aaa293447cd7f900f6bf46db49596899b165c67b4665486e8c55b2435e23bfea

Analysis

max time kernel
122s
max time network
130s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 02:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65bcb1510fe9ee6f96029a0d76f86b1c_JaffaCakes118.html
Size

16KB
MD5

65bcb1510fe9ee6f96029a0d76f86b1c
SHA1

c02b58cfd1c8e3439fc6ba3d519c152e0a0e8b52
SHA256

aaa293447cd7f900f6bf46db49596899b165c67b4665486e8c55b2435e23bfea
SHA512

d353a3a90e91e6db6178d07f9b5fc278845cb280a288505adc3155249e6ca7a1f4e4b4acc575bff1fd9b72a80103d5ec9a3595290459ca2bac68f827c7710da3
SSDEEP

384:NASjFK3JRil8RNi/pHYE2vhN0/ex0mcz6Ei1e:/K3JRil8RNepHYd02yzViI

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000834425d81cbf9c438db568ed2a5c81f800000000020000000000106600000001000020000000d2284bab9375ec4eb7f580f1df4c60bf2f1007495eb87a56e8ec8de9dfb52790000000000e8000000002000020000000526bb1f5c4cf601367a0d5663d651607b090e8c96eab1f5748b72d08fdfdfb649000000090e26d80cb0c19cbf813aae85365a170b2269d1052f98f3f4ee1098c589318e260eb2569bf69005f2dcb7138c44122cf67ac5af656ec9b449925aabdb7b25efd45ad37eafca6f1bf941e80111b5a1178ffa5045787f7958b0dcd198848f5b8e343335798d2fe7bda57a3682c3b184fa7feda13b5d6e4e9a0a2e622c743dc3b7ba8f39c38bb9bb71d91abbd7e28318db540000000af5636e2db274eed6e4045f453ef23a1dca4bd2d35053f9b31c72e53bcb91431189e1a41168890a3119a6b7d1c20ec732b497477aeec10aa3e75dc30d3b61ca4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 505713f3f1abda01	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000834425d81cbf9c438db568ed2a5c81f800000000020000000000106600000001000020000000614178319a6e1bc345c8cdf7e4ba29a1e24132ccdd652dbeb3d705efe68b38ef000000000e8000000002000020000000c71a21c332d6e9874aa8a47bf535f55fd9e5732ce899dd7091f9aa2e774642fa200000004201990eb6290c892721e689e6a146b85fa8c7cea4b9715c30caecda8fcc5c9c40000000b43368848f2324ff513336a1b3eeda781df22c617af23f6946f76f6bddfd57065cbfcef858c572e22b372c3f8ccf0ae80f4936b2af806b7321d0c56ec0b891ba	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1BCBD6E1-17E5-11EF-8B6F-CA05972DBE1D} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422507696"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2260 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2260 iexplore.exe
2260 iexplore.exe
2712 IEXPLORE.EXE
2712 IEXPLORE.EXE
2712 IEXPLORE.EXE
2712 IEXPLORE.EXE

pid	process
2260	iexplore.exe

pid	process
2260	iexplore.exe
2260	iexplore.exe
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE
2712	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2260 wrote to memory of 2712	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2712	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2712	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2712	2260	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65bcb1510fe9ee6f96029a0d76f86b1c_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2260

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2712

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6814fe92b380c2722a205df66d7edc80

SHA1
41f6514e0510349f9ddf8fac0d4dfbbaacba372a

SHA256
b3a5329bccd20c26496836735466a69fd0a5d1989780490109f7c2d31c7c41de

SHA512
657fa23a7bf062eaccf6d6ee9a5b2d6e3183537fa213c2cda6972942f480cff8ede1339bb8f854d95e1727bc60c42bdb514ce01ad7e1ea5c74f0f8ee3dd40b27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
5f666f609f4e8e184f5c5910454745df

SHA1
abb551966fe5bf275983128c77b9e46631a80606

SHA256
c1c28b6b0e3e4ca3a5a37924cc58bf20336163a91338bd1228fc64a15c7993fd

SHA512
8251b8e69e4930b82143d583cf40e96f17f530c6d09546ad013a31ba0a58d55658528084b4e9e6f50071ee50be79d179ad5fbdb80c7ecf10208d9cf0e3864171

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a7627cf2a6fe7b3a7a33ebfd0d8a01a7

SHA1
8d95e6045b7d5e61348290c4b103396abd7a9104

SHA256
5b36ce154b9cd893375374b8973a2b55a38e474b524ab9fd43333271fb0a0eeb

SHA512
c9d26eb9fce93bc9dd8a34db68ef401f749f2c315d92d5de1ce138fccfd9502498752626bd4c59ff44b5da83fe9569f39556ee2eedee26aac86763d08849769d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d805db09aa523d478f5102b17a5165c8

SHA1
d7a170ac057a90b74f8aced97d70020e5fb218bb

SHA256
7a60fbf2b2af54f1c2b8324c2fee0915622edcfc2f76c924ff70b18de9ce2fe8

SHA512
f89d320a69f16c4060d5d66aa4dceee773c5f44a5f63aad86ca63d72d8d5aac51ae13fadf89e79eed1f86f9e5f83a5257a6d9c4bf60c17b001eca6b45485812e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c6cd718bd6c362740818ef0d648c89e6

SHA1
bbcbb7bb73d766f378ca366aaa50efa14ce0515a

SHA256
9f55924ec50929252e401dc168737e4678c55f8498a6d58c6a56faaeabe56fa4

SHA512
9a0dad89f845b20bc37cdf70a8811a96427392b28035d4ab76097cb211c9e2d15c6a7183e5e9bc445b36c31d567aacc1d96ee796015e3f66cba3eb39221a44c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
560efe824eadfc0ad2f16bb837d97ddc

SHA1
8bfca1d4815928bf04ad547c13d5127e245b172b

SHA256
60e30985962eb0a91cd1b3c51fb88af61be25ba99e118ef04db575669535e362

SHA512
b6cbe096ea7f4b174b94354fb9a3e88703ae211c9c849dee9ce4159a8d503abcc839dc25aeeabcbf05d2ab80052ca3eb3549fa162ecd288c393aa0276e0f436a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
da86832677d811324e1227dad3f3ea1b

SHA1
eb91de8acd6697ed3f4884899f90b4c88042f0d8

SHA256
00ddd3f3d242efdc902da9599fcc361bae74086a2d80119d59fb8aad14b5bf5e

SHA512
6ddbca1e71bd38374dfdb5169149a46da82fb4138903a1d5368a4d24cd9e52a2d0891e8edb6ac3f0017834c9c4f60975dffe0f94b5da900a173eab1b7113892d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ec845754b897e6cfa70e81fd6f229f6a

SHA1
e18f7e61242b9221000c2e70ce6a5ed1d319ad36

SHA256
9a25c693648f8a116508cbc9eeb2c20ba60a8da8a437eaf09c94038ef200cb8f

SHA512
86f3d072eed360f21f5a4fbef321aa26c6b741977b465b4bd97c38af202f2ff837a15c486725e8105f6090cc7dff718e36e44fd21e5c528768b0fffa017de4c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
fb39cfb0d24d708eb3b1470ba353a054

SHA1
88e73905e24f0af501d7e64f04b47f02080d7d9f

SHA256
d2425b1f97bf1a3b4a24654f389bf8ea0e0722273b4eefa8281cb60cb5f6d9d9

SHA512
60585643e4a552385357e1c34472a814a97e5dd6e4122175d4b696f43e8b52bf12c821c5ccee96469a4ce173eb627bad94f5a4d81556a77b785d5e22773716d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4c0190a11bfcbbca4e860179aa611f61

SHA1
5e8577f5006248d8ceeb51517c5b65feac11fc49

SHA256
18bf9cd3e8fe57ad557906b42b112951201f84e457c56dd2e1339f72fb78e35d

SHA512
c73172aa653d782b2c81069f3df66aad72d94ccee0542ab5026901add3079b41c2f861f789fdb29980e334ee735e35085783d483a248934d7b680daae7ff0fb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
cd572b40c385ace58944d4d8e64ece4a

SHA1
35181736ed68d54a78796c0349c666667aaf1419

SHA256
858c2d60c3c9d12585eb0dc3c7ff98fa835be2ed5cbaeb8d4e52e51cf44999fb

SHA512
e82c1d18ea832a57ac810ef37241a1761df98fcd1824ef7d83b5800005cc4da374f623e01cba5eb61343b4d433a99521f82a0cebcb1e7841c8ed559655d870fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a22257ec4d4640f596f95f9b4d42dd9f

SHA1
b5e4357ea6168c2500f7412fd7b054dc56887379

SHA256
7740efc43649008a8107dfe3477b1e3ab6b2015a6b303613eecf9c616cb37ff6

SHA512
070c2c3569ae3d4e44d3c1594cb102979fac93100f75e7d6f65cd7771358a4fe7a9b79bba687a7fdf9e99b6cb5cfa31ec8e9d339614dab3d21ca73bf4b71a901

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d63c43581425987032955ce511b34291

SHA1
255ba07a316e8b2d302988885a36a4e082577412

SHA256
8c7765c0ec52d046ed7bea437869a54b95cea0194e2e65514a98931f671aa328

SHA512
cfeea08762d46fd9e0148d1e243a9f27d1317af14201a56321e2f26c51f200510496233396d805becb21433e087c2502cb3043269ff76959c760d19b11f83f40

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
9666ade6afbd44edfa8e79b2c6426705

SHA1
e2ca3b081b3826dd5501d508184bab271722a437

SHA256
181a6da265fa0a561abdd398b8d123e3631bbed510d171a2d5be05d97800ce37

SHA512
94c0a3d98832dbe7668e1ff96d2920e3d3331efa3e5fffc8bb5a16c99d1de4391d595806b01dc2e7bbca25bd7e0bc1cb01d104cafa4bdd34fb95a37a701b94d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
5dc08f901e0116264e851d3f146f3650

SHA1
aea27f85577d6377eba563d57182bd5b071127d9

SHA256
da570d4e944e559231aed5da84f7fbcd7582319d314ffdec1be43b4dd38f6a46

SHA512
eb76801b35958ff13510ac314167ea3a1a4562d762a46b55be58266dc7b02571ae53683c2cee142f39555084107d7234aea5727d1b75e5779ff5a9c6f061f243

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ac09cfd26a348e3722c5023c451bbb56

SHA1
fb44703e4f246e71e96e988b870de7cc2d411eef

SHA256
c27143e707f83896d3d78e3e976dc3015c78ee37eb307f616e59e275d532532a

SHA512
b2f36b732cb94e56c5d41c5fbf5d3c7090097727ea051c61a2f3263a7d71d2ef44170e5eb50a4ed4c721fe53e4e9052023a43cc0eb2fae43e18f24bdf5e37d69

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab35A3.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab369F.tmp
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar36B4.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit