254d2619f3d27d5bc541dbd809803400690dd0b3999dd9ddb9a1a4ed95a44767

Analysis

max time kernel
136s
max time network
133s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
19/06/2024, 17:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bd6bbfff711d7d1b2bc092d2b604c14b_JaffaCakes118.html
Size

1KB
MD5

bd6bbfff711d7d1b2bc092d2b604c14b
SHA1

a6bde5ce1adba940ee7c3a222d92abc238d955f2
SHA256

254d2619f3d27d5bc541dbd809803400690dd0b3999dd9ddb9a1a4ed95a44767
SHA512

08a60ffa7bcc6a7e1584e7fc0ddca05b961608b20fb80bc8185889690eafce045f5cf5bc7af91d579b26c9035c68ac288a1a0e304a8479831872be9eb7567e53

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 3000c0376bc2da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000000e8f1d4c6bd184291628e800fa6353cc51f3058b897755fd477f7c7edebf6196000000000e8000000002000020000000ea869d0decd59f0e29469baf5c7c1218ba252674ee7f646863977b33cd49f7922000000047bfc704934667418c0d413edb275300e271e58483e3eb5ee85edc393a827d0140000000b32292fad6a0d0954e65e61d84ccc2761cb9fbec84eb5a02728008ac3dfdea90b688d2de9cf7246b04010cb106a78feb4bee510925fe8c071ff86e04b51c09f0	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{618BEB91-2E5E-11EF-AA16-D671A15513D2} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424978707"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000002364bfdaf6d82817896bfb19955d10a999e76d14aa24251c79ec9b8ee80b04f3000000000e800000000200002000000022783adbb8efb6e0d51362eea7dbc1ca9bbc272571ade55ccce23f51ce49652290000000588ad0065f15076f69fd44c3a8ba75f614dd8c52d1fe7d879a001c757771aee4fa1c40a59414664b5fef696bdaaabd96baf2e0993a499c653c1637aa1cf57cb5bef12ed57d1f97f1734d7a00fbeabeae2fb5962699a60b598b420a8f8e4ebf3a60626a74926110e271ea631d9073da4f49398283c0a3e45f162d97ce4017b8ec3d76a0497d23a474e20b8b0fb3f8068540000000c18fffbea3880878e41f9f434ab8a144999015e177e9290c6e1f6e47d9327162c2a9580513f9d24d17faef1d9f957da6a1f3137f0fb0e2ef9aba9ac6b612da76	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
836	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
836	iexplore.exe
836	iexplore.exe
2016	IEXPLORE.EXE
2016	IEXPLORE.EXE
2016	IEXPLORE.EXE
2016	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 836 wrote to memory of 2016	836	iexplore.exe	28
PID 836 wrote to memory of 2016	836	iexplore.exe	28
PID 836 wrote to memory of 2016	836	iexplore.exe	28
PID 836 wrote to memory of 2016	836	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bd6bbfff711d7d1b2bc092d2b604c14b_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:836
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:836 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2016

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cc3d5a1806f91d431f41f9e29e0704f2

SHA1
56be7af7408fadc6faab0ad2284f0806a624e989

SHA256
38ba7fe02c6d265b963b05b8175e9a89e136f42c02d627938eced2c36bc7ac2b

SHA512
be524bada3a282c7a4e30e5f2fe596974c7ed30a8aec9204b5f86233bf84ff628fcb5ad7b2fecd4980f50147f07fde63eff1cfd5dc318066e6eeec4d3afbb047

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d8f200721074021c84d96dfc3c83f35

SHA1
e79f17e069aa38c5025a7244c7fc7229b314a24d

SHA256
7c8dc9f5d061a4a9d0adeed0f4a8c8a24922a2108f554964c850630c9540a262

SHA512
f491178e24df7e82fd75bcddd8c07d7a52ae3483f5fa8789243d85ce36fde659fef9411410857e2b109a273fb3f2ee7eeecb8bc2b4aedf9fd704326621301f23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c739f8334e8edb5cf3a55546f2bdac7e

SHA1
44842cefdd5f344bcd932da125aa2301ce0e38ee

SHA256
1c4a84b9407f9de2d7c798ae568b0bf7f36df8465eeeaac8e729f55bf1802f23

SHA512
b2fa222d582e2449c7b80e58c9f46c1f5f62495ec7d1a12b1d00d1f505bcb88883891829d204f4a2b7f98e54cf7a1bc48e5262bff4d747e46b458044b7bb7406

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38020066b2ef6e7e5204102f4ea6a176

SHA1
69be52a7baa979d86ab5d2dc3a4b68f9511f2a46

SHA256
71f4bb34bbdafe891a23f046a39c9566744038113be3a2d514a11e50f460f97b

SHA512
3be454a6618991c5a46bd42cb338319f852d24ff99b25664017c964a9825491e5207ddf3f791a03b048bd1ac6bb5fabe68c01cdfead241824d9acdd630240f5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fe04749c6de45bdfd345f8b92743484c

SHA1
f65e80bc712d49ce610fcf22a6cad6ee872b881b

SHA256
7c8d9299b16b914139bc81c96c4f64d7fb11b34e90a02bc9ca3c5eeb1f17896e

SHA512
861b67768458744a4c095c203461b7510cc72c174ebeff1e927f1a2c6fa7571f2987a025ff7fe7a8b4b9c0374835924b2c55b92fca10cb233415daf9593b46e2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
98fe08cf71d840d7e42cac1bd84c6b75

SHA1
fdf4eaa59c064ab1bb28f01a6bb728f408bc9298

SHA256
a00ec268feaa7be5dccbfa9a2d930cfef7ed08675f7dbd693e7259734acdde42

SHA512
e84d7fa17b0309819edd40b8ecdc440befea453c3a07f9291dbb4a716db7db63039c97fabf9ba0d75efcbd9b2803447c28bc8d56c5b66fb83faf3d2f9e9c8f5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
91cbbadca574ee94a683912ce7d0f325

SHA1
a1cba5d62dadad107bd738929b286e34a7ca31cf

SHA256
be9f423f1ce49f492f4059f1a586806f605c18bf98afc911cca6b3f68ba040f6

SHA512
7c9dddf57a67c9eb50b0505789ce81ae45a4f4de7fd3c5b3bf733e92facdc765e1e9e9cbee7d293e250ddccb39ad019793909e18a7217a969d71196e19e7da30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d68aeb5a578dbd23f1ba28267ab7b54f

SHA1
7084fc175f17f491424599a6820a2a2f73946bc5

SHA256
09915095d64065ffcf384ee6fda21a59ed459e3b61d90c6a855b8385576f3b11

SHA512
ff697a25d347294ec9887813f056609d188c8334332f911bb068546debb61dd53372cd051acd63057adb207b7a772efb6610236099c5a55539037f103e2e88e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4721e6e3ef87edb67614b6ae91ca205a

SHA1
61ce00ab9bcb6745cd12479b0974e7f582046f5f

SHA256
2580f38385b3a65778575f4810e8e7f671901973ed52261dd9b57138d412d78e

SHA512
cd9b833926e33faf722770ed184d6d250d140334aaf6cb04a2de689f73ee12e25cbcb60625d4488b6fcdf682c605556deab1e4ca8d0b475c52c8a17a79ac666a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffd2a3ddf6a1efe7833c5c91905ee130

SHA1
03d1c21c4a333eb12366344e283aac23fef75d6f

SHA256
0211cd6541bf3977f2212073d01bf73f020d98961790ca014d8da901d9c30ac8

SHA512
4c641469f0b2370b6de6904bb73e08240c78eeb4cb4d6a5a8dcd98f76f2c5bf66b93ab205a58addfd5fe5957b7f360453fb3e6a204549aa47e70b843b3982f30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
63a008ae6c762c93120fa98c066c04f5

SHA1
309bdc0844a7ae535246e66892957388e4629541

SHA256
504db59ba59511baa9a7d7d61959a25dae19e7be2458dea23aecb0bf0e69fe22

SHA512
c5b78b461a3ee13bff2e0cc71f8cf94137fa0100f2794a9e4a480957366e8dbd8a4e5739ff871af16ad9da3ca7bfdb0a38547894a8f46f1cee14eb2c770b7753

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
686e8bea71f75d5ea247e2eff330047c

SHA1
f3889501d17e5abbaff92820dc8aafdecd8b5441

SHA256
a07bf9239c4bc3155b55082bd967b2c0731aea384eec8bc56a8c7e78096913f9

SHA512
2f4d67c2d52d70c8c6124555ef5e4ead443fadaa9fd1f028b7135c7c41c10bac9c22e477ad38ff8167762f10ee8ce74d66239ebcbce1821cd195cff62f6fe6f0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
46b099933a02dad8444d3445d9174b7c

SHA1
6f41b4446221df70352f4e732f0553a91808aba2

SHA256
fa3ae55c33a492aa782676565343286964d7bde7f12997c9d501c0aa83b0a4ea

SHA512
34d3fa93167d2c3c7f8f3e2b93e872c244feb0b44546ae89553565646ed4bd1ac7a2c31fdb24f55e5339849eeae11c36deffd3871f900987e6828c0c92040d56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0b0d214c3a4adeff80e53981325a3227

SHA1
615c53b10c9f21deee82be885b099941eab8688c

SHA256
d93e082d1186d1c62d8fe29749465f24f4283e6a8c41521704ca8f1b8cc26d7f

SHA512
96bbc35b2fa4a44c2b221421f70e9fc39b72ad1a4a6674bdd9e6739628cdc8c48f78462a017f82196a20e5542d0f4456049d04f7f7db05870c751a882db43831

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7283d524966acef05eb0e5f899960bf2

SHA1
c2dc479e0843bdb61212f6a1d1d6237d87052cc6

SHA256
cb6e2d0e9c632ebc6a5f19797883bf8a57de743deb5c7bf24bea518196e38f1e

SHA512
8d3e80b87b61b86766a7cc22bb501ea692bbcc7f4b06a350f3b63e7fdd00209921d3791c9fb4c95010b4d65f7c735a95793d8a408d8154435c4685ce080e881d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cdaf91c092c2d0dd01e29f7b9a2f9307

SHA1
646ca06490e401d185852829a3f028fb8fbe86e2

SHA256
62d82a86b4916ad331875cafd22a04de734689230707298bf4a3259b5e7563b3

SHA512
f684fd6c7f193951214d761832811266c0b8616ee801623edf9bf7a6ae586695837b650d306a7b67af8e8aefb2dbb671d6a252c2ad01db88f9a8c012aa48c8d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
19c3346e2cff6292299a0a74fd3a2b69

SHA1
1985b8a7ce213b907a8822287248995e2cd581c2

SHA256
b7c5486715da780b5b4ffabd3fe7da3afc968e06f955b1ed564290632f0e6be8

SHA512
3bfaf1fff92463636dd61e0708a7e8052b209c0a92b5a1ebec318be397105609a33c94effe6e4d0dec9be4041ae632dfd3c6cb1f0b75915b52c3da2a88381323

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c04921f52c2d121b10c995dc397dfd46

SHA1
7c5bd4dceb73f8bb445a9bd93c7772e9bd691c0d

SHA256
608781ffd2f9ccaa39ae3035302e18c4075f15222587c61dd17bbf7030945c0f

SHA512
b3c2bc5d6d114a3305dd831ad4ba9fa9f3b3294a3081565ce4eb5ac4770ded0bd9dc31542253f6d5e9c9f0c0516b0c324351481f5aab6d88e08bdb548f3c8382

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8AD3.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8BE1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit