hxxps://www[.]tigernet[.]com/clemson-forum/thread/hahahahahahaha

Analysis

max time kernel
197s
max time network
199s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2023, 21:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.tigernet.com/clemson-forum/thread/hahahahahahaha

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133227872865176049"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
5276	chrome.exe
5276	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 36 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 1804	2136	chrome.exe	81
PID 2136 wrote to memory of 1804	2136	chrome.exe	81
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 1600	2136	chrome.exe	85
PID 2136 wrote to memory of 3868	2136	chrome.exe	86
PID 2136 wrote to memory of 3868	2136	chrome.exe	86
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87
PID 2136 wrote to memory of 3280	2136	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www.tigernet.com/clemson-forum/thread/hahahahahahaha
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffded759758,0x7ffded759768,0x7ffded759778
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:2
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:8
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:8
  2⤵
  PID:3280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3180 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4812 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4860 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5028 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5656 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5600 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5888 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5588 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6232 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6272 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6280 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6648 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6776 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6044 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7348 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:8
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7400 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:8
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7688 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:8
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=7480 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1656 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1788 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7852 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7916 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7600 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4648 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3700 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7884 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1772 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4712 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:6128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7632 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7452 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7592 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4580 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7416 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6340 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5440 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3992 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8308 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=5448 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=956 --field-trial-handle=1796,i,15755979972899528209,14280451063315427662,131072 /prefetch:1
  2⤵
  PID:4276

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4324

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
26KB

MD5
f0d8ee48565a94b8fc90f77f7a797d88

SHA1
14347a766a7ba9a4b5d22c051bc0710ae67c4caa

SHA256
5e2c73e9edc585ba47d5db8d65cc4642a9b6818235b81ab9d1344d8e963223b8

SHA512
7456fca4540767a4f113f7f49b9a1cdd132ffd2ec2b57c416050032212ee20e7de773acf31aea5f1dd72128c34a317b382b7f81d4ebaaea2960a7e3cb839e03b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
912B

MD5
ae129af1853583f9b3ae83b9c52fdd6d

SHA1
1218944c546f5226e12ec2360236c16fd5de42bd

SHA256
d840630203cf2122560c743b9a231f69c65cb16ea9856ded689d93677265becc

SHA512
4fe9b2341c7b558cb75b2440fcae7d7fb35035feb979543223ac5580f336f4e194406baefd6214bfa42c5577f27b5aa5d2e79214527f47e1ed140b93a8313641

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
26f32bbb68bf6b3897df30e3d809b309

SHA1
ee3871142eaa5426caa3bfddfbd5d4ea2728c48f

SHA256
335a9fd2a4c7cf9b545ea6654a8cf91ed62be81ba51503b5e4e8efda0b0512b0

SHA512
e601347050cb5b4c3101f7a3deb079d95f08a6c3b4a9ef1c5642a9dffff1a21f9e52865cc483a3e7547d135cd443dd1754850870f1dfe04edf0e0dcff4d078a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
21bf2ece9640a023ac7fac177ae7ff0d

SHA1
fab4156e958e4064633dff94a1f59c078667f780

SHA256
39a097d438905e28cbf1325d9a73d3306fbb12e0b316beee00cfd780656cb9f8

SHA512
c407ae178b0b5c9ffed797ff24b95fdf5f820ca4cb5195d63a4a30ec5ce3157313e239ae85014ada3fe961a35eebf8405c5697109719e5c2a610d35e2fe57aa1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
bbc6b3754c0103fa5e72758b2061193d

SHA1
b39787d6b6dba35226cc065c655263cf804d5535

SHA256
893ea0fdf59654782cc6aa1ee2a5030374cfdf1500dc0596ba53aed9f9c7e6cf

SHA512
22c82fe4d777f79b19facf136a57689f7e773916bb48f5fda3df558081302dd60ed35d1e2ac6acf0b1d094ed3cee4106e1ab2f2d87ef4d9f9d4d6156c095b1c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
16140307e1e970a61d288069a9a8eb70

SHA1
7a619da3423d63054433953b40a3b1efc59b1ed5

SHA256
fa2c514414d47c5869395d830c44e9ae20c744262fb2110568a2a7a3590a3cb5

SHA512
885b6cc81c4c3c5c159a33a5cee6ebd3da274f0f5a0d51fadbae1ff2cd1c972577d7850795bb0c46a2c6cdb953eda5f4d99f19c51119730a4775b3d444a31eb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0a0c882f0eb5b7e9565990c1c4d7243c

SHA1
2fdbd3bf2d7416729b6cd6e8bba8081e0c7ed360

SHA256
5eccf552be7c8090f35dc563c8872d0a4822067621d3f2a6351de164c33b42ae

SHA512
dd702d26d7640fd7b24e24e4ffa26aec0f7616f6cea797d4d2d6b7c92cdca13e1ef4556fdaf0bbff8cebfca77434d743dff06bd65f217bb993156cb0b2a87b1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
27cd5012b74a52b2d815b7219bf3673b

SHA1
d3e3614a2a732ac28a690f12618459b8d6524382

SHA256
1c439e37e988b5506c33f1a81f81cf0449be145dd623a374c076b93aa1af17f6

SHA512
a9cf5a21ec5e48d4c730053165f03236666aa2b3bf75539a2cf43e50cf81f14bf37bd81cc24e420c9f56c572b65d2d8412607758edae0e4e567b398d2edb17eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
b83320a22aef96445788b00e594392be

SHA1
12caf11d761c1690e04ae75140e277e79ee1cc61

SHA256
d6f7e0df6a0d9d58d66846f06e38c4ba63ac46601e00cd72d041e8bdcf3aabc2

SHA512
f2464f8b9abdbe63958bde91842335a95ed9a81db3dd675bf0f732ee106f62cf5b7664650a56367120fb545815d9ffde8a199913b5286421df89b7f26686134c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
1a7b45527e2e77cf8e4524387d24525a

SHA1
d6b1bbf36a89017ada460ab261503be8186d0b95

SHA256
dc60312c31cbb3ad321212ccd6f5184863fe6ab6d4abaf45c61d121cb1e8ce79

SHA512
c282c0b3869f9c36f6bee7bb05e6a3d7fdf7068f6a1db323fedbde5d6d1c6aac7832f8d1259ab392e1951259a068e78ed5317d992a5b03bd08110b6536b936d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
68efe1ec62a1cac92a78462ddd4610fb

SHA1
616d0fbe54a6bfdefaac267041a6fda50131e866

SHA256
238f2e412340a7da7650b93f3aec455034236bea186fe02b7315b6a569f8a66e

SHA512
08df0460cc14fc92e517ac3201605ba933a84204dc82b2d40815f49845be42f51cea47c643069538e9e712a39e15f5709cba8192eea0f1b3eebbc72806702f07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c6e98a73a55fc047b697a1e10557f16a

SHA1
e15d3ee61b037c4f46b4b4241e2ac4c2126eaff3

SHA256
8c3fc7fc6a80116d9f05f8a5af61d0feb9a726bfaa1613726b9f19ce9d25583f

SHA512
397587ced0245766d054ed8e7a2a29498d818f31722348f51d5be86d57591d1a4bf9133e053fc01058145c48e663aedecb4518a762f8dd56ba02524b9d6e3656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b8572be53b8533e086a3718de020c553

SHA1
48a2aadaf170d9cf1fe480632d8d8171f84350f0

SHA256
e56122a5ede0f8e9e6c03d520a4385c210708fac83f9064b56effa511771c319

SHA512
a975b2619a1f8b243f284baedb1106ca94c32b643587f0419059ce19366b5ba0290330602b80fe5f313d13a32a5a37ca7eb081b10d21ba9373fdcaa44b5b03d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f54de0cf7d85d1946357b975df8702fa

SHA1
8cf9023720730c4cceea8a2b7644b93eda4ed3c8

SHA256
5ada0e36b346ac2352e6c9e3091daf65a4e4dd6e06a34c9c0c1f2dd4d8b879ae

SHA512
670ea0755b7a3b84e35b580692654b3f9aa42d9fc59c7317296516edf018fc6d9e2b49ced2780ef177876bcb06dece88927e4970ea75f72638374be996c74126

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
05df83261afbed4b27cd0ffa1c16f015

SHA1
e45ff4faead884d3aa73f21f214a9e6ba5ec964d

SHA256
5c6cf058ab66a8cd1615ab4df68f4bb53f07106baceab5ba3f20527f550ea2a0

SHA512
7ad16ec371661189ad22f163174228aabec7d0b964750f65528d825cd95a3cdb753911664ef1ea013e9df7c7e5054f3ee8c9110d4df73564567891d6311289f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/1148-315-0x00007FFDFAA50000-0x00007FFDFAA51000-memory.dmp

Filesize
4KB

Download
memory/1148-314-0x00007FFDFAA40000-0x00007FFDFAA41000-memory.dmp

Filesize
4KB

Download
memory/1600-136-0x00007FFDFBC80000-0x00007FFDFBC81000-memory.dmp

Filesize
4KB

Download
memory/5276-476-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-475-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-481-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-480-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-483-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-482-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-485-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-484-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-486-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download
memory/5276-474-0x0000028D8A890000-0x0000028D8A891000-memory.dmp

Filesize
4KB

Download