3defc508e5614ac6e9aa2c7ae6f2319532bba2a3ead9a6d3e8c87040e6b37e45

Analysis

max time kernel
117s
max time network
136s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28/09/2024, 19:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fcf739e72567c24c57530f61a82937c3_JaffaCakes118.html
Size

69KB
MD5

fcf739e72567c24c57530f61a82937c3
SHA1

2e6e93f5579ac56a04f0a19c7204952754b8d11b
SHA256

3defc508e5614ac6e9aa2c7ae6f2319532bba2a3ead9a6d3e8c87040e6b37e45
SHA512

41229e31461a36779a0c8e62405f448b0bad7366aa2f1b940ee519d63cc061931413393e9a823d827af96e6b9edb702c1885afdef23e61ab9d6f9f43f0924a22
SSDEEP

768:RgOriWNcaSoagGzw2OqkqKhlb7Q3QlFY9McQv2UrZxL31pDwNpFey99G2SYv:m/lw20hxQ3QlFY9M68nLMpD9h

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433712663"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 5051be8bda11db01	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000f00db461e812d8ad457ea63c30c206aaa56b2aa773d3dbaf99270e468a007d30000000000e80000000020000200000006474e073be27ad7146a98f5608e038632ad227a0c3f558a609ed3e0f46664ad6900000003888f064c1605669a3265d8be469e1863cc3fa15c5a23378e2e1b58dc96a69658cc17735194c7e51a709e3297cd81abcdb535fea97584316b786a26d4ed6d162af3c4008b4ce6a2a169ab46f377dee447257cff21ec725507c5ea2e7be233baeb77250af0ae910c4b01d3d41c03606ae1fb2458b6e883a927b0bc51f6efa6f1f99418f655e785ae96f95f91889c8d8e64000000049ab95cc90d7876fbef53487fea738410ad3a7abc6df301950b74f1c61abd3e0a85b34460b97560ddcde5ad5a18275a0b56b64f80044039bc686309c196dd2d2	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B230C8E1-7DCD-11EF-9A8E-4A174794FC88} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000b35d14c802ff6d1647547a7a6533e4918843939170bc6931d2f414fd2d3b6da5000000000e8000000002000020000000482dce2b404343e61b3a9c137c16e1780c1eb76f1ef23fcfa62297fa0c7c448d200000006aa543fe0bc496a4ea111cae8d4c401406ba41f4fefd414f4c3eb9e99d331b5640000000505245408c2bce53a095d49d4af54fe620793dd1718755db52c363e7b15769005374eb733cdf005bebc53e766079cddef9e837462fa67e26b74d6f99196eef38	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2936	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2936	iexplore.exe
2936	iexplore.exe
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE
2708	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2936 wrote to memory of 2708	2936	iexplore.exe	30
PID 2936 wrote to memory of 2708	2936	iexplore.exe	30
PID 2936 wrote to memory of 2708	2936	iexplore.exe	30
PID 2936 wrote to memory of 2708	2936	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fcf739e72567c24c57530f61a82937c3_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2936
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2936 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2708

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
e935bc5762068caf3e24a2683b1b8a88

SHA1
82b70eb774c0756837fe8d7acbfeec05ecbf5463

SHA256
a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

SHA512
bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
e174cb16ff92f06fd88cb32fb9a901fe

SHA1
cabed7e4b9d0970456d7c21e002aa1756ab871b1

SHA256
7665b0a72a2b036a7fd84984472113668721ab66acf72560fed9f2ab93640219

SHA512
d5694fe66697d3fa2064c03280486ef81b3511dcf094a8358cbdde8a0efd1ec53f37fbc7ccffe4f4ce025e99039164e3c7e6e4d842606ee757178e113a827c1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C02877841121CC45139CB51404116B25_0BE30C8E6128C0BC8455FF6A9904D7CF

Filesize
471B

MD5
659a01acc4a13cc5f4db0803e1f47735

SHA1
0da0e9389ec06acf358b1f7e813e6e037f6fc7b2

SHA256
7e43fe769020faefad212eb9a88b4f4c3f0605de9b9c7365cebac18954bde184

SHA512
6377b51cd16ca869ec7d8b66d787ce73139104e61fa9b69e502a1c72194f0fdf5ce66006a02570f640d0c3ee02269409308a13b58a59cf646d13cce0ae6fc26f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
c7559950c4dd51d9a144d701cf719945

SHA1
a33a3160678844e009e369e8d0c5342d2fc36d90

SHA256
dcfbd6afc303e7caa1cbbb0c658280eac0ee3fc85fcffb17ef6dacbb59d9aa92

SHA512
fc0af1795943a398503ce0dcd9123e2cfe887e601f8281564c8356527b8e5747619e5587ba9d6570d6421530ec7e8de776146122eff049f1afc35f7030923626

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
f06638cc3bcb1859580909da198ab5de

SHA1
17ff4f5539df1e715e7a7c924ced2335e1ddea97

SHA256
4440fd913912314ceacf42b404283be4b21d2c7e0ac81e0d2b8805b085d85a57

SHA512
076049fb3aa325ba89155014df63ca4a099fe8c16c13d7fc6498c096b5c3f0e9e6a8a2b0fcd4a5df034596f6c3517d3678fb3e11341338d418b4dfb4192191f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7ecb50c61835925d83179a98cdbb7077

SHA1
3f671db033f8256aed129502eacc5ad09b8355b8

SHA256
37e89b42e819e09774a96fef6b0ac008a9285897b87f2fef990e82f0487d466e

SHA512
8ed393daa55f592470dcc23a0b348869920c158fa0bad0a8b213290ac9370e8b6ff913eed863bceb8f4efc95ca94b188c9ff9bd5ac549927aa7f577541f22ef0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44cd48d27a0c80b81bc3a33fa56e61ab

SHA1
a6d9fee3283b7a42a0b7404530396faa225076a6

SHA256
3faf3c5c69dfd53e8e286b1a43d419cc7e0f92ad98d0a8ac4236807885ea5833

SHA512
3a33f5a97db64908eb78aa16ec213770c18217285be83f9d386feb46d1d01da518e31b6276d5e6bcb9f3bc9ddb8aaefdea4519ae0a59c6dc20d3e345e1bf7ad4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cdd6a4bcebbc2a9d5b9a5b250f4e3199

SHA1
65f4c13f69e9970939670c8cd8cc005b128df681

SHA256
7e66a946361fe849542de6cd70962608b8a1296c02438f2dc3fc2bb23a4a6125

SHA512
02a303a80e38189320e35efe1fe06935c69a2f1135fd5ce61a33662fab258db67aaabca92c7d0bc99ae2d5d8ba6c1df2b4471f893fd60b49fc745380212e28c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ef6140d2415b9c053cb95cbed1f71b14

SHA1
f5b0e1b4e2ef591c5e58fa7da2aac428dc9dfcc2

SHA256
a0c2aee4338d8d976420512a212d84dccb61ff969e8b3165adfdabbbcaf968bc

SHA512
98d0efd5a63d6fd620fb41480815cf29aa23211718866cafb7b1279bde66fbc48dc038bfd6e2a0574139ff6e63ce30f28d86f1394d7ab36acd4d2bb2b68ff0f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
88b495ae4d17f74dad954871793461aa

SHA1
dba34e1a4263f58eff5e93433557e34e6a1d0e16

SHA256
995ba27d5122faea46b326a8abcd930c85c7dbaff8882a18278ce2c8a033b470

SHA512
3149a01acafb0e8969678694daa679315c413c9fd716cc510c321aeafd29be965bbc6407090be8518d17ecbad4cd105435a1442ffb881ce3f67c4ca07448535f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7b3b4c746e7a4c6f04e80d59f1b5540

SHA1
b12e159dbe9e1d20cd1d3fffd57ea0c7dfad199f

SHA256
85f1d030ffbacf9fcfc594cc78dfb62cb64c77c8b1ce44db8e4b9e25a1761723

SHA512
15f46ca4df7b060115dbc1422ebe49918f8c01d94b5b220881c684ecea2f6bffe4c3dde2ec91d834db7d0c691fe263f7f7807604f23b1a6b0862c0a31e932909

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5e23cbff079c6f9e2ecdb99de9ccffc0

SHA1
da75cdcea26083a91f18c41205f2ad69d4e3119c

SHA256
ecfe8a77790e8a801908107cad9453fa74c40ae186cb8d9148c1cb84ead20133

SHA512
a78f5498a79aff7f6887ee6bcb077af0bc0f69706b2a51086ba91bc887a92ebbc2211c7f352216bcf42c80537a7994bb77e8aeb026f7a845c47ee10a83fc2941

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ce993974c6e0b7863b3367d6830869e

SHA1
17822dd26e0799f15f5ed5875b2ae54dc0bc7c0f

SHA256
1c9b5f35c3c584de00dc6a0ce3209eb4fbca09713c57600cd9d83839fadc4752

SHA512
3c7d9851455953662b2b592e1f658efb0f4c74bb3c8d612f0d7a78bf00f18dd7d5835d95255133744057a6f8391cbb9672634ed25fc63347db6d40103c3ac500

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3c7b3aebcc07dc9a630b743c9aa69815

SHA1
4de89efabc3f0ddf5b65a8eeb0a638a1c2580e94

SHA256
3405e0f4133feef442e58f5682fa97310e7f7f4cf11384e96f0a85e679ca0516

SHA512
25973e2cd26bf7d7f4d008d49584edbf3e119105dc50f51e07eefb5326f2a39d3493fb8a47f35f647ba4c37f5f5075c4609ac04b11419f32d39ec07e89c4287c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0f93048b8b2387920dda11d1c949c26f

SHA1
5c98d0162907441bf742693a85a066006bcaf8b6

SHA256
06db8060ac9f2d8fc8dd55e27aa87c2293aea81146a5373510ae45da6fb562b4

SHA512
39cf5b66889dee8588b6cca3480f867520ee0119283577867ac6797a8d631862265cccb7fd1838e138c395a04e378657ae4348036c2eb2fe69773fea4f99def6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
247d9b8fc7c848a26aff52f20a9bf710

SHA1
71ac193d6f440317df506437f52b5047539f5bc9

SHA256
7dd67e3feb9e56bcd5cf4f1a5649bc69c342b557d3f989756049bd140232ac58

SHA512
262868b95a41c2987b7f9fc3b71343d0a9674cf43f140fcffdea2e052a3ad5a44335a6eb78f060347ed156aec2b7b0ff95cc7068087289c29cf5742295274e55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f181e97a51af2176fbcf8ff40525bbdc

SHA1
8a55bdff5d72d7ee4b396478156cb18deeb20bb4

SHA256
3ec44da0a8bf4dd4d97be05192e992ca09adfd0c92d05a16d733bbc71bcb0719

SHA512
a246a731e806c56cb127c33a82aa47adbe16d1f603efaba5388782228f135e8bf21cc2cd3a7acee096d613db294361618da5548679f08fdf466c1fc888c4b219

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB59C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarB59D.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit