d023307f60758f49221faed24153c8f29597c39a828a3d316959443bbc52e54e

Analysis

max time kernel
117s
max time network
128s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
03-07-2024 10:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

21fe5d433c83688a7d3160660e36b712_JaffaCakes118.html
Size

1KB
MD5

21fe5d433c83688a7d3160660e36b712
SHA1

bd90d5f84b55c98478aeef3dcd2bed565f77f02b
SHA256

d023307f60758f49221faed24153c8f29597c39a828a3d316959443bbc52e54e
SHA512

7fd180d5ba95c0ee8857523ce6d2e40be75565ace458fa0dd2213fe553b2c9a040c3135f68678b5c1914bf58efa81963e8302303d5abc10f6372fcc0e59336eb

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9B470231-3925-11EF-B44D-5A451966104F} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000007cf3b29f10466d629cbf85e4c37c2e9b4219b818a449149214ada33fefbe8b05000000000e8000000002000020000000f7a7f68f4af4e9d2bb9b87a256aad4dadcd841b9bf73372e4f27b6ef098146222000000025ae9c2af7c0e8d95ad3ea708008694739a584895237b21752f157e0baf3b35e40000000b5fdb9da939a3ed7141212f6fcaa8878cc8a4bc016917fc6b60f0c0361f8a880238354c817697264ba2774a154d15877eefd8ba600355ae66c9336486fa79ca4	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426163782"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 605fee7032cdda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000e4c697237496716aa1cbf822dcf66508b00636ac5de9f4a9489a58021e2553ef000000000e8000000002000020000000e0072e9fcacc624bf486125d9af89855371c80dc0bdb66b4f4658092c874c63d90000000e86c149d5656063ac6e59dc3b942d5e20b2e379b3b7d3a85bd27af9d5f4807ae1049fe79988f02bc00fda91881212a6da5b26365597bde683d22c0f957c0f59f86f7afce4af236981791c5efd04a1b5267c68f1cfe6b78294203020ac926e9b0eebc2845af8facc1ad51005365672d62000f94c873550fc0d6d0ced2a38ae1313d3be010a8ec9d1d509c469539ef9ea440000000affcbf5c91b30aaea8e2ba8ef2a2959d248225229c15118fbf63dc120763aae44a4f8d1082da064bf352097a313385f5aafc13ad381bc71a541e2506e22fc7e3	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2952	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2952	iexplore.exe
2952	iexplore.exe
1388	IEXPLORE.EXE
1388	IEXPLORE.EXE
1388	IEXPLORE.EXE
1388	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2952 wrote to memory of 1388	2952	iexplore.exe	28
PID 2952 wrote to memory of 1388	2952	iexplore.exe	28
PID 2952 wrote to memory of 1388	2952	iexplore.exe	28
PID 2952 wrote to memory of 1388	2952	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\21fe5d433c83688a7d3160660e36b712_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2952
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2952 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1388

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a9fd613784febd37f623f308a018ee7d

SHA1
19505348a18c0d17898c4f1af81b83c95a494ce7

SHA256
c91985135d6724099394b2ba5e341721713feda250b1d2d777b9fa78eca6a23a

SHA512
9bdf61faedd44e9f86c4f67468a7ed20076822f2af435764c087b52a9404d57d7109809cc1c321f4de5b53ab8ed3aaa4b56d1bcb4dd734757b1a7125d485b851

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2de8adf27e4e3df9bf6f1f2d736aee89

SHA1
25cdadec97da1000ae6f24486352174e1f9329f1

SHA256
51827b8eeeba48bd18b5e246d946c3b7d4bd8b425c27de9330ce00b74131ba04

SHA512
8e1f86ec79706a169c0562c843572b5ef336559b271455bbe55bfcd3ac6ebec440d4e9ea47da3f0b0e51ab9519693ad633ef8c1831a3c5481fab78131f3bc253

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75b8bc9e1a04735a5cbbbbfbc4169758

SHA1
9dba3c2f0475eee233d62293b6f01a6d0f7c0a79

SHA256
1b3834c000131f2991ecc77c58c73a7da7a24b56bbd6ae7babb537559640701c

SHA512
ce353b8ef9ff7495472ab8c7e21a3927e028dcb27d671abc5d050349a7d906334cb5b4ca20a11aedcefa34455bb675145decf8898b6db17be66697a63dedbdd5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c0f3303972d6ead19365485b008c41f0

SHA1
7107de5f2447298b29ee817f29bbbc94990abf8a

SHA256
1b70e173e0aaae53b009fdd00fb8714fa851cc31cfd8d95b926e32336d0ee1b9

SHA512
8dac6130f2408774fcf63c0ff2ca26daad9b6178b643f65d911d31fc6d99fd5d15e302f026112b81e4147dcd96577f4726fee71abbafb78f310b43cbca50cd34

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fb7612a5424571ccf120b62b83ccea68

SHA1
ee95556e5e661bcf69f4118596a364706de72d9e

SHA256
09a843adc4a0ddfac5110de5b12fadf475041ecc5877d60b8a463ebe3a1fa1a9

SHA512
b49593f371b02b002be1a5194c1d37168eeb661096d0b641f9a820f0f1dd765740a49cccaf926235a78d82a6255062bd2e360c0d801d66b4ad61818e84fc68a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ad8db3b0f3c7463f2a364feb9f2359f

SHA1
21f40aad0cb5bce027a27f5ac3cbac1bf883c3c1

SHA256
7ffa9bb18ad0b40be7c0ee2cd0adae12b2ec1f999fc339d329fbb4540e7bf6b8

SHA512
23992880a3e829caa9b2180e1b7d301dbda9973855152e134a6f4f4dc3306c7a756db143ede858d91c8acaeac7791bb40bcaab2dd4ce69ae2f2b75714514aca5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
63dc9ac5925205c1e72c101366f911ca

SHA1
5859a61b58366c3cb6a567499edbe0a619bddb9a

SHA256
57843d68a47d37aa6c28ad5c7882a470635decc302631a46e958609d59ee352b

SHA512
d7a7ad6aed2a4636e4f4757120ed004ac9072b60c8f2095d968d6dc76b571861bba8427a3ef08e8b63c9cb77d0bdaac5d7a8721ef18bbd882296fdf24b94697e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
05cee375ee58e39d2233d944a0503a3b

SHA1
156190dca00e08ea2aa0004f828fad04e086f52c

SHA256
ae5e1b9d8b0e82102972fbe500ec9d44e5660f2442ad82ceca88bff97e950ba9

SHA512
13ce42f26b55695d17fc7b32fbef96b1909ca1d4fa421d8e104bcd00554775b03679c38f241cbf72b97c02ed428cc8308475aeab35c1b85143b5225296e9094c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c95d1e340eaa24d6d8a13cc9307fc89d

SHA1
f5d5fd20d61f73677133000938401f85e5be0301

SHA256
275f636aa259dcbd5cf2ef712e579c2e2e84d6d0afd40ea1e2a9cd14fb71a275

SHA512
0b5727772a3dd15c1238b42d4cbf3f2874fc83c5205856c38ed812f95ca4c8d2d85f2e25aa58c06927388a75d0c3848099494d6af702939d0e59cc5bc93a083c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b11aa52cfe594e200f0ab5950d99b8b7

SHA1
0605d72ae1198e14e2c3efc2a5faaa548fb895d8

SHA256
bd40e559ab2e1d92a97b08092c48883e2d793d7d78887b75aa8e61df6a807b5f

SHA512
3b5912d3d5d1f7de72a3091c5fffc822c84a277eb33bfde78f9b292e172510da6b3018f0870ee3a4353a21cc2f9b274fb5a00fa62f6e6d9b963d7306ebeee555

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f38fc1e3d106de412e9f3189d5e01a41

SHA1
be9e9640498f06763e12557c2681f1da8816d9ce

SHA256
0398929665df0e9681e76e6a73c4556f0f92677137c9868b502743fdbbc7aff9

SHA512
eb2471a053161b49a04f5b0fe0bf09a5d32a43ec3cd110b3b673723e54163bc46e806cbad3a9a4d95ee306a4a49a8023bcf681d7f3d4ea5f277f786c0736b697

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b56be05a7bc4cff49319bffa67a05bbe

SHA1
046ce0ad94c25d9d80cdb53f866c33bee1119154

SHA256
17571b5c521235b3e0982ca2d7dbc9ab72e9ebf4330a91148592660e861789bd

SHA512
1781105e97365fc00302ac28f663b03539762cdf62df0427140fe5564be6e408f8fb69e45c830a3a929b43557f5f3e19f8686cf7e93e6c85588942ee9e202586

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6dbe0974c3ac030e4f28bebd8374fb1d

SHA1
1301402fd505571071d622b2543c5b9982a51628

SHA256
845b343af5b5095b2085d9a4ccc5f9576df0a5a3484bbaf3dc63f194392eace2

SHA512
d4db8129add1fb7b727517db8e9de0a6dda51ec9eb9b1f1d753c2de7bdfb388962b18ca56caa736293f52bfed8f7bb987e9f6f936a0fe36b5654bf508878db7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f45574de9aae4cce86284c5ea87370c2

SHA1
93ed3deedf761fa1a001d2a3be83781c567459fa

SHA256
652b66bc7fb3fad2f6065b6e7ab5b159cc9bc8b1d8129962d99103e59635cb6c

SHA512
bd8cf66518858ac0c77044f90201c96e11f977df17b8270713ddaf24dcbd57a0bfb1d1320fa2a97cee0c6628d8fcb9032e927119992be38920cc96810003ab28

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e7f49ab73c6c5558e6ad1f9e57376c02

SHA1
99efbaf970631f6e503b8b8952aa3ce010818885

SHA256
20d0d6e1f68efbfb347f60e95c3d8b61ad66561dfa61b8cb15dce8559eecb6d4

SHA512
b93ffa4f81b8dde424dcc88e2963912a1d5524f1203b5c85b720b189bbf024130db6afd907e6d25d46bc66274304772252515575812004982f4caf12b8d5ce43

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b0d3352870dea2206db048174a9a5229

SHA1
21024862751e9799b2fea9eb41c10e98cd607af2

SHA256
8a9a47e090af6c0cb25126084e302185295f3012c37f519d1c9788248187e6ff

SHA512
54bd622eb9a2132326b657d0b3268f31fe2f2e68edeb0e1f8fe6ed6cd8ec0a2b9654cddd88600f3b957f43b1499ff14511b355310e1610ab441f489303572018

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d11fe8c3d660942266fc909347b0e2d3

SHA1
659bdb6e61d1ab43130e8df85eac3e8b30be0d4a

SHA256
401ca1c45797632c50a0648e088b21ed196be25cf95d0bda20ecbaffc61c5fc9

SHA512
1b0d1749da48815b1e7ac2b3be7ceaa1e273222256c8c4f4cf358d4ddeef8f83ae52edbf4e7ccf3bb380c24e3b89acd503cec91b6b229177fe0660bf8d38d739

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab407B.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4100.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit