183734c9262aec696f2316a2d06a9a2b62567a69a8a859cb545c5b63d11f46aa

Analysis

max time kernel
136s
max time network
141s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
25-08-2024 18:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c1462249b6fd76058f7b6a52bf8a377f_JaffaCakes118.html
Size

3KB
MD5

c1462249b6fd76058f7b6a52bf8a377f
SHA1

fbde77e02bf5c9c8ceedc7a55a314c4a7bc555fe
SHA256

183734c9262aec696f2316a2d06a9a2b62567a69a8a859cb545c5b63d11f46aa
SHA512

ef26676f0b52b0243c6265d375cfb32301866a3087ba097e279a24042127305e1dd40d8c4a6f57e615eb37f9d38d51bd9dd9c54c4b7ae2bf74447f12b90fcdab

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430770769"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1458D491-630C-11EF-838F-D692ACB8436A} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f03551000000000200000000001066000000010000200000006ac64cdffd687f0fcf5e28265ff610a2c89787ac138c5ae3d534aea805b13283000000000e8000000002000020000000f753ef7244b3651ca531be3b1f638d617e3325b779a29bf8951d7ae266774e222000000091001f9268ff7bc701234d43c702513f37b6138a58eaed54bc21306eea7d5fc940000000f912b4ed803ae289ad8954f6ead7a52ed22a6bf4030ef103877aa77e2da055292c2e51853e8f459a8703ec4b4384df5b776de015a1ff46c619778bc684cf62f6	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0a51be918f7da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000d854e951ecdca4792ad3aea80f0355100000000020000000000106600000001000020000000ed383c3ca5f4c647ebef715736fd1529a43acbcb474d433b221bdc23ed0dce54000000000e80000000020000200000003d06c39517a1a8bd392ebc8894c2ebd18b853974b71a6f3e5e8cc82f8aadbfe1900000008c3f455fc490dcf28e02babdb4b193830b0edb117adab6d89b703ea90c38ea4b751ab1f0d5f8afe3ab3827c61b87a17a4345ca12917d906f997917c8e336f541c6ef09251f497b78a3024a9501ec5b3e992a37509b3b6594d53c309ed2a92aadddfdb69dd9318f03c3b015b76ffeb3dc24598ad29174d00957237880dd12e13e958a9a4d607277dca21a9f5884b9648540000000640e0b3a05db44636ad6402ca52225d9b667a93a1517417d694b1d259bec7c5a8fea40e16471277836d28f421c00baf2148c9659ab600132457f0a038ed0401d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2056	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2056	iexplore.exe
2056	iexplore.exe
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2056 wrote to memory of 3028	2056	iexplore.exe	30
PID 2056 wrote to memory of 3028	2056	iexplore.exe	30
PID 2056 wrote to memory of 3028	2056	iexplore.exe	30
PID 2056 wrote to memory of 3028	2056	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1462249b6fd76058f7b6a52bf8a377f_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2056
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc7d670838057fcc1d21ffdfb0aad4db

SHA1
a75daac4d4049f4f9f210e693d3e4077e753dcce

SHA256
9d4612c0ec33fb05bca59e1fec889732be33da1f94ab265f2300eb978c78b906

SHA512
2edbcf4a4e15601661505be2e23e9705854804c514db3604aece65c3d2f4e8de760cf869de37c5601c227bfbc40e05600cbf01cfc43cad004c11908f2f0eb7c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
650cfb9c7ef0b7a2c16cf99ec2beee74

SHA1
2f62b6949eee65d90f2ada3d5a75001d79a92c5c

SHA256
94e0e354238870d4533d8387da6f073bb8ded1ae892136b636312fc6fbf3e134

SHA512
5aec61479c4d6a7e3404952509516b35d61b6a64587fb0a126c7b0e8efc9713e6f8fb7bac14ead3541887c41ca6eb900f6bb8329eb61cd2d095cbae4c3b763b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
182a5686de3dba8797f34a78c4413c5e

SHA1
d883020ff9ccc2244cdcc86086f1869c3812d062

SHA256
cc7bd378a8f5f807fb463c792d26b23e308ad1e2544677aaf12a233f08724a35

SHA512
6cd315885444b9a9e306fabde2de461b801cd3040894e485a9be7aea57eacca1258c6491da4fb6dac1bfec7b7cd75d351904c2e710b15f64938b83850173e00c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45ca5b45f6a9f96bbbbaecb4f4792962

SHA1
b185494fb9fd38f30047166f6989ec858d08dd39

SHA256
e95b75d23d96b447fb1c54253f492cf68330140084e891df8bd1954425e3499d

SHA512
d50479e191211a934817ebe4c5a0c51c243a2bb0aae1aac60ab89860aa8d81641a6cb559d8577e3e25d0ff65528c7ce075457957eb97e0b25296bdabbad60baf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7163d537563759aa5b13cb66fbac075e

SHA1
4a96c79c291024e22135b3bfcb250266d7eb8906

SHA256
ceecf14da59e9278784ee4bfaadf85bc236b994d8ce192605f1f2dbf5d344a89

SHA512
cb9ae13d3d0840e2caf9e4f81aa3f5f9e4cd397d65f046eabaad750c983dd4c8008b8e56455dd744ba41363eec196c9f5f101d9b7cd85cb124e39ec198183da2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0df4fa3b3cc9101f5168a16938f942ea

SHA1
05e14f01ecd23b4ee061c5eba541b6885883725a

SHA256
553feaa9cb2292ce89dcfbd220d703948b6a487fb8e04ed725b8e0e4dfb91ac1

SHA512
8fb32f1c4b3b3cc0d6d6abbbd5540e01aa74a3da38aca36c0f4e2fcf01b9893e296d3f48cf069bc2c63aed318c674e96e999e159cedde4c79abf72cfa31ba18f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0e4c9e02e8ce8e2ce441cd4a8be05850

SHA1
7d4a5e0573480a7af78494a3f47fe725b1f67028

SHA256
51426096474cef4ef4ca6bd588edab27445092b80af7a27cd37ba9f4b92bb59c

SHA512
bd12f31b8d8f288679575fd3b6efaf77059d19fb2ed462fd5b9402e278f4e561e0784b10c1bf7b6e14a80205c060c500e57197c56719bf53ffef83ab47152213

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9bbec9be5f0608ff7d4f21992b6bda25

SHA1
d279dfe562b3c6f1bdcc419a163c6f3fd3ad3660

SHA256
0c54485f4b1e68c984fca22eb422af1be48441fdd45816584623145c8f5695a1

SHA512
b141107632b3a6bbc82d202671def47696cae70c7fa39de4283d0dd34789058c17f49c9a01b9a8710b32852eeebca9fe7a115f242426741a73cde5c4f50ec8be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6f14406e34ed2ab9a2521dd820150d2f

SHA1
8404c2f83fe991f370ba8da5608786fdc28b04a0

SHA256
191c629be5f08ad26775215200aed4284d0c6c717780f1c535767ee95bfd73ee

SHA512
cf53f31b35e022d3697bbb299ca2785c67c308369be9b5dd07e2ea5d14127498f626126c22aa91b18f42b45948991acfab890535a4e148f69da6c34a70b8bc60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c444640cc01e688344c9fc924de75aea

SHA1
cdcb4e571aa20e22e79784b45c0efbdb7c97a90d

SHA256
6c9c707aae99e74d12b8613d5f85921942eae8a6db28f50ff96d12db7093849c

SHA512
c99be27f9ce4266aed64b415d38d41d27fd42114d7a7b932457c69f02cf1e30db26fed28be419ed545f3b9ce39a2432dcb3f8b49ab121860303cdc9c6c5b3813

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
079f711db8ebf86844962354f8f8bac8

SHA1
08e104f3d76fef604ec3517e1b37dc6ffcca617f

SHA256
b82c3e8c5cf9f32e2f5bbcc9974fd59758ecb3e91f48d593a01fb661d9aac478

SHA512
4c94255ec115acd79514edc41df5ed96759eb5d704128618ec7119895a5e52f1df6239365636df3aba2715c7bdc8a4a5a6a63caabedd9c10d43dc43bb9bd2e80

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b3c0d30186a3360548c6524d7e701a8a

SHA1
557dcb25f76586f3f1390e8f646e56ab932977ee

SHA256
7da4319eafe6f5f330e847ef2628d8d2572f219a2f70868a01d297df0ded4e34

SHA512
1e970197610f5434108e682adbcab7e08be2d9775ee4499636ecee2713115136623cb9f112e5c289b7a023af32e32b3795cd860cc3dc4d5060b1348eed3af4d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
72096178f17ea27179b459bd1c4aa23d

SHA1
b1ea76bc56755b79f383ea39e6fd529dc071a7ad

SHA256
312c28de92aca6247af83a54f3b3915083db567ec32c028282ceb1c8718a2b98

SHA512
c3c84797766add5a52de47c9f9c6d585a595ccf309ea87ab31cbc4e5ce3214076f924205705a041c4a389228d27c9b89a14844a4d98f304cef7aa6bacf2f25d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
76384fa4690c80f67db583a48d5c0a5e

SHA1
9af79ffbd5dea44b9a1c9fdd5a3e33d5d1d421f9

SHA256
9b7daedfa5fc2f5b26130a07ec1711d96c7584e54cf3efcf361e8d438f264970

SHA512
98889f153c7bc7ee3bb002b32ecf1d242c9ebe84b2fa5d90560dcc435170e1f454063a2cc4b771f35bcd46cd58e20b57ed2205693f245a37eb27cfd77d31e717

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3bf4f2405ff59fd0caf18f7686a6e051

SHA1
56adaa73e91e5904a1977a291a29a7ce3b0dfe04

SHA256
2fb19b03f31d6360b8afa694f4ccb111d155db1895f896a71800b58a872b760e

SHA512
857e18086a38482f83c8197f35c07171fdd7dc35b7801ac60f1ee32e1dba1e7ca95b985a8a897ac9393455a2f6b0053d6c53f662425bfb61dd854ecb00169510

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
70324742f83b9532b2a03cc4b9732509

SHA1
130975143fcdce7db9a805f3399edae3e12a67f3

SHA256
db628da9b58946ac7d7db5022766aaf03f011bb005f3d360b0bd635d110e15a1

SHA512
06380bec5d6d29b5ec6aa05ef598e8353381e687c7c70b3df8facae2f6866f817fb1040e5d40bccb753f3197494684d8185ceca59c8c85f11f78635643763ddb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
355ab13e17a67a65ac7060d0ddd14ae8

SHA1
fd6e70816495fe8768eaf80a46ac35937d0eab71

SHA256
a60c0dc2d89b0aa9e66b88c961a08fab19999611d4c407ce6c57cf4a6cd21556

SHA512
f67c7826638ed14802cf7e84b3501c25332ac4b8521bb4f708f4841d04b40fe62c64c46e2d1dbfe0bc2bc0e043b628db99cd93a6e9267e79cdea2356cf7af9aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab896E.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8A2C.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit