397074eada088dbc479bad9bff6ad12baec4ddf9c1085a7e5fdc7228fee9884b

Analysis

max time kernel
137s
max time network
150s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08/05/2024, 14:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2536b4e6c6c80bcca1596d628830709b_JaffaCakes118.html
Size

139KB
MD5

2536b4e6c6c80bcca1596d628830709b
SHA1

756748ecaa4e5acf72cde8682ef53ab224186620
SHA256

397074eada088dbc479bad9bff6ad12baec4ddf9c1085a7e5fdc7228fee9884b
SHA512

ad01e2efd9d4e8ac13d7ae9eb04dc0b118f2889dd109f03beaec155db8c129c88ab19bd7801d0f27de8a72d1b0faaef2165dc604d6344e024d590915d324b015
SSDEEP

1536:SMtVKOJPeCwnlvlyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:SMt5qlyfkMY+BES09JXAnyrZalI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 41 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000071c834f68b8ed044a0afda50fbc58a70000000000200000000001066000000010000200000007b61d0ac97b39d42e3076b9f13641850254607e1780caadc3a3f043910d04eeb000000000e80000000020000200000000718afef147b5210b3ab0694ac80b84c6baed2070cf6b0de6e7991bc6aabdb6190000000bbc86d57d69e83489b0e2a891e844f60c9e3283e05c3f4a9a6e863d08fc887fe6dc6e814ed61f642fcd0a50cfca100c3c261ab68c39611d01f61f20fc4784c88bc247c66a50e8c40d8905930022db78f923c7b23f2bf6aea4f2228c9c6d45258e2bc42b9df383744525abfe57ba2b5f4003e25ab0d634c089600ba621902e41d3c0c4270be8e3d629a11e5dd5500b6cb40000000923ac8bdcf15f8459cf4464953c385a3cdc99fb30acb42ec5863bba018a2a62c3fb9c6aa524437fd6fe991e3be9c7b5f7515328568a1cdeca8b8cc1de955a31d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{09FC9F31-0D45-11EF-805C-EAAAC4CFEF2E} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421339432"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 1068301e52a1da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000071c834f68b8ed044a0afda50fbc58a7000000000020000000000106600000001000020000000b3dc31e48ed9111b6a530efe821c76f8063c8494a99b91afbef3587b167f39b9000000000e8000000002000020000000ffaaac64ad2e7a32941aad0e6339882a896acf2b99ffc8cf51e04e123026d2f0200000009823b9cc57fb9169c833fba9cdec6246a0dcf75eea911d67e531499f098d4ebf400000000216e6b6dd1f461817db6ece2ce184c7f21c3fe70e9891aa097067086c2f78ed1faab2ca6ee039a20f5f39cf6ddaeb9f29785e124d3784e1f57a2f82a48ca34c	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2280	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2280	iexplore.exe
2280	iexplore.exe
3000	IEXPLORE.EXE
3000	IEXPLORE.EXE
3000	IEXPLORE.EXE
3000	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2280 wrote to memory of 3000	2280	iexplore.exe	28
PID 2280 wrote to memory of 3000	2280	iexplore.exe	28
PID 2280 wrote to memory of 3000	2280	iexplore.exe	28
PID 2280 wrote to memory of 3000	2280	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2536b4e6c6c80bcca1596d628830709b_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2280
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
5906a50bf3e0f7351d260750e7e8f38a

SHA1
1dd8e1fe578c73eea64cd53e8891665997dda7cc

SHA256
b90108627805292b15ab7cfaabbdb51639bff25e6df85cc09e33c3c10b985dcf

SHA512
1c0dbe54a35a2d30931e2d34d450143d3703688992a99661a16a7b993ae0a4bdb1c1e0b350e9fc8746e3e094b338597a42e13b2bba3fbe8b8f1895a304e59c65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
21db61674633c63b6e4f59ede7e4163b

SHA1
1a9140c6b8550bd1d894f5115c54dd1ce2243e58

SHA256
d73e6b0d97af4718fd989086a8a50a7ffd2d36051c768b787fadd4213932a514

SHA512
fbb5578cb6c31e3333b556d471dd8db18816cb135c0bbe838579bd6aee37b90bf478989079a6f4ad8149026f993b1be268278781e1ce2a45eaf1e746669656d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
70afedd09bc2ad738c15b9f88b7da051

SHA1
97ba9eec6128162811f060854682355b197e55fb

SHA256
fce94e49b18c1e5fc836c2df879c1a782b82efe5ccdaad9ac03e69e29fad2f9d

SHA512
577f4dbed4988a73bf46cf2bf19ff602ecc24c383ebb558c5cf0c86337bf1a12747fc4a8bfed204084a36d193177107481e431b9c6266dc2d50fc23c7702d403

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
71aa5d751762c688cb8c95af23f7825b

SHA1
b9afafdf8b26d6a70f4d9d717843e939f977f903

SHA256
589680400fe032c5cc9ef8e161bf300633abfb8f3f67ba07f9b882762c1ee062

SHA512
e63ae89a52de4045ff056e77c23cb3f97da617677272c630c596885f87661c0fce58eee244cb121e5110109342a9181032e1d03b4bb1b66948dcc8245c47739c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
795223daf2126379872e74b356adcc28

SHA1
ac90923f96394f5a0d3bf5e2c86572186e5098ab

SHA256
c4c4da130cafb655e3668fa971ed9f06885a574bead68c3defdcd93e0956a041

SHA512
688ef5c833d2611806aa2692eaaf6de2f0a5f71ca1853e2430e60a909a39ae61c679107c9b492b0228ce3fff85810fbc5125d59ae3dfb037b31c5deec0a2f36c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
2cece79a935a07980b5c3fb61e1cdeac

SHA1
c3f6a50da33cf4e0a5274f006e86a4eb6b886ca5

SHA256
312092216b0061851625c25120787e8310ba06f00cc9529ce05d803e4abdcee7

SHA512
a806aae8f5c8af50a311b0e9d672a94efd5eef41348e9f17e3b627bdc8717c882a0ab58bf12e8b38b67f9b0242b451537aff73c114760286cb146b11ad049bf2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
93782551145f40c7dee3062869f3ab36

SHA1
35b630dd3c3d1a69a5613a64d400abbd08381f1c

SHA256
0deeadfc1fdcbca512d35a21f30a12a14ab309281adf55e9fe79b56f06df225d

SHA512
a37d865f5d397ecbcec73452e1c01e5558e6141871b58c9806be6f07ee67fa85355338ae3e03802cb3cf08534e45df7605c8bc3027672a3e56c6b6e31df69f89

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
082339f89077c7dbdaf8efeec036b751

SHA1
f50e5262643ceb82f52c0b65cd4df9c597a5d754

SHA256
8e8f410dba964070b67cb33b10d537a1f64a35d903e44b29a40cf6c52f36572a

SHA512
7db5da5de5360e2c4e56f48a95fb7a9bf0ad28658b6d14150046d1bdedb874e083d3d6285d020aa38695713cfcffb551a4c42739cbc6e26509100fe64f0383ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
2e4f4ffa0740f46bb7c462b81910d1fe

SHA1
ea04d287de31a1b150bba1e47ca35e0d451e22a5

SHA256
555e2f0a5134c2cb74c1ecf987ec9685862d936aa161dac60fca2461da82a46e

SHA512
1ba38dbb0530e477ad4e889b6f18e45d6288ea8e77d40288d0c198fd9260884d914a94a92d217ea3aec4b22cc837eea83154d78c342388388752f4fca562fd70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
652ad68500f7d5345c91397229e9039c

SHA1
8d4a23c8dde85e35d1d9924d2668829160feaabe

SHA256
b0789e18bdfd6c151f51531220e7cbe33613362a2b9a9d4a25d7a4248c2aeeb4

SHA512
443fe59c3d0990e6b8f9ba53086e64dcc30fa799ab74484f3f5d4e8cd655f366c0889cab9102b90d003a42c5bce736dbc173f6b5dcc746d3478612345e063d60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
2a27d09c13ef836e9cd0545d5a298f73

SHA1
e3dcc49c2624a929e3dba6101463093cb6848658

SHA256
763e9fc5cf1e0f31099d577393b639070c670694379c07b9e6b64877aa26b6b0

SHA512
9c8ede1df4cb11676b886c193b888f0900f1461032573164d399801d8ac2d5f1c07c530815b03fb80ef111dde04a387500188b5d7532c43261920e09439a300b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
3d396cb59f0c23e9f079a513a4ab3981

SHA1
289b6f118b72bf39ae9a92860b9682df896cda0e

SHA256
55d84c93ad55b5fe13b9cbbfbc3e30d3693e1e2e7d46d69fad24374fceb5d818

SHA512
56b2e1cd5faac9b1f36e9db8ce7e769642923f39aa471a2b9dd7e8f9a4ba644f972ac74018350e10807265ef16763f773224a9960e87c7d02eab35db472968bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
79c35e588a96a73b642be19dceffa551

SHA1
d50fce58cbc7bcdc5d07c784efa1d63f577032f9

SHA256
c3a0f99cb270e2855a6318d8a6339fde3816837fe59e62a4fca9fa4d85970d8e

SHA512
2d7a8ebdf4b3df2ec9fd3eb89009be1503b32bf1b06e1606a5ecc2386c814ce9bceeda982a60c9b637de2bb7de9bca2ab871080d30c744eb838a8bae345188a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
c01ba345844bafd0482b766f23f28736

SHA1
8281b2f6e65203513224c4e4e8cb243017424f64

SHA256
62c1b0e4191c5e3e308034f1fa435f8bb3ec183409ffbc9f4c21792f68039545

SHA512
b3e8125ed6a78e17eed35233047064bcd6775cc32f1e481863311a5f8b1510d4f8471b96f5aca0beea322861b75bf86f1d962915663ae2bab76bb4beb8119050

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
304B

MD5
8fcaa64b9b766751019837b1c5109e02

SHA1
aa872f3f9facacda22b071a8817b9f41ee113a0a

SHA256
326d2a7c0f8bfcef57054dedcc4b25ad0a046ddde89c1dba2cf99853d620590e

SHA512
a1052ba8ac6807d5f391b4e51a32a6bca1376f54f473b7b1948c845401119722cdd70a1ee391469783699cf352557d5d63b719babce9a4f75b1e9fc7c86fcc1d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3DA.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar509.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit