110a3aeaa195526039019ec54a8a948f1b5340d03ea09f4ea6004b6bd6b403bf

Analysis

max time kernel
120s
max time network
132s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
22/12/2023, 06:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

76c13de3bfa0acf5bd44c1849344e7ac.html
Size

1KB
MD5

76c13de3bfa0acf5bd44c1849344e7ac
SHA1

c0443d852ed562b9c7b5301b57bcfe90fcb6d9eb
SHA256

110a3aeaa195526039019ec54a8a948f1b5340d03ea09f4ea6004b6bd6b403bf
SHA512

26b36f10735cd097eff6e5699022ffad953bd52c3d5131aa2a9f403c04e876ec9d1f7dd22a05ecf0455487ea5d9480656a8adbd310eae2985cd5c6ba336f7f32

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b0720b1d8642c344adb870a2e917866400000000020000000000106600000001000020000000cd396820a1ea5b9ff011a721cf729d44b4ee19358dc236aafb2efdf898634cd4000000000e80000000020000200000006af6bf9e643ae93da2069b9ce331fb09dedbe270b5b8055204428891776791b390000000af7e151a13c9e78c5f0df68f36b4d9baaa8ac7f8ab5e1e32de9e0a8bd8154bf0cc093233afedad91cd05964a14b2bb20861810f0e94534523dc38a4907ff2d48d8a5b070a02720bb7214fd68122b50421609b2a21e3ddab4fdf0e05327c1f09cb8b53f6b9b26a0c971f8734bf53168c215f81ee032ae8db2bbe7d3a881cb67f1688d26bd8fd67ff172efc236a6d5bc5d40000000d07564a199d67ea089b15f6faebb541328464cd94850d129221264f5df03b9e98b67f8f599a74c51d8d4106561ded661bee656e39cca698cbcf88c54de56187e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d000bf099635da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{31CBEE81-A189-11EE-88BA-CA8D9A91D956} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b0720b1d8642c344adb870a2e9178664000000000200000000001066000000010000200000003cbb3a71180dc18a61757d52c22d0775d25183496ab2f999e0bd2422729829ba000000000e8000000002000020000000e392accc45ff261ff95080ce5b4e2cd1199af9773c66c8ec8e88b966cfac86ea20000000a080f97378a0d87da3d847dd6c7f1d59a3b4b1fc2ae83c24366aeb02dfb188c4400000005c893ec4be07b0c051736237b6a8f0cbc7819c9bd6420f426b25b9d971a0d6f1c680ab613d7282686609a8025382419704330cbb982350b8848b00ae0676b082	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "409493980"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2512	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2512	iexplore.exe
2512	iexplore.exe
2320	IEXPLORE.EXE
2320	IEXPLORE.EXE
2320	IEXPLORE.EXE
2320	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2512 wrote to memory of 2320	2512	iexplore.exe	28
PID 2512 wrote to memory of 2320	2512	iexplore.exe	28
PID 2512 wrote to memory of 2320	2512	iexplore.exe	28
PID 2512 wrote to memory of 2320	2512	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\76c13de3bfa0acf5bd44c1849344e7ac.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2512
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b1b91a257c2f1f738d7b70708b0bf0f3

SHA1
b20ab97dbe8c344b48245b90c8629c15fa72587c

SHA256
adaf0a5ff5b08da1f946976604b105aeba5a875b412a023743be4db192488403

SHA512
99b153dfaa2964fc75953f983dca15fd7cde17036de6a2f200caf0683b01b614f011dd5bde6b193000ac01c0ec8e1e83f13d470f3b253f2138af2f7b792e5ecc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
236acb20079e2c8c6cb76e06979e5e42

SHA1
b672769136f506f4a25e288b17fa54f065465795

SHA256
b10cfbca0d63ca2cf7f08b84789581b6c68d257442ff68b3a8b7450e9b4c3efe

SHA512
4a9fb802ee0a64199ab3071b86c6e31fd83dce77d7a5fe3ab7053f2e8d718aa36093f340f6baa2ed6129e512a34711cec59d936c7f2464e02334eceb35669aad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3c7c809649e1f8687b5afe88542a9dfa

SHA1
1fbbd768a25aa26c74590062c62f085b625a7203

SHA256
197eae83b1e39cad13a3122d7088a9c1fe1e4bc3cf6488f96301e5762093fa6f

SHA512
be6040d4b73216a09e77790bd37e95bad34b55d0d225b8eed6e723693b62d396ab72c28e88e607eed173eda54d03617cae36e725bec01c73bd03358deae8a085

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
14c6171e23f9c6e5a7b85a60e48bbf74

SHA1
c0572ed0c438e0d1e4e4535e7bf09ad52ae170e4

SHA256
0766edb9fd780f991bad898f69a5d2296f90c7e77fb8fa71ff9e05a29333e27c

SHA512
61227c4636e5825677a8672c64281c96ddcc1ceed150bbad220ed92776ece3c5063baf86c22e72b60e118df88fccadfa42d6f715c1a1103c89d12c7eac166c86

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e4496e852634d6c61605618c1449969

SHA1
525b40bff241655928f9a601bd28765aea105649

SHA256
a3f91f5853cb52f5def081552ee73ca04a10eca7692551c4b9deb3d6eedbcac6

SHA512
ccfb75ed2780cc4efc464bf1a6ae0d32769d755ba9253f773a810feeabd8ed748318987c30756c385f38fd4ce8e80956799129fd34a59424364adfad9c15e20c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6102420f2987c21717f5e5f94cedd574

SHA1
76e9b9b50a24a49780a22c6ad2f83c8ef1714273

SHA256
19372ed32a933f913bc1845e39c43db3d2e79e1227b3e3e792f05f6c8b9de3ac

SHA512
909afca81e791518a5f6cc2ed9aad58ec3b3894092e986d9aa9c12eb4f0273c44c0e5f78a5e87b17a7caad1eab4237b6ef98f0ba0acf36a6989876fffbfe9b85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8f7928b69c9aac352480a9948ecd3470

SHA1
6c17662823e6960f96d042201e6e0c9f4511feec

SHA256
7e87dcdd9e823b959e786bb2bfb84eab99d5da9c26436805d525d511164ae2fc

SHA512
76581f97f2d4649ae3a52e78ce927b79153b1a585dc34f03c3734611bff56963f316387bb332b4f25ab6c18f3182f3724350712ba533354a7a0f4112392369f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49c2aa12debb326887ce45460b7b1c6c

SHA1
28c18326e3fcc7f81893cb18f40cb7b07aca21e6

SHA256
c837ec6ecd1d79de7357be70afb7c75e6c5919cf0af9da8e996f62bbc6b98f0c

SHA512
f54f6b0df247426cbb7aa6fb2130c10955a04d330e1c5ad0972e1acfb0c78ffcbeac059b3915c87d3778076c160aa841bff9d033815238630a7cb6a611c5fabd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4a4c278a4e9e56a2fb1632de3353a811

SHA1
71cafcefab4ce264b9e4699bfad0d6217e54675e

SHA256
39eec5e7f71284c9fa2fc51e364764825cf2a88e1f79e7c9d24f0539cc64839c

SHA512
a1fe73e49caef2273adcbc494286fc70c9d76f535625d19b3e30a14fb94ecd27026957ac97acb147809eaf731d586129b4199367edebe4c4b0e73c2a457ce0ad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0253869b330428b14072d149dae2234a

SHA1
13567d3dfc5a20a161c8031e9c4c60245c2849c2

SHA256
71d0eda96fefbc00f64badf98fbfc802e14806039624e50c98fcc9e76376a98e

SHA512
aab150a0dafbf80639ce32136f6b9b34271be7a880330f0b3374ca31a75c1604aeac050f5898bbdfd9c97f061b1c8729a5a6b5be99560faee3e182cf2f6cc509

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ce020077076383d7984d994c59fde392

SHA1
8b7f507965b17132a6f0220c00fdfb745cca3e19

SHA256
db52dbe766a6a7e1769f6c01ce5af732fd75e9d3f7cf8fe46d7bd35016125032

SHA512
d5e253bbac085fde481b4cb3d3dbb5059048ed71f989d6fae8a4dd2f172432391a888b4eaa0eaf7a01c68b2c337e0f130ad9f27857f3253d336473655e1b54ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
11dc649ba74336212466117e993ff8a5

SHA1
7890d0656dcd1a2d0eebf02274133d7a39efdbc9

SHA256
08b27f4592e3e2e7e65d9b8bd82f7ffceb47370ce685ad9706833170cbb970bd

SHA512
69cc1aec951ed8d769eee6fa08bc9e5187fe84bfba3bc2e2623523304136186775131317928e76be16f500b926b0f7180d881b78e51651a5b154c28388303220

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
252e686c746f28c3916fa55da9fce8cd

SHA1
1791cc0d62777496e42d9f16ae96f37f8a6d0fc9

SHA256
8f1d8fc5f80427b849327bebfc6257071acdb3143bb5ff5454bdb42670e9e2db

SHA512
7dd23967737cefd3f9ddc66804facebdbec3b196b7947cb0978c52ffb48b2d5884eaf1bf45fca9b14e943156983e570bf86617bebfda0758bc8c7e8ce463029d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
89bffef2cdaf6b45fae514a84a24dd95

SHA1
ae8a1364cc53227f580a8f9c5efb35d3d5fc04d0

SHA256
20c4fea3731657ba371d715deaf2764ad0467ad051b8732ef0c5d85102915e95

SHA512
f12abb1d64c3dac7bcefe8e8e91fbf10b0852d93c36ff7907e5de620e3f4b546f92573de6a2287f5351d9e96f378c4e60563eda06cc168a7496ef2c9cbb2d52d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d50097bb9270d88bea8ae0fa3c9fbb5d

SHA1
fa70d66ebb09ee351eeb2bc98e6f1c7aefa50c32

SHA256
18aa19be20e3a440575a9c1e4ccede688ce3fde6148bedde0df948cef787a38e

SHA512
d164e03531f67de8367ab27d4d2d279ac72c000fc0f66a75a139b8d2a3382e89d94ae48005ddbe6dd4b9b39cc809c5eaf7d7066fad1782c97f501a95da4ab382

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
58849cd0b00c35d118a2a9d46cdff02b

SHA1
7d2e88d5a608eff10888d94c512f26579ee886f9

SHA256
dd42be1e78efbe52837e338269167eb3c09b5d3fa2d560100d572d8494736158

SHA512
f42e5ecd2beba40e64e2e2dd56d003635068814b1829aefe5075498c6160b33510302e0321c5338176f472db6c6c1bba289d9d8bc4a08a257efe2de766b8f425

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ae0af5154511e4bc8cac3659ff8d94f9

SHA1
ff974baf4a766871ef251a451db36da72eedc79a

SHA256
4a12715b1454a823ba94bcd8a4c69df9382d445d71ba6724b2f8b3bcd86a2fcb

SHA512
6baea8442e376e99608912734284e4e80df861c5fbfe29b4553ce30e1834769aedd992238160a94173177acfc3dce599b138f965b37230d75771cce043e6b41d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
04706693ce560dcc37864f1c4234a088

SHA1
153a580d39ff10e72b74eb38355c6578b84a0d92

SHA256
17f07ebf363f09040c632b15a5074afa3aec84aa837f0a2b1d31c388702565c8

SHA512
1815782050d10c57c0511b0d89c485bd6b2f6949e692e772b03d99e5cf3a0c1ed894794791f37b91b2fccb5c672ac93f9481e708eb14b1a9fa6a99ed1d2e8cff

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab719C.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar719B.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit