hxxps://www[.]puzzlefurniture[.]com[.]au/brou/brou/

Analysis

max time kernel
149s
max time network
150s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
09-03-2024 19:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.puzzlefurniture.com.au/brou/brou/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133544853151205057"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3152 chrome.exe
3152 chrome.exe
1420 chrome.exe
1420 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

3152 chrome.exe
3152 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe
Token: SeShutdownPrivilege	3152	chrome.exe
Token: SeCreatePagefilePrivilege	3152	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe
3152	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3152 wrote to memory of 4236	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 4236	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2128	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 4264	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 4264	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe
PID 3152 wrote to memory of 2096	3152	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.puzzlefurniture.com.au/brou/brou/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3152

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa8f1b9758,0x7ffa8f1b9768,0x7ffa8f1b9778
2⤵
PID:4236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1524 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:2
2⤵
PID:2128

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:8
2⤵
PID:4264

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2032 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:8
2⤵
PID:2096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:1
2⤵
PID:1940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:1
2⤵
PID:1436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:8
2⤵
PID:2188

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:8
2⤵
PID:304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4704 --field-trial-handle=1728,i,1564822027682870647,12681199957936518683,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1420

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:436

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
72B

MD5
dde5837e1fe5fe3dda66d2347b30863f

SHA1
938ba0a005f7c5d5e11d1136ae699c6ae109a64a

SHA256
068f8e1a06c75cda9904163df6b6c1d21e22303351d685c7d5beda046ab05288

SHA512
ecdff5258d5d96958838312ce09e023d043e0ae293fdbc7ffb72bfe8a653a1c97e50f433ff559e4f0e30f2bbe9361aa614d5ada936a8885e323c69d0bf661168

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
941082d95ad6d89e02690bf2a311953e

SHA1
b32afb807ea26d10b5a589e96b4ef5e4cb4e263d

SHA256
27ae460a4bf2fc6106cc49bc2cddf49d4bcbce87caf268b18bc5cdebed98a1bd

SHA512
eef91510e0fd385d5b5b680f806a61ca750abfa024f53c4564291ef8a3038ba55db09e63026e845a1083cd59ab58e72461c17c55951913adae351f9f0de5cfc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
987B

MD5
6e9e613414dc725b391d48198e8502b8

SHA1
d70006aa220566db8d79d291a6008a97a7de6de1

SHA256
27d010d4ba303b21db99a2b60aa08480d5b7c8dcb721c3d6984ea0960b12b9e3

SHA512
003651e03c4c47976a92e0947c17ac8b284fbb2eeb3160421f8a627601c000afb3fe62317b85f126c9d9cfa565e705c4da9b5bd41ebf935c7e7a0688519e77cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
663754794df54992b1e838b510d63ffd

SHA1
edc53e73b0e96fc5942f896ceffecf51aff469d0

SHA256
9d47db46bffa5c7eaf2a4ff4d94115ee478d68cfc6ac3990e027d76553e75a2d

SHA512
7d104dee51258d27aee02fe610c2a4bdd82b0305789a4d39c4f6cd89289ff68a8e021406468434cc6575c0f97f41136ab463d4b7355074473ff4bae5556b6148

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
866e50d4cddd48fe4dc41ec4404f5cb3

SHA1
c934ffbc0a9f9fbe3ff9f7747107b4263f72a415

SHA256
c7e255f80186f294fd130bb02616fba56bc86bdfcf7fe571f497a798c8c3e580

SHA512
0b3e6351b5e282a90fa2e6790343748203ee96c0810863634689362f91f41efbf8258ef9ae8e94da1555c60113ff27ff64ae838a5653fff264498a53e83d7c4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
236c425b9ba1aaa81e2b76ae8e62213f

SHA1
b9a2eccc6add80c56a4ded26992cee28a4afd932

SHA256
d068950474fd5db9a5d0a43af39299d42f6e08bc79785abf952cbc9aaa80866e

SHA512
057315d859be3add8f71ebe8f77e48e5deee1fe1c347e5533e4962308e41a20a576ec47dbf57af80218401c9466ddb10e52723678f5b810a405402213e721f2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
130KB

MD5
436ea0ea7c55268f552108e1185e382e

SHA1
ea1994e76b1468504a16dc222b7838d5f1c815ee

SHA256
58b82a6ea967312086560896972ade581a46fea27865bbe7770d0a797feddb1d

SHA512
c011bec158f280d6c5d135ba23b85b37839a8cad173a9fdd515fe19eb294e97c6970568cd7699bb7c5032338024344188c0b50f5b384a09bd2ab8e5d914e27e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_3152_TQROFYYRRGPJGIEC
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit