e45741f4e3730c4f89d5af8adecd6b69d9f9138ab6c7c6e86b01f101e6e5a307

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
02/06/2024, 20:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3dRipperPro.exe
Size

304KB
MD5

dfc8ea21fff7b6fed7f88de3e00aa2fa
SHA1

def509b343216e97736d0531a684c3c9e34d42fb
SHA256

e45741f4e3730c4f89d5af8adecd6b69d9f9138ab6c7c6e86b01f101e6e5a307
SHA512

2924164d8d1960181273540cd48a2b19310c9fabc0c9a9d496e4aa17014a83a4f724d0716417fe8eba484cc7fb02dd43b0c145b6e8c7b64f20dfa11f1e09aad4
SSDEEP

3072:ga5hly5loA4lbqLK89DYnbYcTEPWx6Zjoh/KlDjiE4sOM7mLN9QGgeTvDVD3A3tQ:ga5s8OxfWIZj5ZuvytEV0ue7

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133618330626520395"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4688	3dRipperPro.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1420 wrote to memory of 1268	1420	chrome.exe	95
PID 1420 wrote to memory of 1268	1420	chrome.exe	95
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 2316	1420	chrome.exe	97
PID 1420 wrote to memory of 3388	1420	chrome.exe	98
PID 1420 wrote to memory of 3388	1420	chrome.exe	98
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99
PID 1420 wrote to memory of 3676	1420	chrome.exe	99

C:\Users\Admin\AppData\Local\Temp\3dRipperPro.exe
"C:\Users\Admin\AppData\Local\Temp\3dRipperPro.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4688

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa8edfab58,0x7ffa8edfab68,0x7ffa8edfab78
  2⤵
  PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:2
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3144 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4384 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4380 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4376 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4896 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:8
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1928,i,5714248710057461660,3540082865623721117,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1964

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4232

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8556b3a3-d764-4702-8fa1-f2871d283af8.tmp

Filesize
16KB

MD5
6ebf98204a6a73e40db95d773fbb9b6d

SHA1
ccd51bb35b80b056b50003fce7fb3ed61664a607

SHA256
9e1e91d09cfaf6234fbb4bdfd5afe483a38029159d0018f6f4ccde70f43db2a3

SHA512
052755e697d6064f145de2c736f3ec571db8ecbb2111e8146a9dec1db0a5ba891086c16c3ee4ce88ef4a25f8824e55371624ffd46149ada79d2ea8d0552958a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d5e9ee3f5ad4363afd88a9e7cb348a62

SHA1
bfac3b7f643993bb22f1131c2406901e00c42730

SHA256
740cc4c19d3cfaafaa171c5d8ef92f0897ff8a710374a8dd51cea75f64b4380c

SHA512
649642f55f9d2084dee957c13e9efa65f6f4cb23f5a4730084cde0fb065ae20cd2b955f835b04ddf840372600c17d407f40b60a11fa513181b6f4a43feb3721c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
ec45fcea87a4c7a6fb98d365e10f20d2

SHA1
ee2f509c54aa418e61372801644a5fe06662c068

SHA256
d51bceb28bb1bc4a90b48f968ecc38e48395c2db9ea5bd949641e9d30453a954

SHA512
6f9dfb61ddd034eae50414b3cee0e508b6e4af0726eb875ceccd4af8b6905d5a75fe2c3204727c1771efabb252c556228dcd608fa8f54f2435583dc63700fa61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
66f29eb5c3713bfad4efb610c77b5484

SHA1
92f382ece8b0066a0010fa01d151b9ca5c37d947

SHA256
ec9de0d4e452a043548afe00d3fd785930e0bd0970172542320a11d1283f4814

SHA512
851ba35b59cbfab18db751307b7b959cae462a149c1514111a508b5842eab147e877a884aaa0a4c4e42ed33559f45b5701580f70534294971a5fdc0242b61da7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
261KB

MD5
6d69dcdf2e97396919cfb07f30ec21f0

SHA1
67e046c07fd8f328024eca542e5025298a17cbce

SHA256
f12fd23ad6e7c601798a13ae16cf2d51669b68845b439f18c7cf3e50999ee4b6

SHA512
d6352e23dd68880eff6c1c134aa3b3187a1eddaecd17d04e762b1875ebc89379ecb093223da4c3f01f8902fee0002738188d0ad489e6a819af6f083b17c51046

Download Submit