0121d746090f4f5ec15e1b3ce6785d7699f425e41617aba11e09137e54db2d99

Analysis

max time kernel
134s
max time network
135s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 15:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63d5a2f16d8c731673181c24dab00520_JaffaCakes118.html
Size

213KB
MD5

63d5a2f16d8c731673181c24dab00520
SHA1

e146b37227e4f355d7578b7ff7c1e3648b12e8e9
SHA256

0121d746090f4f5ec15e1b3ce6785d7699f425e41617aba11e09137e54db2d99
SHA512

422796c1789c38450dd68dd88d98573a4577a26c89492a89700789d3b588112d857aaac5b9a4b09eaa2f82e077e25a810e9cbf6404a3af6fd276fb1ef4cb062d
SSDEEP

3072:S+jYATShEJ5yfkMY+BES09JXAnyrZalI+YQ:S+p9csMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422468175"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{193E1C51-1789-11EF-97AC-52C7B7C5B073} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2032 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2032 iexplore.exe
2032 iexplore.exe
280 IEXPLORE.EXE
280 IEXPLORE.EXE
280 IEXPLORE.EXE
280 IEXPLORE.EXE

pid	process
2032	iexplore.exe

pid	process
2032	iexplore.exe
2032	iexplore.exe
280	IEXPLORE.EXE
280	IEXPLORE.EXE
280	IEXPLORE.EXE
280	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2032 wrote to memory of 280	2032	iexplore.exe	IEXPLORE.EXE
PID 2032 wrote to memory of 280	2032	iexplore.exe	IEXPLORE.EXE
PID 2032 wrote to memory of 280	2032	iexplore.exe	IEXPLORE.EXE
PID 2032 wrote to memory of 280	2032	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63d5a2f16d8c731673181c24dab00520_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2032

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:280

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e3939675a7f481177beb7543bb32320

SHA1
f2e057dfefa3e4cec10885ae14b8d643596d5296

SHA256
3ad3aff25b114cf03ce4cf18578814ef0ad80873a659280333270437736c4e77

SHA512
852dd3e0474b944c1ea7e2f7af3bb9c303d08830af8ce9d9f3b33f9e94f4f7fbe325cc13a316bd5c5b563b417c8e4997119b77286e35e972a7017c9ce50a96c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e3d80e6d66e964df1f4ac5eb4afeb05f

SHA1
e4acafc85fe60d23cf2e989c7869aceb38552673

SHA256
150bb35745ef7b4fd3adf1d46c8be8fc0a538cf74ea9d2f15413945679639cfd

SHA512
7375dc084b2bd369ef446d2b03589a59d7f309f23366098a6354fc57a0b064d5488a74a6451bf331a15a11291aa13dfadc1ba71a2a4556ae7672760d2d1fbf54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4faf27a355195062bf4b654f9a173c94

SHA1
aa98bde97f21f3cff206e656f1765cf61f7becc4

SHA256
0dfb50af0ba0e83b8f1dc6ce4c164f860c62df13937ffaa46a6e70e017f8d8b8

SHA512
ffdb27cdf4e08ea238f9f766fd685d76c17cd7ec50f3e89fe63dc3b0042ce82b6ca57a9831eff385b31622439ad77a70d42253269d8bdfa0ee33445ce7961076

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a108faf9bd23a4014b6645b11d77520

SHA1
d718062431dab8c0c96e11937fa7c233443fd256

SHA256
28953782509b418d7e33716ebec41fc048c0a457c5990660df7f2e5dc0a398b9

SHA512
dd02635333268b2258a93a16f12295068894ec9fa26756f8b7726c6de5eb79414c67cf2d25f5d30cb6dac57e8b8356a3642bb481ad68376b920f797c55d196ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4311068f1dcb4084e8322c0a7446a356

SHA1
6fd93962357a3c4b81448b4a1dbf9f1fe1302b1d

SHA256
0801c48d0641548e9f363d435d3ca20f97b8ea25b2f45f459839f1a873ad1e8d

SHA512
aa613d8d545a045feec5b56574fffd5a1e5bb3d9b5481dcb3aae495d9c4ef5d92ae2d538d0b5288484550a7e04c85ae3512dd0c710cf617dbbe16e03c28f6892

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
18cc29bd6aecd8619f5639ca3f28c988

SHA1
3d020c15277e030901cd33ad482a3fc9558744b7

SHA256
d47111223cbea878d82f6a1e77da3a0bc8046b1b0383d2714a082ad6fd1353ad

SHA512
088ebc49c3ae952f5944967c85b9f7d47a55aecdfc248789d617ccd9da60a85b3184d0497cce463a693a468cc3000c6ce41be99e6ee2164130a23c67cd77e285

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
98f7510ea878f5189de0c9935adb8a31

SHA1
d343e963a43abd6fde0d4e528fcb761be34bee3d

SHA256
0ee854f0977f12781a0e4915cfad5cd5f0b469ffe95a437c1265373bc8145737

SHA512
a5c5371c0a93240aa7f65c1776a6498d5cf0a87e4d0104b83ccfb9a1972c2a0e6799e1e7e9efae3d55ba6f8a3b129a3bae520a3fd0f3d53fb43382b6db477644

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f25935435f57ba87eb675a493c630880

SHA1
6e59259762f6d2e17d9b9079f2b93132dd15f8e9

SHA256
1da804bdb7c4a79f625900f55c77f89aec19fe56798418d1e2d85a1effa405ef

SHA512
d73ddeb93fabd864337bde9f9ee6e2ca5f2a5a5b30a127c62241bcfafda8afba804b80c405c1dee96e565025b779d164bcfbd4843270d4bdae281cf8b0c7a529

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
806f4c820c8b20cdaf2a37aacc464a82

SHA1
01f82d5844ba71842e30091495425f35621a443e

SHA256
d86f8b0e5ea1c085ca673a80634891033bec4b29ad6df2e54a3835e821fe938b

SHA512
47bbe023132e37502e0b5651bb8c329873939d2ab77b414a925379a50bc5f9fff970a3de1b50a549701f423bcac9181efc92cf2cce7e47733d514ebc88c975db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
71e4970226a5bbe41d11e7bf5daef40c

SHA1
b5efd08db9cadd144fca3c30d2c469d7b76bc4fc

SHA256
19e06eb1cdd4d3f418c5ee7995044fe2859a6935530c2417a91a2aa46532628c

SHA512
d7730ec13fdf8af9432cbe064f643fa18debb80b0c5554e8b7c2923bf28515f848cbd08bb0c41357171df87a22bef83089c7600ed224348bee68842bbe18ee27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
442b1dc75161b12d15797dc94fd9261b

SHA1
f55e3f7aff429e09f8d7bf9f90917cb29f893d56

SHA256
e6975dcf409d5edaf8c87fd0ba5a1b3edcfb10b66753d0f09059d73bc9f877a3

SHA512
ca93f2723ae2cda63afcc73c9258b82677212ba05b9b6e3f34b54a9f06cc3b2d9aaf3eea156e2f42976e742f74753918a760456e6df1185bbfcf3dc5212b27b8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d18d97bba79942c40ddeb3b6ee11106a

SHA1
36f7f32e56f7dde08e6ec1265985811b2f7d676a

SHA256
ac35525b859b9db4efeb7a21b5e6e10ebf100703dcf7f5e0ef23dc293216c252

SHA512
192b165ea7d15f6df3eb8b570bdfe200f6cc08fb8a0fac6224c3441605621094c9b9beade7d3074753997248c93e2877b69349276d9e986a65afeed4783fbfa0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
502e673a4e463b707a142117ccd4b5c0

SHA1
b7af4c8d91359145fb6940a62135d3fafc8a2bbc

SHA256
c103eb1b1f34361851a114c48a40eb426abf12ec78b623cb79d1a5bcb41439c6

SHA512
27bf247d6062021f93a5f71185d8cc1a5a56a71636e465b560728877cd56bd86227a9ac18261b6001e88ee4dca59ac1ab68d564c158cfead3ed6d5b4ce53dc30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f97740adf4aa23bd305c430eae85af30

SHA1
18fb954b040265a19eaedead18073d90b99e10f5

SHA256
7e983bc52b96d3d63d57c4141ffb7e84b7e19fa3596d6a896ec558dd337ca3f0

SHA512
f49b9d6b73eeefd202c9213349650221958f94ee57f0d3d9a18e1723e518ec1a325b9882dd809ea0e330974865551b100952cfc5a73d5d0da7f8a3932b72db5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e4a2fd3540a4de4bb9f6b170a992a86a

SHA1
66e75ac6800c7e900f80fbc27ffeafc6b17370a0

SHA256
40ce8d52de0b9df33cbdf5807362ddfa63ebd6b68c56c089cd76da42c185df52

SHA512
21eab26d37ce62d53d72935afa9d47924cae2323846d03927f3eca93b1fc05a46bb25b9c555bd2027754354f939597f7231bf521f04d1d157c0a512c2e9b1c37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8428ec0c9455caa9d75f0407fed7238f

SHA1
f907de6b24e3f499eae8c8c07ee9283febb9d3dd

SHA256
1073fbc88fe759a86f3989bca790f104737d97b943785d6ed75fbf8bf74b9009

SHA512
0eda1747371fd9c3b1967d9f597b9dee1effede0d4cad99c93695afdd3b7c082223b98fd53540c5f24facea7e1047c7a0ff9b78a75f8e76adee259d8ce69eab1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0ed944ffc0b0fccb312359b7063e712f

SHA1
d13e7ad98d986231f6933efc96fa65454912c264

SHA256
1708567f2aecbc1ea1ff5a96a1f7b67937f67933c7e3bc212098f1d8de4f4585

SHA512
6071e7d7beb1757b2d919cd97bbcc018c907815db8e5a4486f1d6adc1fb883f85262e65f5cd4cb54b852add33ce9c2cca6e6f1c8620ac24d1735cbe9d6d56be9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ae6604260befa7ef542c305a550482e9

SHA1
1ad84d2abc9920e2c7b8b17c4fc103d0e62847b2

SHA256
b8b872bff26349f7114622c17c57ad498c8471db798c485062f829c79fdab282

SHA512
1dc155098a276d51393c0f75782ae679dd6cb4544e4584925bae2c10ebe639c3a439d39b20a18343ead11c6303b6ec68264374587aedba59ad710ff9aad7fb29

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eb891fbe5a243b233e5481448b00e7dc

SHA1
860ff83fcb814084e33862a5a606ca09c6b42d02

SHA256
ee989ca54abfb64ebc6c3a96f876e212cde9478213f39e896c714cb18ebbb516

SHA512
22012e6334d1ff6a8f1844a0c9a2b35050dab812fc3e4a3712caf8ce5f39815d016bbdf15cb19aee4fb83b4f21c6c8618815dc8ac286c5a5df0288f38c16620b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1316.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar13F7.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit