0191c41a06ea749f07e85a5082bbf5a55f2a47cd98f85c4acf99406c78fcc6bf

Analysis

max time kernel
149s
max time network
150s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
27/06/2024, 10:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

15971011a9a88e679104ae737ec58441_JaffaCakes118.html
Size

60KB
MD5

15971011a9a88e679104ae737ec58441
SHA1

00e8839eedd0c7c183179a43fc59b00d287de1a4
SHA256

0191c41a06ea749f07e85a5082bbf5a55f2a47cd98f85c4acf99406c78fcc6bf
SHA512

7af32ca28022724997b0513f8c1728613a95966008a14210484c02340b3a598e45f14a38e4b6b0971c6fdb7e290f678046aa91b08a93a923dde2d8616a79bf59
SSDEEP

768:jF6PdtsSJPMpjFgG48YyJsHp4og13f6565NYsoXUOzeXIEhp6QYxe/Z+smnPehu1:JWzMpjF2XyJy/2Vqeh+PmeD+HNAhLtPR

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8DE49981-346C-11EF-87AA-FA8378BF1C4A} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "425644500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1688	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1688	iexplore.exe
1688	iexplore.exe
2660	IEXPLORE.EXE
2660	IEXPLORE.EXE
2660	IEXPLORE.EXE
2660	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1688 wrote to memory of 2660	1688	iexplore.exe	28
PID 1688 wrote to memory of 2660	1688	iexplore.exe	28
PID 1688 wrote to memory of 2660	1688	iexplore.exe	28
PID 1688 wrote to memory of 2660	1688	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\15971011a9a88e679104ae737ec58441_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1688
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
8d1040b12a663ca4ec7277cfc1ce44f0

SHA1
b27fd6bbde79ebdaee158211a71493e21838756b

SHA256
3086094d4198a5bbd12938b0d2d5f696c4dfc77e1eae820added346a59aa8727

SHA512
610c72970856ef7a316152253f7025ac11635078f1aea7b84641715813792374d2447b1002f1967d62b24073ee291b3e4f3da777b71216a30488a5d7b6103ac1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
8cc2ee066b37bfec1fc86ff5d4bf451e

SHA1
c1ba8ee05ff49113a6749dcd68efa2e5661a7435

SHA256
f020f6943b5c113277a82a97684332fb932e4474988f2fc1b763289d72bcc92c

SHA512
f99534f4f2d19adb0e585927038aeccbcbcec020657d5a484b3e3204bd9ae0b917c1d4519bc9bdd20d9f2a3fe37ba48068fbce2be0077ba65092217bd38e1a3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_93F700B40012FF4C0F26A49DF574FB57

Filesize
472B

MD5
00640b3df4f94daa9c145f67693b3a4f

SHA1
d305ceefe123b6ed8d50f8f75db35384e988775d

SHA256
15224adb16cd8df030b6a869e0c096fb7e9ca001d94f43539c2ec5ccbc5fd979

SHA512
60fb5804ae63419d719a340073d7e81319c7356f552015ca8d7dbe4b5ec6c189747554745421c32bd486403b8f53b45163fc3f5bf8bb1c0ff7ba49b13db39eea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
2e309a7cab77bd58123fc6d14328873a

SHA1
dec3b43f8971afec6c7c6e5efd35412ff98c0aa6

SHA256
4525d0b727ab971011d8b5b09239aed3b465fb54cde1cb3e79e0988ed0819b82

SHA512
6782d0951d868b122404454c1760297cbae1e6e704e91b474314da90072d4d6365ffe6f93183e6c07033228c5ee63c475276e677e33a221bee9cf114f58be7a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
6aab6e555694bbf5da3c93fc8fbf38f7

SHA1
65ac8536461eac8e1b2837e97e5af8ab75a0ee0d

SHA256
be526ea5ffc2e3d2b84b171a1ab4021eb62ffb7434a87461e65df1ea91fdd159

SHA512
2b7888ce800b881f2bd8bb2647e0c9724bc6aa02ceace20353ff7b1a863e44f8e273c4dc9ea36127671a0414935d5a67c16e9d5685bd84a2c23c2a5d2ef9858e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
8836331ca681b6b84a87cd50edd8e992

SHA1
d11c73c0a47e380c27fa926822788e184ffad2fe

SHA256
cf541394739577f46de6b4515efff313682f426bbd2520cef044ad2eb98a849d

SHA512
f8740dceff438deb7aa78ef30824f51750f19760ffb421cb7b82937ae4b5c8a705b05344191d8992b2ab2e1b13ef59423b41aa8d26c781e0063d52ec480bbe3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
4dc7607f82d28213616e8d6b10c8d353

SHA1
75072c3beaf9694b7a9bd0e46092181373514c2d

SHA256
f1e799b9556c9b6fe37a315523c13262d294b8bc970f0ad740e44d34948af8e3

SHA512
9ed677d59698aab5f4ea877872b67088d153f52fc3744024c15cd6d6d322ebf9f7bf28841dc56e8eb9f58fb146ecb7e5e6da4bba67c4adcce72d7641788bc260

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
15db321f4da17af2c600417cf5113745

SHA1
acbe3920427df63f754fc94c1f0c87a1fcf83f94

SHA256
81c174a931ead9669a6ea6df873cc540aa38bb2e28a3e9481a03529597b7c9e6

SHA512
7ffd75f8f674f049482bd505ad34f7381eb3f0e49c0328f4b06e726a9993b54b902cbb2e277b292830da1d22640e016e9841f8fd1a5e315ceeb5d4deeec3d226

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
719566e15d3421782b366346e5f89633

SHA1
29db1233b3957197c627833045ad669af82525b3

SHA256
fb044f5615c0c4698cc3c2d4ce896f376fcffed284afa81ef31d1de4ad1e6e17

SHA512
0f5619cd1f93c24b5b3fa98e6fbedcdb4c9408cbf5fc55ef8ab6218534b5a615839424c8d95ee44cd0c4ca665cde3deb5b5628a4dc57913ed733180925f37764

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
68f64eba544b9ad3a1dd311ec6b89f2b

SHA1
fbf71e8cde64219281d3aa5b74753537985db398

SHA256
4d2e0998a848f113530300fc4922c16e2d9f5b394c669eee6b28c51aa8acd8cd

SHA512
06a83fb62794bf5fc60c153345bf9e2aae7285b917cab3a9f0c033f3c38844f65dc1d9f4dcf39311482ab95f29402195b587b05b5545668faee1d8927847f0cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7318d06e6835a3914dc23a082274f384

SHA1
90affb7cb18abb5892f1fadc35f53cded40c0f2e

SHA256
dc1c19dc5b81d472402e8d84ad156ca0981f75c9791ecb2c4dc65e3bae61f4f4

SHA512
396957b772bf285af0b8dd6fd7a7e1d1530146dda9d4886792680949daf4c92068bef7abe9079e87df9b794b85b2ae1aa65284fd6600081f6a19713ab9be5c70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
96a1e6779f0b9193fa84522f207b673c

SHA1
f7e606163e68ff2e89723933b7b079ca3e790f10

SHA256
5953b70c5551ff9e9c2623f1a00ff5e5387fe3dbc7ad7239067dfdc94d154924

SHA512
e65dbdd0e3bc0dee89381f7c90657944e2890c8be8efb5cd2f5bc4f657f7dd4a569492a7424821918c6fc40dff69083b0b0897ad3f70363d23f85cf9d5331979

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd6cec53b489a8389b87280321914aa8

SHA1
edcee41c6504bc63fe9f9060ad5a3366b9e6f488

SHA256
4bc564112fb51c0c59ea09fe6856301269d319e7230bb636ff95f6128f580a58

SHA512
fff65bc277780dec9629abd2785ab0df6c0ebae33b8a2b053451814a0c3f3480fcd14a9ca8ba1844158657e29a04f70adf5dff403c9a6f37c62c410a73ba7c90

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1232ca3e7a457351200ccd88914ae96d

SHA1
545f9c24a2c1d708a47a57bdf16384196d9215f8

SHA256
9b8ba62a837351e9538de1c51ef903d11bf143979e067d8ef2fda7f78b4c947b

SHA512
1105045ff48c123de4f40eb0918feabee4169374d23a42db59dd04d8177667a46ce3aa6275e0935594baacec3824f368ddaf630118bcbbf34bfe2e04ad547e0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da24dfabb704f15c341d572defbb1816

SHA1
bb67012c7f346c00d85b982995a467c949d99043

SHA256
83bb367d50d5b40a4801b5d3dbf8eedb9cd527436875c4a6d3674eb8ded85ef9

SHA512
1031d71e04364bf030ae6ea7ee0018ae0d0a40ead2f122ba7e972ecad1815f8b64afea4c53933f887b2a3ff238d666397a3a7932066fbbd404a422da67a558ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
73ab517b9a9e3962bd3a1c8111d62607

SHA1
031558d5c49a63015111a68d6b08961a501d224d

SHA256
b5fdfdae2fe080a4d0f3b47904054005c9c0f25833faa248afa9a6f47fa40305

SHA512
521a44f92b635c3912fd9d17e08450821d98915f4d8b6428f0b7fb21580cffddd5ba62fdf970b90336db996a974423b1737957a86bcef7fefb76238e41d94960

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
b124bc05ea418adf864886a6adcfc524

SHA1
c5abc1102ca88de6c5961a637fdedea4962576bb

SHA256
4bea2c7175127c13da05c3670def4a57b4e6c0f87f4854f472a11ddd3c931e4d

SHA512
36975f031138c5f6ef536a10705e1d1be53e60885eec55311cd8fcacdd57d1b8bde5edf64a620763a43f897d1b2e28ab259688387d7a198ad571112c91000b4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\platform_gapi.iframes.style.common[1].js

Filesize
55KB

MD5
d83afb0922fb4984379a8bdf6757648b

SHA1
674788c07167478047c05846c834df8aded48a62

SHA256
fcf5ee3a3bf3e4bdd8fc20ade771ae224e7e2a3df1f85c8df7c97b187ef34cc7

SHA512
243ed1decb7ad63c44721867fdaf172c3cee950054193b813136ebb2a6b78cbdbba92917bb4f0a5d473e446ea0ec54ce0412bdab0379a9e881ac1e07e696e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\cb=gapi[1].js

Filesize
136KB

MD5
5a7616280268d3642196c89bd5a7bf00

SHA1
0350f9555271f57d150da785524e095a7e8eea56

SHA256
276ab13834ac74ad86344346135288624927cf2e8c5cdd589bd4619fcd467c44

SHA512
76381e69a4c24798b68e95dead45543e0f685dceda39ef73d49a65261db91d07c8aca0171b97cdb173c0f21d52aef3d6c6699ab62d511e3796dfbcda4b26bc63

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1DDD.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1DFF.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1FAA.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit