4a61735bb8bd744ae539e13a0973a30caa692c1b9e9f8749a243ca7a4dff59c7

Analysis

max time kernel
149s
max time network
157s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16/05/2024, 14:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b84c18d6dd69398e854a5b3e5ef08ed_JaffaCakes118.html
Size

505KB
MD5

4b84c18d6dd69398e854a5b3e5ef08ed
SHA1

ebf75f02552dffa80d6db6fd0caef45339d39dec
SHA256

4a61735bb8bd744ae539e13a0973a30caa692c1b9e9f8749a243ca7a4dff59c7
SHA512

cb9ac5a021a3c8dbd8b024b0978df477aa3c70d54c016e64050f06c60d33af7e74b1e3a537421c578e79100b473b64af6897119a9edc19288e995d2c997d5d66
SSDEEP

3072:wd+IpBxYUV93a79zfG49PwVeL5AmPTmBcM2mqW1l:wd+IpBxn4tLTu

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B4D82D21-138F-11EF-AFF6-E61A8C993A67} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422031210"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2292	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2292	iexplore.exe
2292	iexplore.exe
2540	IEXPLORE.EXE
2540	IEXPLORE.EXE
2540	IEXPLORE.EXE
2540	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2292 wrote to memory of 2540	2292	iexplore.exe	28
PID 2292 wrote to memory of 2540	2292	iexplore.exe	28
PID 2292 wrote to memory of 2540	2292	iexplore.exe	28
PID 2292 wrote to memory of 2540	2292	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4b84c18d6dd69398e854a5b3e5ef08ed_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2292
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
aba467e1ffa28443e591c4b95eefea21

SHA1
26b259498ec38eb46ea64290fd769ba065db10b3

SHA256
9617468444e2067097a5dd44c33e03407eba1f11c9575948033f0d0adf4c5b5b

SHA512
4f21eb21e4fb1e3c543423c56a466f4d5949cb7b0fc8b051f88555828088a731b2764034aa5ef62f16cf75642fdfcee3288e84d57c9941c786cc2e5ee48791e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
84a94abad090b07072180f1d9a3ed57f

SHA1
aa35392712cfcb790b28109d23c5430f97d1fdc3

SHA256
5bf219d65454db78649a1029e063000edd16e1693a347411cd9ad230cfccf9a9

SHA512
4956c22f58b29b3e1898e0192327266c8736298867089c026e417d7b79d81d771a4009ae68422805c76413efa293cf40c7d244efb10227533258146b444cd7e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
60d81acece75a4cf0d0cb9074300741c

SHA1
b8832eb3f8e9a6499e335e3eab798f966431d9a2

SHA256
2e3d109e5f5bc4e26a8b9a05cfefb31fc9c863d8511ddc582fd62b304c6175c2

SHA512
d1dcad1a38a9aeab1d43bbe31012f511f605ca4250816e9f438748d92b0f1fd5ac69cf60698594126a27744d60abb243a0c0bb08edcf38617105b3dbe9eb0cad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3046f345f590e4def073a7890c69b8ea

SHA1
a904db00c0bd0fb81ccd80d1f5a9225900743577

SHA256
d0703f30136170148b4d6f46f291d70a245b7f217ed1bf6e2440cc2b083a7e9f

SHA512
d940919ee5fb0cffadfa0259a4feca37cd13b579be3977481084c6b71eb4e1be7aea006c052a5a973fea6d10d5c7906e64302d14a6e2756eef3d1d1c58c5f6bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
db721b55ce647dcff2ad551959547ec0

SHA1
928d2ae1ede6be9933d25633e363cb7caa6fc662

SHA256
c4427ed043a6b05016d2e4c957e3c7f6cd2392e987568c0e9044a1d8d85a1d0d

SHA512
5609d206e7309ffcddfa6f3ab1b3b5c9106bad134b383283f7ce9107fa034958edda8aaa6058469c5be2e4113e48acea289ee6b396f2c506e6d376e9987a2a88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
33ca2e6449d7b5503316062be2b10131

SHA1
a7844ee304fb3a1e703a595eb5caa8a44c85b655

SHA256
2aeec09af7724c7db81c5e12c9fa403b28c9c9a8ac7f1e853c414b781a5a01c9

SHA512
d3dcf7cec6f5dc988f29697061b7f463f95c0e91b117f11b780656e5f828b4742ba0e219a81e0499975192392f7c421f1478703db01c03047d898d078e111728

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8fbe016d2dffb585773a71012ce29676

SHA1
f06662d282c043b033bdf92b5c466a5af3de5247

SHA256
8469a57e30ab6eb9ebafbc46bc1c2632c8cc1b3857f16cbc92825eac55e6b2ba

SHA512
5d2a201278bc9f0e21536a9c7a3bf3fbbd11a8f465b285f10a017675db5466a8faca71eb56688b398f870af8f50eb66b59f2917f525e8227f8e58c25969e1c1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a2b1a032c15021c532baa730414d254f

SHA1
7f59d927defcc047adaae280e4a8941d99075bca

SHA256
63609cccc42a7d1f08e9a50019006fc4b7795a682aeb4ac0a782f54412d64002

SHA512
8f294eeb319a64f26ff1860135c923a2d6898dddbbbe530ae32fd781a80f4f432599fb1e3c520b647bae9acd87a77dcaf67627a9c84aad52c9814a9f99341f17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ac591e9875381d0b9c7947f8dec4c7b7

SHA1
e31e33c94c65b5d288ba7407e547b5a08001978e

SHA256
03bbcc4667c87611318378c85e7a3333bab6d9631b68716b7ba9dd9b99cf6adc

SHA512
9d027c2de4c478acad9cde2ebfe4717d95b48e8fac30c9d926cee6c5c552a1a311607d85e7d9c25c1adf0f15e76df3792aaa9b09534e8e5cdb40ccb32fd8de0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9e603e800a19555b74dc0a412c7ea9d3

SHA1
3a4a2cbc3b2036c271a6de8c4bf5710775b50dee

SHA256
7b30722f73298ee5aca60d83d2256d0fd16bf264258d282db87bd97f11aba359

SHA512
daed1cfb487a78df69e4a451f9343baf2d9a4058eb5e9dbad6740ae9d677259166c2b39afc432af9b8929e950bb6a3d59bb7b114f7ca3a1c4cc46760a4a7c057

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1df68667c65fea8004691928837ba8ab

SHA1
dc51fa168c1abe88a10d9474dd1eca11ac47e657

SHA256
04808938264722dc752b6d5a23e7e4d3c813679eda9f3634f6792a705349fae4

SHA512
08eb9a9d0c674afb9fb9d3cdbaa12e5032ad7fa763bec3978fb685c7bf5a62ad3432ea62c93ccb443f1d85ab7289fbe747fb4de4ab04dd15f1e5bf153100dee8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
051b9cb280dd2321ce0bd3aa3362593a

SHA1
a1b7aae0a6495fc9a520e8866dba98533aa5e0e2

SHA256
c517f38b3c8cb087c394f9f95290af5b61cedf721eeb9fc653d803ac42661190

SHA512
201a40fe2239ea997e320621669c7d8956a0a1f0b3a178933c753f77af7bbf76bfdc238d8d1cd3cb4a551aad73ddd0879b4f09fbcb0ac82fed1491cf04722e1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7f949baf9b1637ff7653b1a6d2bc385b

SHA1
198eaa410c1efa1bbf7707a27c4e27dc47c0b046

SHA256
df2e76550b12d0e86fc4f9b16b5f18d6a56b89497b399669b36c3cdb70cdd5e5

SHA512
fd7ebc44ae7deb02cb7be9d63881f070192a4e9c1b4ecb6d2718ad02102488f3cad177b4f787615fa2c9e69ef95e3b9390096e773d2a0854c3f71029a9197fdf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e89d21f5b43458124f97343ca19eb5c8

SHA1
ebc31e9b36775a4da43ea8fd08c7d5cca94c2018

SHA256
b4e2c36e9d92ee8483d1fd3c265ba4808e9ecd81d1d8d28517a59e14b1ff1402

SHA512
4ffbe7b2b2a7da4946d9ea1313b7df820fe56b171aeb2d96e36b1ed5ff90e8d47ea418603e5664fb48480d6a77265bd38d2629dc2200d28d3479427808e9e3b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
983c3bfbe1966c2a3ea52e15ac673fb2

SHA1
199b25b390702bcb31a65e8d2ef237ecdb1bb2f5

SHA256
ea5289aea7f7c2922ae76380473b6181f3dee2987e0e4c685fc0676f2a2ee070

SHA512
717a0361b11cb6e2d107e7c63a871b6126f4ea5fa609dbb3090731a14830a1de726ac60ef610e78e7f8bcad9e498e9374432e6c5f2d6e1137e5b2066d829044b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
d36bad5d124beffc08b3d59255eaeb42

SHA1
fe07f092bad67ca360ca10436066d8f418d8eb9a

SHA256
caff92611449497027b1521ea4983c8061f0d7a98273d486852caf6a19d2d28f

SHA512
ed2b2bd7c8016e2c13ef558b1372ff0b9bac435309ed3ba8459e55a387a7bb79aa7ec9c7b86f34ab0283d79bbdbfe0a28d2cc0a96e0f94cb809ddda95fef44b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\cb=gapi[1].js

Filesize
133KB

MD5
4d1bd282f5a3799d4e2880cf69af9269

SHA1
2ede61be138a7beaa7d6214aa278479dce258adb

SHA256
5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

SHA512
615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\platform_gapi.iframes.style.common[1].js

Filesize
54KB

MD5
7ef4bc18139bcdbdd14c5b58b0955a67

SHA1
afe44fd9a877f81a3c36f571c0fc934324c6cbd7

SHA256
192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838

SHA512
6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9273.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9275.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar93A3.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit