hxxp://southjerseydirtracing[.]com

Analysis

max time kernel
320s
max time network
320s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
16-03-2023 15:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://southjerseydirtracing.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133234593315347923"	chrome.exe

Suspicious behavior: EnumeratesProcesses 7 IoCs

pid	Process
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
4108	chrome.exe
4108	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

pid	Process
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe
Token: SeShutdownPrivilege	3936	chrome.exe
Token: SeCreatePagefilePrivilege	3936	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe
3936	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3936 wrote to memory of 4632	3936	chrome.exe	66
PID 3936 wrote to memory of 4632	3936	chrome.exe	66
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 4816	3936	chrome.exe	68
PID 3936 wrote to memory of 1152	3936	chrome.exe	69
PID 3936 wrote to memory of 1152	3936	chrome.exe	69
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70
PID 3936 wrote to memory of 1936	3936	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://southjerseydirtracing.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x88,0xd0,0xd4,0xac,0xd8,0x7ffb15c69758,0x7ffb15c69768,0x7ffb15c69778
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:2
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2684 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2672 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4340 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4640 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4348 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3672 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4348 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4344 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2664 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3008 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2980 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5524 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2680 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2312 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=1460 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4620 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5584 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5660 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5612 --field-trial-handle=1788,i,5670802083609201858,5461539221957896561,131072 /prefetch:1
  2⤵
  PID:4088

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4408

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
120KB

MD5
0311754ce4b5a1d41cb717bab783721d

SHA1
e969ea7d470bf7ff0892520988c04859974fd9b1

SHA256
01aea9796eca432e9332ce424c36e88b0e9408ca65006f47fba7ff8dee8d12b7

SHA512
751291df33b403400a70238c2b311e33223275fd6f48961831426477799b002cf97923d2e1b4d811d3d6871d49778f887f6901d567618b38b22d3f77e07f61d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
48KB

MD5
1b9c1e8370195031d590eef7b99f6115

SHA1
1be30d513278183e269cf250e553d1576846bedb

SHA256
f053ea01e99484707619c6240c88f9de2b9763dd8fb5a301394da5df9be95637

SHA512
484257ed9063b6f9fd4e87edadcc0a18ba362237ade3d8c9088297d70aafec0688ef43a1571cfdd2cb5f7db472ddc56a63f838ba605b472ebdbfb86419dbe3a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
47KB

MD5
077b73503d7ec97ddeb16adac760343c

SHA1
2305bca8fb99a70ab6fd778d5e21d47eab88e204

SHA256
b1cd34e2f07e1bfdb3592a89c3ddbb466fb0b4bd66e2c117eeae1e1082245519

SHA512
5bc1279cfb61c571e377e344e975af350a5347f746e11f813a4ca2a6d042fe487cc37f81249bf6ac5d036a5515a272d73f1c62e0b4bb85c4b40f25792e567e3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
32KB

MD5
6ae3c429531bdfac37c69fe554ffdf73

SHA1
bc569ddde4cc0cc9c2be4c8d3176b22858bce11b

SHA256
925d203a411629b47f73bafb349704460406386e76a39db249e6f0e4703688ed

SHA512
16114fea0b039a1c8df9e573972ad35225f39e71b0e1cb70c3a4a5100060d927cbaa8fcf44aa71e9bcc3d46e5f605bf43d26ceb73d9c9fe9e7e4e4ff6b46286d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
25KB

MD5
acafe4e950a9c416aa00b5acddb0e067

SHA1
e6fb9a0047ce336eebbbfd5e40beb54ed33a6dca

SHA256
b6bb60c7ecc4890928f57fe2307c88003e155180d7e78c52f3548f0ed11bb39f

SHA512
ec2cb69d88edfb39cfa2bc0c374b95b3c29e6b227cf3c4728b23620c791e26b756029d7b2c11ebf4ef0a15ce8fcf3e94408ffd4e87ffdd6ffdab30366721a92a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
ffb32871489928cd42193919d5614382

SHA1
db3a7feb9f15969fe972e7eae2079a682e48db59

SHA256
f30dd91db0b3183d20d44e0c1ddef46721a9fe93580721b29267afeaf3295d50

SHA512
6b0760dbf428c5221cf1da94d7b509acd4a6e023a71c869bcf126ced10f599ade39c8741192412a8068c6aa3fb1782a3500e39d411f1b6ed3b117c69399c4aa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d8750a60505419af03581cd29efd979a

SHA1
4858cbf23eb7fa0759c762eeaf815b6e513f89e9

SHA256
f0a014bcfbbe9ee700000716e3a366ba66b0b82b96057fe42181e1ce51139b7f

SHA512
6348f518209a4938d918ee29fceea5c47da3922b4d891b83828e5f1d277431961af48d266f896cc76a761be2da74d6926e594190e4610d5819af963fa65056d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
d158fb675854118f46ed08233fb0a859

SHA1
46c051368ac2f78b0c508837bcaffdd896c66bff

SHA256
bed9517b35f9e4d07a17b37c085ab0f662baa642d6cddaf7ec2d8633b1a3ef06

SHA512
986d1ecd04ebdb3acfb416f172bcc485c044972118113c278cdeee60f5ea87ce7031e582db9dbdad2f6625d94053826fe0d98af4f569b05131c97df139368498

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
eaefb08ea9b72a0b5740285f5b01d137

SHA1
fb8442d1b22714161c9104d5b5dcab102edc1f71

SHA256
79b53f967c5a8296b2f00c0fb53aafe1381946957e4dcc6bfc9dc94e9518fdf0

SHA512
4c00b59b890715c8674739bf7c1fa0212a3aefe97465926b1afd76cbad20e872a0969ea1d5a9499057bad2e7b788ddeeacc24d7c6a4382fef46b4b4cb812fea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
02b50611dea90b2fbe5d1014b318fe66

SHA1
7afcc50239aa9b7245fb4dcc21dd14657da10243

SHA256
5e5701c273d4baa9cbeb8209adcb6abd567ce852997b89f18f8604f07e962c9d

SHA512
1f258a5af7b15c515879b1f9e4186bf75c458529ecf3558189f40d28b17ee642be4f34db33cd45aa82199661ccccd39edd7bfa8363fdf513d378c8fe1760d423

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
e6c27ccca6153eb617ebeb2c04ae707e

SHA1
b97fff4092d330e1a5c7a8c8379622a839d710c2

SHA256
02b3a61d81ef82465a2f707f405ec9f25b55f6423e838d58ae7e2c9b7ca839bf

SHA512
46b76b2d221cedec5c8bdc495c4c49896b2520f6bbac84c5ab1952f77dc946ffb4907e31c4ac8e66051323bf4198838fa5c51be2d86280e82ced13bd4e05ad98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
61a86ff615429acd0080bb04a3aae77b

SHA1
9e693ec55e7c3aec6224a3472804917fdbb5416b

SHA256
468721b41e168e68cd19d05ff690baf8719433004565c2d1d34bfc17b4d58838

SHA512
c4d721995a58ff95cf73b171d6ce55918d9bd697450cf95838142ac5653b97cc27ad9867bcd14e35f74e4e5e692dcb23a3fd68362ee698c09eea8833c1653082

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
da43918439827a15ff4a831386a37f79

SHA1
3cd57e714820d9cb987f117acfc029f7205ab150

SHA256
6d6daecfe2c0a0bc7da92cbbdbfba76f59e86b901a5c53bf23f2be9c11f41dd5

SHA512
1f0e6d4276725ba9d55cf3b380b84486c8cd8e91233bd6dd6b9769af8375ae13cdc64d76e5112439d65fa341a804030c9535f28145734adb96745e2d04796f67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
19b7571283ec47d2476c4a3720d16486

SHA1
1a21feb3ed410214e14fcdabad1b62ba38bbc65c

SHA256
7c2773cfb2c0b74d92d7cb0421d529a60c813a24670a2bdbaa9e30e85aff610e

SHA512
cf914f1ec838ac3ad5aefb613cb0a6472042cf3d533a12135965f44e7a3fc3c19d59c8fe35d038727a12f67a8c545f43516bd17e8152272a3778ce35b394ac0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
5833be61418ed00adeb3b05e3173144a

SHA1
bdb4094bb09989f24131dd0a0f5cdc413df1441a

SHA256
29d174aee09fbdfda9dc39d34488b16cdca203d986419912b94112851cb72a55

SHA512
cf22e4a52e380612137fce652c49c26cdabc7c2949e63cc9481d07bd484e504c467c2dc4b2f9b93186902dab2d14128dc55c6b0525ba22cd752696cfe05df4e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
2ecdccf9a7c6c8b176fa9c7105ec2450

SHA1
8ca16527b8b1c74c2359e106f6eb176d1e6909e4

SHA256
e2e4a73c667f670955f346fad2acba24d57da67fe9c373a1b4d8ffd8aada61ef

SHA512
4a579f5ede6bb80a9aafa3e33e4f9c257ecc0bf8b805ac3b257903c17d6deff53bf418ffa12113b291e904141ccf70cb144cd3e23f428ac7fdec45af1db7701d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
870B

MD5
7a3becec6d53fa15f66e463931e320e2

SHA1
385f7af70c4e07be76332b47277b0cc55cdeddeb

SHA256
1c7c97557d95f3751dd00114dd828770427bdb5f5f40e16d2c80f242ec6fc0ff

SHA512
a5e5002dc896ddc04d736ea632791c58f0137a7b47e4d0d7751d0ff64d317f1d509ca94a6a77d3ce6f8eb1d9128eb6fc763a3b1dcc3f22bd8c2c3840440c098c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5ae83a0076c392ac81c14014ae3b404e

SHA1
85aa7a1f873fd723697f78a28d90ed92f8f923f3

SHA256
2f94a3847f7d0eaf08376a8239c294d9ebb38fbcbec278c26846ef08c0e5cca4

SHA512
2cc170bff693acdc1c94827a7f63f54b15ab5542944924e077705820d92140c673efc71fcc4e00fd8a24bbefad939511bd2aa4e516a3527f3cb806179866c0fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1f9cf2a8b9a3cf3a61a8feb9315e0f92

SHA1
6bf748befb9f98bc1d4d02f4907942f754d8b990

SHA256
cf6e1889b902e8737656235feb7a7e5f18f6dbff00fa5dc12e9c7bae2f243b85

SHA512
e7d4fd9b7c5ef0e41dcb25bf14d60a456758b5b50f9c57f3b281ab522736c3ec3967a4fc39bcc7e83460430ba1e30ce3a3ae538753bccbfa0dcc561b7f9bafb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4f3c98d1d4298473e65f7e404490761c

SHA1
dbbae8c4d32c2dce97abb870e0342732d8177830

SHA256
36c0fa8d856748324daf3ac5170d37bd335ac194dbd045e2117eb8d81215204c

SHA512
c3a0afc2f896c5b95a0cebebadbc85d4569d11789fc3cbf296b88828998f4a6c76b776ba01eb1073858a23aa408ea876d4e2ff903c1453ef8fd2ed8b86f7df60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6ebacde8cced0628077e05c5834b0777

SHA1
5614311689d55c4520364ea429bd5195aa73500b

SHA256
35881516af7fdf4ed58f41afdd87ed07f81397cadf10031c4f2b1b75d2fc31c5

SHA512
457981a331f9202201513e8c9d16c7c7fb31816146a456c6e93cec7d0dc0e3a7f4a32201d82e5ea1cb0bcecc8eaed2234668790c088ac41d76232c33ba3b92ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
42d709e29e5693530d4fca8f44322d7d

SHA1
fc1bcb123d275aace2402b50ac3e04eca7dbc7ef

SHA256
5a83cb1915b64108dbde87bd1b70978e2854d7d14e52b2fd3e439e213dfe000a

SHA512
ffb47b7d13ef9ad2274dbdbce4114189ed4f3c07b07872662595cb405d29c16312d1eed0ee55fe89ec872c53282675e291f7e43c0eb858dcc94b5997c9f3eeff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
52554122c3380f456e00a392c1380c23

SHA1
66ed376137520ece5518efa37813ee44195680d8

SHA256
18264871898d378ae46e14f8b180d65254f749c9061ceafa2f2eb7463d96ff87

SHA512
500d09ef805268c3da46e669f3ba7d4fb28abf5319b4a2d231e05699112825f8fa97b5fb8e9e7eaa5cead1fde0da66e4dba6e52158c460cd6bef4c44eec4d450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
32a81f8f88647a1abf84b06697abb15d

SHA1
4e001bd7c8e8692210ec2cf2a864a18f959eeeae

SHA256
b7d7af93ef171c71c44ea11870b4a47a0f967f49191785ee716d426c5b822630

SHA512
9cfe3226744f71735a31bca6ef006f4a90e44b6e60bb9da3e92e772092bf03df15b6fa55d46daf033f4f95d591899a2e50b22923ba0cb6196c2a109e0cb1cfdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7adf24f87f3f9dc2930cc719e275e0e3

SHA1
7dd5ba212226a9e8caf05d2cfa22c443f887f5ae

SHA256
17b955d51344cc03bc2fd7b7bb772b5b7638772c53aea73f6ca30352e5d92ddc

SHA512
e5852bd0486d44b889b7ca39676d06f1b9644e4afc55a7e8a9ad560163cc5faa7472b46708384b26da67a2816d6778302a5403579b59a80efb378f198bcc24c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
163KB

MD5
7f9b18aacdf7a5a54d931536a41c4791

SHA1
4753743e76c9b98021ea8656279af8f8be8bfd3e

SHA256
3654caa22159c0e852259323a1e1efe15417bf82b0a6f764e84d6c903490398b

SHA512
451efe59f390d4d76ee37b456af5a7168e96eddfe22549e975314691542c6eabdd10b0e7e0d6b609cf8c2f070d4c72d152d99b4febf8f282633ef672ea087947

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
4cf00094a787e0477d725544852a89f1

SHA1
2d4333909bbe7921656be96cc77700f9c4ae1eff

SHA256
73dc61b55b73438357c01a5a639e05da11a54cd523f1d1a1c0ca82e8d69bb9a5

SHA512
9eb8d2eee1821b52bbc477b674d6c96a979ba4663fcdde39fc2b61f3002fa3b985736eae05921663bb0a965fb384dede2eb87ba5c4f5e93d351e6b652ae86c9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
85bb1a287b40399903dd0200238d2d2b

SHA1
9e2e88ebc12317881f42810d5f0f29fb6d54bd09

SHA256
5d74695f654106a6fc1157022dbcca11f93cc1679dbebfa8ef89448557bbb40b

SHA512
934af5d8d6d3dd08b54f9f4ba71d45341afcc1a2d8cf03654ce8a3d9f9c6aab9158c9aac5c65780d95e2addb81819bcc06a328c101b5283967c0f9baf24eef87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
d5ee7b5e06d349dfd17dd660397e5e27

SHA1
c7558e40fea65c37f53275ff7d9f6cca3cb2762b

SHA256
a82c858f03442fb610d123bd10eef94ff707ae4ef89c799dd507ba2cbbee03a2

SHA512
076ad59467223e6999154730b893051bbc60f808e15773112025fcfb6de9dd1ac6c8ba18d90c16e3e982c3930ab91014c21d1f3d008d003ba6b173aedc4c459e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
1383c839e89e2e9914bab1ef63f87701

SHA1
98e29131f53a2507d15be90ff7ce1fc66301b8c0

SHA256
f724dfb32dcc4b9d64f0afaa519bd4712bd621bce429ca77e7e99faa0789b7cc

SHA512
fee9f87f1d5571d51cfda43755999adba289660477c06ac4d96d65b0d448144e1f552d727e3f6def32a271a8d9b53c8cf1e5b28f13cef5a245cb6f6c41cfd80c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
6d086eebea9f5fc0840f307e314c61e9

SHA1
cbfbcca18e08fd441997b4f932a8b67a7ff696b9

SHA256
a566256f60049f82ef7b0f7eb82c67de02b0949b403e2d11b37e9d6dcc2759d4

SHA512
eb7127ccd0e533ddc0d6bbb3056ff7b4ca6bc76b199dcff75aea5eb4878822e4ea6bf3aa27653adcce5c77202f910b53faf0a62a196c57a61df9f1e9b50bb0c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
ba08f3dac608c3d3397a871173f068cb

SHA1
2be79cf1d17ab6b04676c8828ec82b0d1c212705

SHA256
d936f346f43f48839a478669329bca880bef12332a43260f07013fb6d59011f7

SHA512
82def5aa8c704da8a4162262698ca46483f51c88ae44d0bfe472350bc74b0eb1b41415572ae4564ceddc9adaa8dbd0f35ddb9c3eba5a3e3be3ed5e642b82e8c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a6fb3.TMP

Filesize
95KB

MD5
fe09cd6c1ad75a5952fb869d53fc7bb7

SHA1
54b55900a11132a47cfdd54b976d83df8d154d2f

SHA256
51be91da1e091449a9901e7e4ef738adeb7d029364885922db1b564f52e8ee05

SHA512
7f4e7ebc1f6376a4005358c634363188a83a081529f3f044d3af1a5c4a1fe493e7ed45498e8f1b61775fde4315b457a1b6ce07e3b714d62b745958cf762b8a98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit