ccf4eb252477c29b7fec70d7e668bba12e27778cde5b6d510a1908f22b5324b6

Analysis

max time kernel
137s
max time network
141s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 20:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6897882a8a589149fe67a099abcfb48d_JaffaCakes118.html
Size

220KB
MD5

6897882a8a589149fe67a099abcfb48d
SHA1

524fbb07ff63708784321539741291398dabf6c5
SHA256

ccf4eb252477c29b7fec70d7e668bba12e27778cde5b6d510a1908f22b5324b6
SHA512

689aa8fdeadd5ea3d7d8030cb08028a6e94e8950ee238f63c387a5c8c8ccc5bc8d4d621843084201856f4f86c9b2fcc4c222e06a10e6bb306e574577b509ebcf
SSDEEP

3072:S3raGewu8/mxedKyfkMY+BES09JXAnyrZalI+YQ:S3rAB6FsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422572958"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0F715171-187D-11EF-97FB-6A55B5C6A64E} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2648 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2648 iexplore.exe
2648 iexplore.exe
3008 IEXPLORE.EXE
3008 IEXPLORE.EXE
3008 IEXPLORE.EXE
3008 IEXPLORE.EXE

pid	process
2648	iexplore.exe

pid	process
2648	iexplore.exe
2648	iexplore.exe
3008	IEXPLORE.EXE
3008	IEXPLORE.EXE
3008	IEXPLORE.EXE
3008	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2648 wrote to memory of 3008	2648	iexplore.exe	IEXPLORE.EXE
PID 2648 wrote to memory of 3008	2648	iexplore.exe	IEXPLORE.EXE
PID 2648 wrote to memory of 3008	2648	iexplore.exe	IEXPLORE.EXE
PID 2648 wrote to memory of 3008	2648	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6897882a8a589149fe67a099abcfb48d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2648
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2648 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3008

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ef5fc20337148901b0ff22ced41d765a

SHA1
9deb65b57e3cfbbc68bb529fe44d982fb4777a84

SHA256
f9e70b9adb7e70498d61273ef2f51a56c15c9900e4607c2d74ed51e44ae10193

SHA512
6a67691d5119d235fef68005de47b74f4bdd3299f6290a4bdeed17415d2ebc27ae1cb2710afe383d2ab193a18af89749b66603ba12a46371c08167ff69c55f79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aff9eeb4f4a5046865a13688cd1173b8

SHA1
30b91a8d5d1b5588446fbbdec2cb81b02d0bc96b

SHA256
2f1ae9499afa610f691c36e59b46bd572051ee593c28c98e47215a40f38b49b2

SHA512
171b65800a55abcef095dd814bd4bcc0d2de3cb690b2982639886597b4b6105fa63fa3a99aeaf8d1e61bf16d8b176ed4403b3c4c2b6375bba702c6bac1ae3432

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bfe6dc11e60c0e0e600b0b0dd3ded860

SHA1
1f9761a46f4671e48f9592efb1adc4f3486bb25e

SHA256
e2a114b12d3952f0aaf3afb8ea496974880bacf5bcb8f62d00ddf914ea45a6db

SHA512
f4cf81f8d4feb78438abe04c47a167ef0e1e4bd0fe04b947eb264b307156b7b68bfbadff14c563d6c5e4a72558b7f4535256cd6e738f9e231fb30fc715dac9ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ef24f6db88cb8ea6a217ff9d9276a9e

SHA1
bf5b12ffaf671fe4c4047061dea5260ba5cf6ac3

SHA256
1674a0a66bad6f84d505aa4d4bdb03eee58ed0b8d47ba6efc4a38b084d5d8caf

SHA512
7b6b6e79a688ea728b576807b08a18fd0dfd881933f696d5863f589e42debd30993a26beb8ad18e008fb959c3aa8f7635b862672109ba1058795dbf001056937

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e0ecff8adb6a00b23dcc85f52ec4fd11

SHA1
634e2074f1a597d4ea52a399c202c5ed88f53a8c

SHA256
c7cc68e1eacd9ff488830b62c2abf232dd615489d16bc968ee1823a3c5bfc947

SHA512
eb4d225ffc5bcb82d0d55e5d7c8795ec6b926528e623dcae42204ba80192424d0c50a6432392aaf74292c28b6663a990ed6339b631dc1ee81070cd3db1b5c11a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3fc918d3deafbba80fe9393afbee9d91

SHA1
c70c417aeab02acca21040c9415c2b7ad9f08f6f

SHA256
8e5f28881aa908f32553950fc09d454d3a583ac877c740154aa79017494d9d3d

SHA512
70dd8c1d873b1b6f95542fc181bc1a880db9874bfb8c17aa186c7260c8ed93080ea0fab6933e936ade03d21f155749fd5fed96d65b24e91fcf4056b0176ac1bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
52abea7d4a67eea15d71cb324b9375a1

SHA1
fdb68a0546cb2fd7e4f320b854d8e50a4d193f3e

SHA256
435e4e6a49783d84be796b60182900081b039534dd6a31a647c44902dcf85b13

SHA512
673778a7a801792150aed131c1edb9eb2616011f55f3742e6753be4049123d5a9595679f57a01949c97aa998bb15f239084209091b08ca29e22b80249f24e401

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e242d2cfd4c9f46d441f028ae826d982

SHA1
ce177b363ec22fd3551711f7c79dd8a568590d18

SHA256
1464a70818e0be8b39c70b7011a78177a97be58a1bc26560cedb2031e26a39e1

SHA512
342ed474b8482675d51b224bdb6727d017cad80580461a5a192b38211677ab801e4cd8e046e51e5fc0400f2714da22a7836edc780bf7564c663448381e771f97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0513acb898a9ff8f65b5b6f45327ca39

SHA1
e34feba5f39d44a5e5f39e0815310290991f79c2

SHA256
5f993ddbb6ae3319dfe69fbf1c21d826cf6587065c41eba1f048173061952376

SHA512
58d244bbb6d1e4708a8b62cd9d53ebfda63956b36766f3e524ff5bb36f1220546b43104abad996c041171d19b76605584e883fa788e9dfd6492e1d59668e2d3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fd876329862b4fe8dc89b1cec87a1d4e

SHA1
f04ca0c7a390b3e910556136c3d5e2d827a21de6

SHA256
f69d7f5cd580336cb63b262880835bfa4fed9e3bfa47421264dc4ba0ca45b351

SHA512
4ef6a8cbbcd73784d96f7521cd5d8100af5e4b61bdc398a3f513e5bfda7a2391ff5a795a111e8a81da0b35fbcbe6d294ca3427c4ba735c41073c191c67cbbdd6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
58f91e6a565a38a6c210f07612717acc

SHA1
42297db53e289e406bea359c4336daccb52205a9

SHA256
5814500e7f5bd6de878437f924c62030d910a19084ee6047f5a9b99c6347b24e

SHA512
3a1f147a615b25fca8e4d68f7e424297e026c38fbbd260eb0078038dba56dce3e31ead3949e40f56599df64daf9e544d0d3fa369dd3ca489ee9729c49a6d8c00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a39ac1262db7baf5d66792297a7eb41d

SHA1
a60e11d862389c8249836ad50ca0f1712d45cae3

SHA256
6ccad26397f360ee15368d3252a9334a8ffb7a5af72b103b94ea9bdd2f6cccb1

SHA512
bd4d38ff641391119d458c872fa248bc92874e4705876d18a795db5ca7baa3eff9c7cb5ea1c0aec80751379c917f5a1aeb457cc8b4d01d024761bb84b610f9a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
715057a0ec655ffa7bd974c4d86bdf8d

SHA1
ae91460dec9fefcd639865c072fe8043cbeb2d0b

SHA256
d5eba4b135de5198fc00efa7238d88cf8fec2a811da53e2691e6709efd39f9ed

SHA512
4b761df3bcade5f6ada9a088e234dd6aac4efb0a5a0de1174991e4a1daa3c2974d8e631b68a1c3c83c00ebaf73cf6e91b3ccfdef2faf73c4daf287357f1bb88e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d90ad70310dab5bbfbf9b62031c745db

SHA1
7a2ce189de27f21c2ee44cbddfe509324e575686

SHA256
1b97d9b2e2c3ed32de07492cc9c4ec0e9d3cd801f3e0c72b01e94fe5b4e8a5d5

SHA512
2b62fcfddc7b9acb2fef4cb7831cbf95c02fdd815dedc54ee1f2afc95f4e315400d1e84429d2b781e151585ebe3908ac406733d29f0d5e95f8820e1257cd25a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
296a500472d5594da3b3ccaaa520e87f

SHA1
f5c1abfc6fc4e6f5be68f631172dd57423cf9b69

SHA256
88c3af19e878eb3f9e1e7f2cafad0907263c0851dd4ffb0cc39d365070d31c17

SHA512
46720606a2d772344ebeeb50d5c815987bfebc9a0f10a510abcfd0a88fffb5c8054ae6981e2fa7f5ca0716d57bbb1ad305e0e5072dcb106450e204adfacc7f4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b192899668f93d5d7971af1ff65eec78

SHA1
80ff8e6bb72870aec119032fce4109fdc58c4437

SHA256
9b6990e21ccc8a99a6a7969bddb495656b41d6ecae388003b2cd1b167e1c19fa

SHA512
aeb1ce3506630aac103ed7d2ded51d4e6774211ece87518e42ebfe276c6e3690777c572cfb8e697edd22dd281d9b51af51370e66fe32ed66fb3306723179c2e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4e2d0c512d02435a07d3e92b3623357b

SHA1
27e72107154a148eee2f866baf1f9973386502bb

SHA256
8b4b97fe61143c521af0b8ab1e04e8dc533e43954d47026e2152391302b44672

SHA512
35c5cf6b695b45a266ef5a4c540ae6d8d5a4b7cbcd5cd3b16638395a4ebea725ec64f73030b6341baa383206abb56e46f334f8f20096c75304c9813d8b4b995c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d6092b2e61c6a367fbf10fbb2658d883

SHA1
d728ac4ceab0977eb468bbc7c5266a1c491aea91

SHA256
b639d88fd85f1437314d8ccf99e2215f25bf6d14aa2fec056d6a585966a99e36

SHA512
9c3015a3c8941cace06afb2ced6415084a3fde1257a755971166dc82f4def7469b24794c082bea413d760e91dce8aaaa4bb22db8ba486ef3621a599d9663e096

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dd8e40aa5dc3e0694cf5fd43c9ce536d

SHA1
54d0aeab3c309435c3c29cce48430142e7fbba1c

SHA256
69498a2438594c5348f4002e57946b9010c1444c1fe783b5d51304b688e22906

SHA512
59aceb32f995a56e842b955ccc98be88cf4efc52c761e79489cc695c4ab87e68f4760f31107bac4c343c6eef504f9ed9312aa76d6287d8924112e02a0f3cc49e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9AAA.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9BA7.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9BCD.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit