17f046a7da3e7c0e6d7686d3890b023de8f4fac722bb61a702af0d8ab29ff18a

Analysis

max time kernel
133s
max time network
132s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
25/07/2024, 16:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

CdiResource/dialog/Graph.html
Size

8KB
MD5

1f2f281f50cdefb6794c9c87133b89fb
SHA1

6aaf495b5eba156f3b6d69395a022251f54e8460
SHA256

00ceba3cca57b7ae140f077d6aebb88e172f69b4cc0c8879c5be7f2734a989f8
SHA512

c1d8d99104f0dfc0f3417c6c0a2519ab9508aadecc573b6c338614237d6d91ce03825b4b978a3a9a03272759d7d566d1bc7c60b7742b4f83a8ad1b9d943e906b
SSDEEP

96:7KkOs1PJEpKltJtAZ29wi7/3j/Rj5LNscioCIq9Xr9MDoevklwew+K:7CMEpKltJw29wi7t1LNsBojvklwew+K

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428085568"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c70000000002000000000010660000000100002000000024a17e619e14b228feb31e984e3297fcf0709b001ad640f37a9967c3a4244587000000000e8000000002000020000000a9ad480cfe07a21cdfbcc51307ff726e41a2c9837d0ed9b32e099a8bff087f6e200000005bd43a54c6291fd0f570f05035b4d308b3a3d04f996e8fd224719ace48435ef540000000bbc8052702ab48edac31cd8b652fab52b3880c68d1a02aa57732286c9f46b20e558a57f4f0dc41c5fe8ed4ec2c389f4c3ff62cb9d51c0b92db69bc0cc279f48c	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 304c5cf1acdeda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1CA67321-4AA0-11EF-8340-72D30ED4C808} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c700000000020000000000106600000001000020000000a2319b291529ce731f01584adc126fd0d048581a6d550a33d16773d0c452a064000000000e8000000002000020000000eb7fdaa7183897204efcfac47925b78e87fb017c313b935f3693b5b3c3862a9b900000002250f096b705aa94369320993df57b60b6dcd44625571013a47641d6965a227f8998236b0c95b2fff8e74db14e1ecc6c67f13f09defdd17f226f1abb8a599c9f6f9eda10334f52d96c013f9b2c1472d11db4a66dde532c2eafe38bf22c560c47cbef3d151a27de707b663af2caee885e14a8373b72dceebf56a6d5ce6bb246ffc963e039a8bf70abfdd47291ddb917ba400000007f9dfec1cdb1d18ac7a84e7379e98f3b27282734ec0f60b0025982737248bc91ac87b39bd01bc33188539bd14d6e190b855612e9c13860f2cca0a35244d3de10	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2452	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2452	iexplore.exe
2452	iexplore.exe
2436	IEXPLORE.EXE
2436	IEXPLORE.EXE
2436	IEXPLORE.EXE
2436	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2452 wrote to memory of 2436	2452	iexplore.exe	31
PID 2452 wrote to memory of 2436	2452	iexplore.exe	31
PID 2452 wrote to memory of 2436	2452	iexplore.exe	31
PID 2452 wrote to memory of 2436	2452	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CdiResource\dialog\Graph.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2452
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a9abbbcd6a6413a8418aaed28f3302a

SHA1
b13d02c61081462dbc4981390378f60ecc110862

SHA256
70ac8f1f9633dde8e9503c600dab9919947a9f5efe228408a0c2410c8964004d

SHA512
84671052ad121765870fbda77008077a29ea98150ba58c5b04099db516b42a62fc30ba3a5dda4afcb2e22c0251cf93c4be2f40d9a118961273bffa5d39a99a07

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9f16c091ba7003fd1ede1e78fdf55c11

SHA1
19f8f972fbb238d2d71b168322698ffb996db44e

SHA256
86e811711f235beccb38c5b72fd1c06a51b26dd7c9a45bbf0e43fcf42963b56c

SHA512
9d674e9b4a12762418718e2f370667804dcbbf105b162bc2c83b35b1f852764f48ea33df5b07bc06dc38ca18d6ed85bb92ad1a4d19d5874485a4d3e5f7de2ba4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fcc4f14848956103d95b9b99878d2049

SHA1
2756f609b39d2c03a8cbe06208b2499b501f06db

SHA256
09334adca07b0513aa1849191a818cf61f24366e13360d1f4acdb278e157823b

SHA512
e8f5a899bdb7dbc89e65607095a2fc81f581d03fe642bd9d5d1502155402c2d5adf9cad948844336188ff4aad75131d8a32e5b40629367156f714db5269c68b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0d8be1b6b563d2fc45d59f37006c80a7

SHA1
391552f698fbd41dec6cb1b8f6c82d08efc3c5ea

SHA256
e324e8de50463ea05330c0f715eda9d8145dbba354845677e8608a21843821f9

SHA512
1b6be534e171503937c19d10c1bd74f886995197eed8e48af86af28754cc13b0eb01ccf3a9773ba6372161cf8f61af48acde728e9c6cb677eab0feafb872beef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9dd6d791a667013be30140c6f7fa257e

SHA1
dc03f9c519f9fa7245cb6db1d3318690cd7e9028

SHA256
5dea02cf09aace02fed21017fecfd1b073272daaebb2f136cb19c58d632b10b1

SHA512
7f3df6d4607a518b6c6e8e21b7a8cdeb0b14042437ead855108da12c85a5640d78d8bc94ba34210c1ae69dc7aedb7e19b1e2c4ebec26998037c27958e6c274fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
efe6fa3d64d1a1a56d7f327de04834c4

SHA1
54aece3f9c78edc418503cee1cd6c1019e680d0d

SHA256
706bf9909a54b938d466d79a2aa508f6b0ce1681434d9717a52c602da73e5b28

SHA512
214e6702ce4bc0dfdc4d000c91be0ad61842eb7ca6ae4a9f526917442a782fbd745067060f4a0e5f3a34ce1825c607c2ae6c6ab88595f63bc401ae121c9b73fa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
411765db257e207265505bbb708935f3

SHA1
d7543998cfa9c910ec0c77db39d4ba165fa7e6fe

SHA256
640e20de5e7eae73e351daccfcb36f8c2c988edfd7470806a9f9e3054accb542

SHA512
ac312edc83781ce9cb49632dc7cda8026e788fcd9c14ca567af0a31c5b0407f4f999099b1a51ad5f70707093028f6b7930f5267fe04f5879d5cb2c78cbba046d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
77b4e9e4b0ea79c4ee7e0b1d50e7f34f

SHA1
1787d7b825540211889494308e0595b5441c2b3e

SHA256
19e1228269b220e4743e0621cad929ec14ec0a7c4275105f1270057419953654

SHA512
c411064970a407d5c421a6b2ee740a5a75eeccf4e7aa009c6a840ee00e4afa0aa3d0808cecc095ebf9fee9e386e4ab3003e9ef12e488ecf752aa622fadf32ea2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
36dd21d158be69bf239558e65c5a3ef8

SHA1
7d939bbed9a8bd906060166cf8abc58ab26981b7

SHA256
2757191741d3823bfc00354a9760782e5106fd96dfae3c5582c93899ce100492

SHA512
d466c5178daa29fd7d2a4de9c5babe4cd49746ef3724e6499cf402af11fe1014706d662a045c637aa3eb20efefb513d70d7b5f7cb98ef27daa960ae5d55c6def

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
04eb2e76774341fdca5b7f2385b84ca2

SHA1
b9a73c03fbcf6a11eb7c48c486d2b5f3a7bbc2c0

SHA256
89d9c8fefe484d96b1681d47811fc573855991a0b2e4757a5d389c1d69289614

SHA512
213e0bdd99a3d518410d0271aefea7f3e8391f896bc0456d03ddac1dc81728d9b7c6ecc8991fe5fe5b42969d9f0925a88cbdbead0f6ba4cbfcb385802f903ae6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
99d7b7455890430b41a9024bdd5453e7

SHA1
e1e0f6426775581b9d6d06149a679d71b5a3f96b

SHA256
184eed9fd603d10f4970f4178408f2b3b14791f04334211a3f8ab6785714a961

SHA512
4703570755ab2f1524a9449fb0118639c20a066b50a3102b03da60f75eba3dbdd68813ede06272dbf15b3ec502db156650c60c4fbe9706b528aecae2d8e7c09b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
73d352c7f86dfe1bf10c8f9a0c5d9630

SHA1
f51633486f591b95afb332faa610e9114bf16f31

SHA256
f1c46ac00b685fe956eec3fb59f93ec9c7f605f14dbd7d5c88d691b951d889f0

SHA512
f78ae27e91fb65f878d3303f6f22faa04fb9a35e115753283b09d482f5bac897168e5ad6fb0e82c725e2465a2836ad9014f665995ec46dfb2f86603327afcba5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1c5e52e24cb40ee487f2030790f8cca7

SHA1
eded41d7ff59a4fdf4a89dce46bbf6acfd88bb97

SHA256
05d9fbabf286d24234ffb3acde304892804a1e9b105222a5da4e3460b998bb3a

SHA512
29f03bf9267249b2b9546a18dc2351ec2cf5b19743e2c0c0c3e57a979d4164c7a47f09f9cd31780b590c09c8d3d8b403993a9f03203060d5c1dc8c5eacbd7ddb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
045c9905dd208f5186d0f80c8bd32829

SHA1
68f68ea9f93219cfcdc9172bac43438a926450b5

SHA256
67f461e8669d234cd7df7362ba286fe060632f51b35fa7e2ce88788c90647b8d

SHA512
fad9cfc9cdc452faeec87b63d3140311713926a711cade100eb61d5e9b38ebeadcf58ffe3af2d7ce1776a638003dfdb287bc6292ac210015ccedb27688a58e75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce5eb6b63b7dc34b8e3b988d60d28a14

SHA1
4d9b758a22230bd9a7b7fb45eb1bb3edf2b3765b

SHA256
26c4a154843382e92a8ce5401e556e628c39443da3943672f6022fab145ae021

SHA512
3daebfd62d6dc75a2bde680a0f4929e53109bb453503280e9178e11050ac94f160a2f9c08f80cb34f530bea3623d5d620ca7718a513273596bb6a04aa0ca5ad1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e2b8c6a69a9152f8ca02b21a12a00302

SHA1
79a9ce0a0e00e7324b4667bedfb1b05d2165a147

SHA256
e7bfeeb983b913cb2ca39023fa1a72cb5ea2cf708b536aec62555ea11319b018

SHA512
fe3c884c33f10ac60d65055299e9aa62cac832e45df5875b730f5b55792ad4cb6037805508ba905f225bbbf1efdab5cea72fabc68e733bd6f4aaa987d4197f78

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
27e2e9d6a7cdc48381aeeb49092ec3b2

SHA1
197d2988eec8dc57ed9ca8354ca6ff0e541f91d2

SHA256
c44a89fe28179e36a63e25da584784ce81edc345388ca085008630f187918b00

SHA512
122c18a525db7276df082a58930e7079ff9fa5e57e058d8dd29786a10d7f305ce6fdea24f94c3b97bcbfe18b9656e45874efe2d1194a0b8ed7f7bf8ee2bdc398

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabFE5F.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFEEE.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit