6a802be345ccd4e2654a88088e0ba38f4f23b380bf050824eaf2d69ff58552f8

Analysis

max time kernel
144s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15/10/2024, 03:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

45b694c285c44a02ba3180b05ae10170_JaffaCakes118.html
Size

98KB
MD5

45b694c285c44a02ba3180b05ae10170
SHA1

216ed1495dbeef097987a77d864a635571e3985e
SHA256

6a802be345ccd4e2654a88088e0ba38f4f23b380bf050824eaf2d69ff58552f8
SHA512

c4228082c7f9b8f428b151171f7ff9410e287c1048051fa7f78dc487439c1ca9deaa57c1b4990d46ee64c12b698e6d391a208f7f49a777220acd1aaf34d094d8
SSDEEP

1536:SgScYzcRpIbITOmSCWzZ2wQzR4kFZWJRigGEFhH2csw:SgS2IbITdSC5TzRjIigGQH2cF

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{402D5EA1-8AA9-11EF-87E3-523A95B0E536} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea22000000000200000000001066000000010000200000008bee6667c239194061c58019dcd55bb4d24d41b8b8ee354193a034cd8af403e5000000000e80000000020000200000005df756c473de4a4544fd9fe7dbb2f34fd6971f986e1747bb458994381644d094900000000f57c2a7029a1abd98ecbe58f6c7465d0a126e7160d45fcf4de353d183123d906c19e76b8062dd380e60a194e9506523042b760a64ce5551bf6162040287d67ac8f838b4105218f01735ff9581f0a971f08782b2513eb2cfe30e3cc5b2a2ad4b6ae0cb6dd7aecce40f4d657f0fea52d363a007880f529fd4c484e91ddc473b42ac03fc79cfbf1e2ec586f049d93e95234000000056765d7c9433908969578f1ab249ade462e4803d0c5e07e2fee263a1448017d010b275a670afa6a4256ffc7dfd83b8498f96c27ce8e7f5cabeab10d03bdd2aa5	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "435126368"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000b0510ccddea77278ea3c207bcf690923ad06aa14801a62051f2339ff007b90e1000000000e8000000002000020000000f37ea93a57e35d6db22275619dca5454b5917e65ef3338b24c05f5e3cf38210620000000e67f4d014304e87b2ebf952b67c1200ca82d91730944fdf756d46caeb7f453d140000000c3153d93a5724146acb3c4ee743308b2262879461da619b86b4b921f5aeedfcc0da117036c62ddd0e111c9ebec8fd0e248a224f8d5ef9f10100a54a53bc1e824	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d05a5d2fb61edb01	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2348	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2348	iexplore.exe
2348	iexplore.exe
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE
2020	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2348 wrote to memory of 2020	2348	iexplore.exe	30
PID 2348 wrote to memory of 2020	2348	iexplore.exe	30
PID 2348 wrote to memory of 2020	2348	iexplore.exe	30
PID 2348 wrote to memory of 2020	2348	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\45b694c285c44a02ba3180b05ae10170_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2348
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ac5f76ab01f13ef160053240da0b1bb

SHA1
4507ffe6053e311aa77bb7d1661161bda5c7080d

SHA256
badb9d4902518be9904e07cea6e4c49def1250e0a7fa9eb483523a0eb4cbe862

SHA512
8518d4af81b15c1a8d0a029882458de199dfd83ccaab27e4876e75bca00c3fdc169c0708a209bb4fc5f3cc87d8d5f97d9fe8d104a35fa76e8534eb880c4bf018

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3d5d76a90c397fbc035b6f459f7c9ab6

SHA1
1f9acbe7c0ca7216b11cddb67377bf97395fa160

SHA256
934a23bb349a2bcc0fd79e3f2dee7f7248f9d7777070b0e76418e0ac68f33f05

SHA512
772cd8312023da172276d725be318234d828d4b57181177b5965205b23b7e3b5c4687cffc699a3648f75aa759c93386c9d5bdd3b74664d349a6837bdc07f21d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6fb106ef7f976e61aa22b868297654c

SHA1
7c52f20cb3bb35dace42285871f14cfe03781f7c

SHA256
c1254ffec98ac653107e4a437e04bd2f0218f5bf435b6ab9a263e2b386e2dd59

SHA512
4423362883de462feaf908c14001c3b33c68f22801616368d8843ff20dc37b07f39f3ae20637fafe2537ff6a8003c77c6f9973f4b064501525f1df49cf4ad35f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9a8464663b062a6d47b342f9f98f522

SHA1
785aab4920e73b280529ff9a1a0b0d47aae0bb74

SHA256
6f9b56ebf1a85c89059116c8c9ef99636cd1d812d1ddbaed3a41d029a70bf022

SHA512
e2114a7dc7ff5d3c476e267123eb4d31ba2ff8e83abca515d85b9bf43169a81f6689f976f1232f563b5b88aa7c23713573259e7ef19338d312823cddc2ebb0c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eff21e75954a6013e076fd2cb209142e

SHA1
e3e1f6cf7eb0cc759e30fea55579654d05126b51

SHA256
3b4f35576ac1c159bc33725b3d9be788cd25cb503738c58d444e851811e38c03

SHA512
a9a5ae62dae759de037e40196f579e60a5ca88a45e9fba2b5e6cbbd05279320c0aa7a1dc48173ca9942105308e423fe91be612e0faf3690c92cfb34534948792

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
85979a59fb13e61cc0490b6e48d85a77

SHA1
71304301eff867c38b7ba197ac426a24363d1bd7

SHA256
166d254fd3bdb6fc75180f05a415e2b346b425ae88da748ddd2339f426d50fef

SHA512
a528b977df638879e25907df06cf82605970d9e4e6ae8d56ac48c0b8272f87fe09a2cec13c4a928603111aeb5a79c604ad9114e1c9d24736c8b3597a2687d2b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7774317f00e48589d9a231a21adcd9d5

SHA1
41a95052b933540dcd96742e4df1480b85ef0313

SHA256
58ffbfa611f23d93202003cd496bfbd34fe7d0419911a4a9a94d50807953000c

SHA512
9f6b3339f1cc4a0f6810d863ca69490ce5243ad8d62442ed01a99c9ea9a99861edc23dc1797d1be66474b3f82324ad88114a77e6ce848497c47c16a7069c42f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c37a0df7c4a29a4f59d77ed901851edc

SHA1
89f0013c886cb3cfe8aeb1c8eca9e0f29fb7e736

SHA256
d62522a8c73aa764061cf8b68c7ffeba835498cd733b578ecc66fac73dd5411f

SHA512
152dc18fe9eeef1ae0a470b50d7b1f9a29b723bda87322b7f73827ef1c109c7d638e7a98f8d329fa20c3f9e13a7cccd45f9dad5e0749a94aa545b37f310d63a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20a3fedf386b841d40dfeca6014da7b6

SHA1
c6db1988bcd0c4d0e49d6202f371e27d84ab8aac

SHA256
a9078fd724be2ee9b2fb7eb4397e8cefdbde4182ff43e062dad6d8512c6da731

SHA512
006d5791831ed64248eed26a0c9bd415ed7daa7bd27270624e91581f88faf3734dde9cf4e7572a5fcf4444a2bfbffc44e3227bfc8d08fabca13490966f51662e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
05e53a87b73e9124f9ec15fccfa2b96e

SHA1
2891123311e91c037ffbc898235ddcea384c1ef6

SHA256
2f65e95203bbe5f13666f70539b25f2fb9197c8110075d36df67071f6a355487

SHA512
2a9f450adc1337a7e89411d7ff7515b8c58df7a90d11813770cc5bcd0043351ad900de3d67026ccce89cb2d78aa9d8c2f16ace898406cc9c09272737e5cb9bba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74539a81c40d1a3d56d83080b4c1b8b3

SHA1
f797218781c3f06f88878597772f6e0a0fff4a4b

SHA256
2040fad11ae14f5d7d12d894bbe07db6507b227c6ace0428f3eb2078a9519c09

SHA512
66e51617e4bd10ff782b016f54529c37935a6a95ee573afb76fe2e00174a1de448e434b38e0402194349420ee4faa9abea108cc3228ffaf4c65c1c4e8d979788

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
15a19aeeb853b5d4205185969e5a0f0c

SHA1
0567ea3a21ba06d40def76a18e3df2e7b6f90a0d

SHA256
3d19df6db5a2077824944b94c07c2e793fceced2f40d625e136e2e3d6d4d8df1

SHA512
39ec3c744a45e781781fa9823a84bc901db8c1de55513c43807618440d09d585e2262e8e4751a11f19243d820bfb040a1df1e52204c4c2c8b0719b5caaa8d4c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
69268c8a2db34deb57b20e45fad99fcc

SHA1
af186f64b401f6da4dd7f2c92fc103cd5bbf6342

SHA256
999e60eab06988dd3cea43cdabdc4a43ecd643bec6fa9df31ff3dc0656754728

SHA512
f7200f96bcccf1c1d89a199118f41c7bb4f3e9b30a36713b21dbf7d3f3a9019e66323522805251ae67809a9eb0413da9f64d15a6fc3615dfee234da9c952b99f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5e15af28febd9a5fa4b92fad29eb5b12

SHA1
57d52715c4aecf14bc53991f282f78f16e6cddfc

SHA256
83ada9b45f95d2c975648a5b3eb912d22fdaa1df8592af9d1465cffc584ec501

SHA512
4c1a1be1d98b0a9fdb85487d3da277701c1f5789094893bf30a0274705de86cf6f88f2ab8832e8f4052212a1afd8a187e864922f66aceb8fbf93bb8b0de05977

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0ce137a21f464f377bec29c51dffd3d5

SHA1
90252313f7b79a8e50c544f1827c42a0888c2b04

SHA256
b8e00bbf688eebd00406c5e1798b56af3bb3f10fbe3f54916c6b2c36cdd56e68

SHA512
98d6ca4e9398c25f348a36bb2ed3930421e079b087791c6623cc29751af071796a7000c7014c4e69a68bc01e7e439d140226cf5698820ae58b70413e129f21f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
944dbf09d4f58f0414d3952f43f84cfc

SHA1
c03e108721bd9580054bc4fd8b433b8d5c66da85

SHA256
43511e3dd9879012b6d529c197474b8f71ea9697ce95287a48600d14b2002293

SHA512
a46fd313767ce53905c612ecc8f84834364a91115e6e9c393c4fc05fb2405146f4996edd1e4dbc46e6f67162dbf6ebe0a0d2e2b078bc43c849081202f9cb8e3e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
70128fcca9a9a1e275200f67d613efcc

SHA1
187afb2e3d9be2d559171f68a4900a889d86e55a

SHA256
ffd4f1a5de5a7311134b299ae284f1c53f65e607a3b01e9c9e18153cee36861d

SHA512
3478c3e3e71dfefc40741d415d00b75ac584aa326c80bdf3ce9db23da53aa85b7537b33a994f1ad3faea595791489fc7ddd3bfb370f6c3230b884b7e871351b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab87D8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8897.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit