9c8cfed15da2ef8a3ed55a0018e2269285d999518a8bef7a0f8aafa00b8f078f

Analysis

max time kernel
120s
max time network
132s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
27/02/2024, 16:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a9aec5600957df74f8e52893ea340691.html
Size

944B
MD5

a9aec5600957df74f8e52893ea340691
SHA1

8b119336062fbbf961c46670aaa51ee50e8d7bc4
SHA256

9c8cfed15da2ef8a3ed55a0018e2269285d999518a8bef7a0f8aafa00b8f078f
SHA512

a707863165809f3f87df638640b69b17a1d1ecd0b2f8f52d8001cb063a982221c7de6b6d75be6043d0819bd24464aa5dfbc4c8285fe6d6795e1c03f2240ada14

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e00000000020000000000106600000001000020000000786a1aa16dee5ccf999b056b59c5a9b3109a7a9c8073cc50d9ee206ef02757a7000000000e80000000020000200000006c2877cf9ef8787412aa58c94903852fb50b84bca13a22ca31d9f3225ff4537a2000000091a46ce27f606cdad0cf9c3f84d59c8fbb195d244aea7af449327d0d3c29d1ed40000000954fe8b93281131c3be8475dbf9b51ece304c4f4de5948faa003c1186f3a3b9541f6437af874fb521556bae61726ef8d14d4589fb8a9e93537ec5943b995f549	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "415214867"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90d389019e69da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e00000000020000000000106600000001000020000000b8ed8c5f45473fe94d7cfce4537c0a1a3741bb280b9751f57e703cd1a408efef000000000e80000000020000200000002e7badbd59c6e9e73d5312cc6e895721ec0a93c52f49e8df289c55c41ce3a48490000000a7daa49b5090bcfde7784985bcfec975af45bd0b61ecdd299c602238f1239177faa28e53ba6406558f9dd47e4dfce8146c801c8d54b7583b80a98847aaf231465dc48a96e47507f06500323379d02ba438f4a74afb3f1ea9511e75ab9b27f9cb3eb2293bcd26f8c807bc9ed84d9f64bc634350365d26f1bac91cbb557329e7d7a3aef819e4a28638215fa15d6c1221fa400000001d49af428ceb572f993ca814513a7f65381c0b5612e65226fc0b493b41f3cdd91ec033fe94544cf7e8043306ddbffe61dc6e473f869bd2781164c4927989558a	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2C1749D1-D591-11EE-8AD9-56D57A935C49} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2356	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2356	iexplore.exe
2356	iexplore.exe
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE
2496	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 2496	2356	iexplore.exe	28
PID 2356 wrote to memory of 2496	2356	iexplore.exe	28
PID 2356 wrote to memory of 2496	2356	iexplore.exe	28
PID 2356 wrote to memory of 2496	2356	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a9aec5600957df74f8e52893ea340691.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d1350e902070aa7e991051cb7769973f

SHA1
15dc5fae43f9175466ff6911a55478cc371c151e

SHA256
10502db9c5284295c72802dfc7e707c60e8e307d66c65c51406c7caa8e0cf4e0

SHA512
30f481be7fa7870e2ba09315c50c33dd9056f52bac857602f8788d689b5a26222ac6bba91e8cce72263235890a8d43d792f40cbf82681d2fc228cdced3d20d97

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
576c1b6c5eba573b4940a0e266f38aa8

SHA1
688339f7e263d315391f2486064eb61557f52e9b

SHA256
5d8c2aad6d598bd44031cf2d21620fe99b0dcb071a2be07379de3c11923ec5d8

SHA512
a103f3a00c9382854762e5775287704071d595ad2843d0ddbf8b4b0c1433043bb26d37239f56c8d32e10b82e60c0aa153d526bcd7007d4fe443a74873ef80979

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b73c31607de64fb52f3107b54e6640ac

SHA1
2b06e3d26d2a236f9dda33aee02908414425fcaa

SHA256
65b32ef552751e855804ca7f479b4b21ae852cbb6e557325c71aeb5da054f458

SHA512
d4cce4ce312863bb5a302c7cc59b8c1a6299c10229e629729b92a5a31eb197096ce15c97c9428ff20b14638d6eec650c34be0a2958172e8188397ec79ecaccdc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8989a2b3f0b641835badad210c8d3409

SHA1
eb6cedf84b830f4b0c2b3ad691b66589cb4bb58a

SHA256
ce45c0e197a5606165b4a91b94168226ff684f219d52c08cea9be52da4b562f2

SHA512
67138d9ce0c790ec953a08d2dc6719d8db3869a6fbd91e1616c0c99b3f9f41972b639fe755e2ff6935179cdefe7d9138be2cd309b39e055cc271aabdb76c761f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1b3140195078178610c1efebfd6985c6

SHA1
7adbd6c91d0d75eb27c85407e2b8f608b249f2a8

SHA256
1c7e2422ca2812eb530d671a341cea7491b9f56a1051647ce2b2df8af28e80ef

SHA512
fe3b1bd3a49eac3deb74bfa8103e10237d054928b70ddae7a1df00b744e9b8903434dc82ffa4afeebbca0720165cd614a4f83f9284a5d3d509728df2c8bd8e84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f0b7ea919f976b4e82741ebd729d9c21

SHA1
f92147b86a8e4949a2a6eae176a0867b452c1d5e

SHA256
b7944b24aa3bfee8b597e5974eeebeb321ae201c3fcbb86200cdf16acc3b245f

SHA512
abe92717a4bb94eced194572e2944b379e903952c28f5477951ae4eb1dddf16ce1b16b23e395d99a640bfce542fb2d66c4e85784f9f49a4b76a00e64504f9e4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4717ae01050fe2edb72259162dd2bebe

SHA1
730b287309dfeda5b5a75f6e2f4cea097acfdf28

SHA256
ce1692388384647beac2e5b34f15a1dc071e5b358352f961a9334f11edab28d3

SHA512
bc0cbbf026405b74af04338af13c4229280a8f143319f7e824bed650969557e966cabe6548ba86d8673f4f6f97f61c64238ea27b81c0e4dfc2c230ba5f550114

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
25e71557394613a19ed04b2eed29b0d7

SHA1
afcf94695ff7277766657265ba231d5b5e36fad1

SHA256
9f2cc5fcf53bcb9514295b595123573915469db3add93a37597c795ddf6eaf1d

SHA512
c13b32402c9b9ba44708da5dadb4fde57d889f41248ad5a466bca26f15f0c64770712a96f7393331137af6a2ed1db5104908699f22d3151bdac9b2bc7a091441

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3e305b19fcdf86b4cd35e7b1298cd5a1

SHA1
194488381c6349cb5efc1edbbee6a9e42d382dc5

SHA256
cdafb59cd993e6ac40b051a380f2d92b91a8f72bf50811b86a70205955224fd5

SHA512
51167be36468bfcd51712864852f11f5378e23b6c164d24d686bdfed16d28d5f2f672f286e8e49a4e6c4f79566f73c2ff121b575447b682ffd033cd861742259

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
444ff27eddd8e8dba9b3848cd71845fe

SHA1
a3bd30a31ccbd35ea2e5444ef33eda10f1182ac7

SHA256
9479041d3348bf80c944925726092a7b23ec6fe66a404c17ba121300f0bbddc8

SHA512
d1d8698ea489b14be74b598167acdb25863ee32cdbd816ec44595deed77536de4767c9c6df2e1cab3ed1ee47ea0d4e498b881ad620900f5bce7fd7b08a933082

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7d4507b7f8e2da7bfecaddd3a5d7d67a

SHA1
79caefa57903ef5318d7648744b36307e07e8068

SHA256
e784267982b7c473af2782089efc1e551c54903ccff778129614050ea935a4ef

SHA512
5290faf84db13d533137a0a0a260282fbe7f4f3529740ac1bd8119d442a62e2ccc57203025abd9e74fa507b351f151780269e0977a0302229ce2e348fd6e0e6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bbc7ab574b244d5587b27ff53d804479

SHA1
5c2c08da7e712e0c440b8b8eb12b881fa89f8552

SHA256
62108e60288130153a83f195a3d9ee6486663a46595743559571ccdf5c081d6a

SHA512
cb1f6b8a0ce00072b767b97d8d8bfc0e77f77364fb533844ccbf7872b0a137eda5424146c2754d742bbfdda3fce7826ef74ef42c21216f23dec20ea9c1e67b6a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6976148373b8eac873e4e8429f61f093

SHA1
48cdec69e8e707e6549409ea4f9b6adeccda7fc1

SHA256
d8aebf06115cbabf1ba5becf77940e9c52e3166fbb6952c02afc60a74dd0df45

SHA512
4923d3596d975f98b470cd6633b82df446168013e553424feea3319e03e76f148031941880e14fb8d68c61b320ec2da0e8f0a5a40c9ed7e695fd7d86f724f798

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
20ac1441f9184acbfe340d8994f967be

SHA1
fd406f9037b43b4790b738c584cb283b3d219584

SHA256
11311598082eeff25a060bfa113ea011020d022dc7508168db101e64b2b1cdf5

SHA512
e7e700592d373d63ad52780f9519bbdc749dc203faa66d57ec9b8b159b682b9d5ba6dc03d8cbeb1aa1f705f2fa89913bc9bc88282f495cce84b6137a5dcced5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
64de51afec720e8c027acb9f77e8562b

SHA1
735db0dff622ac13f2ddfa6785faa5f3a0c39b02

SHA256
4d05a6afd67ac4421063206dfdafdcf4b9c5f58b1a5f4c4db31b398342db0df2

SHA512
c67d39a5e8660fc218f3eb026c0cfb4bc2f2dfedab0aa5a8c1b154d7c95c141edad2c5732ab36555f717aaecca10fd08009d6fd5e6e2befc3da033915cdb7657

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
745fddd86ebf60669026c36707004945

SHA1
633a5756d8ff2fa66530b7730a49b3bc9f892356

SHA256
30a103884f952ecb6cdef71588984bf55969a9cc561be2114ac2f3f06904868e

SHA512
e4a3c6b323c4c24327bd6db373156fda165d4a598e729a0d7c08add66e80e637db4f234f60b5d5037339aa27eee6905c5cbd9ef81a042bf605eabceec665b75d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ee6c16b4e1f64d010b686d74f825681a

SHA1
0e22fb028b00865a1a6123b69a5b02751fb7e605

SHA256
64351009dacbfd5cfc2c7826ad810a344a2c1fe8e0f3c62295ffd74e35c73eff

SHA512
eb369dc5c336812252f9d66621139f4433ad00d7d93f5c26cdd70b6f513ffb9bd139f645a5eed3b75995406d4c79639be9892a66f4c568833bc894405924b859

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
276ca0d5422180caec6d20dd8e2f4e58

SHA1
d7415bd580e64572c15ba6c36ebdd3402d8b47d2

SHA256
cc1795e53fe5d26a2a3e3ae919829cd841435d98adba4ff3bd92a91bf98b761e

SHA512
e0eb145bbd7b5c9c261b4f4cffe25cc9dcd1c53ce12946739186c13cf6a65385e6eed37af71909f3117c80ebc8dbaaf9f23992eb728dfa6fbca3227b8f678af4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ddb730acfca139c62a47f2374ffeccf6

SHA1
e6cd6bcf3b039253c562caacc52d103b1831d721

SHA256
4d178285452775424d6946185514fd47ef43d78519dc57724ecdaabc732ca819

SHA512
2846b17819d2558095277ddda0c04620f462619f62bd1259a415ab9b7380d3bd24de862cbccdee74e6b4fcd80841aaf0cb1c32bbdf1f05d2bc102a9812d7c7e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6B62.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6C02.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit