hxxps://ludicrous-apricot-nightingale[.]glitch[.]me/

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2024, 22:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ludicrous-apricot-nightingale.glitch.me/

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133652101852976901"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2636	chrome.exe
2636	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2636	chrome.exe
2636	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe
Token: SeShutdownPrivilege	2636	chrome.exe
Token: SeCreatePagefilePrivilege	2636	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe
2636	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2636 wrote to memory of 4636	2636	chrome.exe	83
PID 2636 wrote to memory of 4636	2636	chrome.exe	83
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 3688	2636	chrome.exe	85
PID 2636 wrote to memory of 404	2636	chrome.exe	86
PID 2636 wrote to memory of 404	2636	chrome.exe	86
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87
PID 2636 wrote to memory of 5004	2636	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ludicrous-apricot-nightingale.glitch.me/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7652cc40,0x7fff7652cc4c,0x7fff7652cc58
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1972,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1968 /prefetch:2
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1624,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2072,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2448 /prefetch:8
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4604,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4692 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,17007901471001193947,13284636626181313462,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4892 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4900

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3752

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
20147bba2d4861b0a2a47d745b0c508e

SHA1
d30ee5749f0e3a2eee39d072da363276823c9bc0

SHA256
c85195a32aee6ae0e01d92f83a40552ae566fcaff94cf41f8e175d0bd6266111

SHA512
d1912345723d19b33b62bbc54c4dba511cc55959b5a39a46f21d1606e6c8bd584e68db0c9cb778d3429397c350ea3869a93d70824264998c40734219ade09948

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
7b9bb49a91883653e3a7863d2e5ad68c

SHA1
6d369db3d04a24e488432acf92c98a3eed05a635

SHA256
24eed0b5ac3e347f9329b491cffc60c667739a1c97b52146682045267a15ea53

SHA512
4bca603db7fadfe44b0a622e55cfd2135a3395d50dd51a99f4927bee6b996a331a0a7261771b4146422bf2f34f4b4291dcd53f561cbb73c80cdcf3737585aebb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
dfdb5944a41557df3b401e6c26c7c8fd

SHA1
e0ebca0c4007cff575f0ab69ab7df0b2e47000cc

SHA256
dccb24fd3eaf258dd3214c4b464fbae33f5d7ecbbc0a9be651f7c5ba4a9455ac

SHA512
a9cb544adacdcebc1144bafd2c35f22d32a4425cec1ab63bacbd3af76afba9ce7266004935b8b8ca7f3900d9b5700cdf9fa4eebbdc677b4e55517f3772c17a5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3f5dc7f450581e8a104351b0bae9e395

SHA1
58abe3172855366dacaa0d7a7137637fbc304177

SHA256
f43d19bde819ca1a6e2315c25009827c2749ce3219846a771b65942c14399e7e

SHA512
fb72a8e131013c3d56c39da74c7000873733ed5e753da813b625e107712e343bdcbd57dbec6b72b51faf92ea043d51a2f8925f1ead4b6d2d18904302b84c427c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bc29fd46dcf8536be57d155a1e09643c

SHA1
f08e6353dbca2615ea48b2031b6db7a05aae4d06

SHA256
dd8b2ac1da3612f7d00ae543580eef9b5072ad9fe2b77955dcfa19db91f8c966

SHA512
2753a21fc56e21b7ce33f496f1e48a36a4c002d0c098dc93ded069ceceedf14a22e7d1216d109b64a95433312ac873c4b5722ef65862934d3ec25e6d428e4f78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7b810bdb395a1800e8bf0761bcdb4dc4

SHA1
1aa9d452c38244b7da1cee79b76de514200adce1

SHA256
634ac41390e574aa2ec55b5e9266088b77319f47e62eccd58129ebc1992bc56f

SHA512
50dc59b62bd82423f61f0140a47afbcfa1b83e53da223398c67e6551d84fbb60ff7954bdd7ecd3635daf13433f69cbefeae50bfe5350f6a50cee1bf1628c9b0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3ddafa6fc831e44f639427035c1ea815

SHA1
72e7edf78455f9703523237427536b88025ee8f3

SHA256
e7d057e0bdef95448f2c4e96b2c6d1de46d48733ce5f169993e059b9c692e63e

SHA512
aca20af12ead161041cbeb80712671fb63f374787d083b636833f63d1aa565d337d255ce70c3abe51ddde2753724b756741081ce5d70aeb7795a6a3e3e8dee0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
5c71e1fe0e17380bfcd4e017cbe67098

SHA1
746b26419d31751257e72646000e3c6baf09168d

SHA256
0865b459243fc3f6347c6a631110621e2a65e99ae68b83829f9cb3146a5c4409

SHA512
337b6d46a9daaf05ba84acd09fdcae80d958d7d6c2c4a1515af170991266b70a271239925007954d3be07673e1ea4230c179f0448d260b6c702e04cec1fa0b7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
c91ca9c1dd3ac1c3340b6d467faa6125

SHA1
26fb1fee90da26a2ccb07c5c14f9bbab49be983a

SHA256
7e0fedc6287b75d28ecb1c89ccd6458155d2e7d316d6a7c559e8889e58ecb265

SHA512
d8e39c2b71ceb0b650f6b41f3d21c66d97c1a9d23a946e0ed64c911b523aabfe81cb8aecc7c5ed367ab0f2387012fecc67ad8174101d2113c8ad125be30d841e

Download Submit