054c4c6fa712b2e9a711c3dc99cb4ad5dc1380fa09be4a08cf94bfd3a04a1349

Analysis

max time kernel
133s
max time network
134s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 18:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6bda3bc3d9edef3b67fb205e883e1a04_JaffaCakes118.html
Size

213KB
MD5

6bda3bc3d9edef3b67fb205e883e1a04
SHA1

dca710c64ec620aaba9cea143a29914e8dd84810
SHA256

054c4c6fa712b2e9a711c3dc99cb4ad5dc1380fa09be4a08cf94bfd3a04a1349
SHA512

9d865d1329db68954b29cd8ccff23a1fbb10b5c03e9d0c4f68fa0905dc63456d63f2e2ca174cee2731c4a51e2f23c01cd3abdd64a4cb531d7e622645594b4f17
SSDEEP

3072:SzbMZe28r/nEhKyfkMY+BES09JXAnyrZalI+YQ:SzCa/kvsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422650437"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7677CF71-1931-11EF-8F47-7A4B76010719} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

1744 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

1744 iexplore.exe
1744 iexplore.exe
2004 IEXPLORE.EXE
2004 IEXPLORE.EXE
2004 IEXPLORE.EXE
2004 IEXPLORE.EXE

pid	process
1744	iexplore.exe

pid	process
1744	iexplore.exe
1744	iexplore.exe
2004	IEXPLORE.EXE
2004	IEXPLORE.EXE
2004	IEXPLORE.EXE
2004	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 1744 wrote to memory of 2004	1744	iexplore.exe	IEXPLORE.EXE
PID 1744 wrote to memory of 2004	1744	iexplore.exe	IEXPLORE.EXE
PID 1744 wrote to memory of 2004	1744	iexplore.exe	IEXPLORE.EXE
PID 1744 wrote to memory of 2004	1744	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6bda3bc3d9edef3b67fb205e883e1a04_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1744

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1744 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2004

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6b011b723827d08ada895eeca3fcca1f

SHA1
77dc9893a0132625b2d009c365a3c7334cafc81a

SHA256
8e10de7494518493059130f8a5d4ef06142e0e0f5a364e830149c89d7e3d0df6

SHA512
bed9ef31b8bc74766c82e98814366fe7609f7df52d40139e264c1afe9aeed42a305656a22d41222642babbf45c1d816213745c3a9ef3f2b98f489e0d2427be85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4550c3479fce07c37c37bffc541630a0

SHA1
26b674e1593b90ee4e28a32510e051d9be60ffc1

SHA256
fde2b208e47f3766b3a04fadfb002a414c0d1de6326ee398d7db99d351fdbaa2

SHA512
8184962569c6f0efe4934ea67a5cbf629dee27bd806c9860925fb9753ff1b8d89723a1ad79c67cd2eb896802d806866fbeb180f758f68339a59869b4d137140a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
316abba19ee1d33f8953599c0c7dddd9

SHA1
125c23b688ee44fbaa22d287e37d62760491454a

SHA256
7c2320337cff5bbe591b9458e3fad212afbe7baa36b7929dc8febf46d3d5da1f

SHA512
640861986baf948f10c62ebbaf253d5dde170c4161b927e11429a92cb30e2952550ddaf39b8eb51374eb137d1e2cb637f5690ffe566fc881bbc2f34a7c7f1697

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4940666ed41387f6912765c0c378b4e5

SHA1
cf6cf34ef7f914b2927e5316b8f966787660dec8

SHA256
8240777419eb456621bb4ad94a466e0343bb5ea32ffad6b17fdb942b1231a1b4

SHA512
c691eae3c5c54744e32201ee65b2e04a3cfcd876030fb12dc3a5c1c78713723d6cb99d21e7dfd891b497032680a6bb0f855640e225a4c2fc29169a356c553b47

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
aacc87a05128a0266ba63b0f8106960d

SHA1
31558310c6a4fdaa99542f67d3d45eb0cf319679

SHA256
f2da25b3b18b97bbea6207cde637a6c9cb5843fffb3dbd301d222ec7a54291da

SHA512
a8701aa973ce8b0ce0ff73b9d3b96eaeaeef4e685898a8937395fee26a8f30f78f8f0b6d70941927fb1d5b581b585869aa4bf0757a89c8ec174ad4511856c238

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
480578fcc61c0e812d635ce4640713e4

SHA1
bce15e34bf71eb85d8ab5d2cec8cbfc8d787e91a

SHA256
3c4f38d051da998009f86b58032f4526476358494e1c7cb5c4861a79b82dce0b

SHA512
47896b4d5e8273220cb48d03289bd477a50f9fbdfb95e61a9b209dd06eb7f9d8d456aaf8f52ceb44480f1fe0ac5b1d12a11c9fb4efdc195148b3809879beaee5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
5f7185120645a1d08cb0695e681ce8d8

SHA1
d47803d068e8c9a742e1f0437eefe062010ee983

SHA256
3030ee606a726e3f158bf44bc9cf1e349b6d9131ae3f20e1c2120abbdaef41c4

SHA512
5d627dc6840741e4e985b5de710e337dfed5f142f99dd73461561361eca589357a8caa4eeb9c6b32556a9840fb102aec59cdbc51ec745e13249616a53816d556

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7bc9f40615f471d06e670105b0edba87

SHA1
91211d356993c7bf0495659dec5e4702764ae7dd

SHA256
fbcfec1734dc008e4520649f1d7fbc96e44ef6826d56e02adf4a06c9f072c319

SHA512
76e98afa962c62c256ae42f5a6e25b43e0b932af5700b696479f78327e36b484847243eae728a5886c67207ee0aced931fa15de577f94e5f1bc4cfe2e3929b48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
db3a7f3e069a5d27e9e443ca3042ecab

SHA1
658ebe0204567a32432b685a9d8b660bdca255f9

SHA256
2eb1deb703190e749ff896c49df4cca3c8958ecd61508d53ec9b3cf820eca4d3

SHA512
ee504e796697ea12759ffb266f88ef6ddf9fdb84facf49a64eb3d357b99657c5d34f7b43d97a0757e1446f115f7a07deac2ad4d63482836a1c7003c5e980e8aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
2a706684b352bd697c9b2c5eed9d9b7f

SHA1
8ec2a16e888f10db51fa4b77dccebbcb3c19cb78

SHA256
4e9c3dbddd0700528940196f2f172e2026cb3a9c6d18f66bcf919c2dd43bd91b

SHA512
8948c1c74fea96128404432eb72792619d26b91cf9bdedd78b2f4d0f5cdb7794aab207b9f2ea71c4698cff195fbd1c7b9cf8ae90aef49ab0b0bdbc87a06218f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
0a8992603cd9a02875bea0009b605059

SHA1
3b0f0a89af52b686c3e24a16c10de814db5e33a1

SHA256
1a2a7aeb3c67f7830a551518b12f803c152e2fac3efa30546035386b183a8aa6

SHA512
420ba46bf32aa17ab7680a73014b604fb263ae44af6201e3a3c350992944a2572454ffb205ad4513eccc24a3ae44123b8ed684873e08dc44a10597374bf9f64f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7c056e5e2a8b4f3cdeabc76b735f713c

SHA1
6611bfd37de47cd3c8ceb5cab6e5bf214c90f642

SHA256
5211a7e28ff412c75fa6c618d7a0be6ab88174449461a368d42b2efcea1c8dc5

SHA512
08f645f50350c5cdec5aa9c241817ead795accefbfb7831764c912c3a096b0334c05413446f5f7eb39bd0aadd10831ae2d66e3f4c913b37a92b125b6f42bba5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
e1e37009210942bc222bb1d83802612e

SHA1
320ade8a82c0a28fb0f5af35ab34c04f6c5b97b2

SHA256
a2848f4895b4f06ef8bb728fb7ddf0a18aedf414e234cd911b70e6dcadd10ef0

SHA512
bc85ff6bb763407ae4dfc63caeb3f568cfb2dbdfc3c596488656dabd6ff16ae28861914d9ed6a6398105b183774cb4978805bdd7f56f401e4a9a9a6eda1d0d9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
402f2a7f214b35a23edda386bcad322e

SHA1
cf96bc4c8b7b36543352de72fd5dcf8a97990f8d

SHA256
379a8e1166aa715eccc52a6c92b3035280341205144bbb1749ecb49fed47531c

SHA512
9c8e7f5e741f409815baaef3037c7a4072daf0f6a242c028075399dc40fb99026f86cb0197c6217e293f3382309fb7c1618bb28cc77c91b34ab49fc74d1057c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1112113d18b057e2da504a8ba50e098d

SHA1
1712416d207a636013a14c06eb66e106bad8f120

SHA256
e57ea16b2d18c336a5d9c60779b633a41187665ac1f9c9d4ab3407bf72d75dd1

SHA512
38adbab04462dbd971f98c2e15d9d9b7e67837579acc31c9452c9502c54eba9d14f56b2440b1919d8fad4975544382eadd92c631746b6c0e58dc76bac8d5c90f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
2172bef0e0813009843e5b8bef903f52

SHA1
a61590a5716c9e63341e63f32e7b7e1b6bb617c9

SHA256
70c05acb2eb222cdf00bda1a6e7d0514bce6821ae1d8781195a9448fa0a18a4a

SHA512
ed7a1f956a82e8d3cea6188474500a1b6e55e081c2e3fce8cd654eadce104ac394396f06b5cb222aa225b4175c461d959b81b227c2011d374c1db527fea77361

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b323f92b94ee233464fd3c4063e80df5

SHA1
10857f573423adb0494f381e2798084c78f90a86

SHA256
baa1cdc5892fdea67049a9becebe9bcb0b052f19894c0238524622fab7f667e9

SHA512
4e213c0ee8589138e353010aac0a8b1c92c1f28448f5411afb369fc9a0fcf35da146c297d952c713afe00055e0314696e6b4d2a9aadedfa1e65c119086694cc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
90c1e53566c090e249255ba2c2244c2d

SHA1
5d3416527c8a2c7411f2441689b219fc148c196c

SHA256
2ec92d5c4cdf7eb91b21c1a329923568fd157acbafdd290ce9a81fbf992d7a9e

SHA512
dcddab628c4dc609ae4c4b4007e9fac1d9c54844b81a909459598ceb5add1a184d8758bbbf90889b67310391b32c3ce1a55850e5718f0a511f19e7295f6ea733

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
870433712fb3b5fdbffe742e612d992b

SHA1
6d0e06ddddb1c248c32bf9d04c2b09e9a20c9e62

SHA256
568ef0f7e4bd49c48a3212d77426f1267267bdcd463b41e9eece6439086e4927

SHA512
ea33a23d5804267d1bb89983fc879261ab3226a6dbd996952070a1e754cfd5f4d5dbf73985b7c66f8cd0b10fed47d70f5edb18267d8754aee1ea1807f0793700

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
57a2f5899c14c5c84efcd58eca672241

SHA1
cf42ac5610835bbf6135b9dba6332508383b8768

SHA256
87f16e3b2db87c44b314c512c9190498cfb78bbc0ee1fb178b1c4824b85b9448

SHA512
f2a72b664f302496d7c28d95187122094cf857393da1405a4cf0ceb2497df151108d53c80a5f137c12e91d8d7baa8f35e1606e94e60e7ed7003328328a81eed9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1AE2.tmp
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1B33.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit