hxxps://www[.]tryinteract[.]com/share/quiz/66102043a3c49b0015a35067

Analysis

max time kernel
300s
max time network
299s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
06/04/2024, 00:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.tryinteract.com/share/quiz/66102043a3c49b0015a35067

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
76	cloudflare-ipfs.com
77	cloudflare-ipfs.com
78	cloudflare-ipfs.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133568368022248361"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2948	chrome.exe
2948	chrome.exe
3232	chrome.exe
3232	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe
Token: SeShutdownPrivilege	2948	chrome.exe
Token: SeCreatePagefilePrivilege	2948	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe
2948	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2948 wrote to memory of 3124	2948	chrome.exe	86
PID 2948 wrote to memory of 3124	2948	chrome.exe	86
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4868	2948	chrome.exe	89
PID 2948 wrote to memory of 4920	2948	chrome.exe	90
PID 2948 wrote to memory of 4920	2948	chrome.exe	90
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91
PID 2948 wrote to memory of 1608	2948	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.tryinteract.com/share/quiz/66102043a3c49b0015a35067
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb58a79758,0x7ffb58a79768,0x7ffb58a79778
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:2
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:8
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:8
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5280 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1888,i,17278682450685761559,9669376345625105344,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3232

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
192B

MD5
8ed42d69f55d7c4441953f9eb87e548e

SHA1
3873a5abd934c8b0070961da14d9c5acaa129113

SHA256
455e09f11fa8ceaa75fc7e979fffcef934e245cb18abb4976ccff9c7185fd361

SHA512
f7921cb0ac4ca4363e55a96de6f1ecdf9db38bb299e0bff36ff01da719ecde0a6bf51b6641c339dd6f7a75d390cebfacec0c0e4a749f111bb792a1eeb5f7ce49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
7255834a29f411176042c0e16feb45da

SHA1
77de4c35cf0d13158b4e63dfebac242801f8788b

SHA256
ec5087a43b4258779caa4197fb49805b6a6b7e9d4471db11fc92bd9834df4bed

SHA512
5d6e43176d627ca13baf886a182670d22f3cf6b1b6e5f1c561338afa500b70702c04ab91cc5643f0156e5c5a013d7fe335bbcac74f366648319f4efee81c7893

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
33ad5beeee674f53978704ea73a6119e

SHA1
0e547354836709984ae830760e09bdc40dd00826

SHA256
2bce35d46a91e214cf2ad63bd21a8fd24cc0aa24270be4e2ee9cd3ce6756faaa

SHA512
3074e6f7d56924017201f04a317611577f9437dbc635ee3e5f93525099bba4c09fd97d29edfcdcade18511e2ad7f7d278e051038278fb81283406da82696c85e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
649849378d19e2cfbe6d30bf8f9665ad

SHA1
875f6c3a717ce989be854568b43487e3bc54c0fb

SHA256
68aac770657cb08d2b742a7d5d4ae34be0cd3896bdb6ae0ccd43353e88276343

SHA512
b90c7d754e5edda678258a5ce375d6d54d18bb35959ace9c8adb77af376887eba4a1d055fe494a03408229b8fc902be486d9db3cc6db0751270f149380becb03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61f563cfa14d1b489db7c4aaf1fffad1

SHA1
27e926dc13e538e7716d851c3e9187b87b6b98dd

SHA256
2992e18ba06a86c765d72c47b860a12093367534686769e912c0e311fd9d7429

SHA512
2afc097392f3f3c428be61f7587c5c4722acac698ce91a1558d7d510d674005d32142fdff22548981a4245e470eed479770a771567cec3f8cb828ccbbe5bc970

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
761484bc935163bb24b2438decac7519

SHA1
7912cfbecf3c879f7787b14d8676da42c64f6da7

SHA256
1c1cc081e9451a1d018c59f4278a682f8839965b3463792ce7b3c378ae7d892b

SHA512
ad7f53f7d8ca9ef7883dd99534897bf9687169a58ee0883cd94fa401a713e4d652ad3fa1eda963b5204a2b23e3c6559e52911c0506b9e07d7eb97a5222db9832

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e615369a84f39f0f5fad2010a3e00e59

SHA1
50a2c9eeecf69fe988404d1fcc9fde0cafee2bb6

SHA256
1931f9ffced9eb78732cfa81e2e03593b53d2abada192c2c8420515144aee1eb

SHA512
f3ae59616bf6933eaabbfdaa5cc1d43e1c0ce4b59ce2d40f2f6906fd71cfcf850e2b8b4649bc74332bbc62f76cb45cfe45b5e5d12ea2bc20552cad6000a2df3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
bb4f784f9eada72a01ecb6ad34b664ae

SHA1
7427c60507e044291d8186955b8da4d818ad1e64

SHA256
b26e1318b1a02c1741062b7a6c07b9d18f2fbf31b7a2ff31a185a1f7539a1e31

SHA512
0632debf47b60f8c6041b806df6af6dcb307bb098c08d24b42b9bed8a17db4e5d47e1c8250fc2c1b52a453bebc4a6e0f16bdc1a83df1321d1d4a7ef1c2452cd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit