f5a910a56ec119d4aa5229715a4861568b34922404d1b1de3e167c71385c8ddd

Analysis

max time kernel
134s
max time network
134s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 03:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65d42d57c70f6af32d93e0d29c276790_JaffaCakes118.html
Size

213KB
MD5

65d42d57c70f6af32d93e0d29c276790
SHA1

a04edfed81ab62401814f1d434e703f795714912
SHA256

f5a910a56ec119d4aa5229715a4861568b34922404d1b1de3e167c71385c8ddd
SHA512

5dd8967fbe6b0c95cd0d0c65d83132894b4b32a42a64e701862488e15cdaed66add15b1309a320e118322dfac82cf262bec3a4be808a2aa26efe98eab043f0b8
SSDEEP

3072:SyrMMy6JodEPWyfkMY+BES09JXAnyrZalI+YQ:SyrPjTsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422509791"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FE45BA01-17E9-11EF-8356-E61A8C993A67} = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2964 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2964 iexplore.exe
2964 iexplore.exe
3016 IEXPLORE.EXE
3016 IEXPLORE.EXE
3016 IEXPLORE.EXE
3016 IEXPLORE.EXE

pid	process
2964	iexplore.exe

pid	process
2964	iexplore.exe
2964	iexplore.exe
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2964 wrote to memory of 3016	2964	iexplore.exe	IEXPLORE.EXE
PID 2964 wrote to memory of 3016	2964	iexplore.exe	IEXPLORE.EXE
PID 2964 wrote to memory of 3016	2964	iexplore.exe	IEXPLORE.EXE
PID 2964 wrote to memory of 3016	2964	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65d42d57c70f6af32d93e0d29c276790_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2964

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:3016

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
59fe841dc0f7cda186a3ea152425a17e

SHA1
05f3c21f21ef8326b5652ba2b5903ab0f3e12039

SHA256
05e866b9932072576c7412fd59dc48e2f4358549e4df8004a6360d733ace076a

SHA512
c10b4b3a7cf7e9d5da53cf0082e0d62cb85c7ffa0a0f3dc22693880cfdcf519d07c0eb72abb04e98810813d0850f890fe63ad3babcdedd2aa68c21947a23ab65

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c4a3a3f7858d492a3c5f3c095d436878

SHA1
85f78689accdc8eb6bf7f11f11b1f6c92efb75c1

SHA256
68d8b486e21763eba03515081e7e6cdcd2303fc8bcd98cc32aa02fdbd875a160

SHA512
3d0c1bd9d0c91ec9062e04fdb155eb19f7273584adf48dac4b18c1782b508172c57bd256aa1c7f4069129688696e8924a72e31798230238c489a51dfb8ebcbb3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
51b7801045b61d62b9384efebb9bf177

SHA1
f25e630e8b5e875a6680b2fd62abc7597bea4d88

SHA256
1d175d6319d32a945f45560773179ede7c50f162a341d9646aef065307d560dc

SHA512
4112f01d56e2bda43e6ab6f4706e1dfdf012b4a38661e3fa595bc136b140c020b72818d3568e11bbd30e015e0b401c18f5579c7717c218979600c3749be9522e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aeecc7d9b4848b0c2f1d4c9229945321

SHA1
557106c948e84deba9e42caf25477989496e0be4

SHA256
166ec7e13641bc5d101504038efbf570175812f8e63a2f24502a2b4529845767

SHA512
fd066150ab9dcf53087642867e1d45d8c0bfa12faada2430bab0af247c40658c155ec7227370f36661b7c517a92d1b00cc6813935cc2aae4ce17115731530807

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
508994ca4d6377a873faeef105267ff8

SHA1
597360267512b1bed7fd1d45e45305d7584f5a0d

SHA256
3abbab783ac084efb8437ede76dabf2c8809e2ca1ba8c9b17cf76e730b0527ed

SHA512
c02ce8e806aaa25bf41b289eb951b8290e580df5ce717519317215ce149e02ca79eb0d551c833080253dd804952610baaae11d1c7d78db63552d4ecc290410f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
13c63deda6b7f39d10eb10e63240d2c2

SHA1
16b5f6749a1a44e8e682a08a5f54fd81233d2c69

SHA256
3b7a641806be4054cf4f6fa97612d91a842e2c8b6d2f98f0d162cab0578fcb70

SHA512
6f13b8688bd6786a5250dd1373b3b491e36a8e0b056319c56f077873fe35a964876185c250276c117d18b4ab8130c4a0f05f8b13d5f9bf117ff0b47f6467dfa2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
84180a6c94d71cdfa5c45585f7a61301

SHA1
2b5d18e00533aea422e3a8a973b04382bf866736

SHA256
313a1baa538693b7d08f939a464dc4e4b8b23d2f4e776b69854d0684cedc8d6e

SHA512
1e7e98e81590f609cc60ff60ea737662c9e6b9488925c69e72043ceab7b1722889362943914e6d6e1dfe33d8821939cbd95e6dbd7a762c0cb54f687e5ffe9f1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bd4aa2d6e7e438ce9d6533c9c57773ac

SHA1
44128c62c2b6d30c77e13208413d61f21010a56e

SHA256
51e35bb49eaf89896de6f04db1a8762d6cb389764ef5336ba875cb3f269c9fc6

SHA512
d8437cca442b4bfe588a02929a401bd8c39559919a579f2e11fa581532b48eec02e1fede4bc5b23ea58998f14ee53a71ae891a794d0e7c3705ce257611b6ccc2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4faa669fe22c804badbaedb99ba1c14c

SHA1
5e7a0452e3c3f93fba766c8daad32dd661b77317

SHA256
088a9d84e04b322ee5632cdf11d36a886ee22e96da253ef3390e8de9325b0d93

SHA512
7046d5970bd42364978f5dc725ffbd150708a381bb5d123614c09e7dc18127ad54f793a828d0e3f74f21ed8869679bd659c8e78b60e6537e08c9009cd123de06

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
96f78db010b4453b5f58ba328256be86

SHA1
239905617c1748baaa62e7ace3122e2a052c5387

SHA256
fd2ecb8d80a550ddef32556bac987c276494696cf48e93d7a06c5ef88efb343b

SHA512
a03b69ad9d71cbb397daac8ad982b896ffc1bd58e51fc6c19f170e2bd858c883644dcbe1222ad830e3d7dbd2483f6e8aa7b8b8aaacf59da98f94bbb58f268752

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f9358557b199f4e298c43bcccea9ad92

SHA1
b564685463eb571720ebb107357fe5d060adc516

SHA256
4e5c1f8a2a11333da78221118dbbd5e859af4d71499667e83381e7a7b58f8b16

SHA512
9a5f295ccab5f1ee228f3be423c66f5e62bbfa8cdc052f8a19aa4aedb5d8617c3be6633a42c4dec95ff9f257e92478cc241ee5f761c8ebc83c59b99539c58a1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fad82181cb4bf0a1e03d86a4ba4e918e

SHA1
71bc0acc04ca5bbbd4412aef73d8e314fd842d09

SHA256
08b1e8f7de0e87243c2f938b350167193cb07e69497ed68583288637c4e189a4

SHA512
1346b431809fff1c1bed54a4cb14edbb372efb456215ba9158a05fcd5bdf9844e69c0db4852ef7c321125f8e463fc163e2f3099d534b56c38fa2ba52a1f13271

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b466342a639307009f360f9ee3d815e7

SHA1
6dc4aa7b464ff09a6913af68584b85d9228b2db8

SHA256
e6d41f5326aac4287b1256d2436b3fb1344310d58f5c94f2b2b89116b777f4ff

SHA512
a520457a01072b72b690373380a90b4b6d260cb1b3bf403ef67ab9d5ff075bf60071f4ad75562c8e0514ec9038e9ebf894cdb817031643dc724dbd65d429c277

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1a0d67e13ee8b0f3cd19a227567f631a

SHA1
ac7f85ad6e2e0dec2885f0b47627d1af952229d5

SHA256
2bcc0c70b98105ef7067b034e4c5df9cc180c7f57962023c5241949d6a78be24

SHA512
39707f5fdc51e680196a195ab60583697edd409cac65e7452b09f514c78be81c8873702ddbc9b2fbcdb794cfcc656e5214f5ab33d5ae5b9f193a447b160be15b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1d4a9c82a8c1218a47058ba5a89a17ac

SHA1
8a2cf7b04f3c22c41567747347dae2150996c85e

SHA256
8f1311db55c70ecfe06839a9fb3a14da645a62b4024f33db63ac908e43c2fa96

SHA512
1b8b7d7e3c2714e62c7b8c597e6e4d8458bab1575031d3d8a77628ae9fa578b371c7b1050a02e6deba80c517a912d6267308de2c00b39796b39de30145835c44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3a86a0a6bd4a4f38bfbe32db1c1e6eba

SHA1
2fc76801ff0c90d5fefb92bd588f66ffbd99923d

SHA256
75df2afc1b84bfe38cd76f545717b8be0536443099c7f6f9a71e62ab14a227bd

SHA512
e227964e4b2a9d2414890f85bb183cc9b7e5fc822729d5f05fd7b035794b7c9fa493e22ae33622fdc5ca98da53182de59a23c5300c248bb43d026dd40fdab66a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5c56fe2ddb403de99950a545e315689f

SHA1
f9c167aec8697c710ee39eff8ffff4e0495bc69a

SHA256
74d8ac1d1c7916b245197c1588094f2b4e3e13485ec43fb9cb25dd99c5e8e36d

SHA512
6977c5da638581a70143db9c542b6a5c20ba6ef56b750d6dbe4fdefddbc412589db8961ac145233ac5ba4f787d87ca9d717e608a2508bba847e8537c1b20ddda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
77364797f049fb173c384d6df21549be

SHA1
e72dbc5fc0d000fb88a88cdefd250a512d632c2f

SHA256
acd4d343d6c493f28e8590a89ddb756a379e84c11ee907d583f54133679d4483

SHA512
978f380a968c5c86a1f694caf6aba274a6adcb9321bd1860a6e797b098112f5c4a9e61addb2053ff5d9ac8e0db532246616e36b906ffa4ffd61c9a39a647ee88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8f4c943d4109b43f2d52d239d369619b

SHA1
4b7cc0dace5aaa173de51a01c6b06a3164792277

SHA256
5ad49ae2154c605fb47bd8b1d5dae02d4f62b86aba112ed315c76605c970c934

SHA512
06f1cdb06f92a7889e4da1d202a1562a39ddb68840bc3fb036b7387e792ced1b1bd5d1001da059087cf32e72effaa55edd9ee86db6c227e0d84157556c03aac9

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDD7.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarEB9.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit