26ecf1eb93d01260a334dffe5e842fd448e3cd647f882a40f79438e6fe3cc17a

Analysis

max time kernel
135s
max time network
136s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 14:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63a27549aa9eabb80c79546114d2a696_JaffaCakes118.html
Size

213KB
MD5

63a27549aa9eabb80c79546114d2a696
SHA1

f69728b217dabafece5e241ff988e2936b4cb8fa
SHA256

26ecf1eb93d01260a334dffe5e842fd448e3cd647f882a40f79438e6fe3cc17a
SHA512

db0c6b77a8c7aa4a185f0198a214834fdad4ca721587ad20f249d89d94cf0e71227ae2acc0ea83ae9a78a9e1ff294931dfebf8d4809e20c7759958fed3c0ef01
SSDEEP

3072:SyU9OlIBluDSyfkMY+BES09JXAnyrZalI+YQ:Sy1iyXsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{408DD0C1-177F-11EF-8554-DE288D05BF47} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422463946"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

1724 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

1724 iexplore.exe
1724 iexplore.exe
1208 IEXPLORE.EXE
1208 IEXPLORE.EXE
1208 IEXPLORE.EXE
1208 IEXPLORE.EXE

pid	process
1724	iexplore.exe

pid	process
1724	iexplore.exe
1724	iexplore.exe
1208	IEXPLORE.EXE
1208	IEXPLORE.EXE
1208	IEXPLORE.EXE
1208	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 1724 wrote to memory of 1208	1724	iexplore.exe	IEXPLORE.EXE
PID 1724 wrote to memory of 1208	1724	iexplore.exe	IEXPLORE.EXE
PID 1724 wrote to memory of 1208	1724	iexplore.exe	IEXPLORE.EXE
PID 1724 wrote to memory of 1208	1724	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63a27549aa9eabb80c79546114d2a696_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1724

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
787f7c99483263ef9f4c05f8b4d780ad

SHA1
b46855d6aa080c2e56e46462b22df430fc1fa105

SHA256
5e17a84b7d5f3ed556407e696100cdefc0586c46b62724a8015cd533ab80c411

SHA512
b368bb63c6bf70911ce649cf57f700d10728258904fc724f46e7f61b45fa051fff6f24cec57ab1a6813603eda4a78dda3dd5a51ae76241812aa29ef4d53b0f32

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a23c8b8a84638019236cfa971ef9ae64

SHA1
49472f2c739b08e1eae67974f707865893ee8c17

SHA256
76b06a520ded41b16e79ce9288e4ddb24c91dfe32ba91f9386627a0e00543c74

SHA512
3c66529a6e82524c5c7f67555f031c403361c1136d6c7dcc04de65764c28b2f552f41395780c6e3ee9f4de09ebc3f18d732b894e8783e22515bbb00669ad902e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b3fa81edb53002b0835a31480b2fbc39

SHA1
ac0c86bf7dcd3abf2768fc27f80476032b788035

SHA256
402e3d2cc5008d4b72dd14865e8dcce82972fed8c36da971934b88284d4de363

SHA512
26ca1084d7d1bd37eedef77acda8dee4ad8b68486974288d56e7c179cd3736e8e3cfb18586ed47c2bd33eec3b721dffe61388bed47d0860a6b70b17ff7b4ed1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bcdceb74f07d1a8013e90fb8168df17b

SHA1
fdeb82eb246fdf8814eb67b80c4f46806efb9ec8

SHA256
56cc915f09ea7e8cd1b7cf59b57e8b2cae721a2a634b5201ad1ba70dd96f871a

SHA512
a1221ba38aac1a8df9f8bb4344353dfa9cc1eb2d9f2a731f614174c1feab5f812ea14799ff3974f39adee17aa5de51e914f32fb0946480a96596c7bbfef19280

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8f04253155c69c1d10f5cb155709162e

SHA1
859fb329752011e45c8c0294fdc74048d701cf5f

SHA256
20a56b34f1f53a08fc45326713a8ead3c96afc8e9230a18594d02eb9b987686f

SHA512
c7e5cfc9a8079edd6a5db2cecce79afc61926dd270493b0690b83e4cdf82816e8d95eabb613ebcf78a69f8163345896ebd0bbef2a8de4cd8a1d32a0648758da0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d66c572a55e639c2828dd65daa0fa98a

SHA1
e08b9edd609a0e7b2dc5d8d35dbdd5fc0237358f

SHA256
fd49ef4a28ac522b705537165df7b45a71f14042040735335eca3aae4fec38a9

SHA512
42044be7a4cc6217ed7c0a75e0d9da78f1850847c8628de06125e403eb8d2eb2fac10ae18aa9dc8e437791b168d59b05b6d3f2ba89688385a90410498d5e0d1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6b3019f01d6f9453ab49f03525951c6b

SHA1
10d39659c68f3dcebaecefc6b59d830f097195b8

SHA256
ecacbddda703195b5b62525a37a97240ce1dd96c01ca7bd3ff93c1b612747cfe

SHA512
e3c3d236b1583b1ad4881ea1e9fbd5126ce3f8fb15a67aa0e73db69cd82b38e46ee63cd8c728be680b4a7fa5de3d50761537d35405fd37058aaa7a782c7d678b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
22256e2387eff56e385713e24bab6fd8

SHA1
a914cab7a989ce2d74fa1a098cee3bff46c981b5

SHA256
e5f87dd0bd18aa118fab9221e3753e4c7dc72f7cd81e201eb42043c7c1511f3a

SHA512
a4adfa1ee154cbaa64d496b2087012edaecb064c7295426f4834fd4a88a96dab6957f6ae3ed15e002c56fb0151e6ba16c0d0a08cef02202f786501df92043ea0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
07ec44773b06d915fbff4828cfbc7c3d

SHA1
77921bd9e3fe80f1140f5487deefa60df38aece3

SHA256
0a63161a34df14d5806bef77ea50b94ac56d598dde5b3f13140ece57962f1afd

SHA512
5ed89778ea063a3dca3bc9c8f4a4a232b6c308f71d7c51efc38f2f9aa84110ae0a4bddfe40e35fa37fe878a1deef51b81060ade7baf30841fcb113dfb803ada3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a822e0fbd124583e3da92be788ca0123

SHA1
6eb34b9c8c1cac5030fa8aa90c457365710a732b

SHA256
a491d8dfea2ab97fd2ffc5453ee86366dac4a85329ba94bd93565ec0ec9ed12f

SHA512
d79f9b89c23f77afa170914b49dbda4202bbabcb7415170ddc81f944df5af42234cad7a4555539fb33837d68b50ab02949d90de2ca673300af636154f761b6ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0987080f3f0bf0b3b35625e6fcc30502

SHA1
890093080afc15d220aa8742e8dc2a9d865ca902

SHA256
d3cfe987198d2022aa333331accf227fb70055fa6cf8a1986a8ca914b10fac7a

SHA512
e2069c347d6b7ac5b04809dd2cdf4b8c7cde822851a1cae9afe51b44868b3b9513bcaa87ba48c5c7570ad093ce405351fe6f7bd46a0c5031dbbc814c7e2e84e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
de61ec34ddee187d8c77104c90f2c420

SHA1
477fd125844d15f5eaa0edc0a617090113d53343

SHA256
6b32be8cd1493ae7c488282abdbf14164d1d7b3ac0227bfbab001c053c6039e1

SHA512
3fa62733f89a571618f58a7c6c36092f259ac60d775902c7a9b9048068203fec918c2d3250f18fb3c4950140bd9e8d46981e726913b400b1afb778d6ba58faa9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8156c9d78b40213aae11f2839a634ad9

SHA1
3ed46b27915e37885b80f6630c09f4c099aa46d1

SHA256
98d64752fadd2a17082b317a8e112808ae8ce26feac942e2a784f1c56626b785

SHA512
f73b0f994f3a3c1337ebe8a1061fa58198fed96b9ce1522e8bdf970e0447364d0a104078bb887fa7bf10fa4f0de2ecf560384403436c3e949c3b54f689b86926

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1a50f4458ab3b92ec71c9dbcfd6a0de7

SHA1
b4fbd9972ba2ad3ba277a6bfda6f18a5ecf5e0a1

SHA256
291878849d1fb912ea3f986142386cc2af7f1680b5ace56078506dff0468f49b

SHA512
c9ec3ad7975b2d96ba8df1c0eaab688735e9c8d8504f0f56211d096ff0292488b8e9d14e43122a2ecf43bc0505959e193db130ffc200fb4d4d27d1c507a73c83

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
df4e1bfb65c1d793e52c63627c732e71

SHA1
7c0ca1231367294f140ddcf4ccec5913c1c76c11

SHA256
ad092ec926e4336892520f12acb538185b5715eb03df19d1d77fec89c7559720

SHA512
e864cb8b54b8bd015c38b6140ee4a2603642c6cab444ddd7189da61e831b8e3bb1ade865e7886dd72563aaa003cf6630527790947787b571fd0dd8fe72b222ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d4c83f8b72965d291f019ef0e2463e80

SHA1
40730fcb4ccbbf77d590e8fef8519abf51dfe6f0

SHA256
77bf1a804a66c04df0e230be17dda8aabbf658565c51e4d8c2a1b52715587b1b

SHA512
b092140425cf1b54b260009433e604ec082ddabe39d93e719a31a70c9c55f4acfe2e3e0b1a99aa011279a1c94774329e6414fc06ff9545f158fdf0c0da87de78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d3c7186b6f3fb0af6ce8183539edea07

SHA1
f3e731a4c598f0f668ce9cfad25cbcc413504f85

SHA256
db9c62b8da1861ae18e38f411366c49f6819dee7b342c416699a3e500e4a2b5c

SHA512
098601381d17b2a33fa0d76c4112362faa5411a9129b07730cf95eca9422a4fcc1d0b8f30d88edf01a0b0d3e77bd461c0d66046c296f4fbbe6f3c555bb869423

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
87f3eb6eb1f484e851b19a09f44ef55b

SHA1
0b31f4c06269d9f39a22159afbbba55729384ac3

SHA256
dff9cd15e684f9d4d0e1c39af8f52d45caf5b3d27b00469dc1cd48d24080674b

SHA512
f664a2fe02be5113271a4c819a94a70943338a070911daca488eb2f593a7af0afba487f7e84bc772689fea725f8ba9e9ac42e00dd1c85fa39dc3e5212a446ec8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
285533a94f08ca2b85aeb1208cd8a02b

SHA1
94fb7b1f5906ff236016ac2cf342083db87fe8f4

SHA256
834afd01ee77aae922965a2f30de52f09597a2ac2c5339b4c675288495818422

SHA512
0264495f79eefec7416ce066005253938231673ff8eacffec381673d5eee8d42bcd15a0d1b04608306b47831620f4140b2373dcf3f3774921a8161f65e27685d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab956.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA37.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit