d4e824e46b2f6f18bf1bbca226d6aaf939bcb2961b00ba8cbed84b146f295607

Analysis

max time kernel
141s
max time network
145s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
03/07/2024, 19:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2372ab3f5bd44c1905484aa4e0503fd4_JaffaCakes118.html
Size

20KB
MD5

2372ab3f5bd44c1905484aa4e0503fd4
SHA1

74d43fbeec0b79a5361925137a5a862df35c9fba
SHA256

d4e824e46b2f6f18bf1bbca226d6aaf939bcb2961b00ba8cbed84b146f295607
SHA512

4cbab4ce50bd760a21329cd5a87441f0334c60a972b21580fbd3651471c1141c8553f102fd0fa5e84e31f2b602e12b68b346492ab9930431986613d9526570f8
SSDEEP

384:SIJgVDZ+nzrkUS7k5tN0vN7jN8NLd/oNOjLNrV3P3x/NV9fa/wv864rvXXL8S:SLO2k1aQLd2O9rd37D2AS

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000045c19295707faaa60dd87285568e597eb28aa712c20ef698697b7e0622d25640000000000e800000000200002000000022b710255eb2ccf47da91cf356ff1e6b01c0259e457db55e401cb6c7c515930b200000006f8d6b80b5ae21b167d9b99342a65f7f77840beee5a4b864c1aee446cc45625e400000006d5939b6f7a3aad4a2ec60c82fbc59e6747eab87284946b0655a0898c8dd6bfb3c721ebe765347f8cb3f08df0285c4c0ade7dcbd1669a3598f756ae342b09c96	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426195797"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 802891127dcdda01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000005b25023999c76aaa6c57136401e965816909a277623638f8291982e971bca335000000000e800000000200002000000089382ff08da0e8674cde3e9e024c7eb2cc46a92b724eacfc149d3fafda06a4eb900000000cd54c1a0d3f837e76ffc41144c4da46e3bfc34a150fbea1ed29a670613d2280a2e4d5bb1ee518a20320bc4e6b65bd97876be38affe24075bff471f05ab4b2a60bc8a1169420a3f6a79e0cf6c7a2aea690750e222f068e6e6a495273292f393f4d5c07b3e1eb9965c6626851ec878d2f22e5712368d62d815771977833b8f278f9c588d75e4ada17ee18add00ace0b194000000089aec52586e9798eb5917074d44f92534694c7cda7aa5e5699fd5dce636de94ff0a8fbdf069ceadb2d080a7e6c920f6339a9c474da0e63bb287e367c0d618cb9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{24754401-3970-11EF-AAE0-7E2A7D203091} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1052	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1052	iexplore.exe
1052	iexplore.exe
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1052 wrote to memory of 2708	1052	iexplore.exe	28
PID 1052 wrote to memory of 2708	1052	iexplore.exe	28
PID 1052 wrote to memory of 2708	1052	iexplore.exe	28
PID 1052 wrote to memory of 2708	1052	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2372ab3f5bd44c1905484aa4e0503fd4_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1052
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1052 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2708

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d2f8c2f87ecf8c6353d0fa4eb47232f

SHA1
d7872868ea23c725c0c50aade17c52a9759e3053

SHA256
07deaa245a20255c63f879b5ce9e88de09cc4cba81b6c6975bb49bc93c8e61e4

SHA512
26ff2bd84217c29a8f4550a800f581eed28e50aaf2e18b23b057cff15e11e4b459ed12311c7f3c26481adeced8dbca1932df98a2073571da50db0b93a31d8392

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ece8770c9248b591c05869c00e085df9

SHA1
56a552d2a583006be1cdf679321a692ab8d3182c

SHA256
f312f1a9c179dfd7fbc3429868daf88192045fd63f5d9a843fe8936298155936

SHA512
5454aaa5d0b22a2ca352e5523afd476e52ffc742c07409e5901b96c0afb2973f086304ea51dc0cf242153b79337d4d10c55909e2ff8d00e845465a8e54d3bc28

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffc72ee623c4ee60e7ed3b6bbd0a9d3c

SHA1
d65d5889bdd1b02ef965214eeb01d34da6444376

SHA256
0723f24918ec3ff455832922620020030d1732a10d316d2da5f6de5918363ac5

SHA512
6254efd48e43378f5806485dcdbb99f10e04d9c2205dc6a7fa214ffa1b4ab73a13d98842c044e085caa28f00c98d90dc7161603488be13baa40f061fba0d362f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
53b18f10f64cc1d61f48db7be61e61ce

SHA1
e30f13a80628f6f061beee585944c3444856a485

SHA256
c5f95123dd20a1a53da57bcf022a03154198332f9d65130e3e87e6c7731211c8

SHA512
9dba7232638fbcb4c783e6c67610d460a8aa175af6b5ed15e42ab190d3e63ad859915cae4d6d1c5782de87c56f73ad2bf5fa81ff2d89417be13b15e3ed4979f0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
662704e50b4142a7b1c0c7d49b10af54

SHA1
4735122c5783fb6a2c4f705081a7ef3c4e0d3856

SHA256
d30d2f10768d83ec37155aecc0141eaa7b7bbf0b02f4e467377da92378569dc5

SHA512
cd0b564038686351b29c8d7a1849885a46d44d6dbd02dbdd1b8adc17c2e140e27055045b023c50d06ae22162b10f11f107e68a123914f091f532bf4faeae9c88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
66d654626e8df54fc414968a2aa2d25b

SHA1
c06d8afb862a7f414af937069998752826ae6926

SHA256
e89803052d9d975e3561124da47b282ac7f64f2933a683de1d542c423219e11f

SHA512
b9644e37277b12ba29b6daeeda2b086d7cd5e79edc0099fb000145549f46e31ea30e0b5692d78ffefaf74efb0aa6c20c2b9db34790af20cb63cd4dda61eda4dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
48cfbd0ab89b467094ff700f82e3ae60

SHA1
dfe96126c6036c3d708f093f2697c29647688d23

SHA256
262fa4dbab15f27cbca94d6afe7392930e306141b4102c1f99a45b68f49f04e1

SHA512
f10181f7f8b9a9196e70c33ad92ac8df1924a3441ae6e35328cac92b01026f721b0da39945702e4a332b806677e841beaa00ea358e7278fd2690c2729aaf4b79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f9b718cc88be84050695cf25fd5d9b57

SHA1
42961a0d52cbc080819566cf03c6994b744e5d80

SHA256
3f1b7ff0fa502340101971b44986864f7483833377240bd0277b6bc0c2968bc9

SHA512
b405431dec2ebe41ba2eb8219107bbedeeab3256ce080a0298d2a1bbf9c0fb08c3c014e8d9d01df957c6edbbb6a519235429549872a2851d6fe336db0a34070e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d248a1657b46c16a6767c41810935025

SHA1
4ce62095f75cdf8a37499290893ef5606bb7d102

SHA256
77837a7041e2db80d5f3caacd0d45b72643a8b214ad2717fad3a83da21ee5be8

SHA512
48dd82657a89de164551aead726eaccb72eca7bfb4ed9da466881eb757e1aa5a03345bcc23bfdf75b11161b4ebb769065a57678db74449bb54b864baffa4fbdf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aa8bef91929fb0a3139078f4492c2507

SHA1
c8e2c3569ed568d0e73637b8d41cc279ed845b83

SHA256
43aa701c6adcb9bf384bd6438310ca641d7e91d2f761120df1f403ef95a26e38

SHA512
681e83a008ff572087a801907f9ad7b177525045390be492ff09933ef1b2d7e489851702eb0c6654cf0cc6116a0de40fe71b89d470d766ad611faece4b783b7c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa5142d75a95af28b38307ed4ed75924

SHA1
eb49bba4e186a3378f44bcbcb8b53581f7f06a0c

SHA256
8d44e8a30771e5014eb1674cfa9ec71ed4841b33ed3ef57e74d8985866921380

SHA512
ec7b87ef106f4106c2b2faae56c472575dd5bb426ee9bfa0e7c478603efe56da8e26ef0aeb2cf663449ccca3c6d0996f5cf969c7ecde99f0f0e2a4944aa33684

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
381814eb3471e8fb467706cb0c7b7601

SHA1
15c7dacbe81abf3fbb1a771580b15177a28f5205

SHA256
5e03e585cc1851c7df495444fc082c02af6a3c8149897a855342ddab0d3e1992

SHA512
6d7bd316434f09adcc7f5e7a47b60cf91d412b4c0548093b771c5b1ef5dec7cf36e5d5adf2b250748edc14e9fd7a3695c1aadeab91b19291b311ab158aea355e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b250b2ceaef0866c2c30a0c21a57173

SHA1
46019e78c57b79e441db3374e1d04780ff783137

SHA256
cd668f7dbfd64bcdcd1105f15e963066cb19e0a4f8531747b683be0572ac6027

SHA512
46a23c34fa44919c71159662b3c7115cfa7179046e2058b25e9dde9cc1bdfe7b019440ab6cc7eaee00df4dfde3c7c93d0687db7eb47887f21e3c2b7e92647409

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9f00a35910184cb8e18c02ddc2c66cac

SHA1
6edf00d2f09e304504e4b70bca22cbb5c166caad

SHA256
59629d98c986cbf400c0be0892adf572714dc0340b08a0ab44bbf2ad96dd2773

SHA512
9ad504a8fea6ce1387d8f8374d768cebbe75240e923e7c0a28d84d16531b3d6a38e93df134df0ecfb14f9f19ec1a646a577f73af3414aca1fcb8779d9ab1e073

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eaf6659c803ca619ead8936b205d5453

SHA1
898a0cdaa4d5335d6871aba09d5e59edb6ae729f

SHA256
89232ae5692134030a01c71dcd29768bb99a026618483ef6653dc5c42bb33f0e

SHA512
f2ecc29f38ad52086e0bae823692eedf11399da06658b23bc23252c1cec0212d5c79f3444390885c5b62c27479c432e8161fdffb1c242d9da21f36fdb73f4c31

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d5e7ed09309f7cd8ed191e3249cf6705

SHA1
338a32652f5340e1184403efe9c34686253beedc

SHA256
58c5ca6664c50cb25d4e0391fc0b2f46d1a1113aaddcd199d561f952bb10fa71

SHA512
7c47730056b169cf3fd82f28803765f96df206cf84fb114b8f846e11780ceb5c3b811c0c34c2102b90bdb2ef0cd1ad15762244345398ea616118bf8321fa9d80

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
78ee6b525e3fdc692ed857ccf3c07c99

SHA1
bea24bf80ade91760a036f96a56b8f6a72f74599

SHA256
12f381921433b1077c0cd20991a85f36bb3672f2c7230fc162e89f6776fb2f59

SHA512
89c8c9d38ac8ca8217779fca8328fe1cd188c0eb03fe4346a6e21e3c0aa2eb78cdc7024cc6105f070245ea9319812a86dddfe03c58660dd9a4cb53eac515c10d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
114644b575ab25642344bd4a395ecbac

SHA1
9fbe1f1a5127fbcda85c4e0cd3ce182a8c19e16b

SHA256
56d4510de41ca977f6897f99d94c3b243e493775e4624d1c24a166b2d7fc170c

SHA512
bd418805c8f0df24c7a147903b90311a2d467338f7c2f56eeea474740f96d7c50c99c1fe599b06a05e86b5f8d98081aa75881fb846f8a232a801b245a7def200

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab342D.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar34CC.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit