hxxp://growthpawstaffing[.]com

Analysis

max time kernel
299s
max time network
281s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
21-05-2024 15:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://growthpawstaffing.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607794785981270"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2240 chrome.exe
2240 chrome.exe
2972 chrome.exe
2972 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

2240 chrome.exe
2240 chrome.exe
2240 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeCreatePagefilePrivilege	2240	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2240 wrote to memory of 1484	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 1484	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 4740	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2364	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2364	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 5084	2240	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://growthpawstaffing.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8e7e7ab58,0x7ff8e7e7ab68,0x7ff8e7e7ab78
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:2
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2824 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:1
  2⤵
  PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2832 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:1
  2⤵
  PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4264 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:8
  2⤵
  PID:4412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1540 --field-trial-handle=1880,i,16485459642690339659,8351747453973128541,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2972

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
893059b4745ceaca1ac5fb251d1fd1b4

SHA1
5633a80459bcee4b8ca5cebe7dc8d7a515cfff6f

SHA256
12005c47d0e14ac7527a3801ca70ac1355578e9f27f62cc9aed9502c401965b0

SHA512
48deec645ba45b824d3453d072a7a7fb41259db091c5189057103b04d20ee2be4bc68a97eb08fd73bfd742266d892fd6289564e2700f2c73f23eea1babdade15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a3edd70d581d4da820bb223abec1eaaa

SHA1
8aaa23f8bfd6a77b50c04cd025f85d26dfd1b7c6

SHA256
5f2ac2d08142f4362ef8d18b8d24e528d220024e1791776424e089d6f5f1fde3

SHA512
13eed5c45c010ac3c0fd1bfb49ba40dbdb1e06df9dc64d6c1e345b6f7fa3e0b3989a47e3631cad5882e4d8c46bb08ead6316670404aaa9d78fd269b749e9fed8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1e0c32b532379444a1a1fdf156aa1c67

SHA1
04b9ef3e975a8a8027ed2814097ecea8dd7339ae

SHA256
915087246340feb06c5fcc416aab259486082ab6d9fce671218a767fa6234250

SHA512
793033c26759e8e5db6c29427d8b45faf8a36479bd55274ffde87e30b5a13b9a4580d718941051378667441a67ab8aeddc06ceab718120e70928a06c9bfb46c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
685B

MD5
02cd5fef6f052c74957f280e86f7278f

SHA1
452d1d202c627d4ff9e6ad4e1c4e8dabcba0e5ac

SHA256
b1cf003a4395af4e6b80f9d0bd2c8337e04c3710304d99b8367822924e4b7b63

SHA512
817021d8a7bc85e62d16c77a902b8da019477764e8e5c727b9cb838230f74b2be458c04154a00e724b7d755d5a4c90189201f4bc9c898432917b3d3f5ccda771

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7a1b7dd185775874e97d045df318f98b

SHA1
a238241f7f4b0b133577c5d8b1b2f185983d7a98

SHA256
41b0bf30edc9b9c913c76aea3798e1d526114f389e9a0b0dd721b29726152c7d

SHA512
6a5f3d181d799470995238ace1df1c573a7d8cddea7ec92d0676b4f4c04d37e3b4dd611e5ec018b14927d376015b8c37ee84683014804887adf3843675ebb10c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
d0c2804053526924687bff2d12aec2d3

SHA1
e59aeb80771b3ddae5a4cc7eebb03c0156a6d708

SHA256
635483697f94286e74172e0085e6d4b0f4c98b01eb08ff9d993b685d50906216

SHA512
4874de6a1b0cabf6d5d6080ef237136ae49b0ebb87dbc9cd34f88d3a59e4e43cedc97d692c47367c4a3365fd95321cdb69e1a2200431ace71d99d043b6b295a7

Download Submit
\??\pipe\crashpad_2240_VVLFPKLOADZRTLPY

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit