Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
165s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-ja-20220112 -
submitted
19/01/2022, 15:40 UTC
General
-
Target
test/main.exe
-
Size
2.2MB
-
MD5
5ffb3bfb8e0b0002d940ad4707d1c504
-
SHA1
ed6402ebc9050fd7c85384ec88343c556df3a71e
-
SHA256
aa80d3eaee384c8a0ba25b3d501dc0c83f7405190ae47877595fc63cf3161dcf
-
SHA512
3f05b5c0c80223ecff25f7c8c6a1d6b6462e80ca918f526b6fe0e229f0c1631ea25bf0f856338551e32f8cf9a2a0c838941136cd788ae89b1826aaeeb2a2ccf0
Score
10/10
Malware Config
Signatures
-
Registers COM server for autorun 1 TTPs
-
Executes dropped EXE 3 IoCs
-
Loads dropped DLL 24 IoCs
-
Enumerates connected drives 3 TTPs 24 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory 1 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 64 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 4 IoCs
-
Modifies data under HKEY_USERS 3 IoCs
-
Modifies registry class 64 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 4 IoCs
-
Suspicious use of SendNotifyMessage 3 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
-
Suspicious use of WriteProcessMemory 18 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\test\main.exe"C:\Users\Admin\AppData\Local\Temp\test\main.exe"1⤵
-
C:\Program Files\Microsoft Office\Root\Office16\SDXHelper.exe"C:\Program Files\Microsoft Office\Root\Office16\SDXHelper.exe" -Embedding1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncConfig.exe"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncConfig.exe"1⤵
- Modifies registry class
-
C:\ProgramData\Adobe\ARM\S\18764\AdobeARMHelper.exe"C:\ProgramData\Adobe\ARM\S\18764\AdobeARMHelper.exe" /ArmUpdate /MSI FOLDER:"C:\ProgramData\Adobe\ARM\S\18764" /MODE:3 /PRODUCT:Reader /VERSION:19.0 /LANG:ENU1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /ArmUpdate /MSI FOLDER:"C:\ProgramData\Adobe\ARM\S\18764" /MODE:3 /PRODUCT:Reader /VERSION:19.0 /LANG:ENU2⤵
- Executes dropped EXE
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 80DA645BC9A75B6D7CB0D505B8C94BE02⤵
- Loads dropped DLL
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 868053A3ADE2ED343303C5CBE7A4A2A6 E Global\MSI00002⤵
- Loads dropped DLL
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 11538AED35466BF5A152ED269158E7ED2⤵
- Loads dropped DLL
- Drops file in System32 directory
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 543335D6DBF1D367D73C146399B1A1A7 E Global\MSI00002⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\Installer\MSIF661.tmp"C:\Windows\Installer\MSIF661.tmp" /b 2 120 02⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"1⤵
- Executes dropped EXE
Network
-
DNSardownload.adobe.comRemote address:8.8.8.8:53Requestardownload.adobe.comIN AResponseardownload.adobe.comIN CNAMEardownload.adobe.com.edgesuite.netardownload.adobe.com.edgesuite.netIN CNAMEa1953.dscd.akamai.neta1953.dscd.akamai.netIN A104.109.143.9a1953.dscd.akamai.netIN A104.109.143.25 -
HEADhttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestHEAD /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Length: 228925440
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:15 GMT
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=0-1119
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:15 GMT
Content-Range: bytes 0-1119/228925440
Content-Length: 1120
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=1120-3005
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:17 GMT
Content-Range: bytes 1120-3005/228925440
Content-Length: 1886
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=3006-7709
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:18 GMT
Content-Range: bytes 3006-7709/228925440
Content-Length: 4704
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=7710-18166
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:19 GMT
Content-Range: bytes 7710-18166/228925440
Content-Length: 10457
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=18167-40174
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:20 GMT
Content-Range: bytes 18167-40174/228925440
Content-Length: 22008
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=40175-83007
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:21 GMT
Content-Range: bytes 40175-83007/228925440
Content-Length: 42833
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=83008-174421
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:22 GMT
Content-Range: bytes 83008-174421/228925440
Content-Length: 91414
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=174422-296441
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:23 GMT
Content-Range: bytes 174422-296441/228925440
Content-Length: 122020
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=296442-539703
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:24 GMT
Content-Range: bytes 296442-539703/228925440
Content-Length: 243262
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=539704-1028069
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:25 GMT
Content-Range: bytes 539704-1028069/228925440
Content-Length: 488366
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=1028070-1932119
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:26 GMT
Content-Range: bytes 1028070-1932119/228925440
Content-Length: 904050
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=1932120-3850787
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:27 GMT
Content-Range: bytes 1932120-3850787/228925440
Content-Length: 1918668
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=3850788-7650491
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:28 GMT
Content-Range: bytes 3850788-7650491/228925440
Content-Length: 3799704
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=7650492-15040295
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:29 GMT
Content-Range: bytes 7650492-15040295/228925440
Content-Length: 7389804
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=15040296-23728157
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:30 GMT
Content-Range: bytes 15040296-23728157/228925440
Content-Length: 8687862
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=23728158-32928980
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:31 GMT
Content-Range: bytes 23728158-32928980/228925440
Content-Length: 9200823
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=32928981-42361911
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:32 GMT
Content-Range: bytes 32928981-42361911/228925440
Content-Length: 9432931
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=42361912-51994427
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:33 GMT
Content-Range: bytes 42361912-51994427/228925440
Content-Length: 9632516
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=51994428-61770145
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:34 GMT
Content-Range: bytes 51994428-61770145/228925440
Content-Length: 9775718
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=61770146-71594257
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:35 GMT
Content-Range: bytes 61770146-71594257/228925440
Content-Length: 9824112
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=71594258-81158823
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:36 GMT
Content-Range: bytes 71594258-81158823/228925440
Content-Length: 9564566
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=81158824-90826151
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:37 GMT
Content-Range: bytes 81158824-90826151/228925440
Content-Length: 9667328
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=90826152-100154125
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:38 GMT
Content-Range: bytes 90826152-100154125/228925440
Content-Length: 9327974
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=100154126-109687076
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:39 GMT
Content-Range: bytes 100154126-109687076/228925440
Content-Length: 9532951
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=109687077-119669558
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:40 GMT
Content-Range: bytes 109687077-119669558/228925440
Content-Length: 9982482
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=119669559-129774303
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:41 GMT
Content-Range: bytes 119669559-129774303/228925440
Content-Length: 10104745
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=129774304-139915151
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:42 GMT
Content-Range: bytes 129774304-139915151/228925440
Content-Length: 10140848
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=139915152-150077360
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:43 GMT
Content-Range: bytes 139915152-150077360/228925440
Content-Length: 10162209
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=150077361-160128263
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:44 GMT
Content-Range: bytes 150077361-160128263/228925440
Content-Length: 10050903
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=160128264-169924321
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:45 GMT
Content-Range: bytes 160128264-169924321/228925440
Content-Length: 9796058
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=169924322-179403494
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:46 GMT
Content-Range: bytes 169924322-179403494/228925440
Content-Length: 9479173
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=179403495-189142330
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:47 GMT
Content-Range: bytes 179403495-189142330/228925440
Content-Length: 9738836
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=189142331-204147140
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:48 GMT
Content-Range: bytes 189142331-204147140/228925440
Content-Length: 15004810
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=204147141-218108139
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:49 GMT
Content-Range: bytes 204147141-218108139/228925440
Content-Length: 13960999
Connection: keep-alive
-
GEThttp://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspRemote address:104.109.143.9:80RequestGET /pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 20 Feb 2019 12:28:35 GMT
Range: bytes=218108140-228925439
User-Agent: Microsoft BITS/7.8
Host: ardownload.adobe.com
ResponseHTTP/1.1 206 Partial Content
Server: Apache
Last-Modified: Wed, 20 Feb 2019 12:28:35 GMT
ETag: "da52000-582527f262aa0"
Accept-Ranges: bytes
Content-Type: application/microsoftpatch
Date: Wed, 19 Jan 2022 15:42:50 GMT
Content-Range: bytes 218108140-228925439/228925440
Content-Length: 10817300
Connection: keep-alive
-
72.21.81.240:80
-
72.21.81.240:80
-
204.79.197.200:443www.bing.comtls
-
104.109.143.9:80http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.msphttp
HTTP Request
HEAD http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
200HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206HTTP Request
GET http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1901020098/AcroRdrDCUpd1901020098.mspHTTP Response
206
-
8.8.8.8:53ardownload.adobe.comdns
DNS Request
ardownload.adobe.com
DNS Response
104.109.143.9104.109.143.25
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB