0c30b2f87f69c755cc4b10f00d40bbf35e8ca553b90c1f23fd54053c99cd7ba6

Analysis

max time kernel
136s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
02/06/2024, 06:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8d1c84d4014eed063b9b6ccaa0af54c3_JaffaCakes118.html
Size

214KB
MD5

8d1c84d4014eed063b9b6ccaa0af54c3
SHA1

10e73cd6b0130c53ba6bc9c59821971a9e73f5fa
SHA256

0c30b2f87f69c755cc4b10f00d40bbf35e8ca553b90c1f23fd54053c99cd7ba6
SHA512

ec58e9a096144464bb962fadf438a29f64e730b3687f492fab1a8ebb9cab221cd91cb857bde7a02aa47d72c6ff49db15037a3f9126f431461f49c6fdd64294da
SSDEEP

3072:QUrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJO:Qsz9VxLY7iAVLTBQJlO

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 41 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CE337C21-20A5-11EF-928E-6A2211F10352} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b00000000020000000000106600000001000020000000fd8830edb1c630b8e624b53af86a61390ca597b170a613b11765c6fa13e77678000000000e80000000020000200000008d75dd592f4669654d83c5afc152b8f8852c7790937a4ea0f02e83e5c2682f482000000090511bd54fdf5c33b38400ed3184f4ba952bab1542fafbc732fbb74caf36915740000000f1f91c7ec4a173379b9da0137194e0805596ec94d8899d4873fe74bca57f4587aebe785c0e7323045dd510a3663e8e314ccdae1920ad46a37d774309b05d256d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 608ac7e1b2b4da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423470065"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000760f6fb6d7365248881a38bcea68cf8b00000000020000000000106600000001000020000000be57700ad5e2e36b9f78363018ccc2c8a0fbc94f12b9716469e364c1440d0fbe000000000e80000000020000200000002279ea92bd51013ef1a98c07e420cb3de5d82c94c10b390a50e9813a2edda1e490000000b2770920b9b6054ca18fca793290e40f4c7a2e881b601cf16f02408aee3e77441ea90073a0e467f57994451c586763e0ebf22c7be90a55f56c0741a5bf302a58a6dc9eb9f96e28c894f43a9a717c691b54949a6feaddca263afeb661018e7a743c053d117f683907f315c2563133eecbf0b02631766b031057c593b2b038aaf33f686e665857bd68b8ad4681451bec0d4000000088e0710c8b8114eb753f416d2edb7752ca893560d607d93693b2271261a20f825461abbd18f610b55fea40b3e44d79d9c76a061ab38c2f5e6e809c16615c7c51	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2068	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2068	iexplore.exe
2068	iexplore.exe
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE
2732	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2732	2068	iexplore.exe	28
PID 2068 wrote to memory of 2732	2068	iexplore.exe	28
PID 2068 wrote to memory of 2732	2068	iexplore.exe	28
PID 2068 wrote to memory of 2732	2068	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d1c84d4014eed063b9b6ccaa0af54c3_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
00a9d8cb65d2fb7cbee84b5d1b284b5a

SHA1
f98f0177b75761fb30c0a9d64494cd199b1e6382

SHA256
9df51b1aa4e9543d756a7890b24dacb721b066963682b927d27b03fa8262748e

SHA512
d0bb7fcc12177cbd69d0e92143b6e40362790341c7ee5537b449a328dee63ab88908e6f054b7a755392e5e01b0c35b09758b89ce9ef6236fccf0daeff5a1a35f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
61d696afff89fcba995fd6094e513378

SHA1
b0426cc40ab1d11d16a9d53798c844e2eb5421aa

SHA256
3252ade91c19b7118e3c5661ea6c7e7c419249e36b79957fbef83a1ba63ec962

SHA512
6095dbd3edbf0c30e9e3d71767e40bf79be870964feaee6b14d9abf6ee6c7cd55e01bb618d9a36aa4c5542cff8c2195ff7b781c98e1c2bd90f67f1e824dffafc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
08957175cbbd53ccd6cf3a149eee4f1f

SHA1
7867dd5ae8d9200f4dff740a1c1018ea3bf01325

SHA256
841f039ab3e4de4c6b2607cabef65bf57b7b35744d2c6937451e7c198ed8bc62

SHA512
49e84842c7d938070ab0652e3420773c2a271927d24622b0d9a63892932e1ff2961a61cea8b254de82469b16e670f0cf01c495e79434054b0bce0f1bf738b910

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
29068e17895bff264dcb89f3ca19cad3

SHA1
2ab9e6e85e83430fd2b4bd8878a967cdf748f1aa

SHA256
0c73f0d2befafdf4db2db5c8ca7220a9baa8fbe9ae5bddd7af919d77ea9f1b80

SHA512
1c9c0140fe940d5b9b26222e465ccf23052872aef4074941fda9145af9e6def00e21a1e082cb583e7529da607e4435f52fcd13b92cab52ecfd2c25c76f67fec8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
27ae8b7e446890d329be7cf1d077203e

SHA1
54ed2e50593f5bddd7a5b7edacb7b87c2b119d5d

SHA256
118d1aedcfb0fd3bcb464d391a2e10ad1ce856459d5b2bbe08c9c50bc008b8bb

SHA512
9a8492e0be5c4d98b40c79caf5daefe7565788bd555ea53a8ebc2c9128ad8e9fd047749b133d36e66e5a08ffdaaa901499f42a8f4763d4153eaf641e4fafa54d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
967e09d375b5b374306dad4b78c0a1ea

SHA1
65c6b311371d40b4d9792a470924395839e12b6b

SHA256
7bac10553f20e2436228c98793ce8bf553bc3eace6945fc5c6ad72dc8c2320b4

SHA512
b2c9bb1195b8ff8b6fdffa984d9d07d7e906889a42763217ec3376d841d27b1bc06fec9a4aad76a1db4592eeaf1d9ebcb9eb70ce7abcac202d30b2de9a12fba9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c85e5b83a9a86616471338f4812d4346

SHA1
1031ea653bb31e87dbbd7886c49a0db36f46244f

SHA256
52fab63aaf657e939a58e0ea6e4be7848c93bd063f635c74d8e465735c5257ce

SHA512
ff4e0f73d184277a55778963b95d62a0a936e53723c9f8f01f4f9611851014c1e2738c16a7a9b15a349ba9fe389123a2890a3dc0154f2a53f7ecb829bbddbabd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
45ab897bbd8dd848b5129aea7a57ba4d

SHA1
ba6ded2fa745d8ada9d0d710e112cedfb3c11835

SHA256
67dffb74530f010c532247e70baa15a69e51dc4e11861443b40cadbd6ff29681

SHA512
a47cec358d1e6bf9119fa68645a31f31ed42168bb4a00b223e4dabad7933a0f7b40477693ade457f9a60a6d90220db7838cbfc236afa1d53bb21f7e4f9b8bd8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
84e55d413c3fc4390466eda1cfc5e9d9

SHA1
ad471d34554f391edb055cba5b98da939c989446

SHA256
1b143e7685aaf5edf282e8c0ec80cde0c7255d60006c66b8a7498ca4fc25a4d3

SHA512
183d9cfbbd6633690b6ef5c0e0e54641481a4846f2aa5bc90c4bfefd1c37f2df85bec83e0edd396d26dcfc582b0d43d3783e9e94276e86937dfc80b467440a1b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7cdb23d28a591ba6209fb7ded38186d3

SHA1
e5b0481718ab5f211717c920862a97d0787e5715

SHA256
e700719b92e04c8fb7ff4b36ba0c7b0da5f9c999338cab6325fdda8a9cbfd091

SHA512
9d5c9f38bc8e332fb2f3829435c4496ff531ac1b10d71ace871bb298667e35a8ff4f3cc32cd6e194149d6be043a065440e0dfdede72960afca39af23b7329ee0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f652d442a7e6fdff146aa1303726a4bd

SHA1
e88d43600de01a81ccb0b6dbe55779082fe37625

SHA256
9438a3227d4ea6f6d1f692064a79b785e3f4b634d7b27e02ab0dc1fb5e247cd3

SHA512
0d437adfcdcfc72ebf66f796326e5ca64c34c1676b8bdbf661f8f8978046769d3a649033829ae6b6d19e2c8112a007ee13ed2f2772721095794454ce00c41583

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e765da84f302f8e537779d4ffc82af5f

SHA1
00bf9b812442fa8312473cffd8cb4533a1850aab

SHA256
067b7efa068da521fb86936499388d05bf66e38b1fe47117d61d70b85a1bebe0

SHA512
ee8150c2dbbfceea1a2cb313fae5ee09c4c3bf6f73a82932f5475117c41462e185e0bc325556d6bed55fa4e3f8342756b0120fc7b1cff25add03b37c5792405a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7d85bbcd303acf1d8f58cbcb8e478aca

SHA1
5aab52c68b404f4e0ef12ea861fd3741448a595a

SHA256
5a2e405183a18954793e587147578d9153b57352d78e57f7783122bce07c67b1

SHA512
426855dcac82ff44a6c3447c2d6611056963ca2fb86baf92434706ce1bfca2e8b1486ed4018bbbd1fb5aed4a38d83407557fcb1aedd1fae6d3c5463c32f2ce46

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7bb404af0203278aadaddbf5c8f2f3ef

SHA1
bb851e8d83cea990e30cc21d9b82d8381c9db77b

SHA256
69c3692ef5237806d5a492fc21db78b20b36d470cf86a8fbed472e993ef407eb

SHA512
df129ca3d49ec563c38f999bd8d653301b7f9f715efc43cf4bd4d8f7049db7223eaa0c9dd6f35dc7a2b7415a72d7ac7cd72efd46dad02be795e7d2a8f286144b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f0279fcbac2057f13813871842ed51ce

SHA1
6af57a9f882240efad65835c7a92e83063b3ae40

SHA256
1cad212d0c086d2cb46e826ee8bf0614fcf9ea99735cb49330162b285104ece9

SHA512
e11f0e830126991a3c90be05e0e83747194b512883063c1cee3cf76c02fa490e16a291a4aad9eb378af551e7bda123f4ac4132c25f1416d448ff807f1168710e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1CE5.tmp

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1D69.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit