hxxp://makindjsjonnyrs85[.]top

Analysis

max time kernel
150s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
11/04/2023, 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://makindjsjonnyrs85.top

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133256967112110270"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
840	chrome.exe
840	chrome.exe
4204	chrome.exe
4204	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeCreatePagefilePrivilege	840	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 840 wrote to memory of 2028	840	chrome.exe	84
PID 840 wrote to memory of 2028	840	chrome.exe	84
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 4544	840	chrome.exe	85
PID 840 wrote to memory of 3644	840	chrome.exe	86
PID 840 wrote to memory of 3644	840	chrome.exe	86
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87
PID 840 wrote to memory of 4536	840	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://makindjsjonnyrs85.top
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffebbbb9758,0x7ffebbbb9768,0x7ffebbbb9778
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1808 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:2
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:8
  2⤵
  PID:3644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1308 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4428 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4532 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4628 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:8
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5052 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:8
  2⤵
  PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4716 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:8
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4736 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=968 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2844 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4636 --field-trial-handle=1820,i,18229766509579563014,10401237984164510683,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4204

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:384

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
882B

MD5
9ab71e68ce599d2b4dafd2c2ad89b519

SHA1
b1704c0b0489283075952017afd996fd8ac4fd1b

SHA256
6cc2e9823eebfbea929b7e88237fbad79a07d9753bb141db9677ff758dd3d346

SHA512
ac18dcf0913c6b42631990158e9ffa86faaf8fabc2fb3c3742c7ee7499b1fae34f09010a4abb8c4ab30bfae5a429d5e91f1ccf22c2b2577648648263b7f5e825

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a77f31bdf9d2fec70793d28b6ebfc7a3

SHA1
1f07870db48ac3be6d893524c3cf949da1569459

SHA256
e0d8a2a9bfb48c2aa96617c3ee066ff194bda5a5c9e72aa2d509f76c74762c99

SHA512
9a96ca5e10c4e3a44437b0d861b381abf88596ec4c5fd2ed51e76bd6cd551259e0b1f122ae0c195e8545ed8ad4732bedbf9a62df6b13c1d4e810187b9bcc0ab5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a1612a93f33f02ad9ff9820b67250145

SHA1
0168917bcd2ed0c76b1eed76add27cc7b86bcf4b

SHA256
f16c5e859690108bbba11b1d8d7e71918e82ea200d504e177753a40f2a8cc95b

SHA512
180d0b4796def07c919c5bf254a3e2ba1904a6065c1e200c962c12697a7d0747a06508a2208f935ea559cdb1482cc0278ee35923cbee8e1024e4d48f767884de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
05afe937e4bbb9923e206855c9d0a655

SHA1
b262eb599d8c61f26d0b432f42f7108c923671f0

SHA256
1bec9aebb8df3812164f37fab8400caec549b21ec1aa42d366efd08c2462eb4e

SHA512
73df9dd335505d7a4d3dd3f3b9f144ca52ae097acb836d93ed6ffcbf87070c7f7fab2034ca039095f5730d8a93a7700629dba571acc10201123936dd052bd8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
8c34e5f780f5def96ab4eb2b485fe46f

SHA1
93e4619e57c3d8e94d53fff9a8b79e091936432e

SHA256
a934c29170f0eb67ee72392489dea7bdcafc9b9d320568caf241be4e31c135f3

SHA512
d91be5ae502c853ff33ffebb8f3788a3d7a398f962363f7a4dd6b837a142069293ceefc1aebae52dbfacb3515ea2a63afc8712a94da0b4a63cc4a554558a37d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit