b56ec261a241eae62a74065dfdf3a8c7b41460299bc56c3837b51d1cb957ea0e

Analysis

max time kernel
133s
max time network
129s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
26/05/2024, 04:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

74518208aa0d88707e5ccfdaa554b8ba_JaffaCakes118.html
Size

1KB
MD5

74518208aa0d88707e5ccfdaa554b8ba
SHA1

f31d0be359d0f3552711e7cfc48f032ef9be242f
SHA256

b56ec261a241eae62a74065dfdf3a8c7b41460299bc56c3837b51d1cb957ea0e
SHA512

0b16fb8a63fcfb680430713eadd01215f6fb6fa6a836817b53a3d723f9e791187a3c0ef101abea104709ee5cb19d1af1ba3dbe02edafa495fb873ab7ce150f0f

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000edafa6754d8ef984cb66fb8526d9ac9b554db97aa7116762caa3213b36dfe2b0000000000e8000000002000020000000ae7b32c3b761f5eb5d203a7ae3f8f3c8dd5667fe393196ccda457701cd4f325990000000c48a8dc9d48dccc6a4413d049916b66aaf96f441b2820214cba5d2c701206389f59fd8ec12ebd4f3e6ceb26f59a1f7d46b195eed05cad7b3be17b8c900e733d1917ecdb934c1498f15335ca5e1aaaaae57a18bbe3ec47a1f9bf882b644a70f4fb9ccc758d743280ab6f9a90ce48f604cc0f66274172e9cea4c3b8ee90fb5c0ef7026e2e82a4aeb5c5c445250eeef3bb94000000024e14c8fedb98950bc5e70094f9a10410a33c2ed6f600b1ef7badc1ebe05c63c8cc2197df6289da1571486a180b518d3fa09ee6e9cdc737261dff01876d4772e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a230000000002000000000010660000000100002000000047db056073651ec6959cad8c7d9c520e9106a59250963c83898619650971ee34000000000e80000000020000200000009331580d996574b940618b745095884d259602b52bf260afdb9a45df684714a120000000a2c50770d131d2e997b6e6cb7a9fb48e691cc7c84716ad871760649491f31ec940000000c1f2c7c10d0b37ed4d8d13759475fcc7dc39c77e494d365e293853bac7f3b54707c048ce1f746ba1755d223f90634539b9eee587adf829b0f877021b33c5d6b5	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{156B66E1-1B18-11EF-B8F6-D6B84878A518} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80b179db24afda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422859440"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2984	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2984	iexplore.exe
2984	iexplore.exe
2932	IEXPLORE.EXE
2932	IEXPLORE.EXE
2932	IEXPLORE.EXE
2932	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2984 wrote to memory of 2932	2984	iexplore.exe	28
PID 2984 wrote to memory of 2932	2984	iexplore.exe	28
PID 2984 wrote to memory of 2932	2984	iexplore.exe	28
PID 2984 wrote to memory of 2932	2984	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\74518208aa0d88707e5ccfdaa554b8ba_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2984
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cc52a9733436e448b663d697708c5030

SHA1
3dab35f8d1cbca4bd5c5125b68cb26355901720f

SHA256
91b7903bc1192238dd1d4959b1e271e3b52b2644a54518218d5ebd36a234b628

SHA512
861891cd5a56f5e6479e98498c0df34c79cd0dedba4f5206b02203c97b06e56083b4ef1c055a1366fe4e36168bae73d4f82977015a5a20733f25dcbe85779e17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ae57e6e6accdd0a36fc954d52c9f0831

SHA1
69a1960e843bd3a4d5b386a96e766e77c9ff0a1d

SHA256
2e3ca957182461243082ed451823ab89578e70e929b382bc980755ae2bab176f

SHA512
e3759068c3980b4c78d7eecbf2a96ae4ede524ba12a1d055f6e313f11b9c766645da9f91e14358b7b5ccf10b796dcca03f539685cef7291f844b462eb647d422

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d1b2de9ba7d43fcad538e41e0f9e2720

SHA1
66f12f42242495bf4978635c600e973a7ded3ad3

SHA256
32a4232e360933b9702d01d2ab33507a88826389df6890bf0b911d5fa128f3de

SHA512
e2a0d2c7e0e175ed3f6e640db3fb79630d62f93d82e1b1dd5432224591bedd59fa05585368678f8c20915066d86b927496a9115cad43a091d2b034da05c7d026

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
362a88d00859c52086db394e040c2602

SHA1
f2f1c5d6c83a03fd3bc8f1dde175cd659931f564

SHA256
cce350e13a97e53b46f1075c8a1e23fc3c37bdd02db51027f7ca42518ccb6879

SHA512
fa0797c5f20ffe0dad77387865b96f93fec6b8e1a40e34a2daa949225758dad36de025964a056c22feba3b28c74af2163646a973c4558a98a5c054d3ec619402

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6760bf6ea7f5233f01c11c70afa1bf2d

SHA1
989c07e5d61dfee2b14ac1ca16c3513fd12a67fe

SHA256
ac3d0d12ab086390c10ed2b3071266bca48b8f2b22ee1a93a56f7d4635d24725

SHA512
5ec6c83937f3f7f4b6425f9888ae1ddd4cdb777cfd800a80399f67876c7fee118253ede850b625c51c4652c50d1f6548f186bff4d0563b41ce848ff8ea5f5b91

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
67555e2cc4781a1521c8f4f9c60c9a46

SHA1
992b28fd6d4794a615e4082399ebc7f76743a576

SHA256
fde14481a5de66da131cc0fbcc2ce59fda8b2fe7b8240b27573c6970b17b1993

SHA512
04aa63e028c7870d2427c0eb64fd12c0d385ac49a907e7463a878160c1e5313963eb16a84a6769960d352d97063848d410802e5abbfbb1e7ec84d3ef7bb4daae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5fbb29af320639d079f8e55b67dcc26c

SHA1
3dcededa37ab98fb519cdf93dac829fd962382a2

SHA256
a7e75d741097a536c35f4943018b4acb248871c8910ef22f56ec8cf40b7b508e

SHA512
91e7c6e284c4855bc0a507559945fa41feb699b27b1aa99047bd6f707d1157d976420f57a2eb6aef59791325e03636b14264a8d37c6b88b969ca3fc8b4f1d2f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e9cdbb638b2dbc6d63be9ceee513cf95

SHA1
2196cfd047098ffa148e4f9b09b4de7f27ac0170

SHA256
baf34921eaace84cba55df35d25623070fd7a5f72ae78ed9551816a66fd900bc

SHA512
c6dea9e86431d12119c63c22d5065ed7f97fed9c2f695683d0c59372d3e82ed72a48951adb5cc7f334c1cf73848e9e955919e89ec0c32555778d2fa0b6c58e3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ffcf1fcc87d60535129d25b5693b534d

SHA1
63963f43d3e9ef69b54ceb2c5d7998806af19310

SHA256
8593a799f2d897a351d8c4f77b612efb03df5f86da28908f79136a92f81abba2

SHA512
54f0d243b7e8463c6351f2e1cc21c46a666bd7f404aa9d8f7be30c341341fa43699d6b388703e4a836b83ce1d019015d688b70d528363306d719da7e5ceb727a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f9ead6a20bdd6153e4ad6a8d794a28bb

SHA1
1391506f04029e1f7d54a4822f5aac69f5d8121d

SHA256
f4631a2729719a1a6473270f7b2890d2f4dc1d8f682f64220e982b3c3aecc40a

SHA512
050f5de69d5a61e3cf5807def338f2294c6f909c628cd2fe1fc6232df1a51e4d938ecc07dd2d3a3978cddfb949ebe0583b042b0c0786490664fd790c08cd2290

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eea1d9baeb4befc91f1970be6573402d

SHA1
069a6376fad0cf13d3562da71749f2e1f0c499ca

SHA256
6a47e7e01a066cfcc9f08e063595d02a94eeb8756fa3ed33b9dd2aa91929c194

SHA512
b7388b7dc2ceb2b23d985c5dbbc5c0ef2fe258edbfd1214228eedabec82969841dee71eb11a7c85658b8f92e1638278ae614a332ee844cc3f47ec497e8adf107

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
280c8fe7e95a5857a75993fa7b53bf0e

SHA1
5d615089b69042566b3afdfd3338d5c0e172a9fe

SHA256
9729710551f3ecd53426a2c5d63adb7c3d4d772b628e6f9a68a243f7972cdc09

SHA512
a20568e05f9bb537b103d29565a81aa955452173571ec55ca09a2fee99acdbd3064d275b5fbafb11c542a04dff0d963dc0de50f7f507c430ef01d851ef0a038c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cf03c71989b5384dd277a1acc394c9dd

SHA1
22a34ae454ef22d884f07523d5ca3ac33e53fe30

SHA256
ce329f2977d34ce9f7f0ca4c7eff61dd485525636efd2ab9a3c23da2ba9f0072

SHA512
df71060bc61f6889e71f4591c398ac4fa7e8e3ac9b35661b70997bf207f73524bc637c2b0470de551652a2747a6ee7e8a18a23a95a54ca7438eaa9460f4c1d62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9218a08be845d4bf6915473212262dbb

SHA1
5bd288e7bccaaef074416df5145734eb8e244541

SHA256
a0a80bfdcb7761533453f396d9b73c88f36d6ea4ec90c8580d3b6dc8d7017b0a

SHA512
d9e2a26887e611765b528ffafa4ed65c0af4a45c5fa88ba9b16eb315475c995eabf254128984bab658824f771294d223967a0a5f443652b00eda097c7cda7c2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f12858c77c51d38d9c6d5c12b9431705

SHA1
71a527c8ab647550f55ce2e6428a6e3f718109a4

SHA256
09853f8d3a067b8a30e3bf3aa311382339cce570c38a22f73b0db526a097b583

SHA512
5bf17314fb3e27b386441f2fd2b69693a49bf798e00a21430216dd68fbd23debdce27749e871e079bc28e88ae1a6f4c8a837802b8c71ddc8cbbea904d69c7f8f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f4c6830b64c9c5122c0502ea61bba255

SHA1
9fcee76d4272626d9f621dce3c681c1961bfdc25

SHA256
6dcb66fd227e5a712a585c806ba6acd1b47d24fe126c22ac4d07cb49cc19c6c8

SHA512
b8e5cc988e41c0f022077d02678c16ddf0e28fb78dccb4b8c49ade479e747ff08fd948e9b2e54638d60576e3866bd8b5f67d9444b28106053cab7d84bfc864ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9d5282793682ceb3911a6338ff113cd3

SHA1
3482ea9a9210ab11981ac7d8e3226df04bde7f3b

SHA256
cbc1ec05e1985fa80db75ee156bc54cec3bcd4d2cd4b3d419ebc286b7cb55993

SHA512
22304f1588933d143656004053df9303f020d2f1ef203706b4c0bae1135b4c54ce538ea3248cc731d797e6f23d1870f70c677854d7a8d6b8e19cf332adb8ffb7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
63ca176b6983c0b7077ddb915fc714cb

SHA1
8fd80d5b7784ce7cb195be1607c2770910831ea6

SHA256
d084c552dc498c15a773f63319ff8227e378eba50bb8ad5a0d9808d591d1bbd5

SHA512
e9e94e2b69596708972739cde8dc37122879e047854a95ba1b138b77c0716893c7258bfdbea9a2621d28ad22e78e47994ac7055ed58add11817551cdfba68188

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab33BF.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3421.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit