1750a4b305b5ecd4f6d5d2393a4c4060d5ff979cb6696cfd70c404b8c6790901

Analysis

max time kernel
117s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14/09/2024, 23:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e140ba007e9048e7dec1c92437f5250a_JaffaCakes118.html
Size

869B
MD5

e140ba007e9048e7dec1c92437f5250a
SHA1

72bbbfe9c8b3348a9902aa07ad619732acc13eaa
SHA256

1750a4b305b5ecd4f6d5d2393a4c4060d5ff979cb6696cfd70c404b8c6790901
SHA512

a4822a9c9a1881f8e243f9fe1a738ef3d4a5899aba6ebd5eb697b243175f9e8a5b9ac0c6077adfa3651dc0bac3a26037e37b5e1f45ec4cd4fcfd33144835e1ff

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000cf690c2fcf167d0cec2254f508f78747ff94aca8c856a6e42776bda896b1ba5d000000000e8000000002000020000000ad97e91a3edbc06c79838c035b07f736552d975538f9f5c638f1455bf328e656900000002b34ab729759e13656d80b8256c1532cc7ad8a38b5378ac2f54e82698cf96d8fce779cb9b128d144eca40b21e969485cc7f23a5f80a981c21110a0c333b26da1457ab8f1774578c8ff445c3eb8bc95361cc82e844b30fa7338ede553b370bf2cc634fb20afaa8ebdcad68d2d6705e2190abd8e8e22c8e77f1fcd5fdce9e131ee46ab01c5732a886479cfceb1b735f86240000000a08db07c9ce46d797836f0524c9fbef4f51bbbebab644c8b0a6b6cf216abf82b9cd95b71a00dee0b8dc5d0d487f546678d11c424c90aa3fdc7143bb38b5f0c66	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c06bd936fe06db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000a588fa003bcda9cbc87bc1e17e28bcfeab82bcb09bd8bb6d3a7f9c5c25900f21000000000e800000000200002000000039bffedfa83e285c9c2c2752f4bc97d243438ebb9566ebf222972c50576de169200000002b7e5fe1e33d6676bd915566b24fd0ba6f713da256fc0127e4ebca754b70f382400000006c80134618506524760af20bc0aca6c1eceb90dcbd691dfa966055c2949caddffebe134f03af0489a068772c6fb7f84bfeb6b3d5857832626a9d7c717197ae4b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432518546"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{71BFE161-72F1-11EF-8B3A-FE6EB537C9A6} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2080	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2080	iexplore.exe
2080	iexplore.exe
2736	IEXPLORE.EXE
2736	IEXPLORE.EXE
2736	IEXPLORE.EXE
2736	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2080 wrote to memory of 2736	2080	iexplore.exe	31
PID 2080 wrote to memory of 2736	2080	iexplore.exe	31
PID 2080 wrote to memory of 2736	2080	iexplore.exe	31
PID 2080 wrote to memory of 2736	2080	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e140ba007e9048e7dec1c92437f5250a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2080
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
34bf3e4d03254896e6bd7f46772b792f

SHA1
03211465b9a0355efb8b97e5cfeebea2fd217233

SHA256
5bcef64ed9460d40f9d7fc461e249f2ab0fa3a2d45dba8f380748cc215c31175

SHA512
e183085f6e53d9d632e3fed1ddcabf6d1bd5d1a756fa69ea72a7f7b68bd9b1200937a8ac27affd6566c4d89768b3a1c53b8339fb63b34b5327168c2f4885a7e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c71b51d149d67da2c68ecf1e4eaf1b37

SHA1
3ddaa88f576cae8827b0787138c5b20978da54c5

SHA256
b5ca539a2dd8eaa343b4b521c9d9881b6a62637de377d96b4e56d4ef10062046

SHA512
298d6cb15fae6778ba77578f3e4f5082a3d16b11e634de2126327a0910eebf07f2eddc61087ae3dc8d329c9714a05fdc1bd595fb9fe96934d583be2e236032da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
665a3fd6c016470db7b72a06c6d5dd66

SHA1
d9e284d470a769dabe3fddd4f9b90438c948dce2

SHA256
6f796f9012474502befac9d824d2bbde569cb8637e7281330e6cf84456a661dc

SHA512
fe97c3763710f6c55858bfde1ef1025b180b9ec229f272c238838cdb72a5454c7b0f08a4de132690ffd98c7204c667ce5672798211afb36ab962e3a906d41b29

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9cba8160f7fcd72bee8c719587d2e163

SHA1
77b73411562d777e5b851b89856d101bd694f56f

SHA256
49180cdcf44106eaed6d78ee3bb198191201bc807ab0f652ce9aae50d257f061

SHA512
4da3e35c76957ac3e7b5ea32c6ce53259079a00b7f8f8e31e1d9fc922840e62e236894574184079d6cca9421018252b433bf088dd52235d2fbaebab8ab7f598d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
96ea21db770f17ef9eb48a912b6b9291

SHA1
a3827e0c1065010ea7da69633a7624d95e4912dc

SHA256
452143b32f8513be4654a34ab8ca45ad322052617f5fcd1e425983cb8678c6c3

SHA512
0278072f9f0adaa954bdd434f2a51404eb68029858a354e7d6b2e09a7bb6610b52db7286ba3ac86aa3a8eb866029e729cf15e444eaa5f368aad394f452508018

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9794f23226dbc83ddf9e82b92b9a78fd

SHA1
f6ef1c46538c51ac2d8bea22c5054aace1e6108c

SHA256
dc11ad9afee8111f638d8fbb0adf71a68dac6360c16e880b3e4e502a309fe5c3

SHA512
887ff804d8803dc1e50f8f9ff702a0753d89e0d1d9da675ff9c026db39a7319b59504dfee6a2d42b3cb7a302ab85bdf33fa82bffb8c06dfbe822d84fe8dadaa6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c2b72d94d0404f8fd4ff8f21f2f1113

SHA1
e6cfdde53719c7b8c5cd0e00e890cb01a72d8519

SHA256
229133470ff66e5946df27bca5aea182b785cae231bdba26c398b78ee2c08110

SHA512
cfa46d786cff5bb11eb126252508be654dc1adc099596d1ea909261aaa744d36f2f3665152dade1bc6ecd49ef5c0e1c04fb67a3057e072703663e5646902ef3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d8c60b5b46c620c4fcbb6fc3f47e7e8

SHA1
30ad7a24b19e8e3f2eab1971e5e59f1b6c24bb78

SHA256
d09b7c195f3f4f066b1f4f21d1bf9df70cdd2077c22b8c66ae0f0ffdcad5d387

SHA512
39ea5b85b73a45c0f79ad84124e81741b3c8ec6d3e7aedcf8b6c6e5866cc05b975d3f5a2192b1accd9bc79b754bb14ec5b13796f7db5c46d4a1838adfe25d565

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
486281e3e5a140cfa746ccd796f6886e

SHA1
f1d716817e49e6b9e80db210581c2acd0a76354d

SHA256
e3bafae97b5196efb38485c9bb50fb08dccb5b460c89d739075ceec806b75979

SHA512
f51b566d4c2291b7d891213b03ddd1f3d8be37f228e00d4a67a112a27660807fccd52e7f31bb2bb26349a2a4c30475bcb39d663d9338acc997a5d0f91f649e4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ca2fbcabb9cee5ff896494f2900ea3d

SHA1
fdfa716ca862d011c841791e207c3f7fc86d5a8b

SHA256
a6f38250c190aa1016e2aff56fb90f2f6cae0b8c0c50346c691318fdf97425cd

SHA512
e82d19ebf66d629e68f5640c79c5a1d3ce07c9d0d40e288a81b70440ab6b353bc0e743603d93a47f4dba637bb46e65674ba2795111c97a2abc2afe63519a7caa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f769e70485e0b4cbb19610c3d0e698ed

SHA1
fdc51fbc25cae679759a241f09256015641727d1

SHA256
12111db68e94419986486946deb10fb5081797fb91c4a07b77cc287f0e19d0ba

SHA512
82af9a28b2e7e3350ceb9669dda018a934f0879b1bf866cbf17d4a1e251b30d443d388063898f4443c18af01b13098e413bf5c5089a046f5bdf0b64d1eb68c9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5c0632782325c8fa5859a7d9f91db132

SHA1
67b63d3aac3831725a76254be64c26b2240b41a7

SHA256
8336321d542040f49c34bcebb8c8e7bc3d267baf126bc61808a6d1a6cc6bd80a

SHA512
317289d29055ed6d2d5742bd7040df890f20e5745b03e126b9109eb5e724004c02c48caa9b8afa468884c51e9b90b2de1dac372827fa0492a4de9475f999fbce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e865d6e662bb2a6898e84061f09b236

SHA1
3cce3171cb9d11a74276164ae4b73ebca85bd705

SHA256
86b6757e471c1f384d00b31d8263262dee754de6ba9f2f680aeb363c3c52c80d

SHA512
ee62ff4c136508dd6e7b98c222ea9eba49aa2f2f37301ec7d2056e1343f829849be3857c8e3120162746a6f42c045fa23e58442ed8b2306d8f6d4526303cade5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67164dc4dc4767e5c03921ca7053201c

SHA1
d63bf757f645766931295603905a61468289e58c

SHA256
1e7228d70bccae5b034db6942ac3524e0d450985bbb2fba68cd8920c78b30f86

SHA512
bccd8fc94527d1c939131a281a6f4f24e8814fc7b5977b8c32733531b8e46093cddacfb655121e88c562dae8812d5509e603b52f7a7ddbf2a4cc43956c4f95c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9674499aaa3a96007e8e5f505f213680

SHA1
5fbfb4bdeff1558b5215726876af77cdab34010f

SHA256
5bcefb40df4355d26fc8f89a1ef60d22171d1801b9f3fbee51b2c22f84a58b17

SHA512
9c5e6ca0edeabb68a4aa2cd4ff97b691362ccbfc91f914b36a064cd8f15e66a08a9adb06e635a1e585590c1036be9d5ee4bacf029e586262f30c6998e14d7184

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2346f2a4682d4b6501a28e9f59b99950

SHA1
50aff01f281abf10351f617ecc8b09158b4759e5

SHA256
660944b6e6d53ab0e6cf2a6b16a57fd61710369727e7f209996a536699d8a07d

SHA512
83b0875497f8dcc5624ebb6a61639ce427fed00397a386cf1121556b2df87bf08b60d35b6e36a174cfac36dab8914adae602d9586260d12c09866411f87cf901

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d9c68c5ac5665a05280a233837929983

SHA1
e05b316661fd46d80a2b3a1b2c34d459e1951d64

SHA256
953e7edd5a1554e5784b03c469dcc6d0c9e3fee039de69997d202073c1b0a6ed

SHA512
7dac8dc60287532761871313cc99e51799ca54e1ee387ba372ea07d12d319ba52138090ca5f3eb36b6db2db96951e017fa38b256ad93b4e7a32ec719d37cdf6e

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabEE48.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarEEB8.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit