b66a6bf415c453999f30fc9e73fa45d8eb0dd27e83f6b2d5b4969ce6d83a2ef9

Analysis

max time kernel
120s
max time network
129s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 05:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a11c9d4ead1bc882459de7bc25aed8c6.html
Size

2KB
MD5

a11c9d4ead1bc882459de7bc25aed8c6
SHA1

c70d9c5a8349d8c71ca08d297150a025b610a09c
SHA256

b66a6bf415c453999f30fc9e73fa45d8eb0dd27e83f6b2d5b4969ce6d83a2ef9
SHA512

b3c50b9329f8cc0820028d9b7f9095d927896949ee0b148272610d5920fd465e7cfee9227c65e79df428e6fe5262c34c05b5251fab8f487125730bbf1916fe63

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{638663C1-D2D9-11EE-A499-62A279F6AF31} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000abb8596cc50c0546bfda6658dcffc2330000000002000000000010660000000100002000000075a38ad9e420a70a7a1272ce6cbfad9e450e72cc3ae32ece804ae166715e20cf000000000e8000000002000020000000f31d89d62e0141c4fa4ed2df899a78fde29f9bd25400dfe87dddd3f40a93d54120000000660a3434978ac9e2bf902171ea6063ab3a3f55ee3d6ca4f430495a55e7f31db640000000d6f8e0ec87c2428fc2b63d129a1124f448c8cd4eb068b5b070e0a381803ef212bd0122df953e618c5284f187bb8943f4e6b0bc12525b39d56636b66c2acddaf9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d0d82238e666da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000abb8596cc50c0546bfda6658dcffc233000000000200000000001066000000010000200000003faf717bd438444001936a0aefb40b3696953a9bdd52cbc5d4dd87ec1bfb03d6000000000e800000000200002000000087f7f3d68745fffb0809e59e690f163b5a143e0d5feb233fcc108d7777ab0c7e900000006066f7db32dfbf671f5a92851692c0c9643b7a704c313801ba49ea2233263d65d44dfdfa381a260ab6abeece37f803b8a307f755eb6d7cd1c632c740faa8a492dcb9311aa94e7d904f43f17c08db53dee043ca5bbdbc4d6ef933a09b5a50f34557610c8a25d863134a1a8e4159ed09759546a121f0be8df84c8b60f39e0ac0518ff7634afe03ec6f3bbba79af167a67e40000000c9fd0dc70a7191f2616d4283b80592c6792496721ace62895cac2c13d182efe97fc413a97d2db66628d95bc55ba6310ec52e707db507394e20c754e03402c5e2	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "414916029"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2784	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2784	iexplore.exe
2784	iexplore.exe
2576	IEXPLORE.EXE
2576	IEXPLORE.EXE
2576	IEXPLORE.EXE
2576	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2784 wrote to memory of 2576	2784	iexplore.exe	28
PID 2784 wrote to memory of 2576	2784	iexplore.exe	28
PID 2784 wrote to memory of 2576	2784	iexplore.exe	28
PID 2784 wrote to memory of 2576	2784	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11c9d4ead1bc882459de7bc25aed8c6.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2784
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0900eb8c6b2036b959f69aa12ab3f421

SHA1
5598e511428210a0094ca152bc2c02a9e74be2c1

SHA256
328719c833903b835b7b42a29f4877534cfb2010dfeaf360816baddb8207fdcf

SHA512
1c953dccb4b89852fb7c0cc5f5f5f6b57876944eca1f41f808f53c9a7f0db2d0c4a62a731c7f55e7b5e21488a510a5baa19cd1444cf27f2be1a013f96582a4b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3e437c8727c01daf4a514a9770d1ddc3

SHA1
4d4a93df23b2a453618004cbe95fdd18511bc439

SHA256
b87d4ee04530f4378c698025431cb0d08e1857ef6a0d506cea5db46e7041e72d

SHA512
0a5f2f7d432edf653d21469f8d7ae3c18b47fc4531688ddf2e0d23b9d7e9f77a513f8ff13f886e694216e27acb618aad5227805440ff072ca35a6c9b65bf63ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
025545bf2500d2bdbca1b6b5f0e0ec04

SHA1
5c6c30f7e09fa7aac153cffe62e9f70f4f63464e

SHA256
67fdbc09e6030224cb57502e4cb4ed81f03b3b18992e3c06c533142a8436eb8f

SHA512
e08e8039d003a3a8730d29d930dd1ca2b8f18087dea76f33241b986e37c287fec25e4ed11cc97554abc14b37f89cd696a103c2118978ac310d727e91e7d30493

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9f0179460ac868943858eee6c07780c5

SHA1
9c8d46b571970f1bcd0692d6fdc275ce9fd0358f

SHA256
19b546d8b4c76524ce810a768880853f16f98b60a42f23da7018652a6de8b83a

SHA512
06b72f04cf253816b02ecd5ce5a25fbbf5b893f13de144ba9752f27f67731b4ac50cdce80221b5e8ab1a61453ed3bd9ff0f0bea9e70c78ef1d57a130d43a3f5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a4a075d1d45a7d912bd166aaa83803c0

SHA1
675ba3e8d0ec9a9bfac863fc76e95a690a349d2c

SHA256
0aa94691ec0580dbd901a456a38aa16065a996f4dacf4ed789c3b1afef87c2e8

SHA512
dcb61a3ac09f932620fb10a9d1afe35b88019f3555dcb05fd1c9b6124dfd88006d10c753714c6ed7bd4278c8a99957b078c9081c3cd4ee825b9fc8ff62cd4594

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
86c111d9383a4f87bd3d42fc68c8eaa1

SHA1
7290c0d1246f410b356ce273b0cd96b6038947d4

SHA256
a88f0d22896e3bbc1f5e2ed5d12f8325e4378e02b566b135f009eea1d09d36d2

SHA512
4b46b75287613643ca7346c8ac8f12cbd5cad3cf011f4ffd84d7bfb38d3bdf71826877399361d601f736171f826ca95a00ea6ce9e5b1ef39b362f0396a97d59d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
379e92044d81e662678cac44c59c4ab9

SHA1
1c4d525b5300ffb323da7f442d0d96099494b0a9

SHA256
342e1c5878c56afb1e586b2720301af00e745cc9e0d4f0daf60450e3996366cf

SHA512
04cdbfd6159c9a99eb618e030f3ae931cef061226afb8b39731c0ccac90d5879648d225bb27bd0177c87c6bcc5beeed758cac538f2a06bdc9468383ed653a086

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fb6243f9714457c94f06bdc73cb426ee

SHA1
9632a12cd7765f20599dbcf0fd6214028a787dcf

SHA256
e2bfce2687db9711987aa5034db723efe0aba2d7916d39fa886f86fc65937102

SHA512
c85479d6760318e441e0a6da9f0e23e43909ce3f6839da6d7bde1d3932e948b97c18e189418f52243bc448ce1cffc887b19df555643de12a7280f76df0ac86be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
97f5d8c7d540c253e5c8b6c53486e931

SHA1
b5af0e47bf5bfc57a48d03bc097db5737a4f489c

SHA256
3227f806ef9ecf0f8ca20cce3a26496ab566cacfa16b9a8151cfc6204baa6dde

SHA512
5cbc85199049ceca5631dd568b02facb772cbfe94e0bd2eb9e17fba5679cd2e159e55f732bfd3de1f54cd24162aaf9f6d880e5c0c3ee47719d48d2a3bb4c9c95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
18b9ff91778d70097fe0af51c5bf7efa

SHA1
7c4fedc9ab1ebbfe40e213cd14d0508c2df66e49

SHA256
696cfac581e273617098864ed2951a221233f1a089b62b69a07b2dd5efcbb612

SHA512
5c89a3032991d07fafe14f6381c636dd46b90a0044ded64b9148b7c4086b405cfa99b62787deb52557c77e7b04af4a6bfc72200f32566a8bb488ef729cbc9f98

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9ce6840f03d4eb92feaed3707d23ac11

SHA1
3bd6b9dc66b945665df6e4fec1742f78325f7b77

SHA256
80bbb9224a7910b600fe84694238632a27d451ea96bac172e941710cf0dec7af

SHA512
3bce946070ee244a9b57c5189e9ce57c66e87a00f33566a9b6936376aa749ae760a7e3220affe7f10cf952a49a20c84f0293fd23e2f19f099c04337a9ac647fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5f61467abce73c70906c03b4114c7040

SHA1
555b5ddfc32444696241a4124a79ffbd0f8a6f5f

SHA256
fe47203fe44aa533ceff2f2f38683e52e4eba661fb13a3cab926f7ccdabc91cb

SHA512
2f55c9c29f993141493c865adc54d04771646ec378521aa32e390145ca8a088051116aeeacb90e9da010ad253be1397209e2321165570df4e23afbfc142a214e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
10aa95e3ca764977951fc4713d1e9962

SHA1
87ea11369d2a0b8f44e327e5998344b20eb3190d

SHA256
a9ef965fa22acd9fb0f9b2bb96f38790218d014e8a9226c9b69648510002d78b

SHA512
4bb3ae727a6c12bf71e87d326e2510cb692ba431d5f7318051ef1dc13e9d54f2ae199d0aa88fc95cd56bdea2c0ec45c9fa9ec1bbce6ebf1d56b081eaf9b984c0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2d8f6bda98c94c3379c35dd22863389d

SHA1
788cc04444dd9093090fec19273769466a401375

SHA256
b0341200f23101b60cbbb688fd6fa1e077fef6635eb4df8765fbf850f882417e

SHA512
abf9caeead79b8add0218eba1dad85e3d81e342cb59a30314e0629b24a68338950e627fbe5280939e725f5d0b8b5667b197ef244c711e69062c07aff1fa2af6b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
be47f162d89efbbe53ceeb9e07420e81

SHA1
7947c387ccf8f90c86a6ee7de4995d0d9e556295

SHA256
66e7beb8030941b998d6d3711b00fb5f2aed9b8b477151fb9a72519b1b54d253

SHA512
a198e6043c6cc64e1e7f7f06415be2ec33cb7f0cd1150936874928dac1ea347ce912ab8e2e52fc66021eb1312e3e972b37e3590697bb197b624dc3e6045bcfd0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b3a22d81e99fe8e4e791a9979e64afeb

SHA1
8f025428d2d0992cad52af9cb28322c3aed27e3a

SHA256
66bf0e0ee4ab7e92968b70e2b362391288c0f65e2bee424de58a78d47f2d112d

SHA512
3ccc4653d69ce96403120d393a37b21d20498dff760b428b520fe90a8dab57934bfd5e982e2b197e3232712e7278ad6302faea9fdccffd6fb4e5cc17e55de65a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
565c760e5b0bafa2f5d16e9cbab87439

SHA1
2c83c6fb360606e5f81b073dd832efb9387500cd

SHA256
38905ae59020f2a4b546b8faf0d6a2e5788b6fc99a70d331495d4b67133c15c4

SHA512
2258b7a82deb1b58e8956ed6fbb893cf9a86442d67033dfb9ab32e08992bd11fd4c58ef57f3f0d28a04dd977e737c4a93c8810694d6676a9a4e86c80a3250aac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2c29ccabf81eaf276cc610b9ab9237ef

SHA1
1066d1d72b94599fdd817b5f7718021f8634803b

SHA256
1fbebaeffb3ec7bf39193e668dcaae68dfa955c12323f13fc6845e2c70aea571

SHA512
b8514a562f115057cf1d6822cd1544a356b0f928c8322cb4662b95a7962bd3fea9b186d956565ba17b71ee8c507daeecc4edd77ea9b0b709166f5058b2561a56

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2ACB.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2B99.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit