d98aafe0711e17fe2082155df3a43784130208f685e54336c5837662efbfc65f

Analysis

max time kernel
135s
max time network
131s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12-05-2024 20:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3be2def080ff80eb2c5d7583ab0433c2_JaffaCakes118.html
Size

2KB
MD5

3be2def080ff80eb2c5d7583ab0433c2
SHA1

3fcffc03da5fcebf05fc022aba8fe07ca4e3999f
SHA256

d98aafe0711e17fe2082155df3a43784130208f685e54336c5837662efbfc65f
SHA512

47bff04d9d1a44576c186994b8237392a3aac203022e811e4ef299fd3fcd39fec65118b1079d4968b2fd0df3a1496e7b5f9e8d4e4cb15c81971fe2cf3c7fe11c

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 602958dba8a4da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000f21b2b410892a0a16428dca1b22a4bb1f245aaa141c7e1b865b10ff3bc549d8f000000000e8000000002000020000000d27dd2afa57949809c6ee40c836f525ab8b29fd8ff4b52f77b9a0293522d820b2000000045b5599095071c3adf03c0e997db16bd6235567f77273a31e9267e072cc4b0ee4000000040d368b80177bcf60be63198062a9819a7402335575b501a1203e25f3d5d80d2c611f5836fd83b8acaf30b8fbcfef2d1f6667c25e209a191d25a74f463117653	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{069FEEF1-109C-11EF-B27D-6A387CD8C53E} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000016c2bd36d256d12564c8e6913e923dec1306842711c92850b0112b8e2ec5c08000000000e8000000002000020000000a1b279217f714377356760126d4d585daf8e58cafe073257df5ea3d6b60f6a1c90000000933e31023a4d7a8d26323aa2ad15f13261a6723b17065055cfea24a8a51ea33ce24532513a2ba06bbaa32d9d562489b2af66fb170552fb499ba3990f5760a33b0ffe07c41e4d6f696f0df4ad77a0478b32e4826cb1bf948493b37b00a7019685b04c4898a8113fe9221c50cb0c110a21d19addbe946f7cac9173b170c583a6219c5ed3500c5821e14d3bd01073c80c2440000000e66d20dc855e5774524c447c9c253cc3dfce37f5d49d22d23fbb60f99a604857113651ff1ff625638d49215f48f541967bb21c322a668272263404136714081e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421706648"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2968	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2968	iexplore.exe
2968	iexplore.exe
2136	IEXPLORE.EXE
2136	IEXPLORE.EXE
2136	IEXPLORE.EXE
2136	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2968 wrote to memory of 2136	2968	iexplore.exe	28
PID 2968 wrote to memory of 2136	2968	iexplore.exe	28
PID 2968 wrote to memory of 2136	2968	iexplore.exe	28
PID 2968 wrote to memory of 2136	2968	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3be2def080ff80eb2c5d7583ab0433c2_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2968
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2968 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3f02f5af6ee0a9a53ef465aeed8762a0

SHA1
d650ad4a146244ef6f202cb418af1bcc14d7c386

SHA256
ae82fa66ebc20e852e8c4e99f2782ec97043d208aee93c1ae7643fd91ce66922

SHA512
2df53861c60f8012e5993f68a3eace844c23461726ab6b7523494323af72de5e64bfe494a54aace73fda2e7e873aeb2d6706dbe644ad8f8eee782b962878c7e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
45427f7c0f02b32724de62970febc9eb

SHA1
2dbee66dcf436190d10017639530df2f3dc1c28a

SHA256
b39a6a9ffc7809e4b13595ebd35238e9b3d56f2cc4440368503c58e0d6f77b9a

SHA512
0de17cf6b0022bd09dcc064d39d97c6c094e60b876d0d442e837c73b32ae9e221ba6d1e81086fc8b12916c5dc3a7728981051f34baf73e414215d34da0715f8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
824c4df73497375fc5a85e5161d3ee01

SHA1
23e0caca84fcde6dd6289159c9b0aed288050fbe

SHA256
4f56528d438eae4f1b00df4cc96676fc7e2318501a2ea8c7cbffb34af2ed455e

SHA512
06210b0362a7e82d004fcb4eae430b32401f0251df0e7c48f0ac1c878d8ff7cc0fcea64a44ef656da2f5db8685ba7394bea79ec47fe0afbc12422f9a544ed2c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72c491efe48a2b99e1decde2a8744b56

SHA1
93ae081bfbe890370cb058906fbb0288021815b0

SHA256
1b919a5bc4a83691854776c172d0626d3c93d3e05b6359479c56c48fe144f540

SHA512
c7f1f0a8cfe41ec20213026b81b5aab956ac1eb6a80895da8b5912377d08d3ddc68dd94414a65b5ccd13e9dd902858ba10632f3766d9ffdc908e7accade88d70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6b655f2bfc5aa29b933bc5ba2a7bc9a2

SHA1
fe52840fd722db40c2b79c12d263bdcd8aea3457

SHA256
e32162fbcc98f7296a8ca6e6b7b8d997033721699b549f6855f6f805252b64be

SHA512
0997b5e4da942d2cda6d784facef1f88cb91d37bb84e391ac6307e6c47a280704fd07ecb5576be44ab348cac01d46bcb7199de2acd5e38d436d0f23f65d30b24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4ba85c165a88c682c4b5604e96d02abd

SHA1
9ce41ca6a71ea89358b329487b64cda26953d9d4

SHA256
d16a0410cac997618b55c46d4d71a86a55ec018e14216d9595b31269b5e25eb0

SHA512
5cab98b9f459128b83cb01870049e1b91602a3e32b16abe970210aae655c83e2b8a0f8090dfd5628006a2bc16c7d55f3a0d3c8263a8b6b77d2049e11d3363a09

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
52164098599d6c9c45d3bfbcfa748e8d

SHA1
a3661fa628ea3302a214009adf11df47f9ce6f7a

SHA256
1cf9820ee29cb0ae6a4e88a861ab51536294b520769461405beb93925d2d848e

SHA512
ea31569950c86a772bab5f9f347510b58bdc39d9cac26ee66a1f1db7da92e5a99079bc2fa718c9fe706175aaa803a7748e7e08cb9ba63d1250d705d300b5edad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e797e66983eb5efe24fee08b39e457c7

SHA1
4ae6e4bd76e377b8d82e251a0be96e4798d13787

SHA256
e3158568e6d1470de21dc4d709c6b359658b161ed15f194d231a45008dce1c7c

SHA512
be5bea4cb9db557165eb2ed30f4c9fa1de35765a59ccc3c288417bbee2c4f14bd1fd54a2fefa997b8757895211b07fc5a8c1e4f65c774e8a0c3675e92968c1db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1ed9b24a84df87ce3b720e21a963212c

SHA1
83ea84ff58cba83ed8aa1e38f8888b11b1740b5c

SHA256
56163eb4f2ca41ef9d6b7faf08186d5fd2a4a9e176502bde202fb64cabff09f4

SHA512
5d0e1e9010161d21f7bce7e4a2b587de6751642f8a3946bf5c00ca6e861ab96b0f095ef5218c6b88315eba4c5bb9c0a61f4b1b2e560408bd2bbb95ca38252a50

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72159097feacc6a486745ae94588cc60

SHA1
f3c77b0254b3ef226e964a5060334654816f3764

SHA256
c8c990968bd9b6aba2bd3b3ef6f285de364f3024f6022eaf0bd5181d5b64a716

SHA512
ad3226d53761a676584af4443f2d5896826372b121f801e2973a01d159e058e431d94c1736fd75c9345e13d43bcfe366662bdce2470894c54590122c760b9d0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2e549532150bb20f0f8bc58521366268

SHA1
3b6ee636ac2d3496bb6e950ddb917322efd6b5af

SHA256
324fed30a2872d094dbfb0a9c2c58874feb9549adcb9ae1f7ad35c8a8ba13277

SHA512
66b28a603bf3f98531554e09ff021d8b91f068351cb6ab3e906aa07521bea5782bf16a90af6365837dc8c384c47d77ed69c7ba760cdebf1cc5e999a1ed6a8046

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5004d65635e642ca9446ce3ba02fe2b1

SHA1
c563808ccbfaad404157f05614f5c15d58b34960

SHA256
8611ac71844ea95c8483cdb983480467a920482abdba62e376ef8a4ca45ab272

SHA512
4b7da8f61c391194885efb9c6763e86b071b7a9b7f50fdaefc662bdab07857f957bab1f170e8866d63f3d7acde279c304e9830d0d5005f84665bdb69ab83e4ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a3a69a29898d7579131870b3eb2ffc39

SHA1
76f8c5a00b43ee5c0b78f376a8dd2d8dfa0facd8

SHA256
96a1d2be2479c92243dc3ffe4b79534aeafa45964b5b3b37dec0a92e7b64a18c

SHA512
a1fb7d47377e45d1eb20c82ba1fb543169a3d4c9e6aceb07e4f89ab23d485cf9167d37a3d69e99e1bd3124f072621c613f56aaf43f8baa7e4a9d23e74bed8b69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ef576c20172cfb32fc83b7cc65f1594

SHA1
aaf81fb67f95dcea240a619f015a2cdfba86f311

SHA256
ea4711675cfb25d187f667a78aed2e9e5400fcde1358e64af00e388d014b6e13

SHA512
ea698eb0759ea78a8549af76dc23c91f7a4bdb84ed4c87dd32bd03c62340367bcd4548e2e5fc4eed7c79c755aab8eea214d3c5eaa36d2cc9476349e13cf6f835

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e0c193e3de93585a767cb28ed3695bf

SHA1
fb6a698b43f6179b753f27280f47741af5ef8eb9

SHA256
1b6d213ec5477cf3f3362912cb1199f9d18c16a7250d789f8e72122befe61990

SHA512
7e5a53e1adab428ef33c55310c50149ac3040d3983293584fadaa8eea04a42c65e2575eb95af01a296774b01c1341fa1baf530cf5c0f82f904f2a93eaaf43383

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6309a45dcd274a75e959e1b6c7c378fe

SHA1
9c56b5df57e4820eae55e0e18ec3b85722a8d6d2

SHA256
da58e642636fe1b8b1c627cfd24bd703f24ddc9fbe471ec7e89d4f4b8f348ffc

SHA512
88eb8693b23a09dc9cc84f6a4f8d9c2b9432a8c38c022121532937f1e5b57db582d9120fa6d400bcf64256d89881bffc24e7f461ae6e572ea78a1fad327d835f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
477244f37d4592a0879b2982618c82c7

SHA1
53dc1bc326976adca914fc905c4f5e1311aed607

SHA256
425b492409a4f7326450e73f0be8f1a765f95d508c938e2ce6d549a280d93267

SHA512
49754edfcb86c1cbb62b16f511212ac7dbb7516f04018b56ea67d9ec6cd23da8342d2a24618572b841751ada9f0eb19041e638930430f19eff6dc901a9349525

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4bb515739974b59c9066b629d7a7177e

SHA1
8aeaa8bb210fe434d7635f7c165ca8c314499bd9

SHA256
dc5b709b0822daca0366648a22ab8e75c855c76a072f5c4fb72a2fcc6160ddb1

SHA512
7b7d03603e72933237ea097d07e8b1f493502c45ff66f6d6b16c3c4ee9a73e56339561dab8c21030e86a9d4dd6923d547dc042d94dfd56ca620d3fcda25941c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3095.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar30F6.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit