4eea9be1fc385c2ffbc48c7ed9333f6388e535651fe0cf3e466c8abe5618ec1d

Analysis

max time kernel
136s
max time network
143s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
12/10/2024, 17:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b4e059bd1032f4c7e424893e39a0ce8_JaffaCakes118.html
Size

214KB
MD5

3b4e059bd1032f4c7e424893e39a0ce8
SHA1

14a7cd66475295dea6189e85af0932afd35f6acc
SHA256

4eea9be1fc385c2ffbc48c7ed9333f6388e535651fe0cf3e466c8abe5618ec1d
SHA512

cd0877e919181baed85cfed47cc1f774b8cbc6619777d9fd8e744ad024239fd35efdcd66d3e25d32ecaf52e8ad7d2d936b38bae8da73af31b273d30069ce4c52
SSDEEP

3072:ErhB9CyHxX7Be7iAvtLPbAwuBNKifXTJc:8z9VxLY7iAVLTBQJlc

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434917165"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{278F1C51-88C2-11EF-AA78-72B5DC1A84E6} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2248	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2248	iexplore.exe
2248	iexplore.exe
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE
2568	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2248 wrote to memory of 2568	2248	iexplore.exe	29
PID 2248 wrote to memory of 2568	2248	iexplore.exe	29
PID 2248 wrote to memory of 2568	2248	iexplore.exe	29
PID 2248 wrote to memory of 2568	2248	iexplore.exe	29

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3b4e059bd1032f4c7e424893e39a0ce8_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2248
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2568

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9438971f5cd7f357cce39ef1a4fed8d6

SHA1
98f337f0ed29697ef8142363adb0f95aac489c45

SHA256
40a1cf9ba871c37193d9b549cc4a3b3014050cfa930b430329e2160e757860be

SHA512
a242c7248ebc2a8efbce994f4f8b7ce58bf5ddfd0ba2a0527c932be2abbf5ae42a277a1ade1a4372228bb2b4e2eaf7d7945afc44b81643b70d538485a8474002

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
496eae0dc64f535a1335c421834d7ded

SHA1
e312ce74d3d74dde025814b76383d6a6c0ae3045

SHA256
8d0a7e5a45e1faaffa86c3e2dc4db758c7589b92183b69b597d2a197d8d883c7

SHA512
644c52d7e54045f3e381b47c0320eb6f48d673f4050d1304134ec1c65352feb4773d417a9289eabd86004ba993ac44769b3cf899c8709d7979e86ab818fffe2f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2a54f1b51107d05bfff0cf36205f2809

SHA1
c307241d0b3b87ba034dbc358a39ee6ba464392c

SHA256
691010fd1bd257af23a7313aaf3d38e2d26ae7fdd5b8a2f399ff52edcf78e3a8

SHA512
13fa9d62f1492d13d301cadefa012245a278622c5970745a0741d5f4ff9596457abb445a10b5719251b684de0ce35f61f061fa3834b5a99099e3731cd4ab1938

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20d07da3c2a85841718c7d36faaf79ea

SHA1
340c1983582ae16b1f195f9eccae6cd1fef4016b

SHA256
2bb4c0a806e1dd667a345687d7670c2a2fdbd1b38f68a3d0db6b1faeaf78383d

SHA512
214e0ff764e2e9ced54d5697a81760f3cde66e358902036a6028214ab293dce1bd18560c23cabed18b55bcb5a5a0e3918444f95bc09865bbfcd2a8d1d3fddae2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
914371cf74efd4dff18713e6648a44d4

SHA1
c679e3ecaa8e62a84517e82e41198f16a3caa035

SHA256
0b9ab622ac15477da29fe8b5202ab663e0ab31a450b8fb350670f972cbf69d6f

SHA512
91637da3de5be5e76094d28c781a384ba1f37224658ddb9885fb31cb604186c23f20c8058d38f61763749486c8f3e053fa15212bbaa7bf91f13bcd44f0e7de94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
80312809d23b39f734853b33a5574029

SHA1
57ce76f9724caeba561a886ee737d4dd756ebaf9

SHA256
ba0b7ddfbdb87150dc604e81824325df220c78d7f0d735ec50d46a35b637b5e2

SHA512
6649abe23b047eba7ecb7d9fc4ab071ebc472884e4c95bc272361594ab0138bbd476e9b3bd445c935783624f68d3b148d4d7af993694c37458cdffeff39bb690

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
915581fd6f9289d66c57dcb1bcf57ae6

SHA1
cf042d825439354205fff9fb5c9c6071f1339a40

SHA256
f4c26f1593c1d86e437d9db189da66f2855ee9298633771c97fd8b120b8bcf12

SHA512
a04835a6c1c69e26f8cd3d188425bee90edf6367fb1caeccae9a2fc9354384f2d3f351fba15a82a9bcdffb304facf8717c02715b27f2f6fccab25bb13f21007c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74b8ffa96059e091673c8ef16074691a

SHA1
f0d008bbbd2475958f5caddda9c9454518414201

SHA256
4033ad636420e1410995855833e8368859009b0f5a1d1d47e8421c974c31c65e

SHA512
a5981ab66be59e68775f318593016409ac6fa9f77e663dae65536a2c3bcf93731ce47398ca028a8f70b9343037d2782306c324765aeb8e73ee0ecefd7bf74c53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ab2753ca2aa9656e2776bbb30dd1a071

SHA1
7684e8862f47bd1eb50da9ad4a4edef280ba31dd

SHA256
03b4be6a74d2eb7883545f2caf26daefb34d5d609d1731fb4dd3f919e7ec4a0e

SHA512
6a4662f8f14b52985df0c9364bc586bfca370d48e9b7c888915dd715777d84cf66579e7f731503e373a1982fbf3dd3d023c622b55e9b17d1999359bad0428899

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
801e382f8cbdd076521645cc6b0a2ef1

SHA1
07a7fb286e7c6130b3965b9c7287fa9b824a02a2

SHA256
a6e4fd8a8e17a8e446c8a050abe552eed4f6dd8cb273c421be8fa55e9cb920aa

SHA512
70f677e773075dbe5367d1c9b3d28ae186efa0e7fdd5660901bf54f70159681b46c965e7975c9940538933d9935bc85527696040f29586692f0c20e5e4b3cced

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
852627f0dec08d41a498caf7a48361c9

SHA1
251ec627e0083477efc6aae1dbff7853da15dad8

SHA256
4dcc57a945496d2ef0e737ab5e796b9c075c9c85ecb4644ea83037ce96102b66

SHA512
80ae7c0575e5ba497255f1a8e91c3618bbdf810833dd0c998a6953ed0c16eae9a2b8f7c43cfa4180537fd96e0e26c4a6def6ce1e27f6d9561d22a17eca02a411

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
be7d70b7377f0fb3440b7b557fb7f6cf

SHA1
72d741a4b33a787de86748daf0de965d7920a54c

SHA256
62cc43314d9447febcd3c4ebac7e4d9e21737d204f7097ad051e248b191838ad

SHA512
c3a88c79ce82992c75a090c5abdb0c8d66a1ff8493380fdf989fb593b34a6fb154ffa29cf3436d5864ec441d8da8bbf2fc2caa61ee8a61ffb28ebf86cfebc044

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
af5b7a9cb242a589cec4bbe424f69269

SHA1
8a0e4db57ad65009ddf40b74445f07ffbb4dd4d4

SHA256
f66fab76b8d38ca77ed9c32bb49006c8524da03974ca0b5099efdcae472c0f7f

SHA512
907dfee28edda7d489c233f50577b23bc43985d05838535fbce4f1efd51342a4c72ae06a9e34b2be386188f9d05bf3b265dfb4cb0e2a9daf089b89a77f7c52e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4c8b92ba95a14dc382b183ecf38f3135

SHA1
bc2ad97436922d2ab33014fe66844b75617e3f2f

SHA256
ae2e4fae173a2c39bf1c0ae985951ece32b5b39539956de6d95d3943c367a73d

SHA512
5ad322b0c59b6c227355bd99af55089704a0b74e44242e08b0bc0d517e0f1108cc2a42eb1ad31c9e875fb640ee144f260cc4f3b1c2b5205ee8c3e455575d6741

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
01fd84a8844a4600d09f06986a812438

SHA1
b70dbcf18b92a66dae867bb2ab7191784c210fb8

SHA256
41c9a4f52294d27820d9900e1592e4435f789db8381f0bb70106295b98b7da34

SHA512
2fdaef45f7b3ff72057f3cec243bda3e052900ff63e05743f17f6d1844b9a1d5b2534a2d09ef5d557abdc7e759a686dad7c16c95e2fc813c652e4d65d301aec3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
32acbec0d7104e7cced1500bcf422a2b

SHA1
721bba184e99391954c3194f41a1d7a05aec9065

SHA256
6cfb4ddb830b471bb56c6b51e8a3792af112dceb13eebf728e7f28bd4d2ddfe3

SHA512
05d67a3260ae5d3a084eb9b076f7d2507458ec97dc574d8599e8a1d7b228dca74cb01a6388177506e053022849b4221eef7ed50287f688ad0d94a9bab74bbde0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e00c26e80a0395f59b7f5ce4aa18f5cb

SHA1
5adcb0d7d9ea983a6e141bc28cd8acd106fe3287

SHA256
432a48c49607bdf543ebc55d15e50f4b25f0c0e625b9ff8fe63340e03e698caa

SHA512
9840ca9a088077a6f4109ef9720c323cabd1b19d43e03041e03b13a97e3f4638b8ead8e8f739f365a0f9daf7eb8f4ce40641b1039a96971fa9603566611f2887

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ace65c0628adc5705300330d13bdae19

SHA1
58a40f1e031f35d0533e6be638b82dc73defc596

SHA256
5bdf3b1ff3215d0b20352b9078fa089d92a72316ac0edaaa646d7df233020784

SHA512
5cdb7427a111a616420751577aed2672f869202406d7c9005b4d0f8e9369a35449856e33b4cf9b239b7a0f67e435f8c57b4cf0fbf9f64a814fa51ae10eb9767b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f89b533885f90acf1b68fac9bce2da4e

SHA1
cf90ef821b15995172ffcf8c5f94eb28e7600d3e

SHA256
526178499588b7f44b7ceb49b79a83d91181ce4c5279ea4293517ea6b5e34aa5

SHA512
41cbdb0523dab118901ff957081a382d6178d4812345a2e2eac8031c1704ea73e461c4fddff177914ab3e52e54395d31fd84c39742bf7f828fc2fb908ba75fab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ff7add03e330b786d03494a550c686f

SHA1
e5f637d66f7918dd672b0ed605ffbc21a008992a

SHA256
ed134d72a4071bb44863e3e2554bf96bf14ab4a001fe19e47362cbf0584f8d12

SHA512
1ccfb7469b39fc944413da53d26430c4c12a2d9e7ec373cfcc10a4e494554d57d7efffb762f8e9037075cdf5ec6b1f25f7abf6976308d187a79b20edc1ba6ff1

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabCAD0.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarCB50.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit