hxxps://view[.]genial[.]ly/64ad06a81d99310011181c72

Resubmissions

12/07/2023, 06:54

230712-hpk94adc7z 1

12/07/2023, 06:49

230712-hlkjdscc53 1

Analysis

max time kernel
150s
max time network
148s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
12/07/2023, 06:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://view.genial.ly/64ad06a81d99310011181c72

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133336185064213501"	chrome.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
4928	chrome.exe
4928	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2040	chrome.exe
2040	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2040 wrote to memory of 4396	2040	chrome.exe	69
PID 2040 wrote to memory of 4396	2040	chrome.exe	69
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 796	2040	chrome.exe	72
PID 2040 wrote to memory of 1940	2040	chrome.exe	71
PID 2040 wrote to memory of 1940	2040	chrome.exe	71
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73
PID 2040 wrote to memory of 800	2040	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://view.genial.ly/64ad06a81d99310011181c72
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffce4829758,0x7ffce4829768,0x7ffce4829778
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:2
  2⤵
  PID:796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2112 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2948 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2940 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:1
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5356 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4896 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:8
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2672 --field-trial-handle=1776,i,14196888725923769221,5066768586397272903,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4928

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:652

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3bc
1⤵
PID:4888

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
bb49e042f6878d14b583ace785ddc6a5

SHA1
7e0169904e3dc793beab68a25c33a9570f8d7297

SHA256
e4585305e405a383b71246fec8e1e74b4b33afe5e611b4b48b8977d5a4ff3238

SHA512
a9e85f964a9cd26fbefd8481cc41fb12eb912ac43d21466106a8fa6f4b38909ba7f9dbd2a1ad67eda5599cdc332757bdf9a8a2d9a16081aabecbda971f17d1d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d3f2f83acea5831a95880fb353caf16c

SHA1
1ef4d734246c03e0176e3b6ae2de7a4a5387a65f

SHA256
b04531f8670a9c7419d154f2e35bebaab35a2308dec7040de88b7d4982b0b0ed

SHA512
ac7d44decbcbaf2e217c34954d950d835375116e34392ced41ef6c10b8554c16580c5932b28eda3b59e874f32bf33a019cacb88508259ab2cacea362a5dcaff2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
44210aee687321b6e126afd49293f19c

SHA1
678e869019db554eb54b8b49632aac195de433dd

SHA256
6c5d493972727c849497506a1f4f3f48aa28cc123867ee2d28f406787c381a90

SHA512
8d59bb0d45673421b3f1275696241272c1107628e33b42402ff0acfe95195c9122990e0531f826bc7e0ede86a26f2fdecd989fbd7f1985fc3ab2722e8201d271

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
4f93a7c230578da12488f4ecd5d0c4d7

SHA1
3052875b127f5f7219407318e756913a872a8eda

SHA256
1923beddab08db9590b6d6a5dfcba4888fe7ff3954321c26464cb90032c27383

SHA512
9ed091523140f9f0e9d410e567224ebd0fb905fda380cf8a7cf46135c1260e4828636b5124e3de14e671386014b0c76ad930b9c4245183c36b04e6130fe5f791

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
876939df9bb79544cafb7ea47ca6c753

SHA1
06c97e2ea9bb36734af3c23f500a6f16f0df39df

SHA256
256e0e9474efba2c2e937d4d101ecc535718bfdf22ae24a03ddc9eb148af4c9b

SHA512
f4d04b411242fb79fb751595cda292d46049c27559bd7ea2f769302c0eafccef66c493a84af0fdeda42383aa3b1c627c9103616ab29a240af8b66ad802843d00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
11954cac92ee36efec77599be5d38a98

SHA1
b03ae9816f1936dc7daf86d9b402fb63a53583c2

SHA256
23a0e24bdb2fece7312654ef1dc8959a7d876fbcc3266612ad9835ff89834e89

SHA512
46e26c05f8cca5276a9a28d9fc594dd785031cd7bd779eab3915af138c08373356c726bcad87ab7979ef70aea724aa1cd12a8ee9ffb515fe366d97b802f36748

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
1d69daa04f1112d986715ee8f5efdc78

SHA1
298f9ff65d1e62d709edb43ef6863c272b5bc11b

SHA256
47bef787a42d421b9a59cc33eea62157de68921c9ec8b2c634c919b741e84dee

SHA512
0681bd4f0ecb5448fdb28a96ed550ffab7045d459409b4b4806c0746af56e42304e4658080a0e19593d726b06ea723089f25191187e6987325b543ce805efbc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
173KB

MD5
af6626090dc52abb0156eeb736dcbc67

SHA1
ea3ef80c8964ebe48174bdcd086b1c09a97237d2

SHA256
746d1da5432d9f3d166115879e01aff6ac518880b93739e1c9be8b19934e1d71

SHA512
96ee25d1f406e427a3bf26b3d02e78b4ff179b4f3f141fc9c2273d2199dafee6f88a60e5c9c582713a51b279208f03edad9a92b5641a2acf440821af0dafa93b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit