b8f4ea7588e14c2b518a00a0cf8b42fa7624375b445b383dea6bee28eeb34d84

Analysis

max time kernel
135s
max time network
140s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
26-05-2024 05:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

747d5ada631db16dd9fd416aa6eddb80_JaffaCakes118.html
Size

67KB
MD5

747d5ada631db16dd9fd416aa6eddb80
SHA1

d38520bdc5fc953041d84d4019a87c85cab7154c
SHA256

b8f4ea7588e14c2b518a00a0cf8b42fa7624375b445b383dea6bee28eeb34d84
SHA512

556c664d40f0c66017fcf144a2ba892f19b27ea9a16024899b404006af63e6f0a204a9081e4159e245adf28c09cb36176b96697e17d63bdfde1ee553799b9f44
SSDEEP

768:JiXgcMiR3sI2PDDnX0g6LisZYWV1oTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVh:JxiVyTzNen0tbrga94hcuNnQC

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c08e40512fafda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7C7D1951-1B22-11EF-B781-461900256DFE} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422863907"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d1000000000200000000001066000000010000200000000455a91f56bf2e2ecb45cd29fcace77c437d2021ba7cc6d87a6e1097a09283c7000000000e8000000002000020000000ed70d00d6e78866d5e01386c817871c4824d2f3cc3431bd02542646083bdf7e1200000003fc856233cba930ff914aca652731bebb732ceac3d9c6268eb9568b466c537be40000000be2e35d8bb87ab267cec89102b4106d42862e7c72770ae5588c037e71485ab54853ba5b89114777de26f1dadc3a07318691afcc25d65397c8bf6e813af144fcc	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d1000000000200000000001066000000010000200000006fdb45c14739982b44064df7818675ee2623e4e88e0f87764d378bf36e8842b3000000000e80000000020000200000003b0514dd80b5a46a9b84ee3bffa979a0b42df32bfa146703b7bf331f00d3495290000000c336f322c83d707a00408f530e6c9ae2ff845320324558d9fbdb2782ce32e7200c9859decbdd08f5545452929b59430d848e124ba6f4af06d310f5fc561c0f8edada205c421a6e6f262390856cd1bfb8dc2974637a52612739bf4e3357856a1423f35ccdde84e2aa0e59299ac881b661c866f133c9e6d42fda844e2c7e49d9c51a3d2cb8b5389aa5752267d48ed47d38400000006c37559708cfa58b696da87e7cf27eaed7fed3fc7a64f435427c02fab710633f428fd72ac28699bde39ab668e1139d170d867f6ed8513fcdf5810b5493db814a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3020	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
3020	iexplore.exe
3020	iexplore.exe
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE
2080	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3020 wrote to memory of 2080	3020	iexplore.exe	28
PID 3020 wrote to memory of 2080	3020	iexplore.exe	28
PID 3020 wrote to memory of 2080	3020	iexplore.exe	28
PID 3020 wrote to memory of 2080	3020	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\747d5ada631db16dd9fd416aa6eddb80_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3020
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e519e90c4dadf7fc5c2657ad3ad618af

SHA1
7286656460ed9d3003aa0f69f97dd1a21e6f0b28

SHA256
99b09ab915c9046e0e22d0bfc087a85f8a158a9adee2b22a12802fdb61b3065d

SHA512
89e59861bad92831f4afed46d766557d75c1820918c8089d603b26e370ce59f519af38e3a542f8beca8143bed6363418f9c5338477afdc48ef4c772f54b39876

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d9fa920b989b872cc768b20cc9be12b9

SHA1
c3d943937677249c676bc4f6703830a3b5a47713

SHA256
770cc688709ba61df9cc3f06f091f3f5a7635e2e78b2b2366327dd848fe4385d

SHA512
b98f708202016c54a8b55d67abeb05224116f347b7179a3db7965b7faed07a1cc8e89dc9ad99ce30ae9d904b41e9818d37587a1e79895c32b504e24dd560d878

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fef6b92d754a7a5f169fba5e95f0e754

SHA1
ece05c50edcc121a45dfa558ec7fb239e3535314

SHA256
da53b64723045c2840e4b84db20ec5a98f6e370d414d44a2218e6069e38abbe6

SHA512
af06932c06babe476f54901398be11db83418fd68d965e07e37fc5735ce15e3cc9f66bd944b40670dc6e1b15eec7a053368d02aae9e2b2beec984b8e36762f51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
93f5659bae51f536ebd5dd0d78eb4f08

SHA1
87323a1697f746dc10f12b18b976e33239584619

SHA256
60247a4b16901f503c3a4e689e69ec9a73759b62b97420006147d8442e37385d

SHA512
bc45c9096b78198e4037e3292f96d1fb88a2a7e7d1d051917fe4f4e510f78e27d2a48a7b8091dbe033faf1b24d7f6bc1824d44012f16a4d8fe4e21554120799b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fe44d1ebee136b2d89b90111ffc776ea

SHA1
f42a9de90a45d3d7c2ea110231ce652e2b0ee275

SHA256
7548c2aec41e18cb847ff7ba59238ef2909d9181d3049e901759b24eafe9e342

SHA512
f2af42ab965f5df0f75c050e4cba94953fd5c62273210425fb470321ab02f367871e7e89bf551c2933f9a16de53bd7dc73b297660d0f8abdc26e01f79b75c14d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
45d6105aab302dcb85a95a8e2d7d2f64

SHA1
d7d9bd67823c8ada0c2e6be3e6e8e6827351a47f

SHA256
b6243bce189d8e3ab7e9bf613ee0cd2e8eb2b8026034b49d4cae8c44b5f3bb6d

SHA512
c5227d2cb2aaf3384bc48eb17e997a201b6f493502c6be13f6168d0dabee1ba8ba74a1b51c712dbe8d92f9408f98978f6f485f3e90c690a4b3a93d56ac43b074

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cc90e1bbf1d9425d19df7ef68e162da2

SHA1
1bed490e6b58f23ee0a2633ff06a1ee708e96beb

SHA256
b5196ef4b132aaab81bc9e852fc43a1c44fcc23e88838ef48e0a352dcef1feab

SHA512
80713786adbc390607a3c04d0e60fc2d71dd3986829e8877edf502298a1073b0e0b6332d1b4e7290182837fdb9650fbc3ce3766012de4f5d694740a360bac721

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
391d8b66c5991b97b248257397e39646

SHA1
329794028d110c9c52a4f5242078fc96426f479e

SHA256
ca17eac46f2237673d74e2c3a54788b1c007b940248d69c51bb4f2b28d366fd6

SHA512
4ce2b7fb915ef040e669f2584f67d48463adb50bc4c0eb7c335f32ae2484f0da0757c63715eb41a64567fbb1d3a654d7502306ddd6f2e680a0086a7792a8130b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9afa5d1cf8393c155f07adc74d3228c0

SHA1
1d2819dda234f709534337def523c776ff9eb38a

SHA256
40e535facd02eaeb676936491776367436180f04a820e8312fbdc5c29ef509bf

SHA512
625701df900021a49fb66e86efb0105f5d5327e560dc471775a3852b85ccb92136949273ee01c22afb3d40cebacfadb914d7092a5214a18d430c571779a38ed2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
028a674a1e44a90c3388b8765779e30b

SHA1
7312dee26d7287e1a4e4488b1eaa3fa40ae018ec

SHA256
2cc546d2ca0f7b650292bc40c77793f6310675981ad06ad517b25bb8e290fa2b

SHA512
daf5e7adbf1a05998120b10f5d68972d3af58adc78c1418043e170e572a4dc16aab626603f847f281f8b24071d78baf9309c0c22cc7604f7ec9a4a9a7bd7e898

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b1efd4038379726cca70dd03909246bf

SHA1
38c5030f867d3de4fc3afb521ab299a24e7d3658

SHA256
821e9f1d379fd5e7e1b9e7e251838b4e40e7c136858136c51d55df9538977f6b

SHA512
63eb03ba857804e2f0ef6a6632415b790fc684874633f887313209d7e193795b42e5377d42c3ab7767e9a626e70fff945373cf52ae587f361cb23e772f4f2222

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
029564fb1362557631952e79cc220c7b

SHA1
530686611d508b69b58d37a7bed853cd4e6ae93e

SHA256
b3782ac596bd8f6aa32c2dca2586738fbdf51da98a2c46e008fcb71cbc941717

SHA512
b88d02277bc27b12b05e702a6dd31bc891e64d9ed77d8d5957c9fd979aafec9f05649fdf4a8c1d10ecf98d18de34a40cbc28fae6fc30df6b47ef2c978dee54fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d12289676505ff01f1e52daac2673ddf

SHA1
8887f139de6646d8f1c4874ac8af393160d0ae4c

SHA256
b4942185013995675db8125c628c4e49b260dbad06981f728295330fcee3aebe

SHA512
82d036980986a85315c1d568184912a23363a59f81ee721bbf028dd85864de3119fb127c0ad0c24e0d1857556c6fa9e7ad53cca8b906a05f27a26001d29f916b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7f11f0ad6552689e468d6fe229da7593

SHA1
144277ef7bf8a69bbd8b8f2d8158ef0025d15786

SHA256
81d644219fe41959d9acd105b625668f27f0364c65f66bfc9052b42f4d868561

SHA512
0340cbda65aecdcfcf5a4545b89ce24d3b261c790695f5d4bbb363e296184fd189821807d0dd111c726a8dd6d35529b0274e5eba4d9b3f2abbaf779c747d08d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6659ec6da297c23e9b4c4bea6e3f8103

SHA1
7c817dabba59d13c21b8ee611c02bb7c9acd4516

SHA256
761a0c67fa7ea8cbd17afaa52175609607ffc1447310447eeadf150342e8432d

SHA512
083528439b3eb475e094c1b69637ef736d1224082db97133233c6bb0d0d8c4f8d09768f5e85d235196c33d1f88a9f850630ea3b80d673c555eb6cc0d1e2ab5b8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7f751fcab44174ccee58324cfdcc9fd2

SHA1
500c1089a13d2ada0ea01fbc734aea979f7beaea

SHA256
1e1d7f55d7b080044c572f65cbdd2c4d5ec46aa158a042a4d2249fc607502f24

SHA512
d7793d0bce15182f275e98a5d1fdf077a3ee8b35f9d233666614c50d102afe8c2c58fc4dfec56bf840bd0dfaeeb9665a85fba53964aa395cd9507bec6568ea97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6260e2b1069bff02744e0b4c792425e3

SHA1
2659dd2f165a306ae381f023703a19e9b558170a

SHA256
a3a278fca3349df13ff52f4b97dfa7f1a5f69db59d7642c034b5bac02c4a2dae

SHA512
17ee76d4279d13e675f784a1ce63d02c94d10ced67bcc5ce6dc56bef8a1792a2205682684f2a69231c310b7406af9d0737b0e90eac8c72b36b23a74a23ff621e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b08b721361c607778faf3891795a5153

SHA1
aa5655345ff47037b84b373aa2c02bca36d641a0

SHA256
7f6d53021c3d3b306bef3507e0a11ad2dc32652f450fcc6d7d284812e497e596

SHA512
5fdaefa77b7507627f754bfb280eef3cc0ef89402c2d4b1c9caa399f8dcfb9457272a2a962364dafdacbba7baeed37a6f198cb1af771e131f3433223a21aaeae

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2B48.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2B99.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit