hxxps://jaqueline136[.]softr[.]app/

Analysis

max time kernel
104s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
27/03/2023, 18:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://jaqueline136.softr.app/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133244226432327426"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4116 wrote to memory of 2616	4116	chrome.exe	84
PID 4116 wrote to memory of 2616	4116	chrome.exe	84
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 944	4116	chrome.exe	85
PID 4116 wrote to memory of 2764	4116	chrome.exe	86
PID 4116 wrote to memory of 2764	4116	chrome.exe	86
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87
PID 4116 wrote to memory of 4764	4116	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://jaqueline136.softr.app/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffedaa59758,0x7ffedaa59768,0x7ffedaa59778
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:2
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:8
  2⤵
  PID:4764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3172 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3176 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:8
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5192 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:8
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:8
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5260 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5364 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4756 --field-trial-handle=1800,i,2527674338152990823,7491053391500997634,131072 /prefetch:1
  2⤵
  PID:3416

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3832

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
982ffa4fdb0aa745591922cee63460cf

SHA1
c333c04ce1b643eea78f1924f8f6c5e823d2146d

SHA256
6fb7c23c806dc4b5f37810ee6311311082269b18926a480470391390776368ed

SHA512
7d38f19296b12cabb9a91b77ab0446dc2f32ca513303bbf7c921e5c9fd5f9168e8f31df050ff67f9f70693011a55a40e2782269de16eda3ca936473d4279cb01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6ae47cc4afbbf30f8c5dfa0eebf4aa31

SHA1
e76d1a5db9271e26282161055b15729594ac9fca

SHA256
2bf72f3e88622387951577da79010989050649840f27f9dcd96b9582a67fd587

SHA512
7725b2379d7c3148880fa234feb7d63456f8b52e47e18b3743ce39c0b691d75975839051e8410ade40233c6862be73ac6af25c1223d90edfdf842d1c2c51a2fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b59017078e006bfb8539dee7efc8eeba

SHA1
c935b67d1d969289d53197f471fea5d1144229cc

SHA256
b1d64a30c063d31427037db7989d425178fa3597f0d65a5d1c8c36df29ea9eaf

SHA512
7a37db67f5c93e8286d9fac998b9a30522269da219ee1fc32361155393be4d6d61284c27b5cc80cc85240b7b14d08880ed2f1157cb4673fea0a1fcc154259d91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8592a3c8438956499b193c1abe9bf53d

SHA1
7003f184799b10100ce23c4635292ac74ff53988

SHA256
1c22ddb5f355608a262ef8e111c5979fee6e6b0fdb589cfb13203d5ba9740f06

SHA512
ce54749ae9fd27662ccd87e1f639939f56b95640a8fe29fe854f158364b0363cf46ef5bb0a08e71702dd0a5b91ccfbb0624359ddcafbbb7c2ae3b8fd8dc24160

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
18e7ae96fa20fe1b7ac4b16682ab32eb

SHA1
effb4907cb6c2aadb7f648cfaa5a3e6b8ea753b3

SHA256
45dc3e9bd873df535bdc15c2ceea9748ccef563738905d13f2605ad40117a2b0

SHA512
209e11c6be3b8e57f12fc4d8d48c9c8c34f1949c7df73c2eac5987425d14a821d494ca81a0fccd3c5c31879e23e6bd682da73002e072cdb1fe58ab370fe14533

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ed926bd5c5a9865d80955b73f62610f6

SHA1
067d437b963ca89ebe58196e49a3e653872931bd

SHA256
650a6d54cdfce9a4936868385e0ee8436f361a2b2963d8aca6b656758e2e0008

SHA512
d184472b7a95ed7e523e4112ea4c00a5d1ed71b31a6d5053c0dbbc9b11ec2ebb51b6aaaefaa3a09c28cf73606c61652fa9c53cd15ff33be43622f0688a37d990

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
4fc51779ae4c7270d36105fea85de657

SHA1
7c4fc3634dc2d06926202b58a1ea58477ea6be17

SHA256
57c20083e9ef620e53ee03882057001b0b92a8071536745ad42668c0e9bd48fa

SHA512
94408f734b27574cde33c9a50b62eb3986d1d57035d8d4853453852716c5fb3c8c49a8cc1206d7d3738442750b2b082745931753857e4834a80f78064e9dac09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
af8b6eaefe1bd2a95717b017ceb3aa21

SHA1
2066d24181fc0c5c0b8e3376752b0be18e4d79d1

SHA256
5f72c53c3eb182ec5fb1c0b582d2ab3b0cbe7c9f16ee70509bae212f1c54f8d7

SHA512
a260fa601e3bc5875784a37e4f4dc1c2e86bbc089b28f4813327ed1183c023418fe4595e4595c45fdca77d4425421fe84402d22a9a6eb59e1a7f988a4532763f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit