f8c8dd265c8455821717ad065baa6445dbd2d47d57a60f4ebeae3413d63fe39c

Analysis

max time kernel
117s
max time network
133s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
19/04/2024, 10:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

libtta_plugin.dll?id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html
Size

206KB
MD5

38f963971d0f202b0782db33c4a22334
SHA1

9fbe8ef21c327856683f8cc43f551e32c908e76c
SHA256

f8c8dd265c8455821717ad065baa6445dbd2d47d57a60f4ebeae3413d63fe39c
SHA512

fcd432c14ba68bc6474c56965a9a369884200ef23de14c5091f36c45fe09f82112924aa87f6614440f79e2bc60c5dea4f6225d36fb594ee2dcf23a3fe7ca0418
SSDEEP

1536:8h/pdWVoFCOFXFRYE64PE0Ljhx5/E5+6tI9LGduxWBTDl6i+P63E8B:8h/pxFXwBsL6xOLj0BErP69

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "419686313"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{11FE10A1-FE3C-11EE-9F3E-D2EFD46A7D0E} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 606825e74892da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b00000000020000000000106600000001000020000000223e72ce3f3a6c112069fd31565678397613cde60f3ce7d21592500f8074595c000000000e800000000200002000000036fc60f07a83ab352c249485873b14d208c1dc71c55027e961847dd790ae6613200000009c37a0ada4df7f209de3978cd719b723b52dd460986d131c2d814e09606c22f4400000008b3ebc0fedddaafe184c6394db43d5602c932ce182c5c482a637b13e5fca27ece83302bfc31219f65112c0805728c9196ad47480f8b18ebeb61a6d5fcbec48e3	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b000000000200000000001066000000010000200000009667ba2933ae4cb973d5ca0c68cbeb3765a95c25dbba704d93e07cad5f9df03f000000000e80000000020000200000000785c507dbafcf246608c6f60ea9643a4c221375c9eee9be495f55786d836754900000009c152ecdd37c5ccf64c632651b61fa328dbc4b6a6e410777151e19e53b9613a571d459f8f9cd47d18a306966e997c0d1f8a7a6191eccae01e6c51a38f3a78bc2b2ac688c228d6a1e940a9e70e14c911521445d52b2bc5e86b0842837788cc7b1309d6c3185eeb6ec98b3c33f894671c2ac77681baad1ad9501ea6c97c695a274a5bedcb1856d7309b10245fccdbc79a2400000006019539fefb583af062628426db4dfc11f826540cedb69a7d1b58506431411ceabc790d0d44078a73dfcfe828e2f39ab304a9cf33499814582acfa947275c230	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2212	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2212	iexplore.exe
2212	iexplore.exe
2440	IEXPLORE.EXE
2440	IEXPLORE.EXE
2440	IEXPLORE.EXE
2440	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 2440	2212	iexplore.exe	28
PID 2212 wrote to memory of 2440	2212	iexplore.exe	28
PID 2212 wrote to memory of 2440	2212	iexplore.exe	28
PID 2212 wrote to memory of 2440	2212	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libtta_plugin.dll_id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
86d5c7a32271d093df5bcc42f05d4315

SHA1
89c2f985a7659796bbb457c99d64efe1c3f03b20

SHA256
b608a7a478a3e5dc3648e9aeb232c2f7692ebb6f4bfc55e3fef075ec78cf01f1

SHA512
61877e09ad57bac667dc8ea0f214689788b34d1b634d45af45f857958c3f1cf801c9c0eccb4273423ebc66229d1ac315115daa820c29c3bfd876fae64b01231d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e2668c7e1707b4069227b56d5061bf07

SHA1
c2a53675225396586f9e61a41117b47aef510e69

SHA256
c4626ec45520a13194e4ee4b7fbb989ade86b882e9477a771e1e620307bc07f0

SHA512
8698d3b65acc6709ee9715b137e6fd268673d382a8d78196f34b979ac974148a72de0bd68ac3030cb5555c68d2de51982b7d6b90be165fdb539c618e84d63849

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cf365fedf1716ce06965ed658ed473ad

SHA1
9dd19097f0021bc9e0396e713fb3e4d97a5b1817

SHA256
b09b12b75049a4109f676010da78cfc0ba3e70060608203c0e78ff3d2818d23a

SHA512
a772cfcf4184176f68c11a12de589dab313851fc81fb5dabf216d3bfb3ddf0d3acd3eb684cb37964088369bf0f9a75c888ed31c87db9ea987017a15077d2bb74

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0a66ad8f9d3ed3b542d44cebf2648ece

SHA1
0d020445a0e136c196e54d51313950a6d41b62c8

SHA256
924b9a6cf68592bc77cd2c6c8a266627536e32a38eefa311bc18c67fd9010e73

SHA512
e6f3f7e88b846d072d8fc78fd6d943bb8cb3b6cef85e251142ae9cdb104c63e7f0fe61bb00ebdadc7c02cae08dcd00ffe745373982df91e072dcd16031b9588d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
12861ef9bc041af9a3765e0b4cef31ee

SHA1
135bd26c33e06b425e7b893c5473222cb602b9e6

SHA256
038de1ef289cd49ccca6546846858343bc0fe32f6f96997c46afb7dbbb0a136a

SHA512
80e41c942e6f84b158f17479e5ba6e996f96817b09e7e4714843c324fed217962ee790a0784c5913062de10f5766a48e462787c446e46b2b7627ad5c2bb1f257

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49af2a4fc8d161f5fa350f2f454a49cb

SHA1
da9bb37a6c4d82e141916fb85fc0c17e50aec634

SHA256
f337eb8cd2ebfc20aa1a2f21d60c24e987578147a4d318b0c64638b6587970f9

SHA512
bea864653e91eefdc9e05d0927647a5dc3212614b2dbf6ccc0507868c2bfa4caf7a74b67d00efce93ecd71ca36b4f8123c9126a0af2145d48d2e5bb66725c615

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fabc7c29392557029bdc6e17c1a6b255

SHA1
e902fbfa71af0521389a502bc91feb49272d00c3

SHA256
12568c24728e29828030368821146ed960dfdb5db9776a2286a4eb7be9412377

SHA512
66ac4bf28b2f755f1fcf13dae2e99033bbf58dfa9b07a9451946d9ef448bed6ee47dff4206e1d7d613727b2d077e9d5fc3a9814e7e1bab86ec52eeecc3859bb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6668ca3c40e6d22df34eef014a6b6dba

SHA1
51036cc7477624e1307f8c8f68baad0d6c517b5e

SHA256
30adce5c88d48995cca79a683e4abef48cac0f01e60862c2482f5b5cd5556d9b

SHA512
7249010078f8acef8e425ec6d7def4b8825293f86b63d53057f2ca895a65a441c34d09e373d570c5fba1f9c58ff989bb17839aaf4511774a86918567dacb0dad

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
48f1e069c39e5d5d4e2963ca955a772c

SHA1
c6d440d6f77d22b029133c28c5e07889007bf598

SHA256
0e4a6e9d559b55fd384b98d9d508759e2371d60896378287ee83e9d516b76b92

SHA512
7123e52af83838be94f0fccdff2bf69dc4289396fe18b445daab9aee6a57815397ed91591814cca0bba9cfb9eaa8a8c92351d2d1115d315d399c8bf58340878b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a1403e1b8b7160c4ce69bc3b584f1fd7

SHA1
9de47c9504f77f5e088d67a76c3b8b30030a9b67

SHA256
c36e64e6d4d2d2b3712c696c84ae5cc12ca97f0f40ef3a77adda46f21b7f9223

SHA512
6049a230d5fc584ef10e9865db75a66555dc506e03934a1ac820697d567196e0c58f6cc1d6c94740428b88ed4c74ab881489d09b90a1507c52a46bf745068b55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2312456af8652df4c2545dd1c6dcea41

SHA1
21885547be623636fd7265739ff6ba37a6aa9d47

SHA256
76eb1bc3b79c043f0abd7dbaad1236215c48f20a3dcde46fcd15db99b1b4a6eb

SHA512
ebce3e93f18b0f80aeb6ff60276916546f616f30acd3fc268a8bb8b80ed1472a211872dfa76f5c10fa38a5e1655c070c3fa872b66191eefd5ab17ea84926b7ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fc95cab937b42fa0e3292627080ef2fe

SHA1
c8a0421c5637585a26f67cfdd459260d75b210ed

SHA256
b8341d773fea1afcac539dbc564b534b37e9216f589b1c99b15ee09ddb48e5cd

SHA512
9993f72c6bf3d2314b78e3fb548b6358e786e57466a991f279c2d0b6cc7b987d7d4361021b7a1e4c0543c94e07f5aab6f40464fa73c38e825f1666e428c0b65a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4d438fabdfe1002bc9dbd1b15ef26531

SHA1
40bb221828b89de4022cc2a44bb277c3387e0b13

SHA256
cd6310467b3e9b6417176a28340ba6f6f1e36ef440893d0cd34a18bd57985516

SHA512
a11e1020af052e920d3993cf262d239ba2d74de4eb1bdd29ac6f33c6a716475011732a202a5f32b60a1bba5270d0c6a5d2f9bcf52852e0a78492a102ad3fae07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c15c36118845004f95bc83acc95aee57

SHA1
3b2278d06ce9311ff0e97580bb8a986ed650fad0

SHA256
1336ef9a49365fb802d3e4f7985c8c49c77069b55c24519ddfd523e1511adde6

SHA512
29ef9321b6a4e50bb5e677b040f1cc8af4299f0ce641fe36a920c83a5cdece3e9b8ce64675fccdfd0f13de0d6ccbad75f16acda27471d9efcfdea1cba1750c5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80dad75af951ad78af12926a0303d1ce

SHA1
b0506a9d162c4b09bd4ab0f52a90671c9028af5b

SHA256
ec216b3afb443c9396c6a4c6b3a92a84b58cdda8dd69ff94123667dc26920272

SHA512
13899e3c99d59892ef0f2f6765a97e2cc683fb6cdf9830ecbb030f2f7cd399f606d186d415b710edec594e4919b6c4d99e34f922708e9b8d36a6159ee1e892d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4551c9b03c025b5877bfd4253c9df248

SHA1
350967aaa89cd0b02bb40e0bd4660d372fa5fff2

SHA256
17eedbf49a1d76497778a4a727582101bf4f695dbf6ab8c34fe94f2cf5c2cf4e

SHA512
f39b01743d30360497d8951deb87ae675d78259378be701d0ce3f5d61e7026e35a6bacea7d5d8162ee824a111d7ab138824729596f9ae2022b449146ac2c18c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
84ce89aa0bb81a639b20562756b53aaa

SHA1
3903a26d21578d006ee03ab1df0acafa7c872c85

SHA256
66141017dad5a94e47ac5db6340597b8969dbbf7b68ac4f28791061cc92ad8ef

SHA512
c6ae9d25f98d6ba392ad87216b6c73a56c2458f1d958b02a5fa3c161ca828de15a8159847ef435670fc906546c4509827842ce2ee9f83c4b9c6295393316eee1

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA787.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarA906.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit