Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
21/04/2024, 01:00
General
-
Target
9db8ddf4a0f5f4774c044c24094eb6d78f846567b539a91af9cf699c97388fb1.exe
-
Size
104KB
-
MD5
27c6b3d13d8a175cb8f3589f570cf5f1
-
SHA1
0a676efd780232adf9120a7e21c89fac91d6f370
-
SHA256
9db8ddf4a0f5f4774c044c24094eb6d78f846567b539a91af9cf699c97388fb1
-
SHA512
d5a073d788f24f6fd40960df76f0c2f7dabebe11144e21cac6421082be56830d7c5643e5194be580a67fdb7c2be275bc08bfb8375a82d8afc39472f28301bf79
-
SSDEEP
3072:B0WMxpDA9cqvLlrlQTlNEyBcdyIsnB07tOtiaeeoVcuE+h3+rJM++SYSUZCbCdW:mWMxpDA9cqvLRlQT3bBcdyIgB07tOtiM
Score
10/10
Malware Config
Signatures
-
Adds autorun key to be loaded by Explorer.exe on startup 2 TTPs 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Drops file in System32 directory 64 IoCs
-
Modifies registry class 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9db8ddf4a0f5f4774c044c24094eb6d78f846567b539a91af9cf699c97388fb1.exe"C:\Users\Admin\AppData\Local\Temp\9db8ddf4a0f5f4774c044c24094eb6d78f846567b539a91af9cf699c97388fb1.exe"1⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Mmkdcm32.exeC:\Windows\system32\Mmkdcm32.exe2⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Mjaabq32.exeC:\Windows\system32\Mjaabq32.exe3⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Nmbjcljl.exeC:\Windows\system32\Nmbjcljl.exe4⤵
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Nmdgikhi.exeC:\Windows\system32\Nmdgikhi.exe5⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Nfohgqlg.exeC:\Windows\system32\Nfohgqlg.exe6⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ncchae32.exeC:\Windows\system32\Ncchae32.exe7⤵
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ngqagcag.exeC:\Windows\system32\Ngqagcag.exe8⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Offnhpfo.exeC:\Windows\system32\Offnhpfo.exe9⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ombcji32.exeC:\Windows\system32\Ombcji32.exe10⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Onapdl32.exeC:\Windows\system32\Onapdl32.exe11⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ofmdio32.exeC:\Windows\system32\Ofmdio32.exe12⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ohlqcagj.exeC:\Windows\system32\Ohlqcagj.exe13⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Pccahbmn.exeC:\Windows\system32\Pccahbmn.exe14⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Pnkbkk32.exeC:\Windows\system32\Pnkbkk32.exe15⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Phfcipoo.exeC:\Windows\system32\Phfcipoo.exe16⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Pdmdnadc.exeC:\Windows\system32\Pdmdnadc.exe17⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Qfmmplad.exeC:\Windows\system32\Qfmmplad.exe18⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Qpeahb32.exeC:\Windows\system32\Qpeahb32.exe19⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Amjbbfgo.exeC:\Windows\system32\Amjbbfgo.exe20⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Apjkcadp.exeC:\Windows\system32\Apjkcadp.exe21⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Akblfj32.exeC:\Windows\system32\Akblfj32.exe22⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\Ahfmpnql.exeC:\Windows\system32\Ahfmpnql.exe23⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Apaadpng.exeC:\Windows\system32\Apaadpng.exe24⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Baannc32.exeC:\Windows\system32\Baannc32.exe25⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Bklomh32.exeC:\Windows\system32\Bklomh32.exe26⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Bgbpaipl.exeC:\Windows\system32\Bgbpaipl.exe27⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Bkphhgfc.exeC:\Windows\system32\Bkphhgfc.exe28⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Cponen32.exeC:\Windows\system32\Cponen32.exe29⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Cncnob32.exeC:\Windows\system32\Cncnob32.exe30⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Cpfcfmlp.exeC:\Windows\system32\Cpfcfmlp.exe31⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Cogddd32.exeC:\Windows\system32\Cogddd32.exe32⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Dnmaea32.exeC:\Windows\system32\Dnmaea32.exe33⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Dhdbhifj.exeC:\Windows\system32\Dhdbhifj.exe34⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ddkbmj32.exeC:\Windows\system32\Ddkbmj32.exe35⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Dkhgod32.exeC:\Windows\system32\Dkhgod32.exe36⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Eoepebho.exeC:\Windows\system32\Eoepebho.exe37⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Egaejeej.exeC:\Windows\system32\Egaejeej.exe38⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ehpadhll.exeC:\Windows\system32\Ehpadhll.exe39⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ekajec32.exeC:\Windows\system32\Ekajec32.exe40⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Fdlkdhnk.exeC:\Windows\system32\Fdlkdhnk.exe41⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Fijdjfdb.exeC:\Windows\system32\Fijdjfdb.exe42⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Fniihmpf.exeC:\Windows\system32\Fniihmpf.exe43⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Fkmjaa32.exeC:\Windows\system32\Fkmjaa32.exe44⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Feenjgfq.exeC:\Windows\system32\Feenjgfq.exe45⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Gnnccl32.exeC:\Windows\system32\Gnnccl32.exe46⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Gnpphljo.exeC:\Windows\system32\Gnpphljo.exe47⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Giecfejd.exeC:\Windows\system32\Giecfejd.exe48⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Gpaihooo.exeC:\Windows\system32\Gpaihooo.exe49⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Gngeik32.exeC:\Windows\system32\Gngeik32.exe50⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Hpfbcn32.exeC:\Windows\system32\Hpfbcn32.exe51⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Hhdcmp32.exeC:\Windows\system32\Hhdcmp32.exe52⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Hejqldci.exeC:\Windows\system32\Hejqldci.exe53⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Hbnaeh32.exeC:\Windows\system32\Hbnaeh32.exe54⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Inebjihf.exeC:\Windows\system32\Inebjihf.exe55⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Iafkld32.exeC:\Windows\system32\Iafkld32.exe56⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Ibegfglj.exeC:\Windows\system32\Ibegfglj.exe57⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Iialhaad.exeC:\Windows\system32\Iialhaad.exe58⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Iamamcop.exeC:\Windows\system32\Iamamcop.exe59⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Jekjcaef.exeC:\Windows\system32\Jekjcaef.exe60⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Jhkbdmbg.exeC:\Windows\system32\Jhkbdmbg.exe61⤵
- Executes dropped EXE
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Johggfha.exeC:\Windows\system32\Johggfha.exe62⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Khbiello.exeC:\Windows\system32\Khbiello.exe63⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Executes dropped EXE
-
C:\Windows\SysWOW64\Kibeoo32.exeC:\Windows\system32\Kibeoo32.exe64⤵
- Executes dropped EXE
- Modifies registry class
-
C:\Windows\SysWOW64\Kcmfnd32.exeC:\Windows\system32\Kcmfnd32.exe65⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\Khlklj32.exeC:\Windows\system32\Khlklj32.exe66⤵
-
C:\Windows\SysWOW64\Likhem32.exeC:\Windows\system32\Likhem32.exe67⤵
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Lafmjp32.exeC:\Windows\system32\Lafmjp32.exe68⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Ljpaqmgb.exeC:\Windows\system32\Ljpaqmgb.exe69⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Lomjicei.exeC:\Windows\system32\Lomjicei.exe70⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Ljbnfleo.exeC:\Windows\system32\Ljbnfleo.exe71⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Lfiokmkc.exeC:\Windows\system32\Lfiokmkc.exe72⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Lpochfji.exeC:\Windows\system32\Lpochfji.exe73⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Mapppn32.exeC:\Windows\system32\Mapppn32.exe74⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Mablfnne.exeC:\Windows\system32\Mablfnne.exe75⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Mhldbh32.exeC:\Windows\system32\Mhldbh32.exe76⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Mbdiknlb.exeC:\Windows\system32\Mbdiknlb.exe77⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Mljmhflh.exeC:\Windows\system32\Mljmhflh.exe78⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Mbgeqmjp.exeC:\Windows\system32\Mbgeqmjp.exe79⤵
-
C:\Windows\SysWOW64\Mhanngbl.exeC:\Windows\system32\Mhanngbl.exe80⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Mfenglqf.exeC:\Windows\system32\Mfenglqf.exe81⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Nblolm32.exeC:\Windows\system32\Nblolm32.exe82⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Modifies registry class
-
C:\Windows\SysWOW64\Nqmojd32.exeC:\Windows\system32\Nqmojd32.exe83⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Nqoloc32.exeC:\Windows\system32\Nqoloc32.exe84⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Modifies registry class
-
C:\Windows\SysWOW64\Njgqhicg.exeC:\Windows\system32\Njgqhicg.exe85⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ncpeaoih.exeC:\Windows\system32\Ncpeaoih.exe86⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ncbafoge.exeC:\Windows\system32\Ncbafoge.exe87⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Niojoeel.exeC:\Windows\system32\Niojoeel.exe88⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Modifies registry class
-
C:\Windows\SysWOW64\Obgohklm.exeC:\Windows\system32\Obgohklm.exe89⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Modifies registry class
-
C:\Windows\SysWOW64\Ocgkan32.exeC:\Windows\system32\Ocgkan32.exe90⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Oqklkbbi.exeC:\Windows\system32\Oqklkbbi.exe91⤵
-
C:\Windows\SysWOW64\Ockdmmoj.exeC:\Windows\system32\Ockdmmoj.exe92⤵
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Oihmedma.exeC:\Windows\system32\Oihmedma.exe93⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Ocnabm32.exeC:\Windows\system32\Ocnabm32.exe94⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Pqbala32.exeC:\Windows\system32\Pqbala32.exe95⤵
-
C:\Windows\SysWOW64\Pmhbqbae.exeC:\Windows\system32\Pmhbqbae.exe96⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Pcbkml32.exeC:\Windows\system32\Pcbkml32.exe97⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Pjlcjf32.exeC:\Windows\system32\Pjlcjf32.exe98⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Piapkbeg.exeC:\Windows\system32\Piapkbeg.exe99⤵
-
C:\Windows\SysWOW64\Pcgdhkem.exeC:\Windows\system32\Pcgdhkem.exe100⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Qjffpe32.exeC:\Windows\system32\Qjffpe32.exe101⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Aplaoj32.exeC:\Windows\system32\Aplaoj32.exe102⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Abmjqe32.exeC:\Windows\system32\Abmjqe32.exe103⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Bmbnnn32.exeC:\Windows\system32\Bmbnnn32.exe104⤵
-
C:\Windows\SysWOW64\Bfmolc32.exeC:\Windows\system32\Bfmolc32.exe105⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Cbkfbcpb.exeC:\Windows\system32\Cbkfbcpb.exe106⤵
- Adds autorun key to be loaded by Explorer.exe on startup
-
C:\Windows\SysWOW64\Ckidcpjl.exeC:\Windows\system32\Ckidcpjl.exe107⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Cpfmlghd.exeC:\Windows\system32\Cpfmlghd.exe108⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Daeifj32.exeC:\Windows\system32\Daeifj32.exe109⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Dnljkk32.exeC:\Windows\system32\Dnljkk32.exe110⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Dkpjdo32.exeC:\Windows\system32\Dkpjdo32.exe111⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Modifies registry class
-
C:\Windows\SysWOW64\Ddhomdje.exeC:\Windows\system32\Ddhomdje.exe112⤵
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Djegekil.exeC:\Windows\system32\Djegekil.exe113⤵
-
C:\Windows\SysWOW64\Dgihop32.exeC:\Windows\system32\Dgihop32.exe114⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Edoencdm.exeC:\Windows\system32\Edoencdm.exe115⤵
-
C:\Windows\SysWOW64\Ecdbop32.exeC:\Windows\system32\Ecdbop32.exe116⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Egegjn32.exeC:\Windows\system32\Egegjn32.exe117⤵
-
C:\Windows\SysWOW64\Fcekfnkb.exeC:\Windows\system32\Fcekfnkb.exe118⤵
- Drops file in System32 directory
- Modifies registry class
-
C:\Windows\SysWOW64\Gclafmej.exeC:\Windows\system32\Gclafmej.exe119⤵
- Modifies registry class
-
C:\Windows\SysWOW64\Gnaecedp.exeC:\Windows\system32\Gnaecedp.exe120⤵
- Adds autorun key to be loaded by Explorer.exe on startup
- Drops file in System32 directory
-
C:\Windows\SysWOW64\Hqdkkp32.exeC:\Windows\system32\Hqdkkp32.exe121⤵
- Modifies registry class
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-