5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12/02/2024, 08:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe
Size

484KB
MD5

3a50edc073789c925d71242490e77518
SHA1

cc3f627385e7429b0da0e4b9748b2725d8d265ca
SHA256

5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43
SHA512

4ce4d598de8e10ce03590229a79fac1aa665e62080e37800568add5286a09814b8ec27f38a2622fdcb14dd8d1446e6f97fb0ba647d1e5aead7f6cfb52892ad55
SSDEEP

6144:ZVfjmNIz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1fay7:v7+G1gL5pRTcAkS/3hzN8qE43fm78V

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
4712	Logo1_.exe
2524	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe

Enumerates connected drives 3 TTPs 21 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\U:	Logo1_.exe
File opened (read-only)	\??\T:	Logo1_.exe
File opened (read-only)	\??\J:	Logo1_.exe
File opened (read-only)	\??\X:	Logo1_.exe
File opened (read-only)	\??\V:	Logo1_.exe
File opened (read-only)	\??\O:	Logo1_.exe
File opened (read-only)	\??\Y:	Logo1_.exe
File opened (read-only)	\??\W:	Logo1_.exe
File opened (read-only)	\??\R:	Logo1_.exe
File opened (read-only)	\??\Q:	Logo1_.exe
File opened (read-only)	\??\P:	Logo1_.exe
File opened (read-only)	\??\N:	Logo1_.exe
File opened (read-only)	\??\M:	Logo1_.exe
File opened (read-only)	\??\L:	Logo1_.exe
File opened (read-only)	\??\I:	Logo1_.exe
File opened (read-only)	\??\H:	Logo1_.exe
File opened (read-only)	\??\G:	Logo1_.exe
File opened (read-only)	\??\E:	Logo1_.exe
File opened (read-only)	\??\Z:	Logo1_.exe
File opened (read-only)	\??\S:	Logo1_.exe
File opened (read-only)	\??\K:	Logo1_.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\nls\it-it\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\de-de\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\tr-tr\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_neutral_~_kzf8qxf38zg5c\microsoft.system.package.metadata\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\Mozilla Firefox\gmp-clearkey\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-ma\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\sv-se\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\css\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\eu-es\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\de-de\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\Windows Mail\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\onenoteim.exe	Logo1_.exe
File opened for modification	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\ja\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.XboxGameOverlay_1.46.11001.0_neutral_split.scale-100_8wekyb3d8bbwe\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\hu-hu\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\ja-jp\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Windows Media Player\es-ES\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Windows Media Player\Media Renderer\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\ReactAssets\assets\node_modules\reactxp-experimental-navigation\NavigationExperimental\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_neutral_~_8wekyb3d8bbwe\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\da-dk\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\javah.exe	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_neutral_~_8wekyb3d8bbwe\AppxMetadata\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.Xbox.TCUI_1.23.28002.0_neutral_~_8wekyb3d8bbwe\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-ae\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\pl-pl\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\EBWebView\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\locale\el\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_neutral_split.scale-125_8wekyb3d8bbwe\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\Snippets\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Examples\Calculator\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\he-il\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\uk-ua\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-white\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\nls\root\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\themes\dark\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Notifications\_desktop.ini	Logo1_.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\d3d9\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.1706.13331.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\pt-BR\_desktop.ini	Logo1_.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\x64\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\tr-tr\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\en-ae\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Internet Explorer\images\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\javapackager.exe	Logo1_.exe
File created	C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\hr-hr\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\pl-pl\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\root\_desktop.ini	Logo1_.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\nb-no\_desktop.ini	Logo1_.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\nl-nl\_desktop.ini	Logo1_.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File created	C:\Windows\rundl132.exe	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe
File created	C:\Windows\Logo1_.exe	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe
File opened for modification	C:\Windows\rundl132.exe	Logo1_.exe
File created	C:\Windows\vDll.dll	Logo1_.exe

Runs net.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe
4712	Logo1_.exe

Suspicious use of WriteProcessMemory 16 IoCs

description	pid	Process	procid_target
PID 4724 wrote to memory of 1276	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	84
PID 4724 wrote to memory of 1276	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	84
PID 4724 wrote to memory of 1276	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	84
PID 4724 wrote to memory of 4712	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	85
PID 4724 wrote to memory of 4712	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	85
PID 4724 wrote to memory of 4712	4724	5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe	85
PID 4712 wrote to memory of 3076	4712	Logo1_.exe	86
PID 4712 wrote to memory of 3076	4712	Logo1_.exe	86
PID 4712 wrote to memory of 3076	4712	Logo1_.exe	86
PID 3076 wrote to memory of 2232	3076	net.exe	89
PID 3076 wrote to memory of 2232	3076	net.exe	89
PID 3076 wrote to memory of 2232	3076	net.exe	89
PID 1276 wrote to memory of 2524	1276	cmd.exe	90
PID 1276 wrote to memory of 2524	1276	cmd.exe	90
PID 4712 wrote to memory of 3304	4712	Logo1_.exe	21
PID 4712 wrote to memory of 3304	4712	Logo1_.exe	21

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:3304
- C:\Users\Admin\AppData\Local\Temp\5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe
  "C:\Users\Admin\AppData\Local\Temp\5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe"
  2⤵
  - Drops file in Windows directory
  - Suspicious use of WriteProcessMemory
  PID:4724
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\$$a7F90.bat
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1276
  - - C:\Users\Admin\AppData\Local\Temp\5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe
      "C:\Users\Admin\AppData\Local\Temp\5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe"
      4⤵
      Executes dropped EXE
      PID:2524
- - C:\Windows\Logo1_.exe
    C:\Windows\Logo1_.exe
    3⤵
    - Executes dropped EXE
    - Enumerates connected drives
    - Drops file in Program Files directory
    - Drops file in Windows directory
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:4712
  - - C:\Windows\SysWOW64\net.exe
      net stop "Kingsoft AntiVirus Service"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:3076
    - - C:\Windows\SysWOW64\net1.exe
        
        C:\Windows\system32\net1 stop "Kingsoft AntiVirus Service"
        5⤵
        
        PID:2232

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe

Filesize
251KB

MD5
c6d96ae5e83108c20fcd962db8108062

SHA1
670a9e34e194dec707475d2eb3dfa2c7c8de8765

SHA256
c73d6d60169c0848ac5d3f0bb3d09efba8acd0ad0d763791718cd866e786eef1

SHA512
d0b5180459bb341226359b087e77f2b60be8108cdeb0ccaadb92cd326650b46f1dd02d801704a022fd80446193ba2892ec0eb9b1b816abee57aeb649cde99f44

Download Submit
C:\Program Files\7-Zip\7z.exe

Filesize
570KB

MD5
4c27ca4c6180e71c337086eaf5b1725f

SHA1
69577d9a19960aea47d35453619472abcc9b5786

SHA256
17f21521c90860dc36b03576ec3e5cd15ba7a82719708c1fadf1d9d31bec2c44

SHA512
aaa448d0112bd9dd5a0fe25c98bfcbf2fe9448a882029deda315fef7d95870412009b7819349628a343bd548fc963b52c2a0d62d6c729adce116e01fdeeb6a08

Download Submit
C:\Users\Admin\AppData\Local\Temp\$$a7F90.bat

Filesize
722B

MD5
1b27e458cc77f974c623b6439938192c

SHA1
523180279c6373598d8f87187845f17a48ef531f

SHA256
cba2abc3ba1fc63412209356830c75a5774fba8d75c43dc0f95979a62ab5f307

SHA512
7798c4067195592fd8ec3e7278b88ec2c67ca5fb67a73b516223c535eb96274b4088a5c0872d3107333158e33d0cb6a8f9b70cde2ff13fbcde395fa1c25107ef

Download Submit
C:\Users\Admin\AppData\Local\Temp\5d84d075e3ce6b8cbd211885509810e24acc23aab21939949a02432c4a54fb43.exe.exe

Filesize
458KB

MD5
619f7135621b50fd1900ff24aade1524

SHA1
6c7ea8bbd435163ae3945cbef30ef6b9872a4591

SHA256
344f076bb1211cb02eca9e5ed2c0ce59bcf74ccbc749ec611538fa14ecb9aad2

SHA512
2c7293c084d09bc2e3ae2d066dd7b331c810d9e2eeca8b236a8e87fdeb18e877b948747d3491fcaff245816507685250bd35f984c67a43b29b0ae31ecb2bd628

Download Submit
C:\Windows\Logo1_.exe

Filesize
26KB

MD5
51c05487419e979a0e573da43c365694

SHA1
e646035fa3b0f55e86fa30675e8f06c2ba911ba9

SHA256
c76431cf4d36713554bf9996d0b425898ba0a6de969b5bd6b6a9a2fd4384c595

SHA512
47885998e18e589c89915b5c4955c5c27c8d1649d5194e871cfa008b6afebbfcf6c55e9ad687e032e23c8aa12db7a31bd4f85e631f345bc6023841f75bbc0296

Download Submit
F:\$RECYCLE.BIN\S-1-5-21-996941297-2279405024-2328152752-1000\_desktop.ini

Filesize
9B

MD5
656878f7f928e71d7f24b57fcc0f6261

SHA1
03d784e1d3d642f69b11963a421200e3c046e6e6

SHA256
fac18ac822bec04370e7632ba99c7434d4674099af7ba5260689b778a7e13f93

SHA512
6df81d09518887c18a145a5866582839e3c8c469111ed260916acf23b759845d3ff4416539f0cd03d74dd0379aea26b247ca14fd54ecf5544a63c7e76edec22c

Download Submit
memory/4712-19-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-8-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-26-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-32-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-37-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-41-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-303-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-1165-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4712-4713-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4724-0-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/4724-9-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download