d97cbacaeca0cf7008b631c5bda19d97fccd0c67b0ce834d16bee298655b1a0e

Analysis

max time kernel
117s
max time network
128s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/03/2024, 13:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b8d5ba60f3ecb212c913b6294f3f7b7c.html
Size

2KB
MD5

b8d5ba60f3ecb212c913b6294f3f7b7c
SHA1

25566572822872895756355e0724e8b2941b5517
SHA256

d97cbacaeca0cf7008b631c5bda19d97fccd0c67b0ce834d16bee298655b1a0e
SHA512

56f69c040e08ba5e84ef3ca383c1ffe1852662d7e7e9f14e47bdb8596454a0fc446becc03f339921c2d620e08b312974cd90020f2b6bb9d244baef8a0fa20c84

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1BB34571-DC86-11EE-BF06-56D57A935C49} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 104353f29270da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b00000000020000000000106600000001000020000000ebfad6fec8e592100138ebef94185d4324be490f3d5a55665c66dab4a2b4ffab000000000e80000000020000200000005af6c614de6912bfe026aa598be88af1f7cee745a6fea00ec2a62ecd1118af7220000000aac7818e40a1c837ccda508357edfcd61ab317c1388757edf841aaa14af9764e40000000495f8b151662bda6c4acfd80b77164068282c1539e2acc25dc665ff1dc346f9987f6d6427617d2254c4c2f6f86cddef1f5432e2718c5e5c3d7e81e31b8afd1ef	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "415979796"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b00000000020000000000106600000001000020000000c37522d097545dd36275fb12eba7f61a312975d62263345290b8a7843250e5a7000000000e800000000200002000000021ede55737612d80267478250a8fdacccec7b4d4e277923e8fc522aceb28f9d490000000acf4121830768c4b6fd69f158b3d23a3fea2e181181a05feac22d255725c77ff68d09b5c9f59194640ce9457c668e5772d824f2f0d2954f08ba861da5a6225b474dbac640a69493ee67adfde2d04ee1d85a94bdca7651c0a083c82dda49541f993a0bc6ac9d3a9ed42a36d2aaedfee5ca8d2c9d4381871b76fc5b0405e83efebb6000a63eb880c73b59539300cbb4d4b40000000e567c616836ab0e1306cb276f60a6c80fbb52705704afff35d772e7052a11587f74201258e15f876f052913ae7a0bb1a889fde6ad52f387ffe0af8299c3d81fa	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2060	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2032	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2032	iexplore.exe
2032	iexplore.exe
2060	IEXPLORE.EXE
2060	IEXPLORE.EXE
2060	IEXPLORE.EXE
2060	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2032 wrote to memory of 2060	2032	iexplore.exe	28
PID 2032 wrote to memory of 2060	2032	iexplore.exe	28
PID 2032 wrote to memory of 2060	2032	iexplore.exe	28
PID 2032 wrote to memory of 2060	2032	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b8d5ba60f3ecb212c913b6294f3f7b7c.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2032
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2060

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
73279db46b5be8daafccdb02c6d3d26a

SHA1
9174ad5e3a2dde1784d8807c4519cefa33902823

SHA256
befa420fcabf621b13fafe140884b2dc60c46af7f7ad2b43cb5a19078732d9b4

SHA512
ab3aa9ba039574ef7a48f30c8beccf0ef75046443802c946bf5407eb98bb8d887e12410117c1163fe4bd361587455b53e8980d84b7e6456bc3301501213f1a72

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e27b539633a41eea46d07cfe773e94c

SHA1
5eadca025586a9feab6745ec2adbcb28d398313b

SHA256
9b158c99e4bfc75eaf9f00cba746800a780afeae8ce5da8f0e8d3641a7ae8b1c

SHA512
9a24527c51ee5dc38be2c6b616c4be4ea26cb649b2b9d8ccd9b0864d19b0f76c84e4b60205bd3605425a2e2c7a13e2700433c81e2a21b6192573fd60593eb231

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dec6de253c2b41354bfaded5ca0bbb98

SHA1
a6ea52f8bcae69120c837a87795a46c755b2b285

SHA256
805afa539f1b98022e3e7d5047de680ccd073e8fc8accd2b1a98b1dadcad4b17

SHA512
feabe8d52dba7a377d60cf76f7b1103740a1f66954278cae2a779ba5fb832c457ffb8d776db1b787d747622b746f58e72fb9c5874fae0fd1eb44371b1b52214d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
42492eed1ea0d780cc79c683b1eee0ec

SHA1
96c3e50dc50b87fc44b7927f5965c0ac116cdadd

SHA256
b448036dd891087399563fb0427a691ce6c9fc68be0bbc2a35c91aa7978455c8

SHA512
98235611ddb616c3358a5e1142bab525b2a218f861ba9f7b0df4a9b9e06a9c6addca05deadeea671966b1949fa435fd559ccef88fe2a17afd4b0527e7f089591

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2154d91239a0542bdf70665321b66b19

SHA1
b2b743f0fa63556001d3635c21953ba72160b387

SHA256
37c8a05bd9c6fb4eb717cec2ab880fc73be5b8c57662f51e360186062ea37943

SHA512
70d37d0187aa771ee883eae95dbe4b00c28d454d3425514c97ebc088b6ce5909d07b2e62509254b59fd5e48ab01aca9dbb50af61be94dd24b0c06dd1e1e44f1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
de37a37030fea82ca9b21bf1883eb959

SHA1
ae204edad50ba88e35651d38bf743f87a126d760

SHA256
5add3763043ba33b5f0e4d7c07018504be71ee4fea7397404b1ae208b4f7214a

SHA512
754f9120bef0967e488738ade35d7312942132f655cb81721706aae0ef11e7b51cfae7258dc5c85c826cb63a68a11f7cabc3e610e9307fac6d42b37596ae1d40

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4379b38b954759fed6316b81dae0ae06

SHA1
2d25bed2c6c0e6516ba2c895c30c2081a1d5ee36

SHA256
2a3f48b1f5296d9bb2aa8b45741374f222c28c8d5891f79e450483e6af5e684a

SHA512
14092c3d0521a8f679e95a104f1ef82921d7ec3b8683fdc30dddd87e58d025316e7adcf81b64f09e43882daf809de0f174e8b9137abfb07c33d6bd7192a1d353

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3fe49abcc34b6f153e381254d9cdf359

SHA1
c35a986c9a56885900672fcc92f3824e6de01b87

SHA256
67365ab101cc319bebfa26db14dfd4e5b2c7ccde024b9285e583aaff540c05fc

SHA512
b78639d0dd98b19cfedf1c39c26f0cefc82ad63768f1afd087fe71c43b03053302f49617f0dd3517fb1e1b79df4ef07349a30b3cdf936c98bb916fba2409bc3b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
245054db467dbfb8751edd2fdfcc47aa

SHA1
b308e62e9f97bc4ed7d23a85630d0b63fc314a4f

SHA256
2d940c26f661eafd0c00364f1e9f3e4668355940df78d9cd6eae080d567f9aa1

SHA512
2e77501873512ca5500eb7697c6caa68923cd9c22e9bde3247b5134ae545c168d5b7ad5dea37c1c5efe877e734313cc3f30f580244ab2196f3822e0c363d3bf3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
02c20a3a38b004c31542c8e57a855b2d

SHA1
33bc40192b761dffaadecd8668413f84f9362627

SHA256
8a29b5ebb9a2511de3ac8f1620d0c0da655b09ad7c4dc0d25cc9d75dd46f2d98

SHA512
dc88eb7626f98fca3b2fae06ea03018391a97dd7e721eea98cdc3c93abb7f216f5031dc1e5bea81e5825a7501748d2d648943b1d08e7874ac92b15e6f5ee79c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9bf646c133cbbb7910ae1100a74b41d2

SHA1
e65d57703dfbea140001c3b24bf95d12aaa51440

SHA256
50a219f75644eb348938046d0b72fa689f954df55fbce47545862b7010f2d443

SHA512
e043f6bbfa4191064d0505e3be067fc08b38cb381c71c95d7b1125f1ae477379f3d09920b06e1482a43f655e501f5397c3d147aad6286e2d44f4b6575ef52a0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1f0a5fdc1a862adc82c64549fa14f9c3

SHA1
91b65537f2f4140233e709fdced067a6e66fe710

SHA256
89d6de92ee07734b2f46ae4e3aaa8f23bd6d48be4fb0cb660c67abd2eb7bbcbb

SHA512
2d4bf3402782279acf6b6591995fd23d874bb30642b19ae6cb8cc84a723c5c6eb8aac23bda19f775d20da3331a9ca279b73ff698bf5bb9dc3708917f677a7f61

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
48b153f9a6408bd23c9bc2aa211213e7

SHA1
c34233161735e2be59f3350a4597d39dc8497762

SHA256
a87950d8d71eaa7df09918fe2a85665fc124ab3a6f6ea068a217254e52de8ee5

SHA512
ff668106f9e01d535b19ea1a3fc27c83c84982f137be1210e6227f53c49ad5c1249d8f57e6f07a31d4ed64d5f9ac151b0e19685bcda2503a85703e0aa81cee75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
432ac4597d56cb24a4a5f62fe7a73273

SHA1
55bf9a07b3467a704d91f860f605e5a76757674d

SHA256
0dcf6e4f889e7d01d19d542a1c1542b09199847d73a9320e8b385e3f82394a1f

SHA512
f221300273a5c16bbed9f6888cbd4d324ca25d46255d92469032e858f6ef87b912bf3b90069ce925f09f008ecaf155977cf5b23f014c175010f684c852761b27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2875ffabc4ef5cabeca7bae8fe1279f0

SHA1
d280cc4f5f7b481a7fac6e0c59b20b90df8f522b

SHA256
ae182fb7213a92807bdb3f5a5ab1d525f66b3b93c9b11dd4529582fed491a425

SHA512
5da3fbdf5300a5c595c3204abbbab1380fee15d859e986ac5ea7d838da30237295c4c7fda33c5994b8b9484dcbed16eb49f152cdf131916f03f3910cdb9d31bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d65dc1c627dc6c11bd19d22702e553d8

SHA1
b4d2d28ebe0e54a86c977a1f1e4d1c88e073d224

SHA256
c99f62ab37eee965261c94d60662ab185c7403baa1ba51c49ebdb1d450ddd8ea

SHA512
157ad4f451e85deeebb30370db54eb6324e6f37b0942417806ead107bc2140465627ca89ee97e8a67afca09d09997a656b51bfc9dcc516b55be9c73f28764357

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9CDD.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9E76.tmp

Filesize
67KB

MD5
753df6889fd7410a2e9fe333da83a429

SHA1
3c425f16e8267186061dd48ac1c77c122962456e

SHA256
b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

SHA512
9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9CEE.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9ED9.tmp

Filesize
175KB

MD5
dd73cead4b93366cf3465c8cd32e2796

SHA1
74546226dfe9ceb8184651e920d1dbfb432b314e

SHA256
a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

SHA512
ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

Download Submit