3c50a63676ef5f56a5c71a2efbee9caa3cf600d74d14f443b21887e0f78fdd99

Analysis

max time kernel
120s
max time network
136s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13/09/2024, 19:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

debfde829cec0607cdaa221802282e85_JaffaCakes118.html
Size

2KB
MD5

debfde829cec0607cdaa221802282e85
SHA1

dabc4ee78ffbf6ede497a67aa5751b6e88de019c
SHA256

3c50a63676ef5f56a5c71a2efbee9caa3cf600d74d14f443b21887e0f78fdd99
SHA512

a3acaf05469166d889fc8a8d94cd04b0fcc08fac3b286d134c071ce29f39b97293f735a79771672f393060c662bdfce95c9bad6e90c9642960ee67d3c718cca1

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000008da45c02d61386f0f211eeb6c06cdedced429a3cc7882fae550dd763ecffb88b000000000e8000000002000020000000cc8362dcf2b721a516b714dbfd810e4032ac227bde3c3631e1d8368e14243470200000000b5ce06b707f85332989c77bf351ea641a1f1a542768dcc76d134accd0e7d83f40000000af88c85457b8ddf59f595fbef26b1da028f13a1f3fcc0e5adc8e814c5776be3932bb0eebdddd0ac301bdcc1128cd2fb27c8df4dc886cbe935f9d09a1625e1639	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b0000000002000000000010660000000100002000000067dd8d8412f8a3fbb94e9062af31da0f6ca41650429cf6916bc89e60943223bc000000000e80000000020000200000001ca996e54a1634be2716b46294c417b7a7f0e419ca3fa3b642089b9aa6588938900000002767bd62e225b1a28745171d65796d70099aff6c665e1d599c3b5ac7cbc8484dcb3a44ac12ced007fd358b6a086b8b6e99a7b2129cc6832436d29cbd474540af245f14f805437ffcb58e43f425332a772b73592e7b9588a46d6891793f7f16dbdbbd018fede5abfd8311d3e3ef184853ea81309e167c275ffb568529c973f9ece1699b41e5fac5b1ea705734880673f040000000a5b4a4225c151ee2ae0acc704a126378280a72027d11b7473a3c78e52466ec2f69c4a0033c5fefc270f2fcd0232fa044d643ac2845eab2782f518e6d3f9a6632	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BD410A71-7205-11EF-92B3-F2BBDB1F0DCB} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432417315"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50c68e921206db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2248	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2248	iexplore.exe
2248	iexplore.exe
2768	IEXPLORE.EXE
2768	IEXPLORE.EXE
2768	IEXPLORE.EXE
2768	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2248 wrote to memory of 2768	2248	iexplore.exe	30
PID 2248 wrote to memory of 2768	2248	iexplore.exe	30
PID 2248 wrote to memory of 2768	2248	iexplore.exe	30
PID 2248 wrote to memory of 2768	2248	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\debfde829cec0607cdaa221802282e85_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2248
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
02a904a5d7ce6fc3b8b160da1d4793ad

SHA1
f1ec02b8cb3dbcb31ab0471d0c5abc9aec34b07e

SHA256
7d0bf8d1a1abbf079c121a2375d20a339b755c22853e900811ccef6e78e91787

SHA512
ba06500e6b6b513fc482ee4f79ec3f939762cb75d1386db43d784a8d3b1aafa19ae92d0b34cb4f7d566487f3bec628fdbd9fdfdabd574d37fcb7508fc25b7778

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9decce99f9b23f7c7fad35cef2bf82b2

SHA1
1f46c1ab5080598c95c7fdba503c38ed2d5962ea

SHA256
9646733dc6b445bd1926425b8a052df8a1915b30f30b87f68d0bd39c92b5d966

SHA512
9ef069c1f010a780302876ed79184376d1cd02e8c66b9d1a56a06ca8f0c44ad08cbd27bbc0539b3c96bac7c661ed3e888a7cd0a0251727c26a471fae23e07e96

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
031270c6fc65ae12d248303013b9e528

SHA1
4ddfc93dd158f8831d0e9e095eadccb04b168b18

SHA256
c4e2b6cded210490c1843ce60d829cd41a9cad55cbb3b106ba9e2f7d2f2e23b9

SHA512
a4b7d05421dad520673f0077a96fc7775bb2c48057f18d1049403567f6683399ece4a4145c5ba4adf5891ebd05a28c0dfc5d2be819bd1b9b31ff0b8f1c30b816

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
542dd39bd0d9c0c331cd23f257044644

SHA1
b9865604223b746fd53145c923c8101c15ad4600

SHA256
d6a70cc571e845b2c50367d433a7678d199301192cc932debfeddb81863c4362

SHA512
2e0b7ac5058a7ad270eac56ec5bba46b086bcb769659e1106acb30302dfd73b590abaaba34655f1794f68920ee2d7734902e57cd2f946f2be408302fe3f4d4b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8beea6ca3ca40513d1a04d7c5a867a0c

SHA1
531d1896ea31b1372ccd170d97fe0029b3553a42

SHA256
000bac534ce4ec81fea97763692d6b2d4d97bccdb825e2da562c4f97e660d2e9

SHA512
d6b6a85fb7de0211ff306b6c8294c725a8fde46b943e3fa0aaf1378eb7d8c196dc4be6ed19df30e13185df00549ea7d1d1ba1369d229e48f47df39de110bdeac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2b7542aad4a5078ea3af17111de12cd9

SHA1
3c5cb0906f09c0c2a9cee95f475e3dff0f7a32a1

SHA256
60fc46d40683e7dc3da2293549240f468450cc4d01a8088f8f289aa109e4b938

SHA512
fe604d689ddbeeb327a0ce6d88557058ad2e74993cd6910e10507501e25c0a17be8b8a6da79e8abc6b7131cdfe410b9824ff86dab4035b7ac7a3f0c87f447ddd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fc2b5dbb6dcec422404673986cf04417

SHA1
8d8e8077d01c878325fece8ea56f56d7aeaaa381

SHA256
33804a07c559b6bb20a0dc8ae50c171a8e0b022e435018f6df4c6815e521e48b

SHA512
4e7806da8a8ec72063b452c34c63f8075ec0d82f7868ccfe58ab3b8f2bddf9cdad2c47d5f7cf2e3a34da50471b1d3f999cd49933a8b3733716f19bfc7e627cdd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5ad9fb8266981b1191d84c868eee06ba

SHA1
6aa1ae453d9f3831650c3e91b13c5bf2fff62085

SHA256
793693104ec66b63a107f71505f44b88e4470cda2ba48a9ec41d96fde09ab1fe

SHA512
ec492979c87661f9af18020914b06bd1de5db56994ec0c3eaebaf179f9557690861faa55e585165373d7711d01efdbee727fc55c0af52b679553702af208421b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3b27011135d42ee2a10a55de0f765164

SHA1
0632e1aedf22481c2044ea9e14ee6fe73b6210f7

SHA256
24deff98790f82064b9de5f2f97e1a1ba3ef11c591d3badfc5c9441727dd4ae3

SHA512
e6d98b9c26e3bd9f2517d098cc431b07ed38dce59c6d9000c6455aa53405faf94984a64eec4277b413a0e2bdeb8fe5656f6701cdded590d4c7f86c8e77f4350a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
46803a1e56919c71475844955cc4e772

SHA1
6249bc0b3d2033128278e0194f992e9347484ca8

SHA256
214cb4135645477d6f232eca5dd74be99ae1d2b431f818c8863458b6e3b3ac22

SHA512
fe86c76419b4f0c5fc8da69b4542bd59522b1a669beac668e837257fd955e713ff9388dcdb31866a1d8d7a9515ad7a7a66247691b8143468c3fa364a99383432

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e61df430eebb1d4aebcaf761f91f4d40

SHA1
cf2c6ecd5b5a26d63590df306d9490be4af353f5

SHA256
66f401455e979e58488a319d50eefcb8875d7a8a3264bad27b89a8386b369f74

SHA512
fcf64b8a6d4549fba660087fec043d22e9a42f17b34760ef31655300e118c8e20b32fa96cdbe40fdb5cb355ffbf11b65696e73c7d794dc84fe46a94475cc9a17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf785f01867f328b58410152f50faaa9

SHA1
5d82144167e6473e4b09d6f285cade601f54ae31

SHA256
4ead5a623cee9ac7fdc0543e1dc0f0c055da52b6b3be6a0171fc3bf2c329c7f2

SHA512
5cac937872c7881f4763c978aefb0016fd2eb81109cb5b06a727c79b0bcb70061e98783400bd5e0224550d1c1a5396c47f2477dd100a45326bf31619eb84af62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0c83298abc924f47f98b213299b52f10

SHA1
ccbbc86e6f9bcb7d0eff2055181296eded13a3d2

SHA256
d999a7651ac371def7db22a2ba35a846f2c2004f657f55ac0e3c7eb3033eae67

SHA512
88d98652b7c8dfa6c30fc399bb213eac3f622c373427d9fe5e12c511499e367668e6cc58881b69a2cb82571a3c8dd4862ab2390e99f4905f8c2d022f5136353f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9771a1f4d8489f727ba194ab05dc66e7

SHA1
5d7b5ec7e1da3e57d49bdf68f0a9bb691e151586

SHA256
48516eb0dabbb9abfae2409ef0b99b38e7396210af3e0b822af61a6aca7e4dc0

SHA512
cc20e3780eed70ee0dfca0cda4d57f2d8fa8a26764d1accb2a87489b12c40842b71509140c58eb812145509ad12715ea9bd8ce7f8da6bcd4eaea4d3133af6a8d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f4ae9a46db10992969528a59c93e992f

SHA1
b93ac8782bbb8a55d2ea06e74c72d57c8a761619

SHA256
bf392f06634acb28c69e34f652f0fb0171568ab8700323c7a77a272e7f739223

SHA512
026b4779b935706da83d1db9f40004f24618cb65a15dad9398cd6cdeca8204d7047728d34bc5ff0e1c789df3675bd1c2f6a96fb4818f6709fa0cc03f830fc33a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e6b7fea0b50eb5af37193672c2decd73

SHA1
629d6abfa0943bb80559414ddf01beeea28c4f4d

SHA256
ef9dbe6619e0ad44312b4b8a02041b804a49f56939cb80727246d7b77bfa3dd8

SHA512
0d192c21f867fc5474766e854996484aca4d5d7ac78d422dfd35a0b62ce1fbeb3254b9d9b54e06f870f61f5327b15a4f407d83a0d56432037c69ba061a196cbd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2e94130e3f9dc2a496cf3004c48e8142

SHA1
7134326494d635ca291394834142a24556b6cca3

SHA256
df0ae6ed068eac7daee50d086e87d905a118fbe843232c073b7b2ed1351c4b9c

SHA512
de6cd691a4938767941f95d4a46b908a6c31c9da4fb7be9208659f65547c5a385b359bea4158c736e93e7893fd53bed796d7c2d53f16e86f43f8e74e2bb33a1c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a6444a4f31d4175fa7c5ee1012c9a63f

SHA1
a90e3c5f37c61b30fa82b2a5fdb2ef106120eeaf

SHA256
f6772440674d98346232833251116fbe79402d49c4aa58227e7267c4a69c8d86

SHA512
cf78cb68105595efefb6cc79f6b18833b02063b4696606ce09626c1a982bb40dbf13118ce9c2758fa0db065d8334c4f9f14c160bbda9616f9ca19cda0372ad9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab60B8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar61A6.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit