788	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
788	iexplore.exe
788	iexplore.exe
2272	IEXPLORE.EXE
2272	IEXPLORE.EXE
2272	IEXPLORE.EXE
2272	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 788 wrote to memory of 2272	788	iexplore.exe	28
PID 788 wrote to memory of 2272	788	iexplore.exe	28
PID 788 wrote to memory of 2272	788	iexplore.exe	28
PID 788 wrote to memory of 2272	788	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3884dbae78158e615d996451b9f1a2d0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:788
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:788 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2272

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8a6fdb33c876b3bbd01057f839af8958

SHA1
fc84065f9eedfb5dde736ca204c375008deaa55d

SHA256
f0662e5d6cdd7ae764c1b3b21cabb0b77a74b02cb132d98ef3bbd02c5ae95b2b

SHA512
2100a82bb068a4c9facf36d756e118ab890d4ed0a18e81a7ee543407b7483efe943d311c6bef088d2dea73b01182edf4252c4666994cc73741c06a530d5eeb8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5fa7fb0223a4f5ce1e02cf62f64f433f

SHA1
aa232bd0ccc71a332f0453cef4e9500ec7000e9e

SHA256
1910764bd856cc4e8113a407f1a4904b7331d8c79dfd6e8cfa94ecddec4e289a

SHA512
842f0686053da79c662c41a030ccad8476012e231487668267ff0418a61cf134da9c96c89d2a3aa3a0bb5313fbc7092b1f3f3ac42cb778a302d69e3c7087829b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8123fd9ace184f0bee88e0905abbe8b1

SHA1
70151378f699f7c4ef15a792a2aa1257e4a0344e

SHA256
1d0f066e7367014b69d54ee63df75c349190b24384b1bfabbfd5e06003c1aff1

SHA512
f45b2237c338c8cc45d993fe0c964df717c38b79f9e7dee6e8400b495b81bf1c3a72c02b591aefb655987c64bae11dafba7a0f971055d733b0db4d9d25d2c14a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4bf5f78c5b8237f5306b4144c6cfe61a

SHA1
9cd7e42e77d8ca3ae42bb7676e53963b9ecb8fec

SHA256
c339a036ee3cd73f3c08b61ed848c30c06d09f4567edbcb3809f5497c29e4dab

SHA512
464d1e1f14c2a230bc73b7458ed74db690eb7080aee3a1a52f38a3f71f1b9022457ef13b726198e037acb724eba6376d2b99c1393e744b5dff6a789787f299a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a7305e2f6dc28061c7aa70a49d90a938

SHA1
428ecc6c6dcda861fcf7b3a372e9525b1ceab619

SHA256
d1cc8624d0d28854baf9a9a0f5258874aca7134752a1c5622e737d62c42128a7

SHA512
7e67a09ff32305104203cb98125e0c570ca792edec891ceed89f3fceea6706b15445546bdd61d10ce62c9e9149a14460c9e7f02ddccc830b2102baa24b95e8a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
61583e59deb7ca16b8269a06ec82e69b

SHA1
bc54d86d2eea6067e5eb0235e2c9c07718dcc968

SHA256
318e784c2f8b5931c1d96254655f91bb40d968b2ee09e008b64ad31a253423a6

SHA512
40165504346f9064244fcd10a6c0e16804bc742c38dc6429d060b6f45d81d6ff22f03ed1b54c0d85e401948350c0326063296cb986e204fa6fe625e3e049c051

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
101eb0c991955ea2caf03b1a8dc8a69c

SHA1
58e03c1f5d3c7a80485b01708d9844283465d4d8

SHA256
0529a561e9c27adb0ec436e7b6add07344b914ff2d21a3bf062e8a423713de4f

SHA512
6d6e36c5424140cc0a6f14aba260ff4046935df56247149a07ab83fc1fa0e2f7765b1d726c0e6115e493d39348bc82b335e198231563d5e0e7927632e84837a0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
649c2650466d36ba50424c11ae8753e2

SHA1
28848a076efe09110189568ba83a48e7d5cbc441

SHA256
93b0baa0fbfa0f3d2c91fde2fd09414463b5de627da6c3b214a2d58eae178ab6

SHA512
1d5cbf2f7ed997626a1b97da9824d06bab880103220cb387925c853da74db86e3f12c1dad6bd4b5d32067bfe60aa0534e4c9e7d654fc1a70e0e95f6ada6e621a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cf769fb9525e3e75e96f0c609d73b2e2

SHA1
c1546d2c67df7dbea1f6798d75b3deb5c4ecc1d7

SHA256
5bf069eeb2866cebc0d2f828844813f52ef7e59e127524afc8a308d97227ec93

SHA512
e1c6ed00b79d379e51593aa93fa44ce3a22265f1aa54df8045564b115e4fc37ba0871f4aeab693902de18c8c3111daa2dde77b9fdf9cb6cdebd665f737d814f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7704c56c8c1a066634cc5df38bc554f3

SHA1
1fec16b8bbc503a4b87c0e1e01e8a7ae1cb15f07

SHA256
52e3d07a31680f745a5ff79e4b8a3afaa2239621eadd9a54010b43012db62185

SHA512
bd9f597e1b2599e9131a4b96fa706d78ad65f027604291e2c77537d8062e20da0d137d36895d0f215bc5d56c88f20a194e51ae49b0b84daca9f3542d8a6618dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
16d40f4af7bb045d58aa6282681c084c

SHA1
be3fa818b22d43cb4ae3b14923ad4a733b4dcd66

SHA256
31cc412ce6571577ed0ed517792f4e680a83915af6be54c24fefbec6c5061bf6

SHA512
b6491449e5397f1d48776eba099b933ec12a9bbbe18a24dbaf8dad4e182e785445a84286a18c464f5f2368662c7efbda44066e2c0ec11bdb4e7f1ab765a11b4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7b3bc0c86e906c68695e15da7bde5dee

SHA1
5d70abe4f750353090c7ceed6110c555f70cc1d1

SHA256
c7b498a923a6d90c71e902af41d557e7abd735ba5cab6406bddc919302e46ad1

SHA512
d713e3621b148cea1262a6ee9d6857837d17b4c13b8aa498be4c178038eb210d495519d80e0b0a8fa339982b5711cc8d2e36de4872314531cc2476da3194660a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
25fce2e30f2429d138369a2785d06b55

SHA1
fd8a98d1920d27dd1a7041c870a6b6ff025882f6

SHA256
53a73fc0478378169565c19d9a7aeab55425c8d0b3cbc2ecd3b4462e0293d622

SHA512
711ca2ffcc00b160c2a3b6ac6219e2d39f05d98dd9810a268d79617e468d955ec2631a470ac0d1c98495b4b396726340a535fe685d3f3c7c63a5284ec0fa5588

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5617192a6e01d32cd389745ee82446eb

SHA1
213bdd2925e33db837ec63e3d5e4e3dd39066797

SHA256
70789e739665662630112b25178e81bfb57b632d9fd99b53f890d74ec577f4d0

SHA512
ac221427ced5798627dfdaa1341e879aa5d6b4df87d498c472112d76eeadc114fc96bdb992829f96ffcab979359b52e113034250e3aee97f2a6abc044a5d594b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
55988ac064e3c830f7a4715604543ce2

SHA1
1693f7ade108447e84ac776152962915a4b6d19b

SHA256
a9217d7cce087c832099e8798ddde4acd47f4b6d524446f599a657b50edda41a

SHA512
2f0a295df86db6eb15454f6e0909944c7fe265d3f55b086e60942c3e4c7a75fa75b262639570b899ce9e4f482eeb3a2a9049036f3ade1aeedcb64cfcdecd60ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1dac598f2219f27608cab274a87be9e3

SHA1
d9ac990a0cf86d6d6cbf8b5cdc1543f4fd3e4cd1

SHA256
114547f5b36f557d26fae0e6606897f52fc485c3b30e5b8bd10403dc2078d554

SHA512
4c4ca0c8a20da0cf11ac904bce8f4e657cbea6c7e17b645875108d416150515b93ed8e1e683d9fbb6264919a47279e723b1a815168128f1497cebfe87114ebb4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab41B5.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar41B6.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit