b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Analysis

max time kernel
121s
max time network
134s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-03-2024 04:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

tracker.gif
Size

43B
MD5

325472601571f31e1bf00674c368d335
SHA1

2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA512

717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000071c834f68b8ed044a0afda50fbc58a7000000000020000000000106600000001000020000000cd54f5340a3e3525f4a0fd011c404d9f909ce884782b1f558c2c41703dc6ca5f000000000e8000000002000020000000122181e77ab604e0cfc5994f665af7feff54c68bcbd01d5edd502f85bb7fb211900000001174a8ed34023cb58594d3100cafdb3f16c4df17a0b78c4aa44a87f860c96e5c301474939e75bac2fc75838797e997e1c33e5f659bc7aeb327c6e4c554d42bd4e968d13f1d44cebab808c1e75dac0233ddfea273be150415044f94265bc8e279b4c4b0983143d54be52951c57d8ce9edb1c16ca04005fcc43b5a36417462ca409142d6cbd0225d5802e83c12f366acc34000000022ce52ac7936c5f53ed51498709308f1872ae2e2db41ab4f8ad4e734b5cfa55a4649389af0b70434ffed13161ad8a4143f641dc311bb9bf3b5e09c297e09abf4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{56D8EEF1-E8CC-11EE-8E7B-D20227E6D795} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0d06c2bd97cda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000071c834f68b8ed044a0afda50fbc58a70000000000200000000001066000000010000200000007c9012da4dddc9d698138060f5de8732937bc6be275cc014e9b99a4affe02004000000000e8000000002000020000000ed8921c0aeaaffce9ff369ccfb5b7c70a456bd138fe6ce990cd1af76cdb4a26320000000fda8f89fece525ca78d0138e2a9b76ce6e3ed1fb2cefc37aea8d4c671717bbf340000000195eacb619742e584c3475a56268fb9d5e65d3fea8d9a3cb8cf3a4b30e8cc1a9c073109fb6510b5d25fd6a97293737af17b4f12f7d0de717635ca1f3a90e9e25	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "417329357"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2216	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2216	iexplore.exe
2216	iexplore.exe
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE
2388	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2388	2216	iexplore.exe	28
PID 2216 wrote to memory of 2388	2216	iexplore.exe	28
PID 2216 wrote to memory of 2388	2216	iexplore.exe	28
PID 2216 wrote to memory of 2388	2216	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tracker.gif
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2388

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
67KB

MD5
753df6889fd7410a2e9fe333da83a429

SHA1
3c425f16e8267186061dd48ac1c77c122962456e

SHA256
b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

SHA512
9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
07c012712f01babacc54d73c9bcfdec3

SHA1
5843fceb40a27f970cf2748110952e5a98ac1eaa

SHA256
d2b9874fe4de1b36f6722f91f85c89915c8c9c811b4597c8e0d6cdc0a7cdee21

SHA512
89bc0fdd2e041372a42139366c9c44ddad82723b13f0057073c7cf479dc74b83846e2bc5bc5faa76eba6be87865f8ca42d995dd213072b5885e9464c2bb0c794

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cdfd9e3194b415a5be22f2c98cb9e699

SHA1
ba8bea9ba707db35062c7f60dca978026c725bf9

SHA256
f4646db6059c70300147267e7d79660eb3e9aa56686c09d80e5bb384ad0e3115

SHA512
4dcf30f0ca9190e779e48ccb2b025584e685eed9d27fbe3c9c2d708a4b105a108f1544b80563b31447f1c11fcb61928e909a55f24ade87f302a6540da30bde29

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2d507b6d37d680d81199aef7467ff1a0

SHA1
4b6438273efaed79338503264e14b2eec347e317

SHA256
4d0825d725e642d86c15bebf216214417454bb7c8874b7fddddb5d123be540d2

SHA512
ac4694aecac4e97d073e58e330fbc5707007faab40bf97244eaf0ce50d295958ee2938279d1d535bde7c81f46c22f954f3894c200c0f0a4389ae27bf2ceb93b1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
23207fb72e4dc8357ec61a35ada7bf0b

SHA1
03b3a6af2e799b01470379f2dca2d1c17c62a691

SHA256
0808b37b29f5386a4971721bca713195e57f043a7f7c2c7b27f8b312ee4b8de1

SHA512
ba742c0d3c1ff02c02c8d07f4387c25bd29c1c841e3e8d0301c08969eb9cbd0ad8aa2cbb64b3a94bbd6ed149653b0278188a02791ee89418462aa8857b71e9ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9049ae9e995577ed99072a81e23ed932

SHA1
df8f4c3bdffa72728cad134c0e7b0f9274ae9f01

SHA256
bed887930d0ce77d00bbaa7e515644b68e13ae8d6ea21e6d0a48417a46a6081f

SHA512
7e695e67d41d9f87f2ef750394f4bfbb7359946e0ab8e9f39f92324e0d9ba9ea0ab76dcebbe21442c2964f7f15a008854b9c53c26cc37744968e0b52e6d3a576

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
34da1a5615095a8037d44d4732b20ea3

SHA1
32a660af8d779b8445a21146288d7ea2f4b5fb0f

SHA256
aadd28b95e6fe89161f9292164af3fd7eb85b868a4e6c95cffc445edfe8bfafe

SHA512
a9ab54563ed7f122408d758d47735fc4da0241917a1b131510eb91737a32debfc5a7aebffd4c67e0024bb33407ea82e34285997e41d8fb2a59c0d8df84ef8632

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5d8701997b61d12f93cc69834e91048b

SHA1
058908b480728c99472b5f0652ac17ef5c48da05

SHA256
d1db8ed8c06e993dfc003c1490b38bb3c175eb63c512985b69e25200e92ec750

SHA512
dc9a585eb3a6ba5e41b8cc19a82f20cc3a2dc20356defe5436454b3fec728e50d983d7de8f45242e0381a53731013468eeb12b2e6ff7d8c913e390ebaf3ec196

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
798dc030a9c3758a2b9e30ff59aaad41

SHA1
d95ea862335e0a865e446762c0c4663981988f7c

SHA256
b9bfcd191078bfa1b6ee57a637f33fd7be10e01cdd39b20ea98189e7f2ed6c4b

SHA512
d23e29a55fb4ee31bbfde2ab2dfd96b49b80bf2185700e10dea90dd112ad7542a9c6edf838abbbf47d3b97455d3f1beb0bc1a2ba17f9bb83877c8634ba250bf4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cafe3d498fb7d9bb33d09d8f969bf88d

SHA1
a45a3acb63fd464e78e74cb48e2df8a090a8b405

SHA256
212c502226fc5e041a13a8cd95c70b4c8c7bc665d140c3e8804985dedabc7153

SHA512
4be409661b9e00618795571c89592143a3fd52a84c18d12a58d3f0b761f102d869aa89a42b3f3ad99778e53c2a81a2196bbe079ee18608c4ad45d8731879178c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0f2141ad29587ae7a7f544dfbfbf38cd

SHA1
87afb820969611d001b181bc9a20f03934e867d5

SHA256
8c374e6e9f31617c1cae7e32f486ed76c31aac5d7d4fe46a2bbb4848b7f37dd2

SHA512
d116813e6463cc9e72b1f5feeb283e66ac0313772225165c692870df7fe3bead204d3e086b64bdd901739eebda5a4cb1b18db26481af70a2271272d7558b9feb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2f6bc8c87fe944d7022b7c302d2f3572

SHA1
c49a4ed6a89246cd1584f6b5b9e7f8e1e5b9423d

SHA256
05ea287990088544efa6c8c9a6ef2b36caba85f4c4fae60e3cf8ae6a290e7243

SHA512
f5d3dcaf744c830de515f712733970531564220ba3852763f90664c237d00fcc1d1ffc20d5933828fe978a4b6fd2fa3a8adf3fa1d36708cc20884ce33744e7f0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
61558341526953ca16789d7eca5fa3a6

SHA1
cd88e71be6e9338753fc1031363ddfaa511418bc

SHA256
b82df047f7e027e9919dd74c50aa0eb61ab332209dea3eae5de7a4f799a7231a

SHA512
0cf4f33806cfc71d511f545a8a7ed4d7bb0f62c5b00521535df89fd7a783402cc7346ad0d6058b2e385b416fda0d2f90fde9e0fee4f1270b582375b18e30ac19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
783eb085369e3721de2ad4ec72c822db

SHA1
3299e7f807c62a408be25b0718641a2d2a806e61

SHA256
4b3a381d93d7a409cafcfeb33d2e5a896d98344fce55cddf99c0bc438d86beea

SHA512
e03d12d180792c32ccfc0cbbdd84b4115671a288194487142cdf4fd81304b9abad8839df5a520674daefc0ebf041be6df15af356eab7ae5e8d87a353cc39fd1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e06ffa5f943c339ff4f5969d581aff6f

SHA1
93d806405af3c6671d63e07c493d53dff48c5273

SHA256
46b6b7a7b570d5ad5dc5c44e86af44470c8bfb94f3e40203fa191b7beb75c806

SHA512
4ff0d8c35e9318541aa045b262f5c689c1ce6e24b5c8bd29068421cf29f4497cfa93d2311f45dffb422650b1b2c4112c3840bbbd93d2e90f67299573312a9b2d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
102464953e2bb47efe0bdcac19e59d1a

SHA1
b095c5c157650d029d236576c42d72ac642031ab

SHA256
c0a6ca5353da7f7630520332ee63887f4b5bd32ee087caeb2ae7378bffabd6a8

SHA512
0d8a13283c48d4cf51c33ed1f6948ddd5f4457ad6a39fb74344a59ac7960afe86080709a1b898aac55b387dfe5120820e23f68346669db7e467ab949ff4e5aad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49a8517c6e46ddd67ad9a3b8d373f1e2

SHA1
db5b050851bb7e56f1027915c6cdcc05860455ba

SHA256
55e382f435f1ce691a6feccabfab09bbcb80f8e5958d91a42a4a081d9117fd17

SHA512
2940ffba54c4966d24ceef9e639b1f6aa2ec633007cf7df9da501ea7d4876043b1c780c598a185fb22c8ccb11a5d7976af6c5ff1ee7c900a06cfa3349a93a7f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ee6edff999fa334638364d1b654cb834

SHA1
9fb0068f08aa8898a7f076bf23d714053dd81fe6

SHA256
e09dee1aeb49cce5195b3b6c95022bedf982d45a163b2a24610a606875dcae91

SHA512
a15db8fc7dfebcdb6d809717930db1ed108f5de1c4cc852c3faef11c9acdaac4e3fae6ec1cfd9771b59020575f4273fe7eb8e7e8a76695a1813baabeddf6b973

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2D2A.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2E4B.tmp

Filesize
175KB

MD5
dd73cead4b93366cf3465c8cd32e2796

SHA1
74546226dfe9ceb8184651e920d1dbfb432b314e

SHA256
a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

SHA512
ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

Download Submit