ee98e9d4289042e12ad31213620a3a33bd68f05c623e283df49bbf46f5505862

Analysis

max time kernel
136s
max time network
134s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
08/07/2024, 03:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

editor/examples/demo-08.html
Size

677B
MD5

3256f598cea2b050dc7bc9a49520d6f7
SHA1

ab9d212960820102579497480c4a76ec64cbd760
SHA256

8a645157eeeb3f9e1b37c0b475265b0d6c7af1a6f4757684573578d9fd2c5207
SHA512

b8d34ef5b961f64483ad03fffae60cbb06b7b628d7a47ce516c6c0e9b8793aa6f1152c26a72c74fa8f807091948b6d31abdc282041a16f8e4cf7dd2d59dd2395

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b70000000000200000000001066000000010000200000004838c85860ba7e2226388b94be59611ddb21f1a80f82a8d0bc5b3649e97bdd4c000000000e8000000002000020000000a5434a304cba0845cd99825b855e80c560ae57612cc4cba6250af93a8e12b5d690000000c6d600e126c7064883b868a969bc1a2148216fb3ddefe12140821840fa9fbf802a994854470288a3a8e7354f77f491e76074f6e8f6309dcfef1c9a7da8d3643307ef249c876c175791b8a2f3e079bfdb9950e4b3d651f226f2e0de7590d39de4b5d1d95d3ae609898a7080c45ba9808a7911cc0b11058e9559770b8b03bc14ef08df493e78934ca32ea3919ee14d5dd440000000cc94e28489dd4fa348358672891f8e3534fd8838ef3a91e53aedaa88bbc7a46f4b2b1aa8a93d9b1ecb0d5454c00a0c6428e0c5d3b28bc5b476d6a9158cc9815e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e08bdeed1ed1da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{18721CA1-3D12-11EF-AB71-E6140BA5C80C} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426595208"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bb7c5835718279428690b074aa627b700000000002000000000010660000000100002000000011a782752f74579f93d3001cd90e13fea3f1d44e7cf68e1a9aaacc4713f23fdb000000000e800000000200002000000053b830f78dfad9e72ec2992553099a5ccfd9502cf71d776337844881b680e79420000000f1ece4c650e1253f6d2fc227b41f86a2aa15ee55f7807728509912da8b5bdb1840000000194e0574035e3b7812d3213a4b340a6848b239b6fcd9bf7aaf36a576fd612072a5cf839910b015e0baaef05e011dc6bd970740c9b632ae01da62f27ddac9089f	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2212144002-1172735686-1556890956-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1932	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1932	iexplore.exe
1932	iexplore.exe
2620	IEXPLORE.EXE
2620	IEXPLORE.EXE
2620	IEXPLORE.EXE
2620	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1932 wrote to memory of 2620	1932	iexplore.exe	31
PID 1932 wrote to memory of 2620	1932	iexplore.exe	31
PID 1932 wrote to memory of 2620	1932	iexplore.exe	31
PID 1932 wrote to memory of 2620	1932	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\editor\examples\demo-08.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1932
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1932 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9b8806286558c1c217536d18b679ccf7

SHA1
2e080aed912eae37d67c247907b96fa0ea1b9998

SHA256
eb4566aab40b7a810b06bdf75d5068ae35484c4802b34d3e6fbc6635e24c7958

SHA512
eae33724463a691d4ca3603c0769944fdde48ac94ca5eb07693b8830d57c243d854b1cb792cd189fbefcf0e4e4fea204df9cbbc2248032d2d0ae94cb8890b9af

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b8d1d2b2e841d9cef797c6bf20ddb930

SHA1
8141a3b4870986ef450e670cc53e6ce35723f80e

SHA256
8da1456c52b043820e30d9d6f439f0d21c80863afa320b4b769bdd0db2ee2a7c

SHA512
924c6045a17102f086582b82b414a444a4d522641888d66abdad65356aac7954abf346e4d58a0be71afa2ecf45551ead1d921c41542bef58c91b033d77da17ff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffd9886273ceffda258c3ac606d8d042

SHA1
5eee91d14b8d7d5a049eb1b7b772aa457537cf91

SHA256
54783d7298cbde6387072abc746d0fb9376a2d6cf581141a453133086f29a565

SHA512
dded6a7cdb13ed3e25e7aab27054c3f965880c982978405202e9028df1c8958a6b4ff7a4bf1de297df0242df23a42f395badbb3101440213f2c79158df4fca37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
05a6393ac6bbf944378a807c30331a89

SHA1
14905da3a79de94b3e32b3b4082292963bdcd2f2

SHA256
aec9f9f381b3938150d4d841c496ab2132bb5770914b5c229d02cd5ff89a5ff6

SHA512
84eb8f5e3d663c46d0ae9c74195b97fa4739c03142848e49d08c1fff07bfae63ba3042973be5ca398e48032474feb694a5efeb7e10dd3bc641c7d5f392f8df79

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
06a5460327250238b3ee14626808b4e9

SHA1
70c03c18932f30858ec842fb41b6ff641755ade2

SHA256
713230981ab7f68ec8eb8a0e14e216b2288915d4c425ce1525a976a29c3deb31

SHA512
9c2cf3e438d50bac252d024ecb2cb618ecd66522d2eac38e2b1a42b6ad5c0eadce70533089b44ab53a49627283a93d96dd77553f748a617d966a2c76a2cccdb6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec7b26ac911489c5b712cfc56f0b8d57

SHA1
7179e2594b29f9b6a39ca31afc553fd8a60456fb

SHA256
94aee898c5eecbd74c12e6c8b428dd77168fb17e9ca0f059d22c142b3fe79bb5

SHA512
20ab6f1ac550febf5b0fdaa7901fd01758972305e1714ac75318c7150e35670417814da42f51de9c3fbcd5f5c3bf785712507d6bb1c00ee9e1155af83b8cc15d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
172d667ad708b2e2cdf654432c729f1d

SHA1
933de5439a25ecceed4895d10685fa69143b2dda

SHA256
f6047426056aa7a9939f3313ea3a248b98fe4839301982e4a1306cb895f47ef1

SHA512
e8fb5146550f79b050dd6b9d38c5f53d471be3b0c7f53a23e66b8cf123411c41fb96cdbd4f2b1e18637467d701bc6bc41632ff0524241e312a2cbb4942e65a0a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
931485b982c1354e1805bd553f92d4ef

SHA1
72277b99395147f5da29cfdfcd62ed800afcd98f

SHA256
b4ce12133b83a9e09f2484f2af54648f742564ec09b6ff6fd0adbaba2ddea072

SHA512
6fc1272458e43b548edbc4dc769707979b017eea9802f5d165d03ac8addbd5f2d1688e03a90025d0fa135cffe4212ed4bfe26e6b6c170d9256b659be3b4eff77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
953769be8463abd2e3c50379db111db0

SHA1
fdf19c916bde8ad767c083aba7aded39525fd02e

SHA256
2f1133e7bb4f3a478fd1107742f535a30159447fdea23f72c2fd937d6022ddb6

SHA512
9f2eb516bde69e311f96102b685561e0524d5527a2638b1c48c83bdd59f6ab4fd42e410cf59d01bc6c035af7ed112a592a5ddbab6b80a1bbc651e03c69bbcbe1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2086ab318b52aa4a122890d0039b4f7c

SHA1
65cb9501fceb3696879c2bf965376b3f1969ebd1

SHA256
13da331a8c3ff825daf4c736661ad4e6f4113e3312c5dbe36751e6ae97ef496a

SHA512
6aed85509cb75cfe01b6f0c1761275f0d20418258d9616fb58fc3073c4e38a3c928942dae10f0d527307f93d6fa7c8da99aaade7aeb0f88ebc1191fcc1489c5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
72ea206455dd8b1eb030becaee02d048

SHA1
9589baa940852218228de7d9f28f49e476e9e685

SHA256
a365d736c2bdbc8a31fc3cda9f8cdec93ff7ad4a4b884056981776ac6fb137c4

SHA512
b90e3e3d19a7489bbbd9a1ea3d2ae1865b69f28c20756e91a22f6bf02ad4727735c80dbb3f7e40633e39b51e6263afb1bfdcec200c84d6f6841745cc2d278503

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
82b54bb3185b279c9f8784b8c20f1359

SHA1
f60004c243d84212dbea102ec2ba1773e2b84681

SHA256
cc81834b843897ef191061d137355862c7d2b0aa7de0705eaaf50d388db16dcc

SHA512
ef922f2055737e3e3b113f782672ede72ac7a8af3eca2a89103071da8fe574dd096d7a390435d22fab6a6392d955a1af962e397e571a11bf75c7431362cfe858

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f0ff2639bdb2436a727b258a76037ee7

SHA1
f0076a67deb279994fe29568ce8b1b41723a4add

SHA256
23155cb32578e7fa16ab0e5f0a43219672a40dc5be27bf4ebbe024427dc10183

SHA512
fd0020447a4418cb5657dc8151104dfb3351ad6f4fe77f1c0047106300ff846a4972079060155af919832e54359eea0fd563763b8ceacfefe91dc1cdd75ec637

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d8bcec794f8749dd99ac403d970b53e9

SHA1
00b0e6e9b9d117cc495f509c0180d0f0bda7b119

SHA256
62fea9ade781ee6d5bbab74a3fd026f72ef97312942b7ffb72e7b3b19b5a91bd

SHA512
8962421e55c5eb86621fcea6d112ebbb7d0d7c4d8291f25f771f99619fbdd73d5909cf5b14797a845c3ca6c28c4711e8bf290ed7d6c39d88aa2c57a770c8a161

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c446012e37391175922a8e426a35a1af

SHA1
a45c37487997e197c988da4cca20a3102145212c

SHA256
dfc6d77acc512078ab53ecdfa294944bc402b31e265101b766467d7c7a1624f0

SHA512
69cf9f029b13cab599ae6ad5e308c47456f7abd0fbdcf14f57c6859ac9e25e60bd74b51997a0fe5125902f367a135278afde907d478ade7d23987ce25f44495b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87e73a31340bd9f7b6ebdc0b31b8f3f9

SHA1
6c298821caaf892852d32c20089bbe7e5167e309

SHA256
e906fdeda8c9b334c332aa207ed5c82d5adba1b8d222e2c5936c41ea68c7b414

SHA512
0e2ebc60f7ba1b57bbbe1a55e577273465bc06f3cc7c54960e52532512ec8e2d7ec1523826257cd2b87a456eecef7cb4264393016b197b60ac6689a4e2e54cb5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c045c34cf3a640461ed9304e5c6a91f2

SHA1
c15166d06de816dee439b620854b5105506303f1

SHA256
5dafbb3f99cc0ba909b37101774472bf1dffb5adffcb6e86e738f6ef00c96102

SHA512
cfa2f7456981deca3e1f6740c567b3a70c3d16fd0cb63a8f29e70c691c85c8e93de86b2c8e504841589313aa16040315be595a61851e8f86b09bad2a6b39020f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
534bb262c19dcbd0eb51a366be68d8fc

SHA1
fa05f1bd6db4b1c37d34f8cca8ca65fa107a19ce

SHA256
1dfbe96010bda06cfe6557b5d5d7d538d8d09573f2432ff8aa8b8dee3cf54dc7

SHA512
7809c1a994ac0b2d610ef3aaa873abefa307461540581c11e0285ff71bad5ff19db6bcbc2c717c6b014193c75c8e97b0d1c875a6806038f91e50934c5a01941d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2696.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2793.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit