890c0ee515f899fcdd032f11b5a7298ed33626b75f239d0011830c78c84bd729

Analysis

max time kernel
156s
max time network
167s
platform
windows10-2004_x64
resource
win10v2004-20240226-es
resource tags

arch:x64arch:x86image:win10v2004-20240226-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
26/03/2024, 18:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

González-modulos-cumplimiento.html
Size

1KB
MD5

79b38af7ce11800dd434b39e06ff3139
SHA1

fedc2cbf3408287b7453e53f624a63cfa632c249
SHA256

890c0ee515f899fcdd032f11b5a7298ed33626b75f239d0011830c78c84bd729
SHA512

3372e32157e97685e0a83e2935e3395fa0a28173effc854645e2d588d93c24db3650e1a620cd56fd38792438cb69a91224a8f4d656319bb81aed166606dfa419

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133559498452639473"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2292	chrome.exe
2292	chrome.exe
1556	chrome.exe
1556	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe
Token: SeShutdownPrivilege	2292	chrome.exe
Token: SeCreatePagefilePrivilege	2292	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe
2292	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2292 wrote to memory of 1304	2292	chrome.exe	90
PID 2292 wrote to memory of 1304	2292	chrome.exe	90
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 872	2292	chrome.exe	92
PID 2292 wrote to memory of 2096	2292	chrome.exe	93
PID 2292 wrote to memory of 2096	2292	chrome.exe	93
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94
PID 2292 wrote to memory of 4020	2292	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\González-modulos-cumplimiento.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff87bdc9758,0x7ff87bdc9768,0x7ff87bdc9778
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:2
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1952 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:8
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4824 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4696 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:8
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:8
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5540 --field-trial-handle=1960,i,1319444057990477361,9548419402727582607,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1556

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3740

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=es --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1036 --field-trial-handle=2236,i,3767879903388292704,1374608533225245713,262144 --variations-seed-version /prefetch:8
1⤵
PID:4364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
fe27b5bceaf12d6bb2958283c1141f3e

SHA1
1eaa96c38a4bc6be3e55cfdbc965c235e9359288

SHA256
d13f20edb3fa2044981d0a8eb546a6f3a10981d792cae2f748b4f47b60b56f1b

SHA512
9e671e95c05d3cea3076dfc97841c6562881913c7a2a340d154820976e8a7843f3d744ca24acfdd1785bcb1da70e33130652688746116fe8e9e69e5eb0676a59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
38910c844558dfc3c4dedd85c3f78c37

SHA1
5c2e1fd840904a0726596340a8660f947035d68d

SHA256
e19a33cfa12c20a09d0a102b8fbaa610ed72ba34e816a81b9ebc0b9691f189a0

SHA512
0b1540333630d00b2aa8991c55945864e1598b3bbf458b6ee375c8e7246ed8ed641570f8f0c8703f901e0d46e7bcc8ae6b103bf61fd57593c75cdcd61c4479ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0efd3d01bb3e90a2707a88156e676a7a

SHA1
a789e7885686bde47df56d2feafb767cfe5c1996

SHA256
dbbcb6c808ca6cff65735d9b3b4812e4993d8983bcf1f0dbc8321d88c3a1cb8f

SHA512
cd3d9983a82b3bcf278a8fbebe036c11f1b8cfcfcf8cce1bea294d1dd98dec2d5940409699629322f479ca14d4622a2cdb15306f0469709ef25696057b946c3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37342582790e79f24e7621d1530ee8d8

SHA1
f9c65c6618bab97f1276fc4838d4f19c45c12ba4

SHA256
d899c3eff86a733b27a831f5be9b672b630ec61566a1bb7c00a6829005a9e30f

SHA512
ee742b135c7575e6bcffcc8f4efae1abc871a9c449502ea167f15784c3117d0ac43189f307442a9519cf5e9df24299a206e3d4357e56299dc31bbba65b4e41d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b22b6116649b6ca222f203ceab19709a

SHA1
52d003e65184b8b0d5fc2b46540f447556b68fac

SHA256
34818284c956c4427922c9924d7bab7ef821bc203db2781cb8f8dd01498a1bc8

SHA512
b7bf6ecdbb535c100fed6619283ebed5e2ff0310bc8d0e6f2420a7ec4d467978acb364bb179d8dc232e0b1d736285d2489fe9f5d6e3f56002b72c5382e61ed98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
253KB

MD5
22297d07034a9e88b1990b2c21fd382b

SHA1
8f5079e3907853ee711c56b92aca708c5969c2c5

SHA256
a1ca8c8073b9414877cd730784e58e8d905ea96553c722276cd83080f51cf9e3

SHA512
7c1f6301343a7110a6b05faac8abbbc62cec75b8bcd2bc0e479d8b1553fcfbb147a903bef79517b92cc7cda63369eeefd3b769093f5236d2e948b710f6ddf2c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit