6630c77c7a8004ce03279e783e045bb3e4f1dad692e2ae46eb55d29652fb5cf5

Analysis

max time kernel
121s
max time network
132s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 10:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a1ad272f5dd826d15467584b231dac5f.html
Size

1KB
MD5

a1ad272f5dd826d15467584b231dac5f
SHA1

1bf5ecd2650590ed7ae43339590de1a8c892259a
SHA256

6630c77c7a8004ce03279e783e045bb3e4f1dad692e2ae46eb55d29652fb5cf5
SHA512

c090c32a2f1d487f12d3de6d60656ef3f142220ef39c59ce602ab66d8b96e6b2a0c0350973770c2ad93fdb198086527b699cca63df89577d7593560aa6163562

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007823eddbcee3e149bc4db86b21295af600000000020000000000106600000001000020000000e2026d7a9aa1c4d8617ee1a08ff9033b869842842c1e551be6609a984c7a3ad9000000000e8000000002000020000000b356f5d4f87ac4933e2b69b0346d3601fba0b7437d57b10e4cd3c017be1f11de90000000ffbf7571e0681c95afb4494f99da17c8e653f87011c7c31267b58e498560b89796d142d36e549fe1d14461e757a308511c6de47279aad01f775b024066bf22ba0a2040702af0d4f7b89cb901a979605e755ec13cad86e4c6ca17396316308a8e4f86ef701be1ec3a5fe586a094e05ebce3a39a50e85c3ffca7d619f9df5b152e6b9553a5a8bdb62e58e95f9b0ad08cb84000000071b988b4cf5e5d925a38fc81777ef968dd4ff405418dff8588ef121dbb402e83917b40a94afaf1a1fa4957106609dc77bf71164981095f2a7a0d8670db561fad	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{36EBA401-D302-11EE-8012-6EAD7206CC74} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007823eddbcee3e149bc4db86b21295af60000000002000000000010660000000100002000000093fe5dc604d2f1ecd9ee54ca429fa424c248c3cf2cb60201d1269a68344e88ac000000000e80000000020000200000002509354202f8b858f61733131999fc762bb1375396ee6bbc535580fea0236386200000005f14d1d502a56a4ef5799ea5788af903a3503d57bf40ee61b720e8117d2e3e8340000000af7051e525c252df75e00ac84e15c92bbacae3b9e6342c24f54e9a272606c99e850a517def85ec3b99a6ff8da063cb65aaa642c132022afb202f18a6757adbe9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 900ea90b0f67da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "414933565"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1658372521-4246568289-2509113762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2488	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2488	iexplore.exe
2488	iexplore.exe
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2488 wrote to memory of 2496	2488	iexplore.exe	28
PID 2488 wrote to memory of 2496	2488	iexplore.exe	28
PID 2488 wrote to memory of 2496	2488	iexplore.exe	28
PID 2488 wrote to memory of 2496	2488	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1ad272f5dd826d15467584b231dac5f.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2488
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e96f265004505569e974259052829d06

SHA1
15449af6cb36ee4ae7ecc3da10072cae718b88b6

SHA256
40ef149636e0172b15b182685911cd3390abb7cac840bc7718bddb2134aca511

SHA512
c3b36f96c58b6004900eec860bcb03535307a2a2745b7c7c09bdd3016ba650e5b50357839850bca9b11510586179da396b0c1caa491666eb1942d8470855a4a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7ba42471fbb8fb5f67a7111f12f41357

SHA1
eb39efa48beec0a70cdbcfc50151684ce8936f56

SHA256
cccd83bd16fa91d850d5e7279cb27a2b1797b6738d6d79522826dd6c73778a09

SHA512
20d80c6985bc92f476e97f7d1339ac541d6041bb4b445945c19669b4f887fbbd1b104382f3b34d8e55e045224c14ed6b33932dfa7ffb9703a0c23367937a9e00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
90adfeedccc1fd7a6f88a2a6996f6456

SHA1
f9af4ceccc6ee1f376ccb553e1056027766bc3b2

SHA256
8a17bd35109c3ad1904166e53102d958bd002815f4576eb279019d752449364f

SHA512
dea872a25ea84964d8133c447b0ed021afed7f61054ced5bc8553a45f9b37022bd209f6bc0f7b819c39354a59ebed839c28e241a4da4d34227122d24c40d2420

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2674205f3a6d4232bde498aa0f8e747b

SHA1
79abc06a83cae51050dd29c007f9081730e1c07a

SHA256
2d91c23901d12f85594c0872150492156be656ab2f7637371395583edf23c5be

SHA512
9c0797fbe8572e567ae0b940f82528c07c059151c1f508b56c9dcb555c362feb00ef40478aab2ae44320f70c5f353ae00108c97832b8ea667c5af2a30e0aef57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72886d09a0ff31c965a7221f481fab77

SHA1
c14284d5d624e61a7c7433c3080b45bb2f7a5c50

SHA256
ab2fbcd1f0fcb325094d340769ed72a8fda1e189742b3b08adbb523be57234aa

SHA512
a2c1d8ee83761f080f110d72668f611a5cdc0e53f1d599699adc8de87ac1374492891c2f0f7c6de924d9d419d9dcf04725dcacf73025bb8da4f9206cb318f7d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
99f12bba0e98e5455c4e2d971b08b9e4

SHA1
468082ea098115bbbc13d4adc0e66eb857131987

SHA256
753e068bc04acebe6a0bda196904c97a2e584e1506270f4d6143b3c30c0ee0da

SHA512
e9b66647d25e2f02c47012dfb1d6d93d311ee3f38f7e7d6809c329e45e67ed6a88e445a272e537396f63f311f0dcd98fb7311f736865b12fb81392d32cedf59d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
063632a050947487ee7bbd5966722ee7

SHA1
dcfbe8da50f0f3c35796b0da9a3e479dbd4af86e

SHA256
8b5dcd913e57ca65aa32d6574068dd69223390e42a821836d78ef4ba39f7af2d

SHA512
8bdc23273c0c80c33c2b15c7d196937cdb71a48bdf98f4e0d9119f581950f5415f418a0c34b1002560fcd7018594cf5b8b9e4d52ca30c13d3da1752bfbe734fc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
68d78b2f6cbab275ab31375720f499ad

SHA1
570b69985f35c15dbae804d8e16ef5e4a80339ee

SHA256
a411928c620e51980f1d91c208432a667ffada70755101820b9d63809fba0d72

SHA512
42dbae712d064075a5dcc22688d5809751b7db574cc83426a1c01e5722e7cedc82edf112996c42cd0b05f269aa455a37275972f0271518ffd26e2f4737c32f5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3006d81892ad3a104475b524c4b789eb

SHA1
0527a9b3a03a6470be9ea21d5d056844ae195e03

SHA256
854c483183c8be909ef095277acbd0e73daf9b3089e6d9ebe2e6dd24b97b48ac

SHA512
e40d99feb3a9efb6871d5ae4c474a96e14ff302d4cb691e7f4809f3bd3421ac98d627c7c47e14533aa3068c7c153914593c095d0056e90ba86830e66fa92ffd5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3a5a3726c52f41dfac183f47edcad092

SHA1
e4a161b856988d0998539e3ef2799247a158fb6d

SHA256
8e98bb7d074b1690d07f89d5e9dfa651238670e26995e07a30e3bd0d5b8de3ee

SHA512
5c19aaeefe726a1bf147cb37559e3df41b59a990f9ef26883544658936644aeb731336c19bf72f5914fbc2088208a1c51678acb28ba41c2c6586e633495e6034

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8981cd1aab30984893addaaab2167fa0

SHA1
7f20223da92131b4b18218f9c4884bbe8f2cb5fc

SHA256
a185df202997ae8e73788edb541428ed69c41702476bcb1b2a2a2e302410da46

SHA512
702564106c513c4502b7135ca2b97fa23c4bc50858e9dc80e333529ac3ed054036ecfb422ef3d6bbe2b555db1ffdae39cd34f5f1c14f0ddda71f7db3be48c666

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ffdfe82f873a4345bda9254dfee8dcaf

SHA1
968c6b46d877476b9cdbc39a40896be8165fe922

SHA256
cc09aeea6b99c21c350a190e8c46a66add4d2c032d770ee56e8c64936b5da75c

SHA512
dab00d5e3f252913e9159ba4e404131047223436d95308852b2fdbd879f8a1790073c204a9ad982b09aa3ecf758b11eac03c15ff10f076d28916158564c80155

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d568d63874b49f0def1410bf19a88da9

SHA1
20f00672d0b3ed73e3fd0fd1ad859b48d273308c

SHA256
8628f9ae60bde25bd1c7b805205128da3197168ed1fabb789017f883b072d530

SHA512
f2c90d74f926bcc7de82806a3c30e75482f4b234efe02537b6de01e473aadd58212d02cf73dcc70a11d61e42d2534b8b18a1649c21c0f583f6fc7a85908c8a8a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d73da33927404b6af50a28b7b866d352

SHA1
48e0f19f1d436900cb199c4a6532a9c3860cc8e4

SHA256
649ecdc21fddba860141bb21bd9cbe89a9556a0d0f2aa62f1d7c74c7a668c352

SHA512
d018f4418daf1e53f7c6adc67e70a79ebe1c1cbcfb1f1bc287048049124023320a6de1762752b6b7029a328bc52eca8f226930256f6d4a16af4ec7443cd99012

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5489cad0accf58de98c650b062f0b241

SHA1
4f44f3c967bcb7d61293f23967a87612a026e855

SHA256
cf94c6ff1a1b6a4d6c13c50fd9cf80d959735dd85fb1f4cd7cc7dcd008e0f63c

SHA512
c19dee9acd58b4b95fc73c1a6fe18e861ac1511e314e8b9aa7ebb647cf1c968e491f1eeb53ce480e8f3a136c9ddfbebd10c339c8240916f4583e5025f5eecc3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80ac9e01105475dc7491e1e32031a7a9

SHA1
0211f35e86bcee774af4f74cca01a8f213f9fa8d

SHA256
300c533ea05b3f911e287810ad8fea6f510e0e144f6298519196f0c1eab8e46b

SHA512
bfb771fee9090f17b19baf5d160d1594ff13eec57cc532620ad74bf7ad54cce1edf65702251c7f788377acb1fa0b1a37bcd31b17155eb8b5e23b06567968ab51

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b45eb5924a0481fd49b65cdec1e8dce8

SHA1
e1d1021703469388faeae19990957fd21714f9ab

SHA256
d5e5d09fffb27b505afd056e4183c94bec1f6f2643c5d91959f28b8e0bb6279b

SHA512
2e5a6409851b1ee12b5ab6834c51c30b13a72c441ee923fb51c547cd5e781a478b0755c62b4abbc82d16499025f75bc43bbc12d59247579cfd79ed6feb0c798a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
93606987ec3ef9c836e93799cd05e3b2

SHA1
f8f3d0bc0ab0e8c0c5659ad516e3c38719f6c791

SHA256
0607b8f8c7ac8aeae9f48069719abbea8f7c4422ed005822c97782fceeb5fc75

SHA512
eaca9dd9205ceb7b57f3d621fb3b39b693cff3e58adf7cdea9d22e32621cfb28bac8175a6d6e616aa0052b87a386a6fa98d3701ae7de34565f9be0da6dd48368

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab76B9.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar77A6.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit