ff58c0f1bfbbe87491677c000e787f34c15b335cbe28df62fa229d98cefb8651

Analysis

max time kernel
120s
max time network
144s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 16:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63e8e21a2832939b6343aa54d94d7281_JaffaCakes118.html
Size

70KB
MD5

63e8e21a2832939b6343aa54d94d7281
SHA1

3357ddd043844be803c947c70fe1c33babf5405e
SHA256

ff58c0f1bfbbe87491677c000e787f34c15b335cbe28df62fa229d98cefb8651
SHA512

12b82f7ba030020a308f0e568eb26bba5cecc8e45a2063c3bb070e46c33dbcc5f6d43fdea4a686c66fcd8a20dca9f3677227764236fa7a38d720b62811257dda
SSDEEP

768:Ji1gcMiR3sI2PDDnX0g6sc6QL8Ib8W0oTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpq:J37NKTzNen0tbrga94hcuNnQC

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001eb3e9adbfe5ee44a7c086f44fa833e900000000020000000000106600000001000020000000dc4337aa1b74bf8f1ec1b05a94e63d0a356d2a06710a03c30a763f2abf6d0f4c000000000e8000000002000020000000951a2bc3edfbe311c9ab3b3ae1d4452b9544dc51d350ac4d08f5b4a3813af08f2000000050288d80a8a2bd4a778b1de7f1851be80197eb4ad06bb4a9c0ed4f8209acf101400000005fc4f9396dbfad509075264fd9f2a8491261f4462e509c9fe736825befdb4ecd05183c7732dd40094b2b81bedeca157310ad9e6c6652ddb3758d62655163d409	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9AC039E1-178C-11EF-A6D5-5A791E92BC44} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0369c7199abda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422469682"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001eb3e9adbfe5ee44a7c086f44fa833e900000000020000000000106600000001000020000000530175db0ea2e551350e03afef03a6ab05ea99e089edc54fee3c9e1aac20bb89000000000e8000000002000020000000d4223002cc5bad23ec889092f443cfcb40df4ea122ef59de497309988da5dfa090000000f33e13b64071120026c3279f1fe2223b31212f66a2952205f45f2f38daacc05ce6d6186ae7226650406e6f6dffaeb7baf478aabafb2bed3304975b06c7ac9b24c8b8a2fc269efc629072047aca3b9b6905ad9fc7dbf98a7b853b8a8e86986c6734716ad564f7da3eb1516cd3a818fa127d74e3f26c639bc534f81d14c0b7c555fa7dcfa587b461fcf16a053b153cc11d400000000da01be0c33d2bea8eb9f3f3b902ba5e87d26771f54fe0cca736eb3ff3f38cfbb682646cb2f024df33fcd3338c6fbf0448e6a1493e9c08f0042bd13b3e97a5df	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2264 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2264 iexplore.exe
2264 iexplore.exe
2040 IEXPLORE.EXE
2040 IEXPLORE.EXE
2040 IEXPLORE.EXE
2040 IEXPLORE.EXE

pid	process
2264	iexplore.exe

pid	process
2264	iexplore.exe
2264	iexplore.exe
2040	IEXPLORE.EXE
2040	IEXPLORE.EXE
2040	IEXPLORE.EXE
2040	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2264 wrote to memory of 2040	2264	iexplore.exe	IEXPLORE.EXE
PID 2264 wrote to memory of 2040	2264	iexplore.exe	IEXPLORE.EXE
PID 2264 wrote to memory of 2040	2264	iexplore.exe	IEXPLORE.EXE
PID 2264 wrote to memory of 2040	2264	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63e8e21a2832939b6343aa54d94d7281_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2264

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2040

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
44d8c06677b1656f2f06ed32179fb45b

SHA1
7ffea720cec5e8db9527d88c257d3bde761c9f10

SHA256
bb699dfd8c7e923c8afad672912bf8e6bb3c5eb8e2531d131d233623a7170a8c

SHA512
28733aab11b9ada6b773802b9e84fe649da7b00e70f48bcca26730712971698a021ee3ed8919ca71407dedc39b7be7e3f5d81c369745e5e59dcc24858c028ff9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d92a39b429bdadf8a9236f02a132760d

SHA1
dc931e74e72089478e4c0f6aaea643b69710bc60

SHA256
3a850aa37ce226b7a02aba2c04e0e4ecd54304e9ec836021d1f8feef045140ef

SHA512
1e36b8c40c0979a3043b7c838c8aa63402219382e10e3797c459e57314b536420e2482892c68a12d74d5b335dafd146a22f85953724536d148bb3d4e04cda9ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ef95c2585ff53e2f21a2726c4dc6601d

SHA1
209fca83ad2101448f7088763b7284a5f971be6e

SHA256
c4b73e7216bfe796498c3ebd39ca1126ce51c52dad748bbfbc1262ddf6e13439

SHA512
58807b66acd3e396e1f994f6726927ed6cd70a8cd602efb3b05cf1c1976bd5466cefb0b2964ae68b0a19ded2c016ede919bc72739e8f12d8a6c9c72fce0e5bb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
82a5143e654a9c45410cbe9c1d26966f

SHA1
c0102800668e35171212b37f792bd4e04e556190

SHA256
15e7480b40592fb6729320dc27b7ab43fa48bb96940b203dee2dcbeaa2057e57

SHA512
b16113e1aaadedec9ba0a33783114806fb6d027be0b22910a1291e58b678ab7b1a0369e2fe5b7e7614ae64ec64a474033bb784f6d326a2b412914ee457ac6e5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
e2f67f983e8dd11d10ef9f0df75f9e3d

SHA1
ad364ad10efbd016c87e495330301287d17e517f

SHA256
93612fb43fde222bc32f3a00c4e291914b01bac2077deaec77dc5a527ac4823d

SHA512
9123bb467b0c12c6afe73d46c9a3be2555ee5d311db6a2109b4b695f37a1b23b7937cf31aadedaf3a65100ff58e30f0b1eeae56cbb362f9309e56a51abf033ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
27827d194ba49508917d114d2b9ed101

SHA1
8e4dea20075f1c589e2f0129665f8b685b841014

SHA256
93c61f274e1613e798ee26ffe84234141aeacf995e3182f710e7badbaa1cd718

SHA512
cecf180875eaee3533df93d44f77270e80a50eec604b68c6148dc7d6b8139800c891795317bfbe7772de873f77156e117a0c6a3d7609bd05d21f6cf2eb798e3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4034c2adf717816fbd8148a1c520b1f4

SHA1
943e8039c6d9dc9bd68955294be0affef4fefc34

SHA256
6b85b8f078514cb5a073514c421a448e180c358326bf53112ce35f45c1113ec2

SHA512
fd8fbc5127c68e032782ac4f126a7b9a678f4669cb45fa055875fa8dac77cb8c5c76d0e3b566b89c382c4f67ff893f1ed0c6775aa2cae19b520c3f821cd50519

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
fcf2d679315c3e45a735adced2f3e94c

SHA1
79d556da648824de1d04d72df3b6aeed590bbafd

SHA256
bc9f350b07e01a089ccb64b76186d11f41785ad733df470af94f4b420cd182f4

SHA512
a006c8edcfac6d7a5eb8214e51c749bdfedf0c3a7e7cf68aee438566ede9a4a31caa9d22a1fcc74391486c5c1e2587b2746142a34f673ef7b10b5aa82867dae9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
2ac05108e142a70edfd30a47c471cf06

SHA1
1196327a55ba1c07aa989654e9b6db255191029f

SHA256
b3fc0372f7be0761879ba14712c66db53c741bd43c07402f44eed76a961e6073

SHA512
b3725bcd09f777c913452c5cf79b268286ea6b2f930629021ffdc22a6d85a7264d371c81a22266359a10e5e09f6dfb9e844a41e9eb6ebbece79cb4012e2e63d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4f310e222c2a720c64a03286d600a46e

SHA1
af537036b94cb5a6efc93ced3e4d5bae594398bc

SHA256
a8b26f83f5e3c6845e12fe8671bf317d84ba8228acf2c029bff4e626bcf9318f

SHA512
27f2ac63ccef7fb9e035cb648ecf361140ad3e68fadff76313f246666226c722b52ae3b7d51566da8041ef47e0ead28c622d0570737b901a8dde48dbb9b4c9ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d51410b386e39cc0fdda0796ccec65da

SHA1
a70d46028f0d6952e70383bdf3ab2a0940acabce

SHA256
66f0e5b7987fe1f7c017a6894cfb3fcdcfee6973dd7be04ff58a79d26255b792

SHA512
70a1302b05ff7570c3a11fbbc92aebb3a97909a56cd939e917334175c5397aa4e49f779ac7f24c25a9dc80b476734c9c91dc97aea0ada981a48e05d7df848aa8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
98fe63ddf499a8138e33e09d6aa70850

SHA1
b2ac44f09136ee4498b9e053c7527b80a3b05af4

SHA256
8bda7199871602821c3c560500a6e6cf23e5dc40e605ffc9a84dfe1c70f121f5

SHA512
64283b6ffadaa4e506f6eaa5509e77f9e3a55a3f89016ed9a283a1b07e1fd8a483c5d99b3655369c4e218ececfa10ce3522dc7b70660bc9fd44f15c37a7a5073

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f1b60d0611ea768723863ff00de53ac4

SHA1
58b46e46c5ea94c32e8b439206c01165138a29d6

SHA256
fc49455fdeefc022cf90b20cc46e5f40536f0dbc081a72eb1ded0c9f0e31d376

SHA512
5b28c79e078c9aacccd4c6dac6e068f88c13ffe5802a6f78276c34005b7e116f8a196edd6611d443d0db67730e90fdcf8e0c80186641d00dbadcee0eb29c8d9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1edcce9461296fcfd46b054cb35abebe

SHA1
b11fb0536f7fc6a01850c049a2f748352ff344e2

SHA256
d9dae1b8f922ee489b96c5098b6fd19a448d13823875113d5894ea9c08597215

SHA512
8d244e05448252afe6034fe5b44711015432d8e635b7295937cbdd809004c982f5a1aeb3d4f1d87f24377c28f84a695479708a9c1543288343dd308eff36c74d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1a3d879ef1203232d0234bf0b7d4e617

SHA1
7295e7253803461f3cf9c36e94e90301501e9a9a

SHA256
592f80cb4bc31584ccdfa7d6c7ca58cd3656ed720b784ceb40ef41a215a2cc26

SHA512
13d967707055a5e0a6d3ca67e4bf34a763733c3e2eb5ec40432c2dc336de57c8663c1e257c89d4b59a7255fbea3370b3c82f39afeeb792df5fa88cf973b52d0d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
e0de879fd2277c7b47aa0f5f2be1051e

SHA1
c4106c8f918235f32a10ff2016321d5caea156dd

SHA256
f4dbf2a1c35a0c4f57ea0770804363a402b8ecb7365a60c945437adce4082c06

SHA512
b8cb8075e9e96b2968dc98ca4f589b082af272903ca907aa512ff29c886e663569f3aba77bc92281428c919c34635c791ad9a0eea4471c315e99cea9179add20

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabCEE6.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD0D3.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit