8f723b923d6c9fd05f0c98344d05776e3433365dbfc3203568ba94931b12ac89

Analysis

max time kernel
119s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
30-09-2024 01:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ffb465876960db68aaaa714301179646_JaffaCakes118.html
Size

68KB
MD5

ffb465876960db68aaaa714301179646
SHA1

eea586227e979b87d11999d56c3eb3104f530d64
SHA256

8f723b923d6c9fd05f0c98344d05776e3433365dbfc3203568ba94931b12ac89
SHA512

d1f41b197b5d8bbc28f701e341920a079ee572ef5e8bcf2a7172d8bdf77b7832cfa9e882842a03cca1b15a0e1fc4b54ceb46301b65438dc316e79e704b109ae8
SSDEEP

768:JikgcMiR3sI2PDDnX0g6pfpKip879b/UOtu9hpsoTyv1wCZkoTyMdtbBnfBgN8/C:JAG3Id6thTcNen0tbrga94hcuNnQC

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f00000000020000000000106600000001000020000000d2140397fe05757760593c479c65d22a1d8fa6f3fabe6923c53ab02cd5bc2ad0000000000e800000000200002000000094bffe59ef509d35a194e8d45da51df578e2763d6ce854c60518c067b445bced2000000047e39eb8741f67a14056e186d1b08d0303f68e382cf62a03b3e57a015197dcd840000000fc19616ea196b07dfc1fae0cb8407925b06fb620d713baf660629e3eb077c1052bff6d44da498943ad469a93c7ee448a06dc10c5c8abb893746ddd29f23b0487	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433822522"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b8d48fc8adfa6b4a805f1a4a681aaa6f0000000002000000000010660000000100002000000080f6bbf872a2ce586722d6aac04aa7e51117881a463e0a9d989706009c46e19d000000000e80000000020000200000001ec435ed0f7f4eaff3374d8a9510c49b105eda105c1f7a7e49386daa610a18ba90000000a4f981146fa26a27e8036ee4cd5aa83b829d46078a0cc5353269655f793466808ce13529aa72ad0fd7b725c9e909cd765baec24a3814fdbe5d9afa6909c87d6e7c477964174b8d781e614d3e5eaf7b555f6373efc3341026253298df4488be16802006fbc7ac01951d9a0db4d14e3872af2fb154449cdb82aa14b4829c46ac9e2313f8c1198a43c9ce7294146eebd6434000000013d074a90f8affc5a582873dfd917ce76d916a6908946e5b61630dd2632693cea7c96c708026907681a39671acf2829b1cb0ee91dfb4fdfb76f74135dae1be16	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7E3293B1-7ECD-11EF-9CC3-FA59FB4FA467} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d0345a54da12db01	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1928	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1928	iexplore.exe
1928	iexplore.exe
1476	IEXPLORE.EXE
1476	IEXPLORE.EXE
1476	IEXPLORE.EXE
1476	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1928 wrote to memory of 1476	1928	iexplore.exe	30
PID 1928 wrote to memory of 1476	1928	iexplore.exe	30
PID 1928 wrote to memory of 1476	1928	iexplore.exe	30
PID 1928 wrote to memory of 1476	1928	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ffb465876960db68aaaa714301179646_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1928
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1476

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54209275585d96fd8f1be8ecc94c4c4e

SHA1
939f4160f9d13508537680d488f14a40034cced1

SHA256
0811986b11d26696d060d244a3860128b7eac8db688cbff6d27add2ab967db37

SHA512
d6f21d6482a2a8edfb682f4ed3b6074c64a6a6777ed7aca8d16c28a3f0f90af895e562506f63ee4391503703db52a1399c356e97d29a0c484fcc835f11d843cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
14f2b21e6db28ec6f02dfae9829c8bf7

SHA1
f1fadab2426ecdc9f5b9688fcfaf3ec4294893e2

SHA256
cbf8eb0c0c65372c12e405da92981492d22cef1e84029ca56c62cc8b572e2e79

SHA512
50d92ab90df01ee20fca2bc1dd8ce4b92b40ee73c0b31feb162fe6d28b62fb94aeacd0dacc0c58ca595e94a250851c9a2142c344bb92bd5c66adfea993882971

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e3dd5b953a602ea29b6beed540edf20

SHA1
8dd641321b1ce0b221c75063d379a6bb37ec6236

SHA256
58db7346b57b9d061062cd510468a157b87154a89927ec40036d3bb729f9c71b

SHA512
2f01c820acc60abec59470bbbef93961ea3b622ad4fb748d27c85c8f05809c6f9f63abbf461554d9fd2a94d8a3ce6543595f791ff33cb9bc1c75b24e3d57f9b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33a538fc5a99047babea4ecd63aaeb93

SHA1
67d089dbe9a8e926d72114a6df21128f9723d7fd

SHA256
80d309ad8a1a302286d73c2dabbe43567cd50b07caa931022104c1573bb07be4

SHA512
d807ac880084270b21ee84fc08423e74a24d6b35eb98f3b71cb153830ea97befe4a394a5e4a2b86617682e753ca632c808079088d633030c1ef4ff6ad6dc8b83

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbab67dc20d67b48db78961563bd0430

SHA1
1a9294a5bb4f83ea3d59d02b2777aa361194db50

SHA256
fa23e07e133c3d69067efb73f3dc9e239badd0e31432c76fadaf6b6ca04cbaae

SHA512
5ef8608477b2505e29d2224f91e8fc3d59767c26efd38ae845ffa09e46bde9c3b8d3cbcf275992d45fada9446dc484f446a37b26cef1ea518a0ca60a3c3ff137

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2bb4875328d39958e772d6515b005489

SHA1
d7c62e007598da46554400dc8aff3420c5daceb3

SHA256
a7e1787b3ecbbe6af1b9677f96879c659f4372de4c0d402713203895028734ed

SHA512
f872c48757b35f244fc2bd0e7b7e3d468068e7d2591bcea65da09ddffb579706dd8e3562013c184415904c73bbda3a290ce68ac0e4241e6aa382fbc501c7b932

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
863feac5618d8073f392529a5e9ff35d

SHA1
7e22b1f67f2091365af95ed85fc33a8251c565a9

SHA256
d744fcfe8bd0b02be168b38724ecf1c16b612ab13ef3197e58d7a8077d433719

SHA512
b8c5e559da0d9d64490c1922204d59b49164f99b9b17ccdf6f644b3a2a73d28610983351cd3c74570cce84ba39314adcf35b58508f441459d22456131e6bffc7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6bb5b9195b6177f55c567e67d0d680b4

SHA1
fcf75eae8e572dd23248caeb394ef76349479ff7

SHA256
1fd02050d13b368e4677618005e9c9d9bda5f598ca6ba7fa181bfb21c6f4cee6

SHA512
c59d37efd0b9f8e8240817058672f588928902228ffc3d695e70fd3ee8d43e39e5a9d3e99cce59ef9dd4f93fd728e09dc4cb0b4d9c92263d27e7404b014afd6f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0730b8136b1dc6498a49909f9f945018

SHA1
adcd653c5a44babd0892607151f6c8a48aa1a5fc

SHA256
3190077b39fbaedc231f5ef210332acd17b8da7c0d23dcf470951156cfa645a3

SHA512
8db3f14f3064b466edc560dcdbcb2b0c4b7bba13996a7e2a0a337c382f3b1723dbdb4eca1257a6e267c41715000f3101a194fda4053d206fe8227f4737b639ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4edca3ac81ca04a106273aeb740b56bf

SHA1
e8de748ea3408634b735a340e75557194fcb88a7

SHA256
ee163b8fbd857288fdb15afb936dd1da6f8c0e17b0321966082df721845dee18

SHA512
0c1b915c1812169371aa3849c29c5be7c2cf0d13e516f3562f62ffdb3711634a83ed621e2aaf236d996d62e4198d4ef52c4d059ea61a2c08b9f90e11c01bfd2f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c38dbd3e44e00219d347a639085a8486

SHA1
885c707551cbe87f11e67b2650132f6276bd2d73

SHA256
92a4a8885dcf3029307a89081410a3d894082d4f5b3c14d79ad1487a6a3c5cfa

SHA512
9ba43ad2b405c0548bfb36355ae85cab2dcadc5a9497145fb4addff7f9aa9e7ea48abab1fe3690cab73abf8c465cd959c6a2b7ff9c6eb4ac2298b53e86d21d6e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fee769e976c714c07a9e2f6c7d2b3a18

SHA1
54141c7d9929b572b597b81ceb71f48a0865990b

SHA256
3271b6ea5260039f6e3f7994ebf3729401b86b78fdee841bff376ac2c0add881

SHA512
1243659085427c66e9173c70483c94d56fc0a1ba6533a254e1b8a70698cacd47fffdc517755547a196303d94b46eddb7a49c01d7a338c6f885f15f0945b04b9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c27e871d022120cb091ff3feac0d8b31

SHA1
1da4f871f1b3552d072a582ff6f064e5ea8278ea

SHA256
a948133a226fa02882d40dd082f963aa77593702db088850ea29af337afc1100

SHA512
e007b613be04714379dc0a9a2e1acaf583f8cb534203e2e2591f677a48e8621027b2affbbeef2533cdacb6940137433e15d0c6a5061f9df47f41ec3f3d05eb5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94e2b13b5ffba74f5470f1d5539c3b1a

SHA1
8dc27fda1539a20a12f36cfef0af45b4ce177ef0

SHA256
b2365fec22722c5af122695e837f4786d77f4e4c5c1168636c42723c673dd659

SHA512
c1bfeab4e0bd6590f5c2041adbb73a6ffb24a4dace71bd964b36e0b24a1a89612f38b1cbef4d504b8b9b4cf18d7e7553e03684d01bc8bc3cdbc13a16e3f0401c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
258c5cdc1c1eaa9a6e7a6c245f1bb488

SHA1
1d14d7244aa65758a08934a9b5ef8425ce58b9d2

SHA256
7b5ae5b82a5c46b28648b7cb154c1d17824e5b33cd57e00f508a049b3021d3d2

SHA512
0e7d03c31af94171e1c4743d1eb9a2366750d863e672b0d864c336e5cbc35a28938a531c429177b1598b3c61cda78fd547ac7b98e251308acedffc04f33574a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9076d0ba799195a2014771bf29bf3ba8

SHA1
dd13fa769f8aaa7ef5a1e48bc625546afbcf43c4

SHA256
3e947ddc863bb57b31252accfbdaf3782d1082676367f1408f5cbcfcc675dafa

SHA512
e3e8bd2d1366275a11f6a91712b9b33b0786f3a4ec35acaced7040aa32c1d35e0be538867ff3bacf3d54e59d5cf4831e6fc936f34f61ef4a68a9d09b7c7850eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38ddcb0f3432deb4f840799ef2cd8b2f

SHA1
74e33dda726d989cd57bae83c432878e53500c4e

SHA256
1872df02d70ea3d1dbbbd2d963a7dd6cf08af0565436ea7d632f8441c1af6b35

SHA512
d0cfa8124f553f6e09d46a0fb4e4e4da97af8a998303f36f9894a60553ddfd1a8a518baa5b09748a5f42a058b115894774a8e17fcfb483fe122f0ee6ffb0d850

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE284.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE324.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit