8bde07a90358320affe99f25f06f546451b82205bde4c43b397e5f6189000f4e

Analysis

max time kernel
121s
max time network
147s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
07/01/2024, 14:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

492ff241cd6d73533445cb07bef56a61.html
Size

3.5MB
MD5

492ff241cd6d73533445cb07bef56a61
SHA1

2a300e3b436d76097597cf470a8e30c3173c96fa
SHA256

8bde07a90358320affe99f25f06f546451b82205bde4c43b397e5f6189000f4e
SHA512

c472cd4905740953ba4ff383b93081c18c0aced624656b6c353627d41e6beac38313fe7c7f1cf060ea2a045e70cb0a030da51d966339a889484d6c0abcf9cacc
SSDEEP

12288:jLZhBVKHfVfitmg11tmg1P16bf7axluxOT6Nys:jvpjte4tT6ss

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A66488E1-AD66-11EE-9C0C-D6882E0F4692} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000566b58630fb3a044b91770fce5e9b2d600000000020000000000106600000001000020000000f262d291696f02b3c7752b6f13c6fdf8ec4e7054eb92c310e64219744d0c0caa000000000e8000000002000020000000cd222760c0e1eb5229c71ee194cba49fee6eaefa43e69238b9582052982aba6320000000695dc50902edcd8b460a347a0778fd06a53f80b52abcdaa0c1563713d5dcd96240000000c0567b94f15b5264f3431301f29b3f1fd6ea82bd2beafc89177549e5a6b00ea7d9c107b82a8263bf661912a70b140e2b5937621f835436a4fb2766b911e29bc5	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000566b58630fb3a044b91770fce5e9b2d60000000002000000000010660000000100002000000072382a687cbebb8ddb7494ff51d74e17d06448977121dc313cc20bc7818813af000000000e8000000002000020000000dee484d8b6d005e995e33b586f88e4cd4443bd267a2c358cd97dfe2847f306c69000000074fed2d5d1ef9c7c84cc7065152fd44eb9965d234d976cd29eb853367a974a4b167ccf6bcf55aacc8f680537883ede4396018180ccfeb7048139b88d03e3703c8edb5d89011dc37196f94aef1393e1e39ea294260c143aab440a6a7b82f95faef310c34682a63c2a041f0136cef80f78788d71b027c2270f4fcc00d1365db6e465279bf5dd917f521a005fffcab4722f40000000b92b56bcff17e7658c09710005c198caa190f33984fe06d802bd779d80bbae7ba58148914a3a9a8218cd43ee000cdd392a21c0ad23c986ead54fe45708f8b462	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00aad58f7341da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "410798562"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3601492379-692465709-652514833-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2308	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2308	iexplore.exe
2308	iexplore.exe
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE
3024	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2308 wrote to memory of 3024	2308	iexplore.exe	28
PID 2308 wrote to memory of 3024	2308	iexplore.exe	28
PID 2308 wrote to memory of 3024	2308	iexplore.exe	28
PID 2308 wrote to memory of 3024	2308	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\492ff241cd6d73533445cb07bef56a61.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2308
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3024

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
98c38ee159f360456daeb3cc10173cc9

SHA1
3981ebf1c708d49c3cde6dd58d4c12d9b3ae92f0

SHA256
93d27ab1391928f0dc15d811d3290b61c5b54b8e082a17e7f15f4fca56e2aa16

SHA512
34a843c9143c0df13c147483b7ae98bb53f1793be60d48e9cbe062046ab3f33fd11b6346b8d166071098bc92b8023592431e8a5e82a4cb8bf186f3930bad1286

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3a830e8a56096712cc8542e405c3a1c9

SHA1
03328de81bf738ef3128940a27ec0bfffd95de9f

SHA256
08e775796862c62dcd31b5e5a7e03508869347bef0b451bcad682ff4add5023f

SHA512
37f51a51e5ae3af4ad9b561f3ee893ce98d99223fc6541d030fd22ecf8add5162e626494d6b2d447d20651d41b00bed7b4e089c1de9cdadb87605559d68c4421

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a061e4868761eae286087d7b7e45f359

SHA1
7c512a0ff805571273c7c81aeceb0abf6e625c5b

SHA256
abe7d8a45ae011cffc1805ac69078d0137cb3446e8771ce5e76837ad5b5574fb

SHA512
077967a4d6abda8cb8b918add715e463e421f0dbdb5f90116fa0462ec922d1db6e990177eee56eb7a5580c9ba2087881cb5e672e9b05f04a81fa6f44d52bc4c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9c9edde177c8246cba3d536624d2027d

SHA1
db5e6f4473b7d3395fd757307af0e255fe8c585e

SHA256
462cdc40f3de62d34a0067fa2bcd3e635c05c8b11dc0c4aa94875e05c3943438

SHA512
bd5f4c9a8cfef0707146265e105037c5e2aaac4ce473dd1ff9b876f11ccab13bed7144f030570f525e110834bc805e8e23d1889dd97a95e964b384b397d6b130

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
42daeb9a8e20642595b1b0c0a46a979f

SHA1
ac4bcf66350721548c80673b8f71fb50f16ac468

SHA256
56fc5dbcb78ccc28a6b92cd9e9edb613930e70958e24aafc1e37fed0bb2ace90

SHA512
be00f4c2fcfe4e192bb37bb6317ba0ee355700e4f0dba21f65c82047727949e1cc11c4cd1ca3c4d73743e848498b567d6240f78270ddb07765f40bbb0f7ba29f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
536d62056b55e7a6430bd60b861d7ccd

SHA1
f4488a980455dd8cf8a34398ea1bd2320a41fb13

SHA256
5d10974665102b44d69dca475080ae65c129cc5c12d9f00cd1602170bb7561f7

SHA512
71e2c1dba9a93bde7b560e074dc7611365fffc09658ae595f9cb5d2fba9da3f9c70b7bd4c6b9227df9ac2e6aa6a9fbdf5d06614c250b353a69f6406f9cabb80e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
27e57bf2d96d957705fe75e4c0264629

SHA1
89c329b3485f1df72fa4d84d7be55c04fcae0205

SHA256
384e6197133503f6e0db6ce68d060bf1af311bdecf0f1675fd0ec56681715a9c

SHA512
ad563bae58524f5e84b9cc704285a8bfdf1d616f490e5b5938ce42c51b077d4932c1a203d6791bf42edd027a25ad55bb6c3849d891974b7e16d23c2c08ee7e6f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a40a9a95e7218356474367fafbc77cf0

SHA1
24cd49d73997dd778303e1654eb709f68b5ce681

SHA256
a5b6b318b5fcf449a8d386c1375b5755dda3d8e423d6ba91634abada5b117380

SHA512
b9a5eb4632b069b270bac5cd4b092a12d7c79949efb56c401a26c6e55d1189a24a4b0416b56dc839ad7f414f343defccfd7ebc0409f47b180190a48a8f0a9495

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
087859aaf54b0142e577e117de45f17a

SHA1
19fb26ca2dc3d97bd450a0c1349b2a3ef54f56d5

SHA256
e58fad4f9206e722bd467a8a9bbd92d90d5dd2fe1d4bfee42412b877afdec5db

SHA512
b9629aa9fed744a8fbf18de397448e2b8c332cd61e3ac8b7037cd55fef3521b172a05c7e724cc67eaef501bae3b030ebc39ba01e50adc94859b72a1716a70818

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a0814c3d0db9800f513773f03b66f114

SHA1
ce5e365ce8f85caeb29de6ca3266720a67fbe9f4

SHA256
0749ee35d51b820836cf209895167c21401dbe045932d450e13c6ba7a3cfc67e

SHA512
c60ea435fc58934eee4ba4ed308ab63afbee88767941b229db03f68991c88ec12070dde27d8683e0f0b46df3fe0403fe79c00c8bf9d572dc3b30b5447a74b63d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0477d8627fd0bba7ad46b42400d450cd

SHA1
90e5c92227809c772a1a82e176bbb499465e5fb1

SHA256
a20143ab9343b32672ba57e2fdffe16e788c41510650e794296e0e6e11ca759f

SHA512
577bc8d11c3fb866b8992bb08d4471d11570c86a023b4ee784804df71b4cfbc744a8ed4ee2d4d0ad184dd63419164881d6afe24bfed60bf6bf32d0eb546db952

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4cb8314c8e3d5f0129579ff19a26da31

SHA1
94f0d6e76d1a41cb69c7e1c8cb7a4be078a36caf

SHA256
b6d5c56a732e6a39b0a7ce32b09aa22640671810452010a8552acb52f103606b

SHA512
bb9ef4d62eda587fa5cdea0e0b6c6b92f526433698c4994f5b5a7057207604e16b8ad4336d16d38dac5150bc605af2c5d8b0241290aca38952b985e1d15c3a1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e8dab2daddaabd33bbc5c6748af687b1

SHA1
1c76eeeb4da444d24b044ff202b9dbb13afc2f23

SHA256
af02b47c1df8074253889756017273b52763468b81878f26165254e34f28d876

SHA512
63774232642991a08faabf3065317a90f08cbd589cffa18e95ba906239a92622767db835f81e9f3dfd29d4064d3608d5fb0d77bb11969e5d8d0def7ece55f125

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dddbf69a077c0ff413fa51e481e15407

SHA1
cbb6132896d392864b05ca8bded440dba44fac77

SHA256
7c2c8e4c3ff06cdd90e3b26bb847d61a5f5e2d44c941951020e6a461dd49fd11

SHA512
d47368498799a0c8f652a64409832e33576c16c2812f2863b5b5760181eab4bdbcd1d2a3517b6e6f6f44ef7f12e4925989a8eed291cbc6097e763ed72a041376

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9f34f70f7b52421926b98fcaa2503169

SHA1
ca17d9f725a9eb4654071227a5ba166d4b325c9c

SHA256
60c18e09f89af791037e9674fceb2d95c8c8c0353001cca91f061404ab44e3be

SHA512
51db6766163a9658930d787ad1262f659dfc6fde2ae8f8ec7ad2ea7b64519000cae8920cb63e455eeff5bea25e410ef9236a59566d453b4d90a42c9a5403b7c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\jquery-3.1.1.min[1].js

Filesize
84KB

MD5
e071abda8fe61194711cfc2ab99fe104

SHA1
f647a6d37dc4ca055ced3cf64bbc1f490070acba

SHA256
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

SHA512
53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\beacon.min[1].js

Filesize
19KB

MD5
dd1d068fdb5fe90b6c05a5b3940e088c

SHA1
0d96f9df8772633a9df4c81cf323a4ef8998ba59

SHA256
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

SHA512
7aea051a8c2195a2ea5ec3d6438f2a4a4052085b370cf4728b056edc58d1f7a70c3f1f85afe82959184869f707c2ac02a964b8d9166122e74ebc423e0a47fa30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFTKP12M\jquery.min[1].js

Filesize
83KB

MD5
2f6b11a7e914718e0290410e85366fe9

SHA1
69bb69e25ca7d5ef0935317584e6153f3fd9a88c

SHA256
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

SHA512
0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2760.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2773.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit