02976cf99b1e6e7cb9c8c798ab600fdb82964f9a656d8824f420c6f247180a37

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
12/08/2024, 05:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8d954fc370b623551ee037cbc9240889_JaffaCakes118.html
Size

14KB
MD5

8d954fc370b623551ee037cbc9240889
SHA1

4381a087ba0ea4868001689d2ede6a0d456ebffc
SHA256

02976cf99b1e6e7cb9c8c798ab600fdb82964f9a656d8824f420c6f247180a37
SHA512

ebf14a4f70135d5d77ebb130c2f886936645a7e8a8ebbfa0ed3b56d9b55ce57a25387ff22dee13b08c2dab5e8b421485640735aff8fa5de5f7f3238e8b982d0c
SSDEEP

384:04lI5NHSEmmm7mmmdoQzWHxmmm+29mmmX+mmmP:0LNfmmm7mmmdoDxmmmXmmmX+mmmP

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb900000000020000000000106600000001000020000000afe7e5bca7f1691338ba261e5ab2fd9b7521e6f5a3801a9eda06d41875a40ada000000000e8000000002000020000000901a181043086840024a1c4a679a5ebac88ce12e8ecd7eb9d13ccae36b473c5f2000000027ce80ebd1c65d7613ec1114f10cb55351a40cef593b24c37217354e5f62015840000000bbcb6e743532ced722920e3822bdeec1b5796395acb3d4b3b6fffc48409248e0d13c645bc0e37f061c025cbb9196461c9aa5bab431dc313c5d6c302bf20c973e	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb9000000000200000000001066000000010000200000004790bd34258d84e27a83d0a94dd2cbefa863419b5ea3605f395dd69f2b663f2e000000000e8000000002000020000000edf73ef65e7e2e99931e8cb4b43207a8dc9223c33187f8df5444cdd20f17c50b90000000f957daf20b6e4a2612b06dedf741dbff994644e6ca0e4777aa5969d170052abff49d38493d2cc7afeaa5daee6fba3f06a5f6dab4dbe3b2b7162a28c5388f21891239485ae19d82f107ffc580fdd3c9cb2a88fb7b167cdb3cee3bf931948f87feae49028e8dc42bc38298aee482567eb432d60e12de4f44bd66d18a8c796671384a189b68ee01297eb51f25659849b5a740000000c7e409b846023a053737d706fa8a1ab828a0089b9c8bcd11623b18ac6e1b28b642aa55e9e0bd3e41aacefc53393cc1f67b1b260ad1dbd1abecfddff404d43a48	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c045e1eb7cecda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "429604260"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{17547881-5870-11EF-B40C-C6FE053A976A} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2668	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2668	iexplore.exe
2668	iexplore.exe
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE
2680	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2668 wrote to memory of 2680	2668	iexplore.exe	31
PID 2668 wrote to memory of 2680	2668	iexplore.exe	31
PID 2668 wrote to memory of 2680	2668	iexplore.exe	31
PID 2668 wrote to memory of 2680	2668	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d954fc370b623551ee037cbc9240889_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2668
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2668 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
de24e6bf58ffecfbde39e55b4c619ca2

SHA1
594946f8754ca5faf7698245a3ba7e2ffd0c9bfd

SHA256
7a12a171f12799974e760e4f940afc6d309e1c47fb8d30e0ccd421cd1c18da2d

SHA512
b4a499200f1b05ae6a09396b87fe58d69514f5ec72961dcb74c4505b1ed6e0b9e309f7c907d9e3d7db37a35e805c59b9a230f4e1fc3fb6170e83cf9ff808a5de

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7fa4c88f91cf18d11fc66a4ef309b260

SHA1
9a4845ff57390a2a93664b41df5adca54eeb793f

SHA256
a8fa43921fb13cd0767c371bc29bb18055ac5d1eb8bba20c4e04cf30780c1166

SHA512
a72ef017cb9fa6df673678f1a3e7d1cc8f1a1e66e7f2bb47d0caf015d3d268e522e2b7a12f69da2ffe056c4421dfae6f56e01f6e58fce3991dbb75d726f7c376

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
968e20a809597b55cbd240196c0eed65

SHA1
c6084f802e35f8e2c1456e9a1992d90600e0674c

SHA256
400fe53e1e02951b881f319c56858f5b8e3152f0ed5f12f2cb313b308cf7dcb7

SHA512
c63358a8fc3b8aa467c1bcde2ccd730c566d686081f4389becc91abf6ea669865a18494c6b01c66c67cbf9b94305114527811aa77875a359e9a8b8bf6c77bd68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
585609cfdd4bff3d3b41ab16a06d4fc0

SHA1
e6e0960e73c1d873d23fdb026c9de9cf39da6931

SHA256
f687d4e53883e63a5c14a5bc7f9b8ae3130c56d70ff5dc1723dd8edc103cc0ae

SHA512
80e3acda56f2a52fcc98d5f1e7721ee0a2e93e31ef13f8125165c95e916ebad37adf0539a72252f7d75b7f7c1022ac1d40870e87211aae6897c5573e6ce70707

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74256c8e2ebb6358170835b35647f02a

SHA1
584658bf3541aa3731d91e0ca721d143a7c28e38

SHA256
dd887729dadbaa2a76b413232d3e188ae50a48cb4ccb36aba6426928d2744984

SHA512
4caf9579abe492b9f23613f14b20666ae3a1a55646c73c0cdfe9592b9aa8d9f9b76b5feaa37ef7cac0c642798a2dee0bb3d2b73cac6ab02b438b77dc0062dc18

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b4ef24b8bd7b1bdee636b84b412414ae

SHA1
99d1faa99137e6676ec6e248e24bd8bf705a1030

SHA256
23509c82d8134d63c1f15cc02aaf4542690268358f7f247dae8c94aa33d15f27

SHA512
112631bf660bcffe3fed0ea3ab12ef6598f48aa6475e2e3d34b1692e9cc7aecf24b9b13701aa20e67a847155d2de714b3cd4695d198465f51aab4c808f097468

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d7a235302b6f9a43d728beb08e0705f5

SHA1
7b737b1dbe262882b9a21c3a75571e710a1b2398

SHA256
ff45df3fe417a569350999f4ea7d3a47346474b88a5745ba3d4effcd42b7827f

SHA512
e5959bffe55bbcceec777cb05882624c70b265f7396e44a69d28d50e19aa16743c9287d983a021805c1d00c85025630e3ff05039b1e829fe89cae370f32c33b4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbf06f55fd416724387413f0d0a6fca8

SHA1
2fd3628234e622d095d7fb71aae535a512f14545

SHA256
51a34247e2c9903adcbeda650fdb02fe58e668b0c064c83869ea4f434bbed86d

SHA512
da204a09f70aa97a0eb94039d7a266e23e47d3eb056cc1603330f1bea0dbb833c49f4487e9a59f554633ecf105169ea253fc6d5f21776260dfc1e698e0a06966

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
448509ea9661da16836fde811fb35254

SHA1
35f5e89d43da71940f29064e55807deb4f75f20d

SHA256
6d87f25aa391bcfd4b1ae6f7477c0679a445f990025a771bc904686f22888c57

SHA512
a74cb1f9ccb10f4af8d59d33ec1f2b6da7226154e54a9ff53b9626081eaee004ac868c59f2be612c403fb9d3bca86ba778b816cc2c3863c0295d744ceba82626

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
02743fba552d900ecb3571ead7260ff0

SHA1
a5d1814c2d15bd0459810b382e3720d438bcaef9

SHA256
572ceee3cb74e390ab89cdd5c390cb76b3aa618aa6c9a77d4b83cca1584a8c1e

SHA512
03a5464781be8b4c48bfe2c3fcbc20b2df44e223a2b9a11317b780de7dbb067816cbe0dda10d1d6457bd135f95d3b882c9b9a6f46271c3501bcafd38e18dec8e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c38ff5400c1baa97b8ce1f6cec5397df

SHA1
910a5b1c7afea322d28931ed93280f31035a60f1

SHA256
7f11f75f54d39aa0913ddf2ef879f95d605f6ff8008f3b66164de3ce68c11dd6

SHA512
b387e069cba50e93cc0761ff4326715ecd211c43f6d09daddef1b25185b433b2d8f0194dcfcea00865866a4be88d2e2730a46ab025a835e2cd4358747db5a766

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0dffd9587df69eaf17063cb4edb27a04

SHA1
072f85017f2c2c10d3d4172959fefede1cfaa982

SHA256
3e647264e4645b998ede2fba69d99e6c55ea23147cbf1fb2276d5406fb5fdac2

SHA512
11f64b4af4f4a30c7be6ea6b99a08a0e175789927e2a9b8aac6057244fb10d8fb7b93b5c4fa16af996f6203761e81220f297e8974af285cd669c4667ad1900a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2bca01d2d194c9ac95d92b21f0fbaffa

SHA1
97e4f1dc3904e1e25c6acd4a6e716f48e9cb2e6f

SHA256
77bbf4e1caf34a96d2798003a3ffe700f54bb8f91e6451cbc0cc38d349e5acea

SHA512
49734a2f453557e229c8d7d6108d76d5bc7d0b92b9009e4774de162645d5ec4c7c2de221701a355f4a27778afe1ce36d2e0ce6473f4c75fc4f98135893309c9f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8f55fbdad2928f32df083609278b6fee

SHA1
a8a70ad90fe63e60d0d3dd0f42b736ca6e336736

SHA256
7ebaeb1be84c4641fbdcc1f4726bfff95b631223102f7e931ac89350c602d584

SHA512
4cc0372046db25231b5106552fc0f2069fe769e969f583362f997e6c060651b5b24ad4c4415b24dbd12606c11aae5262786b65cd0e86d4e37e72c2138f31a76e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
57ba75d14d80677cf1e31633204be48f

SHA1
b9802fc8dc6e4f307eb084db09724f2ee1003c18

SHA256
9ac8a20d262d1c30102d8be9a178960f042d9bdb97bbc766916376c07fc4427e

SHA512
de8a6a69ad7630d5fac82617aa3da1260683983e4ca51d9715ccdde6b4861ff57935c46c78e2b9f932794302d2000c8c26eb119052c427d860ea41ab44ab2390

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c86b0d9e343d59ef7a179b9935711dc9

SHA1
bcff5f96adc4ee9a86cea460e5bac649775e19fa

SHA256
3ec1c54dc6a10c2e55861e598ff9993ce16b4801b0a8a42f3056227b45763b50

SHA512
2da8fbf27924aaf0da883d65098f0b60b377c34ea9d9574ca560676e31a0245623748255ed053632425a6a7512d0bb2f00dffbb9485acfc8f4125fbba3ddff53

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
baf8d4559e8af5cf4838a131eca4809f

SHA1
ab0dc94181a3206e2c0e44493f6651c80edd8b19

SHA256
6ae4cf7e44f1d34d90d8070b6ce96fdf61f43eee729206e9d7967963967ee917

SHA512
21704a95cbd4d6935ace0be2888d2c9aec65451f63bc51def690ee69347fb2e436efa7f3268ba130e622f688327f88e28d86a349d5035e90e66b368ee0d1e95b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB79.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBD9.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit