bcf6517cb887fd2690c4582ef37f0b7968c76e682cf886263619f7292e83ba90

Analysis

max time kernel
120s
max time network
132s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16-04-2024 06:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f2d783b337ad0adc2c8ccc966fbe3501_JaffaCakes118.html
Size

1KB
MD5

f2d783b337ad0adc2c8ccc966fbe3501
SHA1

61544dfb10dbd7671f65cd383354920d8606f87f
SHA256

bcf6517cb887fd2690c4582ef37f0b7968c76e682cf886263619f7292e83ba90
SHA512

a9425c342b3e70b72c8fe306d28832ee9e2df0e91cd5ac4b7ff1ce4024e93f813639b9e018c147bbc71767f099dea60ee75fc1ed89744e5b1bab04ab7ad489a9

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "419409139"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B89C78D1-FBB6-11EE-A49B-FA5112F1BCBF} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0d44b8ec38fda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007823eddbcee3e149bc4db86b21295af6000000000200000000001066000000010000200000000a3778c9f1bbca02e25fd203b7f3ef7b6e1f1372c7b7749239a3a63cf58ce188000000000e8000000002000020000000c065163800b69aac88137d6f65e1700f26fb2c054767961926e1db529238535c900000002d3dde4556f86a7cd3ecb253091147a4e80d67f3b0225d827fdf421a5753a7cfae434a0a982a197965be05235410f1303cf3ab8cd78c61ff7c35703b52dd048b580eb1d2b59e997515bc315480c7d7c2955625a99499d484b2017d831bcee9708ee685fa3c42bbebd021e0a513095aa6b1dc1098468394992e3f857bce4622bb0c609f0cad8479c5b55cef015613931f40000000a6ee7aa7ee220c362f0a538cf1147d5e3c7fdda42346bd906552db301a6f35a6296343c38a772a6fe31c633944197359b948b72473c34a048a742cccc04cacdd	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007823eddbcee3e149bc4db86b21295af600000000020000000000106600000001000020000000e44b7e869438d6f02439fc7db25887e17a40a81da9136fb3e0493477f7b3dd9b000000000e800000000200002000000082d0cf8a51f248e094fe12871b347185f8f75b4cfb2e95aa00d48972028596d22000000073c4b2698b57e36225e18e4234be7978f23abf638326692bbe2bdc3e726189bf400000009697f77ba8bfe17cb1bda31147d99f020bbb9b1616222f1fc7cc7d02df9f464a82b0242748dfe2570b738197fba5bfccd2d4caa52f32e3e515143fb2cb00a414	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1444	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1444	iexplore.exe
1444	iexplore.exe
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE
3028	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1444 wrote to memory of 3028	1444	iexplore.exe	28
PID 1444 wrote to memory of 3028	1444	iexplore.exe	28
PID 1444 wrote to memory of 3028	1444	iexplore.exe	28
PID 1444 wrote to memory of 3028	1444	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f2d783b337ad0adc2c8ccc966fbe3501_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1444
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1f346e62b4edbe7a407af798481d1fc3

SHA1
22d926632090b7f1b3824275b9163cd076ab7346

SHA256
405e43e5aa81f3f7fd0f68e00c07056f6b37e1df0b1465ccd74f6006b64b4bbf

SHA512
bf47c644493746f10d18bae55136595ba0e5e18b939a65345d2e393852e89a4c029bf6296c79aa1fa6221c745e44b7ce810d6cff7c451f4224e025bfbbc7303b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
abecd2f463f203610178dbb98262135a

SHA1
2d076d9448ec9c14be72d3c1d1aa1105405197b6

SHA256
5f3db00ded2e609400e1711ccdb78273f5c86d70d7e1edda3faf14f8e41399b6

SHA512
4f0ae57bc3d714c4fa37d52100f517ce4100cc34707ecfcf59119733c1c93d33eb0df8c10f1a77fa06462df6fc49dedbdc75264ae28ff0feb543f59175458127

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
442b01ab02bbe9016d3aadffed10f70f

SHA1
c1857a33ebd8f5f9e8c53616a2d60606595b84c5

SHA256
265ef4c27eb16af31d9e0faab2abb861a71ae99fb4e182501810c3d485bda7cd

SHA512
26d3dd19822b86ef802d5537723dac84c284a5fd386ae245fc44de9a4862eb2197beaa515b2e36921823535a6f0e6b64a6079d63892cfc2cc5fcb7fa4a9324ec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a2121596203cd14e9f39e3259dab71d

SHA1
aa1a807080e2978b2df1985ffd6b1051695b307e

SHA256
70ba04f848e9d4b342de17017c1c303a5e8fc46b581bb9e0ab7c4fbf6015e8dd

SHA512
1766c23f600e993723bebb8398bc632f85a8b0ad5592676ae65a66cc4e7284363218972431f48ea95f4e9f2bef3d5cecfec93d34512d84185d114a86690673dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9b9aaa7d277f270c279315db116c7124

SHA1
6e164a49ae13ac76bc7d9a5b425fff709e4dc0ae

SHA256
ca80ebc0c56318565d92ee9dfa347a39fc6f8ee307dc3e8410bb4c69b8ed8bdf

SHA512
f7a1427eeb88c0f3d13753cad495444f99d9517ca4809a805a1a98df700a01a054d4c6288f742e9d3e8689583a9e59bc2721fbb7fa268d27da98f714cb0d2158

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7535b55afe9f198ebbee8e4d64281b59

SHA1
880dc82f2772b83374808557a942f13ebbb445e9

SHA256
b995ebb8f579a6065536b6fd622594bdc1a41750c4c236b08c60b41d01edb19b

SHA512
0a235064da42ede510d8e86a3881eda2a12277b160f1f7b031437c1aa8b9299fdb08cd5bf967c03032ee160258785456402a9fad4829f0592833a79d39d6d464

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fa0b3d3dc999495f3643266951578382

SHA1
24e24ea7e678ce2eb3a7838e29fc3e0e68c1f737

SHA256
4244da905c3eeb7f5fc90529aae95d605f3c4ff4e1a42f58db5ebec41f2e14ce

SHA512
05e5626dc2ad1642fa8733b78c6aeeed30b0a4ccd9315bebbbbf7120f04b1a730649078ac5bd8bd0050a120c7d675899e662258220198e10249e3567ba15a17f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5a87c139bbe8daada39d09a60ff79701

SHA1
d88ff969377f2ebb2e1d1db46ab70b5d2db67c80

SHA256
5cfd43fbfa47270175faabbacb9d8f96244358512e566dcf2a87a4d19746b7bd

SHA512
6fa687e87e65a98e2e757da3e8be730669b6e9ee0298e869b14e0464ce65e92f3c4c8aa5417086a9184b3add46205cec8d41dc9be970d7376bd1faee4e96d699

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
85c12e374b64191ea3ed217e97a617a4

SHA1
1c8a0d655965e7384be714cf062f5379dbc57e10

SHA256
4143425fd193541db70ac1c5cf362ab5ce0726dad76d8cc5afcd7df3dcec0b55

SHA512
6ce92bcd48ee87138c418282ae505383ae5989d44328e40e4f8b6a77ac34067b7cec1662c4056999be77ef40c0bca94ab748eecc0f76f829802b500542c55f4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1baffdea11fb4d3b271c656da229ae9b

SHA1
6003793d0b876c72bdcb7b720965d3066bf67e73

SHA256
e75d4434f03b36aa1c54b11e383f834c22f9566f10a0ab6c9ec6a41f2ae28fff

SHA512
24d25a723617a357873ff984ed13a74823827d17f6b6c8a7f2d35585d19f98c534b4a2e69fa21fc36673e6ee9cba8c9b0e34619b19cdcf016d5732c218cd437d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4409089cca79b3e1339ef508ab7ee652

SHA1
6754ff6ebd7d8aa4367815a3c242549ae9c81802

SHA256
f3e859106799a2c7bc1cb736e1e3c0f46720e1a7b3593928aaa9db77503eda7e

SHA512
926c0b0591ab1e65d1521bcbb504adf261ccc43e85e75312ce843c0349437c72575f35224bd789ff4564c3d9cf47ec2ffd5e8320c7150adac5738094401dad56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6e009289174abb759ee7cbdabee1d949

SHA1
48cfac5e2aeac32b4aad0590c039d2632231d7f6

SHA256
3b4240f86cc6871a5aefc389bb5f0683334ef5eb70dd124741836e13581d60fd

SHA512
c1edd5505ecf62f80b453b250fc7534d64f0d3157dd1c1f2ba43e7930db121867143289e399738e94346b2a2986eecc92ebb1040a4b085da1b96fafab208a540

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ee4be938815fbc621148ab66355fd16

SHA1
507645ac1ed7a1891543f74c0648e4ab368b2e51

SHA256
68bcaa57ec74fabebb522ebea31f3ba82a5e81f5e82984dbc2f68fbca38428b2

SHA512
2627ccfab18fe765f1f147a6ff17e3cf036972536b28e7603f473fada4568e4221e6ee853fbe7fb07067a3748eb0526b28fce285a5d3098e00336d088873efc4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b96ca7f3c9381a6ba5e8c5eaebacaf83

SHA1
0d45551e3587919074a22fc053e1b6375d90d5c4

SHA256
5d51fe26faebfeb19ace39c970a59f1a598f915f4330e2e1e4638091c69dd5a7

SHA512
a698924e0d5266369008632bbfa383d901f975237f50ee8aa808d3ea168b2f074848df88ab4fa55e07bd02cc7d12b008c8e4c5690c75587f697c2639fd45151d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8df511d1b6c1205db02f8544b2b0e221

SHA1
ea6941f7aa01e59d49968fc7e1fa110e09f33332

SHA256
ab72dda362129547783b35d8b601fa79fb6957315a6da443a2a558a0989b73af

SHA512
fa6daef1c2780fe60f15dcc1a43a479c3eb6f348fcbd7543b2a941dcc6615b18260448ade9ce853778cb5f8738558f68cc12648cf924082546574c9988bd5303

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a9377cc80f257cfcf621e93d375aac88

SHA1
3beb1a8fd4de01a31c03ad1821a04f4d30a7ffa8

SHA256
b97e4411101f6cd66f701253436e8fd159b4229688ad365cb12ef242ce600c1d

SHA512
0d53468de79d49f5a7c48fc201089991511d19e676b3d9a9108c95b3d78edef43bb2864a505551e6718c9589898b25e9760b2a3d5ea15ad2fe168fae85bbc116

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2545f0f7163d39348a9135c85986bc41

SHA1
3f478984affe05980b017c093661e242efc773db

SHA256
039de17a452b781989f6b5f87a09746a937699f720453b14d728f2f2ecc1c2df

SHA512
93ea3ae828942a6d3f058863862cb0cb9ad57f983f74e823e2d9be45b0eb0942cde257bf130fa81a5ca1c874b9a6ee82dd79cd6cb41e51495ecc97d2f51a3567

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab56E7.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5828.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit