bd91609c98a761e3903acfde40beb30c5e186a51500ac19f29fc09929097307e

Analysis

max time kernel
119s
max time network
140s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13-03-2024 21:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c6e2609e30d54056dbe81033c77507c5.html
Size

432B
MD5

c6e2609e30d54056dbe81033c77507c5
SHA1

e31421ece29f198cf5b0552dbd479b1067b472ed
SHA256

bd91609c98a761e3903acfde40beb30c5e186a51500ac19f29fc09929097307e
SHA512

1ef34a6a30f89efed83589249908c6619ba0683ab6bd78239c849e235243046754406d58fa0c3748f1898e27dd0908afe2e867457eb5ff339d38806d75d6bfcf

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 4046b4558c75da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8B996C41-E17F-11EE-9288-52C7B7C5B073} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "416526718"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fffacc0240230f40b575ac5982df49bd00000000020000000000106600000001000020000000fa7b1099fbcf90555be18fe92e0dc64c927f6fe3db610cb567552bcaa13567ad000000000e800000000200002000000084135534b80906cd6995a31af511c30a2b92116238a636a5364a28d0256706b090000000708cac70e2136fe461a8c5e2092f3516cf7c493f63c772613fde92e47f7bb070dfbcd9db626bfaaa0b0034c65b48caaaabe3de0ec4e003a25129529be7c89035d3b515d91618e075fe44f5df5984ace570a99392112ae249cea8c57b56ca5a07ec53835471dd6fed2b7fd8765f7b1fa554b41161a991edc0c19d5021fa414caa03b71602c60b9efd20134118901832ab400000006972318ad7498d94f7f6e963f3276a201cfce1ce2fac2e17d6b77df2683b6d8cb7d9a7e79decfea24bbf623b7998e9861eb2fbbe053ec7243d44232ca2b5ba98	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1650401615-1019878084-3673944445-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fffacc0240230f40b575ac5982df49bd00000000020000000000106600000001000020000000901c4dc2cfe0089dfe25540e2e4a72305335914ec711cd5a6b50c6e96afa1553000000000e800000000200002000000084d4c41a5c7446ac33c6d253989c9c47607ee00fe5405a77b0c867a97daa4c8220000000d9507fa25ffaf6b5b19c91999c8f570fd3d87954ce7e19c7be825f071bbf30094000000032561a6f1446cd8b6ecac8540d679850730b8d67c9710807f203ffed803f129fb51f4f9ecc9d8a79fc28112833f78e2efbe591a2f4eedbd2e56340e027bb6558	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2800	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2800	iexplore.exe
2800	iexplore.exe
2036	IEXPLORE.EXE
2036	IEXPLORE.EXE
2036	IEXPLORE.EXE
2036	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2800 wrote to memory of 2036	2800	iexplore.exe	28
PID 2800 wrote to memory of 2036	2800	iexplore.exe	28
PID 2800 wrote to memory of 2036	2800	iexplore.exe	28
PID 2800 wrote to memory of 2036	2800	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c6e2609e30d54056dbe81033c77507c5.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2800
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
67KB

MD5
753df6889fd7410a2e9fe333da83a429

SHA1
3c425f16e8267186061dd48ac1c77c122962456e

SHA256
b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

SHA512
9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
21cced1bbdcb3b00cf8632ef9f4dc033

SHA1
be57e7f55a210c7fab8125e0554dcf1befdeeb2b

SHA256
24049035679a22589557e8262942992ff635849fcc74e6fc857cf27eeb1bc071

SHA512
cc5b417140115a12c3a6e7a0864e4960abb9031d76fb02bf33f1be30e91837024c6dd8ef06f719e08e2ed736c49eadc8b06a0281cf5c61f6cd20bc9978d0d46c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
deb69271bdb6979d15870f04a185e9af

SHA1
af090d910ee38a81d8822408bdf4936ac99ad1b8

SHA256
50e9186cdd06e92e875228e2d215a88d3e8adb82dfa5f3f8145f5dbcb058205f

SHA512
9ffa0cb3cf15ee6287018e79d9c427ca3bcfa69b6a62e2f58231e6fd3ef4946567928078d218d6edcfa3798954c58d0153a9e2d6ed264b2a616a60e7f043598b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ace38887f5b9f896feb786d7aa31e8cc

SHA1
fc3bcfafaae3ed7e3e156a37e8cdc705e287a79a

SHA256
a5e5e87af99a5decf8e8e8279cd868c86d9833e9d6cc5c990070c49e27f0ca84

SHA512
5ef6cd2a78e90ec8bba05e0cbd96424d5e42b93563a4add9331bfeb42118d30cd28374e80d29b2e71689d6d3c803bede48d0d15064e56367c87b3460418998a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cd4fda5fb85d9f058ddb81ab9e5a5640

SHA1
8a9f60ba77951c5313c0b803fa5e9d4252f6d54c

SHA256
6d7891e6b5764d349904adf0fb53116ea3985279ceba8744009fd5d3a807daee

SHA512
d29d0e1fd2059ad788a7e5356b40a9220764228ebec75faa039315bd452fa61646cbcfa5f5d4acc18ccd43a6538d974f6c5aae8bae96a2fdc21cccc312296051

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
784a53f2de500968c6cebc2fc1c41655

SHA1
03972d4d27fc4bef87033582cbf2cd52bd11800b

SHA256
f69b092da725f5ee9050888295ee6fde0edbfd7252319efe072ac943a75d738b

SHA512
1defb737c9bc630ffb4ccdf93e508672c0f0c2c02d7f779af83b9b162dffcfe32e37c9b2fa1eb399015d767b1829b732eb2cb5ac52bc7dcfec5fb87147a0ddbe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c2d447b12aab2b2c1e5f73f0f4d32b8b

SHA1
bf7861dc22cd083985d47014d37b064e7f4622e6

SHA256
cb9cbac641982f7d2d7acccaf63ad1038890c9a86d699b3253e52e4e6135f64e

SHA512
ea51c885561debe5e5e83a2cff0ee7fe049b78a5a040edf49ee449627705272a17a694237aa386b0b22787a35be4411299fd4cc4bf72168d8147b3447a4bd1dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9457fbf34ee68e9e2487e9128261c03d

SHA1
dde0f08a63e0cd4892bd607ac1c0b6838b2cf195

SHA256
1ba41cfdb4a176c85e888939761d4831ec34b990d0bff9e1682f03823d07fee0

SHA512
ad7c699f202ca10cefe1095578f1ffdbfaf659ea9c3159e041f51ebba899c0de60a58569fbf4bc8beb958fd1759323fa75a26962c0aeab3afe03bcb93c8dcab7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b01f18c8153394110ad8fc40b9107136

SHA1
be2f152ffcf55283d720602162c5d75ff6c6b962

SHA256
fc3d3ca4bac6bd1b9a9fcfe49b2bb904c7605acc098f7c14f88fdd8e6ea669af

SHA512
5f7842d6094c39b58d099c9ed71d81877ae4b651c2db649cad3cecc2dbde0c9054d2ac863dabfd8579bd1fdcc2140c21385a826f7f207bc0c67bedcf76a74a70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
170a8e4bbd0e2d97377b282e5cc5b6ec

SHA1
a62be674e5a29a8f52a8fef89fa5fde785fdb3e5

SHA256
ab6171532c9362aede81fbe42e97b6defb2b5bc49b1d64ee93938c798259a174

SHA512
1ff00ddc835fdf32f94c9e34ffcf1038f5ca43de326268d1dd554dbaed57972f4b61bb904c7ddf040eaf2fdbb4ebd53b9a013839af40bae77f6b5fb606f3644a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4a943a1569fabddca8a1a009527d723e

SHA1
e390a6fc935181870a0333ca146e64523f93b760

SHA256
0be10f11bc5b4583b89ac1ee69df4343166cfb87ba9f91c161cc9990dedc349f

SHA512
b538989b9ad0f20d3a21ff87ad20e65db2e004d651d5b725adc63541325cda5c8f88ca1b0cd99988f386ed7ea05cc337b97504b466758d77f915fb0b33aab313

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
796126136277462f911eb438eb3efa15

SHA1
983445957963b6aa760da4af02966b9510d757a4

SHA256
8d08a125e6ad7cd98cd970b9f7a5b5b74525a5694154061b54c25043aa1c3184

SHA512
db886e96c728c2775d6830aae63c4fd5260e5bb944f99bcbc4a5bc043cd226790a7028cf6e4cea0d7b84138987a6b27ac65a5d4200fdc51b23df9f9fe5694dbf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
917ec196535b2daf9bbe1da1109917e8

SHA1
acd63d3c724be2ca19c7e8ec0f7754df572e1abf

SHA256
ab753202df7b514591f83ead487314ff28695470aff7ba5aa95a05aa23760eae

SHA512
bd67713b43a4e30369d2359e9cd53b3d3f59509c3fc5646b95f9f936cd3019ce627e61f90d2f2192acf7c7988faf07a45a6ce476ac069c87f36d3998beb777dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e0e710c62aac3a53ef374d82d19e937f

SHA1
d8ef36185a02ee092e65aaaee3ea3007f8aee7b6

SHA256
3d48da93189a56ccc2e044d619cd1fedf58900049ee4e45858c810017ffa5c3e

SHA512
bfcc14ef64219bf9925d09aa02985f1b33d2c4cb62007c64141ab8f31dffe71f4540a0c70c481b8f3a773b6718caae9f91d98b27b44315363b8010eedfe59480

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c6de71f11309dcf1c6ea0c995907c169

SHA1
823508aa102d69283343f9d5160ef644d410e221

SHA256
22c6028003e736caac0a5e2dbe4a52103418c1ae6f61d53f9fc811162c2a4008

SHA512
aacb94e3c16b2e926c02d7cc0139c343369b2fedabd3117582b7b889f9aa18ede2995b0429ea377de962bf9fc99ebbfe344b390abb39881e74adc59b23d35203

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\5dcsbzd\imagestore.dat

Filesize
1KB

MD5
3a5fde80b9c57fd4a2a3c712c20c785e

SHA1
23941c09c8f164b946575474697d7ec318a44462

SHA256
3f8ed9ac759742a0cfe695d348347aa7505da13dfb497a6fccdd0c7c6a754157

SHA512
2906e4828ca4d8224b635ea29bbbbb62442bc340089df196abc23dbc81be79e581254a32444a2deab3e4db9764643a20765cafc7a040f1e7969aad0421d7246d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNQNAXHS\favicon[1].ico

Filesize
1KB

MD5
91abe01116ab422c598e9c8af72cf4da

SHA1
0f2815fe8e067d48537ad168225ab4674271fa27

SHA256
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

SHA512
a4d5b20c3014153b6b382c43404917bd2cb5bd2a59bb1e981f5a19eb7dbdec185ace288e9700428d24e5ac623e45d04905e706f0c45a1642b1aa6c091213c23c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5E67.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5F45.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar614D.tmp

Filesize
175KB

MD5
dd73cead4b93366cf3465c8cd32e2796

SHA1
74546226dfe9ceb8184651e920d1dbfb432b314e

SHA256
a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

SHA512
ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

Download Submit