hxxps://techplaneteg[.]com/

Analysis

max time kernel
151s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
05-07-2023 11:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://techplaneteg.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133330308001071188"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4260	chrome.exe
4260	chrome.exe
2416	chrome.exe
2416	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe
Token: SeShutdownPrivilege	4260	chrome.exe
Token: SeCreatePagefilePrivilege	4260	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe
4260	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4260 wrote to memory of 4964	4260	chrome.exe	68
PID 4260 wrote to memory of 4964	4260	chrome.exe	68
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2040	4260	chrome.exe	86
PID 4260 wrote to memory of 2712	4260	chrome.exe	87
PID 4260 wrote to memory of 2712	4260	chrome.exe	87
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88
PID 4260 wrote to memory of 896	4260	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://techplaneteg.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab1d79758,0x7ffab1d79768,0x7ffab1d79778
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:2
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:8
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:8
  2⤵
  PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4612 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:8
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5512 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:8
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3488 --field-trial-handle=1852,i,12644470077192951530,17723936002629595863,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2416

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4188

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
5cedcc90fc4a6fe8757391e601a9d3af

SHA1
bfd89f2679bfe969be83fdc8d7d9fa00c3760c83

SHA256
d6a610338a46890ee023e2fa74ca93ca4c99dccb2c9c9f36c53ae7e2edc6d5e6

SHA512
0708f3d55329099bd4f5266f65bb739c605cd33949810b5b5de660a5262b9a773ed193e10a4e47258bbea2e31eac1467817e63449666dedc4163f533c740da5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
be333468874e17eb089a9af49d0fd5f6

SHA1
bfa4fcf504a271e3fa72354ea0dcbaedaccd1866

SHA256
b616b6f038b927b6245b72d3887e02288679b4d528c742a37ea253765c9769ea

SHA512
9e1018877e19237ce193df39ac75602c5983d962fc28d8233be0d4b184f5061c1f1465b6172009d43d48bd2e1e5d1cfea5b8cf19f55ffeb32cf4d8949f5bba8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0772975fe39cada5a6da19a6c27f16bd

SHA1
86cb9a099f6ef0fee82fee9c477192ca56a5d2d3

SHA256
de9c30679fc9f5fae76dfee37f025a6e05eef2ee19fcb4ee909a45ae091c086d

SHA512
d4a5ba0ffbfc097ff6503eadaa8303610b96eb46c571c6efb800341ada17b0790b66e1fc3de4b1bccb030ec7153201f52e87602eec00b5a97bfdbc813d192808

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
7016e60dd06a528e030d21f615c613f0

SHA1
55ce5ba580473d4bbf2f60c16030e603e198b515

SHA256
ebe907f36271228807d56310fde4b61cfc8f1fcc2a08b501258f3c27c3f205d4

SHA512
9efe93afe71a3654ecf015c7d3c45cc3f9cb213104006634e4ae03e76f546432f0e8c3db9ae5fd14d36ee538e738ebd346eac19d8f7c4ca023f17a4d53cbbe6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a0c8f68ff5f7e26e3366b64960080631

SHA1
bf321ff64ae5d36c5861214e01839bd073bd90bf

SHA256
d386531f4b8bac6e531f6da116f92a1a8143ec5c3bd09364c7217517d9e4f785

SHA512
f4465f4e9a2c1bf61fdbe9b7c6d1baebcdcb8887bbb453e089974a231bbc2642090666960663063477e2ac4f2f9dbdd74078547ab96a193fde1c310b625b73d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a28173d18e6e815d6550238fe5c00b29

SHA1
5f15853d8c5d284d8aa40bebda7de727980f442c

SHA256
ebdf19fad577c68f3e36392c8ba00e21413bd9f5370f4181dbb394c3ffa0ecda

SHA512
006c3ad763262526c07729fb1dd11761921221a5b18c6f41555bb15f6483ac67def2c5d6e7d500490a4c07a7379d321def55f9734d59950384e7e2e9f3ebb013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
90c68cd5a6c38e7cf4bdea1a3356079a

SHA1
c3db7e3d279808caf09d1a66315ca2d5de2365aa

SHA256
7960a106e736262536903ff95f834e4819c61a6fdc66b740e79ba92809c6b464

SHA512
6572746d967564fc5834cf8874245f9038599fde0cb85e299b38bc85297c3761bd3f81a9e896e6f76062dba23f3faeb002566aa79f2803a5a8b520df5589f15a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
171KB

MD5
89933ab42344391995f6a5fe3bd14bef

SHA1
26afa9e7c3ff03dafbcfa17efeb60548f72fa228

SHA256
a2bfa44b8cf3c7f7339545521f6882dfc194c1bb2e8a72845167d6c5cd274b4c

SHA512
e76edec8dea347484b06a0e96c25d4a09a74c23862dedbcf16e29e7329a5fd2cd3fa1431463bde747c339fbdf609d6ad72a77026887eae141e9c2919cfdf9b20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit