File name:

β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒ (2).zip

Full analysis: https://app.any.run/tasks/8afc6d68-87db-41d6-b1d7-b1d2ad418e42
Verdict: Malicious activity
Analysis date: June 04, 2025, 17:17:21
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=store
MD5:

1473E1DB113DB56DD1DFC73AAB5125B7

SHA1:

0BD414417236631651A06918D0E4A6E52E58C108

SHA256:

42FA9FCF3407B00E1D172DF982E3C2CF72A9453FCDBFA484A2E99EBF571C2DD1

SSDEEP:

98304:Z8ggJe2Dr5A/eLO6tK9iQTZxMCUodsLNGyx+zUx8OuYvdCZptWGK3m/BqMISJn0g:Nu8u8OT8E4aG

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Accesses environment variables (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Gets username (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Checks whether a specified folder exists (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses BIOS(Win32_BIOS, may evade sandboxes) via WMI (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

  • SUSPICIOUS

    • Gets computer name (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses computer name via WMI (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses current user name via WMI (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Creates FileSystem object to access computer's file system (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses WMI object, sets custom ImpersonationLevel (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses OperatingSystem(Win32_OperatingSystem) via WMI (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Executes WMI query (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Accesses language version of the operating system installed via WMI (SCRIPT)

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

  • INFO

    • The sample compiled with english language support

      • WinRAR.exe (PID: 5960)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 5960)

    • Reads Internet Explorer settings

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Manual execution by a user

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)

    • Checks proxy server information

      • mshta.exe (PID: 6268)
      • mshta.exe (PID: 4424)
      • mshta.exe (PID: 2692)
Find more information about signature artifacts and mapping to MITRE ATT&CKβ„’ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: 0x0800
ZipCompression: None
ZipModifyDate: 2025:06:04 10:13:36
ZipCRC: 0x00000000
ZipCompressedSize: -
ZipUncompressedSize: -
ZipFileName: β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒/
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
129
Monitored processes
6
Malicious processes
3
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe rundll32.exe no specs mshta.exe mshta.exe mshta.exe slui.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2692"C:\Windows\SysWOW64\mshta.exe" "C:\Users\admin\Desktop\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉⑒④④④⑒β‘₯β‘ β‘₯β‘£.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} C:\Windows\SysWOW64\mshta.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft (R) HTML Application host
Exit code:
0
Version:
11.00.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\mshta.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\advapi32.dll
4404C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -EmbeddingC:\Windows\System32\rundll32.exeβ€”svchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\rundll32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shcore.dll
c:\windows\system32\imagehlp.dll
4424"C:\Windows\SysWOW64\mshta.exe" "C:\Users\admin\Desktop\❉𝕖𝕀π•₯𝕒𝕕𝕠 𝕕𝕖 π•”π•¦π•–π•Ÿπ•₯𝕒_❉02062025_⑒⑦β‘₯⑦β‘₯β‘₯⑨β‘₯\❉𝕖𝕀π•₯𝕒𝕕𝕠 𝕕𝕖 π•”π•¦π•–π•Ÿπ•₯𝕒_❉⑀β‘₯⑨⑀⑑⑦⑦.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} C:\Windows\SysWOW64\mshta.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft (R) HTML Application host
Exit code:
0
Version:
11.00.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\mshta.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\advapi32.dll
5960"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒ (2).zip"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.91.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
6268"C:\Windows\SysWOW64\mshta.exe" "C:\Users\admin\Desktop\β‰π•”π• π•‘π•šπ•’ 𝕕𝕖𝕝 π•”π• π•žπ•‘π•£π• π•“π•’π•Ÿπ•₯𝕖_❉02062025_④⑑⑦⑑β‘₯β‘’β‘₯β‘£\β‰π•”π• π•‘π•šπ•’ 𝕕𝕖𝕝 π•”π• π•žπ•‘π•£π• π•“π•’π•Ÿπ•₯𝕖_❉⑒⑨⑨β‘₯β‘ .hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} C:\Windows\SysWOW64\mshta.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft (R) HTML Application host
Exit code:
0
Version:
11.00.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\mshta.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\advapi32.dll
7576C:\WINDOWS\System32\slui.exe -EmbeddingC:\Windows\System32\slui.exeβ€”svchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
Total events
4Β 973
Read events
4Β 929
Write events
31
Delete events
13

Modification events

(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\preferences.zip
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\chromium_ext.zip
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\omni_23_10_2024_.zip
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒ (2).zip
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\DialogEditHistory\ExtrPath
Operation:delete valueName:15
Value:
(PID) Process:(5960)Β WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\DialogEditHistory\ExtrPath
Operation:delete valueName:14
Value:
Executable files
1
Suspicious files
4
Text files
10
Unknown types
4

Dropped files

PID
Process
Filename
Type
5960WinRAR.exeC:\Users\admin\Desktop\WpgroWvd-20250604T160526Z-1-001\WpgroWvd\ZCzaYSvwicRt β€”
MD5:β€”
SHA256:β€”
5960WinRAR.exeC:\Users\admin\Desktop\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒\β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉⑒④④④⑒β‘₯β‘ β‘₯β‘£.htahtml
MD5:A0ABDD5420D0F85E59A8A3A2C9068441
SHA256:9A31AF0260A78204204D0FA13A811323766E6E2E2788C075B38CDD592182893A
6268mshta.exeC:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\KCV3KQBA\cid[1].htmhtml
MD5:601021DCC2126CCE3829EE37309E3A41
SHA256:2CF3E5DAE89F19EA098D564DE30BFCFC7C69A0210F6DDD5E0D6EF8252A54F4AA
5960WinRAR.exeC:\Users\admin\Desktop\WpgroWvd-20250604T160526Z-1-001\WpgroWvd\IHUNMhczCb.exEexecutable
MD5:0ADB9B817F1DF7807576C2D7068DD931
SHA256:98E4F904F7DE1644E519D09371B8AFCBBF40FF3BD56D76CE4DF48479A4AB884B
6268mshta.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751binary
MD5:675C5648F9C479AE8039599FC1FB1CAA
SHA256:25C5D8FAC3D5405FF1EA3D64CE527811D92A6E5C0EC794C537B69AF08C500AE9
6268mshta.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517der
MD5:F2F6BC84AA7D89B5EDC784A6E7260035
SHA256:80BF6621B5C4CBD53A8DCF3A0FD511C8AFC57716EE9A2426981413B36E11B57C
4424mshta.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\83D863F495E7D991917B3ABB3E1EB382_552A1FD08486B486377D3C2208603584der
MD5:408465AFAB0D43E928A9639F86A592FA
SHA256:2C814C12771C44CB3AD52C0281126115EAB456AAAA019B424BB117779E6F76A9
6268mshta.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2901C1EE558CDB27F7D117D7B17025D8_07A8408A5E47C21721CF3B9ABAEDBACAbinary
MD5:67EDAF7AC1BA52FFBBBB732B2AB80FEF
SHA256:10E4F5FE94823D37EEC077DD8CE639DDC3C4C9C5095F65F3CA66BF8B658AD833
6268mshta.exeC:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\RR3E01RZ\WlDx6zXe8pF[1].jstext
MD5:3EA2742BD8913A3683940152E9B8ECA0
SHA256:A293207278A17770138C042C58731F5460FF51B9D64A0982E6F56B616654237F
4424mshta.exeC:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\RR3E01RZ\J0MJQt9fJc[1].jstext
MD5:3EA2742BD8913A3683940152E9B8ECA0
SHA256:A293207278A17770138C042C58731F5460FF51B9D64A0982E6F56B616654237F
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
9
TCP/UDP connections
28
DNS requests
18
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5496
MoUsoCoreWorker.exe
GET
200
2.16.168.124:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
β€”
β€”
whitelisted
5496
MoUsoCoreWorker.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
β€”
β€”
whitelisted
6268
mshta.exe
GET
200
18.245.38.41:80
http://ocsp.rootca1.amazontrust.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPWaOUU8%2B5VZ5%2Fa9jFTaU9pkK3FAQUhBjMhTTsvAyUlC4IWZzHshBOCggCEwdzEkzUBtJnwJkc3SmanzgxeYU%3D
unknown
β€”
β€”
whitelisted
6544
svchost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
β€”
β€”
whitelisted
6268
mshta.exe
GET
200
2.23.197.184:80
http://x1.c.lencr.org/
unknown
β€”
β€”
whitelisted
6268
mshta.exe
GET
200
95.101.54.195:80
http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgb3i2O7YfwJ0ZwnijX0IE2%2FNw%3D%3D
unknown
β€”
β€”
whitelisted
672
SIHClient.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
β€”
β€”
whitelisted
4424
mshta.exe
GET
200
18.173.160.201:80
http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEASSLs8bivtMtQSolDXxm6c%3D
unknown
β€”
β€”
whitelisted
672
SIHClient.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
β€”
β€”
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
β€”
β€”
β€”
whitelisted
β€”
β€”
4.231.128.59:443
β€”
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
5496
MoUsoCoreWorker.exe
2.16.168.124:80
crl.microsoft.com
Akamai International B.V.
RU
whitelisted
5496
MoUsoCoreWorker.exe
2.23.246.101:80
www.microsoft.com
Ooredoo Q.S.C.
QA
whitelisted
3760
RUXIMICS.exe
4.231.128.59:443
β€”
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
7784
svchost.exe
4.231.128.59:443
β€”
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
β€”
β€”
β€”
whitelisted
6544
svchost.exe
40.126.31.1:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6544
svchost.exe
2.23.77.188:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
3216
svchost.exe
172.211.123.250:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted

DNS requests

Domain
IP
Reputation
google.com
  • 216.58.206.78
whitelisted
crl.microsoft.com
  • 2.16.168.124
  • 2.16.168.114
whitelisted
www.microsoft.com
  • 2.23.246.101
whitelisted
login.live.com
  • 40.126.31.1
  • 20.190.159.2
  • 40.126.31.3
  • 20.190.159.4
  • 20.190.159.68
  • 40.126.31.0
  • 40.126.31.130
  • 40.126.31.69
whitelisted
ocsp.digicert.com
  • 2.23.77.188
whitelisted
client.wns.windows.com
  • 172.211.123.250
whitelisted
club-ui-static-files.cb.hotmart.com
  • 13.35.58.78
  • 13.35.58.9
  • 13.35.58.111
  • 13.35.58.127
unknown
145.85.74.97.host.secureserver.net
  • 97.74.85.145
whitelisted
ocsp.rootca1.amazontrust.com
  • 18.245.38.41
whitelisted
x1.c.lencr.org
  • 2.23.197.184
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
Β© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
β‰π•£π•–π•—π•–π•£π•–π•Ÿπ•”π•šπ•’ 𝕕𝕖 π•‘π•’π•˜π• _❉02062025_①⑨⑒④⑨④⑒⑒ (2).zip