8d80f0de21c4825a5c366ee3243819c625509854ce0ca9ee7b90f8bc42e72cca

Analysis

max time kernel
136s
max time network
132s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

75068fe814c79f74ccd9ee2e765064bf.html
Size

86KB
MD5

75068fe814c79f74ccd9ee2e765064bf
SHA1

2c4b19ca3379c12c96bcd74c3cc311726875deed
SHA256

8d80f0de21c4825a5c366ee3243819c625509854ce0ca9ee7b90f8bc42e72cca
SHA512

31c22fc3d07832e5358bd61b22957039c580ca2dcd33cd5e2b085aa356a9c0bab0afc9971909faa96bdc9b1e27b0abd874566ed9a57b6eec7b2fa8b72c5d82d1
SSDEEP

768:COfiAPMz3kW1T0YRwTIGmuG0UwuifeRoXP:COfiAPMz3kWWTIGmuG0U3ifeRof

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008dcd4c448ce8fb42a8f577f49cde6d300000000002000000000010660000000100002000000063c04925b49f3c630603347abe8009ee272c120103058d60203bdd764ee01b4d000000000e800000000200002000000027f0a77737127b31b7f021cb51c5d2c323135f6455da7c630817a6727134285f90000000e8673cecc3f5d45db49069567502174027c551237497c3d2a16241bb32ab6e5c7bee02344bf927ada2249cb7bbe8e6e92a841f8c687fd5aff014af989d1ad38752489f7d7b1b0d5c51aa8eff1cf233196048e2982e5645e8260fe81c48c511d9082d772efeb09702782b6f30974531cf30e943f0adf739270d732b91a0c9db1789882cc037b67b47e7ed4c4bec80ac98400000009b50caed1cfc28d47dc79d55e01ef4e4bd67bdb1388f67a02adf842deff5fdfb2e37c5707924b411f6ee8360ee9ac7e34338864fdd993637e192c6751d1f72e5	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50a45481af4fda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008dcd4c448ce8fb42a8f577f49cde6d3000000000020000000000106600000001000020000000608072882bf90c2d23442ca389c68dd606d554cdfd6a9ee4bb84d672f9f712b9000000000e80000000020000200000000c8ef6a040debf55fcd351ac5fde702707b1c6ee0326149a9108dfc3755627b720000000cfe2f7bc24cc20948ab2940a4f2fc0a21e20505d9bffc3245a4bbf3d14fe108640000000c3eaf1de77f509398271a7e915a5cc12ae9a0f8cb207dbb4fdc93dcb86408d5bc9915bfaaf4627dd38f97c7718cf35aace163d86497f82eb85b8095aca4140fa	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AC14BB81-BBA2-11EE-B665-FA7D6BB1EAA3} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "412363653"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

1360 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

1360 iexplore.exe
1360 iexplore.exe
2688 IEXPLORE.EXE
2688 IEXPLORE.EXE
2688 IEXPLORE.EXE
2688 IEXPLORE.EXE

pid	process
1360	iexplore.exe

pid	process
1360	iexplore.exe
1360	iexplore.exe
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 1360 wrote to memory of 2688	1360	iexplore.exe	IEXPLORE.EXE
PID 1360 wrote to memory of 2688	1360	iexplore.exe	IEXPLORE.EXE
PID 1360 wrote to memory of 2688	1360	iexplore.exe	IEXPLORE.EXE
PID 1360 wrote to memory of 2688	1360	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\75068fe814c79f74ccd9ee2e765064bf.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1360

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1360 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2688

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
1a7e06f9e2797bb8878715ada659adfe

SHA1
bea3204bc2628e49d0dfb2f4e435f9d6c049fe98

SHA256
143c063d3980bc453a6d8eedf0117dc8cb3cfb3fb4e00d94b03e53f87f702ecb

SHA512
4864061432e6f14e9ac4611fea97dabd50bb9400d3286351e5e23ce17b65b17c7cb55c13cc193d30bc9597f6df954c3a4116209741e8069017842d455411d96d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
cd71d9fbcf0536990c1fdd3b092514d7

SHA1
bd36c94452dff3abf9a4fca87dbd4a6de10848cd

SHA256
3f8dcdeb5cf3b8fb8f7c3a1a5aae54a57890f859ef920ce4556d177da4221241

SHA512
e7fa04cec61e3c6f2d0f07b52f19b0053f721672d0daeb1cb027e102100be4521e759e67c377255c04c5144ffd4d6ac4785b9ed8ce6df2a837592642ee93d3a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ce38bb4c9929ca6354c77966a0bc183f

SHA1
294bcab8b6192991b2fe2cc60e215b57a075f56e

SHA256
daf0f6d5cc46f4e482f82d24382f44ada490edc05b74a204a8dff7a1f7607303

SHA512
3734cc099f431eb9a89fd03d301ff10a41368aa6d2f8ff4b45c2da94c5d8f721bdeba9e772fb0f87b7d3223359840a94415c7e7d7f819481377ea85aaa14bbda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c083b0c5cdae944a4e90639aab2cabbe

SHA1
d69e4d464945082f3dedee7ca8fa8205fa44fe19

SHA256
59e3980677d362a982bf6c423b659e77ab8a69277847ee797d6f6bca0c15a09c

SHA512
8b4623069fb39f34cfc531546047a75577499d2187a16b5f9c0ce327e1e4acc3e608c041b9c0fe125e3872c58f19d20b6a978fc984949907953c873976560eb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
438f24cb92f04d11fbe4f0d8f0cf4363

SHA1
8d85640867510c135403342040f913be389a367f

SHA256
30844194bebb99b54d8b4953926bcbf89d19868c0c6a84e7cb861228da9ef825

SHA512
b6878ad99b0d87697f09e540ffe6035c5ed64c710ac882073b015df0d8837e3f10dfc54c53242cc9585b3e9f3b05422d67db058420533863b90c60657c5b4986

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6e849de192946684e622f537181ab226

SHA1
6a856d7d05e79d9376d8b8a63f4554bca26a3eda

SHA256
ead28fc00656c454a0d61591b108cd0fcd7f4a0174e95f0009d38cf0106a6769

SHA512
1bf49aa31d8c86ff0923258c46a58a12a340bf2e782321a17af827417304de3a49f29aa579f638a599f7949cac7d6b16334ebf3c008281094e52d3c37e73d86c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b4e611ee22fbb04a42ef4d5c3bfa53ef

SHA1
38d5413a6926cb5ecc961dce5eccaa3b2216552b

SHA256
27eb2617d52a1f9067546b09d81e7641d6e158b70bfa197ac7b687d661b65f8c

SHA512
e52d8ba0604a924b14af84a0a2487d80e42e67c2fbc7d10c4be79069c91772148115539975cb21fa049b8cc63d3b6413b820d88553530f20d1211dc5b16b2672

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c440065eecadde29085a5ce9e7661732

SHA1
0c0383d21173130295ace59fdb87142d34e9cde4

SHA256
87f910c10ffaf49040339df9fd9981fff81320f72352fc139329b367a9315ea4

SHA512
26b18be3bc9168ff2ac37a45f10d4f353efea8b074931abc21b322436f5a59887e09c2dbfff54862e64d8a6543d2df4d46e91374879745a396e7c6d5a797f906

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
851307e02c39ab0b1c97615e0076855b

SHA1
f8502ca8756e13b3753f6433a8b77488a5c2f795

SHA256
c54702de72f07bdb2bd830e48eb1f07f283ce33bc3a4dbef7a03eb74770e8213

SHA512
788487af41bace17debd595e2151bd81889dbdd10754fa7093f1b4eab7d8fd8ed9aa0e9927347ada2470373bca2d0f9a470312004f6f64d924198f619642c47b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b034637cb985226cc924a25bc405c2dd

SHA1
5a8332a992c63bb512262de14438438adecf6ae2

SHA256
1da260e21af7a0f734852064ae43cbb27b1fb5c95fa8f5a25564069451cac56b

SHA512
1ba623fb7a40666b82f396e938d300411db285e3da7623269ccffe63c8de14cc486944a9492fd5c5872d172709a3837a307ac5061fc08fbbf3ead5b3cad903a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6f9c649e0b7446ff87ab6ea53d64107d

SHA1
338c283f42c542bbb57b833607f406d40020f07c

SHA256
39ff107ed0549470c27ded67530e027ae17d924137806372234b9d166a771616

SHA512
fe0afac85a4bdcd29c56f9c0e22a5e442af9bba6d33628e3fa8ec4c01ac43aeb57c6f8727101ef1a63605366af8c0eb3d94c363a4b42a1f541ed7dd49cc73eb1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b379afa826f6e76919e5e8564ad39801

SHA1
b04294e3a2e4513b659355bafcabe446da531891

SHA256
9c8832bd55934eeba9e0766e1f7bb1931a843fc9f4ca7fb9a8ed2437b04fb30e

SHA512
6f5e4d796abb7ab529ecbbd1d3c8f01858c7ad8f8ddcdcbd85230714db02c87bdcf06e11b578bd5de67383e8476c8e2eafede0f36cb323335297523b383fa754

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f6c3d4db8f741abb852aee04eb732bbd

SHA1
854d9bcefc0c6e865b156f406e79a246ab483dae

SHA256
8db84e899a736b37f81ec0c4967a847ee8e2ddfdd32690dc2f08c90775d5881b

SHA512
c9566dc29f77e66726590602379a2dc2a5451fd9173a96c281c3457006392f87611828ef414d9ebd08390815167a4f224f440c029cdb5a1d83ee5def333454c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
2716df3f4d27ed9d2f3ca6da09561de0

SHA1
f1e10dd73a419fad88121c6176ea873056506f95

SHA256
78a1a04705324a3bb8a86e51c3db9b24e6258b9421e2b9f016709da22b6c4e7b

SHA512
712e8d9683f68e9ebb40cb9debc19c18ffc7c61129fbc920781ad3985862bbe0bee612d4b0af8913f6ab8cb6c734d1da82fe5b966c003ded25b2b5d7fcc2c306

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f1c0e4ed9df37fa5803f582b067f37f2

SHA1
beaf61cf72c290d65b9f18e30a17f2a723319981

SHA256
63a25f1650d47dc7d950f6ec19c29c4d5c2b5a0c46f94902389c8e14205ace66

SHA512
4ebd0c6e526e3419c974f1d14e532f799d7b19c7c992209f3a402c0329764843bb35bc801d56cb69a8e435d76f3a8ee5ab80b91058ccd0ad3b09438c934c1b21

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
366dd992196758e770269bc21904eba4

SHA1
cae070acbc61ba42f8ec11f2c1efe4bf9ac58d65

SHA256
b63bfdf534b134841c1f6e24ddd0d512e426c0e468b45fc90a5de896832c0aba

SHA512
50bdcc771bffbce9db7b6734e2cda084a5352c87cbac355490ff0887e9af035c970debf2f5665a54bc683627007fcaa510480cb7e5fa330cbae647f35490b1c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6a0702ac3ca5403bc828e987c8f080fc

SHA1
df8b55ce884a59781c41509719139a2c828af78c

SHA256
bed6f35b3bc9122029a71b68260f1dd473efc43be9202093a56c2bee99b28aa6

SHA512
21ac9ccd16fa330ff8cbec5ed2e559d4a31c900832c225043f50db48df23b21b7898f350be4c74f5bc630f6b6b3dd74690877badb9ef75fb60fa2660450c726f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5AFF.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5BAD.tmp
Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit