e07a5f61a2e02683e439b98823ce782a0cbc321a407c0ce4d76019fbafe8c0c9

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 23:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68f1556dafb3a48c3563164dc40bcb02_JaffaCakes118.html
Size

94KB
MD5

68f1556dafb3a48c3563164dc40bcb02
SHA1

25ed58c0521ca1d820a7c942e6891884efd56e7a
SHA256

e07a5f61a2e02683e439b98823ce782a0cbc321a407c0ce4d76019fbafe8c0c9
SHA512

b87f6c8a09f5c6e2bf53c03e52e76e8fa56c8edb4c312469eaabf8a09c0f1b4563bef2079dede66cd28b50d92ddfb2393427057cc8f92158b4fa7633e5ecfeb0
SSDEEP

1536:WMLiNS/lycfDkOMjACEnUWFLK7Ley/rerXGyLZvBdkrY8mgHC+qpEyW:WAi8PRBdkrY8mgHC+qpEyW

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422580946"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000e6022de868b7a7350109d53fab569f9423d8ec79924e5da207c9559fe6ac5aca000000000e80000000020000200000003453768f62eb614ec98a4c78db181b59632ae168d89bed27b22d3bf2fa96762620000000ed3d34e6fb13728ff64527b4a79976c046293fe515b6d4d894d87049a39f61d240000000441d88ff605613067a372d3204ca02ccd168cdf3a8460759ff5bb119b3ad31620b1d087114d6c9e9548cc516623585adc511e18182225bc9103c4f09ccf35ab1	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AA02E0C1-188F-11EF-89B4-66A5A0AB388F} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a230000000002000000000010660000000100002000000072e42cb317a63345828378bbe8c71d710308ca5ead80f4f1abd23cd42e87635b000000000e8000000002000020000000405db5360db87cdb4652f2ca6061bf28d72448af4e33e48d7ae9ba44edf83d9390000000d19e0cf420f64e4c2101071773ba407d701a6eb9736e78722bbdfc0389245fb62fbab5faf75e0567d8c2dc1a5ea963b8b7affc9b2baff602a06d15123247e9f811eaf8f2904a64819b4dd65f14b6b71f31dde4fcd8d185df064072e4e6135553e7545c15710b76118a4d9e89cf0ef8c6b049cca6728fa75da5e67a76417bb65b44f9cfcee260d632584e5811e99161864000000087c183547ef3869ae018a63be51e473fda4bda1fbabd4bb5ca63d5124f5948bd8c571667ff469b2eb71aabf322f8b61c0fd7742fd3ef22505e6666dc7986850b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b081cc819cacda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2960 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2960 iexplore.exe
2960 iexplore.exe
2424 IEXPLORE.EXE
2424 IEXPLORE.EXE
2424 IEXPLORE.EXE
2424 IEXPLORE.EXE

pid	process
2960	iexplore.exe

pid	process
2960	iexplore.exe
2960	iexplore.exe
2424	IEXPLORE.EXE
2424	IEXPLORE.EXE
2424	IEXPLORE.EXE
2424	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2960 wrote to memory of 2424	2960	iexplore.exe	IEXPLORE.EXE
PID 2960 wrote to memory of 2424	2960	iexplore.exe	IEXPLORE.EXE
PID 2960 wrote to memory of 2424	2960	iexplore.exe	IEXPLORE.EXE
PID 2960 wrote to memory of 2424	2960	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\68f1556dafb3a48c3563164dc40bcb02_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2960

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2960 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
560b71d5134aa47fadc2e12041022d15

SHA1
b1b7c98dcbe8d156088f77b329caba6dfca00910

SHA256
caede66afda9209d5e890091401a8f5f14f6e62dacfb1e458f66f104b4632d0b

SHA512
ef31c19255a8bcf60d87474bb6f33e1cc28320fe8c290f6f4b302aaab5882bfc343dcea2d99b432aff55aadf47ddedf1c5674a593d190dec4c9a3706c164ed11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2bcb676bbc572d79567162a93377e193

SHA1
c38290a486053263f8b71bc7751941c16c54b39a

SHA256
ac563b4410209af2c4d473eae7a95d3d3ed0b39145cf96398ae15bc472554758

SHA512
1b71538ca0c037425b1df5352b7cafddaa408de6878fd0af657af20dc44bc4da0cb1a1e10c502d43f49a7e21a884f720a0dbdc909418c92f1132a6fcd8f50b56

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0f93520b4c9f2bb6b6f16916761b97fe

SHA1
159178f8e0497401058b981d32713ae1b7b39a35

SHA256
5c94934adf2980be2b0a19dfd2f9c9a871abd0b80387a10dd3d0f756c86adea3

SHA512
ef85b0529920057da56d98ea80cc594acd076c39077f9383899254b204f03866a978e499624a12ab5f84d62c0b0d19bdd5b4bda8a20ac26f1fb7373759af0fa2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
76914015db90ad65151036db9e232a17

SHA1
2ff93da9cc1f5e6f4caf03e02e58a40cae930965

SHA256
63ba36b4a29987adda9bc72f62163476cc80e923c0bf12cfa73876bf834492dc

SHA512
ea6bbf32319119ae527f3a3262c838b65a77d01328454eab0376ec542ead8770383427fa446cc5aee331495aa83e9be657ecd8dde303b41e2ce59d190df433ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
86d6d2e32feba42ad6ac0be434a3fad6

SHA1
f84a201a695a920d364032078d2aec9cb06a7637

SHA256
128be205bfe7b3ab4b12a64234a1290da1d7d216bde759924a2ea867a12bc62f

SHA512
98dabb1c253ca04a8f88092e9ef19134c59863eba0cc4ee8590e4675f3785016709d95ec56f14add1bdfb8d9e846b78c01b50be703b8449a94dc70a35ccd4a14

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7890df59d7a0d3b985224f4a02b3f3bd

SHA1
504d1497645a44f55a33a66f64063745ad804445

SHA256
0a42328579ecd33db58494eb8587afd4b186c1922108e03061473fb63ae22afc

SHA512
592f189b843fa50494fc455a496f13d54de1c6d916bf1ff96ccd77842a571043409e37d2549c84f07dd47ee5c90545c1e88b3466db3091570aa99532ed51586b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2ed02e8b445540be66f5c932b4a6c54e

SHA1
fb0703def34952e2537f56cedc3b5c13be790b7d

SHA256
7fdb327ec8f833782749de3d240d74387fb0bd5526e179a72abf3e927d6127f9

SHA512
ed992d6dbe49a1a92db2986781701adf34d19fe0ab1037a93ff39a9cd170bf1dfd3f54ce25cf85759e5b9a92d4b90718b1230a541c7bd85ec662e029552cc840

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6bdc53fcb93300fb0c33132cbef377ef

SHA1
bc4bb8f5639b012cded2e2c8513fc5f68901574a

SHA256
4d5497887060408aae5302873d622a4c7bf62efe03a7d42ec8368a22e06a2816

SHA512
c72ac7e7e6f779308fa9c38b8a7c855a6741841ae52303019bbc85b94253aaf61c1a5a264e4f20c7be6495afe0e75c965568ad19161e546de3a13b68429f7c3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
81a7bd9355d3b08223464eeb9b7df765

SHA1
a2f5982db0fcd0ee4e730d7d9bdc638d033a85d4

SHA256
7b840b318d2b800c5b4e061250caf43c8672cac02e2db73fc198141730bd6666

SHA512
c44dd81e9e02d11d428bb2497ce19d05fb30ee23d2cb7feced91cf1510ee188f809971322e68aaef83d4b6f261afef734cb820dbab44fbfaf471b49383500761

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b76f88eb5a16b85a6abcdf38941cd050

SHA1
c724c8e4e3bcee5edc20416ab5723c5b04d65348

SHA256
98e3ad509b57154086cb9183bb26c3a1f514451b59c9b8e9d93d698727e0600e

SHA512
9b6061c1280146f098b701619ba63be2abc3250e7deaaf5c849d3b0b437bc825a2d23cd9924ae93958caa4c6a43d17c303f632a8980e3bdc1fcb18b16851b46e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5324dc63b45cfac0ab6e0bc911dc9198

SHA1
670754149de04dc7f0b985b7eefd1cd0b72bc8cb

SHA256
40ad99cf1700730886afd81d9979ff2aaaceaf3ade08ec0fe649ef0ca61869c1

SHA512
c684f4d5a98bb1ef4d6dc7cee571b064a5f72e642db0071e1f25d3c65bf740b29c3a1c083ff5816c66475e81aa552593bf0765fc984d4c5ebe61e07cb9034049

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a14835596a256ddc66a6748ba0f5a2b1

SHA1
556ea59803a4ea13dffdb7a6be54237944d097d0

SHA256
ef2b9232ab76deb7f7de6581b4f9d7db98cb86c7ce08234b3da2e129d3131893

SHA512
aa80ed1fd0e9052c44da9afa36d9196286abc4fb0f3198322c3b82c54e9deee85ccb8e7c7026b7b8dd3df7f8ee77ceab2a4201d4f460c70372df9b53ad3e3d5f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1a02ac06d460f218a066967f70117c20

SHA1
136da625412f5c197cb787be2433ed20fe12f4c5

SHA256
613d9ff7cbcf266c03f0d74ed9b2390b22e36af05e7a1e5fedbd9795c8214d8f

SHA512
3c17ef7c03461a86c5afded9ec5155feca2aaa838b34cea4575a6b702aa20244947db2671d32a8c7bbd06833058c625e56942f83b30530b98049e5a61ceae276

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cc49022b7056fed86c789938a0f854c

SHA1
df15c9762c41d06782a90b44de601e65ab5d20be

SHA256
8a017cc5fe163ffd156467d26ec092d8b91d86f9a3a6baf7e13409cf40762c2b

SHA512
f1c892623127c26985a1817f2f954f55e031e4ba88c6b28341af8d929039b3f431fb9ad34eacd34b6755f165eb89f5ae1e85340a06d917a7c693be6550d8e0c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
064f98d796e1bbdc73a6ed6f89fa8a85

SHA1
c2446f1398f624ba9b12fc866428b66480689b69

SHA256
4a64257410111b261548e31a0c0a33333e3860e2ecfb4431da0383323d97062d

SHA512
5e69fe4706c60ba4152fe861a4b202604f807636353d3fbf38d3a615933dc1a220f4ecd73206f51eee08e85e2f72c1bec1b0b9c4186c3069a8e0c23a3a0c7a4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d0143931a354006afbac03aa784af192

SHA1
09e73156856998296010fec8af92d664e8d0bc7c

SHA256
ebedbdc72b85be812b4999bf5ff400667b9aab08fd52b4b427c20deaff6a2441

SHA512
11a74defd926d31ba439aa29cd3476f092760130badf4bc2a3fd230146866a9f37ca0b26a4babb24d6f76eff6ff4e9d8850864fa65c0c3e4e9895a0a1a1bc1f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\jquery[1].htm

Filesize
162B

MD5
4f8e702cc244ec5d4de32740c0ecbd97

SHA1
3adb1f02d5b6054de0046e367c1d687b6cdf7aff

SHA256
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

SHA512
21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4E52.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4EA3.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit