a81d6020ca889afbd1038931b740450bc04a979aec9182a3a565f95769be77b7

Analysis

max time kernel
133s
max time network
134s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 18:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

219KB
MD5

e68929788082a3dcc0223d6d856e4c58
SHA1

7751d6f764045de229a676ad41157c575f2d7e35
SHA256

9dc3ea28459d77cb1e75f2a9d7700166eae3f8438ebe4c71404c11df050ec45d
SHA512

d57961f6fe97af985a60d890775c2d006a76b9a9887b0912cb79408693ff1b18994cf6ab29c47c1e7082fa16fe7610ab3596d3af0c5aefb78ad61287e7006d83
SSDEEP

3072:SxaQAkRWqJnz03EyfkMY+BES09JXAnyrZalI+YQ:SxLQD5sMYod+X3oI+YQ

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 35 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422650808"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5395B4D1-1932-11EF-BAE0-E64BF8A7A69F} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2284 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2284 iexplore.exe
2284 iexplore.exe
2304 IEXPLORE.EXE
2304 IEXPLORE.EXE
2304 IEXPLORE.EXE
2304 IEXPLORE.EXE

pid	process
2284	iexplore.exe

pid	process
2284	iexplore.exe
2284	iexplore.exe
2304	IEXPLORE.EXE
2304	IEXPLORE.EXE
2304	IEXPLORE.EXE
2304	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2284 wrote to memory of 2304	2284	iexplore.exe	IEXPLORE.EXE
PID 2284 wrote to memory of 2304	2284	iexplore.exe	IEXPLORE.EXE
PID 2284 wrote to memory of 2304	2284	iexplore.exe	IEXPLORE.EXE
PID 2284 wrote to memory of 2304	2284	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2284

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2304

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
3798621650a43b2002d99d881bf54c74

SHA1
8e1f6f6ab1774a7fa9c4c7a848efb69908f7dee1

SHA256
980e59a3995a6fa97a1eac08aeceb51332cd9e79b58b325c97481445199e9258

SHA512
fcee511cc3bfa6f1ce654fe4d2c1d55cd73bf5ee3c41c2bc3a6d422e343a8d1137e81ed71af14272fe5d94be37a23f599c524b040551b58cd729f28f78f72744

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
75cf5c9c3f31a9773115a9f2e14d1725

SHA1
8da8b9e740f21ebad20bc64ea11fee83fab6353c

SHA256
397ca047b4f2708426b300c6b0b1f6d5f192aa31b71daf22d00fc16d0e3969df

SHA512
9049fdb85008bb6e002d05027c421c221b4eaecec13cec51043e70b3af80d7d6843e302e33d121fc91acda9a8d178bbd50c983f69704537e33a8820e1432be84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b8834e97a362ad64b6fc81995a08210b

SHA1
403afbbaaddc67ee33beea97cc0d826030b22ef4

SHA256
21ac4149f9e1afebae5b7d1713395edf025995cdb5275f2adc525c5b03fefac7

SHA512
fdd7fd6d1340013859b697c6c47a2b507fd6ee0692fea51ca1b817797534bbeeac3ea20494fab64be618f6f5b8ab26844e9ab37c872d9fe2fc6eaaad992134d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
6f8a834f9773b014d9938ee05d99c554

SHA1
22d7c35d98e357c5dc5628a6522cc7694512d0f3

SHA256
6f3faf4cd518145d46c3bc353e047f6ba06afcf5bde1d3408d7007f9ff4fb509

SHA512
2a86b3f68c97565992a07a3628aadb203e7acfc288bd8fcbf81bd8fd8d95f97310b85bfcd6a83d8681151e4200814c82ef3296f2bf6c0b282afd735bb57008f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
2152142da8c7b23c7b084751d02d2d80

SHA1
8d613af2356f20a4adbb0dcb5505e3f9ed2ea6af

SHA256
96117363f90997d847bea43980a2a84e39068cdff8ace1278f1aa3eb09f99f2f

SHA512
379975ff6eb902e8e0c6e6c5c79c2c1080e431771980befaa20a8c03367e9e41e56405a9cda4a4a0a497a24b40136cfa964a4bb0c2aded834abfd1b0e2de349f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
8b760b98a7850d420d78cf0b77fea6aa

SHA1
36b8b7b482c38de0a096035dc4d4b4498e38cc49

SHA256
a58cb19650789e7a20f2a8e212cd5a59d85361556ed251b5f9a28d0839fb2e84

SHA512
7cf5d26daccf2ff91cbc3e210b194ec2d3426cbd6e6434899bda2c7164db6a916b71f40011bdc28e48487d32eac6b1aa51fef8ba4c4ab27849fdcc5d4160826b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
e13a8d96ae4ad85e1aa9bdd5efc55682

SHA1
baca5060ddfcc3cbfd9bd4ff8d3d0c2f2953c139

SHA256
059436b4a6d89ef66227289da51a8a093cc62e0a23c8a898e7600c0049b074b5

SHA512
ecb7b16d45a6c23b56864109c86c65fd2341f64669c3f067b8d1f64f929d8516db5af61cf1d83212645f2d047743b66a94095470a4ef8a23c4d1c3e8d2082119

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
08b553999d2f182763e8cf35419bad09

SHA1
2b63ed4680228ae300cd0a5b5b822d4adb2acb33

SHA256
7bd90087c3ee803818a19ede67e4391d3549e65e1561515f90f6e76af2612ff7

SHA512
7134f338d826b9017fa14007e7b35b8c61cee7c89d4120a488489b3a1a82b0e2782a71782c008d47b58096a84ea53252dc543d878c6e5b235c3af1cd33b7cab0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7bc4f9f9945d3f88357ae1ac524d49de

SHA1
2328b99f4d8043ee98f871052092863449d50b02

SHA256
322f36bb87c6dc758fa7f507470dd1121b2b67551ecc647d17af6bba9a26db4e

SHA512
87a892c044d8e87884ef7669275424ae62b1aaeb15a5b5d05a8601fbbc78bdbd9223ac5f66aaca619c7981034fd113e1155874fb640116e3297961feadba5cb4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
0eb599640f15537774c5ca5adbc942be

SHA1
86dbe7191fd485d6f73af61ded124f7686a31f3e

SHA256
a9816d5f72fbfc0f30aa3c9a08411fe51f545ee387118e4058a83a8ffda0da96

SHA512
6be9f7061510babafc1fa7a688b19b919cd27abb718df2d63291ad6bfbd1253ec912fcb844ab002cc248135c9354373f284c5a3111e293d653698cf39b18bfc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
42ae8ca94bf00e537c831112cd125946

SHA1
55112d037bf0230dab0f94bdb74759e3092b3fe2

SHA256
27908e7eef2e0f76011ede609d81a4e6a5f6efca44617ab1be0d67427f755683

SHA512
1e7f3c4f077d48bcbd04c685ca8f6d17878f37a179ddf439399d712827b1c4475b8a80745e095d9e6f76a700755da1f9487bfb957597a3edaa87f25f954d0612

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
21f347121f0b39512ab86cd4d8355e63

SHA1
d970edfcd408a9c16fee69347fa652e6b281a620

SHA256
aaba8abd4c47c1e30f27ff5a76e28c7922bf6b4b0a37cd7876f7b61ea423f8a0

SHA512
69af38ad4f03ecebba534dc809bde31f00c60b827975c823730e9fa416b4da43b8634fda64282f75ca802356244bffabf172b6e34aecec8f82920a14cd7012dc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
fb7cf3a6dd2dee25e1d0bd7599536530

SHA1
9b46dca7e661e7659f2822d535e2f4c50b87f2f8

SHA256
efeed784af112d5422e515ce8c3222fa1232d954342f9348d818caeb9fa02a92

SHA512
8fbc264ee7e36e07f0733797b303e90c167e8f1044b9ea575e327bba7201101cdc790ae2201a69a1e04c9a3ef95b8bbd8978b0821653f92ce2152273c369803b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c7c10714eb168138278975e99007061e

SHA1
50f7a2b0b73e753e257ea33bbe0623197e5fb517

SHA256
a3eda29c2e8df3285c361a0045240abc2bb67dedce200ccbcbda8cd9fb5b307f

SHA512
6507b03f902a29353c5ad7b538eab89f3ec36958d440cf5ae22ae756003ab0b46dc6e416b0dba05d16542126e47fca6296e965c34cb69007de95da9ce0ade456

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
f8904abf3be0552fb5e9ef8654e7e7a2

SHA1
bfe9bc6968f19f334216dadba66d5d43a102e5ca

SHA256
e416038864d9e3c5ed2358d7628816d0a049a1095b54842e2a7977542c633823

SHA512
4d790a9677732c6d04c567f0fdf12262b70018a7f43751f3a2d4c412fe4f173dc189f3713f55ee2ad9b8fb7ba0b1a3945fc5545916b51c64509c9e56a2261b6e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a1c5edcbc8355ccb6b65df96a4d66951

SHA1
1997fe7a4f0c514cbec36756dc71d7de5347e1c5

SHA256
6dc9d70ece58be1801681f276c9b744d4ee3632c5a8f7bd4dc94e085e323ca08

SHA512
3da74f392021b8f1dd4f4b1a283d5f7ac25fbb0a31f8f93375104f9d42cb870ad41a3f6bfae6a992fb7a70c7320d7a917d4cf4b0e64cfca7f1bd94f436c40705

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
52b33a60d0fcc6bb3419d4fb24f06769

SHA1
e754fe7c003cf5e377522c60cd2c594b26738600

SHA256
b45a46ec38f3d9333e1f50fc4a9f5bb6531c7da4fda4f2a7ba3ed8a92cb08191

SHA512
8224a3d2d35d1e64961f4adce2019040f251632df4468158ba5dd0b860a322b663afebfa8c0fb16918db701595576006dfb3d9de3292ca9a65b406f78c65922f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
86628294aa4c0efd34c07f198889636b

SHA1
3c3ea5b2a66cca95ce8b02188ac67d89b9d7a73b

SHA256
8636a2ac1e8a94bc8b5d2537109f432bed0c37d5f56f21e56ae272bf3bb335a3

SHA512
3ec77a36cb404c1cc7c59c6fa0755ec06d1647ea0464be7726ddb99ca76de34fe66a86be6fea15a47f6ab3789322aead55814d7acef92bb810fafdb897019e27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7a27e5accefee5f14f21a1ecb1e83383

SHA1
886fb619d1122e035399fc54500bdd0821b484b9

SHA256
a2728c646a797810e48175a4abb6608ecc3ca54f487889887d6b7603de030207

SHA512
ae3f5b8e8740b813b304457cad1d7b12755a37657114bc0d58394b9b50bc3ca59ff1b31c10a3fd12e732da16bbe4a35af01cbfb829ffe365d93edf1a8ddd92a6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
4c80a71d7e5046913055e3fb2cb262fb

SHA1
4c6efcb71b6d291a09d31fd6d12d7cfb88d98276

SHA256
84c2c7aa8136a76b725419ce2749cc1e20d4f1ffa24708d9cc3b1f9d6ce59c2e

SHA512
f155419ad12676ab6852579b2e927c974cf40f11633ba4ac6938e78593d4b7bb21bd2dfedc8c635e473ae25cd639701512951a0aa3b0400c8fdec3f55fa2b800

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab88B.tmp
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8EB.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit