69a57db734245b690947d2e28be395e83d3e9c2ea229222dd010c3638d47a32a

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27/09/2024, 08:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Electronic_payment receipt.html
Size

7KB
MD5

05b43968f80f45de1287e1a161447a72
SHA1

cca87acd354e9dde88392ac727d8b8f7b1eacb20
SHA256

69a57db734245b690947d2e28be395e83d3e9c2ea229222dd010c3638d47a32a
SHA512

7dbe878f326ce07f791911b23cc66540288f5524e8a6ae0678129861864d22b085d4191d5a1d270698e08c9cb0484531420bbbb0160b1cab690d8ad788c6dfb5
SSDEEP

96:socyvEkoG+b1bJoxkwEZkDzbsieAlSmAsHjjqXl/ZOaG82odmvpkzq:suEk9+JWKZez4tmmZOaG8FdBO

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c4000000000200000000001066000000010000200000007d46c8877f36ae8169ccd440aa7cb4e97b700f832f7fa11c4be2460737e24194000000000e800000000200002000000049b0ae8eaf0dcc47121da88987a13ebe18bb198b25cd789e13c19cf43f9b98c9900000004761f77ca58bd276b50a987568294d96f433acbcbcf179ace5ff796db97ddedd1d95836d7fa0e46dac292e8c446405705c4d52032c7fb706b17537b725bb2efa2e347fa3234a5f594b1baee0614cd5dead8878e21c5f6b0deced1b1db1a6617caf313432633c70812eaddf3079799ce0a4224afbfae302b5121dd26ed0656e67294ad5b63c651a5a047b894861aa1b8140000000a831c3d7ce1dd8a202180201a4ac0b0d436a820aa5309d6841958cefeb7de9c24cb03828f869ab38fe3714198c3a17f51e82a32db46da4182efd75065f94c195	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 905d590ab710db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000642bc250214fa76ee675dd88b024364f885124e1e4368bb355ae9a77cfb62c28000000000e80000000020000200000000a73c2e23781013283001932ec63fbe4caa819b92b7cac6c3251cdb4b0ef068320000000098fd87e471f2d53b55696a1b316aa3acc7986c9c5ceba78f563bf52ecee818440000000d0ab731be5adfdd2a1043f61b0aacd7b07fd80d8364715d5d8682b6cf63f6c714bfcd5ff21d1270a95fe7f4ab055c99c4a9b62fe2d9e4cd2aa4369bc13744f86	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433587460"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{342C9421-7CAA-11EF-81C1-5EE01BAFE073} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1640	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1640	iexplore.exe
1640	iexplore.exe
2536	IEXPLORE.EXE
2536	IEXPLORE.EXE
2536	IEXPLORE.EXE
2536	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1640 wrote to memory of 2536	1640	iexplore.exe	30
PID 1640 wrote to memory of 2536	1640	iexplore.exe	30
PID 1640 wrote to memory of 2536	1640	iexplore.exe	30
PID 1640 wrote to memory of 2536	1640	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Electronic_payment receipt.html"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1640
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8380d3a28b28ac891ef0d8486e2babed

SHA1
84315c9b5d28339f4fef2acb00ff99c53ae61ae2

SHA256
47c82144646fceb87622a9062a4d29966bd0f111e5438aa1572d96155d002974

SHA512
5800838e63bcfa065e17a583c5ddd323782b0020b8c0b2a0bb63a09de82b8693d17ab1efa0507559e5014ac6fff0ad91921329bf84f2a4c84cc07279de839b71

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4f77cff46eb7d50d4df355913006c138

SHA1
47c0fe01a64f41330abc9d62de34212c4af5fef1

SHA256
3bf4ee38d127765f6c3657b268f41a0d23965a5f0525b22018aa2f161cad4716

SHA512
ae8ebb75ef5ea9bc82a81520202dfaef04dee73cea9167274eb49fcf84f5ef240c9d141bfe9f1361794a32e65ccee9c637c07e5a588ec08f525b4565bba6cf5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1b34434b17daf2af4c88ed99b6e54e7a

SHA1
0e67917361449e59a5e735229d5ef1f61d1104b6

SHA256
b67bc9a4cd5db981eb01037f9f89329452b93f05a7bd75e4f7fd4e910f9a921a

SHA512
c1344f732add878b50b6f971315147dfe11dc5d8c80ee25013af6cf6472d4ad11267f274dab3b592121a9e18d7a07ab05466083e8cb6c53b31d88b4f1be8e381

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75a01e12ae89f978e0630d096529523c

SHA1
dde29d2961932ffdaaa6c1b056131036760339ce

SHA256
853c46476bb131e1599cfbe1ee72e46b40389b2d360ac1f71e100e0878504a58

SHA512
655be054394c86600dd2ab6c0d8c5e4bc89a81e022693815c428db45f23865658013f0de9b5279a06c5fcc0706a3e2a73e32fb78e543a0917e899cd61b77957e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
84e11688dac84fc44e4ca2680883fb5c

SHA1
8e8a2f53d2f9e823822a410050c5d069a85a898d

SHA256
6557b6a917b883292cbbe83b9894b1f7195baae64bc5aa2d66dc416710c10431

SHA512
1deb7ec475786d9bcd0cba2253a8cb4f44dbc516cf4a7f36929c59eb52e07898b85071cdca387b9f3e82f97999f4e7bc7ee22cd81f81fb71252b695cc0dc6fa7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2e77563e4db4eaaf5725bd0816cbca19

SHA1
847bca0fa95aa6414a632139f2d03297c8de68a4

SHA256
29a563497635aaf43cf2899ffd52994fd96771839a418fa427d6152110fd8f3b

SHA512
b674ef9f1806621272a709cab5309347cdd7946224188f3bfba69803c4363b4cd7e3a6b9fae46d636d943310ff267e5319fc6b38c702c5624cf719f841103bce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4eab3fa908a3ee6c4ee38ce26676ee3f

SHA1
18b262b8a76f65f56bfac35cbf69876ac58d1d8e

SHA256
07a3d9798bd680d9239a8f717636c6e4ecf095bdcbd12c9e453bb69e2b7e0ff9

SHA512
b38e246e5a655aa0688bc09922f878f5d560e2d4a21f73aae628f59168ecffbc5ba44ba701ed3f34c45646e25cd0a63c3620ed25a013350a48de96b60cda150a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4577103c3f6bc6716b228aa8c69ac822

SHA1
8b1389af3d2f69b057c5469a8452f0e1c321de48

SHA256
1a008f8a9de5704146d56076fbb569906249f177f460628ce59e83e78f6bedad

SHA512
1e14762c1533807ade4a1fd4e6fdb13429b3e47085bcb1fd7feba966f9d2aa02f134c5637a820d96a6b09a03bb78ce5b82f15cfe1ea33370c65fc35e908ae4e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8481dd501f9db59ecb97e514404c2375

SHA1
2c70eb68c453c3db54e5c6721634f434fd74a3f5

SHA256
fee31e5a2ee9f50a14a85ab4e36c9173fbc4041df6c34ff58666fbb35702cf49

SHA512
6ecc081354716eab5c943caa37c11345d1ff386016dec995bfd4a8ceac5bede2ed4fa7e6510603810aeafbfb504986a4867a8f05ea57bdfec7472a33fd8c3600

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6d36c5a9866710ec27a459302f633095

SHA1
5fa453fd1b32b46d17a85e73ebc0e0478907170c

SHA256
2bdb46c1c7a04858b3080b6482c08317927f70047582d255e59e10fc77668f8f

SHA512
e13e8630d8c375ef5f667988e4e2ad99b8cc91f86d0f33b979f65a23f8ba525a8099ed19c176dfc908453040d9a9f5ef51fb517add7b640a6e8a741ede31e7ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17228a69ebc3e971c2221746778b2ad4

SHA1
91bd6fb8551a797f5b976495f098b2fc957161cc

SHA256
4048c989b608dd7c5e0adb64de41ba964727c61899ff5b631faa4e1e1e2fb81b

SHA512
98bee21b9a883573e73d08f21928e4ce0df843818b285dda008bb3f42c8868164043e9588c7f0946406d4de2080372e56cbd12a8c3ede5aa08ef3a978f3d1dd2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d2e849bc70c7b8880fcf13c3846a7bd

SHA1
1de1dad4c800cfc1f8b05d39550a22d1c27ca3e6

SHA256
4f0d63bb9610455fda64d583f243d1edff6e963f550520d0cf51a988ccc790bc

SHA512
87c62a9bc888f33864d1324620cf47f1449225c6bfdc42f3150ff10832bf945674c13371b3bae0e8b8e9734e43c323572f0d00404d909ba8e25de27722cc1ff0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c33dddd8bca23b374ad3c7c3a46f7b11

SHA1
3fa71cdc84b92873fe370728b61274784c5fde31

SHA256
b9b65f1a6e433ab8f8f7feeb4d5f8cff1c8f12ad296c5d72c8c45f3f4b3ea3e8

SHA512
d9f5e7f39eb3d2a9f58900639d9502a7b91a424aaaf41b4a1c31bee52d0f4b82dd6fa1964fba60ca32850ee1e47bd109b075663bae1e922bf9614a2d3e322240

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d23acc5d9f579cef22a860d23eccdc3b

SHA1
e23ad79f4567fa69e3c72afa4b660bdeff549eab

SHA256
a4f722b10f7dd0f022f78358596aeb815ef25f00c46cbcfc51bda7b3ca68894d

SHA512
49c9e8483cc0952fa8c4c0777291bb5eefbf3892322bf6de575c9ba11dc06d1fd7a01bae05fd048a9ba988cbac6f14d105efcedb32371a1feb93a0e6152271cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c273769fe9e2934db3cef86c49f4aeb2

SHA1
c792f7dfad06d34ecd6ef8d82b6e1ee3482107b9

SHA256
e6c6c500c7d2a4b91e5bd4df973c5c49964d69bfc8ccb7e23777ada2bc073e90

SHA512
3e49c13ddcfc8bee552704c1a4752739a5c8666c3c46ddfe5de692860ae638fa997a211584958928fc4cd8fb13bd21a468991e695d5e02402740f9e163c465a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f32537a5d44fd48036384f02e2cc13d1

SHA1
79a104b71b99c1134cfdb3c4e9b473e39e9d057e

SHA256
ba1b26871a721d6f20e4ab144fa36c230ad0634c76e1320d7c052394187a4e41

SHA512
9cd5843225360f01c92029a6289db20e01004972dd6aedc9b4e6261df596eb9e65b8b09bc1f2302614df955c748a6a5b9466d9d9fc460c7a5ba5259344734ce3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b90774d23c38dba6aad47db047fae38a

SHA1
06f33dba3c9338422641a9366958615c01e601c7

SHA256
af42da822ca790ad94705c40f92aa89a44cdc8bda568ae233870d73049d8e875

SHA512
5db4146e3866e66dfb6c8ff6d4de39404f149398f3ff346d480b4c1cc4314added3d6a61e433df8e0a0843a81ad676fbe2e54a0c3f2a02cc63e190cb0b21150c

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabC747.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarC749.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit