43a1af6d8dbe6b4885c42672dca6363abaec8ca99e0e1a0184f6bceab8aeac5f

Analysis

max time kernel
144s
max time network
149s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
11/09/2024, 16:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dab941be96941ee1f520935a5c3f036a_JaffaCakes118.html
Size

31KB
MD5

dab941be96941ee1f520935a5c3f036a
SHA1

005d6141fb2430f1262549f1162113692aa61ee0
SHA256

43a1af6d8dbe6b4885c42672dca6363abaec8ca99e0e1a0184f6bceab8aeac5f
SHA512

8bb264fd41b2d64e9f599729f54930a97508485e1f3e6a5eb2ff6daecf2d6b5c606633218212a85da73b47e25026be8c21733cf66b73f9ddba32d914e8805340
SSDEEP

384:Jda4V/HkloMPL9znnnNvNyLfNvNyGn9RNvNy1nnrNvNyYnnDNvNysnnlNvNyAnnF:JtVaL9znOn9gnVnRnTnV9Kihr50ve

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 008502d36404db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432232729"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000a056bd8c33df5b561dffd7a9709fd2f07dd9ff4109771dc960307ef53e768686000000000e8000000002000020000000ae2124984595e5e06491b48f1d8bfeaa822e3aa890518d5091c33718882499842000000011004d446fdfdc32768396d96160a86c371c1933c728bf370cd191dcbc4e4f18400000002351fb1fa802dfc8cfb1834eb25641a23e64eba1b2e62ab6d9552084c707a2258a14ee703ee774fd6b2109720f3423215929f12463e9207a825f2dfc7c4886e7	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000004bd2694a4ce0526caede9fac0c9cb99ba3b7654adb70dcfdd5513a153dc2b595000000000e800000000200002000000044afb20e2c52dca3d456f694e7e8d11a7bd575eb494bafb2dc82ea839998628e90000000029c045db0e8895435f172b23317272508060c2b6696e6569870d9ff23ba4afe7115cc42fb1630d1809cde8cc07a5b83db1f7d132b4b2a3c44e639e8685699d62676ef5f4c845afec3f1d1475fc4ea0b4c1e503183c8d6f0bc694f86d60ba97e8c26109e5fdf41bae18b1c29e5bf9edad74e9f1dbe68fe6d1e3288cde1a3905373389be5ed39d0474960fdca7d483adb40000000fb64e9f346a94b54a3dc37fe2bd86b69270929d0dc8382ae12e3c1e6fe92986f9f087c29c34cb5964e5769bb49c366989196e0d663da6be4cf0f10a0c603bc4b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F418A441-7057-11EF-9E99-E699F793024F} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
904	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
904	iexplore.exe
904	iexplore.exe
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE
2764	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 904 wrote to memory of 2764	904	iexplore.exe	29
PID 904 wrote to memory of 2764	904	iexplore.exe	29
PID 904 wrote to memory of 2764	904	iexplore.exe	29
PID 904 wrote to memory of 2764	904	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dab941be96941ee1f520935a5c3f036a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:904
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:904 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
72510ca523c778f613c805331120e8e2

SHA1
e3b2ec991d26e71e8d05c94f2593d622bbab531e

SHA256
b51f210c7207029495d46d148dc48fcdb252f2862b9c2df47bdb035d1a6a5d19

SHA512
81f7f45ea605e0265816016b28874c02dc1bb266c983fcbbf09ae7d52ceecf5da317d14ebb93aa1804b61db0d9849e78ed6512fa46ae24b7b2a7ebe028b2f9eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01d82232033a24122aafee2d48d36a45

SHA1
4d378489e0169141a607589fdabbb58fe684c15d

SHA256
9f005b165850de8816450f344a3d18efc12bc4d243567bebacd2dfe7629ec735

SHA512
4cb9dd78df8075f4c414aa4099e510a9d681a558b5650d22e7a699e7cba67fc21662fc208bea3620243f3b46a4ee70373b0e0d789b49200ea559524bf8f9fbb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3ccda6e4714981d36f838bceb13d4a4

SHA1
5b9c9a8da1046388b64ee3d032751a0daa304d0e

SHA256
3e581385362aa7a4abf71a9819c4597aa3cc439d6da5064f4c0b473ceddc50ac

SHA512
2735e533c8fd6f3ce41be6871de233ff63657ddef88bd9b2100ca51f2f1f39912847f9c1ce605b22c1d322fc73cfd2fd7e7dfb28783cf31b003b3ac9173b3d18

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f7fc73691002f0b5d27763e435ac3964

SHA1
1f073f865d1b4ee648f28888ff378456ed83bd3d

SHA256
3b4d78ad68e288cd601a5e2372326f3ec5c436efaadbe150599e97180e255c79

SHA512
ae08c413244f613a4abf490896068bc684a697e5330e49579ae20812f857026c16bb49470aa0b12615b21d29bb4004a145482381858cfaef034fb00246b7bb0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54d3b3904e3ba2c38c8ec75ca0dfcd3c

SHA1
824790fd014ac7c1f34825c81b50b3894911bbf1

SHA256
564d4cd94a8c4566d821587d86047fdaa3bf5c252ec146fc4422c2beba3256d9

SHA512
8e9824454b9e23463c2632b85b8dbb1394ebb22104cd678ee7b192038221ee02cdf22f62aa3152d044039098572728f85aeec65a739ebd1dd29c9b77f0fe0ec9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af303bdfe17ecf287e0330f0ed60150b

SHA1
b2e3722055af946a9ec9e3741ea032f0dea8451c

SHA256
88fa6f8b447c43c71a972dd163c98b527d920f588055afce35e11d1d47495b62

SHA512
d8d6e3b0637661ca300ccf124533a484b1bae4a0fed68feb03d5814e4ef39cbb4dad606ec50f3d6d9cb5da56900e6041836dfb60bf98d3ca71196bef2dfc53df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7200370fbf061629d473c60a85bc8f9e

SHA1
d6d379a101d6a066493e9d36eb391935642dbad9

SHA256
e0e61b6aec5f960df352296d55560553cfb1589125bcbe9444433d5b8580f1a1

SHA512
ed535cd3847fdad50dadcb3193e5cbf949fd90ac50f202569bfe8e1ef28763fb09c9b408f33826d815e3a211ed47893d3d840811d020a70c6a72c315dec63348

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
23bfbe270a96ae15e4d91583a944c54c

SHA1
ee42d6cdaa3749d65f61895a16e62b50d74db4bb

SHA256
8d38530b21eac32139430a7aedd4ac14e684450ba391e912753e265675a9ab9b

SHA512
caff99a13375b1c858b3a83b6af54783758da024c3be32c3439e432b83f5cbae5ef4928a024e1eed44a887cbb38166162372405635207d49f821aace0d3f8d55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4427ba111727986993ee4f2ebf0a1af3

SHA1
fa7a492b4e1eb3072fc991209f2bd109a833b92d

SHA256
41bbcfd94107939e693f21b8257158fd1fe560d877524b40ce472878d959dca9

SHA512
0103f63a006401c1cd67ed2ae1fd4504bd6b33efde69c4fe11669973449e33f6ff33208d20f3bf8e14b3dd9bedbf279208cbbc95f8be316355139779bfdc7e8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eefbe4d9bb20535c05fda35e95d2ceb4

SHA1
f193e0b75aaab9a7641e32b2838ee7a3a794031a

SHA256
157c4ee00d51bc2841691ceebac837ddd126ffcaf52437904876f603ab57f978

SHA512
a7f03531cbcb6f7608e7691fa534ae67b9af66771cc6f2f384582552ca2e0d3b185fd9d3b9614a1d29afa437ed8388945de654a095ca6c9e9ec363273ffafb8a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9555d9a1b8bda97072205d73e3e6d599

SHA1
5d746c68c150ccf099ce8080c2114e84738c9be3

SHA256
ab5bd47e9ccc6e002a0648d7c9305e3493d71c621c4d63473c903fbc2927b6cd

SHA512
c20d57cd06c62d0892697a550b6b5dd9564ec6cf047b30ebdc6d990f7d914a1b09698bfa82169b1255394ad3cc590e59f846d69077ffa85140b10e38af83b83d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad6909a9e682287a31ef0d1f00f89d1f

SHA1
6a9e5f0e3ec0ec054242962a1f6c8e0753b4e92e

SHA256
765b51432e70bcc30e9b286aef752ccb2e3c853b91179456716d800e01d431e2

SHA512
be0cef1d821b871eb53804be68dbca78e76235d5a02345128d91ea7a8bdb7950a77793016fa9367e3bd1629d2184c057a88f1dcdbdcdd827b7cee9055fb67c92

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c40606bc94405cadcb7eedd056b584ef

SHA1
1ed00710faa3a6ae6cb67407c7cd2becbdea9384

SHA256
57d36f26caa79ff591a5a61481c904d4bf578d895f8f7f37604920aeaa3b8d32

SHA512
02093d1b87553aad18ca8e25565966f4bad41a42cb72a804a6e1c2ae667c15620f1016972f85930ad74f364328d4c51f66dfb6c8165be4939d8b460203004114

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
34b0482c62adfce47d70e81b6275f111

SHA1
9a0145e3b950b536765763fd463eb3da0bfbfbed

SHA256
f1b9dc98fc10186cb39b78477f96d7710cd18faedceb5fa0dacdb84c46d803f8

SHA512
05b58e8d04700165a955205eff8ed6bd020854f628ac02260c134cc4ac3c77db1f183db8248087b105744091d7379b40d6f737225b5576e16a55e6b73f18276f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
caab27a9a5ecd4340a2fca6de42aa581

SHA1
73e53c68e953ea2c8cd42227f35ac2319fc76e4a

SHA256
067c75f34ad019ff3048426f703d8b53613b0f2f1823cf3cdf019234a0acbd9d

SHA512
97febc531172784d3b2239a7841c60cf781f7d0473dabc7d8c824aac67964c3659d9279f5a1377f51af1695e1df41b9e9af177296844dad5445c5e432a9de615

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
873ddac1d2580f2e1332d9a758fe1abd

SHA1
ffc62587ff477655c5c2a7d1cf3c73a1028c8549

SHA256
2f6af1e05598da10e90fd73874d52a2338944b063313cd6e513df138b56c4693

SHA512
18fa383356f08b4c49cff7f6e1082dfdfdceecc00b8a6ddd72d03a0a368cc6508b41b00b9cc17550f21c1abe16aa514fc163e69bbe5bdd6442229349b5f68cf1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
053db53bfff17ef894221a08d672057c

SHA1
a367eb67155684aa99ba4035119dba624b0279eb

SHA256
2c997ec82641bc91c924878b7a60e0d11952ec26461290a685bbef945c169266

SHA512
6edbbaed8f55716ea639da300f278820c2ab56106d82c19168323265b40568dfb9eb6141501f162bd9cbb105e9fd28a79de0df3be142dee96f03cab8cf84b9c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE7D3.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE7D4.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit