4e869bdc5747c7be71407458546193ea13c1b0146314502b5f7ba0196787a033

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-10-2024 01:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

28340caa67727220e5e9957af8a2406e_JaffaCakes118.html
Size

170KB
MD5

28340caa67727220e5e9957af8a2406e
SHA1

99904d74b26015d5545acb5c18856e0b896ee567
SHA256

4e869bdc5747c7be71407458546193ea13c1b0146314502b5f7ba0196787a033
SHA512

1800b72de79c328d0230c7770aff58bef054afccce2874f914dc7b2ddd5d876e09d6b7430b14af84ac5fe8e83bd5ad29723315c2333cef4f296faa81aee00d90
SSDEEP

3072:zFKSc3zKUP13G4k5QhLpOatVLddZcdurWWwt8ljcV22wOoS/0Ib+b+FmKgMx3ufS:pTo3G4k5QhL8atV+B22wOoS/0Ib+b+F3

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
536	msedge.exe
536	msedge.exe
2180	msedge.exe
2180	msedge.exe
3644	identity_helper.exe
3644	identity_helper.exe
4660	msedge.exe
4660	msedge.exe
4660	msedge.exe
4660	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe
2180	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2180 wrote to memory of 2816	2180	msedge.exe	83
PID 2180 wrote to memory of 2816	2180	msedge.exe	83
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 4056	2180	msedge.exe	85
PID 2180 wrote to memory of 536	2180	msedge.exe	86
PID 2180 wrote to memory of 536	2180	msedge.exe	86
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87
PID 2180 wrote to memory of 628	2180	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\28340caa67727220e5e9957af8a2406e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa14a546f8,0x7ffa14a54708,0x7ffa14a54718
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2512 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:2136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,17786945911867130549,14988163956720713108,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5136 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4660

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
85ba073d7015b6ce7da19235a275f6da

SHA1
a23c8c2125e45a0788bac14423ae1f3eab92cf00

SHA256
5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

SHA512
eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7de1bbdc1f9cf1a58ae1de4951ce8cb9

SHA1
010da169e15457c25bd80ef02d76a940c1210301

SHA256
6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

SHA512
e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
82ba658bceb4693858f0eecc73d46544

SHA1
362a4cf2e2e18e8c6a83af6828d002e985c95aff

SHA256
9fd23f53fa2873bb47bdebd9f1e5a2d43614c25d5ab64b5c57f951502ab44891

SHA512
0b1ec84180c25b450091e7c8de3a6f2b63f2fc2e6a22530621cd004d0c021fcb404650e8bc6efde1b60271fad65da0856ab076b6d23a8de6e58c6c5e1b670a93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5dbb720d121c4e6ba1f792949af0d1f6

SHA1
6918123294263fa1dd89b1a735163e0a5503f2d6

SHA256
7184400d4a06a40caf5637ab672064dae479a8b869d5edfee31064fdeb948ca2

SHA512
48ac8092269a174db08c6a605120bb6fec2d90944e71cbeeae408722f2b9124fc462483e89df9a22936061033014a512683b44e120eeee2fc1b83965014ffcea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d20e542064b665299f2d6fd8d3090567

SHA1
0ef89c9d3f5bd450003c08effdd7149a32edb699

SHA256
560862eb82ec23015b886b2a5fdb7e56e34f7e9974994af44f35aa6701a567a4

SHA512
4338fd91b7f34799801dad45d762188917cd50de21242c4150c365696cfa16826a452bb2500eda00fc309a6b07c80b59f14cb30c91b9bcbb50c07740bc33f506

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
64d306c442cb88848beb3adf8fd8da26

SHA1
46870001179f555716c4da6eeafcdbec507abcae

SHA256
fed87460ee4680c4f500461402a314acbc7fdc1e6ced1eed6b3fc756bd801229

SHA512
e09e4d576daca66bdc259afe1ffa603ad8047c0811cdbe52f94362611c596a4e993c07c67df7b6fb19c4db83060b30b9e68f5f4c31e1929b4b4c28dfb0a4a79d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bdec80cd6ecbb0334ed08394628d7672

SHA1
5ae91721eb8f1b1e81510120e00e9777bbbfe669

SHA256
3420d86675eb10fd1f769ac36608b2aad295f0fbe05263f5505f55455e49a48e

SHA512
2ff50a0da1298e9ff6dd89eace01c479b33d8eef099bcd53cd5d6371842866c3fb89e680112a1165bee8284522c3496d301c90a2d0531954a0ad02b19749aba0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e78e063e88743e5eda6b08e4b4e842b1

SHA1
1fb332902aab16383c838e1c37f0eab4c0d9c15e

SHA256
08a75d77f42ea4837c3758475826e3e61d54e8c1530e79ee5a20a3b99e640b12

SHA512
4f9c684ccc48ff47a330a4e54c573cf4f4b9bbdea1cb3c1354a21164fa730a1487a54fd7f761c293929b973d7c70508856f8e683b456f646389e9fc04ad8034c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
db0f0b84e49d64c2c090d8d39ce45771

SHA1
54517bc4e91b834bae4cd1c1836a34748a0ee045

SHA256
0a3c9fd86c47202119b2b36482b4c80bbc84bf69d10afc9df2ce27f1a33222fd

SHA512
c448c474d69b05149f0b2d66ae354894260b53a59408a759549953064a35d50e5cbfdb0ffc62eeae5ab0b52d2c65e1a8d9d3ca2f6048d79eed683069ee326216

Download Submit