9f9543df85793c2d5b0356f091f5fe781257d8a2af717b758e602333f51688da

Analysis

max time kernel
134s
max time network
135s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
05/05/2024, 03:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

213KB
MD5

defb04b07b7753dff72e14fb4cba4c01
SHA1

eacd0ebe87cc5ec111c228d173497c5b4a80d509
SHA256

76190ad28568c75ec9e07212afa1fef8ac1fbf68404f2a9c3f9a08bcc9a89d0e
SHA512

65c76a46e234dd0d795268c175c84971b8e9cb3317b7b1ad095a85fbfdc44a7d296a58dd4925ec72b7fd13586102c9f572c9ad00068b4424c2233909ae33d3f4
SSDEEP

3072:SeDsgYWHkZCyfkMY+BES09JXAnyrZalI+YQ:SeODHsMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9BECC291-0A8D-11EF-A1AD-46837A41B3D6} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421040747"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2792	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2792	iexplore.exe
2792	iexplore.exe
1748	IEXPLORE.EXE
1748	IEXPLORE.EXE
1748	IEXPLORE.EXE
1748	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2792 wrote to memory of 1748	2792	iexplore.exe	28
PID 2792 wrote to memory of 1748	2792	iexplore.exe	28
PID 2792 wrote to memory of 1748	2792	iexplore.exe	28
PID 2792 wrote to memory of 1748	2792	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2792
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1748

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f39e89c944fbd7b830fda3cba6ef7bb4

SHA1
de80ab0f7e9ecfb0babbee8a8d3d30de52c53bfd

SHA256
6bc19b8de804839aff28f39bebd20892da93dee63badf32b547927816a9a3b46

SHA512
7cb7185e022e3157dfdb359f66442b5ebd53c043cc0ee5ee361ff708d0042040cd05f5532d891ec5daf8bb7064e544907675d484475f30b4baf7c486808bf104

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
66f24a6dcdb39cfa1c54a22108a4b76c

SHA1
cd5ce7b3e6f5e50182bc777a9f2902893847f011

SHA256
8b1df6009c3f7a8b10d276c97b47d722e6f631a0e58cfd263ff8aab7c1443e5a

SHA512
860c758b336e4fcacd45e3cbd560d7d17d5dcd924728974c79cf908d0ab86a927459e0d901714fb35479d69dfcafb9b3095af4dc23eb0a5359ef6c058f055f95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cbf5c3e80075b062dc330ed9d2b9609f

SHA1
1245cc9011253e54b6d588d7e7a8b4b11f6465e6

SHA256
dc0234029f568996e2cbf5a4095758322adf15dc72c673d69254737a326e32e3

SHA512
80851c56b5d915b5afd25dabb82d0b582bc2732edf98159a0c580bb3762e06af893525df104b01e32290fdeb57c951ce0ee061425692a1aa5a42a164f4a2816b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1b3be5e3dc4e9420f1b6200caac18e72

SHA1
22eb846913daca149ada6705b0d84a5b0e2b9d37

SHA256
865a39d2e0574c9452c7347082f752b2da6e0586b49ec8803c9786b706b1c5d4

SHA512
d5f150e34a779688b638e7e5b29137c306875673502d483666f9e52914b926e148ce434f5cbbeb169b598ee91406eddc90aa8d70d1bc98dc8c6ad6a4d7ca5beb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
09f99d7ef84555ce5ad621bd64865443

SHA1
1339d74eb147be74eb270b9cb78ae43865ff2e11

SHA256
a1ab307b74b7d6fe205616375413728a7457fd94388d1e4a6a0255c474d9079a

SHA512
984460f5980bc39b1c50c0d2ccc7001908a228853a9d65c576830ff19517b78693329e6d3b3a43f01553a81ea6bd730bfc5b3b903ab1ec9e3b8b37c44a17cf17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0d5380ada188c67b85ce0d1ea4c48412

SHA1
a9fd1f7d055fd8a0a9db80e802a96ea19c48065e

SHA256
02c858de5b1f130c4694b769b6c443f5fab6ee52d639ba1f644f8b33f2a3bbfb

SHA512
da302cb2b50a6474d290217d24de8a517f58c6569aab538235387cd9a9ac132042328bf1f254e948094dd89a45fa12a6482b7f065021ce9cc123389f13de027d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ccd766572ccf01683206c8a36477f495

SHA1
0e589f6e165e19b712711e3b67fa3c2da30ada75

SHA256
38b86ead8453a8ed8493935f13982aa8cd0bc16cffad35acf76435fc2da38cc5

SHA512
d79749b04bbab5d68f523ea4b7e4e42c0da2483517542ed675f4c751a02fe28a2470d7dee2c43f20a781368ca1d5285a2989462fab5c5cbf7055beb19f916d16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b6fba1e9a2fda73f1026d6dfa0fe0117

SHA1
5e4d1a62bc57c0d1f0b3186492ec298633fc34d1

SHA256
ba21b07bab6e3f2b1b3f32b8e56cac6518b4f8d876be0ac03c20742d1967c34d

SHA512
3e9810ccf4cd9490ca0e5ff161d0f92d6558406481d68a941d98627b455ff15b7acc592bd9b326a6b6e2d8f96d9d3b3f272ffb9b97faeb4dccd0817617f2a99e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
18e778b8db86ea0dc1bba5a162579469

SHA1
da8e3cf4affc80182f9c664c9b23ad41f21ae4c1

SHA256
2e6b2d9a6edd80db64fd5b1740548bd56056d636719a9a8d69672151278fd27e

SHA512
559cb69a12c86db065c194ea38f6c722ade38b35cdc5b261da30bfe3c64047ba286e210e5018a8197592ec098d59367b2e9f1f300526826d5be7cb5100b563b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
442227e13c19520c724e080b40193153

SHA1
cfacbd48b03e676576979adaccc5a4aec0c902cb

SHA256
c19fe81d538f020525f7ef50f29b2c4478257eb48ee8f967b5c9826e807f2d6b

SHA512
95bcd7470b3206ea233c3fcb403d6c121dbaa4dfaf848151bcc410bb400fc5cac92ce3dd954f8c5ed5b888c3eb2ef522af761951fc5dcc39443bff0acae42596

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bad0354ab44a5adead841aee0b84ab04

SHA1
78900f9fc46171798087b92523a6460992f16293

SHA256
c4f8c2a624cf33a90cb14b81e42e912a402b0420c4784fa3826f8575f7a9a1d7

SHA512
328e12934ac812aef63dee0f29a91a2511f4cfee0bd94b0934046481ba0cf1d9332e2882a8f667c70f198a1374f34842edddd05a51684818f8661b360a1b4fd7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
11330c18c473047a6af64b1d24277910

SHA1
be2c10688a6c0fa9d7ac7b1607108ab0b86dddbe

SHA256
c2fe29490bd4285c1bb3534fbdf0171534ac232f80373acc5a9d10ae16f20b0a

SHA512
71ece728891b303e67187ec768871b0e68364ab302ec09888e964ad8fbd02e12ea69625464e0bfef4cb44a84df42ccc2c5b7e4b621f26587600fc15eddfc6f6a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ab6dbd52ebfbf7343003ac47aab08db4

SHA1
9fe8cebf98bdc90deaacfb615d38e3db41f9cb5a

SHA256
ae3113a98bdfc5be01dada8a7d84740dff7f0283e04beba7a8102932d1114b47

SHA512
cab9f42d42aeadacc057a8b602c1a3d81559e5d254ee500776b4351dbad22fd8234c55a279203eda79df1101f2eec13af9d6ceaf1ec8e3d815a16c0a56812f04

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c93ada3b9eff786a04c8e7eaa16d6a07

SHA1
9eb4f990efe0dabeabf02154f691f1bb68743844

SHA256
f0b14e3c6a709039ac54cabd159ca2fb733645343aa906878fc56650c43fbc58

SHA512
8c5ffbc7829d76f33d28404c370febc730dc498a35631d866f3897ad7233ddf82c55f66d4687e9b98358667e4c6f4a52d6febb564fd1f509d09abadd5581fa5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8fd4bae1b33bfb1bec974f156a8d20ad

SHA1
36c93fc60cfdcb494637a3aa2be4d8461e7d80ff

SHA256
baf82a45ba8dbe4ce36b2549bf1c730b62e516393563568d52502afd15fde8ea

SHA512
d7f2cf54efd9cbc14483d2c987cdc2ad31b6e0cb52d15b97c8f75d7bf05e43e1dfbf7b206be96942019fc7cb66a66a6ef054c1c54b80c3a402b101c87f9473dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
53122eb34430912465fd77f07abf2050

SHA1
1fa323c0e55b7d28d020ce4e299a96dcc195850e

SHA256
62af20a0dd85b58b736a99e4831e4c828a41a8b6c6a4f5339398acf6ffee7a6a

SHA512
7bfd082b1d596e22fa952dcfcfa71e183220cf0ee82db02ef987c4891edab3e4da2bb2c08ed78856203ef593df87ae670f70557444d60e134f3128e002369996

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
82e5380b779b2e44cdb694294470c333

SHA1
dcfff94e6745e099df5f08254a6cf7a4db42defb

SHA256
c887db614b2b231b195619d6b9ce68398f75a5fdd7bd49f44650b478d4e897e0

SHA512
2ad3859561aaaa19a2d756382758aa51e32296af1e37f19ba250ef5e17632582a03007522ca51bb53113e43451c7e886902840140cebc08a7cfb18fa2b801a6d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a28ee3d15c0dc64dfb316a5ba10b6a1a

SHA1
f1b91738f29478f0e3f3d422fb2a556cc52d1e09

SHA256
47d170dec0585058f354dab14b79dbb6884bdf23c95dd5a17639b01d438cc6af

SHA512
0bda8ca40c4e3f9e7d5d9cce07eb5f836f5990c9f8fb97e0e13fbc93e27eba21b9f22ed50aa72894dad817cd691c75450a2a6d611684c0f1ef868649d68bfe5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3109cad147318f52d8b7c374ff1f9de6

SHA1
d9f3fd8ea8497cc3b872de16d357b96f9173d3ff

SHA256
ca55cb67000e632d370a8e2ece7bcaa815da1f01bcf37f0de6ce45c885538586

SHA512
74c139bf0ef621ff14c9835fd1a0b0d9463db307442a185c9d0450314d94db49658de536bee6a2e9b17fd79cc9f2fb57939cc77fe1858dd9bdfd5bd3ca1a4239

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0e6539e622d8251252efa8d19cb9364e

SHA1
b9e3f591387aa59a5ab3610bf7bec4db1737ed34

SHA256
28c24977c6709039f85e0f4368da2f8bf769581f7f9f324bb165b996f90417f3

SHA512
081fcfd443ce91a0f04620edf596607439c88f5d233690856c09756c8718b6a6373f4b2eac2841cd28726f024a50e782daa8127bb1c01f71d9d985708cded83b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD1D.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDDF.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit