6d708793f8c2737410eee4c4fed53b1c7789049266a4276dad954bdffc1983e1

Resubmissions

16/06/2024, 16:43

240616-t8e3zathjq 1

16/06/2024, 14:35

240616-ryey4s1cqr 1

Analysis

max time kernel
136s
max time network
133s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
16/06/2024, 14:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

hall-of-idiots.html
Size

3KB
MD5

eb3fa4f9d6d0754d978f2847917fbd93
SHA1

8fc91fe628848509c98fba82ad42f626d81cd900
SHA256

6d708793f8c2737410eee4c4fed53b1c7789049266a4276dad954bdffc1983e1
SHA512

c07c1ea5a0d95c56a3b7a1f1f736f453f3441c7f4047d945eaf6e03c708935f29069d83da5989a00db4d6541f141709ac6a39b4bfacc1399e94f52643fdb98e8

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90c69293fabfda01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000064e97f60b14d2a8f2fca266314cf2b1aff26dcde7f1d86128bdc151736740589000000000e800000000200002000000049578fe08efe10fce446f07bbb9931c0272489c056869e3eb9f08e0ed930ac4020000000613ba6710415e2ff046ce91e903bd1bbb52cbbf2967d68a3d93cd38893145300400000009fdcca5efc618800218bf8f2caae3820b59fb6d7d6057dd76e69dcabae604c678ee783c7553bbc2894de0ad41feeb6aeb47026d161fb1bcd99ab8905b4a1bc24	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BE5C24C1-2BED-11EF-AF9B-7E1039193522} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000087c1c56d7ad6cd097b3c2f13d258b32bc85c31469bfd45afaffc8844c918c603000000000e800000000200002000000045802fd5b2e50aa2102e0c7062f95b6b3b26d9d9480771bafdf756cf3c5e7512900000005f88db6618e2463da504b20bed85360154fc2ca887ac0a748f3a207c08b795c580c0fefff57efc7d93c74cf483be7a1c96beb3f745aba0430fd4c6330df2cf73192be8711e801e33f27f7f6be4a8099431e4de131fc76db4ab3c31b446b1336eefbb1e0c4aa1c33328de0f9d5c252b4141a332a3330d70e6714dcae159f3079f5018040b7e3c1a8178410c65aee20375400000005bb9d9490d3beef7cfe1a0a001f5f6de2dea93451505d2bb378a2c13185d58cd9b55ce8bab240be23638be9f652dfe9c5921dbac1417b02494d27eea8b723bf4	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424710427"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2372	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2372	iexplore.exe
2372	iexplore.exe
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE
2208	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2372 wrote to memory of 2208	2372	iexplore.exe	28
PID 2372 wrote to memory of 2208	2372	iexplore.exe	28
PID 2372 wrote to memory of 2208	2372	iexplore.exe	28
PID 2372 wrote to memory of 2208	2372	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\hall-of-idiots.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2372
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c7b0ea8c0b763a5b54ae1e3f57bb139b

SHA1
5936a0e961ee5f209792e79e482ae9388a30b85f

SHA256
c13c5aa34529ec2d54ad03f750f53b386a68cf1a7dcc58f7c913a5146159f752

SHA512
f3b977c5b32e86c25dd9dab52d8b2c7846771fadf8fdf2adfd1626107fea02e155aec1aae798fb36437877b7252974e2b7223bb5625049b7bd3235389f256c1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f36c8b42722a1650fa02ea340b827f8b

SHA1
de6a15e053ff70543df4e3c22664742eee72efa0

SHA256
9ab1605cce18db0c16b28d63defcf4370ee6a30d5f24c7368a969571063f150d

SHA512
ccc490fdf8d9ca74bfef3399ecb157ae6fbf85ff1e96ce746aa03c6cd3ae41b87cc3b793db2e6fffcd35a27e197f73ae74dad8413546f32686cd640fd6469fd2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1bd09e2a367db0e64ad512f23da7933a

SHA1
23ed32f8c9a403afd73364040aeff47c6c574f48

SHA256
3c461f9fc8a63d82d988a03108ede1b835691f82d6b0b27eece69ac10789b93c

SHA512
e9037e85f27b7a8bcdfd68a72433c13e1fd740d877a138eb447f16c6a13fe45cbc539fa4b760f72d79244a3ad6e911482e21124f75e2e2da07258221d8ad760a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec711938c4999759f24eef2670d15596

SHA1
82acdcbe9bc9c5f63d540d58700388d902c90579

SHA256
c5fc07cedd54d094cdc565e798b763c587c90322fedf0674cab43ae28195e0f2

SHA512
cb02d2a883178a300b6aa04beaad15441c9bb7c265a93decc9e1367a01e4f12ceae2010be45c1c749c7dce1b61d097b7671226f22f29d7454dd9fc6d93f0d5dd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
31192b7813a5d99ff7c393deb70e15e6

SHA1
25aa0226c934cb24ee78bcb6c77fef2265a11e8a

SHA256
7debf2af284fbb423f19a5dc0dda3bf6b2233ad2efba81eed4378f0291ac3c43

SHA512
e621b8ad28c870e479738f4ebbefe58f2ceffc0f88eb5f6df0838feaa38113ef5e4a3cf3d35a552e848b5cf3e073dae400b7a0524108b40f465bbed2bdc14aed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1190262a98c97a5d68274a1c9040f1b8

SHA1
f56f68c64ee136a3b90ceddb82dfe7a207dcdb5e

SHA256
a3d4f3ff101c9863c3257f735fd87cc048b3586f90236250173b8d456370a50a

SHA512
cbae41a7f09aa99df7d151dc1ec3423a34db27ba10465ef8fc77733eaad10583dec43b6dafa92a5e0afc7632b779493366e0fefa9e783553c1a406ec077413e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d6e24aed13a85fbca3f641851e0e8920

SHA1
2f35cbfd6abadc304d79a73b026bf57318415daa

SHA256
9f99a27e3c9a4e5726783d3047a56eb33132cb3961c1223304bba9876e8d4bce

SHA512
92f1b4f432961d3dcbb916caa2f7ea270dd6b3a174edb6252b43115eee64a050934e46c5c431ea8e29321f1ea8c8de11a3f9a6b0622f413857dec42ba02ead19

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7574dbd9b31f8e9ab4dc691b735c836d

SHA1
887b72f2db928f823a6caa577c3336473e322668

SHA256
4ce3ceaa5ffa2ba8af37f4b8a7b2cbdf9c1fb51e2c06d962d040216cd9a1c523

SHA512
2dc281fd012c83ce02e7f96e51a2364aafd042805cd260f7c3fc5f669a827fb9501f1f36f809be817f57a07e74a0eb14097fae3868ba2805b8ce89a3e86424e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c70bea906f077b49cf1492e7e0290bed

SHA1
a005533b31b6044edf58875d257d8ff3029e931f

SHA256
67ecb509dcaddf14d81cccc970b23f5c69573bc777fbf7eca089c0bd56d32bfa

SHA512
401adba6d8ad1073c607eb8e216ef75548cd1b354f0fd97e590e4dae5bc7f3934d00a31640b90ec0492daa8953e66e7eb1490056a5e054a0b63e5c5295c19c5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffed522818e9ed277b366c53f0e991f5

SHA1
de1057a6b262724561137d0eec5668d27c29ce06

SHA256
27c710c85bcefe7e32f8c2035d25c5758603d9752279423a42a76d23671b5b3c

SHA512
0886fee1ca05a5134b3a4260fa2fd24944bf16a539111329475feb04fa314fbfdce7e30cf42efd90b8af4fcfd01f0c5f83128e96de30e8a8c8a90d3ba68eac39

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
437056da054541dbbdbe47c7cca81183

SHA1
3f6ad6799c6a1737ab1e397024a0b90de05fa3b2

SHA256
1368922af40eab92cd2f90baaaf4e24d6b4774b7ab2558d7e0ef3e734c5a55b0

SHA512
7db6d54531074d1381b22b688440bd9610be37dc49712b68dffef5c3bd886928ad48daf7647709c10fff6ee39f2d8f7906363bed4db2394984e33710a1e3389b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4597406c6cd9e517475736088c1d6f31

SHA1
fa8ff3a1c98fd774a39df23aed880e822c3d0f85

SHA256
9ddf9a7d2f115f1ba42019765f7749ada903d7048787b491aac1dae631244c95

SHA512
4681e609817422955b15669273df49171c59fb4f6b7da1d236d7c3d9e6ed87fea2f198ac3cd16635e03dd3b98f4586704226b15b66383843986641198b77e07f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
56dc134294ac32ca4ef2e65256dabea9

SHA1
2c08df269d186086c8c5a87a07d511b23a4cedc7

SHA256
65e266a2ab00f87df5aa86b4e6d2c18874701ac345db8d12513056ec6ea8d4da

SHA512
9bcae44e1eb7affdd8306d7e890df4b9527c2c9719b19362b1c9ea3cc9e64442896a3a4a819a48f2dc6275b5709b1bfe9fafa9f53be7b3e8919d8b2bee7e196d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5c824389cce7ca652b728b2710e0a382

SHA1
518958460574e00906176875e1aa1828e2c7e367

SHA256
a469c4f8eb688e66435a6c1ef08f7fa9e9830bbe85d65756d67bd91011980341

SHA512
d1f9d5e9ec9c997e36093e82ebd3eb85a8d6dcf552fee6a2f031d900093bfc02f5a85e83c51347b4742d4e6555b44142dc7e673a3cf906d0f5bd8517be4900ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ac949e6fa478318a1ac0ce927b10e8ae

SHA1
a2187f3fc5e3c4f787e260332cf64567fbae32ef

SHA256
2687fd180104f5520f41a25067c8f9bd7387aadda19cb0d0a13dbe0c4a9a8880

SHA512
ebd9e3a3e0275aef9f21ee632d966c4f9c82453f59746fea985e9c9bd8db4635b7058f4ec5c5710fbe881e319bc5d7743376bfe0ad87514312f028f688d67c9d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
286217a4371474a0675751ae7093d79c

SHA1
3080ee6c8fbfce66bd19cb2241c3fe14b8c533d2

SHA256
cbd1d318456035b246886631c745e21e65e7813c6a2a0081b811be420ecbd331

SHA512
3f63472be7fc4bcc72b23c6c3ed4502c6bc835c94cd3d375f170432354f9b530802fd5dfa9c13e53ad8d79f29f77c5297e89c3a33b92f3a34fda40cb1c53e9f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
46144a9f7e4889094407a6295a2ff053

SHA1
9cc2ae91c65e6458fb6ee256fddf6bcfd5a3a67a

SHA256
38207dadd9208b663b255d55819721c6d013b3857d7e8e95988733c36a41dacd

SHA512
579b66ffa35f46d37d56f1d9cfd7c87984aa8a6a3c9bad02c0821548f52f4a52010ce71945abdf02b94512ad1667bd171edad818b1144c115ad5e085911aaa04

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d999d4c422e099e871b688adf8b77524

SHA1
b65f3ed0437c8bc20155aa56e45aef481964d23d

SHA256
ed131039e06d52a915f9f2464688d5aefa5868182282c9ce78e7ca2270b2cd73

SHA512
6136e60c10dd3d2b2bcbb11c3ad61e59dea2fc1fbe016358f444ec22d83fcc9eba173f8f5dd8b54d66a8ee16f063e0f05b122ce81081f9de2b63613d6d7ca47d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab6E50.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar72E7.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit