344ec99b745d6a2d9e512758702be6ebfdf60b9df6bfb12fe79ba0a9ced52bfb

Analysis

max time kernel
121s
max time network
145s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
07/11/2023, 14:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bv9ARM.ch06.html
Size

445KB
MD5

b2ee35174ea7cc36808ceb47e0630ec3
SHA1

e58d81cb23042e39a9d35ca7f2cc574fe83fb698
SHA256

7cfda32209a8c7eff6f563e9e1300281df3ba5bc838660ca95479ae0845a078f
SHA512

45735c00706e45ffb69658464bc56f5917b05e8281689b0590b904be58e45413beb7855a5d2f4e6aef102d941bda28e57e0ac9d36e68c1d8ce95d076b424c5a9
SSDEEP

3072:Z0TxGf33J1Pe5D2hRoMAfb9zOSa1YScHn379VpLVGC7t5RPMGWU:Z0FK12DxrSUVGc5RPaU

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 007529031612da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "405590706"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2DF8C6A1-7E09-11EE-BDF7-CA9958541264} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005718aef034e0654ab00265bd8f8b2f5400000000020000000000106600000001000020000000251392b02ecb00199b1dbaa795b46f4e9aeabd5642d0267e9c7e753f0a5e6d07000000000e800000000200002000000068484469861c0f52c593302a3d325112ead2a89d28b905b9da819c97c00d783b90000000cb6ba4b5a7807babd55b0d16be779d587d996c11619271206c31ea75a062a19f79afc820d28d09a625e2c41b7b68c7a456da7a8846c044121a2b1f9cfff7f048d9bcb2bec80cf3ea419f642bc68c8bbacd011f6f86e27041dc67695787f57703af970b8f3659670e28d114d1d5106560395b75bb00b640e2739293e2d44af6717f94103e2ac6eb2cff6c08e32f1f77314000000031342d72f90bc5d3e877151afb174e021082545cffea1ecbed465b640601ece0c4979c001a35060f8c635762ec7a3842347b762d03c817d63064c0dc08ce5500	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005718aef034e0654ab00265bd8f8b2f5400000000020000000000106600000001000020000000f316de9b038017747f1a0896df98cbe757126606367b0b7089258c01872f39bf000000000e8000000002000020000000b59091936f51b2f2785551a736f0a1228393d3c192f16ee167cbe2134a4b39c620000000d8b8cee427fe9116a5db66c41997225da7d0d079d26610007661df805212ad0440000000c626c3a301274012a5632baff264a4885fe93d19dbd9a0bef458614dd82590ee439794eecd0375c65df51ea1afdfd77d230c2a3b2b37bc296f3a39432820cc07	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1154728922-3261336865-3456416385-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1896	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1896	iexplore.exe
1896	iexplore.exe
2684	IEXPLORE.EXE
2684	IEXPLORE.EXE
2684	IEXPLORE.EXE
2684	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1896 wrote to memory of 2684	1896	iexplore.exe	28
PID 1896 wrote to memory of 2684	1896	iexplore.exe	28
PID 1896 wrote to memory of 2684	1896	iexplore.exe	28
PID 1896 wrote to memory of 2684	1896	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1896
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1896 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f7cc09ac880e4efd0d0d7b6ea6b8167d

SHA1
de7f7cd16949c1d3749f47e7d3b65918f47d1331

SHA256
3f36fff73926f79d54654d7acf55af0d281ce2cecf4c00f41ce1e0c5d2ace98d

SHA512
431af272ad24e2b0514d8a4660e1c8b667a54cbac19474cdc97a1a4745b2c10defd6655d2d91fecb1af569f91ab8e402a4d2d6ff4116777b6b3e9590bca3f658

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
551d8458a5ce4544be678fcfae9a1bd5

SHA1
54f3b11bb617b6bbe6242ee463bd54000fc4107e

SHA256
1fde2e91bdb9561f691601e7add179cade9347b8e6078721702245031527fd4b

SHA512
670e611934c8fe49b54ee8cc096727f4cad972979fb3f09f1546958f2b59210f6714190a3ab8c3ec140af36dc323cd278dc4d8a159a7ae1989148e7a273c64d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
260003ed3805c0b5a7d1be801e49801b

SHA1
5d23b79500cf50a1365ff6d4abed4f152d3482f0

SHA256
1e1986e719ab59f0cfff29ee059a0d08808a952ba496a890dc5c7a632071e3da

SHA512
5ef723f71cd951a7cfb376894dcecc186a38dcc17aea0819472ca38d8d13beab024e993bfbb49da92143d352463c27c5b846af244b8d344209bf8a5a09175d0e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0d1e7fdf58190edb20ab7a4c274710ae

SHA1
88553bb8c2b3782c15a430b59fac12370408bf09

SHA256
aa8c61849732268c0e779536cf6d78dcebbf04521bd790efc63e77dcd7f57a4d

SHA512
e9043d7428343b83fa16c04816a17b443fd59c89b05d0643fedddfaf3534e415da195c640c23c831ed673a8003f1d093309d4689ce157933471fefb7d61df58f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
00a66c3760fdf67141b10a703309301f

SHA1
50af0870147476d37578db5cb0c02dc452cef2a5

SHA256
b984102942f83b4583dd946301b419ce2503f29704a0380a3d5f7c3ac8af7ef9

SHA512
2e368ac99557ce7f844cb730087defc6dc7b837e69777fab445bbbfcb421c058d28c644da5009751a4aa94f2ff4b0e2dea12be1f40329357b718b296dff1bb5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
efd3cffd7afd61a6eca79fb77e705edb

SHA1
0b551f42199c1a1e315405efee529721e5942748

SHA256
080073fe30ecca4d167f4ba2f4931cce0563cc03d185df06ffde35ae93e69da8

SHA512
9c875106868396a9855cbdec51278af25a8fbb02219fbe99841f13c5c28ccf342e8b52d62b51cac97393d83c0e4e5a2aec476285a99020753b19553024d2cb45

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
375a9a68785caa7c2b67015c34c677a7

SHA1
7c51fc47a9b7b2444fd5eb515f4a90f07c2538ef

SHA256
919c2c17966e2ede812bd7c2d3723dd21d18421ea263acfdef34a5eb2d9ce698

SHA512
5f746cc3b454aa0f2150ab95358c952c7e86ff2be4a41d894c0ff77d8a6022d3fcabcf8f97dcefc3cafd5dfd8ae3d8e73d53dc7a2b2acc5f39e77d5215f1c52a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9df9485252bc1f1eb84e3062ff3012b5

SHA1
c65bec51d90ff98dd6464d71c6c7528d56d39e1c

SHA256
f80beac4a3d44711c6199f7a5bf5299e3a2116f69372c8d8a0f2e72a9d87ec37

SHA512
89b7e2fecfe9cf67adf41a7340009507bb379522c63bc128bbd2bf0c983ed14b9a485454d4a543c5b3eff63734310b0c37fb34e6ff7ba0332e1c74e10c12003e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b80911adaedfe168c59d16acc6d38544

SHA1
17d934c44ebfa79831ab4901e6b1b9c9fb456095

SHA256
8ee6cbf2048f30f8ab31cf60f0b4a97042efef2f64bb7249b3aeb0c73790049c

SHA512
9845297014bd11a37c68c061c42a6259a8a0e0ebd549a8190cd71ec999afb8d4dae05b7af51f0e70a95eafeae917116b3f48810f7d4a0d9686ad46e5eed705c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
858aca0c6e5832da8b2bf22b3fe2df9a

SHA1
c14977f5634cfe8b976d27924279f36e1203b83e

SHA256
ae2f966a9138b633f9b39aab2536731f9559802b1310f509dae58e59c1e576b8

SHA512
0d1edf18be37f5fa2ea8ebd9e6f47ddcc78afff8bd812ce8da2b4d9afe634b58aef8321903561b82d0347f54429b36d49bd88ea1e28781bacdfa22436b008955

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
073b9dabebb37710d88ff5a75bd4a9d3

SHA1
7bf4db1b2e4f6f263b815a958e49e6cd9d6951c7

SHA256
9762da09c6c65ed81f289c5fab652a6cbee1470952a27d4375c3fc111fc04e57

SHA512
6741a6cc60ce64a6b012a44ea4fbb81e6d96840d20b7c12e6a3838730a41ba51b23ad9b33904b23768ba7a098b8a9f7d330da5da9128d33ab318a4b70b00b781

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
75eab2a31c3ae7079990e5e875afb14c

SHA1
6a07f42c89b0f15005671297d180189b301511c2

SHA256
b1b08696ba499f52cdb88193e5c73afc743f181d3860394caac376b821cee0e5

SHA512
1bf425f49c0387f4b83dd81ebbaf39635f151a216e197ad92cb9a77240037cf6135901ed365d7ed30c7b877885747287cef7b83d233de8ba71a2007300c05be9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cc6aa55771a4e0e014d264a4ad6fa74f

SHA1
66579e00237c019f477dd224c1b338451e116915

SHA256
9a06915024ca132e708378f7637109862a5fc545e128a49df4b29f39e87d7fb1

SHA512
0ea8d7067019abf0a6793dc389f516b1a0e47cd4b713b7838c81fe936aa1f1a799e89c86df9f2903101ae4218ef4d3d41a611ace446d73eac4c8406748a69316

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aad90b3edad2f357747b14c11a28ab40

SHA1
77f808a59dfe82876743c3900e5d4fe03df104a4

SHA256
016b013db502169211a876627bc19816fe01749aded39642dc49fb5bb05cc522

SHA512
5af4ea07bb184f6525cebe708737702710a9e09ecae26c917e6aaa504c52526b47fa8bd642fe172e114a7db7546c7410d6bf8eb6db29d6b21f77d09086a6b727

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0f81f6830037435f3cc86b64f18402a6

SHA1
f304936e1084e91bb7bd4763b67d40afb8140d97

SHA256
3cc4507c8663ff7b430ad3e4426ead52929c314a4c6f6c805d797835075b990f

SHA512
4c73cf1ce2ca09c2b9a128232b38760b21a5fba62b2d8916ff4a54f77889be1460df3661c852de87082b21c0ce671a6530099d9f3a25771545a7401e34d437aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c62a296f5e69306a6b2c8ae31974e262

SHA1
9dc0696151376fd5170e0c3e96923d8749c0902d

SHA256
f9d27694959a369598f21c235a335049bd30e8ea4ea2072003f8301fc95696d4

SHA512
abe0e443e8da89ced586079ec39d401090f0e34653de79c22baafb1c14a4ca481028fff19c879c46462b547ba5b1d3bc8c0ba8a360181750b8c904ff78e209e9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0ee40a8783865293bf74c9c6ca5ff3d6

SHA1
e21640e2168959c81cf53e3b570837da861679f8

SHA256
0f0c9da9362ba4f2c5cc654b028ba373654295c0964708a3f4a80270ec09fd55

SHA512
4dfe65228216971a0aedde7e5127852eda394e19cf80d3b9ae658990bf006af2738b7f0096545c51f31473486498370dc2bd264b221ca5ae163b9e8c306dbef0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fc69e9a2e655b31b399134a485163619

SHA1
4a1e4c210bf7fd70c22073abb92fe2326f5d09dd

SHA256
db8da7f6813eb44e02e64fd4b325b6c42b483cc59619eaadd10ba159b915b41f

SHA512
ed80651e78195422ba62178d57e5ba5151ad382b76e020e2c1a09c04f8781d1d4eb0928b0075936e1d6fce0634dfb45ba5e2e5e0c8d040b3e39d72c03167d30b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC302.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD8E7.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit