b6f99954cb69b80d48cbc02133beb21cc94f5a4270906b623678704e61ba68f8

Analysis

max time kernel
136s
max time network
133s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
12/06/2024, 21:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a2861c62d219beaca2bf41cc26a7383d_JaffaCakes118.html
Size

461KB
MD5

a2861c62d219beaca2bf41cc26a7383d
SHA1

59a7691b964e0af9b11520cbdd6e2bf001f006e6
SHA256

b6f99954cb69b80d48cbc02133beb21cc94f5a4270906b623678704e61ba68f8
SHA512

848580c4732c01cf1fb8fcd45f77e0171e5b79c74cb2d868692676b64cf4381c9f1ba8780180d501faf27d27775d6b12537795c128c2526f17a8801976c38503
SSDEEP

6144:SvsMYod+X3oI+YVsMYod+X3oI+YIsMYod+X3oI+YLsMYod+X3oI+YQ:W5d+X3D5d+X3g5d+X315d+X3+

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424390468"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C7C99E71-2904-11EF-9E46-6ACBDECABE1A} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000373d4a39c93ac294218d77b12dd71ce24b286dfcea431f9c66ded64000981e2c000000000e800000000200002000000057e0703f82ed0465568f9e0eb9c8ff0c92a076b922bbffacc0861fea9924377920000000f740c47042f6bb056118fee69bf97cde4ccfb81f0c25d7ffd143a47e83e7094940000000f27b58769fda4484cff61d00ae009bfaa2d629ed9ba74f49c712c8c4edf2d9867011615a3f367320efeb936d929c4693e93bb48b1ffda58e5d3154d598f277bd	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0cdd3a011bdda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000057a172729f07fb607ee259bccb4296a4c9b88bd09bf52f17ede05ed2220e93db000000000e8000000002000020000000413e98b84be6c77d7ddaf0b4dc9a63e3e2bfeb31f6d352d93232a5af64129bd1900000009ddaa93883d94d760a58412133103f54ac0e8c9a39ec64fb63d05924b1ea7e0d3be5a533dd764e40a6519b681eee7175bb09fbbe4d6bcf4efc6a8c0d79b1ba27edba183dec0969d5d2855379ee8f53bfc4ee6849929f9ee1b2a879c203827619b33b0f5e26f0115699afdcd696bb95436e43ca619e66bc4140e2e1a918d9762e25cd7824a40681190232bdf8910e028d4000000049f86b2beac99df8e8efaf98bbfe97994df4e5678fc649052439fd70bd71b54bddde3067d4dc062affe1b7958b581a7d53886d7daa8e90cb0358c36f7a8c8607	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1992	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1992	iexplore.exe
1992	iexplore.exe
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1992 wrote to memory of 3016	1992	iexplore.exe	28
PID 1992 wrote to memory of 3016	1992	iexplore.exe	28
PID 1992 wrote to memory of 3016	1992	iexplore.exe	28
PID 1992 wrote to memory of 3016	1992	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2861c62d219beaca2bf41cc26a7383d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1992
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3016

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
21fc6e833ac584a73711ef4a110f3a2f

SHA1
a3f8d15cd5f796e67d288ebf0aac011266b4d025

SHA256
e5545818ed9d96a750ed8095f8ddeda16963f24e3d21de65635f0f79a35c291c

SHA512
6fc50d80f73118d6cfc56d27f65751034b3cb5d16da16f048722b914fef8e112b2e0ecae8e0be142c20644f6d4249e76cf538f369a6fcb126a3cd63122fdb6d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e72fca598ba4c2712c4702508772b877

SHA1
631f7eebc2841523232b8ed954d90597e118d96d

SHA256
2729c32e0441d01c62c8028dd3f6e46834d64b0ddd81fccfca0f64a2ba7f812d

SHA512
3e65fbc46074931ef8098f9eb323e21cbb7a06c7cfce10a4740cbc9eff447e8f4860b36da2c2d0bb1f9d04bd79e3afc6464ad581da6d2422b3685adb2b20bc8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a8821cb17e78344a6568262025c6d818

SHA1
0be795a171fe53247b8b8da81cd77ce60cbfda1d

SHA256
dbafdbc44bf6407a6331c6f356ea236e095142c242a3bb93b9fab179bc395fba

SHA512
b243117f589048cec58decfb4b0e533fb50875dae63d36ec8fbb8e279bbee23f058afffaa2ca78434874a13a7f0e2d5826ded30a40b5a1cbe5c1ed2a22b9ce96

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6a7cc976a385a772ead702de57add588

SHA1
8163c9cd9f9efcc7faa359e9b7b86e1b296d2c63

SHA256
41fffd9b4596b99afd36ee785c1152cec8f8a672a9c97c3400fa3602561b4373

SHA512
4d74645cbc25e7ec04994214be1f5c8f0a8a34cd1732842ee559da7641a7f7016d1b227ed1a21590e6b14a118f5c0a297250e235c2e016d91f888d9602b6160b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
93ed9ad9a099a967c1264399ca6685f3

SHA1
8dd89d6a7d7639ed9d5fd2f0259fdf3f7babd1e8

SHA256
bde0728deb2d449b7986701341d6828d2ade8a337974e51dccce53f6c6e0a9bc

SHA512
1625bbcf8c29d7aaab6281ea835a5064525bb5c8bc192e780dd4c7e76212949540fd040f74250f4e3f3d10c5645f87829186ca6a7f311217f6959382eb156a48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
304b4781840dcfd2aeaf67856d554a5e

SHA1
da615943de79c9b3a2c61a77623745bb83d1a8db

SHA256
2c477b30cb73816d319172a8b98970567921cad929a1a8aa59094b3ee0790221

SHA512
4e8d634ff69a4b8c4f5872b77502c9852e78a41ff08485a677e8e13327a06f20bfe7f74b4b755a0f314f11ff5d80489a42c536fbe08aab1aba3a79338d1278d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
19ceba958e4f95ae149a41c2e4ffa708

SHA1
3ae4287593374f7ece0d54fecd82bc2ed4dfa7fc

SHA256
49b6dd2f769065ab90116aa0711156bfb60d2d8b3c84e63c991ecdb9824acc06

SHA512
bd8dbf25eed421622bf8a230bd0a72c1b90a463dcb87d5e7433b79908b1052fa0b083f2c89805707dadb364f3ea4911d2cdb073e5a7d1cc451878b3e9d56d6ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d5cc52af5c7aab0e82e76ab40320c95

SHA1
4e5a93002d050256da4445f6d26a434b6c84229c

SHA256
080904d404f6d1028c899c4928c416e161a727e9197edf3f53cefdecfea6d069

SHA512
9e97c6657743953c55be477e99868fdba700d542c0db91d03ace362b06ccdd575989cd3b5960b084536d159a78293f2505f3dc9d000491e2aaf400ae31f7b85e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b60bdda9e741b649bdd19a1bc1649bfa

SHA1
4ef17220d063fdeb232bc614a9058d20dd9d3581

SHA256
e8b42a8612472bd3687485a3040062121021a95b781746a84c330676e92144a4

SHA512
6a01fb772c73121ab319c031c461cf1d882089d45df438e562951fc7abd7e2a364f9400ed50b3575c1b2286a27745bdc50ae829ad179a157f937e521c524a62c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
105d54dc7e0fe391e48633d94336b71c

SHA1
3652daab7465010c6f5e04243241004eba601ce8

SHA256
4936cbe40bc08b247008f47c8e7ae7743c6d4fab9488ee37bc0a9380604c29ee

SHA512
74dff079605517a79e84736755b2b377e3eebcf9b06608a24b96f3ea6f7b47783ab1e8b02427186724f46a305ac3368ebe47077eb7916056b7a56b5ab8a813c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
370d7abbf77f91e8640e7524df45f3f6

SHA1
b598d60cece3c953affdeab299eb88faaa02e429

SHA256
f317c6cac31898c59fee66969cb66bc420c2cb9c47dcb2fba4c7b0a8f2783e9d

SHA512
4167e59b61c32ed27bac62c75fe7e829638491635322ea1172456b5f039ce3ac15f44b88b0e65323275372d47e3ee1603f28f130c969075a27ae508d8f6865c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
361d5d6ee1bd159b4ae50b2b3fb05051

SHA1
3d22882ea86ef9e043e696c74089b4474b064eaa

SHA256
82a3c689c166c00b01830026f9d8669393a91aac28738357395ee5752d8236f5

SHA512
80130e17731cb9165fdb1e3e0a249f5fa4d54f7c798b59b4b111297bc331de97fd656ab1f49ab3fa851eabcf6f12db999f3b33582a0beac28bf73832bbcdf5e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9157226ae249bf758793c11b59021ad

SHA1
4ee0b576a1669e56bdd3fdf09792cc5cdf79c90a

SHA256
17b77ec22f618539486ccfcb129577dd61320cf6276cdafe3d47ed62edebb716

SHA512
51ccc87d8062bafb1dd5fac1a8ea6049417d079dd88f5dab6f8cd6c4b741de54a8e78e28dba3b46c360975d9f49ece7336c905673920beda5667fcef523c3732

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e32d128ee3a172b729f4814e1dd6e4c3

SHA1
9b012d554d086a26e2d72100fa06b488368ab67d

SHA256
14604490903a9401ff0c4eb1edec76a0545c4d2a30e7c2e02b4093a31fdbc701

SHA512
449e2404ca43a3574c4e044d9b697db6da225271410d11d5c35bdeeaf0a93af6b6adc33f84e83943512262e6a5af296fc4fe9cf275e9a21a1d183ae922521b13

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2dcdf947d2011df26268f85d8da387e3

SHA1
f538645add5af552a773bc1d0487c41037c82d5c

SHA256
6928d6c0cdd761ef68202b34e5a23ced96120976255224d0b02befb75838fab8

SHA512
9e18e7a87345039df89a972c3e1048ac2b7b252c03561bb5925f1eccc92341bfa831c03d51d6b8e529e3119de74141c5d5d71198931c8204da293ec46db66bc4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92795a082402cef62bb0f762be51c561

SHA1
7995ce650be039df530b8244e7ed1a5efe59474d

SHA256
86677c11a30da01e752ae43c232e6fe66c2ac58320991e10b7a69a0d666342c5

SHA512
5b516584f889b4b4c58419a4bfeb5d7f087053502e4a4e188807eb786e967efa9afe75c204dbc357b8f0b8f922b2bf6384d1b683174c67acabc7f7a788a40163

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3346e3321ee1fa7746b78f18fe978cd9

SHA1
349103e2626988bedde1243d22389e5ec349e43b

SHA256
ccdb159d25a9a2f29f583d56e9c0e70fc8a732da699af57f37d4214cf11c7bca

SHA512
dd2e349becb1172eb9c61aa027eab03687a7b8d88ee911c44a5c8ef5ef409fefe67f0188056d13e5b43c8838c11fd855f93aa8ae70c56861e5a280733ac86132

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc768ca7463e2b792282e41cb31f9d30

SHA1
c25c5fd9146ef5baaf298c37664935c3ce086723

SHA256
cb9043ff6a15948275ce9c71896495511edb05f1e024c2b28f2e07b4cf9fe792

SHA512
f58aae2dfcb83257e6e43c522c35e3e373db3a471fc47da84b1552bd2d4d0e1a018d359ba545925199b6642e05842a5ff47d32c9b1791ce408b0dc766d010151

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9178.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9228.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit