ff8148dcc9b10cb05960c686c358b00851d1e9cf023f3f14ace2818dc1bee3ab

Analysis

max time kernel
150s
max time network
151s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

69586e4d9213763d1298ecda437d072b_JaffaCakes118.html
Size

141KB
MD5

69586e4d9213763d1298ecda437d072b
SHA1

e254a938ebd9cb5125090367b8062bc6f72a2d0f
SHA256

ff8148dcc9b10cb05960c686c358b00851d1e9cf023f3f14ace2818dc1bee3ab
SHA512

c312ac4065dee0df251c95e6ea8cc4169e1c17b39e0097dfa2fb635c6a77404bf03b4b86fd65ec7ba14b8952d5fadf8221e43f6bfa42ffcebfdbf2987faf352e
SSDEEP

1536:SZmku6Wh+Iaux76vuyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3p:SZehtx7dyfkMY+BES09JXAnyrZalI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422590876"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C8C218C1-18A6-11EF-A965-CAFA5A0A62FD} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2868 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2868 iexplore.exe
2868 iexplore.exe
2208 IEXPLORE.EXE
2208 IEXPLORE.EXE
2208 IEXPLORE.EXE
2208 IEXPLORE.EXE

pid	process
2868	iexplore.exe

pid	process
2868	iexplore.exe
2868	iexplore.exe
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2868 wrote to memory of 2208	2868	iexplore.exe	IEXPLORE.EXE
PID 2868 wrote to memory of 2208	2868	iexplore.exe	IEXPLORE.EXE
PID 2868 wrote to memory of 2208	2868	iexplore.exe	IEXPLORE.EXE
PID 2868 wrote to memory of 2208	2868	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\69586e4d9213763d1298ecda437d072b_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2868

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2868 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2208

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
065a877a9a86d7d56fa41ea790e541b6

SHA1
10380c2728ba56092506778c3b50ceab7b3d8c6f

SHA256
7695fcca374dc0f31c8fa65ab6e41063518d16916353c17f2bae4981127303fa

SHA512
24cc1235955273ca24044fb09d6b74f12c87148064686fe6d3170ab82cdeab5b0d2c719fbe785a40fb25592837f949acc56b38e080437b1cbfc22fed6d259e5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
db8b6f61a4a9c765ef9ce02fe93c1e64

SHA1
5a4a228c22b0835dc0311ac579d917962045d681

SHA256
cfbd64bece5961f14fd677eaff50155460311e7535a7e04e2d65c874657ad554

SHA512
1a20fa5cd0ac8b415974fa45776f05c3b93d7253b8db992be7e64d5bea032641eff1f022b4913a768372fb23e83af49ef7689cc4cc118c3001b06e9e69e4d005

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
3f674c4c4611007b2205309160915e91

SHA1
1d13635f9697dc24afa84bbc005f6025f3b99d2d

SHA256
a32d213f4538fe14d6844592abab87ab796136d437df9d06ec5a75fc8663c003

SHA512
b668eafa920b270f94c866881bf423d4b4f8eac662815b756acdd918a7c220f804660dbf861aa45773e2fae4a34896966609c3071b8b38cbfd64250a949af612

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b639e8a8aeee890080155fa8a552ddf0

SHA1
9289c065b14638e46fa5274431fbaf65fbcfe760

SHA256
60e9e84828ca3fc5d36e94eb8852c5ae45d3a673e59b7bb42d93636a1fe0e02d

SHA512
a3ffab74bb30fb94ca57fbd9274390b193a6726c838250806dda33fd76be0ed28f3bad6f17e25a3407b782d95926305a8d2c04f7077ea4104292415732f6ead9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
48d081dc214f845fa310e66732204a1f

SHA1
e61cf2b82021ab65da77efb46bd0d01e1db522e9

SHA256
354585ac44f7537096ba28825607f75aea50f6a91de3d94f7706f6ffdb4c7f2b

SHA512
649bc7be65ca07ccc5624a9e97ee93f0c8f975cf0ca54ccea99e24ee7f807698bcf4ab2b603d3551a24a6feae66b97e2477f1e8dd9c6e1b9acce6606cf8059b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
5e5bf3f7ab968df9b5d74008fc38ab23

SHA1
5db6a79f5c03b512d2f0703ada95b8f765c40b80

SHA256
20ba54c48fde17ed5957647673420b9800a70a820ddabba70569ce6ca9b1e06a

SHA512
91fb76040655b910713a9e26f4b52e24734d26fa9207000f7093de3c23fce8e4c912cddd1e60be292a904e49784e2555446af67396f6512834e7fcb863dc3f09

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b45ac7f07b336b80e36c725ad30cd65f

SHA1
9e83e10e10aab0afdd68b8c1e15dbce7d0b7dff5

SHA256
01e88ee9c013719b2d3f7a6903c6b9748858fb896f8da19aaebd1ef9b1aac500

SHA512
3034598bf3159fe3afa60bc7ad1ee8f0818e5b7057ad55c74f2c89a0a8e1509689d137cbad827002149198b67137f48a141c73d451dae97e3ae5475c2137eb6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7cb9290f93e2b9bc9beceddcb686408c

SHA1
9df081454ee67600a50f366a0617f6ab7318ca17

SHA256
8bff579d3213df3979c39da81d2255f1e90e624dc8bb375ca122aca2eb9b73ee

SHA512
b0eb868a2e04c5814587e8d26bbb670eb370a576c3d26d051ffb793f82f7f0c6a1cc0bab2b1ce90bfe1632b29c9c18658a15efef0ef15947a4ddb4f587d243ed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
3ec5f11019296c263dcd149d09595e04

SHA1
afabd46717a2fbcd116f2019f30953e9b1beed20

SHA256
3cbdbd34e7bd7e37bd3f4cebe178f76bcbff9f53b6721ce8d116da79313158ad

SHA512
823cf091dbfc37d49abfa15701d427bbae0f29bceeca058872846e6bc9043c6c15c40ed4afd3f056fa637f4a54b729d0d94fec92087794cb35626406a95e8138

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
5dffa91cf24c05b3f8e6ff65f505f54c

SHA1
5ab6b112edba6ee5e523a1746825de994b4b5401

SHA256
e3dc6c02d9a119a88bb0fe03243b358fe915c495d0b80d0285911377633c88ed

SHA512
8e6b7c5a57380ea3a27e13b361c68ce07e98dfa7fdd8966ffec5a0d6f7c3b017feeb6cc5e7213354ba767e87a942e36e7db70387183058abc765f873c6ec41e3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
40d193f581fa879c4e0c0bbab92765e7

SHA1
36c7b159a20cc237f047d826eaf17be68914e69d

SHA256
eab4927baf9746a813bcda455460fe2f89c15d5b2bea9d33a71e26d163f12193

SHA512
b3edbcbc00ce98daf86ffeffdb0c3334b3b4db6990471d32966a3f5692c077ed94d50d212170289179c70eb39cc8710723c68eb94e038106c7cd0f281fc5df0d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
300069775adc4d7ec902d59faeb183bb

SHA1
2827e8bfb73b75ccf08c5451faf88160bfd681fc

SHA256
f7470aa5c4f27bbcc979e0c1861088aa3875a62e7f33e84eac5bcd49d828deeb

SHA512
cadf9a1d8950dec85e0cf175a0db4526fd7856a0055a2bbf9168eeb0fff4f50e0a4d809907f6588be4f62cae3edaa92fa27942fe3dc34a0897cb15142911ee3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
97790f392dc10dddf18637d7caa65761

SHA1
2717510fa3a62c253ad3c42fdf58f345c31796a0

SHA256
2b0d4682950bb91bada54f16ab0be8b0a4a75043805c4a2b2987d1a234ad54d4

SHA512
e94d839c94231246b70c6204171c634faf1fe33bbd4c56c8a9b7062db71e744d8eb445fa7771aee9b6f588ee1b2f24ec5ba6282129ce354739512809272da8e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
3f617ba5c04f06e69b72a7ebc373c403

SHA1
70894ddf85c90efc9cf13f6f17d8581275459a2b

SHA256
e28d097e1df38ca851e67c7f50a76693f253b7f0791b538c7541bd8049439cf5

SHA512
c04ebe3d572416cc8ca6df100cb23da919f621dc2bd0c2bfe29566cbaf46c6e7ec3a86dfca5aab46697a0d2c993618dce64b5b9517bea36e58cd2c26d5063f97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d7bf00e842b1469032cfb3183977cd0a

SHA1
766003d023b287497386e4f7850d86066784b44d

SHA256
aa6756b3a95c939af90aa90a6125dc0c47517ca7f50b231fa178cac81f2d7150

SHA512
ff0fbe31b77985ce2a54755c8fa96b9d9efceb3f3a8b90be054bbb7c7720b7ead887cd8f79cbd4bc4469b0b66a3b85849dd3e3452d4f312f77ea7a2094400020

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
e6fff891cfa85f1d983eea6e96225ad8

SHA1
be6f8b584149f62c2ccefc2d702698427a2ed8f6

SHA256
b08d62237946eeb9747b32fda14ab3226d565d1e991f3cf723a50d7ea7d54684

SHA512
b33fec784cae46099a5c353a0973355d0b8fc59c9f64903b0e936c0885098c7e1651015196eb21263b86f1567a25e46b0b11350c069c517d8fd7b16867a4b42a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
66822d368527ff190284248bdc95b0b1

SHA1
477e5a48f3b4f9cbfa73c8d8c0f72d76b84957b9

SHA256
7998e2b4ccf70b690bc68e9911ac917a5784fb5b6531dc7942f2efd326e17587

SHA512
05ce4783b1382bd06f5650323a310a603adafefe870f338dc00ff8882e516f39bd447cef108a4933fc3450a726af0792f393f20361c6c3b8ee9cd75aedde2f7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
fe451faf3960bb9d1c253e2b59bfd8a0

SHA1
bdf278a71602b91933d8bcef825d58c63cc56b4b

SHA256
f5af0a5130626d5fdb61ac1faa03060faff9c1611947fc0b7890ae8a502f3d5d

SHA512
14dd1c5f74da8e3686cb7e803c18de62e1f5d334f271d3f5219667fab72a25286289f2b45835c22f87d8fe33708286e8cc44a34e5e211460c0c41d5b3172aaf5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b80f5ce2fe96616a3dca8e40829b3a1c

SHA1
ad11950b0f4e8823828d0c18a7b1d1faded40f28

SHA256
311850457fd7e553b62c557d0332ccf8f58b953274ac996cf4470c088f232db5

SHA512
f22439cd227f976ac0c0966497951d63f9d9968522e5ef42681456616dc9f54cceb4fdc9436cc045648a322784f124f599e479d538067360178ce8fb5a99dd4a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1739.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1807.tmp
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar183B.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit