b9e3fc98c276600f918137545bfaad787edd016c4bc708926d05875a74701fe6

Analysis

max time kernel
133s
max time network
131s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
25/05/2024, 03:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

70ca98a22343f4a5313252c9b52d78c8_JaffaCakes118.html
Size

3KB
MD5

70ca98a22343f4a5313252c9b52d78c8
SHA1

f0c85557829f782b1391f71522f8d4951120850f
SHA256

b9e3fc98c276600f918137545bfaad787edd016c4bc708926d05875a74701fe6
SHA512

d94d3e92ca800c5f0e95fc0cbd0c221319bc67c78259f6264d1942fad3bb0e07ec73f182d78f123fd897bc665d88e1c1c4bdc0b529782418fc87573806ac5e33

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80e2fdc157aeda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{ED56B741-1A4A-11EF-91CF-DEECE6B0C1A4} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b0000000002000000000010660000000100002000000098ed5c8da4e50fc1d31a5eefca20156c2588234e4b532dfc744e2a5c950fe1f8000000000e800000000200002000000072f225b7a141c9f8242d16345afde90b4e0823faf9eb1ab2b9f3c2b894397c99200000000f0a149f398138d2802c79127622bb140a796cfa84e67d67ea20b7bb0d35cb2340000000222a3b9b8f22eb9dd8868c8eb9bbf2d544c955ffc0f5818e3452eeaac47dd3e174435c6a97ab06c897208231dd2719c75cae687fbf0527268bb7e7614ed22d56	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b000000000200000000001066000000010000200000002360fcaade16b9e3aa41735bbf6e5086b73a1726ef3e220c47ef78689263833f000000000e800000000200002000000008295a36eeea56cf2bae629a8e1a5c66b13170f7f434646aebcc6a09b41bea3b90000000f5dae5e0dffaee0ba382d6a08174846d8c590650fd525249178db52ec92611f652b22564c69bb0aa7649529095d3d532c3b7a3ab9bc02ad6d591869a2b9df7330997ce77dd38c5d0d01e81f4a9b8a53ceb0851eebd985f3c8c3718a5ddfb4416881bb4b66339ce1f540024a3104d0938719f90632452df13156bee3a42539f3e666064d7238420c1971c31b901cc52b14000000008e605a836d5f9598c3b67837ab2375941d1dc729db40455a6a46e85aca0c85459ca1f2836af6ebd95a94eca20f699bfd16f17006397d089e896e822f83b826f	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422771326"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1916	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1916	iexplore.exe
1916	iexplore.exe
1704	IEXPLORE.EXE
1704	IEXPLORE.EXE
1704	IEXPLORE.EXE
1704	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1916 wrote to memory of 1704	1916	iexplore.exe	28
PID 1916 wrote to memory of 1704	1916	iexplore.exe	28
PID 1916 wrote to memory of 1704	1916	iexplore.exe	28
PID 1916 wrote to memory of 1704	1916	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\70ca98a22343f4a5313252c9b52d78c8_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1916
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6c304c72e96e66d19dd5714279fcf623

SHA1
7f17962656b61a6268fb82612771b18fd5eb8959

SHA256
53b93a5c9fb4e273e99cc5fd434283632973369ac17c6de8686cb02f59849bb7

SHA512
9d3d6e5e79d2591c17529e02b90208dcbff1d72f1b0c0127250f9d54f3266ac9f551b274938423c26deec9738504c6fd0cd8f708357eada136a57bf91666e4b4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
339a7162cd19d27e79fb2acd4040a77d

SHA1
05e0ba7bcdcd1b74dacd781f969ad1f84360ff27

SHA256
93e771e7205cfbff4a916403a2b91ee567249631157b7efb5f402026467974c3

SHA512
e04fc2168e3cd969f0ecb80100af06a41ee6b2359f7f164cd5a2e674bdd608ef03c4b8107fbc826338946dfda406a6098d61a53f57384c22f9141f178cf26d7d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ead910823696407af952d4f1eba637b2

SHA1
3b567e5fb726054183c976cf3aa4ff06cdc4d52f

SHA256
aa1bb6cf70bf6abec6fbbbb321a58d5f3924b50d6a57c4f1020840fb8b8f2ea7

SHA512
9593530d6b572220a18124106d7d9acd9a3abb83bf46fa82d7d57b654c68ddf3a790a07e22c57fbb603a81cfa69374f7d050e02551c8a7d2d7c57b5af891fe60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0a4d18889c4d049bd1e8f6ff71bbe764

SHA1
04f148baa0afa128984d50927e565184d372aa29

SHA256
fd822d2d189246527aac45189e474dd4780519b8d477408f15d349bf6016caa2

SHA512
05d42c884165825859f9b67faf717b48eba1d6a42451eb9b33b4f1b4c98642dc5226eda382a8fb3bb8af5391d9389d8617ad7e0f10fc5e2a9986497b8af9d20a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a9cb7efcfedd4a40087084eda15b5327

SHA1
4b1b3792ef529d7cf6727ee9bb31a7b4213f5294

SHA256
1ea2fb9b20e9099846031e9ad55b68c82df6a6e7fb83ad7b8a15d5e90261b480

SHA512
abbed66c6c038667e93bb3127da1bc94929f987e138252c488bcf9cb7ac700690cf93ef0d0f4a0628d49600d10227e6946a3d37c056eb30fa030271c495cca52

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c19f9b8c86e911758911a8c884dfb4a5

SHA1
ae3faa69a4c833af5e9692811f37c3701eb38383

SHA256
f569b3d287a74aad3b92306430e34343c04f2a7762f7b78f093456ff99fb9598

SHA512
cf2f223ba21fe4e8a2c1c109124137c15191de1c5b37b50033cf4d354ddab7e4774433bc83ea3885659a4f086ed1cf20d1038f1e2123b9387cd2966c0284f8a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
23328ad2761783603c7fe7c36d563f33

SHA1
a0a886716ff61bdc489a13ad314ebe39fb050bdd

SHA256
634d8c136f17fa8d73d8350a73269e3cf442990d6d7f726a9afe5b40a7d3e173

SHA512
c7dba4b7445c9a33e1b4c5ed0fe2684b8adcbff80e2b338a760cf5001630c6f591c251240ab1fb68d671135a7e73a873098e135bdf6a45cc6c054313cfcb9565

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ef595b5e5646f16e4d0d86b8a7b238c3

SHA1
4fe70f72062d5ae829933161f2d5d4b279f0ef41

SHA256
fd27cbe239158b11b7586989a66851a62bc9eff10b0da6c3627e280f97d3f36b

SHA512
64aa33fbf3ea189ebb331786d6bb6a2ef7bf95b98f4ca8c8c24d98aea2e12e8a14509973984ba281f42c1c319a57395546590b34b0c190e14594b57b869f98f1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
010de9f46269504a0c131f7304e1e0a6

SHA1
fb6ad9305e57e774d79f2c387101b7121ae319b5

SHA256
2edd93b7a897d69fa99bca2308f9ed7fa30ae9e91fb3df0539fb8ef783478f20

SHA512
63567ff2383b515d3faeb40920d48cabe2aac62f31ea32b0d829e8a1df8888cde0598a526466b8912d8cf2707306ecce5598024577af73eae43e0e35add2da23

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6fd552eb5c619fe2e8f69a4a989a5a8d

SHA1
fcb391a4b85672d791fe70d9c8cc80cf86a5cf60

SHA256
83a5ce415326aed4d82a6ffd1b5797ed2adefe2fe8eb88b10ddce88b1c064004

SHA512
2b5c0fe6403ec856a485fe3c1ee21f9fd3c12fcad4ee2775656c887c4b7d99f64f9d0f8badf394bc4876cb17a5103d4a39686b0dfb3e22007a96a96c3dbf4e6f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
35e295623b0a055ef256b924912ba886

SHA1
8318f779d1142ee0cc6a4da7511333b41d3c8791

SHA256
fa2930e8def1481a665936bffc24cc326e7b506deccf55986598fd20a8572b44

SHA512
cb635fd9e588018b1932b68592322235beacc51c09f4e89259074e77943f127b9f261abaecc03650607acbc901007421c574c6c124495887d5c87c33d26ef008

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ab011d7a6c604ce82a630360dfc66d8b

SHA1
396bfdf955d5310184f4add05cd610e08e573035

SHA256
132d84a69f8263082946dc8c6903a53e83d314bad3483f28a8278e46a00c6318

SHA512
99168cf8f84fa37b25dac1251680b92f8275354fd72a5cfd62c585c844ddf48f96fff9fcf9e6146d8f41294861f4943e0de6f6d800698a32d5103634ba6633a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d8b1e7470ae451eee938f5ecefd0f4d4

SHA1
8b72839d65bdd3c5581ce719b2910b4b7fff9fff

SHA256
18b4030268290a12bdefb4d0d3a498cb934c25132ae9ba28ca7fce58b8c5eec8

SHA512
046e363f752024b4d88cbd43ea4b9c45fdceb67b44f0f32d308d21b11fcd816adffd57da930e4ee4a657fea90e496f38cf981651acc2daf4dc509b0f8bcc2acf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
635196c8ff81b2e372c9e52965b002df

SHA1
34174b2f0b1f2ae30b0d4eaa21fd7a900950dc82

SHA256
b6dc33f59a8e1877012e7936c03d674c6e8159f8a4842dec02bfd3cc2a559e20

SHA512
7004ec009d6c1709869fc0059f491b255adbe5b9921fc3c38dbed3e26e30808639ff6481ade6fc3e1ddda9f9a157b0e1979efcfb55fc9c0ed386a79ee92485e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6722c9c3c924df31bbd7f3c8792012c5

SHA1
fb37c535931f6b903768295afacf0f06ad796883

SHA256
8b62e6b79ffd42e690861d9f259d8159a398a5ef4401c52035349667626a388a

SHA512
2edfcc44c7adbb49516c30d5745342249dff7b0443f6985a2827b46b2588fa065d50238a1176705ca5a6e93b0390bf1a7258842d880caa20f216286193fc362c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5137f6e1d9810df70db6853a3d17fe8e

SHA1
64601a0ef4303186420d06a1f7853a3343e4ebfb

SHA256
2381df9d6e53020df18f386ba89096a0e48c91b187bf92a30320bcc01bfa6f2c

SHA512
8521febdf67fa5f3a446cfb82d296b47ad2aed7ada3799747005da361ffdcb102440a37ec2f6ace014bcaac1f14c95bf7c845b454d9de7e5973abe30439ca98d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c37147153a9317dc70afafa6c961a2e5

SHA1
4b150608e539af7d967623694303aeae43058883

SHA256
a09169ecc105ccc0072bf63b94709b53b458815c3cd2fd8199dd8e9344dd2bfb

SHA512
2defd483f4ce4fc317d14b5bdfb90d534aa2e3cbf8fa1edeff7571eaf6a4aa567c8be59d922f5733126bd0f04033fbe9434b9074db069e2fc36f5534d7df661a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
03fddb44234e68c236206df6a4ee1859

SHA1
9f9e2aac4fea145b4b0d629ca6d556c248f08fa9

SHA256
7fe630e8b4a93fa63af55ecd081269938267b81b785062a04e5d42674c06a302

SHA512
9ad7d3968df02cbc7814dee1ee8ff1f97bfbd17db9fd4ef68a6cfc214bd8448b4e35d37acadb1e954f1aeb116d5e97af38bfdf104a9418f0ebfe5588519c95f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2D99.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2DEA.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit