08aaa1db5126946a9db4f9e5cc3f5bb64850923f6939bf09dc110bef4c2fb308

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
05-05-2024 13:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

17e75d441283968efbe7441f096b74dc_JaffaCakes118.html
Size

91KB
MD5

17e75d441283968efbe7441f096b74dc
SHA1

4aff26ac053e27092f1131bba1f1f025078cd1e6
SHA256

08aaa1db5126946a9db4f9e5cc3f5bb64850923f6939bf09dc110bef4c2fb308
SHA512

461fba160054265e9d19170695fb0df55bc2c6edff31eb6c7eecc6149ca3c0c2ab7aa0703cb0157bbc66283107b39bbb0c4421fbf0c9d527ef03b70e63764cd6
SSDEEP

768:HOcJDEpDFgGEcXVuESosOkVnH1vXSORKVBZIMjqQ0dliFtK29Bh:HzEpDFucX41ndHkORKnhKsFtn

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F4CBED91-0AE3-11EF-B6F2-56A5B28DE56C} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421077833"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1188	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1188	iexplore.exe
1188	iexplore.exe
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE
3052	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1188 wrote to memory of 3052	1188	iexplore.exe	28
PID 1188 wrote to memory of 3052	1188	iexplore.exe	28
PID 1188 wrote to memory of 3052	1188	iexplore.exe	28
PID 1188 wrote to memory of 3052	1188	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\17e75d441283968efbe7441f096b74dc_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1188
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1188 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719

Filesize
472B

MD5
4f4fb9deb43ce1e7a079017eeaa3520b

SHA1
6dace04df47c3d4a8985f1a2f4e78dc8e69ede8e

SHA256
e453587e4640ea015df643c95b01ed50f01b1b109adfeebd0c009e7d0e8feea9

SHA512
705b891bbc3957ab83a3e0c031a78a6131f9ebb89c45c44b5a87fd0a81c646e4169e22a32c81b59ba5829cb8ab33a8166dfd7e3b9fe2d45643840d19de0a0b4e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
06ce1a16586e1bd66ab3418f944bb3e3

SHA1
36b43353c8d6238f3a52b7ec33126f3babe3addb

SHA256
53b3b42da723f54e0b7622ae497f21053534fc81c97e4b25fac0daa63801a66c

SHA512
34c4c4b5b3a3bd7fa25b27ab1960fe48b4c797c27b278ab0d1522c884385276b9facf912f481d7c3f151e0cbbc2fb5502b9b948e56c61bd5beb1f4c36c4a0b1e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b807d0725a50c6ea382407c8e52c36ea

SHA1
d2b78759038180b5e91ccf2100e9fb446c17e234

SHA256
9ab26d8dc2ec6495e9e835e9de51c8f31b7f5a430b63d6039c6216d89a28c02a

SHA512
4767f93baa48f54eb8a71ab8181cbb4b5c864e1829578ed7115608c46fcf54923f31695cbc582ae37bcca2e73fabf26565ae0e11dedd6c3dd53f091580c12bf5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2243f7e1054d6fa8608b8276e55249b2

SHA1
60f02a03cbec580b5126536a10a430d1e6bbba9e

SHA256
292846a596487345060b3ec0594e1c95b37f1617ef57fa830eb72fd690fb5e6e

SHA512
c706af8af8399dc6a9c8fa5a4a7dbdca25c2d82ae6886b7c9c8fe53abe3676b6dbaa2c5bed40a7722b3f24301e6bfae3ca0cbed8c138e0e7f429059cc1b45535

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eb06dfc91609768e647dd52107d8adef

SHA1
c383a96229ef854f6ecd3e55658cc404389e9c72

SHA256
a670799acad040e9b147f867935642f0fde05719ec54cf7e7cfcf02dafffe042

SHA512
a77b74b28f9dddf78198e81b7f01b96f38bfa7868b1921f05bbe996396cfbd994defe19c7430de0e59c7dd50a72c16286d54fd04320637ca7c0f6cee0e74b382

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0e7eff37a80888f5847b048249221beb

SHA1
32e1279c0bcd419ed905c80ebf88414a5c7e3084

SHA256
5a0e7953ee99a6faf1a691e05bf2759e841a781674d34dec79a1676f32156df8

SHA512
fa53afd09d91068ce239222263e47d6c696502c1dcf970bcfdf1cebd81a8912656998bf1e9f334fd25ccf9e5f6aff1e97ec32f28b423ab33af413138e3a4212a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ced571e482887c34fdc3d1278cb7d0e0

SHA1
a78e48475771cc42b8cfd64d2f368446ee079e36

SHA256
b7f671a57f742b80e02c863979fcfcacb64e273484497cc0c5a7dc85ad7a0299

SHA512
98d1744566a2d92f6499dd86188b484a2747cc2b71c523f64287ba1b2a4487fc0c194bb59e7a650639910527dfd8bfb98b9ac7b0a2de8e012ee563c600e0a7a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
187dbba7f799bc63c2153ea76c843de4

SHA1
2b82e104b55aed888389944e43c12d730662eff8

SHA256
0190766d493485b574f40ddea26b6a45655fe33c120c6a3eacf724a1d6099d1f

SHA512
9d235bc27f13ac243f939601738ff7101c8cffd60d4fc748c287ba3b5998e76ab76c76e3d45d5b76ae505b6142126cb1298e9124d8ce3b3388af824f3f6dbb5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fcf5e7294b381571b74c554896780b91

SHA1
8293088d8b8b45a3e8d83e13422de1ff6419620c

SHA256
91eb996bbbd0fb3855a09cc196769ef0a6e8578258cb27f7da9ff01ac1726dfa

SHA512
071f472e6accd31d20153de41ffb0d0131b465a08cb8da8ed26313cd6d6c99102f234327ebe2f22df8cfafa749cd3315ea6d7aaabfd1da2a6324f8be24776221

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7ce61cb6c9a8e4236c5882f063e14c79

SHA1
4ef76d7e9ab1b1999bfb8d13a191df1ff04c7d53

SHA256
593051788106240bbd5018b0e5e86ce02c88e6b4d221dd55084aee59d683fa82

SHA512
c8c476c3f6837b3a0f59b680d43cd806fb39e568043a59a1805a2e54021ccc40fad496eea8eb58da8223d6a7602157fc9bc90f4bbf4fcb9631906ecbe2764e28

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9cd5dc6ac5f2bd34af5c0fefd0d5e38c

SHA1
76a0624c66e8f0d647efec07d3a91d943317b19f

SHA256
1e0e085e613ca147bd321763c675444e467b872168397940ccc93636e598a30d

SHA512
0381614247614c7b26bc727c6b7f0e2ed7ea0e16fb5f220e5bee5d7a817b8afaab66ad90a3029f2ffb9b5ea640b64d7c0403da6d8aebe827bb9ab0a9de10d9bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6133c8b0b3807d02295f6794506813ee

SHA1
3a036c0f0cc6fdc53a1563e59941a738a85edcc5

SHA256
63be27d76d60884d94d61881cfa0636a982838b14454b4f2814867860727b59d

SHA512
ca51c0b67daa50ce4050cffadc7725bf4bd34223112dfa335095db3aead0acfceeec49f1d09f7b46e12f47aa55a3a06e13f5ff2ff828c15de7ed2a9fca5ea6a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719

Filesize
402B

MD5
919f42c876aa4e96eef7ebb6b4566755

SHA1
bc5d3e314f873c482a4ccefeeeb36cfffdf0de50

SHA256
790eac4e6d9e76ba9ef3cef5d632316979a75c3c1daf11c3fae40ff37aa95922

SHA512
a82fc78258f6857aa1671ecd8568e9809e394ca47d2c58ad4b33a790654b4e6d8c2a4575b26adb18684dd978b2ed928483e32b80eb38818f8aadbb212f4aa5d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719

Filesize
402B

MD5
312599cac2d80785806be8098779c165

SHA1
eb0dfac9a14a006409571d4ae44ce87c278b0eaa

SHA256
62945bc9a48791887c55c0ed72903f0a3ea004acc7ef9687a2d6a0c8210080b5

SHA512
51c60827ce34ccce1453acbbaf443c8bc2406733a4ed31c74f1cc2cad724dcbeb22d7d816d1fbd163479bde42b7fd6451e63ca2475d2a88b9afd7ecd2d4549f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
f488a819566d8a929130e8ffb420fbf1

SHA1
4d07a565d0396fa3f494ea7c7d6ead0f43acef45

SHA256
215d0c35ab06eed5312498441dd57f0480a4c6594a30103b1b164e3d2b04912d

SHA512
b53dddaa9e14d8b590570eff78dc050c74b34d886efe5f86c10b33d6c397b51556e85a9be3fe77dbff093e4948b420773f78c6123dda1daa66488cd36ccd56ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\902LKC6A\cb=gapi[1].js

Filesize
133KB

MD5
4d1bd282f5a3799d4e2880cf69af9269

SHA1
2ede61be138a7beaa7d6214aa278479dce258adb

SHA256
5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

SHA512
615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFGNZ1XG\3604799710-postmessagerelay[1].js

Filesize
11KB

MD5
40aaadf2a7451d276b940cddefb2d0ed

SHA1
b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

SHA256
4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

SHA512
6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFGNZ1XG\rpc_shindig_random[1].js

Filesize
14KB

MD5
23a7ab8d8ba33d255e61be9fc36b1d16

SHA1
042d8431d552c81f4e504644ac88adce7bf2b76f

SHA256
127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5

SHA512
e7c5314731e0b8a54ab1459d7199b36fc25cd0367bc146f5287d3850bd9fe67ba60017d79c97ea8d9a91cd639f2bc2253096ce826277e7088f8abfe6f0534b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\platform_gapi.iframes.style.common[1].js

Filesize
54KB

MD5
7ef4bc18139bcdbdd14c5b58b0955a67

SHA1
afe44fd9a877f81a3c36f571c0fc934324c6cbd7

SHA256
192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838

SHA512
6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1048.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1049.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar11C5.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit