Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
-
submitted
13-10-2024 22:55
General
-
Target
log sender/PresentationFramework-SystemData.dll
-
Size
8KB
-
MD5
dca6f1b8644df5d0890a7dbc6411e86c
-
SHA1
27066bf658df2d398aad6003ae8496dcf015a4d5
-
SHA256
48883bd04158c2456ea1be831b559b594fb86199c0d9618e7c3fde45a986ab26
-
SHA512
046020ad671d37935eb674988186eb6a8a28b093887f572a4604781be3f8fc6d9df96a00580f352789bdb7ea0f8ebaf6ee3cf13c6be5118bd1df290a3487742a
-
SSDEEP
192:cmBvnnwQh8N/UH6AKwBz1o5fDzupoiuhuWHsWYSW:cmVnn98N/Y6m3o5PPiu0WHsWYSW
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 64 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#13⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#14⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#15⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#16⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#17⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#18⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#19⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#110⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#111⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#112⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#113⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#114⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#115⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#116⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#117⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#118⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#119⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#120⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#121⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#122⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#123⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#124⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#125⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#126⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#127⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#128⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#129⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#130⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#131⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#132⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#133⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#134⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#135⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#136⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#137⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#138⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#139⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#140⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#141⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#142⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#143⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#144⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#145⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#146⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#147⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#148⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#149⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#150⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#151⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#152⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#153⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#154⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#155⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#156⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#157⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#158⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#159⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#160⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#161⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#162⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#163⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#164⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#165⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#166⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#167⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#168⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#169⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#170⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#171⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#172⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#173⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#174⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#175⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#176⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#177⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#178⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#179⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#180⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#181⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#182⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#183⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#184⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#185⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#186⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#187⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#188⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#189⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#190⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#191⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#192⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#193⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#194⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#195⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#196⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#197⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#198⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#199⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1100⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1101⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1102⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1103⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1104⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1105⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1106⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1107⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1108⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1109⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1110⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1111⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1112⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1113⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1114⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1115⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1116⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1117⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1118⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1119⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1120⤵
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\log sender\PresentationFramework-SystemData.dll",#1121⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-