437a6732c705bc1c2324ec9ba650f04846ca09ba3e5c4b991d265c2da0b6a8db

Analysis

max time kernel
134s
max time network
135s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
11-07-2024 18:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jre/Welcome.html
Size

983B
MD5

3cb773cb396842a7a43ad4868a23abe5
SHA1

ace737f039535c817d867281190ca12f8b4d4b75
SHA256

f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0
SHA512

6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426883136"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000930ed985b08cdd4cb38e38023150682b00000000020000000000106600000001000020000000525b0b17551bfef3578278a9f1613aa945b85e49b7653f1e3528d6569f86db85000000000e80000000020000200000005a1c4c786fafa55d761aae6731faa722562b9084c2973f9b87a98caeb5cc25dc9000000059c88f3342c61783f6b86de9b90b0b68bc598a0fad19189968e912d28abebec131829ba85fd9b8ae4e192438d1b9e19829df2302908099c876a12a4aa8d7a95bf4d1fe88cee66425089367eef42a6bbf996d5ce341d17701ddb62ab8a5e72bdf8970550dd62717812756ed6c11829418a97794a67f52fd02dd0f0a2f5d84d5bbb07ae1ae66d8ff895eaf515e9c1c88f1400000001809c84955f594b53cd43af56fbf28192732e3ec54f8fae52fca1e7932f606ed4ca58b4b68f1ba69c9f420fe9228da0854ff59016cbfc5f628af79ae105e6b05	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000930ed985b08cdd4cb38e38023150682b00000000020000000000106600000001000020000000cc39ad53d768abe4c1c4d61f50cc6a14fa886e8a2eb27718dcaf850f929c7556000000000e800000000200002000000036aa4b3ea57988f8c7f527aa81b812185ec54471102f4a6fa2ca39d535c7ea182000000071c4c2cff44ac0093cee23c4efbb802337607bb50154034c9de67a70308de01d400000008fa859fb9f033f016b64f8a0da455194eef15ada42cd7d224feeb62e5c00d0af1469af92743fb2567f0efe808e9becfb7fb5f7eb4f01237bdc6fbf938c961198	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7B9A2BB1-3FB0-11EF-A8D0-7AEB201C29E3} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50f52450bdd3da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2660163958-4080398480-1122754539-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2016	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2016	iexplore.exe
2016	iexplore.exe
2864	IEXPLORE.EXE
2864	IEXPLORE.EXE
2864	IEXPLORE.EXE
2864	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2016 wrote to memory of 2864	2016	iexplore.exe	30
PID 2016 wrote to memory of 2864	2016	iexplore.exe	30
PID 2016 wrote to memory of 2864	2016	iexplore.exe	30
PID 2016 wrote to memory of 2864	2016	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2016
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2864

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e9ede4b832de038598f22b20571c66be

SHA1
e70fb1e950f5cbe8baef4199bda2aa0f15cfde93

SHA256
a93e756e2b6c87155f1bca0b8302951ec2f21e0c7df6328ddbe407b7843e275b

SHA512
9011aa5f48b2eb4c18d4ee1643824c2c836e5e6e080e36f300f1cde0708a7f788cddb1c173148a6c847e41bb1248e98df80e9d7c390e914ea591a7fa67f653f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7540703337177c15a82348ef53b9500a

SHA1
33a9cf5295f390f846d5d0f874f6f09afa3d700b

SHA256
5ec80c4f8a7675fb9a866bb08c33893650481884ea761b7d97a9fc3ee2ca5aaa

SHA512
bea0ea61c56056c5abe8c9ab94c6b73854e28338aef874f971f9865a70876587510f5a84d208756b85ccfcdf8f1fb2d4475ed31c1a4d07df74068838d7311927

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
db711d9a69c9cdac3b3d0a4cfe57e169

SHA1
b1b025e7ba75318b2dedb7ed7810da20dfa63b53

SHA256
597eac05059535792dc9aa7b1ab1da1063f7db11cb97f5cae04375111216b7e9

SHA512
7a7bdce017533f562108bea24646a383e8ae8b974fad675300095f95961586e4e5caa2273c044deb4ae2b72ec3f4b6538aec116ce1f9691cab83154ad97d067a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6f035ba4ecd843ed54131324789a72f3

SHA1
6042c69b0d8ddb67eb35c6118fe3d059131c9269

SHA256
2880c2551baae68bda05fe02e62e912a3e8c550d1ab20d88524e827439cc0b57

SHA512
2d8ad56e2dc9c214c75c9e49601a470a01410823e42c288c31b0a9879a64900380682e5a743504ee101101bca79446e44ff6bfa62ea591e71727c293e1178b94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a5c564b23a9ae3c7a4cb0a62273965c

SHA1
d991ff9781b5a8b5c6f9e51dbb6fa90e349ac9df

SHA256
a73aea184ebe49d601443488538754861ad3cad1ee9b468ba6ea79a1500d8bf6

SHA512
2147da246494054c5a8d5af6cfedf713d95ff09bd6bbd05e7cd04616753e05e3e839bdb233e08f9df661f6ad002a305b97f5f33e968c01709c7ea06105cab46a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
96edacf406df7a1b947ed053aa129424

SHA1
73ac94c48668b2c225f3f5b40b2806334ca6e2d2

SHA256
0db217b83ebc70a65694c7e25fa164b230e2c3309ee59cc3f22a75d7636dd20f

SHA512
0e41becab51ff566d782cdaa9f6e04e3015d6f3ad1c508a0c44ffda2a67b89275f3d9faa3ea3dd44f51f6c61708c26a35c5a7e9072469a37fbc19da52f1d9402

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08de7e8bf054e0ea5ea0de90de3083fd

SHA1
447f55ba4a6680503299a5309e60380cfb51182f

SHA256
7de84daf4c52d5340f67516b269502329a1b13fe92e5d99eb8e62abea222b34f

SHA512
afcb65e5b129962d918f5054c2dce8d839c3bc9b013b77c9b8f678a6d6fa9d33e3b637fe9cacc2b34e4dcaf551c57b160c990eb1b41b893438af141a69f9a0c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8612d6aa711696ae24f502e41dc93d9a

SHA1
fd1c09953d1ebe34db0a096649f4ffe1f1a80e07

SHA256
07af0d46a72abbfab495140abcf712192d20cb569727f662c0773c4e5e3ec04c

SHA512
fc2bf161cc1c19390a1651b0de7916d99e3753d7a6c25911e0d9ea8409688eacc2d5ec8638ef4f654a6bf96e92998709e95c94475198d7103e0c1d2c53cae3a0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b367f4d1021801eeeb447c486a108609

SHA1
d261b1cd8c72f44ca5903b59fac783c0e0fcfa50

SHA256
0d9763b36657a1892bf56c5fb43b89240a44d633d585e2bfa7c27476b3d2857c

SHA512
fd2932b3f676be6611aad11759f7e5c563ee6ca8cf7bfe51a7448f97b732265aee7c60dedcf126300fb306a116ba10a55de790594ac57b300523c194fbd0ec20

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7c7b635db3a3002868686c59b3bd1d9f

SHA1
72ca84df63e498dae333f3ea359e3f648fe24921

SHA256
e02ad921bf0d6fd6dc41762c2dc99c0e1a0f237a3831e3115ee7bb8b27ecedd2

SHA512
46b88044f6679fcd397f98276532b2cdd17ea1d7cd3da17eaf2c69b7d5463a1e0fd5623e9afca17f06665a3a55c3b8f13783de386576d04d4974456c71cbdc86

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45884978c6cd78ff4bcad3d28da1e101

SHA1
c063a1bad931a72385f5d55edbabc454b103b566

SHA256
c112a727e97af77358c2d2463bd70f408bf28d39384732a310f90fd06fd74004

SHA512
3aa06c1ccc2a670091b2386ccbf16528141b4d94494ff76c3fb35f853bc60f173c6b7fdc49cbff4cfc3b05ee018aa9deb830dbfab63a8cd3f34ae3cc6b313bc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a063ca34a5c44b2096e1bde997df0bba

SHA1
f80fa1c0a42a74e3e35dd2a27bb93c953eaf566d

SHA256
2f786f8fea2d25f3b7018ff9ed9a66860fc98d71136b09c89a5d32537096040b

SHA512
f0dc221aed1302a71a3a1a545dd43ecda877469b76cb6cee3db21ab1e41deb536030b4713180b97727c37e954ec7bfa87590ba3b95e174642f08a921517bc926

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4ec709a18a94f7b0548bfb626b5c218

SHA1
f747129707cf6dcdeb01dda06e1962f3d5bc7a70

SHA256
289bdbb30308ce688db593c67533329aa4cf06c88be2c6ea368ca244e270998d

SHA512
8b98e18ec7348380c7e76c793510850c2fc2714646ca01d576157e2191a68d7b878b6acddcc554db2493ffaa8daa4652fa2451ee31e052a7995c2b67aaeb5971

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f66cb8503ffb0bcf472bf48765b4c9c6

SHA1
403b19b3c9c14dcef43265b7aee7914e5253b011

SHA256
4b3f5429a49d45ebc093b4d18d5ca631990c38945f30570a113f05b5ff3d91cc

SHA512
7d3257ace5a7696a20a5019e57ca643f35af6e5f471227e60e89a6e3b242ef7c4194b66959735dd578ef7c279126954d75f8c5ab1092b9f341e42b79268e0cf6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f0dafa9ea2098ac251dc95895ec46188

SHA1
8f17b5057a3521e0aa0ea95df7813c0a449a1eb7

SHA256
48a3c93b190073dc9e1b083580196ca5f6cda1174de22284862e7ab13fefbb04

SHA512
c39b77c530fa71e1194e23c0521ff0dfc1b59d407c533c039e687a6855023fe8e09bc612f6970ad6042097f9dce16483e805ef4c7a2cfede4f86f535464678fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3a5d4baa55cfd47e81420dd5e6ee2891

SHA1
64a8784d54d626ea31daa7a1c4be5f2d4457ad0a

SHA256
343ff67e0f82054dcd08ad78380d5337f1e635f8cb21f6d461f2fc11263fd2b0

SHA512
f470bc702be1b2e089f162c4e8eedb53844fe32869e420fc502440c92be90818b66246a10761fdb38c3c75c228a3333d166b2858fd593b183ffd7ec7e9db569a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
915448d798ec3e73c4bdbe1a4ab659e0

SHA1
800ba8d4b693f4bedcf43f5736caba9900fb77ac

SHA256
b6ab601ed06483e5b692178f3bed87fb11b3c838b07634c0af5bf44c52f18438

SHA512
78887dc322b682fe64ccf04c88082340c14525b2a8ca30253f4d444b5f364187d702718c3597adfefa9d703c6739bce258b29d19daaf623036752dba5fbfa51e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
253780cbc9c928a9ec4ecc843bffb74d

SHA1
1b25a86865fe92de26f12eb90b4afd320ff9e57b

SHA256
0ae40a1bd521ddb9bd6556facee13526c1b2c72363d2adaa5a7fdc3909126878

SHA512
3cb4edddd354f1ae85df5b7eba31abc17cc4b302624d4971175f01d536557cb7fbe7c38fc42ac81124d35f08af0d676286f2f4367e372ae1caae6c50d203f131

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4DA5.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4E07.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit