657b1ca1bee5962ae8e1b15250d112ed88b8095605aae2bae22cafb71563d747

Analysis

max time kernel
141s
max time network
147s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
15/03/2024, 06:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

caaaea4479de3cee57eb84e1471547fc.html
Size

16KB
MD5

caaaea4479de3cee57eb84e1471547fc
SHA1

065ef782e2912631fff609ef9322dd16ce237808
SHA256

657b1ca1bee5962ae8e1b15250d112ed88b8095605aae2bae22cafb71563d747
SHA512

25232969051cb665fa799e6e95c27c2935afb18d6e702c8d23e422d0522fdca929250f8ba9407c94cfd53d25fa10ff03eedff145a334d09e0352efd661ec938e
SSDEEP

192:ExscUgPcRdQh56zf5znUTnQBtncKyvynQZanSvJ1JSnQxPnUEo9NLnQUcqH4bPnS:iXmydXScm

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "416644586"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e00000000020000000000106600000001000020000000dadf32dc9e2e70a704967bb3b3ce302d43d9ac1a27cd78eb2b32f42b3089486a000000000e80000000020000200000008a177b389b354acf38ab3aafe32faac22e45154a969091d2d0af1d5724c8e4c32000000051dfead546b13b999f75feccb21dc87bef531c99f36b34135218477cd4df0b2a40000000bd9036f62fbcc1701d970112e180dccc9200d0b8bf4c371343071795b3d110bb8a4b5fb8e842fafd5d2ceaaf474f0e1183384a6aeea683271bd44e83292b4e64	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 2019f2d39e76da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d94d2d3723739f48802cd6414eea5c7e0000000002000000000010660000000100002000000041ac741133531ef53a904e212ed06e8e378e5a507dbad5a2bd36813c6c08b641000000000e8000000002000020000000a89bcd888e475de3898b61c43287e07f1c6782e759e5f763ecc0b457e99fdb9b90000000ec0f9ff67d9a58ea4c6525adfa71b1eb89354a1988934216a2ec4f7259949465527dd395e88eb8e9e1ca254e0fb85866b23756a926568e74a13f53ce2c9a4d4718026023cc6db585a0bd1cb384936f6df2fdd3b61b4b359d5033e06b6411c3ca8416b63ba3785a44d40a00194551318879cef754e706d04b81f712438fd00c70e6c133e938dfa2b1c8f6924ae79eee0840000000456a96638fe1d22215fa07f587eb24319fc5b709613712127dd8346a8444ba3820cb456d4691d4b46575a8bbd5c980ac6dbdefb13f7a20ac00b6cf8c99fcb3a9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FE804AE1-E291-11EE-9B4A-6E6327E9C5D7} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-778096762-2241304387-192235952-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2292	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2292	iexplore.exe
2292	iexplore.exe
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2292 wrote to memory of 2680	2292	iexplore.exe	28
PID 2292 wrote to memory of 2680	2292	iexplore.exe	28
PID 2292 wrote to memory of 2680	2292	iexplore.exe	28
PID 2292 wrote to memory of 2680	2292	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\caaaea4479de3cee57eb84e1471547fc.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2292
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2fa9ae10dd560557fa92b34248bc70b3

SHA1
552b74beb2b572276cbc96f17769bb62240971e8

SHA256
32b287e321f11f91eaf7eaec49acfbf8805ecc9aeb57a02c79cb9ea20eff36fd

SHA512
2ab408bf60f8313e4762bc4b7c1f95edd505fe4add7972a865bc0dbe38720ea7c1f04e62e5f4b3502761f714325f9e35481526fd02c789f9d1cef4ca9c3105d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a0da6793701803a6644b099018565cd1

SHA1
6695b6b2aece0e70134854edba070495a0114287

SHA256
583cbb98e4ce549fac260d3203fce4d8179505ca4326eee8ee2307847e020c49

SHA512
8bf68148e69e238c2733d983a45c75a40570f461353da07ee1f24ebcc1b097f6d13071971b9769596841762840d10c153d7bd5255210cff2d2a5e6ea48a5e9e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7d5272e863b827abebad37a890e585f6

SHA1
77a390e6ef4b1d01a87840bee436c4d182eac692

SHA256
e69e9b89a69f065102abf5308a2033bcfd59a78e73f15d455ab6b4f19a1a5d22

SHA512
4b8519f050cb9d0c9236e156672678995405972749c2c6067e17cbb622e0845b98e5d824e6560e707d08b0ed42fad27f4e29394166e4d008da26aaa9f838a5ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
afae4984a9333ae5278197599c0436be

SHA1
46b68a805d6b7e3cf6d85636aa3f2fddea81192c

SHA256
0df0b70693ec99245c618cccfa7702589c19352df4f52bf2067567739a869cba

SHA512
021cd3cc896a9b221de67d08303bc2c2d1b25ce1169accc434d9851ba146ef015987fc27d6a851a6d1f01aa2f9f44b1bdd972977a821a7d2db14f32760aab46f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7805c2370d386675fbb6b29bd7b5e7fd

SHA1
8879882f2657d653228bc3225d9d86103b5b5569

SHA256
04e7622758577735767e547625769a9d280376e52dabcb2a245427b7179f87af

SHA512
645b00226ba0c80f677163bee57775ffeccaae7f969e04d2d822ef2029467c012768ca1dc8933fa995ab7e1e89dab651cb3ea0f77790f39926d6077996780c8f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d8a0b759a5c24470bde8e779067b06da

SHA1
25002bde37ae6cd5dd440f8339c322d1b0f4418d

SHA256
fe43d487fb4669365502ff8673a1621639f14009aceef196122ce3b218bd86b2

SHA512
a00b46a0a3b342613c5db31febd079b5c5b7fa862e13cb8c50c3a238a3eb7e2349b4c5aafadc4b537a081f5e46ed327c412621cf98f5842a4e13422e7389e27c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1fd843b02f0c9def95cb49275b122627

SHA1
2eab67c8260ea796261fccf7b66ca9d7aaa24175

SHA256
974b72b0a808b1075f32df55d0e16985675d286105e513f4180b2bd32eaf5cb4

SHA512
0164d04cfb063f2acef441eaa44fe17fd5d75b5aeffe99f4ea71955e0b12bad3a056c4a3545b2394be622756e5fc11a96499fe94666dd68f909380fdd1fef6ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
99f888ab7a112e6d4cb89b2ca96817f7

SHA1
15b40b3ed00ffca25bf4130ee2ea8a85a226df24

SHA256
0508a6b6ad92635a2050abe122827ceb0f8f8205c8670bbf87743f8ce39b79dd

SHA512
d52b045495cd291c0befe96e8bfae1ed1ab23d98c34f1c7c6c3c20f0546d8506410298dd0e4a74de387e7efee096b0b44648ba4eb85f01a232a2f18bc7e8a7aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
47d79e93acb09284759d42b71deb9d4c

SHA1
aac819bae25c40ba670c9a4704eba65fd35bf47d

SHA256
40d0cd49716896fdb55cb9770a613acc9c985c5610f190b02a28fc98d00333ac

SHA512
52adfe20cdb7d638d9d7df8de4048a2ca808d61c4540d30b21d9b1d68b3723f69f22384ecbc7460bae7368efc8116a84a04c6ff5e64cbb8fee61c6a865595734

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5b54b501eeb64cff185f6262cd1570f3

SHA1
2b26a6eae689cfa52db28e1db54ccf95e3ab1157

SHA256
b6afe54d8d7c6cae6df395b77d223303156f9c92608b67a42dc589784ca7e270

SHA512
79341b17bda086ff387f3f584db6674dd5c0ab5c49ed288e5853967287f87408f86d99dc296bac316195176cc66d8d1deac973ada002a416c5f0912c7cce940d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1fd1c0fb11f26319c732077fae84aa29

SHA1
bff9f090b268b51a7afda1143c1b4d3c9a259152

SHA256
2a21c82b8175da1eff15118978a3cd90a66f376f88f3e95698d406b3dda8162c

SHA512
fb0175afa737ac0dca5e4c44df3ff1e6b7b3b2450124458eeb69be13be17267babbe2c22a43ae9eff5b4c9dc5ece39f84cd6e7e6df9473f970d5a92b74373625

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e7ea3bbed710f73f9aa0a15d340da46

SHA1
3dc075c7659640570ed45632c13f26a8120d4ffa

SHA256
fcbc451d48babdbc3ae8268110c9f2a8c70873374d653b86cfa2b69385b17db8

SHA512
796256277f85e074116b5fafff75d1b62863f37fdc785ad258a0efe4c8bf04501f414de2ad6e980538d7a1238ff2a4aba690f8b0180378cc2dfe03963c2ab3f8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b0e3141b10a8ffbb84eb5cef7abf240b

SHA1
7c957efc696c5522645f86940287baf52a5a094d

SHA256
e3eba6b2c54a82a5ae290dcadfa69b8bde88fb7268e684eebd8fa8efcaa7323a

SHA512
4101be382b1782e84102be40004b8ad6d72aa7c0122464dc0381fedb0bcfb3074421a66089e60ab6f5a52501b55c21c79761881b3de0fcb0f2a9bf1bbfa939e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d902fc3a8beb40952ed568e5258d2a52

SHA1
ef3cd48773b1ba17570f60d42e787ae3c4c1d739

SHA256
b94c945ef097af3fb6080ea5567bcf3757a8d1ff3b8344f7f76321582834988a

SHA512
4d4b36853427f43b07af059df121169c83f44a3b87ca0f43e77a80040012c418254fee3f73f4357e74f5ca1231dc9164886d40c143e5881e896131bbd9967202

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5e0282015a2e1bc1b02aad912480ce50

SHA1
6443e7dbcea4f8a0178a98bf42db13ce0eb7547a

SHA256
8232acf0d75db405395251cf571591cfe7c5e24993dc52f6f73a8e6d5bd8a122

SHA512
5d791812ac269e23a53c89d89fd3905381bd4e486f207fa27578d4176deb7230c73ecc6207307a9563c970074ed1ee7f81b342472e66f0d6e1c54f50b12a940e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d14f57fd62d57f49892eb0eb6c48ab82

SHA1
12e82f4038743464e7b1b264e2f08db4b72d137d

SHA256
69ee868d576e4c2d6ea8fcdbd05a4392098e3cfb22179e5845e6d702f7ef4e17

SHA512
53522900ef2f94bddf9ac3c683bafeab1ce76fea1381ab754bc2b957bbd31b084fae62a331ceab2ce0b3142ae8de8a849c754ae7ff54b20abbdf0a8265d8d1ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c57bccc868dbaf7bf178ae398a033a50

SHA1
8d793abead79453223df421f56106d5a4c9fc84f

SHA256
8be1164ebb7d0d4845392503b9033d3b0ae8b2881ea8ad26df76e9990e23b065

SHA512
d58dd96b2cdf984c8ae3c62bc88f41df37bed747d52e9dcf1e6fcdd7c22835e5581cd8c76f555aabe1cb527d6bf2cc4862e5c226fca68bc6c202541768123e98

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8AD4.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab8C5D.tmp

Filesize
67KB

MD5
753df6889fd7410a2e9fe333da83a429

SHA1
3c425f16e8267186061dd48ac1c77c122962456e

SHA256
b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

SHA512
9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8C91.tmp

Filesize
175KB

MD5
dd73cead4b93366cf3465c8cd32e2796

SHA1
74546226dfe9ceb8184651e920d1dbfb432b314e

SHA256
a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

SHA512
ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

Download Submit