b653631708cdf4b2ec872b4dca10f3c23380c7a2b2029e20f23b590602d1bcfe

max time kernel
149s
max time network
148s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
06/07/2023, 18:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ic_content_sticker_location_black.xml
Size

1KB
MD5

fb77f4f57cfc4c4a6016d10c56e879d9
SHA1

d98ed1a853a61e722f35525e47b16616d5b56fce
SHA256

c6f4e62c0d25cc789058a5563bcc546bd10f492f2e95fa5cd3824951680f1b1b
SHA512

78ec21798b9adca5822ac03446a8e66017281c6767d99114e524c57952942c745699e58e3228441e54ba42654f91156ee5a26fd8025afbe4e5543e053d63f627

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 39 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\IntelliForms	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d00079d437b0d901	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "395433122"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d4e20c56306bc849bbbf82eb036fcf6e00000000020000000000106600000001000020000000f4f559edc2ae1d46e7591e05aafec1c96c5be39cb6e5885ba64b3d8d44b92dc7000000000e8000000002000020000000c0cebc7abb2b16abdafc32c5f3075f86889f296e343fe0e1c919c4e2d76b2bf9900000003f9557294f54ad70ff037597fd8e9d1a054f7d5515c1035585d63545f1a434ac89e2d1a5d769324082780b5d5f3e9ef964238ef54f6ff6d0fcaccc30321d065687a8d1da5e8180d39df311a3f1ff197008fb0bfe072a087bb88b6ce3776dc425c7d18108f132a71b05d9ddded5940d4d17a5eb991d661a1b7ef14da494a342acdf99ea237c632ee293374c7ee1df3297400000008274be8a02f2bf82913937918bd4555e42a261857744834160452197b0c76ef389bf80cfec65c5fb65c520afead790c1a4f45523393852d92cd5bdcf7853600c	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\InternetRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\LowRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Toolbar	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Zoom	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FEB1DED1-1C2A-11EE-9613-5E12BD6EB171} = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\PageSetup	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\SearchScopes	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d4e20c56306bc849bbbf82eb036fcf6e00000000020000000000106600000001000020000000bdd514155d71ea73f5a68c79c4104417c6a4d99549b3c4be820523b0b37d7974000000000e800000000200002000000008a2af07f67164edffdd8e82d69f98b4d9676aae8a4d706e50286aaa7bb2b21120000000ce96e91e3fd4d12ea89d29a2bf308837259ccc5cd442f990aaf5c160e159bf9f40000000d23fe0caf2f0f38f0a6c34446ebf26ee19d048a0c18b466307b13993b2b856d9182daf40c3dc5145e68f4cf27497ef66db0efde3a8fe10219c84c5d5aa81be72	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3891603265-141683679-4067940827-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2428	IEXPLORE.EXE

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2428	IEXPLORE.EXE
2428	IEXPLORE.EXE
2944	IEXPLORE.EXE
2944	IEXPLORE.EXE
2944	IEXPLORE.EXE
2944	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2420 wrote to memory of 2056	2420	MSOXMLED.EXE	28
PID 2420 wrote to memory of 2056	2420	MSOXMLED.EXE	28
PID 2420 wrote to memory of 2056	2420	MSOXMLED.EXE	28
PID 2420 wrote to memory of 2056	2420	MSOXMLED.EXE	28
PID 2056 wrote to memory of 2428	2056	iexplore.exe	29
PID 2056 wrote to memory of 2428	2056	iexplore.exe	29
PID 2056 wrote to memory of 2428	2056	iexplore.exe	29
PID 2056 wrote to memory of 2428	2056	iexplore.exe	29
PID 2428 wrote to memory of 2944	2428	IEXPLORE.EXE	30
PID 2428 wrote to memory of 2944	2428	IEXPLORE.EXE	30
PID 2428 wrote to memory of 2944	2428	IEXPLORE.EXE	30
PID 2428 wrote to memory of 2944	2428	IEXPLORE.EXE	30

C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\ic_content_sticker_location_black.xml"
1⤵
- Suspicious use of WriteProcessMemory
PID:2420
- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2056
- - C:\Program Files\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2428
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
      4⤵
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3d2eecc9b1c0865080be7bad78432ca4

SHA1
0c151828f65c0f1e5182ccc0feca143305575ddd

SHA256
a0bb7d67dbc3a1275abe223170520115f95bfa85d3128849690e824b41656572

SHA512
36e7d3b7c8c4f4f45ef27bd8f81a49d1a5cb8aed2f05463a21b5011bbc2932ab4f41d80f89b86292b88d04e2282063ebe824fcd450ef94187bf839035d953799

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
342a4dc2995b28b8d3fbb6a3c3e66071

SHA1
9fdb2b922d22ced00c90db215cd3cb765fd75639

SHA256
091b8d34b3adb4f47e2dd9360962776f8af23fa34ad72b09deb11fd83352974f

SHA512
d86ba215e53bb36b4c64c02420eff04c33f170033d65f35d6d0d620fce8b4c47b0373440134b73dff3994e02b9ed1f133cd15b6d9dfe90a09fa40bd376ff77d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c31a1dea916542d7dc3ef8909865d6fb

SHA1
3815cd1018d0721eeb6d14f1da2fd9c632220d86

SHA256
874cb061e4cb9fd06429789e68416c121026178879ba5e9ee5c29251eed88470

SHA512
59e77f8cf68856195b72be4cf51316570d298dde75064878da4a1a23ae8cfc89588ffa5f5d11d63c9ba9abca1b4345ae5a9e186a224781d83531d514c9b08494

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c58de0504087875f8a793abec6177c7d

SHA1
69133e32337bbfd0feddc05f7a141fc349a3a4f1

SHA256
f9a694ae6d328ee89c1bcefc780274eaee6724b23cdf8a18731960606ade9fb5

SHA512
8df701d362a229e4cc9de306538014ca540aed7be5e7c5fb1695d76bbd326ac7678339c8dcc722f6b3b2853a6f03bff6b970dabc5f3f54b9814513c98815d3ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6cf2df37830b78c90c50910c24500200

SHA1
74d721b11c8635ef267b799084788c6bffa97191

SHA256
5427a77dff684c24f7235d9458650750282883d1a4c5c0c09abf78acef3ba614

SHA512
0b4cacff3ee7aec06ece65b5d278b035f86ee9cfcfb9ae33a515ba93ba857fb24ec9840f09f22e20fb538b3efa6442a1f06db5f3e41e44b560e19f8ddb7158cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
25f3538eae5d2ca4ca472e5cfadf0ead

SHA1
3fe3bb59dbca197795e34f441b23994f0e9223e8

SHA256
4eba97cf8772f74b39bfb87abe10fac2890432b191693d077b2d12b431bf6cb9

SHA512
ef4ba5c6422f6f794d84e5430286fb4bffd88e08845a1967451724deefd66534837063aecf6311d9a0683424628d91a6c131cee1dbc03a32a7b15c40e7eb5c4b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8b0e19b5b576e0acd0cd11dbfa1ddd15

SHA1
c6e7efdc620f19712c5dbc2279f62b512db0c9b2

SHA256
37d9039a5842eebf41b87cf4cb2c2dac39f1cbb0ba850b76abbb7ff289ff425f

SHA512
bbbdbfea8cd95c98d7143ddc7873116ceb8bafb18098a9b6dd07ecf4df972f2d72572ed6af1e93f84509429c973cc02d6612b0bc18f147f3909e1ccafc8524b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
71315321d35aa57e292352bc891e556d

SHA1
3debce61b0e500da48e5347393f9152cb42a5212

SHA256
4670cef2dd7a1f9b897e291264a5c7ebfc64b8dc0af011bd97865e22b28d63c6

SHA512
9d33c6141e57ff85d793743af1cddf2e4c0921a5f8c433e80d1ffd4f9296a54538a4ebdc88af8033b06e639e72a01ca43bdf398302f76fe1b0a18ba57dfe7504

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5339a104f0d89564c8f421c0640a58cf

SHA1
358e18b9337ea35979ab68871785b21d2d6a074c

SHA256
787c9c22c239b1a27f5b21712b250abb4586aa58a7e203f6655a26c2e448e769

SHA512
55d863e3afbde6ce4489564d69faf81d18dfdc00bd35a75c21805fed2f34204da9ceba1eea187fac56982f783e7815ecd801b2813cf0f67157108ce319d01acb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1db61e6c933ec975b702ec0ea88fb463

SHA1
bd4cd0c79455afdb43867ffe6912854657873366

SHA256
86549360b308e952a25a0da727c407f66352e90718fc9b5caf4b2f0df2745e1b

SHA512
9f1a7e1ca0d5582534e930543105effe930480e6ed276a6ef44a610c7e79c48bceed00c5ef7d33e7e7641d68bd0be3704d1fe81924d746cae0e336283fe40dda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c944c36a6e389052f50407060dbb0a43

SHA1
78b51fcca869043656963a790073e5378129412c

SHA256
1d22bdcad9690ab2b9baa49377d98f37bf03a2cc7e681d01eff00160c31d27e9

SHA512
f35e2dd2137879faf1c768f11bee42c82b87ac637883f8ee8f43d298e954d1125c93b07b0fa5b7ce32bffc632893803bd81eaec4df10bd1cac62d909bdd4f32b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1a38a74437de532366b03d05278aa7fb

SHA1
e278625465efad01cb1b9550e0036142b9892277

SHA256
c45f8a51b6fae837aee23671a63e4719e687141836db74b12daa17a3e7db02a7

SHA512
4200117a363f5940a1180fabcdc2ade0c18b01e0a48988e6c325071289755d6bcb149fbd9b87bcf91562a5ad21e0c70e058bbaad0fcd240a557ea1b85e824ba7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
58b228469a04f94b2d416901ea9bff0f

SHA1
052df38a3b9bd9f2ebdda2c6c4933c43140b0cc0

SHA256
6380e636133bf0d109c5a064a986019e67c77bfd4b0c7ff1e664f5b768e78b98

SHA512
25a6d1b2221b27d87ccaead491cbf34baab1bcb8847a5fa509e8944439883127f57052c835adb7fcc252a359ca739b0ae8d724a60c6e2e3483f20480974432c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXTVO3I9\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab931D.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar943B.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\5WO5WIG2.txt

Filesize
606B

MD5
d09de008973e1d8ccf0f16ba8ff5cbe9

SHA1
04c1104d8cf953bf6c9a1fc8823f297ae42f33b6

SHA256
ea52eef5c1884bf6d5de653e6db5be51f97e79383f55af5a59d2366d8daf9359

SHA512
65fe0cbaf3416371c40e0dc66315316ffacca6a7016d1dbe8d6438f509adc20336429a1da476e9f4fdbfa6adad8e79ec252f1c0214d5927ca1dcb1cd9d3632da

Download Submit

Resubmissions

Analysis