dbf8787615b4f0d059518a9a36548bb66bd13a51a7169b9259e90acce379c82c

Analysis

max time kernel
140s
max time network
147s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
08/01/2024, 13:37

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4b94d38547ad7f01e0e420c3fe782eec.html
Size

57KB
MD5

4b94d38547ad7f01e0e420c3fe782eec
SHA1

55b09a091d27183e470b46fba10bdae487bcea1a
SHA256

dbf8787615b4f0d059518a9a36548bb66bd13a51a7169b9259e90acce379c82c
SHA512

d22b1781b7c3c5660c2485d09aa4f3f2bbbda75a10ba4a545269e6f4370e614142401437d9e3c430ab707c407c7d59e286103fbfc4cb7a1ccf04c211ca72a027
SSDEEP

1536:ijEQvK8OPHdyAmo2vgyHJv0owbd6zKD6CDK2RVrolqwpDK2RVy:ijnOPHdyw2vgyHJutDK2RVrolqwpDK2m

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 42 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "410882926"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "18"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000429d3af34477a14f8b2dd76917334189000000000200000000001066000000010000200000002b7377546c6e29532ae347d38eeb1d878c0a97c4cce9bb13913e9bd33a55e7dd000000000e8000000002000020000000a905ea78eb25b58091eb69ba1d592586ce919fa03c0d84cfe793357e5f99846f200000005b1b6e65559669e885f2715b0783a01eabbba2c88641aedee130ac4d0c35a1cc40000000841f12b428b97ffad1f4a1413cb950aacc0939f8f92f1f0fd7ad96bdce9a3a48e76498e09204de856122e36ebafbbe0bffe58817a234f2f923792cd97b52cd34	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000429d3af34477a14f8b2dd7691733418900000000020000000000106600000001000020000000e84eddf401cdb37fdde8b4080dbe15e089e27eab68dafa1eb7acb2590e53fe5c000000000e8000000002000020000000a0e7945ad54538c3dbe88bd98680126103b15e81a8425c9229e5ad3e210c303490000000d359c15fd410570f3df5531cf99065ab582f67930f6702c4b8ced619ec12ef8b7ba9ab12dfd93fe1ee1fe097c09e2db868fe28f05d0655483fc1bd75ba51f99f02cb58c6aa8d5b9302a18029ec8d54cf65414f55c09b3cc8d74c2d12ae0cfc8eb94eda6ca9faabb0210ab208764073916760c872b548dc0541434e463e985aec5c6bd3c3751b2cf5ceed07ef91f8f878400000002f8f16c633c09b58ed8e665307f6275a658f56aa16d86c5a4851d676c7042951dea6666f2b03224b33a25b760715c153ec1ec321669c3b2c55510bdaee4a8218	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0443C101-AE2B-11EE-966D-76D8C56D161B} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00a1b5e93742da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "18"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1320	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1320	iexplore.exe
1320	iexplore.exe
3012	IEXPLORE.EXE
3012	IEXPLORE.EXE
3012	IEXPLORE.EXE
3012	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1320 wrote to memory of 3012	1320	iexplore.exe	28
PID 1320 wrote to memory of 3012	1320	iexplore.exe	28
PID 1320 wrote to memory of 3012	1320	iexplore.exe	28
PID 1320 wrote to memory of 3012	1320	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4b94d38547ad7f01e0e420c3fe782eec.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1320
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1320 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3012

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
e809a21a5c11e57bfd2c309579b99058

SHA1
144b7ea6d6c456e2376679d30d961fd924c9179e

SHA256
990a99426d6661944609969747cf737ea4dc7abaec66187b6bc79f9d394d3cff

SHA512
44fa8d6c03ead298d20b6f8016adc40a65c8b7e6ea5fe1acba1d711dc095c28006e9fe844e4841a2ea54bbf5f536f3b5f9c51a48fb42b42271d05ca1a91dd048

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3ec8ebeebb8bdae1c37c9d6a90851e29

SHA1
5b9db68b53d2c61c841ea084bed492e661c7bd6e

SHA256
6de0182d309ef42666d2c80536113e698d94bd2cf99841e98d0137f152d1e893

SHA512
a1e263c14ccd3c296242144cc81c21255a2ae282f541c698a317c12f703314477f498acf126547132121af1ff7ef6950ebdfe90f5166a702e69edb4c429978d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8e8f67b30d27a1febf633497c7f359f5

SHA1
810a2581ecb3acab48026f17ea2aba00d3f32fee

SHA256
c54c6a7e93775bc449f6839f1e9d3288683cadeeac523cb0373c6cbb9d7186db

SHA512
4b0c4e78e5afed44b15f92ee181771053f1ca97ef83008c6c61c03242d67cc8eb37fde5a0f99db6f043753553019a283b875c62b721b090535dccd39e0db5177

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1e0a7c063252dd65ffdd8d32cda90e48

SHA1
788d0ea4349541356af82465ce82ec5d2a5227b7

SHA256
8b2d42790940d5ca3a8bb36e4441c157146cddf8c6db6fbbfa48397ec3572306

SHA512
d07a240ef213337d8a2042b4fb31b33f854e73614641e7d2ae424469a8bdebf4530d65b382a36a4326baa005d6569690cd17e2c6f15f711c0b828974ef46b299

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eefa50a28d3a40380780efb200d985ea

SHA1
f7138c0b509b75cc5715736db819ec825211b996

SHA256
33e16f1f07e9685757f9a547fd9adae9bccb7ccaee354f04821b153ca17fcc9d

SHA512
b92f9c85f01c2a4961f121cb6dac7bfd2bdadaebce22240a9304cf1beb7d75d589ab6169c42f523189be6a624c104876b4cb7370533e231451f0e534d0161add

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
29fad54127129bf5ca29cce73f5675e8

SHA1
888bb06dccafd4941e413aebdf701769ff88c548

SHA256
c306e681e12124d675b11ba4593e274c7f3f82e3f64fa8492023868542b1271e

SHA512
9a559e0829c99992bec8cc1ff45b1ca0867f6f0454b2580e3ada505f959b165461dbc4b495f50558a4a09cc07398ec7fcede0c98e63da7d1bea49549226698d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ad42829bd24ec409a2cfa39457d1eb78

SHA1
8eadff9dcf58bc2194ec318ec5d38f3e21360f96

SHA256
6c6f7e009aa567614b6728689312a872ac845655fa831904423b990046cfd7b9

SHA512
70a9a679026f01b966d3f446b53f24cc28ee0ebfb97914c0436b50efa956f7fad5fb70f354a68ff2eac19781c3ac1b102270900935a96b10983f972aceaeac70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3a02bcbb6d931811ab686c1afc244697

SHA1
087509aa5720f870482576bd0afa981ffc204916

SHA256
e942276272c3f064d4995143a0cafb397b8af793b57cba5fcd6948c9832eab32

SHA512
2bb1e9e4aabc201507e700801966e7140e5123a56610fc16e5eb92f835757ce25153d117442343a9539d92b26a6891803e209acf8777bd02b66e0ce2646336b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bcf4d8429ab837ba5fbfced30455d9bc

SHA1
992bfdb9df36fbdf9be324451675e5f598f33d3f

SHA256
68c8d4791d8a572fe9c108a7d130b07e9614ec9ae51d4f0caeccd1b00ff2d76f

SHA512
930cf4a1cfaf22d25790ba1a54b62ffd36a5612b1d2a96167d35569508bdb128b7e48de073a672dde00dc06e09de3ccd1116c1ef72157cc33838276c1dfb267c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
afce49f6fefbc3e64ba43e895307dd34

SHA1
1a3e64eb5af4ca2269bae57960b692c3c1b5d416

SHA256
421e7ef362d5802dc13d64c2d0537585075e072784de69989a46fd300d57b8bf

SHA512
6d2cef67a320cb15065cbfef047355a8174977526534fc74153b6a2a6ccb0235972d897604bcd8f4da9941f50e96378b481f784a3b03fa7f5491c8a2d9e945ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
172cafe6ad770f479312c911d92bfa62

SHA1
ba6a8aa01609b28a2388bfa1d30f33fe3e6d9999

SHA256
ed065ade97f33df269f78cc070de86c7421e4ddae6cc22d2c1df695896162104

SHA512
3d1bdf1402f4f88523e09b044f85c2426ded9f84a69e768dac54ae39378fd35882a01162af59689f5fa410fda0e014f96e5163c613436c0ab2c686e45b06946e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6b3dc33a73cb1e14ccdefce7d0c83b0b

SHA1
3edd445809397c97d226c26b9563cdb340311fd2

SHA256
618d26c24d8da4b3a455dc726ea720b00824a3bb23c3235082e33086002b0c68

SHA512
dd157ec59589f96b09fdc1ec7e0ee40b35fe75067cde6fb027acedefbd49199b0e86d6ed686811caadb3622cad7dc23f1b83d1167455eea906591439c9bb9cd5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8a5c97f39a2a7679fbb808264625d6b9

SHA1
dd8abdac876fb81b8a5cf21523f7636846e669b0

SHA256
179d4d0038d05e05847657f083f495b375443e0892d7cefb320fde9316b40aa4

SHA512
a2107a8c5d9fa1c7f8b037aa83075e1d8012b86da8aec2e441bff7918a49dc9dbff3351218eebc5e3952ad3f884d691f9148e6904cd92774335468f273a79baa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
13be9c1679d1d7c1e791122d135a3191

SHA1
aa55ab453d126d6a08419fde40fa06b8369a254b

SHA256
5cd53a064c35af6102304673500bc63a00b449ed9ce73ea6f804591a4dca40be

SHA512
67f560d49a40dda2da4b4bd1ea28d16a75918727a473c070c721adad7ffdb98cd7e62174bd3a7d1f97bc8332d8fc3acfd00a82842ae46c66e941a85b04527cc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\f[1].txt

Filesize
34KB

MD5
306fb0b813b9206f465dd3a466978ce7

SHA1
e10b4d104b2d283f5243c0894ff18b7039f4a70a

SHA256
bdddc3dc3feb2985322ad5de7b1b93c431a59cfdd74449c0d37d2c25d8b59002

SHA512
649a20b7f7182be0cea75eaf3fd2cc03728fa33bc4757b1d4ccc38aea2e18e948201555d503df48eac70de0cab53a520ea9f2ce12097bc382493b882e5f6c152

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5228.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5585.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit