socgholish | 750b6263f30b796c6b276982f3fa25c2bc0f4ab29abba3b18f3aac3656093b00

Analysis

max time kernel
142s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
24-11-2024 10:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

94139c4a26a64f860852789af727aff0_JaffaCakes118.html
Size

47KB
MD5

94139c4a26a64f860852789af727aff0
SHA1

34ee6cad4c2e232a060cf1983373d993086f76ea
SHA256

750b6263f30b796c6b276982f3fa25c2bc0f4ab29abba3b18f3aac3656093b00
SHA512

e3699226d2233a3dd66f8f0f794b11573743f7dc9d24ac81929f2cb75f833c01eb78721e93b036b3b83cf5ba8d633d9c905ec870928fe54efbebebe88250ab7a
SSDEEP

768:DJi4S5y56DLhIGJYjQ75l8lF+nbo5SLmtMmR29byhT:EX80DLh/AsbEPtMm/T

Score

10^/10

socgholish discovery downloader

Malware Config

Signatures

SocGholish
SocGholish is a JavaScript payload that downloads other malware.
downloader socgholish
Socgholish family
socgholish

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "438605912"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B0D6B1F1-AA4E-11EF-9C49-4E0B11BE40FD} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1704	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1704	iexplore.exe
1704	iexplore.exe
1280	IEXPLORE.EXE
1280	IEXPLORE.EXE
1280	IEXPLORE.EXE
1280	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1704 wrote to memory of 1280	1704	iexplore.exe	30
PID 1704 wrote to memory of 1280	1704	iexplore.exe	30
PID 1704 wrote to memory of 1280	1704	iexplore.exe	30
PID 1704 wrote to memory of 1280	1704	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\94139c4a26a64f860852789af727aff0_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1704
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1704 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1280

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
e935bc5762068caf3e24a2683b1b8a88

SHA1
82b70eb774c0756837fe8d7acbfeec05ecbf5463

SHA256
a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

SHA512
bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
cc51ab11b120b81e35ebd7bc0ec08c06

SHA1
c5936db3357b05880f0abddf2b8259a79dd26258

SHA256
1650af15095ed25071a65350780c3e3dddd8d2a1dec3233bbe4d6fd6711d4f10

SHA512
e6bac7a1aee5582488bc8bc98bb411f21dc568584cd1a117a1a18b56df5d8550dcbeae8fe24a89838eafb65c877360e7a16bd9fadcb5928e0f9dbeb7bb03012e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_C3CF9847C2CA003AA270AE473C534F74

Filesize
472B

MD5
4b50dc8421655700b94f6706c096042d

SHA1
8605d7edf403fcfdaabf59ba50ddfa81ceef4dc0

SHA256
d72a50bdc7c73d30adc5af35cbd043a7acc305cb27ab83389cd9f75387c079fb

SHA512
e9b3271453a4adf9930001aaf691b35a215397468c62fb59b65c8265d2af1c34556ffdd431505924b4f0f9db05715c3b9d9e1b511181dec98d4033c8602906f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
33857e5ad35825e552345d8b026d71bc

SHA1
46f30a9820de8ffabaf36a732b35a6bfd7207436

SHA256
c69a3ce4b0691c2657e80525201299690a18d162b27c60b30cf2e3c62e8529fd

SHA512
03f71d31deed2b0712214a6b7b3b54f404b9858d7733fd72c16ce1bd9c7514ef9a3ffce67dae807f848c3dbd7be542e95cf41018735f6a87d9736f1b3fb07d0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
50451bef6ea0d11e3967ce8ea4339b4d

SHA1
0ee99b384e494e4bf9b29032cccd3194be775274

SHA256
264650a1abe7eb030abcc28f6becb885921211bbbbb618c9013bc5e12ded8fb4

SHA512
2e94fe4a5f285d0ab7cf1b73f13e3e94d3a542db0a209c203e0e9f4252d809877298a2a8898b0a2d0170c85a76df6cf786a4e6803e76864973909fc5438cad4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
637daeb244d36386f2f66effcef21cd8

SHA1
2617dee1f49cf733d55e1cd19f30ab919755e5a6

SHA256
31968424f791318125aa0ba41dd2f864fac8a7f12ed4b3bee6d73d64cfa4c5ff

SHA512
26ad94e18b5a15368897d7d906d714b7741fe68def9cc300096d9da6bb9478fb462fe8a3c063853580f4daaa1b8d41946d9b64c48103d3cbda2e0efc65ef3ce7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0025ef41d213928ea773c7c86d372697

SHA1
db6a563a565bfb514a6d899ecbb1087c3fe820e7

SHA256
a697f090f0cc29b5bf46ffed53b6964dda2e83a4ee9b0f555bf3502efbc9e149

SHA512
e9c49e6029458a312318f347634a8561004af7008b41a7bed5dcde34237812ce034c7bcb5b493e97fda8146981feb84497a446d8fcb5e8eee9ea15c624b50f24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c4ba9a1fa2d52444f9f5b58a6da78141

SHA1
f3bfc879d9de751f6fac6d49d394459485d9fd72

SHA256
79bd83dc2c8186b21bd880b654b7887315d59d7ecb99e50e06bae098002921cd

SHA512
e2f37b81cc015845cb90ac9d5a9d77493a7a6e8ecc9e70aaa0bdb3dfbd40e64d170a3aacc2453b5203f68c1cfac2433bb87fa9250f023205bbae9ab689b77eef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0cd5ef720cae0232bf04b822f851adc

SHA1
c46e3b9ecf2116b34ca6be010e1e3bd67ea9b2e0

SHA256
85455e6207cb518eb1d5e20f0b0da8d5620b500fc085cac3f6658d26c17b0a71

SHA512
f6ee53e3a5b836e413e6a29a602e4285a2753983144306cf8ba59cb900f663cfc3f34a22a98e7cc6e5a6e831bc5b815f77e6083e14316a970149efa8522455b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
619396462babdb9da01a5a71c98ea5b2

SHA1
0b9eecc4cb21281561cbcb0cf03c61d1d5487e57

SHA256
fd8acad7759ac1068386dbd254f2a9032f6d3e64df57df345dabcf6b4871cf41

SHA512
326baf2566280546cb2670082723ad245aced0cc625b37f03c81a9cc4c7a45909bf2e21287aa12ca793ced2447604e71298d2b0dc43da382bb9a24f8ffec5f53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c313460c12f59496ebef496d8fa03982

SHA1
6ec3e7cb5d077cbe1779c8abedfd9d1f5bce1917

SHA256
b00c4cb1cca8a8709951f9d03f51ea693c835621ffe82acc31608278180041e0

SHA512
17d007e100b2f21c50ecf3d93dd72d73a11216a3f27ef8c9d1e7976f5cd580c4e3730f1e9ee6ca146af1318faccacd81ac20a1b8735e7e60decd86952f8060da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7eead27d7fbca795fab4b5e6e44d7466

SHA1
4c3a739d1a756216035b567823b94430f46374a5

SHA256
b3c8b3f0de203a9673a8545ad72a52c2c11ca3eb80cef6994cb86b231e76433f

SHA512
c7b3bcfa86a344cc397200745d4cfc2e7e87cd535aff70a998a8adc6ae8f68ebe5b34f8aeeaebc2d131eb924c112393815b83322f5aa1bd8681d38987b29e3dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aaaacf082b15a9ee861adbb45e981549

SHA1
1b567b993a281d694d811df65b934b2e2b3755b2

SHA256
72a759e923ea8c5ead9d1f98b7ca8a730b95e59cbf2840f707add3952412f546

SHA512
b3bbe92fecd1da0abf9896a03487ae87c370370b97695f3d92b4c91ca39de79a805af7bb16bbc01d9b5591e11132531b5f78bf1dd7a0c186c1cacf228d3442fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
49b56a67ca427e76173ac98712f9101a

SHA1
353d97f2713cdbadc2a436230526e996f4644d49

SHA256
e8106265d3ed1882afa54975231194df94863df76bac8d623b5a4e10e88baac3

SHA512
8845d359cbc60e0f689aef12470d7be5f2bdb0d2e17b6b1e075a062258c0b4997d8194ab5abc8af3857b5dc321c8c44ba273e649ae13ecf11a45a25007aa7537

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ab318cee136665368c7987642cea3555

SHA1
0ed8816b3a8970d79d173c314305dc7bbf5818a0

SHA256
832cf23d0bcfe01e05d9d7b190c73c8152b0c4eeaefa3ad6fe95effbbf8b9487

SHA512
d42f6a1dde289c7af34cd8a7157a5f8b676f8d713ae8580a68b7b0ed3b37ac9ea7e127e2aaf0519dde98d7b7500ef44dd978764a65d6da44d28ca7571896a2bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
32194670b555ee3c187cf549b82bafbe

SHA1
96c0fc55755613804631cd269af9e1769dc5df24

SHA256
5cc62ee18cd8ac7ef87ed512ffc8ed8807ed582a5f79063574706942e49d0527

SHA512
2fcc5066231e65f3262ce4f0828fc82eb99bc26afd2271d1467e8f4bb707810659a660beca027efe0d7b9b0587310d076232e6c5901c33306d498f68e8b6538c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0bdd9ce11cd30959e4158efbcfa956cc

SHA1
26fbd10312f75150dba5d61e846c8e495b398803

SHA256
48895ebc81b3124b7db14c2028f30472348eeff899eead95166930e352de9fb5

SHA512
94d14e1678b5c8aa21fb02b49e429782f3994fb204c117f1b299af5b8547064babd6db07538afd9a2be9cfd3d867680a6398dd3ff85f6af0ee18df27b4c3a677

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_C3CF9847C2CA003AA270AE473C534F74

Filesize
402B

MD5
8ddb45b8316abf5b06f10d7458f4f76e

SHA1
f2fc5eba2ebe739f678ad80b3718f42956e74daf

SHA256
db1e20108cb1ef6707b8379343b26fe0021473feeb0e828807d0dd48a000d739

SHA512
bf25b8f95d3e065087f4540d2d3b9527bb6a2d745c567b009de98cfb0b75ef3a401c3be3afb9287858914430be2a1b0b112411bbe73d932fc4dc5c57040ba357

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
29fa6fbde1451934d8dcb1f60c0217a6

SHA1
9b3720434b11b214cb189fc2baf6be082ed038d6

SHA256
57a9f5fe442f56fa8199faf03cfbbcc48e388003046a750876dd87a144bf1e46

SHA512
16c177d1025ed2e9b8fc7eaa030fdfe34a3cfa16366c5ca5718fbe9f9f7fbbf72424a27bc426b2d5ed6281ecad5942538be1a862f9502b050defa7aa5fa5f755

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\plusone[1].js

Filesize
62KB

MD5
2693cd35d818b48f4cd562c6abe0db29

SHA1
131c844eb658219966c722b60cc12c8a542ebe06

SHA256
911fa262008c6ef2bcf8448ad83a5aa8129c39355b98d957f5c7dde2babf9b7c

SHA512
4f692bd49811addfe89d14b156fed6513f04ec4be2629086a8b66ddcd6e7b8b7df149fa017173824c30f7492c2320a3d7b9c0344d5e1f7074742558125654f1f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC8AE.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC8E0.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit