6df82f03e602666b08e630b137411205b98cddfd3b4ad71f1af0f8c0a07515aa

Analysis

max time kernel
148s
max time network
147s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 00:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

691a9b558789dc0a3e0135bba18e5d07_JaffaCakes118.html
Size

19KB
MD5

691a9b558789dc0a3e0135bba18e5d07
SHA1

111937730ad26f730a50d77d8ae3df451e9e80de
SHA256

6df82f03e602666b08e630b137411205b98cddfd3b4ad71f1af0f8c0a07515aa
SHA512

ba1f4e71453d420c016d52311251c778c100b31645396b30ac10fd475e2c5711b8d8ed838f4f217a8142060ef2084c94989b05fa77734672ad17f9a469e59aee
SSDEEP

384:S68KRSn6sjSvyFDf/zqrFXgO630TTG1DLIi1V3jquXjSh9FdWuWAsR:S68KEnTBD3zO9r63ljqIjaFUuWbR

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d22da3668ecdc14e86ebd2463129620000000000020000000000106600000001000020000000890cf54742ffcb3eab2fc0277c8922e956180603279c9b1b1e06cf1b6aeb80b7000000000e8000000002000020000000f4c6a07b0b39a9c2e16dba1684a36d78291a9038d4f8f46a07de2ce59f9ab50c20000000da6fb6467f983884510ccd80e367db8cabfa62ab6f640d41c0c9f78d939359894000000044cf7fae821f3260bbbd13152670d33de26dc44d5bf88674bf86a9ebdd028a3f4afdb5a547bf9c933b4585417a25edef004459dd87e8cc8f1c4604a4dd9f04f7	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 8017a863a6acda01	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d22da3668ecdc14e86ebd2463129620000000000020000000000106600000001000020000000114f6fd6e79fb6108517c2e151e69cdab8351b4bdc546c156ee3075b9166a6b5000000000e8000000002000020000000237194cd5bae689363317bd1fe91d4ea8a1dafa3aa2abd74bc5cbc99645298a49000000096fcfdc3253ad77ad1014b0c747682ec12467413a068cdd2f7895fd8781a4fb3dee73ea6c670981a9b73bbc3b335323de5717bab5aec74fe9a1b17b8b7c46d3f1241f27cc5cda4cbc5b3993f9303898ffac6d50e3cdb251f946aa2fea50a8a22094b71d2c47512d0d72aa81179b64bd43173c76a6817b2c7833d6614850f6124ae7c402cf8a6c98665ac255106f4ad34400000006f9d84611482495d9c919c82a4c8b75817407faa521f60d02fba7b8f84bec1aeee40ef09d5d103589db4691c5d681624a949f6510c1fbc54fbb3e61de0665e24	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422585158"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{70AEC6E1-1899-11EF-A692-6A83D32C515E} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2732 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2732 iexplore.exe
2732 iexplore.exe
2560 IEXPLORE.EXE
2560 IEXPLORE.EXE
2560 IEXPLORE.EXE
2560 IEXPLORE.EXE

pid	process
2732	iexplore.exe

pid	process
2732	iexplore.exe
2732	iexplore.exe
2560	IEXPLORE.EXE
2560	IEXPLORE.EXE
2560	IEXPLORE.EXE
2560	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2732 wrote to memory of 2560	2732	iexplore.exe	IEXPLORE.EXE
PID 2732 wrote to memory of 2560	2732	iexplore.exe	IEXPLORE.EXE
PID 2732 wrote to memory of 2560	2732	iexplore.exe	IEXPLORE.EXE
PID 2732 wrote to memory of 2560	2732	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\691a9b558789dc0a3e0135bba18e5d07_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2732

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2560

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
17d454d90f0b225d06d21233251eaf69

SHA1
ed69e938d21ba1bcf24f8b8698d4f17d08ec196a

SHA256
38b9e03bbfeef2960184cfeb7277fb96ba380c8f81e8a4cd3d06a4cf3082904f

SHA512
5167c8620258b9644a0bd5366debdcf0f30f4b2c837a009e130faaf04eb6c97a977bef40096cabf561e2bc30e2cc4eecd5b0db9321a79cb0cdefd911aec7c611

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c872a56a32d6aaba4aefb530c6e0225e

SHA1
2b5ac50701f3db0f05aa8910b6db050d82b28c86

SHA256
03d511e7f39827cdcee7ca9f6a6d1131c34e17faf77bc3276dce8c1131230dec

SHA512
615bfce65c449203edb1014cf2ad726d64a58a1d01c4d4ad49815ec6f5264fa8d25ddafbab4e17764447d34e86b8e24dccff3de5089f6f4d957f6381d4632c58

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
23fc173109a8a91c01b221df46621fa7

SHA1
23ed2f15525b437e3544df256d143e8a34b6b0d4

SHA256
4c402260fe48b9257ad2ee65abcf0ae43d2ffb4333dfc7bfc6d7c070050eb4e5

SHA512
60314a2d15a2730dfa98c6f99274f156eb97e5d17a89056c6b2b6f9c1f26a9857ee787da3ccc73164dda02d06b8363b12111da7f21ab867e573b4d6caa37a299

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b9f4d6da0dafdd4ad96e7ef1f7c2daf1

SHA1
28db4e74f333548bece4e67ea8bb2bae9c970490

SHA256
07de2d1bf7dd432fea5217a8506cf4f8c04f214b69d033064f49d23e34ef3b9e

SHA512
f030d8970f9d65ad1d4832ed84fc1081308dfa3ee3efedff1073d7321f5ca9049141339594cc3444ed344eec53c893c2c1c751b1d95e427501d982f556ad5be7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bf20e91411dce21752a7cda1f272ab87

SHA1
0da058b87300d914b59f0d4100946d72af5c71ad

SHA256
5e56ed1ed2268b32e21dc71b7986b8787cc12d4536fef1dce1ec8b9a9e2f92cd

SHA512
81f447d2e8fd55d86ed673e9ad10f3f30aec5da87aa46d9d18611e6dd7faa088979c3716705d3adb4e8b96cd9e29574f8ed8d7cd5244637fc182b6a43c07f5f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5072138f162a9bd7801a13c34cba89ea

SHA1
2b32ae3a6d08c5388b158b1348af0b25ece3c21a

SHA256
d8491566ac3881887b4f8c4d547cdf922702f25e23fda42976debc898ec7f43a

SHA512
1452e11dc7c0784d114dbc627e292422545b8cdbc61fd013c5aa766380802185dc44355103936d765043faf013a077b353e0ed1193d8e6e78d1d8075303c3ca2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3364b57ddfa2c9f8ff478d508beeff17

SHA1
a078176e33b6a9417e8f1f959574f65b873e3e8a

SHA256
5bcdc981aa75e5f0c879365fd1b0d239fa6b4dde82dec492a98940cf608a0d45

SHA512
584ca869b3f7cec8c2e50a1191e7c85a6c76e58a59d31b1319def74352f7c8d37a07573a1cad1952ff7c3514782ad377952c3b81afecd51860befd003aaa0970

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9d26092acb74e329cd81697f23b4ae55

SHA1
d25c8710f6eeb72ff6f758746424c9eb25cd52b6

SHA256
5265bf3d022214402aead01fcd1d86a30f5f8cf9152fe035dbb49755c685f1fe

SHA512
4bbc40b218fe7faafd4f7e141fc9f8f8584781022830fde41ab46f72dd9c78bd6f98fa9b5dcdcaf305697a55e8042c5d34172e1f39c7f772ebbd175ac8be9cec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
725cc4b5f20abde0a302b479f1bf34b2

SHA1
5c6d86343bf6a0ac4b65ddc662df0c03ee151fd5

SHA256
b32cde495a3965bf84e719894f38487af5195f8ef1824e212203ae29cdf386fc

SHA512
7e4ffe4c6215e8acd55c84f87277383f636a3d7f0659c7c26ff1d2dcd53b598dfc5c58b67cbcda80c78bd0948019ff22d33a232418e1c50306897abf24f610c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
89f8bb931908cb54b50b34fb5542ba11

SHA1
a64507967b5972744676fba954cff3eb5d10b958

SHA256
083b0c53deff37197fb162692f8dbe4160dc9bd5cad148ea0e0619cfa364b626

SHA512
9e28360a267182fe1ea7437560a336430a6a14931777ef12dad4b4f8e9ce912c897d6b6a925191f04ac194cb59d0d6161178cfe042b7618266e2bcedf6a86bc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dbba63a3fc8469bddc1fa87f1c9f3aee

SHA1
4b8f918378d64c7d4c117705c7cab35587fa9b53

SHA256
ba8908f6735149260931a6869c8344bba529a82756ee381748d8442510f6bff1

SHA512
038b20c107aa19251144b861a4622359b2adfe238228f3cff783672874ae75f330c7a59d3b2d27f31a4ab7bb2845ec34e4b09ff3f535b0c49abc26ccd5d45a85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8e94ccdd47c1bd3e0f7944f2c933c8e7

SHA1
69a726c3c8753d721e61aad2bfc785d0d8c8c296

SHA256
266233b06c959da8b5c461d2fed677e608719911d9a7d4e39b2cb286132000d2

SHA512
c693f7054908469c69591544765461d1e6417cf60b16fa407ea25bf743ddbd0ff62f301b354d874ef4f406c4eba0ebbad66856ec9df8bc672fc9917fa6db24c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3bd2e06ba1c23e31e977086fbef72c08

SHA1
cc5e4d5765844049883b9da5cdd995d911dbacfb

SHA256
243aac7f0be916de34100bb0642cecb24d04db6e4a45e32cfb239fb10db84db8

SHA512
034f559b1f739cb043c44dfb53c9e395c8f1ebab982dad53f6806848ed22a167bd3a499f483049d697b3819be4752d41a08f4c7933caa28a0430ba579a990dab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
c435a3e3fa100706901553437f48fcf0

SHA1
e5528dea37a96325497cb6fb1674d55345313cae

SHA256
72c73f4fe763d2e2ba0675b23aa2537bd026550fea4d2a504376323f67b51ae5

SHA512
3a62eff27030e0eef81469521db759db6bdd98c532bcc42aaa6e4f4d230db4d81086cdbca2523bd296510cfa138f06e056558d9ab152a336eed76911faf721f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab568A.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5DEC.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5E2F.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit