d4b30c1f2c1f10f46037533e5768b6abba1f60a613e779d871c21abe8ef02d48

Analysis

max time kernel
139s
max time network
134s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
12/03/2024, 19:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

assets/web/password.html
Size

3KB
MD5

25d33001f2b0630d88b04124ed428640
SHA1

3a186cd9b72e1cbd5eb69f75bbe2cc1e027ae5a8
SHA256

f27a449976c0822552c73595512a183587d7f7061744b88c510259e71034f837
SHA512

20d6778d961a8710ded547f98e402ed5903a0fafcdd0823c85b44e59b024ad7fc1660d7d97a8c0350ce151de4dc3c7ea0c570215c77c066d430c1b7bd12d52c6

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DF9B8FA1-E1AA-11EE-9340-6EAD7206CC74} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70871db4b775da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e861098c19b4244d8627ee4664a96069000000000200000000001066000000010000200000001ce71371565eea0e29abf56fe1623a2272f60e1f46649a7839d26f027508a9a5000000000e80000000020000200000003ae04677a347e7920710ac62bee2d5b5bc94cf16ce2f084e2e7a102fdb019bb8900000008f2bb8ea4d7fee95a4878c8cc2a3f97277e2b6792a384bc5452d227a8f44294e408b781e83f42b8efb9468637dff2c102214954413fdc65bc50bcfc423d57ef7d7f9eb8b8af3d70ba72692849d8b2ef1c60c25f0df08bd01de6c03821cdb189ed69c01ec28664ffff8bcfced4a74460deca3b796bf5a33ebc0ecc61a7f2977207168a11e928399f38daad436e9f2897540000000828daf669bf33e648fccf77405c0c95c80ebf82969f742db4a18c166c55d2867f34ba452ec1a23eed7fdc90fa1be1d5ff469123662b18ebcbf00ab9f80448642	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "416545323"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e861098c19b4244d8627ee4664a96069000000000200000000001066000000010000200000006217aeccf82f66c24e2ebcdc7b1941fb1b0461d5465004a7d5e20136e7c618f4000000000e8000000002000020000000ae983e234de2a0cc9698441bc429399d6f8270151e5597832fa3da135d5f55ae20000000f0c268866bc6e47563e7679a794ba37b6cce4715698ea86778daa2c27b526bf94000000051f46fc95657e940cab03875c48ee06d2c2700356b404f1874c35cbcd1ed84e6652684d58325ffa1a69ab4b63a37be5612a9780c474e104bbe4672c21e0db7ef	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2880	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2880	iexplore.exe
2880	iexplore.exe
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE
2760	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2880 wrote to memory of 2760	2880	iexplore.exe	28
PID 2880 wrote to memory of 2760	2880	iexplore.exe	28
PID 2880 wrote to memory of 2760	2880	iexplore.exe	28
PID 2880 wrote to memory of 2760	2880	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\assets\web\password.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2880
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2760

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
67KB

MD5
753df6889fd7410a2e9fe333da83a429

SHA1
3c425f16e8267186061dd48ac1c77c122962456e

SHA256
b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

SHA512
9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7bd06fde3d09d9d8c4acc765b5f43e3f

SHA1
99e4b6094bdb63c6cbf37e6b7e2208b5b1979114

SHA256
2dae33ada2f8bb8326f0e30fbaee37c7770e45167b0eb16bb13dc70b7b8f9839

SHA512
f3c1a129eb0df061122dd05fb26e1bc16de43fc2299d667a1c64d9f93d086e41803db9d16710aa757bc80aa9fdb5c75fa4e325adf1de2c84788fc0bf31809e95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
29df9a468ec4c9f31573f12d1c3c1d05

SHA1
88af2b681c1e4b95a2be26a41429be6fc3d2f9a3

SHA256
20ccdf3e3134e35e9d693b36e97a6d9a88a77ecbd76bda69c5722289df30603c

SHA512
b24bf701e05b5571b756c16d14ba88342abe18d5719345239104b46027b9a13806c962e2dba90be79820137cc01114a08e8825ee7be07015d154cd46a1b8ab69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb9c6e7ddde58d15bf78d24b44041bbd

SHA1
17e398e5b7c96742a9f31c7ccd2fb0efb19c85a1

SHA256
ba9f2649521d36c3d06e751646f58c0c66ae6adea6e875b211aa3619f5aa6d64

SHA512
42cd183f7de528bb05f7aa893d2bd400df6c1fa163b246a1c2f259e75616fa8bdd46a4dab2cbaee6d7a046b41e6e055060e693583358024ec8ea341aa104f0b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
515984f07eb2bcdda99d7bab9d692714

SHA1
ec608a6e05470eec9994425226c9eda0eb2cf4fe

SHA256
9a9bd7f3d782a19053266f28e27544744df002f1791e3c72131acfc7db396150

SHA512
4fdc7fd4da41511f66930ffec761551658d01770e9d0c7cdbf86a0229e3e7ce428fd31a98111c37fbc46924de1bea0344a5f3dfa7380b5681e314138196cba1d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3c78c34923e259e7790b9b03b09ad985

SHA1
011e7c8f47c918fb0014f7c3553b2c3f4753df00

SHA256
4581e8ba02d8c675b44e6ac9a3e84277bb54d44c2fc62ef44cb635dc1a033dd4

SHA512
f468f57a9f973d7608c9fcc46cf742e1a2160e827f7400bd008bfcd82a3271af9a1a690dbb8bf22dfebb6caaf75e62b1f709066212a18675e80634f9455e65b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
df29a009c72a10642216e11a69f4897d

SHA1
46b58086d6d757164b210823f834e041958ab8a8

SHA256
009b881b387dc8188bd3c879f7093be4d43204676141b5ff4c25ff54086c66cd

SHA512
6788a5750f17dcc6e169279774b36b9a90c52e7860170209ac8684c8412e586e406e7859e953a198dae5b108e2069757f0f64fe03976df1ba64bccf2d742f8f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eec2bcfd6ad59e0a4b50e325a552c084

SHA1
1d30f9a75d99647be1ba16fe5ceeffb97afe3868

SHA256
ba4dc1b7d95d307d74f98a638c551f558156d23ec8f1d834e6aff8479179d8aa

SHA512
9b8d171912bd22360de7c4921bb9b77b13db94e8dc6cb64ae64f4c7ec37824cdefb6a98b0b981e17c6bf55caa7a2910e1125b56e15f0cfc3a841f9904ede5ba1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
50226854aefd8265f04b351c5f1b580a

SHA1
5f79a58897bb3d9bcce1167c4de5c10d0d562969

SHA256
b9b287423c70c417cf9f665c24ee941c03d301134e4843750002cb7bcec55eb6

SHA512
3b92df445c73159e1cb0976907accd0740ff523e8872df725c9bb2c20efb341e21dbd1276ee968538fb8c79af1dd5a0db0df8794cb6b741c65273ae42a0b4f73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
07800d327144df4e6eb5ed10667beee9

SHA1
e6662d005c00908ff34c5d19c370a6c15c84c23f

SHA256
c66c8378e471ac141c98bea4bfbe131f31fdd1087d0fd53526d6a4edf0b237c2

SHA512
c5323b5840acbccb74f8e9a9ca402503fa8f45f44683772e9b82839b79491e94f992d4f0e2b9cafc0716a16a7cb49fa466e3def443e9f85047a3e7221c03c336

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fe5b17329f92527aef0dd38e8c1eab67

SHA1
e9d7472841219d4371a3b7551fdaf00163d27732

SHA256
605b116164ca90a07308b1ca1ca8a6033e8e315aa9a475308aa6c84e71a70d61

SHA512
ed991e0415f4927e84089aaa1aa8c5fbf599a2dccb93c76fdc7cb2a7b8bebf7e4cf9dcbed1b820c72d28d083df84005fa7cd78cc1935fd21759139a15def4e60

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d5228946c5b91fbc5de06d14b62e10dd

SHA1
1025e6c6cbb6a3142db6e566f51055bf805acab5

SHA256
49a9d3f330dc53d6318cbcb9d90a0120121586b8d8a590b6515008c90865c435

SHA512
8323669d57feb68c6eb63acf048573c08384702b8dcef86ac3f730e905493694ddb18817233c9deafac39e362ae92420609a26bd76cf8ef8a8854c2afdfb575d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
acf27c6d7f855a5d8933e3e624a6b00b

SHA1
dfdb680a40716e15b0caf7faaf348c3c2fc627ea

SHA256
529e409f1a4422341118701c864f6ed0cb928c283c03f87b60f190bf340c2743

SHA512
bea5ecd001dc86cda7712a043da70bc1a81071847a794122eb0d932ad47b68a964a42a15251a6409b6e0661314f0ee1de5641b871d1fc3d37ff7686c27aa526d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
52a0354be095c750a7ffb2a70b48d890

SHA1
bd0f381ccbe69201c51297ec023d5007cff6d3e9

SHA256
8253c79cd4112bcc590963af4b7254ecdf5c040c07f9a6c8d662c2d6c1de9e8d

SHA512
041119f87ddbcee7c85bdebd5c4a8c5e3c855aba2b1638e643a2d84e254d0f116dcca68af00c52b1c1a4bd9aad1b8b46e3e04066d33f8a405863ba4b13ea77bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8efff824ba60fcc7cc01bd7aa351a97c

SHA1
9a624539eb5a3207bdf1403110c2f63fa52655f7

SHA256
d165e5b1ae1a2048628bcad773c2d5b33cd5e4b3075306c4b76d3fa5364dc762

SHA512
1ccef669991e062b374c83a026bac0d39f0fcde35db529d145ed4d9788895541336062c53f6ba81a3d47d5f5755300e23cc18f68966d2f763e4c21d7707b38d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b49ba1bf325b960bffef1b3c2d2eb95e

SHA1
baef44c05dc6306b58bcadb6f30b26eb7f189cdf

SHA256
c378feea3c3a2540ea03840c21ce713cb58f333414fbbd5e8d327f5dc0af19fc

SHA512
95b8a5ca83ac1d5a4a3f8650d641935defbee49f78916880d5c87d685cad6eddd4fb65822f84cb6b0cddaa3e0adb536cd000f867e689b6629b71b6e2a8ba7d3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0e6a7e5905cda3fce4ad01371e617072

SHA1
2115cb2488bdca8f8347eba7501e2bee699475ef

SHA256
01aa0dacdcf3ba97951173c2c0fc69e7b6fbb9b5b282e65a145b55b116355603

SHA512
8ed2e0dfd5ac074a7c344c145e9b2fc21105a7d10710d4876dc8ad3f5b70aeca60beffa5fbbcdda472963814a9d3fd5673679a56ad4f041fc39383e724715958

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
02d794029b352f191bbecbbba86da10b

SHA1
ac8baa0f327772598d810ff0b6263c1883d3762c

SHA256
d76b18452a12d1b5dd0c863ac7dd1500236df0f6b07d736960b9d2748ce280cf

SHA512
ac7e9925c2ba09e6e77059717b0f6abb75187e04d8707054ad057b6929ad301e1c7a8526434033824c8500b59761d243ad28e9dd0f48e14a0e004e6ec92f60e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab38EC.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3A3B.tmp

Filesize
175KB

MD5
dd73cead4b93366cf3465c8cd32e2796

SHA1
74546226dfe9ceb8184651e920d1dbfb432b314e

SHA256
a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

SHA512
ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

Download Submit