ec4460e8709d62d2af0b3594e6bc83eaf5ae5407735d3acdd453d2b792c8cd18

Analysis

max time kernel
120s
max time network
139s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
02/06/2024, 01:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8c67c9c0fb48151807324d2a14439856_JaffaCakes118.html
Size

1KB
MD5

8c67c9c0fb48151807324d2a14439856
SHA1

9a28ab0b12da0aa89047a093c6c042b35a771279
SHA256

ec4460e8709d62d2af0b3594e6bc83eaf5ae5407735d3acdd453d2b792c8cd18
SHA512

c2e5185ea73e8ebd63fd39924ec86847319b53a28f7bb125806d40d9476aaaa5beb5c4e512c4dcce9c759ce4297f0f2c545b1ec10b7c8dd3038e169f605ab7e6

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{442DF9C1-207C-11EF-8189-4637C9E50E53} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000c6dba5337aceeba1be0743589b50310f7a5cebf0643831be76e6a437d7efe626000000000e8000000002000020000000ab0dc9e56a43cdae8c30e708bd5ec28e118891fb371429c4a5fbfb00c73736f02000000022a9369e0dfa199df206dde3692840fa4571b19243e5c1135e7cb039607e2984400000009eba4fba518907415b00eb2bd1fc5669bdddcd905d8010309d4c94d7b0dcdddb6c90586b907740ab00e47d7b11ab5ce1603df19896e13220a45a6827481524df	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423452235"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0ae9f1b89b4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000008b3008a3946e8b7e236182c959bf684a2288c2732b16f64f3157f073263edc2e000000000e80000000020000200000008b087d1ec5c68fd8ef0b0833fe0da94c2d91367049df808a21a39ac76d80714290000000f7bad438358dbbb57d56fe8795e29d321ef8459ca561af05969d2a003f0e769263ccc3fa328846fb422de008cd29ab82788e279620d4bafc8867f147f237cd8df7e7899db5d340a3280dda74f83009b961c4a8e24b6026d96b1f69cae35fe5a12a024e113b02029f259f9ff753c8b64bca08bcb6f8ea6e93150931aaccb911937a3655e54d974e831c580912accc44af400000009f42c0121c51ec084c83b04f78ef88a818b95c2d6f93d0f046e2648bb685df571f68a76eea6168593049375e95c77b6832d1c1cbe59ef760dcd2b06584f77f35	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1680	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1680	iexplore.exe
1680	iexplore.exe
2172	IEXPLORE.EXE
2172	IEXPLORE.EXE
2172	IEXPLORE.EXE
2172	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1680 wrote to memory of 2172	1680	iexplore.exe	28
PID 1680 wrote to memory of 2172	1680	iexplore.exe	28
PID 1680 wrote to memory of 2172	1680	iexplore.exe	28
PID 1680 wrote to memory of 2172	1680	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67c9c0fb48151807324d2a14439856_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1680
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e195b84893993c3e410130deaad68899

SHA1
0e818170947a3f6a871f4d77d278d6240ecfa627

SHA256
3364b2b13ca9616289c672b69101f063c89c34fdd41b9424053023861e98cd03

SHA512
6fa3a15c5cee3d0adcecd94e950293d9af47873c8bb076219d3cf8cf5ddb3583673e65872e68936c7358c8d6f02a1af9742f3c1b1508d589a13dc8468a2b24cd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c1bc6272d207985302a0ef2dc56d346

SHA1
f334c736604863a322f1ec6980e67d562eaca565

SHA256
552258e5d7471bfe70370ddba3865bc60788264a61678b28edc9b24b06a6fc4c

SHA512
7f63d09d277b883ea2bc3cfcd353edff207352951b24edb53fe5551f2eae578b499ebb58072264533c77d8bb66970a38303450ce29c1cf64e1b2b2369bba9165

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e477c377f3518fa75eda55e22b5a3404

SHA1
3b42cba874407d243dd5c87445426a8ebf4f6164

SHA256
54d267fff6edc73aeb42b57d066bad6ac62af8d75ff52265bce94bfaa879bb64

SHA512
881c4f52cc77bf51ee5a75f51b4347edf39aa8b950d245ca9f25429a92e0329538ec4c359e9c13d8aa8480a16243cca826686c6bac0793bfc1d72973e0bfe930

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f7aad59fb95e4a193447e75eee223ef4

SHA1
8adc137b762bac79aa4420cc7fe446fa5746bfa5

SHA256
62380fe27b65bb6b5bd952f34410daf8e3ce9b6f9abbbcbf3113aa61f4b14ea3

SHA512
12797ec92d28f009a2e68839bb68fd718f11c59ffac936fc48bc08839b3020e0105b49773417954ff84b17276e4acd2dee7b12f2d9f56111f45cb13bb16e3ea4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2fb1ba7dfcb1114d4b2a55ccbbfd70e8

SHA1
a7c4d256735dd9848f6b0048806aa081d4d3e602

SHA256
94ca9c2ad53f793ae46c8821ede2675afc59e249b28b17a07423041d9d90f119

SHA512
3780947a126304077f08bee22200e8054155036650b342fd2874c7b72d9099509ded90de489100b0ae6b45c07c9a03b9edb8385ca5322db28ce0bc2c2e1b0f4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fedd475379e607b9176d0c03df465612

SHA1
c56e06bd9c8493782edf1406d76b9c784c31e6a7

SHA256
a7473cbcae6bf863381b05ff982ed2b269c9e7b5be5fe375b43e1baa3e111de5

SHA512
021a0630a66d087294583c12c5c19177c4c0be89fb6eebc5b7a0ef0880627542e069d4b309678103c1bca6c45aaa193b5585108782f3cd1ab76c1ad4cbfca129

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2d24ea4c44b842546c5ca517dc82b6d2

SHA1
f4644bc621069e092103a0ead49de9ec0cf049da

SHA256
b336b142a08794fc824aa1e6e693873415b9251b411f2b5a6152227d3705bf1c

SHA512
7a8ec35d797ead081d750381c53288dcaaaf42a1f374549a90c8aefdd97feeb718ae2fcd6f88c62c35d0d7c29228636cbdf5cabc68ee04c3241894ea637b1612

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f80a595007c1f73eab8bc69d5f30b975

SHA1
adcaf03fd1a9287a06fd326153b4245d8822cff7

SHA256
df4d6843449c0c85ba5b57aac92f7920c637348f5ef310540856562f73e5e29a

SHA512
8eb8eb734802b990c02fcba2c3c0f43dfb4ff45bb33af6e1ac1b4c7aaa351f662841a4e3623ceae1e37e008fc6cdb467019d56afa37cba4d875267e96d83b874

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ef338334cba7e5a63c7fd06e6ba263d

SHA1
8b2f3f9e0d36fd206db318474aa5495b4b9abe3c

SHA256
a9742f86b3899a513de798fffa3e8f734236e5aa929faa542b1e85e63b923c34

SHA512
b753a8c062cb794ee6141d7f6353ae2ffa6129c98a167fcd56f9d60da9b5925bdd210f79d194061564cafce2f7f3ffa7b8e5b4fdca64a410206eb928e2b3dca7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ccf7986e8aa402621378e857009948e1

SHA1
ae6c2f254e020a4dbaec43892a4c0f12be8359ee

SHA256
ff8600dd00c98c06062fd59a6ace4b7b4f0d4c3c8834763acfe1dc76c135179b

SHA512
b1a3c8a86738bab9cc6e18fd7bade239787e50e72132dc6a678b34c213814d7042c03527eaa0c6ab52631a0e5bbbd1dc850a72b222e6f41c6b9be9e62478501c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af53f368527496fc07eab5dc4f154a99

SHA1
e09f098e140fad5567f6e692f48b66d49f0fe4bc

SHA256
fb2b06044323553f16e43070ef614de4b0466269a331e5b1f7bd4bb56c074c14

SHA512
9f027ef8f2aeb8349bf072cc0e61e2426b06b2c136a98c663a99bfb5e9af7b885414673bb2b0986cd483d682c19d57ccf13788321d4ab1111af320a2707f04d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d58ca59fbed7c75c27a56f6479387b9

SHA1
177100cedfb0da62d1f1561aef4e6224331054e7

SHA256
58e6f27889bd7be3f999ddfba8789968cd0f5bcf69fb413dc1f20a99e8dd35d6

SHA512
23e18a2a975a5ffe2e89667bb10b2b3d3e18762f59c34d00dd2077a156d4382469ff63004d5a52966179cb0b4ad20fcc4f20b64db39469a1cae5b1f0e7715687

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6c2b0216bfdbda4f58408a68eb651fb

SHA1
9248fa9d86868702823606a84375e875c47cdeb2

SHA256
852a8cb491cdc744673bf32890fc8f5d49587fb4e6a5dc5a3b91f2d356b02643

SHA512
6dc0eb166a61c279ecc95cddf263345da14bbdce2578a3d1290751ed42048b2c8f0c956a17a1c9913f1fd39518b8e16b3821df4a2b4721d6e96f150f858ef21c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9cccf380d5cac1bc2c8efe6197c8d63

SHA1
e4a04db947138cf0674a31386e9b7da824281c0f

SHA256
e5086f8311937ddbe5c855c38145dfbbc6483b0d353b479722b6433daeb84f4d

SHA512
a925455c9781a525435a073c06ef574cb91a16e2f16814e3299a349932114b60526ea12d19204720398427512ab6170362c3b227c22d41dc0b54ad5760243f81

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3d8b90c0c9ee37003a41dc2a2598a5da

SHA1
2ce9854cf0ed9a0dab6b022f1a94a6765ce66d68

SHA256
941017cb61bed616694306035ea9c85fe5b9e81d0835fdc477148235ee0cf31c

SHA512
95c3a684c3d8f32497ca371de3d76af1e905b536c85557eaf9ad655c9616425124cdf2d040835321137b88b9c9bffda29312ab79a137e4ddf0610ae75077afd1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33523b76788363472a968a157aaf2b59

SHA1
f22f7a59431e85b1551abde17150cbbe3094a51e

SHA256
3dc18ff525e99c5e0025a8b6907dfb55fd5f8edc1a72f6be8ea659dc0df40a6b

SHA512
05b50e8d9a77dc6d4bd6f76d8409204de691c77a2e1e590e93c32909240aa5d583ee8dd8e490d4ad4839ff8653604206df4b180a22ffee6256540d67f39b5fb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c37f441e59aaeb4fb705b12c07c1a49

SHA1
52f33cbabdec072d5c3b956944cdf161de98383f

SHA256
0293be4b3a82ff13970e4d547b9a8e3814026e1f08ae018b7b668936de5000ca

SHA512
531cb6c0b561fe581312b6b48e05b838e2bd21cdc5965fd401d4e3c167a3c576ed8aa5b429587bf13bd0c6b07023fec391c68ce4b7fecb67adc0f7e624033ada

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5EA5.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5F78.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit