b5e0391a056fc7aa40d22e3927fd9049a178b959403cb1d1ed68a72705202d99

Analysis

max time kernel
133s
max time network
135s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
08/05/2024, 23:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

213KB
MD5

e480067bc86d71d2bfa04064524da784
SHA1

8c230f2d11afe35ac66ccd5aa856fe1272509846
SHA256

56de62123e5522952ead14efc8c052b3dc0ae2a7a5537f434671ad7fcd8d1bc2
SHA512

504ccf8cdc087ecf5cf9b4b17b1493a4d68fc5cc3f80b27db52f11301bf275d0875eb016198b63ef0ffc7a8a074be042f11442b72f070def94abe2402bb2ce27
SSDEEP

3072:Sgj4i3ssFE7/9IPyfkMY+BES09JXAnyrZalI+YQ:SC8rIasMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1FEDC391-0D96-11EF-BA3C-D684AC6A5058} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421374257"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1088	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1088	iexplore.exe
1088	iexplore.exe
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1088 wrote to memory of 2816	1088	iexplore.exe	28
PID 1088 wrote to memory of 2816	1088	iexplore.exe	28
PID 1088 wrote to memory of 2816	1088	iexplore.exe	28
PID 1088 wrote to memory of 2816	1088	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1088
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1088 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2816

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
70dca9ae5e3a5c4e8767d7e0de3ffa55

SHA1
220dc912d179e511ed4ee510b20c88aa816d5d5e

SHA256
756036cece9679e1cf2d958b4f7f7cdfe7a39a447f38ad0bb8e52a5b461d5178

SHA512
92c94fe39ba452d9b11bdb9a2fff723b52b2380fdfb0d757fd80565bae9d5e33d8c8201e37dc133b120979939247d50771dc13b1e35b4560860b0372f63f8851

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
81fdf0b8c1c4699b1720be1276470258

SHA1
257e78d7a87c949d5ebd17fde07d1b850597dc0a

SHA256
0dc5e7e2746d77cef52ad940664e6a27d5c88b36d31a539577630b9545e80f3b

SHA512
fb4fd6107fcfcccf02ab305986592b3b54301e0152b3ba40e26f7db16d5948b2dd337eede6cf2ff3d0b885a5db4b209945fa39f0d3b930310d2e324fabddb0a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d203a12a61ab4c6f0892aca3a5d54271

SHA1
3fdbeef6bf9b59f188d3034d469af833a7402cc9

SHA256
dee5ef74a6a97b4ab70c52891a5052b68256f657258e3e440d1f226eb8dc23d7

SHA512
330dc2f39c61869b437f7447a8e0ea36d789e5f34a5a7ea86da96e3f373d6aed50495ca75a16bdbe36b4dc30bad3377b0614fd0b40365ab36f12c32400d1485a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5f5c00fe1360cb43c9e3065065f9c8e3

SHA1
7262a837753a638d13b1349d1eec7f2e1ac3985d

SHA256
2b2a8ecda05abe30a2c9f53800e12ed5aad2e3659f975c58fafb423e5fccb557

SHA512
a34daaf305ea86b79af96651804a5f336eb63816547db5a89c13ea6bd631ea2a9cb252896c418f9908f84a6f480e5e7ab1247d965efb7a2523f25885bc789a57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8cc2d1dc95173db07e4a1db8fba7e96f

SHA1
378cde4d0f524b8e5d2b767ec4d0bd8714677676

SHA256
04b3afed7821d6bb760f0095ad12fc348c82fb1ffd7ae70eeed51d0b561a9de4

SHA512
73d17541f0a311898ce38646388eb4a90ae57930edd11de6f7a1bc774fe2621cb68f3ff13f9d512df41715f0c5e80c66d118c3c489e56cd3c06de5d934a9afd1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
03392dd7a72a5088b49c9373646d55a0

SHA1
bfdc3cc9493f26abb01417333cefa45d5546a174

SHA256
a6a8edafb7bafc6f7d8ebd286187d2b3b1a3798e5a9d5d87ce6767ece315ff0e

SHA512
d0a334df871cfaf7c78de08eaac985213956c06a22857c3f2fad54c1652dee046982d31610f976674b4cba6209d645352ceecb6b6715691d1b10247683b85b4d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
213332d897dac47eb0616b194dbd3f9f

SHA1
d1c00578969cc2556334d5bd259e87dfb4a7eac1

SHA256
a5a6edccad5fbc4eb8f47bcdd8de55f6c331273b83e3172fb7e5c731420eb83c

SHA512
ffb37bca491dc80a81b6a4020547dbe4dca2578f8f625c2f0313e3e7daf1102295f076388dd075c4e1729c00660abb16250f97d325b7ca921b738e56581a9508

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
778db98e9f03be7422954f742fca979b

SHA1
9afe43ae20d26e038b2a12cab93b608949a6f19f

SHA256
f66c03875320e4b74ee2421eef4e43dd51300202253c8daa62ef79eda16c96e7

SHA512
8c88718868276d666e171f4152a3c64a9165dbe8bfeb4acb51f5665990a81270d97ee681dd597ab9319ff58123d47d24056b20d695341448b72e04d7291138ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7465de113e5f18f7e81e176ca2e742ca

SHA1
f7eea84c8370f2e75ec1e629ee879bdc8a18b8ea

SHA256
b9e84cbafc3251eaa0e85a280cfd17296899ea4652eb8ad2a44297096b55cb58

SHA512
09ebf7c7f38a9f4a56084221781c674156e0388de79fe57287fa669cf24d9fdcd8acea378fce890dbb1db10ac35680b503cc4d6df535a8083434e52c98742d9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1f085613a25677e2599d301d0d1f65af

SHA1
0b07ba4c83dc4775a84f0d90055079b3d7335826

SHA256
58708d1a66af991edcc54d3fe3656e388d3116874ccc7302b9da994974c71a18

SHA512
15df65e973557ea6e42f1ae9243cfdc6098ae51a5f672815367b763c087c147a9739bdb7c7aac246bef060959b06d34e0a64635b2a8d81695f575c8bf1f16517

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4998a6ca86f564108b29da3529197b06

SHA1
40608f846261394774a184efa4aed3a2cd5fca20

SHA256
664c74bfa80a5964259ba8e1aebf6b3087acad6e2b85c22246ca3cb4810b7669

SHA512
1b3540ee07e5364cf9aa8b805b4874af301c6c26a85ceba594faded592131db48f842a6c65f686a86c94fbebba844f5bef117a9f33aec44b2b235a3ae2271161

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4e6d7f0d7bbdda4d35156a8aed29d5ab

SHA1
48eca9e0635dc85670cb8099726582639419cd2c

SHA256
1377c61acbc2693bcebc8e42aa914d5313468bed1a660fb61b4b49c464d6101e

SHA512
1a9792b90bdc1c48e577ca4760131809e234c42e03c8d49d303b7d888492b691a3a499382ffcfe6ad95e87152de0d6affe64d8eef52350e8f047d5a797a948cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ade9d27acf2bce675d7d33ffe95489f0

SHA1
4aed6c2e50e9c6840f04c9e42ccf5d2a91e79f07

SHA256
1eb8aa354354d0a82199150a149241038d79a931e64442e06de4332c54c3b504

SHA512
c9821ea5e2acd403f32af7d03d8ee1712fdaff0b63b207751beeafd99387eb83231aa7452aada2937da181d9afb2cae0cfdb80adc9fd01e08ff57a7d85635136

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fb493e24c5ecb38a3ba89f0280697be4

SHA1
df581fea034c5bc640a53b7fdd29912fb5580033

SHA256
c0e6be0c4c0c9b52e9d657b8d431097900c01b24328d349b5146227268961392

SHA512
869f48b32f24a69731336a6981ef37d7a05a752696baa95699fe94ef6ecbb8d2adba6d6607b561fdd45ca6a0bf178307b0927b24087ad427d298c3cdded26c44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6aab74ae1bcaeef74271aebfb556ff38

SHA1
dda4debaf99771fd1f32f7ad4ebe9f4b5016dc6d

SHA256
43c729afd4fc49307cb097bdc8ed51407c430f790246b83eeda2be27c0decd57

SHA512
33eaf00008f145c48149c1d18b6c48de8619303cc2f5576aa2455be77c9cc6e6b4f14146f2cf448500a0cb18b41bc8014d661487f565826c0faf5d5bee152152

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49f26e11cb56aa30e30a2e69f1a2d903

SHA1
bab127cea0d2ad66dc73f1dd927bbc45cf44ffa5

SHA256
aec39cd972ce288bac7151ff59229a5069054bf886fd58772199cb2fd50161e1

SHA512
3e4e60edb0c4caa7495823802b611d933da059346abc02ca9310e1805a9273391041a0c543f628df048ae2fccefc4755fde3ee16688b5332846cbf3e9efa819c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a7b649727d528df4db9f24f28f24b54

SHA1
7d2acc17eb63138bb9ac658145dc316ebeb92284

SHA256
76c17f77606d67fd95dc0ce5a584ddd0454d13dba9c24663b36642df14d1ffae

SHA512
0e543cf8d0ef635685074ba14e51b70dc4aaa4f79bcf7f950e6cc9288a15a41baf95988d9cb232c1c901fa283493709caa3cdd6660bec23c965e248ff3b3205a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5b2c0f1eb157f0980942989bcfa54f65

SHA1
bf8c19c0a6950ca05d4563b32f470c37b72aa3d2

SHA256
b867dfa2d614b5a87fbe64a1e20ef1abed2de620ad4b93a7e0ae703947dce5ad

SHA512
8a78668f5394dd80baff6cd23b583714a306bdbaffcacc1481e9357eda3bbe013106184ffc2ebf55d88f0fa64b58438ea291837e0bd4dad5483c3f1f18009fcd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9668d94d7e25aaee5089bd7329b30e24

SHA1
8d2feeca8765af8464f761ce47eb7b8fb0db4103

SHA256
884aa6fd62904138fc028ac2212fb836d71a5cd534259b3ed7889eb6ce30036d

SHA512
8b38c26ff9c2b76012ef7d3832c9613f6da3e4065ea4dbf57c8d04397b7bea8a497cc769e9286ff24aa7931f3b4f0ba748c509e6985f67b8e916b1a3651c7663

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ba96707542742a41af3791723a6c4d1b

SHA1
0def79bf00caa7b145203dab1567acd41fdf9a43

SHA256
994f68f398439936352d2467ce3b30f67cc94e71dfcb7914a3387a1b22058f25

SHA512
0c3852ae188a5421e0e34cbb1c818d98859e76566a6f13e9777e553b84ba6c9ac9c7534e684f011f1eb32e863f272c0f65f8f870cce5b26149f7608d051103e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5a783d2a59ab73cf53a05971c6141269

SHA1
85247390bd3a5ebb5686e01b7301e68be2418d15

SHA256
e1ffc088171f2100ef9cff901ec791ce5abc51ad0625ee288f78c170437d6d8f

SHA512
965445da489274d0563a2d8ffe9164cbe53b8d9aa341d7c9f9f4f21a34d50dcd28ae44ca5c9e1343db6765ff01a903f2da9864cf4158d32c6fab9b2dccbf28cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabF9C.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFED.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit