Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
-
submitted
17/09/2023, 17:47
General
-
Target
c0e6ffe14e2c8fb123f59dda1bc65f23_JC.exe
-
Size
404KB
-
MD5
c0e6ffe14e2c8fb123f59dda1bc65f23
-
SHA1
15e600a5c6d5127617ffa21cd615f665a843fde4
-
SHA256
402262c4539a06735d7c64eb41cd332fcb62f0d1edf06ca46890ef7e20813e74
-
SHA512
cd450ceac2d722e8823a3aa9725f212b01206d6e092693f8d4b97191c061a12e42ad63903e244eb7b6479febce2399d35284de51d6536702b9efb71998511c1a
-
SSDEEP
6144:DMmhCc+AXyIENm+3Mpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836S5:DxtXMwcMpV6yYP4rbpV6yYPg058KS
Score
10/10
Malware Config
Signatures
-
Adds autorun key to be loaded by Explorer.exe on startup 2 TTPs 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Drops file in System32 directory 64 IoCs
-
Program crash 1 IoCs
-
Modifies registry class 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c0e6ffe14e2c8fb123f59dda1bc65f23_JC.exe"C:\Users\Admin\AppData\Local\Temp\c0e6ffe14e2c8fb123f59dda1bc65f23_JC.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Fbnafb32.exeC:\Windows\system32\Fbnafb32.exe2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Fkffog32.exeC:\Windows\system32\Fkffog32.exe3⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gdqgmmjb.exeC:\Windows\system32\Gdqgmmjb.exe4⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gkkojgao.exeC:\Windows\system32\Gkkojgao.exe5⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gmjlcj32.exeC:\Windows\system32\Gmjlcj32.exe6⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gdeqhl32.exeC:\Windows\system32\Gdeqhl32.exe7⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gmoeoidl.exeC:\Windows\system32\Gmoeoidl.exe8⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Gdjjckag.exeC:\Windows\system32\Gdjjckag.exe9⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Hmcojh32.exeC:\Windows\system32\Hmcojh32.exe10⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Hijooifk.exeC:\Windows\system32\Hijooifk.exe11⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Hcbpab32.exeC:\Windows\system32\Hcbpab32.exe12⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Imoneg32.exeC:\Windows\system32\Imoneg32.exe13⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Icifbang.exeC:\Windows\system32\Icifbang.exe14⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Iejcji32.exeC:\Windows\system32\Iejcji32.exe15⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Iihkpg32.exeC:\Windows\system32\Iihkpg32.exe16⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jlkagbej.exeC:\Windows\system32\Jlkagbej.exe17⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jcefno32.exeC:\Windows\system32\Jcefno32.exe18⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jmpgldhg.exeC:\Windows\system32\Jmpgldhg.exe19⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jblpek32.exeC:\Windows\system32\Jblpek32.exe20⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jifhaenk.exeC:\Windows\system32\Jifhaenk.exe21⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Jpppnp32.exeC:\Windows\system32\Jpppnp32.exe22⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Kdqejn32.exeC:\Windows\system32\Kdqejn32.exe23⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Klljnp32.exeC:\Windows\system32\Klljnp32.exe24⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Kipkhdeq.exeC:\Windows\system32\Kipkhdeq.exe25⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Kmncnb32.exeC:\Windows\system32\Kmncnb32.exe26⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Leihbeib.exeC:\Windows\system32\Leihbeib.exe27⤵
- Executes dropped EXE
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
C:\Windows\SysWOW64\Lpnlpnih.exeC:\Windows\system32\Lpnlpnih.exe1⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Lfhdlh32.exeC:\Windows\system32\Lfhdlh32.exe2⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Lboeaifi.exeC:\Windows\system32\Lboeaifi.exe3⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Lmdina32.exeC:\Windows\system32\Lmdina32.exe4⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Lepncd32.exeC:\Windows\system32\Lepncd32.exe5⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Mlefklpj.exeC:\Windows\system32\Mlefklpj.exe6⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ndokbi32.exeC:\Windows\system32\Ndokbi32.exe7⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Nngokoej.exeC:\Windows\system32\Nngokoej.exe8⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ncdgcf32.exeC:\Windows\system32\Ncdgcf32.exe9⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Nphhmj32.exeC:\Windows\system32\Nphhmj32.exe10⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Nloiakho.exeC:\Windows\system32\Nloiakho.exe11⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ngdmod32.exeC:\Windows\system32\Ngdmod32.exe12⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Npmagine.exeC:\Windows\system32\Npmagine.exe13⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Njefqo32.exeC:\Windows\system32\Njefqo32.exe14⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Oncofm32.exeC:\Windows\system32\Oncofm32.exe15⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Odmgcgbi.exeC:\Windows\system32\Odmgcgbi.exe16⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Oneklm32.exeC:\Windows\system32\Oneklm32.exe17⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ofqpqo32.exeC:\Windows\system32\Ofqpqo32.exe18⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Onhhamgg.exeC:\Windows\system32\Onhhamgg.exe19⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Odapnf32.exeC:\Windows\system32\Odapnf32.exe20⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ojaelm32.exeC:\Windows\system32\Ojaelm32.exe21⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pnonbk32.exeC:\Windows\system32\Pnonbk32.exe22⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pggbkagp.exeC:\Windows\system32\Pggbkagp.exe23⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Pqpgdfnp.exeC:\Windows\system32\Pqpgdfnp.exe24⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pgioqq32.exeC:\Windows\system32\Pgioqq32.exe25⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Pqbdjfln.exeC:\Windows\system32\Pqbdjfln.exe26⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pfolbmje.exeC:\Windows\system32\Pfolbmje.exe27⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pdpmpdbd.exeC:\Windows\system32\Pdpmpdbd.exe28⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Pjmehkqk.exeC:\Windows\system32\Pjmehkqk.exe29⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Qdbiedpa.exeC:\Windows\system32\Qdbiedpa.exe30⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Qgqeappe.exeC:\Windows\system32\Qgqeappe.exe31⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Qmmnjfnl.exeC:\Windows\system32\Qmmnjfnl.exe32⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Qcgffqei.exeC:\Windows\system32\Qcgffqei.exe33⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ampkof32.exeC:\Windows\system32\Ampkof32.exe34⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ajckij32.exeC:\Windows\system32\Ajckij32.exe35⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ajfhnjhq.exeC:\Windows\system32\Ajfhnjhq.exe36⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Afmhck32.exeC:\Windows\system32\Afmhck32.exe37⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Aglemn32.exeC:\Windows\system32\Aglemn32.exe38⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Agoabn32.exeC:\Windows\system32\Agoabn32.exe39⤵
-
C:\Windows\SysWOW64\Bagflcje.exeC:\Windows\system32\Bagflcje.exe40⤵
-
C:\Windows\SysWOW64\Bmngqdpj.exeC:\Windows\system32\Bmngqdpj.exe41⤵
-
C:\Windows\SysWOW64\Bchomn32.exeC:\Windows\system32\Bchomn32.exe42⤵
-
C:\Windows\SysWOW64\Bjagjhnc.exeC:\Windows\system32\Bjagjhnc.exe43⤵
-
C:\Windows\SysWOW64\Bmpcfdmg.exeC:\Windows\system32\Bmpcfdmg.exe44⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Bfhhoi32.exeC:\Windows\system32\Bfhhoi32.exe45⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Banllbdn.exeC:\Windows\system32\Banllbdn.exe46⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Bhhdil32.exeC:\Windows\system32\Bhhdil32.exe47⤵
-
C:\Windows\SysWOW64\Bnbmefbg.exeC:\Windows\system32\Bnbmefbg.exe48⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Bcoenmao.exeC:\Windows\system32\Bcoenmao.exe49⤵
-
C:\Windows\SysWOW64\Cfmajipb.exeC:\Windows\system32\Cfmajipb.exe50⤵
-
C:\Windows\SysWOW64\Cabfga32.exeC:\Windows\system32\Cabfga32.exe51⤵
-
C:\Windows\SysWOW64\Cnicfe32.exeC:\Windows\system32\Cnicfe32.exe52⤵
-
C:\Windows\SysWOW64\Cagobalc.exeC:\Windows\system32\Cagobalc.exe53⤵
-
C:\Windows\SysWOW64\Dhhnpjmh.exeC:\Windows\system32\Dhhnpjmh.exe54⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Daconoae.exeC:\Windows\system32\Daconoae.exe55⤵
-
C:\Windows\SysWOW64\Doilmc32.exeC:\Windows\system32\Doilmc32.exe56⤵
-
C:\Windows\SysWOW64\Edfdej32.exeC:\Windows\system32\Edfdej32.exe57⤵
-
C:\Windows\SysWOW64\Emoinpcd.exeC:\Windows\system32\Emoinpcd.exe58⤵
-
C:\Windows\SysWOW64\Ehdmlhcj.exeC:\Windows\system32\Ehdmlhcj.exe59⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Ehfjah32.exeC:\Windows\system32\Ehfjah32.exe60⤵
-
C:\Windows\SysWOW64\Eachem32.exeC:\Windows\system32\Eachem32.exe61⤵
-
C:\Windows\SysWOW64\Fhmpagkp.exeC:\Windows\system32\Fhmpagkp.exe62⤵
-
C:\Windows\SysWOW64\Fafdkmap.exeC:\Windows\system32\Fafdkmap.exe63⤵
-
C:\Windows\SysWOW64\Fknicb32.exeC:\Windows\system32\Fknicb32.exe64⤵
-
C:\Windows\SysWOW64\Fnmepn32.exeC:\Windows\system32\Fnmepn32.exe65⤵
-
C:\Windows\SysWOW64\Fkqeib32.exeC:\Windows\system32\Fkqeib32.exe66⤵
-
C:\Windows\SysWOW64\Fhdfbfdh.exeC:\Windows\system32\Fhdfbfdh.exe67⤵
-
C:\Windows\SysWOW64\Fehfljca.exeC:\Windows\system32\Fehfljca.exe68⤵
-
C:\Windows\SysWOW64\Fnckpmql.exeC:\Windows\system32\Fnckpmql.exe69⤵
-
C:\Windows\SysWOW64\Gkglja32.exeC:\Windows\system32\Gkglja32.exe70⤵
-
C:\Windows\SysWOW64\Gnfhfl32.exeC:\Windows\system32\Gnfhfl32.exe71⤵
-
C:\Windows\SysWOW64\Ggnlobej.exeC:\Windows\system32\Ggnlobej.exe72⤵
-
C:\Windows\SysWOW64\Gnhdkl32.exeC:\Windows\system32\Gnhdkl32.exe73⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Ggcfja32.exeC:\Windows\system32\Ggcfja32.exe74⤵
-
C:\Windows\SysWOW64\Ggeboaob.exeC:\Windows\system32\Ggeboaob.exe75⤵
-
C:\Windows\SysWOW64\Hnoklk32.exeC:\Windows\system32\Hnoklk32.exe76⤵
-
C:\Windows\SysWOW64\Hghoeqmp.exeC:\Windows\system32\Hghoeqmp.exe77⤵
-
C:\Windows\SysWOW64\Hoadkn32.exeC:\Windows\system32\Hoadkn32.exe78⤵
-
C:\Windows\SysWOW64\Hfklhhcl.exeC:\Windows\system32\Hfklhhcl.exe79⤵
-
C:\Windows\SysWOW64\Hglipp32.exeC:\Windows\system32\Hglipp32.exe80⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Hgoeep32.exeC:\Windows\system32\Hgoeep32.exe81⤵
-
C:\Windows\SysWOW64\Hninbj32.exeC:\Windows\system32\Hninbj32.exe82⤵
-
C:\Windows\SysWOW64\Hgabkoee.exeC:\Windows\system32\Hgabkoee.exe83⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Idebdcdo.exeC:\Windows\system32\Idebdcdo.exe84⤵
-
C:\Windows\SysWOW64\Ikokan32.exeC:\Windows\system32\Ikokan32.exe85⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Iickkbje.exeC:\Windows\system32\Iickkbje.exe86⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Ibkpcg32.exeC:\Windows\system32\Ibkpcg32.exe87⤵
-
C:\Windows\SysWOW64\Ikcdlmgf.exeC:\Windows\system32\Ikcdlmgf.exe88⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ieliebnf.exeC:\Windows\system32\Ieliebnf.exe89⤵
-
C:\Windows\SysWOW64\Ikfabm32.exeC:\Windows\system32\Ikfabm32.exe90⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Ifleoe32.exeC:\Windows\system32\Ifleoe32.exe91⤵
-
C:\Windows\SysWOW64\Jodjhkkj.exeC:\Windows\system32\Jodjhkkj.exe92⤵
-
C:\Windows\SysWOW64\Jilnqqbj.exeC:\Windows\system32\Jilnqqbj.exe93⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Jgonlm32.exeC:\Windows\system32\Jgonlm32.exe94⤵
-
C:\Windows\SysWOW64\Jbdbjf32.exeC:\Windows\system32\Jbdbjf32.exe95⤵
-
C:\Windows\SysWOW64\Jnkcogno.exeC:\Windows\system32\Jnkcogno.exe96⤵
-
C:\Windows\SysWOW64\Jicdap32.exeC:\Windows\system32\Jicdap32.exe97⤵
-
C:\Windows\SysWOW64\Jkaqnk32.exeC:\Windows\system32\Jkaqnk32.exe98⤵
-
C:\Windows\SysWOW64\Jblijebc.exeC:\Windows\system32\Jblijebc.exe99⤵
-
C:\Windows\SysWOW64\Jieagojp.exeC:\Windows\system32\Jieagojp.exe100⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Knbiofhg.exeC:\Windows\system32\Knbiofhg.exe101⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Kfjapcii.exeC:\Windows\system32\Kfjapcii.exe102⤵
-
C:\Windows\SysWOW64\Kflnfcgg.exeC:\Windows\system32\Kflnfcgg.exe103⤵
-
C:\Windows\SysWOW64\Kpdboimg.exeC:\Windows\system32\Kpdboimg.exe104⤵
-
C:\Windows\SysWOW64\Khpgckkb.exeC:\Windows\system32\Khpgckkb.exe105⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Kbekqdjh.exeC:\Windows\system32\Kbekqdjh.exe106⤵
-
C:\Windows\SysWOW64\Kpiljh32.exeC:\Windows\system32\Kpiljh32.exe107⤵
-
C:\Windows\SysWOW64\Kiaqcnpb.exeC:\Windows\system32\Kiaqcnpb.exe108⤵
-
C:\Windows\SysWOW64\Lfealaol.exeC:\Windows\system32\Lfealaol.exe109⤵
-
C:\Windows\SysWOW64\Lhfmdj32.exeC:\Windows\system32\Lhfmdj32.exe110⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Lejnmncd.exeC:\Windows\system32\Lejnmncd.exe111⤵
-
C:\Windows\SysWOW64\Lbnngbbn.exeC:\Windows\system32\Lbnngbbn.exe112⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Lhkgoiqe.exeC:\Windows\system32\Lhkgoiqe.exe113⤵
-
C:\Windows\SysWOW64\Loeolc32.exeC:\Windows\system32\Loeolc32.exe114⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Lflgmqhd.exeC:\Windows\system32\Lflgmqhd.exe115⤵
-
C:\Windows\SysWOW64\Lhncdi32.exeC:\Windows\system32\Lhncdi32.exe116⤵
-
C:\Windows\SysWOW64\Lbchba32.exeC:\Windows\system32\Lbchba32.exe117⤵
-
C:\Windows\SysWOW64\Mpghkf32.exeC:\Windows\system32\Mpghkf32.exe118⤵
-
C:\Windows\SysWOW64\Mlnipg32.exeC:\Windows\system32\Mlnipg32.exe119⤵
-
C:\Windows\SysWOW64\Mibijk32.exeC:\Windows\system32\Mibijk32.exe120⤵
-
C:\Windows\SysWOW64\Mfhfhong.exeC:\Windows\system32\Mfhfhong.exe121⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-