403c2c364a3f5923157ed584c317a5d8ae5c81b2d902897f7b3b6a5cd4200ffd

Resubmissions

17/02/2024, 16:03

240217-thhfeage4w 1

17/02/2024, 15:58

240217-terjxaha44 1

Analysis

max time kernel
119s
max time network
132s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
17/02/2024, 15:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fOyTe1.html
Size

512B
MD5

290cd922cdd310df0bd644fd5c68da99
SHA1

030f04e1be280673615a43a11b00a3cd0f3a0ac0
SHA256

403c2c364a3f5923157ed584c317a5d8ae5c81b2d902897f7b3b6a5cd4200ffd
SHA512

55ea990a4e084e80f6cc11429b292d3f3fe0e75006870e3c46fe5fa842600c452debb34d62595a6656c7c1f8c45c11cc625867a812e446dba83929f832075546

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008dcd4c448ce8fb42a8f577f49cde6d3000000000020000000000106600000001000020000000860da798b0a1ac5ee2286cbdc18711e19d22b4a725aa2b2eac924bd5cdfb1d6e000000000e80000000020000200000007ed4eab97b7411ddb04463b50f55a99cd707d2a9570f2a76fb42d465618e37bb2000000076ff3931f0c8622ce88f641c70d789ae0e58be4db5a117daab84e576fda61dc340000000328cfb32a4ac44f925beb3b8ed84562470ce5a1116b33a0258c2e5d0f7ead8dffbab9861824bd7b632d75af8881a867a1c45dcad7647568e17b8d4b8aa2887f0	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10c33c4dba61da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7896C881-CDAD-11EE-8C17-6A1079A24C90} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "414347412"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008dcd4c448ce8fb42a8f577f49cde6d30000000000200000000001066000000010000200000002004498720f16b7a215a1c167222002868457c3869bc3a4369f072fd6fb08288000000000e8000000002000020000000f3f22d9d1c08c5a2fc47673f0a517fbd9bbac715c09328eef9dcc1654e668dc6900000000b2f64947398e0d3868b6a410137757c118545356b8f3e64c0b6bc4d0a2a352f54273b676e08e167363c9a0641303f7b047505cec0109557c27590ed0d40e428873969cfb8721c30e885d26996d0024f82ab3d2fd74f8d3e37df8c605999bef5a8939f1454b020107fb1abec5b10842eba60ef0203e73a39e601377d85fdeae7cc3fe3e77d1a3c17258237348e1fa53240000000728a706b23c332434e1b0dddb6dc671477148474b9a29a9932c583cd6fc672b10236a220025d8a8e6c5325d3b53530adb85777026a0f6e87518b642e74a1d5ca	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2472	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2472	iexplore.exe
2472	iexplore.exe
1956	IEXPLORE.EXE
1956	IEXPLORE.EXE
1956	IEXPLORE.EXE
1956	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2472 wrote to memory of 1956	2472	iexplore.exe	28
PID 2472 wrote to memory of 1956	2472	iexplore.exe	28
PID 2472 wrote to memory of 1956	2472	iexplore.exe	28
PID 2472 wrote to memory of 1956	2472	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fOyTe1.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2472
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1956

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ba062cbfcfc038db3e2f3979fd664f29

SHA1
a6b7c7799bd9e956548681aecb3a80e3774db8a1

SHA256
9674995059f5343ee205234e165dc9991badb41a5650cd496ca1ff2a8b6318a4

SHA512
432d8a7f24074b0546dc30dbc90f0b198ef53eaf4c78f8719b4cfec99846d58d08102c36c53d3a8160c16f76fe3c58af4803831feac77b46a17a78383462cfd7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d99f0a214300e7529baf5cdd0c4405bf

SHA1
98deb9136f7afbaeb6b6db172854926cf4e01b85

SHA256
f1691a8ecec89cc5b80a4b1e179d7cd5aebe5fef62820c72d93aab579ade6200

SHA512
244b24da2acc43af0ad6c6eb05e2c0142b5dac0a8f116d8105d10962790a88856bc47334314f4d99f7ac65d9f9a29a0fe939f7b1fb1df5c466fe9aed3e3b3913

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
11b0dea9158d5de6ca619656cc290ea0

SHA1
5235783bc33de5799f458a297541601c5e65bfa2

SHA256
650c0015a2bd57ca84910196555d83841c129e42757d1acdc9d734b7ca6595e4

SHA512
3230a97263040644f77cde526362f23fb3e11d988e880c00d7228585b54dadcc8ad001452162cb7263a55f2505720214a1f2d20fa3d8495de6f79574273b9f37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f1e98df592bb718c1401cb636544c9cc

SHA1
41475f1475140d080666c303903374428bdfa069

SHA256
3e34e13f9e05c9e9c4dbeb6ad6d2f76e4b7e77956810bb0e3151f797fb337c78

SHA512
423134f364b8df631a1cb8a9a753c555a016c486deab2ba09fb901ebb3a73ef34afa4372a9df912fed4da4700b6a51c8902e2f84b515d1eb8e0c0e4204c3bfcb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54d610fd9d654ad7e1498bc97100b748

SHA1
4587a2e99b7314153c54ab64bf29b818c77619d9

SHA256
5cb3aa13a71bbd1264e1a9b98748491b5898762a2d84a0bac7b128c2312761c1

SHA512
a002abb59f191331c8f21808352648e5fbe7b4760f4ee4b4a6fc893109e323b466c299de518c87517ed174f056f126c775c2bccc4efddc1e2a9c836fb200708d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8aea3e636099541c8b3577c45b5932bf

SHA1
f7c5025b00980360068be3c43b59e094cc0ba044

SHA256
0c7d949a136a90c6a80dcf483723901a77f430b0e5df9e4776c39972722301af

SHA512
26d171ee613d23eef87f6db3c57164516d9fca46265b05334a06e80bb81b0e5546363ed2a7476764c25e9c0d6968063ec686e342483351ca998eeb8dcd235aa1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
74ed70cbc6758b6ddbe88c3a4c355965

SHA1
195f954e081945470254ab0b92ede369dba8895e

SHA256
0b2a0a1b5b221d2c5095b42016d4f9112198311de0c76d0e7754f1927a5bfd7c

SHA512
a56256cfa1070b9b9bddfa4e8ad037ae90f93a7f51f85544dd844362fbbddb0fce35a866af6fca414718a3bc45199d8e772df441c707e2d7c86ebf020d95de9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
12e0fbe6dbb607e3f5875bbd1d927de8

SHA1
7ec9e49d81576ae48c8b2a3e662e376aca6bac89

SHA256
f356d0baa4f0badbf697dda134547b97d7eb6542a8cb507bb013478372eb7e8f

SHA512
01439546502b1e7b7e430824051fdd384d19a782d3a4aeaf6ceb5177492d6d32e83001804595cbcca3b9043d4c1f88ca8b12a2125c344e62677fcd36034f7538

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fdf5d9f7510d229598e1c8e2a478d36b

SHA1
a5a7940a30abf01b3a9f60075d691495e61a93e8

SHA256
0b8e65ce6717f5708f579dd6afee1f96ff67c548b8efc9d7f894382e854e1527

SHA512
aa618f4c451f3ea146f0144aed9aa407f609e27d1665d85241a5cd502b27befe4780b42538b5783cd78d73494d2a497dbd0054a4ad62882b90b0108aec2b3e6a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e9859e3b4d4fab717ab7250160b308de

SHA1
274707aa19fc9b186e4d1286d27e1731fd528b75

SHA256
ea81d1ec63c1d75cff51e2d6456ec0842c12c26bb5576bff147463bd588b1d73

SHA512
6b2fd156cb626e8ac80a4a02805ee99ce1e598715f82ec08021a898a6d1ae023d1af6ae11ee59716d694ea639188cc85f98fdec9437c383906aa52b39d215d60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ada3a4d7e254fb4c4a093383cdd4a204

SHA1
8ef56d08d6c35261a7e727f8348f4db07b529848

SHA256
ef99b11c34b2715745115bf41a8840e0fe98d110f62da152b261455812c5c243

SHA512
19dc43f4950e61ccca28fb3283525ea8e79c39092ee4cda153692c64f6469390796542975b182fded1fe05caa28ce99587bd4d3f695c4142adf0fb6bf6267daa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
aef9e5d7db1df558fcde7d96afee49ef

SHA1
824a201d4d1cccf6814004532b3d5ca088531d2b

SHA256
d8293f4387c14daa94805961eb01aaccd5a8b45f6b60b1b3eb581d5dff65d1d5

SHA512
05cdd482f003cf1fd4f96fd3adf62d24d45963fa8e85a9a776859f595af04606aab82a0162dc8efc923e0710d367c08a6928953b7e3885f0b88f60ae78ce0a1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3074f45f0a47ab65eeafb3d73c1198c7

SHA1
f02f65480f7210c5e02d76160355435c0c362cba

SHA256
4f02b1cb2f4a87576e1bea7d51a2e6417c9167e480cc35ae0c1f8d211502d9da

SHA512
ae61dbcd0e05f20c220a2684544f48d0d8a95646e750434015779344ac5291860da0c0ef98f2d0c058a6f60096079d5c00ada5bfbbebe0381ca6ab057585091a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2a2faeb27a7b0a532696102404d1c7e5

SHA1
316137d5fef9a956886b320f63f20a60d807d300

SHA256
f586e3f4f51f7d8ae31998d9556b3981739f4c00be139982dde236842d940bc2

SHA512
300210739a276f4d3c51fadc0b4abd1639eb45d7f194e6f58cc8431da7fab033b70cd23f050c913307557de74c6c97fcb504bada2ac517baeca106b4037e0363

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
da8c83fb107d3c36893dbf934fce6e63

SHA1
94becbbb8aae0446e452ca1b2524bba5786d11f0

SHA256
697b6627347231f53d90082df80f9c51ae785a9324984db2d5c86d3b185e60de

SHA512
d4efe0a954f686725ad12a59a9ff56683db5edcb60603043ebec18671d32fa980d4a84a0396a2eb215b1c1de7cdf553279657c65be0aa2d57ebc8018423b09c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
24bcdcd668d000dbd9f6d86b3bc98e6f

SHA1
69808c2ecbe2da6f6eafee704e535e9b9816740f

SHA256
18487276ba16279c249f91ef269fb5fa74486374490256e4ee291589a9120d2d

SHA512
5bc12f64d07981c5ccf0c360d296f66e4582952fd5161e38f36a213aaec9bce1f90d3d11690bbb106f336f4f408653b67a2b56e1847e4b21e4102158192251c6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f4bc0f557ba61ea7279f7491dc82d8b9

SHA1
bb18bf61b2f856456a97297fc89ee9495f32bbce

SHA256
0c42ed395eb75efa17a3c41b259c27faad4148fd0d1f227a88764fccb643efec

SHA512
59a6cf962d36b77c787bb4b9e40b1effbb8011d6247941633d7cf4504b8465653362a2be394de75bda6550c2aee2c7f345d68ca10e2c3bfe21ff0a52e8e8fef8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b7ee9125e283c3d41e035d3da0dac7cb

SHA1
208391ccfe155c31966c6c7c1109a19660a2e804

SHA256
163a8c16bd4da09f227d423f1a457f6d29eabfe53a091325e974064d1ac738af

SHA512
17482e3f792fbe60673e084de0925dd58e2e41135690ada491622be6c7898bebac830600bf6a2b17d5b08a1d6e0d2141e10ed0ef51cc163f7ef3bd9e31142f67

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6E4F.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6F2F.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit