83d98709e853bdc67462e977ffc10989364701f49ec0a4c525fa7ee493ec1038

Analysis

max time kernel
117s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19/09/2024, 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eae2f5e5eefa441718368cd9cbada246_JaffaCakes118.html
Size

844KB
MD5

eae2f5e5eefa441718368cd9cbada246
SHA1

72779020fe9d6cc3859dbe5765546963c2c90388
SHA256

83d98709e853bdc67462e977ffc10989364701f49ec0a4c525fa7ee493ec1038
SHA512

ebeffec6daa54bf9a51f13011e6f24d9c178d55791e44f5ebf7eba66f79978c54a683fd5eb8dde1eba39ec9cd6a881048f4927719fdd4582553a07fb38f1f81e
SSDEEP

12288:Gm5d+X3ZrscWy9dHG5d+X3ZrscWy9dHp5d+X3ZrscWy9dHv:GE+1jw+1j5+1jb

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000b28116444727edd638ff2575483e685b62fc44ac28ce8f522650adc8f77c6253000000000e80000000020000200000007295474784819e212819466c70a4e931e64c3cfbd916ecd514f93bdf9acabef320000000ee937bc507bb7227227f8433a3c23cb9dc03a14e58d5a9224543dbd7283aeedd400000004ecca9fa4b4950637695cfcfae84a3b4bd13a927baf98b74ad0585adf09e20d6ead693df04beb0000f3028d5be4ebfbc39248d6b4319f1a655de2fedbfbdb2e7	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 607200d3680adb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c40000000002000000000010660000000100002000000075b3c564e083bc910147c9af5f2206c79d5a4b7ed1b6adb53707cfe99111edec000000000e8000000002000020000000fb7250734adf32b6ce17ba22a65acd0590aef778a5d9ffe19344b12d749f24e1900000004f9224fdb9dbbae2383619159c8f3d7571d4af81ef5f5532145f6a4ceaf6b13b8d6c421aef78200fe20951fc2e6f3d69a5ad3230a1e39e7f14494e13819c0550278cc859e324f78319fbcd31755cd100613018d5ee8bc95fe8a20b57bdd037b0ae649cbb0a512adbe2e17c2dcc46513ddab6ff235c6ec348e90f9041c1e88c373d82f3158b06844ce331fa89df4f4b6e40000000351854c5f1718e7c22e9837a801a5d5d90d865c7165c7be0d0356dcbeb6c701c9e3127b8be577629d3f9bb3280d73cbdb647afac7d42c2902748ac6ab35b0888	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432894144"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F3A06F71-765B-11EF-B945-527E38F5B48B} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2644	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2644	iexplore.exe
2644	iexplore.exe
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE
2816	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 2816	2644	iexplore.exe	30
PID 2644 wrote to memory of 2816	2644	iexplore.exe	30
PID 2644 wrote to memory of 2816	2644	iexplore.exe	30
PID 2644 wrote to memory of 2816	2644	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eae2f5e5eefa441718368cd9cbada246_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2816

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3969e9b0e9f66514ce83c527ec2b72db

SHA1
9102b7c9a44dd1b784f9815b0ffd45bef6c65e69

SHA256
497bfccb296c30b9165724fa652e79c9f95d1a46c0f40f0ec84fa920c1ee46b7

SHA512
35e7e04b976d644dca4aa656679ab18d99a2848b8dbc492491e6504a53793857d9a2dc000c2cdc386aaa8a38e175624ba7f051c73d5f87c1dff83e8db60a516a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d598445478ff0f76137d61acd0d52ec2

SHA1
e2a2daff5a91cda507772890ff1dabf160c6d00f

SHA256
5ed92d27ee1df645e9c154c8f6c33e5c1cb6e8c10302666de1ba5c699cf9e00b

SHA512
ad8ce1c73f15bc24c1ee5d00541f07ac264dc44cfc6b0836e83566d8eefdafb47996499e21dc2575f35c70b5af597400eba78dd888b9e656d7541dc412d0e237

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
66c65485e84caeb75c2a2e6c5a89d9f3

SHA1
b14578096aae71816f8de722b314c87b81ad3906

SHA256
81b00652d8164126d94392bc1e01a452ef783a6443224e49890fe81fed8a9390

SHA512
7a1407df43de707bc210f7e5467b429ccd7882e63dd3e491488caac8b6a0e4f3671f931df0a8b5d51e1c9a09ccc67ed94c5e8f1035541119d123e27b581dda6c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8acd596207dfdab4fc7ed4954fc1a584

SHA1
bb436a04005dff2c99bc31ee2d697ed5372d0dbf

SHA256
6912f12c0e4e6e4283c18a3f920b5c64693ec3bcb411710447ca4a8ed17d1e29

SHA512
5996d5f2ebe8b2c2b41c36fb3d9a9bc494f652fb43d5b0887afdbe6b92633a034563aed2eaa9aba075b29858a76f6f50876d94bb2f68af49ec02bcf836ab9fe8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
142963adee1820ca17073819462323d0

SHA1
f8baa384e13577f5a1abaed8e72789edd80821bb

SHA256
f5a854b81ea4a53f31d19b67dff239e48b979bc714af6a31c9ab838b3f8427ff

SHA512
dd86699809a1fe7dd655dc2aba27e7488c77c1beb8208a7c5593598106dca920b37e353966a5993c98b9c059f4d1fe68814e2d59d3287680af8a59cb7bba1bb1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a143efe84af71b886121c93e4b30dec1

SHA1
69740635c0457fc017993f7e74b6138595118bb9

SHA256
271e10a4b565346e12be634a0e45876c9d47383927ace84d77cbf03b9eaf7ae5

SHA512
7ac0f5413c1f7f2a587835a97690d8a964a5712a0106dffa1799180dfa3c9de14c6aa67848f3dfca00214310e207204a58097416e922d349fbd5999148fd421d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6f2f17f5cfb914ce572fc0c568be8410

SHA1
50c428df434263ff197a53c5078f5ca7ccc4e9eb

SHA256
f655ddd80de7de979a55429e589022e5083cedb6c3948c09bd12e5a3891d9c04

SHA512
5e4fcca2247ca1a4a3ea3ef344f623589168675c5231ac07d465e4af65aedb4f5955e4c2fbab1a23302bcdc1035d487117c9ed334d722a27414b3721bf6d47d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4f487f29e9a9ecb925f81329e0f8869

SHA1
37b1d5b62a880e32fb0f325ed00551db689691d7

SHA256
9ecf36ce1382b0c87a12cbde408cdfbed5813854f917e707bafb6a30f8b5b9fa

SHA512
80c07ba79ff3bba325e88def0c74cebec7270d74b5843a89fd03db20c0ef79c180a576365c6ace3008309db72131969ce0fabaf00fb543717b5c7473e024854b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8d8262ed8015871c57a804cfb02a39d3

SHA1
2991d928bd61574ac15ab2a3f54f8da1954f77cc

SHA256
fa0193ace71cee410afdb14345919e1d9da9fbfec0f1b94a73c38e60d69ae15a

SHA512
6833d203fd84fb58fe0f295b27e04bacfb20e11ab773dab78d22ef7ae1f1d20ef5b98acd4084adf6edf0a983a98a4cd8092c236786ad271138ba19a76adda719

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c399a2296ebeea9a718af1acee6ac787

SHA1
b9b2d273dc99cac02fada06ce1a99f0ed7a22596

SHA256
133b60a5dba5548076dc3948db6bbf9b1f499e9cd668b8639f6eece64c741dbf

SHA512
f89707794c30bd8cee6e60f7bfc3fd491c7a9476a2ca2e60a4a55ee6a5043b3178f2c1ce663b1c9fa667f83fed6eec260bb11add7849aea2795ae896fd8c241d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e423fc7b0936683cd11c5621b9c76c79

SHA1
c784c8426167c1b1b4a829a9dce449fb6852691f

SHA256
96e11a281e71c56b4f30463d2e2ba76d78e024313a5457b60ce4a983942a9fef

SHA512
7eb1ae70ff466a602adacbba8c78b20a5f2c86eda2b108258480899705e1477bd3f6967b70f451ea840229a6738837d7b19513236c1326dd764235e180801cb2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d23ff512f4b93a68940ec940c5f0b601

SHA1
47d322e647bae392beca11001b36e6e5e90701ab

SHA256
7946502a68905b9c8a9e623a9170484ca0d1041b0ada667341c6fee8adab7a19

SHA512
a48b097c8a182226d991e4384c1cb3cc5bb7020be32870e99f7378a760082d0c3920e9871b272239f2233aad9ed74acf504887974d7047730c9f33775295db81

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6128a7e0afdec48208605b959a19789a

SHA1
e9031b5b3a42451df7f687971c663b7aa2344f6a

SHA256
64c5a0ab1985661adfa2e8e87b9fb1199e6036b81cbdc82fd82b57b027e176fa

SHA512
586b13477beb454370202840c0c7b46c281c1ea7baa4b2cbb76ae7949f4d46768857316e4259d5aa87366f30f7c4dbb10b9859734a62399e757b23b4527ad6d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fac8f4773d005419e3426a1fb7f4349f

SHA1
fb0f889f5c3964569766869364a499c0767f9a6c

SHA256
81d1c60cb23afa089f4a02e7ad4ca683211daa07214ad4c8bf30e0701161525b

SHA512
ca9e33990df2cdf7097209349f9e7ced74d3cfe49b1165f5cfd981d779d93aa076d9aff1a83483ce7e5ba1b66c4ce2c510e71461baff6bdec66c791ce36f1800

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
859340c3618421bfa02eb8fda4ee487b

SHA1
bae2e869c413d27f5b69ebcfeac423b39f985190

SHA256
29d9dc7776628c4f7c9cee61ce008ea6eafc4ad4318e6768b83bb3039edeb2a2

SHA512
73328975423d5c3dff1bcfc6806f9dc7f99ea629cd27171d4819f7c76deb713f8bf0d8f364670b080066f08e4ca322a8dc90883272b33ecc1132e75b3a4cccc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0900f65934da42459c997b158764acdb

SHA1
9fa2abb0c128e4eed9305ec53ef663982faeb036

SHA256
52aebb8fc78ae2e882309001cded3974068bbc7df2ea3a8c8f3420385466ebe6

SHA512
9690279cc98581096a3905c1222bdd4ad3cda48e355c6e3ff611bfba881213af83b5d9bc20e30aa31c1d78c1c69d9a627ca8942a91f99a7c78915c5b4b29c9bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eada26ab3ec1173894b6692e7b7bd874

SHA1
0b392fe3bab13993e664ec8e61d01d37839fdc33

SHA256
3de029e3de24d52e58398c99f30aaf49f52385474cc5ef91adfea6d11bd8a71c

SHA512
ae9172624c1fc53a836f22f3789cb870b24281be909dc4511ce683573bcff3e7a68bba15cb4a074b7293e2baeeb8355e65b1e1012c8c85c0c7dc351559e46806

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabB6E4.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarB744.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit