hxxp://https%3A%2F%2Fdiscordapp[.]com%2Fapi%2Fdownload%2Fptb%3Fplatform%3Dwin&usg=AOvVaw33htDLSD1jJUPvEhHFO0B3

Analysis

max time kernel
77s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
17/04/2023, 00:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://https%3A%2F%2Fdiscordapp.com%2Fapi%2Fdownload%2Fptb%3Fplatform%3Dwin&usg=AOvVaw33htDLSD1jJUPvEhHFO0B3

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 49 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\DOMStorage\bing.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.bing.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31027409"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1821285034"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31027409"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1821285034"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30c48d79d170d901	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "388462225"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{978115F9-DCC4-11ED-BDA1-F6AC10968584} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.bing.com\ = "124"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31027409"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\bing.com\Total = "124"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.bing.com\ = "0"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000eb827cf93ddd146af8365c0e3ca13020000000002000000000010660000000100002000000019154bcddee2dd5c61db248376a6891890322b16e7ea6202df8df652d35392f8000000000e8000000002000020000000df7fbae30a16c77ff3cc852378ea3bbfde2016fe65c588282d565824458b91a12000000019dcfa1780ec2c836eb84304237af1538ac877b99a601a6b45c9209ca4a542b340000000f70600f037be6cff2ce25b070caf9394220d4993e63e03fa8149bc33b0bb2fc4b95d819db12299a0081958932bfba14fcbbced9bb209c13f97603e0e09816836	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1897615355"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\bing.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "124"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\bing.com\Total = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4238149048-355649189-894321705-1000\{AF9DBDA8-129C-432E-909C-E80423D01913}	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2716	iexplore.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
2716	iexplore.exe
2716	iexplore.exe
2180	IEXPLORE.EXE
2180	IEXPLORE.EXE
2180	IEXPLORE.EXE
2180	IEXPLORE.EXE
2716	iexplore.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2716 wrote to memory of 2180	2716	iexplore.exe	84
PID 2716 wrote to memory of 2180	2716	iexplore.exe	84
PID 2716 wrote to memory of 2180	2716	iexplore.exe	84

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" http://https%3A%2F%2Fdiscordapp.com%2Fapi%2Fdownload%2Fptb%3Fplatform%3Dwin&usg=AOvVaw33htDLSD1jJUPvEhHFO0B3
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2716
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2180

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

Filesize
1KB

MD5
e20d7280e8f88d270bbea1fe6cecd983

SHA1
2cbb30df23f7d03e7280127a57e6cc0fc84ffdf7

SHA256
4556a0cce338d79114ffb4a7d50e086937613a1739a4d0eb10599762a78796d5

SHA512
d578f7362182331d20c3d1a9a02a2378b69d7a952a9fe7251bd1cf3f66a2c3f6c756d99e3e0c5a14b4b0139a7bf93f42c4ae5336cf415c39f0706224973ce24a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
471B

MD5
891b5acf10b182162f05a8c36b7b0e22

SHA1
fed1a5048dffb073be946b34a2ec5d06c2834691

SHA256
e3b3d4764d28f69161d04db149d7eab78f50c84f00b21cf0013ff2a06da420ab

SHA512
74a15c06837d5a95adc89d6c48675d169e0f8bc14103874fe84f7a84e1e3b385f832a732543b9aa74fad45bf48335a0050d4d9df1f53945cc7caed1eefbe7679

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

Filesize
446B

MD5
fd493269e33faa59c97fccb799e63683

SHA1
1bb8c41ce221358e67706b2c8be4758239f1220e

SHA256
4b2ac7781bb9e421649db17ea047539682f87e341a9a93afc599b83cdbe931b4

SHA512
12d176aa6913cff2e1ed871b60a0bafb7f839067d6dd7f6c5c92c614e496e49440c9646612864de397034ca6177a094e36c2a56fd98598750423a6d02ab0c57b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
434B

MD5
8718b316400af390915fd86730e40dae

SHA1
d703b0b9bfe23256de466d3fae1adcb841ce005b

SHA256
871f5796ed908d4a94ae23a9a42fd41c3b08dcefb477cac3804790ec5702aacd

SHA512
2a01bb29cb5e25e11490b87bdafae864e18da0a54d3eb9001e597dd3766bcc48f17b7c16ba1c8359051115b346b4aba57aad83ccf36df6d1046be2d48a6de77e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\NSM0RAWJ\www.bing[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat

Filesize
4KB

MD5
c03a56535ae0856e9149fe95133384be

SHA1
c141b2b2f043f254a494cf53f9615ac3c166a026

SHA256
added349062e100e8f13b1edfa93a23b35ec169505fe3cd43edab32dcf15cb94

SHA512
ecda7ded2cb1cacabb83bfb874fb9ed4ee61cdde650c60aa92cd4f23a97d02e3515452597d2df482e72c1b0e514c87905461979a6e38f5bc6532677b5037fb79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat

Filesize
8KB

MD5
4e1dd570a864b362995ac7b43063a2e9

SHA1
0fea85fb324a951aa0d1769f99bebeaf7efe934a

SHA256
f95548994f1b744e6bb3be91c93f4fc6593a4bf6576b3e45f9e2602e5df16877

SHA512
576ce42c48e485bd2df9b5cfcdb05edb22bd27052e8a96a5ca8b77c80c897c1086e2107d98cd05581ff54d57d9ea0d1a2cc4cf4a222ba6ea29c859272e149e74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\qsml[1].xml

Filesize
528B

MD5
cd07b5d70e11ad78712e920f7da1a84f

SHA1
cb6bafe0435e414ea73220e7667b991f5054e0d3

SHA256
e69ef4a8f11b92a65da991d5b25576eae94d9ce64854a17d31612ebbda87bfcb

SHA512
3dd771da8b58da4e9be1f6354413be19aaf4cf9edf510d3494a366bd8fcd96ae3f172215db53769ac3308da6490a2bf0348137ec3fd1d084d25b10bdf30e845f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\favicon-2x[1].ico

Filesize
4KB

MD5
da597791be3b6e732f0bc8b20e38ee62

SHA1
1125c45d285c360542027d7554a5c442288974de

SHA256
5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

SHA512
d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\qsml[1].xml

Filesize
504B

MD5
6373b0a0f69cb03de87fbfffbaa1ae24

SHA1
86792f4af4cbadca887a5e603a3a26284c3738dd

SHA256
f114f9eb7fa3c146972dc587f139cf3752925ec1f2c744467c4502ba537202d2

SHA512
14256587c4642215e725acdb8c0da5f73e62ca3789690694f6d0b61260aec8e4f5f06ad0f68e34d7025ed1dca07c558e2de4362123bef65789607d74ab66e7b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\qsml[2].xml

Filesize
517B

MD5
ce3ffbbbb90114cf421abc4edec65fcb

SHA1
7a45b2f722377316d8bbb1f602fc271e61bd7052

SHA256
8ed6f9f17cd7c8f4b55ba5b960eccad629939d86fe7bc6b42070312c998628e3

SHA512
3290cf697290acc4824f639a909b55524c5777327d36ff9856feac06c87df162ea9ebc05443591420925a977ee4347811aa8f5208672507ba8bf6fdd4bdd3b4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\favicon-trans-bg-blue-mg[1].ico

Filesize
4KB

MD5
30967b1b52cb6df18a8af8fcc04f83c9

SHA1
aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588

SHA256
439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e

SHA512
7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\qsml[1].xml

Filesize
521B

MD5
d32500bf1a4db9bab8a69c9b982a1e25

SHA1
ce1edd2844954dbc9b5916b201d1b0679949e44e

SHA256
c77cbe6380f2e26d13d0bc3485c456721287fba0895655c75fa816fe87b87f46

SHA512
29b23eb6cd4bb91a944bf5d3ec801a1c3a94fd0a81238a6696a24d45d3bc985f42a4d757854942775b517352e39cadb5add229164bf1e26ddb7e748d5949c014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\qsml[1].xml

Filesize
521B

MD5
0398adbbcd286d0aedb1ab8fd2d4c319

SHA1
7fd22387c7a63fbb98f2c142625e3282c7b77be2

SHA256
c830f8033852c78697bd1c09d7de5c6c546d728d0d4f57afe82d9c83d270187f

SHA512
a6ba923eac941c777d891bcffbfeb6133add5804ec420ca18d5e372aa78327273e1db919654e409f78584b1d5bbb609df1bc1afba894d173fc2b0ff3a2511887

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\qsml[3].xml

Filesize
569B

MD5
9118ee7169d6431906a201565c45b8df

SHA1
b6fb49022da3243d73368bad7101ec3abeed0c2e

SHA256
7f72d8b271dc983d7d61f5024c216546e545e4555e8bc83f19bcb41e5a100bff

SHA512
0ea6040dea14a16627c6edf0b92ca9ef1af104070cdefc4e96aad429b3a8ea853f60b86f0bc56d78c86d0f7570b58f332034d7bd540080800a31240c5fc95ebe

Download Submit