hxxp://url874[.]learnbrands[.]com/ls/click?upn=kWyqXjpRjHUmB496-2FITBxUrFxLhjstxhfUMZXushQbChArpMFla9KEiO9IU4Df2T6XfIsRyCo49uXWLpBismZwxcUsQABtKR2ASGNcOafPm4UsDRHq2F44Hb2QCIXaHdD2NU_YBdYmBkdS0QBb-2BZ70CSOWb9yjoSMALm7WqKyUZzSQIPJzhlFUbsTJ-2FCFtCm5VMyvQBnsE4FPcH6hDu5rRAXEho11-2FF1gSqyPCReliTJDYmifbTfb8HOjfz-2FHEoimMXxHEU8rEqxJYQWJaCNBzUk-2BMkbpKWCfrnmW-2FsnT8-2FT7-2F-2FhiayDdsW5XP-2FzPicQAEcSFyPzo3pBgXxyFErn48qMEOA-3D-3D

Analysis

max time kernel
73s
max time network
77s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2023, 02:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://url874.learnbrands.com/ls/click?upn=kWyqXjpRjHUmB496-2FITBxUrFxLhjstxhfUMZXushQbChArpMFla9KEiO9IU4Df2T6XfIsRyCo49uXWLpBismZwxcUsQABtKR2ASGNcOafPm4UsDRHq2F44Hb2QCIXaHdD2NU_YBdYmBkdS0QBb-2BZ70CSOWb9yjoSMALm7WqKyUZzSQIPJzhlFUbsTJ-2FCFtCm5VMyvQBnsE4FPcH6hDu5rRAXEho11-2FF1gSqyPCReliTJDYmifbTfb8HOjfz-2FHEoimMXxHEU8rEqxJYQWJaCNBzUk-2BMkbpKWCfrnmW-2FsnT8-2FT7-2F-2FhiayDdsW5XP-2FzPicQAEcSFyPzo3pBgXxyFErn48qMEOA-3D-3D

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2468	msedge.exe
2468	msedge.exe
2016	msedge.exe
2016	msedge.exe
2432	identity_helper.exe
2432	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe
2468	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2468 wrote to memory of 2396	2468	msedge.exe	81
PID 2468 wrote to memory of 2396	2468	msedge.exe	81
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 4988	2468	msedge.exe	84
PID 2468 wrote to memory of 2016	2468	msedge.exe	82
PID 2468 wrote to memory of 2016	2468	msedge.exe	82
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83
PID 2468 wrote to memory of 2516	2468	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://url874.learnbrands.com/ls/click?upn=kWyqXjpRjHUmB496-2FITBxUrFxLhjstxhfUMZXushQbChArpMFla9KEiO9IU4Df2T6XfIsRyCo49uXWLpBismZwxcUsQABtKR2ASGNcOafPm4UsDRHq2F44Hb2QCIXaHdD2NU_YBdYmBkdS0QBb-2BZ70CSOWb9yjoSMALm7WqKyUZzSQIPJzhlFUbsTJ-2FCFtCm5VMyvQBnsE4FPcH6hDu5rRAXEho11-2FF1gSqyPCReliTJDYmifbTfb8HOjfz-2FHEoimMXxHEU8rEqxJYQWJaCNBzUk-2BMkbpKWCfrnmW-2FsnT8-2FT7-2F-2FhiayDdsW5XP-2FzPicQAEcSFyPzo3pBgXxyFErn48qMEOA-3D-3D
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffafe3846f8,0x7ffafe384708,0x7ffafe384718
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1407250299930792251,4815720591838231816,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4680

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3580

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b5f5369274e3bfbc449588bbb57bd383

SHA1
58bb46d57bd70c1c0bcbad619353cbe185f34c3b

SHA256
4190bd2ec2c0c65a2b8b97782cd3ae1d6cead80242f3595f06ebc6648c3e3464

SHA512
04a3816af6c5a335cde99d97019a3f68ade65eba70e4667c4d7dd78f78910481549f1dad23a46ccf9efa2e25c6e7a7c78c592b6ace951e1aab106ba06a10fcd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
d1c49594c16b2593ea4e348dbc4d860f

SHA1
b655a4b989ff12a14700755e6dea727e8f8db84f

SHA256
4d1fee5257a4e08ed1b2dd05660d8a9c8d5eeb11f766b91cca79d7b6e51be8d2

SHA512
bf4888aabe424faa6719c3a789b86e10ea3b8ae314f6e59ab724031f79681589b0e15f132e5b459a85779f8c8699f6e2d1e57100cd13b8a851ceddfc05010f5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
767B

MD5
27e6f705ee8ecf6759ef771a4dc80c37

SHA1
c83b8b4f7e29c3a87b38de06d6c769401bf4e610

SHA256
f37ab8eafc4b1911b36837f7e2a884fe340d99b44efecedd9b00097f06940927

SHA512
711af71caabafa0f0527fd7799a63a769396df0ad50cf230bde933e4ab976f36577c3c20211ed67037c7713904c490611f4271fb60fa66c67d90df9c8e502fe0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9a9a9e3137a63914171023c383b0edfd

SHA1
ccf659c77c33beb01a8fb1edd98d325625e9c75c

SHA256
dfe661bdcd6e285a34ed32dd6e3ba3c18c0a2c7c06e690819d844a6c3307b4eb

SHA512
c00a37b1e071908d152ecaf011d828bad3c53e4f1d6d399ede9c03f90652248eea9e1d4a44a03e570a7978f11b75612e7c5f7252c7b84f556619b23afd92e06d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d1c78a4a1c907e169a1f582a63d8e089

SHA1
713a05f5f2356e5976d213fa3f37771132dcb390

SHA256
1c27b9bf96083640dba289a14d184d0bc783319c21713b6837a4d73b61e17696

SHA512
0aa203eeb14008118eecd6425ae8ac69ab4ff8bbee064a3bab51b4d43599b4f562c984738698dcb5d051b54e10007cfd958370be8f19ee4c08430d87816daaec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
29213338df67d29d6454ee5d61ad3970

SHA1
8c69ca76a2e639060d5ce835a9600e6ea3764a83

SHA256
d29fc0d97fa74d382d0f557ecea4e42b7d50dbce43915bfc0c114c16e532aa51

SHA512
14db25eba8a863d390b97fce4315402ed7c249598ff6c31d5a191b0f71c274eead42ba0658403e744110de072e6ff1cac3bccee1e48875bde6b1fe39a60d2407

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
d1356c13ec33cf811e3c5aecf68a6714

SHA1
58322d2198cf2696298ee8a7344371dc96aae86a

SHA256
5176b77d9f1320a75f409bf09ab58befedacce59fa52f5ed15721a5a0fa1bcc1

SHA512
8cae2ee01225339598e46fefd66b4d3193543e1911243187d41353dd98e73390b380f97fc5e4fae95898001777be021fd0e02fa13842ae4918c0abd73be2f877

Download Submit