155f153b59ba2dc9f545081a474b9b86d3841e5c16778b580ed0829155d644e6

Analysis

max time kernel
119s
max time network
143s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
09/01/2024, 00:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4cdec4c5e34eb97eb154bc708e6e4cd0.html
Size

852B
MD5

4cdec4c5e34eb97eb154bc708e6e4cd0
SHA1

b8f7c4dec5ca25dc119b3cf2d085b688a316ca39
SHA256

155f153b59ba2dc9f545081a474b9b86d3841e5c16778b580ed0829155d644e6
SHA512

200ff38542cae688cc9de74b311c43fa562d0350028ccd6e5ae1f8bff3e520ba0c4f48ceebfdeb0e45849a99ce452573d714ce038bc31337fefdcb07ae48ba52

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002213d23592f6d648a137f9bf65c22cfa000000000200000000001066000000010000200000000fbc2eba417ee0e782f180228e214be3f6450cfca7c62535ffa896524582fd7b000000000e80000000020000200000002f26c490c4d0d1c7073d37c404098cfd876140804d374929447ae7733bf6e4172000000072617c24f916387f74f82c429b1a6f042b4e5d665004490b8db9cc3e3adfddab40000000fd6202cccd40ff1fd81990161e0e14ac8f9478b9aa7d012f31b00846b87588d38515e4e330f915b87f3a4154efd479dc6bca4b6546311ec4a913c0d60a26b351	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 3052a6b69342da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002213d23592f6d648a137f9bf65c22cfa0000000002000000000010660000000100002000000007a84a6383bab1e3418bcde03c871e153ab72e7eb28391461dbdfab086007e52000000000e8000000002000020000000a12231f8da82a2618124661439fd1b1182e3f54c3b0060a943d49f6f6e61e152900000003b6762737f444400705b003e741148c270102d59dd2899dc1ad9e651d3fbf0a617787093e715e0f271db850a56eb817cd3adf566c7fa9a697811f57fa8198e215a9dd7250031324f5197dceea5118f1e31a916f7e2f8e7b0126c2880705c15da46dba2a8eed678b43c41f077dbdb8d0f96246ea603e5b741366365b374c1ba530c164e02fdb143d958f1fb42786aa6694000000027140e3ddcbbd24658b11b52dbba792772022584f266ff949f62e820cd8571343b3c7e78dc4a8212d402755b4a0351ba517f4202982414faa300799662c9801e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "410922383"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F118D051-AE86-11EE-9DB1-EEC5CD00071E} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1603059206-2004189698-4139800220-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1700	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1700	iexplore.exe
1700	iexplore.exe
2340	IEXPLORE.EXE
2340	IEXPLORE.EXE
2340	IEXPLORE.EXE
2340	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1700 wrote to memory of 2340	1700	iexplore.exe	28
PID 1700 wrote to memory of 2340	1700	iexplore.exe	28
PID 1700 wrote to memory of 2340	1700	iexplore.exe	28
PID 1700 wrote to memory of 2340	1700	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4cdec4c5e34eb97eb154bc708e6e4cd0.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1700
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2340

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
feeb67b97b2f1be12a7f4789f8429ac6

SHA1
8b4d152db1a6fc0f309cf0db43d3d38b4284c943

SHA256
929f1824612774d7c7cce3cba22c47dab07f814ddcdfeaaa3175541943099433

SHA512
6e993d3bc45a093af9c7d0daa6600394214013a24444e1c1391495aeb69b0e80d070fcd45abb66f100dc2fb83f3aaf11e98dc584616203a0fd97ccab49250b50

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
56669a6c26fe0478580da0f69a927a52

SHA1
47073a0077dde92c2f78e9b56ef2826c3e2e4afb

SHA256
863b201e246c22e3629cc11f52defe5052fe2dffd4a667f1d1ca94255d9cfc47

SHA512
2927276a41868fc5d413ea11fb8fcbabe8872a64cedb5a5756635a58498a6873bf7f420fdbd276be6e43c85fa6f528bc9e87e20cfa14a886ae4e5fd67443f543

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
65d5e9992a1bcce55f7e7f32b0bad82f

SHA1
b3fce842b0477339f4df135ae8161f4b0a6582e1

SHA256
125ccf487d5e62312290402fbe5ae5009b9d6180202e2215e85b9087386966e1

SHA512
e59aeddf2e61cd205ebdfc24eb505709b8534638dcc194f4f1021fa7e91dbf789f644e066639f93e07a9018235a59927fdd8cca13cf4716826b325eface57a04

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e8fbffaf7118c592f0da7ee4df82db6

SHA1
2a0a33a2a67b2016e13dbfee12471313a19cd582

SHA256
5116b33d77f09a4608504db264160780901ed2262fa18d0712383a59fc8c62e3

SHA512
5c4ce93224a39c7d9e9a279dea1bc31476e1ace2721ecdbfee4fe5ac1d7ce5dcdab32c0c291d8fad18c639ac6c10d064b5c9b0ea311a81d5c4edcfff1747f5e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
97f64b87157527b513b3e6f903d030e6

SHA1
ba0dba567508f11ed633d85c57e0477a0aca7542

SHA256
0299c8b8005a44e0fb439fbff6ecbff7de81b576c9e7a62b395a32b89839ebb7

SHA512
b99df71db5bf026692263d25bbbd46ab6b6127dd87c0179404eff0fd47a24d0feec2684f55ad0ebf864e6ed194104ff0b59948ac1fb4b81c6005f4f7de71cd21

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
735e1f879d61ef6e6c2b251b8759a8d0

SHA1
b165340d1179438a21eef3aee2d9b54ea1d952b3

SHA256
b386451c612a8b6e905ba55fadbc0ad112316503d35b6e529d3af8a68b0f4c26

SHA512
f1c11d612e75f244d173da6c10ae92b30904d407ebd71a9a92d7f6177de2d03155d13848a6757caf45e27d718ab5047efe56bd97e5ba55b1e687988e600f915e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
163df225a3a0cf25de8a9b9e57ce9a00

SHA1
97dd901f326808f5e66c89dafa7d6b8c58a715a2

SHA256
87d394ec6661dca763bb4556d07f9154a3773e0f9273baf9e2f69aa980294d0c

SHA512
bf77dd5a19bf7ff57f1759fec7d7a03314e5d7ad801b564324e567337418a6bdcfec235eb3c9f5083c5d7aa084827842ce5a9727e5348c9e72ed5ca0c1a73001

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e38c6c2deaeab9fc1774b1ad55cdd972

SHA1
5115db378f630d8157468caffc846f5c88b97bcb

SHA256
bb0d432c32a8d19128886e11a79f555d378710b0eb8343238c9e7511ce788b4a

SHA512
77d527df436e35300c137e1b01370aaf9892c3737f42105b8fdf2c0093d7c519ac0f1c7267de4f7d6a1f89d7b9bc28a7fa200f65bc01d10b0d942053f7b99a8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cd8d8306e032ffa5eaa716cf620f150c

SHA1
8dfe4d781f08f6b8efb51372936a16f8ab28473d

SHA256
7c54d5782d3fa5a8412527903e0ddba569fc6f3a0336bdb04273d097c038651d

SHA512
d63681d0aaf8388a51bcb08ba9cd669f92ce64dcce0b801d5ea088499cacb6414b72d99cba4505cc601d0dde1b78ecdafad49a76c2b36351faeb846c87d6aec5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f9f5d3efb0cd84d5f79a836313b50042

SHA1
949e9f30f0485863c19cb2de2f13a2e8656ca39b

SHA256
a2c5d6188938f7448e06e7eaf33c478595e54ef3286d4d29340d751af275b371

SHA512
f94a56a2cfa6314caf553af63c3af831daec481715ecd8368dde77a079cd37c6d38b85a801196d27a543e5c770876512cd24cb4c05f4474ab4610491080599f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
559b743cf2bc79c139f29cbd113b7346

SHA1
f4d6d2d824699960e4960d4afec1272d2160cbdb

SHA256
7f2b745b7ead2fc2c38692161aa3ae30e44070b061c2477ecc3190e5ea4dabea

SHA512
ab7f9f46b5b6e71149db4bbe06a9b3320d5de97037ece0712c2dc446a744afac4052039346c224adff3c9bb46cb9f5181002b644a3120b67f2b4ed97c96c2e2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
42e276259b83b4d78bc608c6337ae191

SHA1
aa5922a195e421801033a05535232b8ce13b446e

SHA256
9639deda03eadc47a7f3d40a4f03a511e2388498ba043353b58185e2cfa95f99

SHA512
708abe0f0f432fc3c028004f617a92d9ac05c961ee47787b78c06938ca8135ae78af5bcfb72079ce89b4f88aad257f192affb7734464831266c563d1cec19551

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7ab2c00a26b705080cdfbfc29067b400

SHA1
2530194e3cbf4a2e44bf7232131efed0ddf132b5

SHA256
2e640b7649c9a7d17f4aacee3092e783915a1902a92e7533ecd90f75a8ba9982

SHA512
ff698d526f99021fccecc7a8f9b9e873fa19994ef92efcc3e4f9028ae7de184b84038a1e8a109c3411137f85a87c1c45db59903667fa4cfc54aaed35020993ec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
378c2c2022e3d97dfb3516ed70a378e3

SHA1
78402be479f1105cf6874e29d231ae5345024146

SHA256
b55b58b921b7b7de22cb9d9d1a14e2e533377a1beb2f8661278454370daa3b40

SHA512
00b4a6108c008a1518f78b61de073b62d3c0f57d9b9939f2d7a8df9dbfd94afa7e787f7799eafbd5c3042c551eaa342755fb2ad7578424be9fd7d55bbbcbdf48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
17badde35752c475c56bff490d38bfce

SHA1
fa8cb848e08185cae50a0a4e61d90522cb403c92

SHA256
e582f8d1ffac7c15097e31523f0d7fdc8170dad819cee227a97995cfa11be84a

SHA512
710ba92868ef260e06b15de8ad310cc09f7f460556e6f887e79e5c567bbda1ab5589ee009f6f947c850fdc7064c3cab916ce17f808d4c21c5003687b8b3fbe59

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4da278fcabca30f1ae52cac9d46f2464

SHA1
d6025c6ee1a072205b71d0d1d2748a130334ffcf

SHA256
93830e945a8d95f17fb6671a17b28a7a170aead0b476b3186e3099e42530b4eb

SHA512
170b6faab4fccd1cd105ad48ddc2d47ecde80371cc278c117418b240b1b59668a53ead552d5eb698711f7561a833ab3624cab8edcad0de2778081f2baacb8e25

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c83cededdccec5bb17bff8c71f908cc2

SHA1
7e6b0a3f1376359e4437eb56369c40dd16e07337

SHA256
485207dd0670ec27263c03a9b6b71ae6cb74eac7ad5e950ee8e189f94178a112

SHA512
8e7f953ab3364aeb6b8aa4e3af0cf6b23d45382d87b63b1a4e00f76ceb600bc0ba4c9c7167bc4f1e81c4f42caf8edf50d4041dedd28b1a16cbe4d5c11819017f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fe190c078a782927746f859d028f1e2b

SHA1
6ea365f881f1925679593a17bfe8b27b61c861a9

SHA256
280b6075678536e367bbc18bf14c0d8fe24aec60532a893d5c9358baabba2207

SHA512
9e39bf96ed297c8647bbe1c423a178902b2b1f7b63c4c057da9d18b3d293a6d5deec6c976b02f9e840bc53a81c297aca375022bc05548cc138aac578fabff41b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab65D7.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6647.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit