c24879c46cd1e40adf323e8f8a779733499d7ec225c12bb03f612ea71c59c406

Analysis

max time kernel
119s
max time network
151s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
22/12/2023, 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8db27257b36bc759584b06c4fca21a1a.html
Size

601B
MD5

8db27257b36bc759584b06c4fca21a1a
SHA1

8025953dbba708daff80a2069ddf0b3129d4f152
SHA256

c24879c46cd1e40adf323e8f8a779733499d7ec225c12bb03f612ea71c59c406
SHA512

28048ef7fb25b73d550330232ee1fd334c4772143c3e4750f4a3697c5a2c750bed4c276cdf0f7224d96745be40582b2a39befab5c9339c4e56307d4d37de0eac

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c00000000020000000000106600000001000020000000382ffe334c01e8448194b359fb8f8f77e8981a2875705bfaf1e80906ba21d7ea000000000e8000000002000020000000bfc0f20bce1d38c314fb8f9fce7afcee2511c0e8df9d0697eece7b6809e90bfb90000000b934847b1054b80532e748af034f35f50f8bd74895b79a9796d461f3d800164d82c43e7eb43eb92f50aeaa63a41e02070da032c38faf39ac97ac046e0b7927b6da841c968fcac4bb614844f010693119f19c070b606d916d41b9c532d55961b2fddee7c839d406a361807a56c56ea6a2ec46774b3c31e0a90c843ac780d814a4f56cf49b055c7edc6d013db9f4deb0db40000000c03632a13065766a84feec424875ed847a1034c987935647389f71da5c05d0a08e64ecdfb6011df291f10b0f5240fe6a9b5abc25202092f43edce4c3e219d383	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "409507084"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 309c567bb435da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B08581F1-A1A7-11EE-A1FE-F6BE0C79E4FA} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000580e1c8c6faee54b80ab28599b83677c00000000020000000000106600000001000020000000b36e7c887839ed34be31fdfc33682cf815faa432657f8bd32732f8407f4484d9000000000e800000000200002000000002d578825abee661185b1053965c81c3325cb3dbefac3e30edf2e90b5883817420000000cf5034e421b428f126a12be9c99a9f6f5559be8861e3fc5ccffecbe6a16571804000000067a361885cea66fc9528fd688a62bef1fff9a2bb16dc1f95913a14f4a3c5c48a11f7d20adf24ebda83836f6e9bbcad8d25142b1a849ddf3cba97a976c5f1ba0b	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2004	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2004	iexplore.exe
2004	iexplore.exe
2692	IEXPLORE.EXE
2692	IEXPLORE.EXE
2692	IEXPLORE.EXE
2692	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2004 wrote to memory of 2692	2004	iexplore.exe	28
PID 2004 wrote to memory of 2692	2004	iexplore.exe	28
PID 2004 wrote to memory of 2692	2004	iexplore.exe	28
PID 2004 wrote to memory of 2692	2004	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8db27257b36bc759584b06c4fca21a1a.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2004
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2004 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1da0f9820f848546c24b873e2c57c31d

SHA1
8e86fba64c49cda3c85cde66ae71f74f39e58bd5

SHA256
14545be5fd434315555bd21f65b22204e0d7f595102e9b210ccee5e2eafbe194

SHA512
fa5922de55a312128cb614692eb980a1fa144a9720aa86629a2c6ba1e59665140c40edb4d5f8707c705985ec6ed445b72f3b884ea30579db1b9847b109161b77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
19dc64dba5548f24aff5946a699f149d

SHA1
9279d65d2f12aa051855193b1828af2901764524

SHA256
b656fd5d022250b13b508bd47289228a26c3c765384bec815f8d207bce97df70

SHA512
20c452ff608e4478dafaae33fde128974ce5b191cea10322df00083744616eebe6559e3bb37e06a08a4d5c4d560555d865bc5345e06233e6584757dd551f473d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f958059f6cddb57f34b800e2b8ec5306

SHA1
22925213e4642be2b89374e737201fe4767e3ae8

SHA256
cda0bfbec483d96776dc398e56953f1f85c22a24e5edef97016aec7d62162357

SHA512
07ab4f9c6a6eac27e7b7f09ab5a7f9ce0410c864056e3710f05ab538a24a0651634fbeaa861e5c96af070aeb3e347a30414a9d50f526c03c5329bc6c85b2d9ec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c80067c9f60fa7c6d6aa9d9d6f339215

SHA1
00ebd27d188960f41956a96361cf6f15df63103f

SHA256
678377baecb734f18082145c3a8f265bd43e0fe8d8d14db5f5c9af1731581e79

SHA512
f2f0cafdadfdc9848f6ed85b0cb6db854d0e9ce0cbf294d646ef9ba08fd32aa329dfad831cca3acaebdd4cd6d27bf6e47fbfa8b055b5c285e2babd6e6a331172

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
951b77f6e03a82cea2b1deb772d96a5c

SHA1
041d39e3ca716836ec65a6babf7f06a5738c88d8

SHA256
3820eb837866d6ecff0de1e443ca20e80f81e31ac2dc23012c669e3d3a73d979

SHA512
c3e913156d43c7aa816bc6b506f2902df38df3ae5b117ae6d78a5463f9dd527f4905c1d9be034e1f98b14b8d9369b2ae9f71b093c05fc2e438c4681e31fee19f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cbca3423ded0a4655ae48094b0a704c2

SHA1
1ed2c3ec74a13f443bc41af4c9e045bf38fa91c5

SHA256
ebab3395a4013f4e65dda2d009d8fbf1e45a8ad61b79ca9378b8aba187ea1a51

SHA512
54de195e178ee1651d0944701a553f1471b25f7fe148ad413cb65ef8584ed92e2d6fd47b25178fb29156d73b407dd4e84fb339003ee3caeb2e813ef04c9e922b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d96ec8c7bee1417f965c43b4d654ae1d

SHA1
1f32c790635beffecec56b1185a1402533a3d0fb

SHA256
c6f567e5147c210be952cc5948b7b5ecec4984f64b5839f7001ff054338008de

SHA512
984b9f19d079557a95b54156290d179c6961607d1c0b06316a1e34789dd09dda51245834d3a0b952d8632ead3eef306e6daa770527f53d543430e3a1c7dd6c9c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
818c0d3f86316aa0416c1a37f79b35f9

SHA1
29236faa19427aa44168e61dd1ad62643d7fdc8b

SHA256
3923a002ee4f2c340c3bf2a5f4cd347dd27a588184d8f483d7323f484152dc14

SHA512
216287d392f909b1790085cb9e42926eae8f1cfc07f797192308b5f107d9ef7f8646a88f325f9289e4563658d21973c7a0391802b19e83db836247b867f3feee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
50f56e0ee1090a3372b1f15ec5348928

SHA1
520a4d75ee691625a6788efdd942bf5db5ebc3bf

SHA256
96f94b9af3f122fe35cae22750ea8d39dc82c738764eaaa6a5524c1b9a4aef43

SHA512
e384a08055671b4016313fad984f1826ef7f18b39f9e1a92be9f5da65d2c68e18078230afc5626284e5bca95ebd67703ed86e753d2e9215dccff50c304adea3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5556ae691df150ab3a16d95ded2aedff

SHA1
1c5148ffe8608fe3e435fde89a9686531db2f86a

SHA256
f36b87c1581eb0323f160b9e90d756981ed9ed31e225d731d1675bee5710f19c

SHA512
9d1db38a5dd74da9ed27e8c47a92c1cd7cfd2f448a0bc4d01cc24e29410256a44246b9fe867053372426dfcacf891159368a93a6c4ab11eede40c774aeadb972

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0a9b20858a20f839670899759d9ae9c1

SHA1
9c67ffb9baacf67d579bd723a42c4cd7970d9a8d

SHA256
afac67fa8cbfba213cda1c1e01c94df68627d15db30fff0c2352111eaa357b36

SHA512
8d1d1ac6eb7e4dd0ddac5b6d2ef9b2236c84efa6ce46270ae4370f8f875b57ddf512a436b5e17a6c126022dfb9c308a4934f45240193bc14d19a64b4e73317fe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c5f46fb9560118621e0c52cbf5089d75

SHA1
373a76bc79ba870708e48e2b1a58850c60a8e172

SHA256
1a0176cfb69f2979b0288cce1973a6a8636b24348732ea88e5f34dd037608ce3

SHA512
29cb15d726fb1c73a248219d12859bf6179583955019a63948805c82bb6375ebe029f2f1d01022bea10d8425b653d9f7e20fd29372db5ab5fa3936b6fe6dadd9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
331a125f2d2641d1928a92d91924d4f4

SHA1
5e5ea2170f2345f93a6f7c4e87a76b373087a157

SHA256
d789ec745f71f2cf4f73c1ba921f7bb59db91cbfe574220b6d95be3a2a9f0271

SHA512
fcfb7c55b2e5232d096ad58b315cede28b4aacceb98f9253bf4aab975b7e64e486e5e54dd546fe20f2d157bee31898eb015daf74045ec71f813f65780252c8b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
626e00aa0518fcb3afcfb9b3f4e21cd3

SHA1
85e28ce87af7a9debbccdb890bbedf2b1b1ad269

SHA256
0b4f0a3fc4734728e979289c87580c7f8cf259edd3be96bd6f85c7ae46612043

SHA512
6751ed32e3004c1b5f75bbd3b3ef281ba85e055e75b55c4c98b72aa25c0ae2435eebbfe9b71fac7ea02751570994d0d7fb0015de76e4bb2bfad8f6f5c18906b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7ab2c2186cd5d79bb27c1c5603a181bd

SHA1
0d0f3ce260b523aa5264b2c31107558b5f1d9f55

SHA256
779e58e7c12bca7e2921103c08b0ade3a7b05a0f2fbab3dcd7c446cbd898e244

SHA512
e48f26977eb2d6e77b7cb51121901244ac484241c7b22f65510a1e12b42c3bdc659365fac72d67ff89864d8db35c8e890d9c5a5be89f7ce96e26abf7125a8f76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
92adfc7ec41b3842c07ddab4b0bd543d

SHA1
f9c144f35607dc129cfd09a1ff2cf447e6a9866d

SHA256
035e8e3415b21d44dec4a650be92f10108c9c51fef063356d182eb664a091e43

SHA512
6aa01facadadd0841d8e6ad16f607d94c8b44ecca6cd8c3f8c5a21e591d23054921734da5696a91f4dce617628aae424f916423ec1a9827842b52ff1a47bb7f4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a6c64eeb5ecb20bd9f28b38b46cd1656

SHA1
2124d5b46855f0efe9108b79a7c22e8ee3f7cb24

SHA256
be08a815518476f49ce5b02deb2a6e31121bd72afc9d971cea0eaa44699248a0

SHA512
4664e348299928c382544d3ccdeb8db8ea734e7cef4ae04b22755571cb47fbd4433fcd74c1af74260be30baf49b1a1a7ab463f7cf5705f0fa839ce5e12e08363

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c70fa44e0ace1988f95cfc8b1c82ba5a

SHA1
c702b4633e6f816f87d8a202cfc2200fb32fe28e

SHA256
cc7375e7396b5b930105231017396367c15d96f04bb989753b34e30336962ded

SHA512
e07a38be37cbe673facda880e95ee246eecafc406f3d8a1f504922e6f2a3546d1d70789f7a4d56bc574e5fc2ddb324ff224c94e521e3f60ddf4b4df4a1799c92

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab95BC.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar95FE.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit