44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17/07/2023, 20:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

persisted_first_party_sets.json
Size

2B
MD5

99914b932bd37a50b983c5e7c90ae93b
SHA1

bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512

27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 3 IoCs

description	ioc	Process
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{4E92FFD2-1844-4AB8-A204-DDCF1E7A8E21}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat	svchost.exe
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat	svchost.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1722984668-1829624581-3022101259-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-1722984668-1829624581-3022101259-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2708	OpenWith.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\persisted_first_party_sets.json
1⤵
- Modifies registry class
PID:216

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2708

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
1⤵
- Drops file in System32 directory
PID:4020

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\wsuA6B0.tmp

Filesize
14KB

MD5
c01eaa0bdcd7c30a42bbb35a9acbf574

SHA1
0aee3e1b873e41d040f1991819d0027b6cc68f54

SHA256
32297224427103aa1834dba276bf5d49cd5dd6bda0291422e47ad0d0706c6d40

SHA512
d26ff775ad39425933cd3df92209faa53ec5b701e65bfbcccc64ce8dd3e79f619a9bad7cc975a98a95f2006ae89e50551877fc315a3050e48d5ab89e0802e2b7

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
3012059ef5b69f83a3ac7fb6bc7fabc6

SHA1
d0097f958de60ae9c20c5cd423abe94c6eb23a82

SHA256
a84fe6daffd09f9571fda4e70050c17165f95ee08c9a3f18ac07320f0325e4ab

SHA512
3325ecdeb1ed45960c472a15614483702616e659329609ae399e5e9bc5459ea08d9d222e983df80f18a558713747c44b912539827ba43558653dbb99dfdcaf26

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
856218589be48380f4877d01b4c32121

SHA1
c46a945f47bf324369d66eb70004b4e16f332f6a

SHA256
612e9d909079424bbb04ad18c6eb86ad177c3c7844d31e06a56b3f447ddc58d3

SHA512
6f56024fbb29fd39a85b840b4c63eb0ada2b3ae16d07a56e5f5454c44019f36abeed024744c7bef293a5e5fccbd4ddb15b8da7febf57f9f4643708e473771f8b

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
da6867177eaecb6580bb6100e44786d8

SHA1
481e91c510a5f361af82423b98dadc7da62f2630

SHA256
1b2cc1785659635de4e0eb7601c5270ac81eb72e8dba195e38c05a136bfa2aca

SHA512
457b8ab17fc326bae8dceaaa6fe17ba537d9dcda230e1391c8c9dbe81ecb9b02197d327df7b1d61ef03d3766fc1d9ad32ddaa8fdc21e2a7c046334703f968a3f

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
60479d53a566e0f1b5840a1678dab9ce

SHA1
e72f3942c08ed58173bf3ce39e62b5c1d5dbd68e

SHA256
bd4773433d6fa8e4cee9a09df3ae7cfd15fdc3b643582f068ab386d32414016a

SHA512
79b0c35699757753860e95f4da51d7f4c1e64a8b400de2c0ebdd7d824267919777e07b80aac332526901125a046beb6653c8ebec3cb48688db6c183b3221a56d

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
1f7f30daacad3cce5ff6d13a00bec561

SHA1
95a144aeeae5a13b549618cf39b6f743d7072cb6

SHA256
21ee9a76f31dc2d5a550730f934b436eeab786fb9fac408f5573325f9ff8c280

SHA512
94d9d0038badfccbd1d0cd539bf25a86db29f4628709f959ccbe3ea5b25f777518a79fe3a7a21f8f870bcba5ba7a76a5c8e115a37449376fd5f2f7da48a8ec30

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
127e528dc6d41c619fd33de92ad2bb8c

SHA1
87ca8aacdb57982db129059ddfde5e21f9f97ca3

SHA256
2a5ea53632bca836a5c42537db90ee271b83031d2406fa1905df6fff6e09d834

SHA512
80c23ef7f68b001d1ee20d750a0ce00c062555751cb4f7b257709544ec375152736db497ee52b3cfb9c800bdc096e290c0464f14b190b9f48c2ccba9727aa5d0

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
8f4e13f37414219f84e88daf71aae309

SHA1
60417ebf957a28960faff2f9684ead1179cd8ca5

SHA256
f637218f543628fd76cf2446c65c644132dcf370c6ba4329a7bf288a2185a09e

SHA512
bb5734940bc0bdd4412074324ef3acbca88b65d8668124b166d2d5bbe79140ca8720af3a8810672c13147cdb55127288e918088e95c05d2028a6a96185779fd0

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
3a24ffe9e3444659ed594b45ac18dc83

SHA1
1bee1513bbaf3006612ab5d0550f4d4b931785e5

SHA256
019e879e5ab9ec20db1e1fe52b8a02f9aedc3f7609509ad6ae430f2f88e17b99

SHA512
19f2f7c1b837c200d2e57f23930a2d970a9cc2b9aa34231d394c35ae311bdca549147effdd71ba54eeb42c709badd1e5e28418beee3cacb4e6beb078b2e22b7d

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
31e68095f1c0b06239463299e7bb0daf

SHA1
7a50e767b3e7f0c79638b4ae605d77f3188e4a83

SHA256
c7653b433f6e04f833626f1fcce22b4a873077820433253b857ef459dfdf495e

SHA512
bbbae1e3a94ee161ab690ecf2b5a6f16461b2506e7a69d50099f1e9bd7b3a22a5025db5669b29c45b28c440925523c4869459349e52843b56438fe6ec30720f9

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
2b70943faa71dad2b27c2ce17a609177

SHA1
82b8fb45b1a3730b4cc1cdef6866ed4a357fff7e

SHA256
04738e41a4a5be6cd7bb0abe0440dbf7b44c9f0257cc5bb1958c2c306c6b36c8

SHA512
7a0a8ef63f56cc9fcc13015ef02b99dc8b96c8e86b3058ab17bbd19f6df259182cc02963bb6ef0168f9e33b1a11ef4a0fa46e164ad23339c2c2d748f337bf6f0

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
e9e61944b1b1748eaf0fb3bb7cfdb5ce

SHA1
85145d8a46a8f7b1e2103d881a850ed3e620a4e8

SHA256
c62dc668b9315b25b1e535920429e1af63cc9a3f599e1d4c85ba50dd3e6b1642

SHA512
3905f3a3c72b37eac5f05af5844dfb2ca5b77e18f67392d141d2c65379c9636f21988c4f00bf800d9839cdc59c05273ce8444ec5b4b7af2fed83aadb79bbbbb9

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
29e4d96c202b49784aa8a02370c637a8

SHA1
7130703c7dc5d1c2a022837fd4fdadfe86f91ec7

SHA256
274e0ae863a8249a2ccd0f58e03dade423bc5e7a515c614f7f395075326c339b

SHA512
f6ed797da1ccc8a9ffa0c1cb1e9013ec726c578608250229a484876bd9d3ff64ff93fd781ec5d8abc84748ae69d62e1877e3d37db4dada1980d47573d3b79119

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
b31e48e6440a1b9c90cb4c9abb2cfc02

SHA1
acece8fb464a926e6e717580280e423fb4666923

SHA256
cb966258e388f5cd2ab986ec2e720497be25dc243dcc2276336722c40dbe4f5d

SHA512
c913a8768d109dd1ba1b465ff28082fa04687a53b62dc345dcdfd9e3cb36b7bc5ff07f8ad0b92f79f67bd1b38b2367a9b51622c509565274d25574e5b4abc03f

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
63693233dfa7342431973f11950ad0d1

SHA1
7ac4f9ec2d17e274cee884501ac19645f6ebea23

SHA256
9377c05f760bae7e6182bae07bc22538f4a987a65e1845041ebdab53183db581

SHA512
0f008b97fbdb519e9104adc6f991a01971bedb732e1b7120e8b9a40c292c28279489f1f7675cb95e8be509537d1cf4fbbf856d4758de60c3fa457b2d8852d127

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
a5bb9c43f883968832555aa8e454a18c

SHA1
26dd26e1d2a31ea4a45fa1ebf4061728d6e532ca

SHA256
b3292a04b0a7e1e2a94d8c12ec7daaab681350cd8fe9d5d4b4f3fd77ac85868f

SHA512
48c38a8a53b764879cbe0f7db372700a6cd5033d95681f2673a1e8abad89de368322d4fd074b67c619ca34200b003ed939421d3e71463aac96e82f76cb6288d5

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
435b2f0514ba23ff90077e5ec5679c5f

SHA1
4b861780754f5966e68a1bbfa3616081d76c6b39

SHA256
3fbd9b48f3f52eb3be4e19447fbf17d58c6b48308de037d141648868a989955c

SHA512
84fed3e46a4c9a048532900d5515152919e08025f62151ff29d49e3f90dc1610df8e36940af34df238771ba6e2f4c0870bd8d720036f1bbb61d6078f1169e954

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
36acf7c5066c7e251ece1873f327f6ac

SHA1
3c2ed48dd22a5f614a258f3e940b76bfe19ced73

SHA256
63c8491585e11a6a60c7399cefe993c891c815f5c22ce179d8e121663b202c12

SHA512
ca50359cf3958ed165c8a7e97d52cacff0d0e2c2ef1776577095327b343bea6b55d2ae22026e079a8ab858dc536c97ec7252af62c9f5dcb123b13575281d2970

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
6a624dea9bb6888b487cdfa9d6d76636

SHA1
9b49a08a91facc63c6812bbdfaa378f349e6e622

SHA256
6e84ee94a6b66aff3bbb1e87164d05b751864416125f1bc00e0cee2c6a34d388

SHA512
93cb6cf13425aec0ee8179d4326cdfd2b728ca15ef50d0cb05d458199055e107d2487793a636164e335e40cc7bf537d9fe6146c7f232f17e29de65b9ed87ef2e

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
98547fdf85248ce8bdc5cd454fafa40c

SHA1
f3d77b7736dc2b2461769add102ba19a829a6a58

SHA256
b3e5a59cfdd9255bc1ead62361831eb3a4fb2885db9d25f8682328cf68d885f5

SHA512
0b091a049ef5a720925ee6d22abfcefedefeae6e28c6b5675300f1c52df1cfd66badd37757dc9c657ee8e80c9cf1333f416063fad3e9371702d9ec14b99b47a1

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
0e43059a685567c49ef5eba014dbeea4

SHA1
1624eb284918180185833a0fbf000d059da7f31c

SHA256
7a785426e286a40870c264de946b8920f8332f596d33ba8697e061283c695057

SHA512
5381875c8f57c37cfe7b2b24de60b76cd70912d5b7225a504105566fb5726b6b382811eeab5029dd49af0386bd7305d0bbf5776474a97263ffaa327bb92b2ba4

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
6f26f607f2afe45bb10338ad1eb5e5a2

SHA1
e5ec4894032580231bca6e6c13b991a498b99ae7

SHA256
cd65c71f86257e968a0b00d1952fda8f23d9e96f581974814d94ea4768ccf26f

SHA512
0f73057be692c42fd2a98db722fdf3be089ba3070dc514f7a5870d156731f4b36431063213cfa896bb621d5515758cd90ce99df8e94f09452c94902cbc268b4d

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
281efcee6e05eadb5fac7a0dc2a94816

SHA1
9e2c72e315111375f7553f39c20dafb968604e60

SHA256
11b33a5dcf698e421c204364ebcbe468d5e41eebf89d9a030c99b9b40459d348

SHA512
38c1df9f503e9734f8ecf80c02712f30b871c7c8be82d522ea326f27734e825183674cdea5d1e7b8f793cf9e7861a1c8b879d136c6633b88d8f92f6be2896d2e

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
02850679bebc0adef21c5a54ec1b4b6d

SHA1
00cf559b0c02663f5fed3d78ec42447c893c3da8

SHA256
316eb7b4cc72c3e83cd1b3bbba638a1d91006734dd60820d5a7923cf935ccb48

SHA512
2579924bec0f1a609bcf0c14d7521eeede8fbd099989a425a28d333a076c6f65dea66b882fc17eba0205de057c6ade71fcd420b3c0ab5e0d4f515cb41c748bbf

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
787d213fac64652915536268a79b87db

SHA1
675e1e19406b2a0182c5b63ad7ba97e85add92f5

SHA256
855f3f1e51d2d51539d1a76804ea680de25c65760c400c6b4fa1a8a9ffd1a83e

SHA512
851a15f147ab415c132973289223d4478c934a070d80df4a13f2d6a05648a1b12a3446df4fc247ae2ddcef0b3dfcfe5904faacd63374ab4d7980dfad67f1a4b9

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
f07d67f2a0ad4bf7147b5ffa5481b9c5

SHA1
d0328c93061a646d28f691415babf139cc0c0da8

SHA256
b4d51cdd30a789daa313640301a2cbe2e9795ceffb84fa4894830d09542dba62

SHA512
686a922f42d4c2185d3d18926beaa9f40fc8f36939e14d209f00dcb24de1baecfee79212c9084a7154673de79eb5724e05785ddfe2e17b7e9bbd2aa7aafe9569

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
525b51cdc2720e313f207f6205034d39

SHA1
e4066c2d10e70df99a0a0bacb6f9b93bfbef70b5

SHA256
3a25f0f1f266b596996217f2e92c216dcc5c936bf44b0bdb26fa32ae710b76b1

SHA512
20036d3f85ea4d8fce88ca0c24f12086266ea68901169cf6c2cefa4a0929022c56b05345b09f353292ed27a56a56c7c87f170069e1c658401aa29778e20be14c

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
899958ffd33e2122933cefd1d9b04795

SHA1
52c660bb15a3c4009cdca00768554007c1ce3baa

SHA256
4506b8dec53b797226f013d79bc321a68447290390950d0326bcda336f024092

SHA512
a0bea963de0c1c0e21a1eeb2c892166b60cd1abbadcb7b97fe434ab72e97f4d54050c3457ed00c5ec56dd83fda8644f54c187bf33e29b7923a728289349a3165

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
3f8df907281e1d4fe9f0970b8bf44486

SHA1
5383fa95be80dffe39ac39073f4563a363f59c2a

SHA256
0ca282607b56013cc867eb85e881ca904b30b696d2ee7b5e0515f4d88ba167ab

SHA512
2e5081cb762ac35374bfa51c12b2be802749e5998d2b1d82ef932b01a97c4a46fc0a783664c114fa106db939d96ad6413420a40154ef419f86751b7e5bbb68e8

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
2cdb5ebfb5c98427a95ecf338b7d7374

SHA1
d0c5bdb2fcc60e9959cb54795c27486ba8b82968

SHA256
efa040c4da911cc5c35704ae5d6063d35db932c632ba3f872488d0cceb23dc5d

SHA512
72e778a1c416d1059ffe2a4f6ed3d6eee59718ea673bf8eb3e047f886fc69c8bb4a493811850db74d2abcbe45245ab67ed46f3703cabbcfefb54d5b192a259de

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
cd3c389431859894c55135041d292a68

SHA1
a22b45fee4ddf94387e624ab367c7ade2a737753

SHA256
2708019540a0ad59fb77295565dd1ca34fabbef618baec372435b91667e04e71

SHA512
12e357e3392c823f5c50bb84455f6b620311c2d816b5ea2f48d79d5c768bdb71b9d7cd0fc21b8576deef90c77eb4767bb5e35834d7d8d44dd0cf0050f909f793

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
e6c635ebc73bf53c4787e8b0e6fa7c47

SHA1
75239c7cb86f7b812f01a10a8ced0bc3978907cb

SHA256
37f46d6ebfc72bf1a740c05f685c234effec2c085b28f2dea98cf4cd38e715de

SHA512
046cfb97273f9c382b4d055b2396dea22286c957bcd590804f67dd0b08acb56236a3ca4e874ef8e73a1bf91c1d7c672ace91e3c8df0309d58dd1001b45cd57e1

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat

Filesize
29KB

MD5
4a589e4ad7121700e04c16c8e94ec43c

SHA1
1fef514d779f57f3e1495657054bd008a0fd1a0c

SHA256
b30ef2cc3c68b6b5a90d22ae70b8304ad4104d6d11d7c318aecc94ab210f250d

SHA512
ffa7ab3c249530ef6390a1114c7f7677e0b7e2ec50843bb0ad530979b910c1fa92d1fdeb12b9475affd3eef8b5425280f67af9b5707680989e072d4e32f91653

Download Submit