hxxps://archive[.]org/download/adobe-photoshop-2022-v-23[.]0[.]0[.]36-x-64-pre-cracked/Adobe%20Photoshop%202022%20v23[.]0[.]0[.]36%20%28x64%29%20Pre-Cracked[.]zip

Resubmissions

05/08/2023, 01:49

230805-b8qklafb59 7

05/08/2023, 01:43

230805-b5bbhafb47 1

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2023, 01:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://archive.org/download/adobe-photoshop-2022-v-23.0.0.36-x-64-pre-cracked/Adobe%20Photoshop%202022%20v23.0.0.36%20%28x64%29%20Pre-Cracked.zip

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133356734126605768"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
3992	chrome.exe
3992	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1044 wrote to memory of 2880	1044	chrome.exe	38
PID 1044 wrote to memory of 2880	1044	chrome.exe	38
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3680	1044	chrome.exe	82
PID 1044 wrote to memory of 3972	1044	chrome.exe	83
PID 1044 wrote to memory of 3972	1044	chrome.exe	83
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84
PID 1044 wrote to memory of 1936	1044	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://archive.org/download/adobe-photoshop-2022-v-23.0.0.36-x-64-pre-cracked/Adobe%20Photoshop%202022%20v23.0.0.36%20%28x64%29%20Pre-Cracked.zip
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd61e09758,0x7ffd61e09768,0x7ffd61e09778
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:2
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:8
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2880 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:1
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2216 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:8
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3876 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1864,i,9699054214641479860,4438314598899918895,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3992

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4800

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8139699e20c11d3208f36a129034a43c

SHA1
1f638686741610376af6a2b0106b85ca4478262a

SHA256
bb040e29cad718d0bd31a27344ee7e9d40d7b2d6ba627500a36ec167a01178e4

SHA512
31fa286e00b594cacd6f6ecd320148e18198fc85b4218c879afc700c3d3efb83ad3cc980c7c02b4e126bbf6d39b0fc19099019559dcc9597be49df67b53b08ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
974B

MD5
b8650573de5ffa9bfada30de7b121ff0

SHA1
86c3269c7c3c697f6986bc82b437d3b798792ba0

SHA256
11d0c0ab0f36fc613e97bb20fa48a4df62b883ff9c97976fd7c68efe156ded25

SHA512
262557314d0f621a3ae89565f2b594b6d378ca4d20ef0a0ae14f37227c556e55049e11893ad4ba37cc71a556f7389f1d14df6f9b738f5f34a301f842276b9fc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
e6f18638fff5706c4f3eeeea94b48f1e

SHA1
ca9a657d0b667b048e78e42c5383bc0a97ae98a7

SHA256
33410f4c927330ac2706eb1283b7fd58f74b80305714d494b228f55a695b7bc0

SHA512
f0b66af715286934db83ae785d873f1691159f5491f13e72f459400f105d5b42fdf71369dd2cb8351f39e4fd85e1d2af82946ddd07326c5701add31627cbd3e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
83555399583106bbbf8c62306b6b8475

SHA1
ae0df94b8e1359a314c289afc55f5d3f74e74483

SHA256
e353165d0aea0f3aba5d8261d2235285fa1dc2a545d8f8e070ce04e2cbd167b9

SHA512
68ad256e0cc7f7d5d6305e091303a652027f56468dba1435325a274f46735fb6b36901fc3b11014fc4a3c85c2445f5294447a34b9ee2cfeafd9426fe2d240ec7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
da9620cd7c76a03337751b4f1342907e

SHA1
17a83f778e25808fd5284624ea22e073e20f2b37

SHA256
e609074b45e2db55b7ca9ae5e9c153aff42687051f650a413d1bc93003cdb454

SHA512
e18a08543bfa828d0e36169d1a2a448f37a9ccfa173183db2df18eb650c9de17571b7e702347ecbaeb9bbfd386b9b013999e6397ac4521fa3dfa295441947b33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
8bac140284d4bf41ec815ac663d85361

SHA1
3959e0caebd2657ce92befac54fd981c30aa8b28

SHA256
bd5a340039d61c4e9110994f9440d1ca69d6fe0d70169a6571617c00f3bd5b6a

SHA512
fdda5d71444eda53b98344c4cdcf6ffb37077f68b6e868b5736f0cd0b4f3f36a93a66532f6bc95a3f922531c4ea4b48b811c4596dd85d3fd6b4c057e597c2fa1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
266266987c2a9ff750733d80b11f1590

SHA1
96433793bb452771faa8e862d6f130066e999d32

SHA256
d152f41c16a32789ef98ef03ffc338807404ab3c98d9ebca0d734bb3f39b2d4e

SHA512
b360d5911152299348cc133bd0e7d0b99983e665783e8139b83e529384db467b7403d337378073961853555f8f5566dbbaf8ae41783ab336b3beb982a8c51288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit