94aca3c9bd1eb4f842525c69327e47db3c6f756991ebb5daa398597a8992454a

Analysis

max time kernel
121s
max time network
133s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
12/06/2024, 08:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a00f14ee5a56546a95e37d0d95ef2d13_JaffaCakes118.html
Size

2KB
MD5

a00f14ee5a56546a95e37d0d95ef2d13
SHA1

a43675bcbe68ed487e7eb10d93c19223c410db65
SHA256

94aca3c9bd1eb4f842525c69327e47db3c6f756991ebb5daa398597a8992454a
SHA512

01fbfa05daa15886f54a60d5c365472621e2beeebe758a43d3b0c773d5a0c311f84d43a12a4c5bd028c5ebaca07b4e7ec9d8af0c396c4d7e06259779535c54ef

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2B37BAA1-2897-11EF-BE23-DE271FC37611} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424343389"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0863019a4bcda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000008782b7cdd38e2fc3fe9feb0dd2e205a2a25021746fbe20a12055f75f54e6ddd8000000000e8000000002000020000000af2350bfccebc08070d5ee2d307f556a121a4f3481599b4ba7896108abc9464290000000cedca3b30d7ff040dc6c4f916df86cce7bfbec8a12ffa3cebe10aae268104c32aa18d3180e0914133ddd3078f7837c8f313aa84dc57800576c290b25e8916817c884c228bbf47abf2bd5d0bacdd02b0926e41f0b4420354520ff111db016ab4a2f8c1f22947bff366c94b82887221266d444a6ebd99f6c79986971d20d5e9e0fa6b62f5a988aeb2059441bffecfa158440000000ab7ca13a60fbc810534c54381c6b880d3b410f9e114a26ef2185cfa27ae829c6aa3e2de9612d9a204ff56cd6f44c33315fb6a73f8bdfd8401020ea547cbd8233	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000001a50e0485ea8b2b5e8e8200b795705841416dd8f1c5ad01cd52cecd551130dff000000000e800000000200002000000099691778cf20d5c4351ce01ccaf8b561a707285116aaf038a094ad3a29af271120000000851650c65acfd00a6e66fc366d2f40b46bdfcfa8098eba6bc35c215d0e1a9a094000000009918367b52440cd8ff31b67c19055b492bce0ab9b3f27bb16ca083e2f71e4efbc0bcbcb2473db832a3209816cf74bf2ff49206ef961247fd949a13c4f6254ec	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2536	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2536	iexplore.exe
2536	iexplore.exe
2328	IEXPLORE.EXE
2328	IEXPLORE.EXE
2328	IEXPLORE.EXE
2328	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 2328	2536	iexplore.exe	28
PID 2536 wrote to memory of 2328	2536	iexplore.exe	28
PID 2536 wrote to memory of 2328	2536	iexplore.exe	28
PID 2536 wrote to memory of 2328	2536	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a00f14ee5a56546a95e37d0d95ef2d13_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1f3438c5374d2f9a446bc49634f54920

SHA1
79123e6c64812ce47c48efd28ea001624507c987

SHA256
a811b33a31783b9ffecb8ae5000a2ba9ed8b07448882bd11bfe16cd84efde4f3

SHA512
109adc0b5853cb910f9d9044e94ec7e504641c786f4ad9e1422ed060d39e383da2116f6fd899a318e7c3c6eb8d1005c0811b08c860596d81a47552d5831d364d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8e83816e3aa9e6c55d7e8da0a20c01c0

SHA1
7fe5d90d026865611a596535adfe515d5cc04aef

SHA256
107150f42b941c9b2b3913710577d2904182a4423d3d5cf1634056722e9f5d8c

SHA512
31254de8b64109ad570c2e5c712adfe858601c0cfe08b22388d372d4b0714185382b05bc12676329ca79bd83210d7232b934cf0f8660261e2272fe536cd2e20d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
098a7d5754b2617d7a1d969ecf3078b2

SHA1
a2a2fa3afeb464f4295fd5d0aeb4bd13beac368e

SHA256
e52e58b013720cd97ae559cfea33240055d66c65ec03c3e1caf9e813c2fee32b

SHA512
c3142eaf19d65ff1b7bf1079b9c49d75ccfd2fc7aaf73ed635d3ca469052ce2dda4823b56ac4756c9aa75c9d947c1fe68e21c6cab3ee43e25f91eac94ebd2185

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1f291e53c06b4bade424b0ebd1b7a1a

SHA1
650b553f4183daeee3466bf8aac9f8451bfbf902

SHA256
1d6c763b3ad77ecbf0c1e5624ec2ae6ec0d3c8a0dd96f6ccee678414d1505824

SHA512
085b3956520610e5dd0f813d17e6f917a5f217b66fe583ee6a29731f2000479a9a23d1ba7d3386be4ec1408e2c98c33d2396bcefeccd8e189808f9106436d1f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e26bf44d48c8b813dc030ddd13542a4d

SHA1
77703bf11bafdb00702ab3f8c0a7c37111967e26

SHA256
69888c87c2b8ab88e77d15ca82c330b1e0dfa641e634267daf9e08b1869e8cab

SHA512
eb5dc0c3fa3bbfcfdce3fe496626f66ce8fd8969fc92cd10877f51c0ff713afa5f8e3c4d1ad5f282e2f33a3b11718939e53a2f9d74a95456fbb2e2867bc1e363

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
536ac1cdc015c0b01678022ad40dbd98

SHA1
20996b697ebfcfa45e8043151e42d1d67ed25ebc

SHA256
5e89c3663e7d1f000cdded1917606f81ccea3a7feff02c3a68d32961537abcbc

SHA512
baec9030a6e3ed9ddb755db836535cc2606afcaf1c7d22a90ae41a750988f12c7665a143cee265c77b8d5e05003d68615f65d6754426e3c598a54d89668da033

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ebcfee82421e157a543b04b9e79cee71

SHA1
e3a19b833eef9fed489c2c48dfe886f9fd43cbce

SHA256
3029c1eabf3cba3214fb13f41ce0dc1a75bd8dd8c567adaa1fb2d15bdda2637c

SHA512
f87b768fc91e75ac4f6abf1978169b63cbddcecb3e32b245b0cfb7348084734db3665ae775b46d3e1940da469c75ffc62b0176e8a6d582304e9a9af69e893ade

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7b34accb9a91fc5155703d09908dac74

SHA1
59e87d0b955dd21b10406b8a13be6edde7d95d3a

SHA256
c20a2e3de1b31dd90a495eff8c27ddd784024eb5feb24452c45ec47937546dde

SHA512
6d5235e7c940f93e994404bdf8554c7f1cf6332361ccf108c62e54341fd5ceed6b4517f2e7245156b590f8429444f4ba11f7999fd850b58f562961bfbab2a7dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6a058c449f9280941bee0c6628df636

SHA1
5ee86e5a4e952e539c3ca08fe1a4d57bf3a3428f

SHA256
92419953570e3a16e967827f44814e22c31fe23abde5c0e1c21b0a764b12042a

SHA512
0f6181d5fe7790cf619afa3671755427f1de2df65e1a66f3b25064576f33a8552d55e5c5257be8b96169bfd2a101a36993bf158c7dc6f25d44fa9f42311a1074

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8908ffee58644e06cf050969b90659ab

SHA1
d8a3f40a8f21e80911bb1642203cf3594998e577

SHA256
f1c72c20b97d8dc3b66abb2be6b271e89b8783892807397ed8f1fbd531b64daf

SHA512
c634a66da0fa11b9e7eb1965cf6b30b3b686a41ec608e5e76039c3a5ad700a0b8d08dd89babbef33095832a8336f7283e844962686962ed483640eeb5e1a5b69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
225ea17e8183fc93ab339fd54adca6b5

SHA1
eb3c36750c34ac75122dfe754513aaa21445db52

SHA256
847788bad3c96052ffc7f5c57f7d3b046272c9939c36223bd4c88dbbe6805641

SHA512
30a4ba1e79efe29325c61b43b5b871453ed9c863f36b68b977c92a672308aae2ea1d02306d366593e50df88fd2a494ccf6b1feefb269fd5950e3ec684e09b3c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38e6b434321795dd0fa636fe55ed31c2

SHA1
03e6e2190bee1df375bedb35452ebc1452f3282f

SHA256
3029ae1c87ce19f5b57b06c1320db7df9166a16d4dd8d467ff47d6cc1ec90ba4

SHA512
c67340de26b3baca5067887518eb131a64f9005a96d91711f583c2dd1ecabdeffde6526067be6a1de56326f4850d828c1df7046fcf348cf80bef65e8d56a9640

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b82f49a64912ef070edb0907724f2e7d

SHA1
eb59c9938b71a7d779b5694600047c85cbee8f85

SHA256
d6d335c7eb4db87b566473c44fa4c3b2130c38dca144516f6aa973c9cb01abed

SHA512
22ac49f4f8e59c7c7d0d392ab08e1f172fc2b42994e839ee070e31ec640535c05086c2c805e53d8c52b417554a9235f777fe4b293ef314add92471bf4adb6880

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce0013a6ef3a89cfb468ada48b5dfc77

SHA1
6cdc011ad2ed04f02e74dd16156a2408c98b89ba

SHA256
eef477b6588e2f5a10dc2b3344d2d9e2d33057fb81887990a3c566caf0114af7

SHA512
e149d92ffa4863cae58ec93bc465469c7b8399146fcfb05ee9e2fa419c1794fdaba8fe5c96aa5f98a15c597cb76f3e744d6ea887122fd3a50b510932e119c733

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d314ef3a88d3968fc6456261300a12b3

SHA1
c95bcbe78ad21cc63a5c3bbc2ee67775f9a1604a

SHA256
eff268be4cdfbd467195e83e44be78e216173248257de9ff84893c500cfad636

SHA512
c6c235f6bdc28b62aa7c787d3240d6d15400f21e9bed3b4a65b682dd3c44dd887d201e51311a8e98f3e6d1c0bd4885838a0da72745d13bb6571f21f617567da9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0f803197a5df3cfe533e20cb41bacb8b

SHA1
d886d898b439e3bfff005df8bec484ced7267bc2

SHA256
ba46d3fbedf2e2d9d182cf93d0a3c2c21cfa17e00c79b22f6ee2059cbffa8857

SHA512
28d8d642fbc0a45b145a971127ae0b0a170b4b4ca025c6e4cb9d99122b7ef2030ec163152019a9bf7f020369dc8867d65c02af5efb7da6aa2e9f5a0f80c6df27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
de36ded470f7fe5b6fe82e3d49ea0a77

SHA1
b04f5fb3905290016f2ce0d7c2784a9497104ffe

SHA256
809454ee392ce93ff0d627c59f64397ceecac78d302f38122c9539ea2686998f

SHA512
727b831213e72d265559dc6098d1ba017c806118f41b04ab7e3443682554e1bcb44e64e8df3c5e2ac98698514f1f7c291d175c953c0ef240318db18e832eb90b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
90f1aa19c98eda52dd023cc860f67fa9

SHA1
e47523c064a575cb4f00d4272d2e63621ccc63b2

SHA256
7d2820ea0a6f262d74916153ba4c26aec988ad7946c1b862fc1ec75630d80cf9

SHA512
076e509d8b0daf0fc8a607d76fcd81a1cc2c044ebd77e0d42638117696d8a5dbd23eaac5bf5d913c9f321f70ddb3f064f22ead708e914459dbfa20117188f058

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab36AD.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar36DF.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit