a73eb7be4420bcab9c4eb1ae48f0c213c64f15d88cda3b5ce800c63135e7cbf5

Analysis

max time kernel
121s
max time network
128s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
28/05/2024, 03:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7b839061a23224485151588aacfd1b1a_JaffaCakes118.html
Size

940B
MD5

7b839061a23224485151588aacfd1b1a
SHA1

6dcdc109be8cd1501c8d219536cd8b995a964089
SHA256

a73eb7be4420bcab9c4eb1ae48f0c213c64f15d88cda3b5ce800c63135e7cbf5
SHA512

6b718e4b384fb2a2a71f37070db35712041079d929d5b3b20559f3c257d6be907f1ebe5232e671166d422a7bccfe8223134f4e7a67b5bc800fd16fb782943806

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001d9ead00964db94aa837dfb542a12daa000000000200000000001066000000010000200000009a274ab501558858216c1405566e5885b4d2910397e7d424aa3c1719ab4b7794000000000e8000000002000020000000570791122ac9ae24e31bb0bbd8861c5f80a3eef45bb2a1f81835c04a123c841e2000000019f506d46cb5e2ae7e0d23c0d2d285831cb7c7b7bfe5ee798486cead9d97eddc40000000782f4ca66cfb11138d2e8452d226c73ca17c114cd9e0d329d5b5acef31fe8e79f93e05fc5e49942d8b8d2d974e1e741b900ba315a9d279a8007a746427903723	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 900c2bd5adb0da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423028226"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001d9ead00964db94aa837dfb542a12daa00000000020000000000106600000001000020000000f00e545f3895f1fa6f45ea9170c7d23fc0f7eab8590257bd1447bccdf88c26f0000000000e8000000002000020000000f549416471cf308845b4110598b31a8620a3a337e073f6bf5eaa9d0e13e96d4f9000000009a0974126d37d304221ad4024ffeab2ee32932ebbef70cdbcaf98269c653194abc8552cf097079a56b9d37be3dee161428567a827b5721c160ba50fc95d580721a914901e69e972a4d995f6356a4793232e2ff2332ab6efd74c852db8d682e70493a5b94c9a3ae01cf02e740ca4c355590a2b53991b0124bba98bdc87571daf7e8fd7be5363195fc0ce36b83798cda140000000cefb59214c1c6d6f6fdcde216f20984bb089a4de3bf9a8a11c078c74a8f202802f8b7dde3290408b21ba091526d4028ad17480f83920e9c3173bef0baa82c150	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{119F07D1-1CA1-11EF-ACEB-F6A72C301AFE} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2028	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2028	iexplore.exe
2028	iexplore.exe
2256	IEXPLORE.EXE
2256	IEXPLORE.EXE
2256	IEXPLORE.EXE
2256	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2028 wrote to memory of 2256	2028	iexplore.exe	28
PID 2028 wrote to memory of 2256	2028	iexplore.exe	28
PID 2028 wrote to memory of 2256	2028	iexplore.exe	28
PID 2028 wrote to memory of 2256	2028	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7b839061a23224485151588aacfd1b1a_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2028
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2256

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c627b611f43a7218f0c816c58c0bc127

SHA1
5638a29495c7cc4ad1708fe791b99a45df22bc1c

SHA256
9e45dc0be69af9bd0401fb2e187144b3927c5a879a64d882b701c2775665d681

SHA512
e6be0c2e06d940ce7cfb6b1e4330b11462e3f6bf721e65a45a3e89b3fcc00947519ab053557eb91ba79299a54d834cc2df86741a915b75c2df27c0332ef6cf17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3b34ad3a70cc3b71b0d2bb9bf1cd8264

SHA1
663127c1606cd1faa42ff24b66c2260aa59f438c

SHA256
46d41931d67decda44bea77b625567dc23b174686e726c23cc52083dd35cb5fc

SHA512
ecf5bdd7c4d5663dbaa3f8e811bc5e0fb59b5b46da3bc59a515d2402178937bf4e1a01db8e3ea631e4361cc8a89e7d9cd98f1f97bf2cfff28dc767a1e21c7236

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4ce3c44fac8c0492969429483bc5fb16

SHA1
45e9d9b545c3c15c22bc56cb02436d916a75659d

SHA256
b27b0f86b3059bd5415f38a217731186649f64378fc7dd14f15c94653467b7f1

SHA512
6a37c8cc53e9a7ddf93f6b17fc1d05d9816d43629ee13716f9986872309daea5b0fa8926fbdc3d4160e94ec88408a5bffbf7703b20875eaf66cc7e64577da593

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2ff63f6f99a925bc16fae2db856e6089

SHA1
f0d3f14c20f51fa716cd19ffc77ff966df12dbb2

SHA256
c439a82dd2d53336867589bfb3b8b3beb64582bf1918ad2b4e8cbfac73fa5dc6

SHA512
f743a66217503495bdc83aaaca50924fbd07324712e0673a646f5f91e60e8a699b9d8e78a690035b9421219d3f229947edceb8870a1d821949b61c5feefead7c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2011ac1853ef7ca875562cca7a9f01f6

SHA1
fc9897581b830d0af74ca44b06ba2c0864a99453

SHA256
621c014c0e8611fd6268648ef85c0b50f4caa5d2d22c83a0be7e2c46d657792c

SHA512
f503b621c06657244681a7db8b01e73a2491b260e464a470908feb0fff95684ba55f211f3c99a85485d7dd17e4c8e599b39ba5657294c6087e93465235fa6f0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9b8851f2c1dafdf494d2e948a36e26d9

SHA1
ad253f49c4eb4ff47b79ec0161aa5a4e0a71219a

SHA256
2af4f781bd43cccb11553ddc5fae9bc615a2e5f1fdc86c57440b0a1e6717a708

SHA512
3a5d26b4c33351234b7441812d4dd2df0c2fb2dfcabaac686679ea10bad4d980856194aa0e09bb3e5d55b33f2c15db265b2652389f43455a59cbc6955746c936

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a4c4782be3a9fbc77a8f2de54ce05c52

SHA1
95837a4b2dcc04a60d348bb888ab9c4657aaa3bc

SHA256
cc7058a6b1c8ab3a40b35944409a8a0fcfd32ae44a32d9ac7c3da667899d218d

SHA512
0fa18349f61c193936ae43fbdea3182e92b7f651228f4886f644ce13368f6fd5ddf083a8af6d3cceb6fe5fedb207f39f2408bed9c5477cffd40448a7ee8b768a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4806d05d476a286794eebff3d694282a

SHA1
787a77060e078d95e7bdcaf81857f1fee03604c9

SHA256
8319512cbad9c726553114e3028d16061a9d1196b2a6e82e80b3b7eb1bf41cb3

SHA512
374fb7a44fc490b17896e3446bab6a3e825cd952da53481966be8e5a42a128b0e1aebe5e2ce93b78fe8a97006107707d81e9b17153759c4a06e3d70ff114f587

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ce4859aa782262829dc7f23a80b12f89

SHA1
15610a7e8aaf94bc94bc71dbeba946602362c07c

SHA256
17bc7ddd0194f1e0f35dc99c34a5e6c6f0d320277152a05c394bcecbe86d74d7

SHA512
e24084f4f894d1596e7344df31512b4f34ba59b0eadd8c6e1582cd517ca3f0851ad5b155e02f6d1e461458f4b0777280ba6e3ccd592749ab8dbbee1234f6f252

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54a7006f22459b1b00efcdd2af8390dc

SHA1
07721a96ffb385bea7e26c27b955599bfe6e3c6e

SHA256
8bea7531078f931c674bed7b42d96dad3d20adac6ecb36a108d31420f578b38b

SHA512
75e4288c19b22121b6974fd05b94dbeda46090e797c0e61d118a0985ce584eecb4d43fdc577281f6420be9ae3c4551371a1145eb9039ffdcd3ef81f5e67dc170

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b84ea47f61c16b004d176dec43ea6cf7

SHA1
d27c62daab2fa526311f37ef6eff7d8a03fbc4cf

SHA256
b5d4f4244a4aef4d91299f63cf972a8029e279836839ea8b7466359bcd9f59af

SHA512
bc30e757f3a8b895919beb63f9aaacaf52939d1f2a1ef79b174fbf0811815222e11d4056a651585901ee142047bd86269e75861954be6ea78ffaa911e443131f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
048b8af8ad6435bb2aeec270e9794f1e

SHA1
3f4595864af5c1ca8fb96095042fe1759ceec0aa

SHA256
41d50cdcfa393fc072d183c8bb8cdfbe4cc209230b6f8dc0124e7cd4601e04f3

SHA512
44ea101fc5ae0fd31ad0afa036b086d7ae332030ec89ef27addc38c29d053b178d2cb4838343b107b786120388bb4f379ef452e906f7bd03ef715501e276828d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
043f19064c825e91365c4cc225a8709b

SHA1
a9e867f7f2304cb6366412f130bd86877cc3b346

SHA256
c926195f486a06b3d79d062bcd4cb242192d2721679648da8aa871f279090372

SHA512
0141bd4ce5ade8b84e332bb05e9703a057b4f8ef48e12d453618d0f3988a44de27b5479f60162ffeec25c1f214c98e6476aee7107a2c0ffccdc0eba3b9f17d7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bccfea83eca81cf5d4da1a93d1ffb4df

SHA1
92d33c849fa8276d4ed93522ae2c698f9d3d68bb

SHA256
8b0e4152b6a979c50d305de413b10a00df0bdd784ee1465896bd074665aac8d8

SHA512
880ea26a469bbbff4b9998f7f97ef85cbd2250b7f0164c142ec58c77bf76f73442f0267ca8da1b5fe095733f9c30e65086e7fcf4c93b747e1355eb5b1f1f582d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0f4d07b81c446a64ba99c364c421f27b

SHA1
4dcd9fbe08ff9d1c658cde4ac135aecd4d9b136b

SHA256
84360c9d141083135246f434662e9312a52d957d63707555f8ad09818da9ecf1

SHA512
986122f4a0b9d275279529212ff3f698a45307fd1feb227ab66bcc8d046ff6e2a133343439f898c2cbd8280c3f0c4e7645fdd7140712270ddfd4212be64baca7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2828fd634a2560d2db9ce7ab5038baaa

SHA1
0fb98c68e6692a4413613f076988375517579d7b

SHA256
38def5f564fd41ce2899f6fd08785bf130158af5177a4892debe915dc0f273b0

SHA512
ff5e970cc3432bf23327c703781dd6e46968fff9c0c745d5af8c64907a6d087893b39242fbd850ffaaab6bc91d44f22342614a9e4a94bc9a96dde1f670557e8e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bf1631e7af4b251ea76da2fcc92d867f

SHA1
bdce557e33fcaefdc9348254b63129c1fda39845

SHA256
5519ec497cc24cc4d5c0efd8c23acf28d6639b1e2d68cd512724e32d0b7f0c8a

SHA512
6c4a8bb4efbc2c8f87d1c9e9956e4b1736948227b171947518c72fecf50991ace92321028846c8f4101fcda9481f6e35361f4f72a3f6f354f2f7b2353a395922

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab23B9.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar24F8.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit