3cfd870750e549a92b1caf656c83b43a2f0d38f9fa774438abda4454653eb8e6

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
05/06/2024, 12:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9818f993241712d490105c6a403423ca_JaffaCakes118.html
Size

3KB
MD5

9818f993241712d490105c6a403423ca
SHA1

34c13f7b997af9429df15d6118da7e377c06a1af
SHA256

3cfd870750e549a92b1caf656c83b43a2f0d38f9fa774438abda4454653eb8e6
SHA512

2c355c6967269616e32170be2f501bd2d5d1448801fc9316bd0afab83e1a78b62392758dcd425a627e0b5c20b33f4b6537a077ae6abc322ecc7d7132bae6765f

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000f1eeb1ee7c87134dd35b429ed17ad288cb601aa7232f10dcaf645bfd18dae30d000000000e80000000020000200000008b9eee7d2bd89163698fcaa4a969def2c67ddc771389dd016789a5e0bb5f527b200000005093decf361a36d657d3cd96b78351968462ec347814679fefe9fd4d8591a17840000000f3610403bc9e829bc227a3271de7c03210edb7ce54baeeb4d5f3db2d31920b873f727cf7f37fbf990cf52ad99f138c2f0422e5e638ef76ba7b46e53aa3b42c0f	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000bb2e85c76071ac58e1537043378d9eda25da8e60f83cc72efdbd3546d3c6704a000000000e800000000200002000000091d9505bf06ab3becfeda062b8b3990c22dd74eb194ebfedcf0ec46287319d6190000000ad7f968946e1f1eff66074d03194364f8eec3881293197322a2acc6f8a71ee0549fe8c67b0b8aa4a2bf9109ec2f51b37c3487ee01efe4f29465d054e99371d757f58125fded2a567055918324d7419ca0fcbad4e47d40338e3f915253da68fb2d525b39db5b8bc2a7a76750626174efd7369851c520541918c8b11ed1c9c9c72f6a9a568790c9cee093d368b5ec7b1234000000050ba68d696daac6660d0afb89dd11531c9daa2e269d615627fddfdcd6f15326479cb12cfdc5f387094c6201741f6489e0497fce08f690da0e542193d8b2372b9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a09c4b0d40b7da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{38AED971-2333-11EF-A5B4-4205ACB4EED4} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423750704"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2040	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2040	iexplore.exe
2040	iexplore.exe
2584	IEXPLORE.EXE
2584	IEXPLORE.EXE
2584	IEXPLORE.EXE
2584	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2040 wrote to memory of 2584	2040	iexplore.exe	28
PID 2040 wrote to memory of 2584	2040	iexplore.exe	28
PID 2040 wrote to memory of 2584	2040	iexplore.exe	28
PID 2040 wrote to memory of 2584	2040	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9818f993241712d490105c6a403423ca_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2040
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3f3184252f4f753b24e8c8f32cc438c9

SHA1
dfba3774d80132eb971a90acb14eaf51605ac1ef

SHA256
9f6ac1fdf8b392bfbed2d524494e403f14922e645b54b5065c61f8553c0daeed

SHA512
ea50d6a194141b69eeaedcb3406c493143fd67b69ffe5636186c429e171647e1ffd707381062b369907e513763a28ebb96537c8ec0c54c229cb18000d10a6223

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dcd97f60a9a3c5249e8e5424d298cb3c

SHA1
a966d93433590358c3bc0a182448d929cd7fbd4e

SHA256
5331412b4bd262eca5f3bba8b03089908a5cbf4fdd17af2870f794d7af73527c

SHA512
7c5e97a7a14105b0280784f133d75addb8a5ec38d27d5a668073ec374546c041db8fb52cbf5804edae32b8283a514684823d4eec3a3f01fc7ebc626147fd3093

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
acd3f3c2bf62715517f3d0eb36c0ca7d

SHA1
17d545671cfd831744e635bd665d7a008cfbadbc

SHA256
d9965c2c979813b88964c3af56d540a33bffabe42ee54b76b02fa920408cca8f

SHA512
1188bcee96ec88b344a5fd8951656372bad2e695acfb6d58a48308da917f1be2d9475c47d883c1c85843b1881d7155e9fde79f54b4d073534e445d6f8ac96204

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d2e3c39d7274b92ca179435cbc4f7ce

SHA1
57d3cdd04f2bda8c73213db6055012d7be2669c9

SHA256
bc1cc2e712bebd941ff50a15bd5f13f660e570eeffe040e8337ac1bb1cbcada6

SHA512
013c4a8f888f26dd04334094aea35d6695dcfaa6ff8d87c002d95b2711e7066c0614d9e413d0e43e446edd16118cfb4de3c9d98bc0eed4d6316d7b2bb29433f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d19d69ebbe5ff58892bd38871d4480f6

SHA1
8760e4f5763f47279e792f269d908612a3da1dc4

SHA256
79886f8aa0cb4be68291236c5702647eefb4829bb27c8cdd9df661915ddefe0f

SHA512
c3f38af5b1b0b5d81808927b680df6176236013ae1366a71045e0942ad22ca91fe3afd0d99b42e4c17bac6debc820a7dc34448861d5d81e9ae15080531c6c441

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f8a59ebd8f93328797775ff5498ce29f

SHA1
c1b5672e8aec195bef46d6683e468e0ea35778a3

SHA256
9d6f956e60dcaeeec769b428f49e3677da45cd4015fc2a86704f236d35635dcb

SHA512
ef155ceb66c5676e457ef27b8f576e17ab23101a12bc6ce687c471b3e90c6932e779c555812fbaebbca12cb919587e0bf6b1b3de7fb5053aaae2f1368524750a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b258e3903d01efed5ac743889362e756

SHA1
0d735be599f86b8702f553bb89eadea7fa326131

SHA256
c68b950256355aa4574046bc381376981521d79173558bfaef27d91778c0ee58

SHA512
3e0742389c02fb90039a16b74bf665388b9091c3e00679e40245638a89a571153dc6295a6c0ae836ad2cca95e10e0989036345e1948efdefe02b3f47cc01be4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6893cd867dfcb1f2ccc524dd0209da73

SHA1
8b6aa22429272a9a1c64abffebed46501e1246d6

SHA256
9c5dffa5b7307975a27ad363552f237e2b60578d1a45899b4cc7b0e8ef6655bf

SHA512
17ed131155f89582a521cbab4bef3cddae25c8ad876df410a772488553cc5ecf249ed768c2aa9988c6032791465fa3a0dee8648873c594e9e0fbabd019636959

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ccb270e78512f989ce54337ff2f39f8b

SHA1
bf5c1ce5fa085b70e1ca22191fec3ffbfa7283ea

SHA256
c69b21ed187dfb0db107584c9d3b8292d5e3da1bc7608924474d6043ca5e98b2

SHA512
210eddc3ceacfc3743fcb41b3e97c3754f90d1976bb3d3801ec9fb8c51b0c9499bc3ed204e7adfab19990bd7f99eb7401656d105976d656f0fb2e22d5c1ae9eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d42792bcfb7fc327a000bb8319e71932

SHA1
5539829cd82bfed85a5413d8bdcbc099dfb1919b

SHA256
feaa57958f8e84c37e587ef03bcaa60fbbf31ac35a902f42f2102e0827d06aeb

SHA512
4a73814b1fed66270688c0ae9643fa2fcfe6a572e74e6b809dd2d529c1738232625570ba63891dcbb6eecb56aec6ec0d4e457c03b0fbe0eab242513d3df1b1f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7c56a2fe2a85b089c39838ad0800d998

SHA1
109ceefdd9ceca4f32212931f9f41d687177759a

SHA256
c5af9a54049c0c3ba50cc9a563b972d5c621a2d864592a4cf98188ea3b5d7a85

SHA512
78a11a6b5df0cf6bdf11cb7ca7c257482c63ffd924609bf88bdb5541f286e7a9865003374b943e6af10be08ab41cfd86bbcadce52ce71946528e9b98e8eede9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
325ff7736bf827082303173ba0f3965b

SHA1
833d4ba75dbb7326dcfbc58932f6b7563281e8de

SHA256
8f7d70b8e18434c150219497dcad7730f322b837cb274c68b1b2c376c677d1ab

SHA512
454d6ba0e55ee339a10b6467678860a4fff5a6b558cc4a1ff839740b076a34193af28d5e1642bd756fc770a42b0f644edaeebd41903880efb6c9d3a920e2295a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4d36bdd4a7c1f557e3a65e38a0ef3ec

SHA1
848e599e60a906c251522cc867e1bb2c685b850e

SHA256
82f191159bdbbff0c4241135e636d6b7ac9e774da31468e9353591f8d34bf643

SHA512
d52823513530e9269d4281a6035339c97562806a9b9b62d01d1a06bee432e92b87fb009297a50d339c9364aced72e8773990f639c583101cfe4cfcbd1732ef9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d696b5995e904981ac34f26b3992f6aa

SHA1
6efaa03e3ed6a06a0b39d88ad1b1cce30ecd092a

SHA256
12737b1de01e6f42f41593ffb1b442a5d31b2a7150bafd0f44cd88ae81df3e6a

SHA512
e75cec3909d4f7940efe43ed6ca7ab78bdc7dedb7b2ed6f951a1e7701c800d066cb2e8f2e1ca0e07703e1253aab68423a212f5c0f532ce6714e91f00a3513b2c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
52169da975558813508bb070e6cbaa8e

SHA1
f40e7eb72e7ffd5d615a5d0f2ecbbce9c79fff18

SHA256
c4946d5be98b9647fd2d36c14368237adc7ce40bf26f1b7138730da76b059c73

SHA512
8344f6ce7e27ccebea9b7bbbe5dacab36b42feec386fab82ee741f509c66a00a86f9c03e2704548fed4bd85057354c22cfbd69e3229318cf3d5dc38814fbe2c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f54519299844ff8f755ea37ff7678832

SHA1
05e2f2b4e12e874f05ecbc0676e18a47f7421e15

SHA256
59cf9046dbe8b960a55bef3f38f685ef130138cb02750309fde3477876eea914

SHA512
ed9848687e6ac2476e2e0b3fc508b5d46e02ec1ce6872cb81c73a40c5d74e439b8441b712160cdc1e80f5c140e3bf8e3514c272a59249dcfeff1c393ed24cfb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b0d23568cc0709bdb199ff3acbc7066

SHA1
af091d8727f9111573f4e4de987e1bba39b99da5

SHA256
b29c4f03344e4bdf5e6df02cbd1bd64fc2226f6e525f46450d88650d01b22a61

SHA512
07d36097e2bc7ddd1d70c09b00d4a395ad3dd888edc4a3a2695889189f2c5062cde111c1ba10ee2707332fc05aa76a5f36381bd24132f9e567fd846eff04ecbc

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2E24.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2E94.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2EC9.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit