f558c5e41c2fcb60fd47ca513f34f60b9ea51e3cadc948a34b3f8b41c029c5e9

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25-09-2024 13:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f61ca69fc2aaec04af3f936da6884c6d_JaffaCakes118.html
Size

5KB
MD5

f61ca69fc2aaec04af3f936da6884c6d
SHA1

638ae56c078e70d101756d354a0b5fd25e91460a
SHA256

f558c5e41c2fcb60fd47ca513f34f60b9ea51e3cadc948a34b3f8b41c029c5e9
SHA512

4820be721907604e3742ca31fd766535d446a0b232db56a50b834bfdc70e9cc066453691564baf7c4b30e7b3fbbe0f19e766b35ff37273e1bae84b2504d373c9
SSDEEP

96:1uM18LXU6luI3aMXWyWGYO8Pm5HrYnaYrVKrwtkaCExGHoQEPd5:T8LEOR3aMXWyWGY7PmJrYnaYrVKrwtk8

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F6105961-7B41-11EF-81C1-5EE01BAFE073} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "433432738"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e05a4fcc4e0fdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000da1c39717770e6aa27a7558ba2421c9c0386330b00a036b1fcd93c1fcccf2233000000000e80000000020000200000005afac501f4792c15c8ea0bea4a382204762c35c6d6ff639ca6117063d110dfc390000000c79905bf2c91d34f5b226273c5e1773f6605f2feae7ed9d2f687915bc01994fdc126bc1720c2759e6094159e51d795ccb7cb099bd58efc930b69845ac7c819d3879418c82a3227304c67da3e63702fd43d4b8025f4443425d9325e3ef64e1abed143b2b458976b6863390592ee3c2793a99d48b67f0332efb85e008a8850514c4e499d7763dad2399d6cc7a819331b7540000000755578c4d155734859c3f7764ee82e9988145a9313322de39194cb55f4001405b7915c4eb735114100c2562c9fe72afae21ac20f1fbb0f061bd03f25ecaad3f9	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3e8f15f634dfc43bfa5c3a2648d88c400000000020000000000106600000001000020000000b0d9bca6a2bac205a405156878e8a145d9e33f01ebdae9412e754b7dc64bf2bb000000000e800000000200002000000092beedf7b24c066177c4ae7276e7856edd2da40ea71ade2fd53fa29a27d775e3200000005cea2411ebccf0465d09dc6df459db3bfbd9b6904829ce78907209bc45bf446140000000fd4bb0816aae69b3c2b9d6776b9ec43d66e5ebe826cbcfe7dc485b071799c227c6410a2ac42c5271a99e4f5a79c634b60a2df8dc62d2ef9fa44ee7213007a062	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2588	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2588	iexplore.exe
2588	iexplore.exe
320	IEXPLORE.EXE
320	IEXPLORE.EXE
320	IEXPLORE.EXE
320	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2588 wrote to memory of 320	2588	iexplore.exe	30
PID 2588 wrote to memory of 320	2588	iexplore.exe	30
PID 2588 wrote to memory of 320	2588	iexplore.exe	30
PID 2588 wrote to memory of 320	2588	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f61ca69fc2aaec04af3f936da6884c6d_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2588
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2588 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a419d8a9a83c4778ab89af77c659b0d5

SHA1
e6d0741061ab31f764ced88adcae2cc386d1f4b2

SHA256
95eb21d00f075bca6ff48843755df22e2b4ed70e7d4581835503389e70956995

SHA512
715bb078c9522212c324827c791b0fbe54ca5821ba0d1198e9c75320de13037b928b47a56244a31095f19e78472236bd12c07413f473b99add22037c4491662e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1574efc78892f91b36c0484e14893b6

SHA1
7a3914a913eef819a815b859c4fb36313aa5933a

SHA256
1204c75e030293754b9082525f49e5c7288a3d2f3cf3605065cf7c6b59aedd55

SHA512
9c576614daceb4d75304b4368652efe4dc722d018474c69e386b88f8c5a639b1466b299fddca59449992b1f6e2b19e16d5ec40f52edd4bbb952c4eae53ccaf94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
afc8e48c00256651b293ae1472d5a152

SHA1
5be47ec429f6f493e596e0c5a1d307b3f4a14f09

SHA256
059f935ef640869aa0c22ef56f4b6fa601ce0cd23a602a49cfdad473dfe1fbaf

SHA512
23b6da21ccf1e71cf15e7fc633ed4eace16a4ad7b4a61c82f5ef66df067b670a97bee1960f45d768810658e755f190904cb713a28d51cfb5508e5fa3c407baf8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8a11afd3e1c07bdd72d33f39db69529d

SHA1
7dadcd6309892f8c4a5f76bfe892c2860c67e537

SHA256
b56ee3455eb413930e60f5d16712becd2d18ca8596b43e3c015180dfc03cb427

SHA512
f001cb0bb309c26fad2fb0562c5a3342252844adc7baec3da3f905b2d8548528fbd66cd0b397436530fb686d1aff246b5195548449e76e5ce0e0a6b93716e11f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
24b8d49e8c51f4f5e954e18a1a4865f1

SHA1
9e93af5a85a596b4455fbe0293cfce2ba17dfad4

SHA256
dae5e0eba861464b9e347e3c039c2d553cfdd95c6cf8123103a049b685796e6f

SHA512
d9833ffafccbeb34e91bc208fbccaaa8e73d961150654ad1ee458c12871811d0b32fa27cc1b4565696a64ac642d249949bfea03d71a67d35fa75796777a3cccf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cb0875b15f8c2c3bdc35c05648486d0c

SHA1
4b22688f9062e482dcc4efde64076766e4866086

SHA256
2a3c344dc72b676f6cda2beee3c07e3198138f40fedf6eea83907efdfbbdc38a

SHA512
761d35c195f1976a21e10b2e279c41d7b20bb372560d404eb7fb0ef5dcad4d887d4c5eeb99f36def1003965db34856626bf983d49077ec14ad24241e4b3f5f68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
674d08a32722588cabcc1a658f272437

SHA1
cb6550207e179131be9980c7263cc73eda0696e7

SHA256
2051cf9e08c1a529e6edce3254f80d50bc228bbbba602f07a056a3faad728417

SHA512
2acd7781e6097b951d550513dec5b2057e7eeabc8ea1769a88a403a4666d46a30ae19a4285261327b251dc30a0c20853b8ae262a1440a6f27ab19f0630108470

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e4c6e13d8a3fb66d929504b5afd8c607

SHA1
fff6a3044d59f9a756f03bd05a24f72250b2e071

SHA256
8ba24aac065cf4b3f67cc8754c1794b6c42bc1ecb4ec0d57db831fbc50ff4540

SHA512
e73d0c510749406eee23ec7dcf7a4c2ef19e6d05cea7fc81cf0efc9720c327c27320adee0b2122b51c01702daca9bf4dad24d0113f30a60229fde22d99e4ec88

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
be3aebf94f550d70eda1a0879c87bf5d

SHA1
53189291ac40da661bfa19f6c95a4011acb22848

SHA256
9a7e0edca9786bd2bd6f1d9f54f157393738087a9755b37a3064b8682895f595

SHA512
9b7a659bd48c05098ad7021db85800084f2ce23acff693638a2682975ec310ff8747b8d140f706db10b7f53248991ce8cc5b1624ae4f0eaad7a4f383c1bc99f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b7014d2bc2c439aa2b8710ef58bce9b7

SHA1
12bee76a0d8cfd0a3066a1e17a6d619bef355dc6

SHA256
34c413d5ca0527f19c36806fbe8d4b612165d2cec586348f3450c54a8a471306

SHA512
26d33022c7a07cd2227c840ab046a2d0d99e6f2b2e17db63d98b3d360d9a585f87d658bd7b374fc731fa3deebbb417d1d9582a8fc48de881b9a87d8db09cd0a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9fd5e1fc2712e3e83fe089bdfd28d7d

SHA1
dc55359ff493fdd7605436ce1115eded33752db1

SHA256
a1f1bbf12c570d6a88ba1bd43c10a5ba1c38e1d16bf8afeccd10147f5e3fc557

SHA512
3adcb2291f649b62d928946516d383357ae21eec7f532d105bc7e1e9e458abd41752fffe3876c1dac3885da8ef4dd8a6379737f9f59a07b2f78c912704051cca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0302d68b9eb67732ff3f39aede14dbce

SHA1
a51430c5c9800c3c5638fdcbbf0201cbdb5c996b

SHA256
b462affc8b5cada9b145dd94b765b26a853477e698c2729dd4903c0af356835b

SHA512
ab00d7c486d3ee639cd9fdcea33d1b427b71eeeb39945468b4d7a7e73f8591a8814fffba6cdae1839560fb558668a4ce11e4215b0bbcbd4a54d74670a5e3f9d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b13f7fb2c9bce1d7a364da6e3fff9b7c

SHA1
fb0fd79d0e95c966838e1b115c750ceb422410e7

SHA256
a08bf5f58fd29ae068fc621b5a3366f97818300a44256dde33b7a0782449f639

SHA512
34c7f1d0453cfef2ba79a07720cf94685c917e9dc3cc8541582ae309b76d9b3d40f2b35456e086c82358f60c5580de9c971ab43be3f9a449dc3d9048218fc4c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3a855bef7b4c8dbe299c350ac0fc8ba9

SHA1
1e9638d18f90ed7c049e2284f1e75409b6f2639e

SHA256
868101cca36ad4d741539ff80f2102768b07e662f7bba124e0e7351d6d865152

SHA512
d80557937670606ad3167b83094fce1900b6e14d92dca46b5e1b550422eed7ace6e2c4e1b0623069ba759f893936050c3ff0f7b7f913502388cea8a96589df86

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
12767a8dde0332edf7d2b24fa75c1ee0

SHA1
bb254649ae310c6484daffbff20ad785261206c5

SHA256
367effa3d1962cbf7a319274367c667852b6d76fccbce5b6eb364cd4a60428a5

SHA512
6a36dd655cfb132c626047c66c0cf6fb5fabb2c4da48b896a8bb0db4af9d256207070b1e0e9b48b29cf987a433b4e48b324c9258cfc5438be373658624746717

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee728de8705b631efacecac96ad9dfb3

SHA1
02459ef199d22e1c2406da87d9a29782a133f47e

SHA256
899ad5cb8f4da0790c595543c8d477449793f7062914ce58e2147c1745a60b0e

SHA512
8794ba35fb9d0d470c0ec9f2c1ed1300139db265f524db0502438f806aa9211509a7f5898644d33dd8f609fd840cd70793d289807a9a1c8a2f90b0cc600ce19b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dadcd140336983f7af5758cbf34c0b9d

SHA1
01178b7c4b30bddd91612e80bfd0ea855568e2de

SHA256
6262f48876f96f13500b4b507ddd0c18eb810f6cda4c3652cb1d0b6019930417

SHA512
0ff2e1728371406dc64e9801289765dec4c67448e9f4e310496acf27f657a892bf22e7f3efb482d05c963acad75087e0104ba367b7a3bcf4b73b53c53b52432f

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabBBE1.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarBBE4.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit