018a59ba6b1632738dd6a4c8e8b956ffdeb2ca3dcba5661bfb69bfa5e59a14f8

Analysis

max time kernel
118s
max time network
134s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 06:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eac7d2ef3ee674c81c0c59a561f2ebcb_JaffaCakes118.html
Size

7KB
MD5

eac7d2ef3ee674c81c0c59a561f2ebcb
SHA1

e9c850ee29e9834acfe08383a610a284c817a7ac
SHA256

018a59ba6b1632738dd6a4c8e8b956ffdeb2ca3dcba5661bfb69bfa5e59a14f8
SHA512

336ba23ea4ca99a625368b09933861025be58e7341f2a4e8ac6e8ce27ca1a0c65affa03ffcef0e440c0ce0b0cb26ab8581cf770c1232bca13c3d5796c3c2372b
SSDEEP

96:uzVs+ux7DULLY1k9o84d12ef7CSTUBzfNhFBqIYP+YcCcEZ7ru7f:csz7DUAYS/2wr9zb76f

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5BBECED1-7652-11EF-A7B5-EAF82BEC9AF0} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30c38a315f0adb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b00000000020000000000106600000001000020000000b9b3e18ee534098e5d3ba3262de5819c6d9531b5de720edfe675104778393ba9000000000e8000000002000020000000e9cf2748fac993c0626941de6bccda2ae07a39d65b54cfd0443ccb5c9d8eb5ab20000000169022476878f0a019e8d2cb12cd72e14e924701baa4837b36babc757936d91b40000000553c7d262b007c232335db37f5f234f5913310530177cc1cedef79c84b9f9e3fba0067d58ed03e70a924cca986e55581440a990cf09bb2b83ca33d7bbfd07a20	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007b88b8645d6de74ab21efaf0de98379b000000000200000000001066000000010000200000004eaf2fd1b34cf01259e5213d5b386cdc842a121dcd9b2708d58e4fb80bbc74cd000000000e80000000020000200000001f0fb5ae02ade7717c9301ebc126cfe51db27d5c9a5094d2aad0b6b4c1cd891b90000000ebd9c11c9d66884ed86b99d3d8171336ccc40edd37e2e6907ef046afdaba3454354cf158527e1b7a7611ededdbd57f1ce249875a2db49af1670c38136113aa20888b2afab33fccf67901051f5800c5e977ef276c05fb0b4349610f88ed907b52a328a56f611dd329cbb018f24563c1ba44601a18674604848fee861ec744f9bc3c67ebb6648c1531fe92ba62ef2e5fe94000000093114e112aab6a5e42d1290dd39613978ceb15828c866ba65a8764bae7e106ecbffe2f0b081c37e172707598313b6bedb95d7db82e39f19c8d1d374077498365	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432890027"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-457978338-2990298471-2379561640-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1992	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1992	iexplore.exe
1992	iexplore.exe
1960	IEXPLORE.EXE
1960	IEXPLORE.EXE
1960	IEXPLORE.EXE
1960	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1992 wrote to memory of 1960	1992	iexplore.exe	30
PID 1992 wrote to memory of 1960	1992	iexplore.exe	30
PID 1992 wrote to memory of 1960	1992	iexplore.exe	30
PID 1992 wrote to memory of 1960	1992	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eac7d2ef3ee674c81c0c59a561f2ebcb_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1992
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1960

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e317e9cee3526499796928b22098d2e3

SHA1
438e752d8e5368c653a3a2474946154942ad8488

SHA256
15764bbfa7a75015d088b8d4ef3001428a886b9251590d9ae8b40ce342311414

SHA512
4ff76c6925654a2aad1709c317a6522803f51a4e8396875be88379fd882b1c5e2f3c7b695862b8d5b02dc7a57ccea30b9e1363d2455e0683f1bdf9e908d79c5e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e16d3d361e9021e5a112e21bae368607

SHA1
a1c5afbfbfed7ca654f981a5cf5eba98e8228962

SHA256
41845e1b3f9d02944308825c5216c190a3d2e27649e49afdbe94a51634988156

SHA512
9d1036771373a00bcde0770cbd2c441100ea8fc0c774775d7165c3ef8946bf7207e074d63fa9fbe6a41b61a95533f02f4984cf805a222f9e69d891bdd84b1efc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
67deecf1835d27e64a79c805c2b2a13e

SHA1
bec8395d12f65c9825952b66bdd3e8bbadd6a930

SHA256
5084acabc6988aa5d1fa7272052cabd0ac6d0ba4c382c58b0b89b26a37a649ae

SHA512
f1c2f0a488beb4a016f56ae0f704d017700d8bcfc5b9a6c24bf0229abb4420e3cd22e3632a610e92fd256eafb38be0182fd7708b3a7eb7f8052d91494caa1e7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9604f19431106528c2c75272cbe273cd

SHA1
baa71f95b92bc2f010e79b79bc95e139f49155d8

SHA256
70a9be5381d94f4480ad5dfec87bc28f92881f69040a3e065f3e4aa41216cfd4

SHA512
e6fdb89af9b20b1ac354c8a8976e78055362548554516a22a8c386d885b6bb07dc83f000d5226470910831394f4160eb1329496e5359a995c64d47d32ec9c60c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d99dce0479efa6c078d4fbca3a3581e8

SHA1
dfb71727f039e7caf22c2d1e00e456d278fc4a1b

SHA256
73c10e2e73e1a6bd45a8c98941499401cd9a0c0a731a5468cf5df2e77c7c8636

SHA512
28495489add12a907af204e2556721eb15f6b5334ae9579bc288802d946b7dacf7dcc1e1ee3ac4e97fb3dc80f6d32570cd77c4b4b7dda952aaefb8287696c7da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
79ae9a2339a3b404926e81c2f906e3e3

SHA1
40c6fb70156d0688f2329ebeb4f521787ed8cac2

SHA256
cbcc2b1dff0eca6c910f494291b4eb9b16fda3cb93c880a043af763c0572d00b

SHA512
4d5b99c398a07f0a3b39872e0687464c85ae36412a0bf775a9aa78f71c3cb5ad48a3f4ddf32f1e533fabd1d22f66819a34c99c278817a0300003aee167271615

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
017bdec149c973249486c6072f7fa75b

SHA1
f3bcf8e412838d6944de6908b44670f052c72f01

SHA256
b4ef082a5792c1e0306e8edb7dbc5de183827a91984f350f3094fba0dc69578f

SHA512
b722338dc33d426b68acfc89c9bd42dbcb393e1b7ddb6bec14c8eb2a4d3927bfd05b8a38bf00d75aa3756809026a70318377e68039bd92fc0e6e3646f84fca87

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fbc8e23f9a17936222e96324947c0b34

SHA1
e7a274e5aa54133864ef0517fbb0774222fad2dd

SHA256
a68b8288d785e1eb435fc3eae1fe3b410982ba18cb8c27d15a3b862d9c081784

SHA512
57df43cc90dfcdee17859b8154fcd7837a77ae4c324a2a55cbf5796100bcfc3b5628a4e602c5220f78f066ecc8481856a1bb5be7a9f73e0822d5332639f2fab9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
da9cfdb5981e0fdc061879ae3faa3cdd

SHA1
e5f26ecddb67ae7e7c3387cb2959c110fdc745d2

SHA256
e186ddba6df611a3f64f2cba7ec08f2fc1bb0fc206089f356871d5c69048aa2c

SHA512
03988232bf3f8f95689039500cd50f263314f471823d57cdd4980ad0b372088df4c60d75cae740d442fb6c88521667f3ff22221e43f599e01de7fc11d83c6906

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
101c41ef11aa83c6ae378c5376d86ac8

SHA1
85aeef06b649997d95e7c3a1531936f9a7dbe3a8

SHA256
6651b7d21708576b31ce30e31b7ca523c3b454936ff54bed344adb7587f79a43

SHA512
f16e4ddb084572c12de2e27fefc4b032e288d206757664a8d8f4d7e60ec58247ec79085be79b3deb65309234168a9a9402f21d0a0c41a28c9e0a6720c77ff266

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a086a93a83d418378de76ca526d5dff1

SHA1
f3d74eb7404a9093d223ff848da5f6387532c4df

SHA256
88a204d7ee9f75c5f6778ba418f372590da9698bec46c7ab6b9b64652628813f

SHA512
5fb6aca63afa810c49e2dec230cc187577e9050b0c75fee54573b628eb439e1a0f153d3b587ccdfbebc3831a61f9a5a7f3ecb4824f0e775652d18e5c2be9ef16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8f9a93d79278338a4405fa0188b937f1

SHA1
5b97d0dbdfd09bcced834d48ed89a67b2852ce18

SHA256
a7052ba2a84d84ca683d22130eeca466b03ae0024f69c7d2e4210e1708957930

SHA512
e75d3557e031c4cd5ca8fd2c7c815783cd8fefe12f5dbd02b0e207722c821f196a3968430c9f0e8d5907a8455d209d2b6c1f0b4b4f025b3c3b3f54ee2e560a30

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c45fdb78d5af1dabd98076c51f620cf7

SHA1
76b233301465e0c6577efd10cf6906494ad279b9

SHA256
90adbb5518560b5c78213c93704e2f938b0880d9791089673a9885d36414890f

SHA512
745736bfa732cb7a4fcac1f947da9ae3473bd5b6d44ff65c650810ec5b7912551e0badc26c8b9a080cb2eef5ab31e625e9d225e08b804e40cb5844df6cfb39c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
73c80cf32906bc505dc3fdb7914a8ea3

SHA1
257205f556c04c74eef73c7ca244bc43ceb5d750

SHA256
3d3643e454a8af9a4c22a1ddb8f2babbb52b327229b4520d3feecc5f5b66a4cf

SHA512
838d7dfd2a0eae8023cea30b8132a3fc5eb4301f06ed5e88c29401b8921a1d047a0a308c640a032e1a97d13c56c0083f8139e401adf1d19cb2c69d896fae9939

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5cb8ffb662bccab567d96b6e442f5498

SHA1
9e769fef0c712d0afd3e488bee1e568c0576679f

SHA256
6cf1a05627376f33e41dc0f757d534db15dc167360d96aef2725ef1eba7c52cf

SHA512
f73ae0d0d9cdfcfa0e48c38d6c44902412126a8d92f61db805c30f348d586c44195455c170ee8dcc84dc9342364031e045aec092973589d319f7ab4de3e8a423

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b521d05300a439cc67584555406226a1

SHA1
4c0295085f438bb64486a0dd15949e6780655993

SHA256
247a29eef7a1371a9bf6fe044ea591159b6236a63fb9339cad322fc76ee07540

SHA512
17ecde54166b305f9f0d3972d31a87402a870f66d37e5929c58a968faa1a284d52651bff4bdd191b981e58e0d6211aaf8a0142ec88a90a843b8c2d8f227bcfbd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce5bca83be1c22ff10141588d867dfd8

SHA1
a25916d58c25aae498170b0eec7805ea5d8b23a4

SHA256
165b80ea8680ecb9454c2eba0fc6086766cc2a0c864cab314668824fd245afd6

SHA512
65c05103881418ca2a51cfc3beb8894b65c0752c00b3256146f46936f0f0577f9d76c87d9a58d7fefd8177bf1877e7a71fe4bb4029d0706879eb15a2878efa1a

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabA9F8.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAAD6.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit