10659f7ee9abf76fce6acf154ce115f2e3727eb2fdaf11ef14899708a76fbd1a

Analysis

max time kernel
134s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
20-01-2025 09:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_e2669287a4058fc8966ca2b7a22a8808.dll
Size

66KB
MD5

e2669287a4058fc8966ca2b7a22a8808
SHA1

5ad7f1804bf76feff7d6cdd4621f63dba0cbad66
SHA256

10659f7ee9abf76fce6acf154ce115f2e3727eb2fdaf11ef14899708a76fbd1a
SHA512

bc2b99cad2e126e6b8b9c5421fb78693a2b35ed00747f8212157e52c309bd02fca950d19336f3346434d1e31ac4a7e9eab060f0b19bb3e21c8179427bfe0fe11
SSDEEP

1536:VKaouK0rof8925RMehGW4x6cHuP3fqshuqRdzz:VKaouK99MqB4x03BnZz

Score

5^/10

discovery

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1364 set thread context of 1720	1364	rundll32.exe	32

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 28 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{4CB3F701-D70D-11EF-ABAB-F245C6AC432F} = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "443525627"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1720	IEXPLORE.EXE

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1720	IEXPLORE.EXE
1720	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE
2776	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 16 IoCs

description	pid	Process	procid_target
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 2848 wrote to memory of 1364	2848	rundll32.exe	31
PID 1364 wrote to memory of 1720	1364	rundll32.exe	32
PID 1364 wrote to memory of 1720	1364	rundll32.exe	32
PID 1364 wrote to memory of 1720	1364	rundll32.exe	32
PID 1364 wrote to memory of 1720	1364	rundll32.exe	32
PID 1364 wrote to memory of 1720	1364	rundll32.exe	32
PID 1720 wrote to memory of 2776	1720	IEXPLORE.EXE	33
PID 1720 wrote to memory of 2776	1720	IEXPLORE.EXE	33
PID 1720 wrote to memory of 2776	1720	IEXPLORE.EXE	33
PID 1720 wrote to memory of 2776	1720	IEXPLORE.EXE	33

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e2669287a4058fc8966ca2b7a22a8808.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2848
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e2669287a4058fc8966ca2b7a22a8808.dll,#1
  2⤵
  - Suspicious use of SetThreadContext
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:1364
- - C:\Program Files\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:1720
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      4⤵
      System Location Discovery: System Language Discovery
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
342c8c22e585d3c23e4613e64711683e

SHA1
9384fa600b48f9df4376292abb61e3f99693decc

SHA256
d4e96d4f7302fe4b7b99da127210dc4a11a6d22ebe55b8980b68ba4579a98419

SHA512
e3f1fdd52f9d5a5889d3dab109570fbd60c3d04a2e111c8771208c0ea76d0c414ffcf855a8b20046212ffad93e4f5888180051f3cdda68c45063d4158efdc08c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d46910c463274aa0541a46c4a3335f17

SHA1
61197c97508ab6a1fdd1854eb10165c2cf7e52aa

SHA256
7e8d999c0d319c36258538afa3c139b282d57d81ed272cf15e106240880f3be6

SHA512
3897e7a7eb242d6e8fcb20a71e702eb4244841b6da29827bcded628d0d39ebcf5352a6508403feddd520527d3ce0c3f2f2619553415cf1344bf1697f1b8f6c57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
695b06b06edeba1b1347202127dde0fe

SHA1
cddf083291c906448fdbe5611174b6eaddef634f

SHA256
90255328910ce1c843ec439bd386d96c3d22deedbf0be9e56788fb937ee31063

SHA512
d8e9fc6dd906adf0d4b5426e7d445e200e1ea328a5776b0dfc99f1b442776e8ad99f7592122b285c67d908fe7de9e7a1623934264e1d1a5cb6858101c2e8c7f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
422627d48a93b98f38e40fdfa0c21b30

SHA1
6c468799287baf7ed07a2b6a4006589b21a05bb3

SHA256
7205457ac18546f9fe02efcf1c79eb7f637d591cd0ac978678eae01bf884920e

SHA512
42a26243efc415fb784f596d08bcf678c79b049ffbfeee9abff4f21948c6ecc842d433d05211302da07d1ef4aa7a43530cc26b4fda1a51fc88614864784467a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
110f8171754615c682112ddcd573f1f6

SHA1
ce2e54942d53c342a09c148fda85590e3a6a314c

SHA256
ef7ded5c2c72aa82055eeef35e6b4efe671bb3671247b0d5788dc5c56a0c1a43

SHA512
e5a115323391ec8f08ae890a5aac433aa58a0d1b6efe87f74d87e0c812230bd9b9653f54deef06be25a080cab9d32f4a4e8d9a14657e14c2b9cf662091baaafd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
be637fc98012caedb6b6ca6fc035cefe

SHA1
57e73a792a0714dd5306d652a84ae340b6e4ff55

SHA256
0befdd0bb4fa7a31ecbddb83d8b67847d6ae3caeb3daf0d538806bfa8a954a79

SHA512
4889f4bf9d944e247f1fbaa08cb23786b52a3033121fad144ff712bb6c2d51211778b499ffbdaaf4358538347cd5b6907ac825954852eb845681ad3d7da97fef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ab2171ce611c41927c139794879ff5dc

SHA1
72a6e8d8ece3e9e66eb8733b647589338a603a8d

SHA256
91daf9c7ed2d8ca86ff6359cd45094f976d9aa81b780c01205ea2bfe5ccaa35e

SHA512
013afb17316085a4359b53def48092063a3e405118b2452a4fddfb051877c922d25f71f1f13c6e087387a3e4d8480869e82aaef653165b388dee37011d3e3645

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3457614956cdb44a8445e47d5e3cf96b

SHA1
5454ca051f06f6511610e79cef757ff3f8ff0268

SHA256
3b901dc6819b8ff870d1ace8d225845681c3104bed6e5f7c3c3281bd257122f7

SHA512
3d08e130a1accc15c1abb91c8d1cc8ad41a6063e7dac76b18432eb439d0a2bccc4ecf0351b30213b2d6f4d99552ab637e262c3beb5a0245373a6f7615f58d090

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e235c7bd0d72f793f9a7094ae44dfa3

SHA1
915766237afde6235c626e09a1d53d2f48311aab

SHA256
f186fbf2bd8ec5f607ccadfb74fceeeb0f82b7d725c8fdc8fe3b14d2beb56209

SHA512
d9e9f12aebceb24c2ec789cda59252f474000fca4bf75c005ab098738947ce6e51a7a842f946e755feac25db979c434d184569b740bc0847b3848351a4a6e3d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0717a0c437ca7f0e5339ee9e6cbc12b4

SHA1
bbdedae1db46421da3071e6cb82ffdc93e7db5a7

SHA256
d1dc1e9e5ca0d9abb4644cce56f8c6047f43932ce6395eb3ad99599f6c4f0dc8

SHA512
e5249544387a12a45aceb9b105a2889dedc21635dcaed0cae0e093a93a003c6af3dbde9867250239556a64e0e9fc1741ec66f9808900d055cdae06884b7988df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
aa75f1397eda0247f0400a5a92a28f19

SHA1
2a916d3290265925c0dcc0da361deea53c18605e

SHA256
ffaa6106ea888ac77ba38e97edf2f4f368a5f6c0c8bf46b1d9d814deac81ec96

SHA512
5995baca933c8d80de1121e234b65009e4303a7d541cd4efd62d93264b8cd7ba9e32b95a6f5c86b7a274f8451de781a28db5822e0e576effc2a979b7d4f8fc13

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad5aa12dacd55f72b81874674a551fdf

SHA1
bcda58c5c2491141a74077c2f7af55bcb5def3fa

SHA256
5705e72e03b894339884e4524444abb1c56e5adcf96f55b0ced4c5e5835506b9

SHA512
26acf60d2068d8edc64db7b3f2ab7534ffab2868a50050b05511af488c6ba95ceb05a58dff9c4ac8ec7ecd633c647a6dfce7988c4efb71b1ee31da2097d442b4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
39b19c8e0629406986801b6d85fe4465

SHA1
d44bc2d2c130ee83dda1e76268046d55c206c815

SHA256
e8130540176ca46eee759d998042d3188eabed07fb860886c7b8748eef4e0f07

SHA512
173eba1129b15b7b258467a7c7e52436c3506b18254cb5f47ffe83d0f6dad0f9752b38a983a7ea7f8b6238065770a4a2562722d874daa790eb8f6773544363cd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4183446a2fcb2e2927251fe5dba79bb

SHA1
3406bcb28ab4478760613d71d9d8fe64ca79cd64

SHA256
e4b89a18003f9124de6c7e25f9b394d9612af67c59d6ba53f7a124b947adde7b

SHA512
fdb554d2458280c6d7eba5436a77e07b47799a37c58786b9408709d58ea0a876edcfa3e905ebc5541bf2fa2aa80ee7b63f0f4164af19daf01bec6338c91fca11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
89c5215ca1873c5978a7c1227eaa2c04

SHA1
4d0eb18fc6491d3114fda37234a3dc60cb1cfc05

SHA256
fb56a96cc26fa706ba802d22e2995568861e18b20889518bfdf20b14f2f9e176

SHA512
bac328860c5b765dcb98b55ec4d433f80f425cc9a8d5baf329b5a7fa8c399f0facd3b60104f0806ec82b7d7a5177bb3d5cfb8e7322668c995c262fa582aa4d3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38ea45bebb984715b3c2a56d90bbb4dd

SHA1
70efd6bae1277809bef26bb5521653a9c7c7efbc

SHA256
22c8b2153d9d863e4980daa474f50e9387f2bf1d1826494c8d23a9c1b2556792

SHA512
a8b7ccec39a36d13480d0beb2a680cf2b94fc2b203aa4c129bb432aee2a8e3cca89c994186d9b1dd522420ee2d949787041cd815e21b60b58a67fa702cf6b2bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6c768b80dc9eea450de5ebc47e42c841

SHA1
b08d9a1d98a508c48cebede5ac4eaf31523a3b04

SHA256
5d5a6f8580e04d3e07a4e7fa157125f153865dcc8f044bb3ff4358a5cac8527b

SHA512
5534539b7efd48941ad5ad6068e7c17afddebae30e23aa7db6157237fcf3aa87e89f707a276be3de789a55c49dbeb4799e70649cc66757da7c5ad738c7e20957

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dab4cb8abbdc0b8d9738923ff3d46fcc

SHA1
0cccb7467ea62d25eeb4d8f2f3e8058734c142e1

SHA256
56633c7f6598cc9fae29f5b7b0729007761b9b1077d8a819559657828abcfbc1

SHA512
d737990db4cf08e47a986fad66a57a66724bde4fc7e472ffaeb9d53b40dd8512d6c0eccb04ce01e992e05c180aa2f2bfaba734e4ca17c1635c191f2f2c4da37b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2df7986ca6609c6f25d7b6093897b15e

SHA1
beb840b65df9665c7c7b73772daf62833ac8343f

SHA256
d4b2a18cc3e1f8d26d6995331452cf06fbaa230e7416abacdeb8ab44fc26ae98

SHA512
807ad3386a0235a338500878020076f167d630bff46e1b48860f311b38f49433fd2bfbdc297080b2d331ae0bc6ccca513db9ce0c26bc2fe9d81af70a3a67a5b5

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF384.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF473.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit