a874a5e8fd1171285e89de42248bed07513948b68251436a526d75542c7b3164

Analysis

max time kernel
135s
max time network
132s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13/09/2024, 05:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ddc855c77f898e53a76c51d0cd9abe80_JaffaCakes118.html
Size

254B
MD5

ddc855c77f898e53a76c51d0cd9abe80
SHA1

e4780453e250e6ea1def6dc67a2c8571e4087519
SHA256

a874a5e8fd1171285e89de42248bed07513948b68251436a526d75542c7b3164
SHA512

45aed6884384dacfdf083846ad87a74b79be9335e9702a9fe34cce5ae49eac234e1277ece39730af148d11a7708b8b39e913b3a4b980090116cbd2881d206ae3

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000001c3389dc6e509d85833282dec1b604a3ccc3c86c9e29bd4bf6c4d56f13af9d6b000000000e8000000002000020000000fef6ac41f9eef8e8e30078423d593bba2a9fa3c043e319dda0893b5146f8f43920000000216d8f4713a63338767cdd1e46d79134b8ec7931b10b7795dd9cd778e690bacb40000000ddcd0261ee49a3e484571ba1ff23bfa3ba7c7a799bbcd6c2312b42f6d9e7592352df8cb2fa0b8084e2d23e1fb8293f21a6227a84440a95d20a0c2226a08be3c3	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00f103ac9f05db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432367964"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D6C0E381-7192-11EF-87F4-7694D31B45CA} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000072bfb0556a1764651ddfe163407fed866d5b879b7e172d14a0090174035e4596000000000e8000000002000020000000973d65934518579d30c66530f4fe9fcdbe19caa9b531115f5a3364ef847af04690000000c8061797c07dddae78aefa80ff4732b418da41ecf261e0d06210b2505671ac7fedbc4f2601b282fcc4aa51388eb6137488bf8b3d1a52c19ea0f238afbb78e0b68762c4877544e9f1953dd38443724b270696b0088e08c3045af9bbb8dbb3e46cd1a56255ee77ab5584322f83b9c46050c0fcb0c8ec9f94e52be7970ff26d0d4ac0bbe7340b50519022211ce5da8a7b8740000000932039103962296af9a086ded8f6c8602157b34e4c4bc0557eadc702fa73361442ccd21651825813821ce6484f81c26519b00f009d655b2f7d35376e20a954fe	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2720	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2720	iexplore.exe
2720	iexplore.exe
2828	IEXPLORE.EXE
2828	IEXPLORE.EXE
2828	IEXPLORE.EXE
2828	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2720 wrote to memory of 2828	2720	iexplore.exe	30
PID 2720 wrote to memory of 2828	2720	iexplore.exe	30
PID 2720 wrote to memory of 2828	2720	iexplore.exe	30
PID 2720 wrote to memory of 2828	2720	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ddc855c77f898e53a76c51d0cd9abe80_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2720
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb179decac9ced7a49854cc2276c235a

SHA1
79768bea6bb7c2e03faa97a5218002586b011c0a

SHA256
ddaad76a78c51dbfe97a280167646cc2ecf28d5c9935d7f7f2c82055372a06b8

SHA512
a7a57f606b2c869a738f874c34f68c64cb8c905d2995eeca04da15a5942de568217abdb3c8385e347de6f28dd13d9cd2fb576100e1ed3c361bd4aaea8a52c21a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
60b358ebe3b459b92df239362408c53c

SHA1
56f3efa879817b245ca17558edf40d2fc431e211

SHA256
4db27e95a0cd661565681dad763c3b8be33053e5ef31cbd72a24d844493956e9

SHA512
498a548f5d14c39dffcf382d0ec299fe0d14b5466a1ed2b86a2ed405b27a18c8cab8b7201b6f0ce93914e20cfff5956d2ac516fb526080b523e99a6538157be6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd3ad6e9ae6ac0a579fa7a97d3c8cd71

SHA1
c0a7f26604fb7b60362253a56d317c7d1579d6bc

SHA256
e44d0795b3e9a28529559e8562e5670e46c311ccf4f42c9b95511aafc7c75562

SHA512
03c4f609cf9b905383f632309dd5942f90b055ffb30d52399c5fb730f8b28cb3d3b6dd36fb78e69b15f788b73248b149a110542286f8a00b2b82a2959099959f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a04f6010cb980ef4da28373e8e00814

SHA1
a2b7862246d43385a1aeaf793c6f804484d1f1c2

SHA256
9a439c4915f81e6633634f0630def0a289215d4b95f67b77b4dc088f51070e53

SHA512
8e68ad4da969fad7e54cb2c9513cc5ff63dd7f152a359aa5560994203859208e8bdfc1a6066d387a5cc3c1a0b85cec917f819dbb8b8f0c4c67ffc7da897073ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e9ee7ed5f5b7772da8e4ab80082e3bbb

SHA1
18d69c0b11b531093c1ee8a82ef11d970d076633

SHA256
001aa382ce77a1346cc70e58265fe38b3f169eb8914ff31ff1ac98a41fc24ade

SHA512
fb8b41ea77a4107614265e5b07d0d7c5e080153a65d1f7449785525a2ad191646b8425479bd55319ef51457ac663ce4a00dfdbc1bfde798404529d5b9dce940f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9b561cc2b9f9102fa4f2dbdfc6bd47a8

SHA1
050038fd6d958e10761ecc00d1491030e8605a26

SHA256
711e1984acb6321ae523c00ef00a72000e8eebd3e056d12406a44b99ee941c81

SHA512
5176c4b5b11b111ca3c94921420e8767f24b1f22136d64e8dff9c74c53abaf8d1814700a79c903607dc4378b6fe710b74aff186fb5c6f855b771051935d30c5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc94bab3eb7e6b8ff85a11545c51a00c

SHA1
c5ce50ecd0233edd305ff0d3c932039e09442c17

SHA256
079c85aa1c59adf01dc94bf491645914233e8b46a4d7c853d97d83f06d2550f9

SHA512
4133c0460a3233399062a6f3b093f0d4197dd6bd5928c98a72c70e571fdc2aa85e5d7070d8fba682027d74ef302d7fd568fc713d42ac49d011d5b48249082158

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
72db1700b64f4e08ed1590277320c691

SHA1
d35020b932810a9a9030f834fbd2ff9be2981a02

SHA256
fd613fb72379206957283df8f32bcc5a8413dfee6c88e410d6dad5fd463fc387

SHA512
e97337aa2679ede9f1fe9d333730abfb1fef8f3f64b436e7f44857743e057cdd80723060fffbcb5f4c0a51b0a35abcd31f641a601b4d53c7b15fb099d5a3a6b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ac9783a916353c067b312dd9648d5d7a

SHA1
c0c0810985022508eb9266eabb649f0056d03b4a

SHA256
1573ff1b8bddbc335b152e1654d1940fb7cad1d0fe3b23790e629b3d3b507538

SHA512
c9c6f4d9d36e38b5ade3d9e772f0fea2330b8a2327c835dc23e1b52a560c188a5b30c35fc4794cbaf398fc5034ca736151b7b06b732c3c187ed1afc1dc2965d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5afe381269efc80579f8db37f64e0a6e

SHA1
12920f0e8afb4dd6fff5e503ca6ecd4e1f17199d

SHA256
7f6d822c03705941e2c0e5c9e391b5fd0739aa7217b32aa3a11a37b783d7d425

SHA512
271445923277ac839db46912c6a04440293a45bd7d43705fd2cfb12c19399a03d0096e057065907318f9bf46a80916e83895d445b0de5243a6c6b77868e55e00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d32dd005b5183267a849ebac1672217

SHA1
7a14f92d286384684669ed67a0ac7f06be023c67

SHA256
d17a85cea6701ed400975736a5a091a7555fb41931cfc52842487ab42fcba3a1

SHA512
ac7913dbab0939d689dca89d8dd0c21b36dc362a385663d410b36c4c26e2e23d3bd1c55c0cc1bc164b1430f85819e230d4c6177225e5e7154b0a1f0f961b18a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
90ae1176ed0372676c6bdd191806399e

SHA1
463e6258f779b05c8399cf76095f3c0f2c39b341

SHA256
5f6850a34d0c55ad048e8c133ff4431c7cdfae531823db833ff7c1d1e71d3780

SHA512
71ef31ec986a5623013ba30f25a7322e1fe28ef8eb2a69af41deb7cce1710190d291e346360240aafdbbd3af8e122dd47370b03ac273aae9287a17fa2673bbf9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
de34f10bba11be49839011572d5a68b6

SHA1
b292fc67940d9a9c0d07f175f35e320fb40ac8e7

SHA256
a839bb0d877b31c0d4c8d602f9026d650b18612d51f7e06bdee0cbcd8482b0c3

SHA512
55d0f870827f3bedcab9a27db6f92da00eb121a64733679fb31579ac3c5cd704363dbf6d7c3349bec3bfa200127d434f31894c24af39933e064603357768ff3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ed4ed8e121df4eb65e4d3bc607ebc82e

SHA1
738cf395d1e43b15431eb76632a14180fd4dd3b2

SHA256
7817febca845ed8a3ddc8c6b071219d4ab473114ecfe64d4cc16362390c655a9

SHA512
8f29d3d064e105c5538a820a81ab36f8993c740196bcb18a2114a348e998bcf83e6a7f2de6a1388a40600691a3159ddcb65bb7bb2363c780e63c0e0d96777d76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c94f34922954ec019a7d9aec9d729b43

SHA1
6c5b56e1331c7ba95e67288d10a9425b57745de4

SHA256
d02cffb0221da2d5365ccca4083297681591c58a5252442f33ec89ee9bb2be21

SHA512
ca33b0986b909c833e6c0519637f42bd0cc3f93b6f6d0ea6415b1045b58fb057bb694dfeb1d8b3554681fbd68fba8c2551b7d35109ec02e23036edd7ebd6ecaf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad89b7c35720d4d51d5a305ef77ff6a0

SHA1
0b08ca8f4894a951801b8031d2d86d528449a9a4

SHA256
b510de7e8421a1b98ca8f8f5e730666b97108a6e272ea1d77bffc604a28af514

SHA512
8461effad26def5b7e53a352092f9cde030c6ca49627f26e169d83f4290af15247b6d6c80e2ed2e3439627c3622972d6da85f7693d82609473be372d76e288b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
83a45705ca9564bcf2d51bf2599209fd

SHA1
dcf2c83717509b2b1ca0e395743644e2300e80c8

SHA256
46672ee9ca90dc86320323918a97bebf8ef7c33373e69e9e3321c3cb4f453324

SHA512
6869f9daa70e80c15c68e7f1009d123378ad8fee361a78c946c711264d8f686a5396478f2e8c4c68afeeb5124bb3a209d89aad5cdbadbf6e4fb68cdabe6ca544

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f3b4ab6430a4c36a854a6aa650935f3d

SHA1
12dbea18f7350e7c3f4e484525d4a65d43fe84f4

SHA256
9eaa50a56cc051a7658cdfad10417e889ba7754d9f2a208d96fa166d009e8301

SHA512
b5434e663b5486cfd1d12e0c02d3d61b7c10310be22d87948470d5bb10fa168db78f7fcfac04f82b2ef5f6e854424380aedde7cba8074b9a99d1fb77661c9b44

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA547.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA605.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit