cbc9d7523aee2ac8abee17577c2f0f109da615324a447fe58eec1f55c8fe8a1d

Analysis

max time kernel
121s
max time network
148s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26-12-2023 08:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5fcf29928393c63f5bbc2fd8510ca1ba.html
Size

18KB
MD5

5fcf29928393c63f5bbc2fd8510ca1ba
SHA1

1d9962ed9dbb74b5c6fb5161c3af334f471a0f25
SHA256

cbc9d7523aee2ac8abee17577c2f0f109da615324a447fe58eec1f55c8fe8a1d
SHA512

9d131bb69e5c0032f141bfdb5213f42e4edd1b09216323bf3f49cfc3343b1dcf153b5cbea149aa90381160f9010d1cb0d03012c8876af230c420b646f1b17144
SSDEEP

384:n10Vu5iViFdTexPQFRSCxCPCjCdCOCVCVCpCrCDC7CA2QuTJxoXFL6fTXb2:1liEFdTeuR9MK2gxYYEeWuVQuTJXXb2

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a0ebf295cc38da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{ADB43FA1-A4BF-11EE-B16C-EE5B2FF970AA} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002213d23592f6d648a137f9bf65c22cfa0000000002000000000010660000000100002000000019b707f2f0e150c8103348602b9724aa6dcd1aec40958e4415e811411532a5ff000000000e800000000200002000000027be6d1cf7496cba7166d8b97e4b4b1b15ee59176083f4f541e22ad6ee566c8590000000cb9940e9aa36a6f771549cc31056600e08829901a39acffbfa8983c0937d6e10d1e2f7ce3944f370c809f77479f2a7a09e194bb638e4ae41368b835d14f8b035a22a3544154b2873be210f886611a5faa891a4b0ea457eaa4bf6137ee5a9541c287a34ace50f1a228060711820c705363c9915f740129144a9abb2b73786fd8d5c05de9a2946bbfe551e0816e1ca032d40000000230221c02a1034dfc766149f22b2a55840e7abd959c1dc9f542f83bffc16eb47909c82296ef1d29c2eba3425958e7c7918dbba881f766adc1d12d299b4f7d3b9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "409847244"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002213d23592f6d648a137f9bf65c22cfa00000000020000000000106600000001000020000000cd2a8cd9f51d2ebf0b3412c8c142a12e39f6a8fb8f616cc12af83cf11b39e80d000000000e8000000002000020000000f8c29a97c3c459777bb736bf4cfdfbac2bcdb34ae71c5636d533c177f687b19120000000de7b4074727f2708ed6c288ccf1857d9159fd46f4d9dffb73b5e39142ed8fa6d40000000682461f2820e5244e8f7cd4182bb8c0ff08bcb2064e726fc1db62dd51fba97570df136606d63500f51d7f311520845cbf723ebcc18a99b0182a1297b69b598a2	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2608	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2608	iexplore.exe
2608	iexplore.exe
2232	IEXPLORE.EXE
2232	IEXPLORE.EXE
2232	IEXPLORE.EXE
2232	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2608 wrote to memory of 2232	2608	iexplore.exe	28
PID 2608 wrote to memory of 2232	2608	iexplore.exe	28
PID 2608 wrote to memory of 2232	2608	iexplore.exe	28
PID 2608 wrote to memory of 2232	2608	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5fcf29928393c63f5bbc2fd8510ca1ba.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2608
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2608 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2232

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4B3D1CD03E2BE9D4F9CDDE390F5EFE31_8F397E44377ACA4DF3BD842DE1AE50CD

Filesize
1KB

MD5
081a34c5605ea45dddefba71d3057db6

SHA1
1fbdc1765253c461ccb34ff9f3a8d18fcbbd266a

SHA256
c146cbcb826b59b675131199364d9e9c5502642adb629a6b7a07a37fb61bcfdf

SHA512
823981229d9c4681f0c7b969390c1d4f97be17c6edaa4b6dc0fcb6110c584516e9e75fe8a4aed0548ba834d25ae6b69fe751c542642af4b163080f59dcc024c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B5E07AF15F3B6E48EDF7575279F2E80B

Filesize
1KB

MD5
7ffb7eb7935fa68bd3c0d6936a99ab26

SHA1
d3416262727fe182e0996c793b0fa44676c6541a

SHA256
7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c

SHA512
bdfe676dbeb28cfe4d26622331bbb2d4094079f40cf10eb1fd8064688ee270d48afe844dc33f792d0675315387240e737d1ea657e29b03721d5647eff555664b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4B3D1CD03E2BE9D4F9CDDE390F5EFE31_8F397E44377ACA4DF3BD842DE1AE50CD

Filesize
524B

MD5
275b2cfa4ceb781cc2d464b0c67c644b

SHA1
afcc8a4825fef1b88fa92ebe452b907b0e723792

SHA256
b7e2053c27d1abf3e9ae65c556f55c505da5ea13eb53f8878642d460939b7372

SHA512
c7362629725af2e2c433ebdf8d6f413ed200f6eceb45b5f39fba84f25a825505747377dcc33f49c8915b1dca9a7361806dcc57e0272ef7fb43bf7f8fa6312a24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fbbf2815eb75008310ad68007194ce10

SHA1
f89564167e246af4d000377cd4a4817477691849

SHA256
0766f082171545160f378b8a131650bf305338a75f1dc5064ae9a9ffc352ada1

SHA512
46e3989b9d20945acb2d54276f5cbbd84077a9b702e4f44998140fbd93e29d5350363bd2d9be3406211c811ba665a24b54e9c52bc657492dd207032472c81f13

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
42d7ee36d21b5670f74af915718056d1

SHA1
bd3d26e5fdac4dc98392a9f86784ccae3b2df15f

SHA256
185943ed3c5e0b024502e998a72f3a52aeb2882ad7faf796ed2cdcf51482d0bd

SHA512
d8502e185f5a88bedbf9ca88407cc5b5931cc20ff3c0a8e6fd1cc92c436c78fa3c0c4740b6ce02fe347ff6edb73d98bcfa794a82af143dabc9372af7288af996

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d737c7c5570701c54ffab6f608a3552f

SHA1
a46f3749508a0588f11c94ae2e63f2d4fef5d2b6

SHA256
059be3530b2611387cef2ddad574df5d568808666d96d832acb15a5d06fd0ee9

SHA512
1b05a713d0a78354244d71f295aeef9becc054bebc0a0cd51d803fcf5af8d3b34799a14ad0778579572389845160eca45845fe577fad8ffad7293013c1ecd155

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fb9e3a36e1a6fe8d3ea4a7f1f5c70b89

SHA1
a50d299d7f5fec315a5f6bec18e7a9812fee13d1

SHA256
0e536047d3a1b09525692def2a5752441f46306a5dc1845cd53d3bb46a4954a3

SHA512
02df53628597771cbb3cc8123aeb42252626f7d2de7ede12e29684f7c64d0eac9bedf155202c52bdb08421e54d35a27ed8a4d1f682f5e9a0b3147d141795be1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
59b477ded32d66a09b93a004a1fd2f2f

SHA1
8db34d1abf57a139f52e0a8f944338c0b8fd406e

SHA256
3bb9de5da203a2755bcaee9fd239cecedd6bf7a082ee07e4ec281bc51db590fa

SHA512
3039225f76add41fd4c2237a2ee3c74c76ba389af8fed0a10cbdb86c487ba27ba03cfada89fa9f9e9e266e936fcb8b0c14a992a7ce70c211f8b24840df5bf605

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a37d38470d35748a38e39085f500514c

SHA1
2cb76b3a9eb600fa581bd87de56a02fc16132185

SHA256
dc40dcfe79eb0b5bcf32891f3e5aca59aacf788363034c14f532f45aa8cfdad7

SHA512
279561e551996a03cbac5c2bdab9c8b3f5850a3e854673ffb7b7fc8eba57c377340036300d002a46fe4c20f4d1b5608ee37128cfa3d1aaf46a0d195b235354c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
32f1cd6b364278017a471f0714baf878

SHA1
ed5894a4449196d4390f9db5aece64a189fb99c0

SHA256
e4f3094ef04e9c6d989187a1c82289a3b7089da99c586254bf7b289a0aceb5c4

SHA512
d37f447ff4e5ac3dc62a148e94646bf2fbcd5ff96ce0e1b8f1ece37b8b4a2b2fa6565d958992fdc8bb110df277e4edcc92176578481732b391d76b2038d1be59

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3f34fd5b1a6edd21d6fad423fc8652c1

SHA1
432427faf341ed214be0b364a1c58bf51cc0f4f0

SHA256
b6a3609d5557c015ffda3805236175d985731cd25fec0ce06d843c1b14c38e91

SHA512
be8aa26ce569bf55eb95459a564b0a3db24f4191af7a42b07fd4fc0f85272520551710628c8a1eebd74f2d0a19f7498c4dccd045fe75fa49b1c109b4fb683a82

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5eabf42e1748ac971942ffd8b0782873

SHA1
d61f7b1267ce52e06f64e618cd3365ce11f57229

SHA256
755a5c2271bdf9cd9c249201ff11388e50d01d55407027a59248b7cec8fc3850

SHA512
4a35f561da81803de342e4c1d7cf0c4493678c5ad698d3b94c0ab945b4fcd55d1a9ec158d5effab4d7cd85a1346113f60d591018de8427eaab776eae4839e566

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aa7fbb0e0b6a5a741ca7e4667095ebe6

SHA1
77fd5fbe5e9ae920ca5b67fe02b439e0a3cfe2fe

SHA256
c1a777dd18fce492aebab78ee6d318fabd41f41c7c51b8e5c73fc5ec4ef9f5ad

SHA512
7db0ca762b40e1fc8b31a79a5a90f414356a71e62c2e8c4312e6d6cafaf1fcf1d5e7edda31986261ff311c24522f44c002d648b934471b4a44129f7634e8763e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6b0f4e8028a3d7de623d88234f6b2eaf

SHA1
245c4e754d2c1f2ef6eaddea52827f963d3ee08d

SHA256
7a13d43a1df7f52c5735f9302adb502acf850a03bc36dd1b44b503ea475626b5

SHA512
4ab26f792749395501a4e0b3b7e07df0e9b298e7dc0d8a11c2fda2ae9faa9495dca6c5b66c3c50bb07a620bf49546640e7ed1c33c943841a9742078ecb9a8ad1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f975a8b1d8be064a68c15d6c76a1f31b

SHA1
c931fbb7d33b3cc7fff61ba45cc61cac0e05a346

SHA256
1bd58d4d7e11324635d86c5922b35cce4d426f091477f3f359314f3c15af9790

SHA512
63a2448288860cf9ffd7cc99d03787e3a682edd7919f22787e4bb062ef722e24acc51d9ce88e71b9b77f08ac809ef2211cf8a4b771b8eec7bb0cc390596f534d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f246ae19f548d8efbeef6715fd939277

SHA1
f3f1a7a4abbe6d01010533f298ccbdcff052d268

SHA256
91575c51239835f555fafa18a7894b9c6fa6b0d3ac9e37c9d093f908bc28f544

SHA512
6526b77ff685a69e6b06ae7cc741ac27c2170acbdc54bb0954170171ffcca3bfa181fc70f93f56d48da6bc0134cfc7b617ba8ceee3db1fb638c45a0d81e4719e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B5E07AF15F3B6E48EDF7575279F2E80B

Filesize
264B

MD5
824c1091f718879bc2a6bb5284fea72c

SHA1
98a164da51be45d88b330d35f2303227a6e047cc

SHA256
e2eeef982431f8b384a7664bacff965e1a8a287e6203cd692cfae350bde21dec

SHA512
b65d0a151b53fd1cf384eedd86dd44423548e90cb349bb47fa2041c50c5dc9b3270b19fad29b5a27f4f827400c39738b6a83f2fb091dce6e2d0c3f60a2196711

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab7935.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar805C.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit