lumma | 2b2fd95984dbf853760e6443af81577607ce35c6dee3124052fda17dae43c130

Sharing

Copy URL

Twitter E-mail

General

Target

@#Pa$$w0rD__9095--PC_Set-Uᴘ#.zip
Size

7.3MB
Sample

250102-sn7f2syphm
MD5

5c32a9462ad1bb00150ab0606583c452
SHA1

10bc530023f6803ef66d27a34908836b0ca0d470
SHA256

2b2fd95984dbf853760e6443af81577607ce35c6dee3124052fda17dae43c130
SHA512

8ef8591ab351b0febba44b39e166e2429e7713f44ea42c4322aa78d0369b0bc9dce43f2642e21cba4cc35d08a5b6f220ac64062a6d25af0aeca2dede67de3404
SSDEEP

196608:gP0eE5K0JIRTMsoO0k8pzf7RBdDPcpdeXZyCGWgb+:gPQK22Ms30kY7tBVPcrKKt+

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  @#Pa$$w0rD__9095--PC_Set-Uᴘ#.7z
- Size
  
  7.3MB
- MD5
  
  15457cc77438808b2272d5ac665522d8
- SHA1
  
  deffeee6099b51e2b768458ffe6123c0aade5287
- SHA256
  
  a133bb958667271b103dbaf75078dae059b78fdc44034e415e3e0a0d5e8fed44
- SHA512
  
  fffff168a4c1ff4ca6b8a36312c6a00e7af51e6c952abc0c80ade3eeb0477ccacf2eaaf86ac232f94438603812416a4bc39720bcae03565cd26ff0b3c01399fe
- SSDEEP
  
  196608:3P0eE5K0JIRTMsoO0k8pzf7RBdDPcpdeXZyCGWgbi:3PQK22Ms30kY7tBVPcrKKti
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1
- Target
  
  Resources/Data/x64/posix_getsid_basic.phpt
- Size
  
  305B
- MD5
  
  82c468e7d7f112db07d359e77f5dae65
- SHA1
  
  c31ba1adec6e1d4ded111bdc5070c6ef05f3ca80
- SHA256
  
  270e38d67822747e01601cf2ce6d0c01a79f953e0f3d72db83242ce20a4ab116
- SHA512
  
  8953eef879e2964ac0cb2831dc88404dea4866a418e1266f7202e59ee7209f9798cc685fdc33c1834a2d6ca1f2bb840cdd579a5775697b7bc4055e89b4bad749
Score

3^/10
behavioral2
- Target
  
  Resources/Data/x64/r4_groupH_simple_rpcenc_017w.phpt
- Size
  
  1KB
- MD5
  
  c9ff7b8b28e4f6f1960cb2250a51b4e9
- SHA1
  
  4b7236cb5d51ea64907c85c2520e7d58de500852
- SHA256
  
  19566e8db5d6df0af3b0db04c081c8755d51287d6cf037ea76daa149719594a7
- SHA512
  
  ae8687155ae836cc2a8085e784e153b992d81063db662224497ee2f4c4999446fbfa79d34f59410ab69f7c469ea28530fc1e1251e480d3af5f528c8cb9f9aaf2
Score

3^/10
behavioral3
- Target
  
  Resources/Data/x64/schema041.phpt
- Size
  
  1KB
- MD5
  
  5f51b9a1581bb2f88ae0600b136b25df
- SHA1
  
  248d71b7eec2d96849750c2a624a61cbfa69e046
- SHA256
  
  cf261ac81f1aeff1f9a4cb5f729f842cbe558643b87082e1d9cdd6d72bf5bf47
- SHA512
  
  55cc81f3d20301bed713cd07b37aebaf29d715ced332a310c0d3d154b3501af7515e4c3c0497e0d666fd339256f48aa5f2d6e376f2a9b1eee433a1c869d18b62
Score

3^/10
behavioral4
- Target
  
  Resources/Data/x64/ssa_bug_008.phpt
- Size
  
  199B
- MD5
  
  aa3651726cfcc4dbfb8cf13e42772fa6
- SHA1
  
  5f50a4acc05d143986a939b779a0295046346c3f
- SHA256
  
  927c6df5510e71d59ca45743f397583b30c3a0eb79e9ae70c6f176d86e5ae3ff
- SHA512
  
  b303f9971d8a263723b6f8e087c53b8767e8d73a40e0e754a619cec032fbb01ecc4c5ad08381bcf4bbf0dde32392feb4d8ac6b6a2f321f01223c8327cf04e94d
Score

3^/10
behavioral5
- Target
  
  Resources/Data/x64/template_cloning.phpt
- Size
  
  348B
- MD5
  
  86f88ce67edf11ec07843b2ece52c3d1
- SHA1
  
  d2da9ea58c174a33c326eacf7eae0d8e3b5e5cd2
- SHA256
  
  ea323f40cc23b4122a25b13dc4820b4f254d65d19ccfee7c2e3eb2e0d7d1e27e
- SHA512
  
  2b1dab3d31469ce90452eb00171ff8a07546853c4e249cc62a0897591d89160d8fcbf72335b87d8384b5b1a503718116b40764f64457cd0fe08be33f169d190d
Score

3^/10
behavioral6
- Target
  
  Resources/Data/x64/try_multicatch_007.phpt
- Size
  
  398B
- MD5
  
  0ae10b5a262b1c585840c27f230af9b1
- SHA1
  
  5f22a8a97b3b18d64e6df22bda76e7290529c9ea
- SHA256
  
  477b23e295bb09960cca04b676853c2038fd93e5ba87f92ec17ef632192e557e
- SHA512
  
  66ee8074e136ce73c742894d69cc546515dfe67075227dd6069011638e6514bcbf74dccd6c374345f25860cb13c8e065683ed0535ace94fc43055f339ec13999
Score

3^/10

execution
behavioral7
- Target
  
  Resources/Data/x64/x86/T33.phpt
- Size
  
  670B
- MD5
  
  ec3a7b53d44a86fbb688725cc780f046
- SHA1
  
  20a1d35ad33198238606ecd259e1de4d9eeb8bc8
- SHA256
  
  999f4fd02fbbef0f37d09884542a67e518bc73c0fa7248ffb374e01c4a630dae
- SHA512
  
  125274408ff309c03c89e84c8dbcf14ff55beb23550c3ea1754d976ed286e1b874c7453cd3dcfe186e8b1a7e6e867c68c010b7f551bf2cb03ea90a1a9c6a45a7
Score

3^/10
behavioral8
- Target
  
  Resources/Data/x64/x86/bug64007.phpt
- Size
  
  747B
- MD5
  
  752feede3f76f05f53a8910b1d018d42
- SHA1
  
  0f940b348732686948502c88e3f1f42ae74479f5
- SHA256
  
  83edaaca206481ff1fb220e0aaf602804ae1e788ded802763575db25d9a82149
- SHA512
  
  2751868e2455ab1a1be6475b512e136c38ad91bcca38f916bbcf7b74a477e34e081a508a6ed3c6dc327f6c8ef51de9222953a009fa56f591850602e6cec4aad2
Score

3^/10

execution
behavioral9
- Target
  
  Resources/Data/x64/x86/bug72094.phpt
- Size
  
  3KB
- MD5
  
  fbfa8f624c863cc13e663776bba2a034
- SHA1
  
  ca21423a52cce85343d6118b6fda74fd370677ba
- SHA256
  
  cf0c576b884c43e675c267d9d33085c61fad3385fcff8884e5b936c55a8fa89a
- SHA512
  
  baf451e52a450c71020434999bf3692cdaa39da1003e50c78b986edd81ee846a4b27df8b1a89466ab7422b4e7d68608efbf3efbfbb356d3f79f0e2742a2545af
Score

3^/10
behavioral10
- Target
  
  Resources/Data/x64/x86/foreachLoop.001.phpt
- Size
  
  956B
- MD5
  
  4ffedada6d444499fc98e583e3410b9a
- SHA1
  
  0386f5a0b203155fa55296a22c262227a2be934a
- SHA256
  
  760e7a3ee7e203a655ababc23eed823615276aa44e0e91049fb49d0474243ecf
- SHA512
  
  1ba61b7b722661d5114cab21b3c24e8347c34a9fc8431625831584632dadcb524deb9422eceecc6853c9126eab5fb8c3934bcdfe77bc43fe9ca956132f0a2127
Score

3^/10

execution
behavioral11
- Target
  
  Resources/Data/x64/x86/fpm_scoreboard.h
- Size
  
  3KB
- MD5
  
  604bbea166975472c09ca3ecaeb2ed91
- SHA1
  
  be0587b54393050203692c5236eab204e82ab6ac
- SHA256
  
  cc2aeed6f2e108f12d47d1409c6fcf53b6749534e435ef8622234335f3c21558
- SHA512
  
  c5a4b221ba4591812c4fd02eab6bbb5db78ca90cdd779b76ba70f4efbb1c650ed9b6fee91c8ac883b6c4f98bdf62735131717c6eaa5f1c608953020953c9528e
Score

3^/10
behavioral12
- Target
  
  Resources/Data/x64/x86/frontcontroller16.phpt
- Size
  
  333B
- MD5
  
  735862d12e87a717124d1662c7b53e3c
- SHA1
  
  492507a6557571f85e0a72319b38bf455b4193b2
- SHA256
  
  def0241a62a41e3a671941a372b9c9001787a23e5c98b780d8f16f6d2ffa2aa7
- SHA512
  
  90ab2d40ca74e68e36fb01360d5d3927c5c184fb399497bc54b98e9dae0f13e6e793dcc67f62e973d8a554da25ff87ebefc42ed1d0847a0fbd4f66e5696214e6
Score

3^/10
behavioral13
- Target
  
  Resources/Data/x64/x86/gh12908.phpt
- Size
  
  415B
- MD5
  
  4998a6abb46382400e471e439de31b1c
- SHA1
  
  8edd55d7e769d1973f36390fe9f388d742169988
- SHA256
  
  5697a796e2a739fc911294efd076d946a52f25804b37d7392a8dc1a9324d2848
- SHA512
  
  bae8321ed53f7a514b2f93e322b4546d668f496197775e85b8222b3256e7df12145ebe5ef5c67d009dcbee156933a592984627c19f8ab3916bf4b3640376ab19
Score

3^/10
behavioral14
- Target
  
  Resources/Data/x64/x86/gh13991.phpt
- Size
  
  395B
- MD5
  
  a94a76b71c726c0d3e3fcd114f87b27e
- SHA1
  
  8c7407bb9991dbc57ee6a4f11e772e6a853dd5f9
- SHA256
  
  267f8be6fb2fac6be1175de4510b4a86b10ebac05ef2efba0a49d40fd03a1d3d
- SHA512
  
  0d06791c3dec37203134be131e4af6bb3d117851a4423ecc604ff9c7e3bee62bff46680d74e00add90c634b0fd4753ef0ec948abd0d15432e0e88ddb950e1050
Score

3^/10
behavioral15
- Target
  
  Resources/Data/x64/x86/indirectFcall.phpt
- Size
  
  903B
- MD5
  
  0dc5b2b01be9e73b87b72ba0c3d1b69c
- SHA1
  
  0c677e7110b519271a23a5d435627a00eab7e7b2
- SHA256
  
  519755f0020b9f523a0923f6fbcd6aebc806b885b861daed080d9bc8e259393b
- SHA512
  
  ab2262fc25ffe34f5df02caab547c79e5b057ffeda45c082820d4e99e5f7876fbd0dac904f7f374f523a7409ba6a3b11ac767da485bfb0e2328ff9f91439ecd0
Score

3^/10

execution
behavioral16
- Target
  
  Resources/Data/x64/x86/make_s390x_sysv_elf_gas.S
- Size
  
  3KB
- MD5
  
  f6e61d274b67aeb464f03077933fe443
- SHA1
  
  cd8f3d0bf8d462eb28bc548c70d9cb3592af0fb0
- SHA256
  
  95e7be1dfd9c0ec6c77fba0bd853e7cc62484bf10173bd712ba062404760d52b
- SHA512
  
  57cec6b987fc947041384f2a7c85c816090017b71d0fca30b3f53e6f2d37a3cbe6a6e78532ca75f8c9734efa7b94c150f5c30a0b3d29ae27dea79de8d868d51b
Score

3^/10
behavioral17
- Target
  
  Resources/Data/x64/x86/openssl_password.phpt
- Size
  
  934B
- MD5
  
  386092fd327c64e9d6927372872ac67b
- SHA1
  
  a7966f3a8a634d09797bbf000e84c033122635bb
- SHA256
  
  c0be72b6df09587b061a55bd580a5c5d290eb3e1cabb7dd537d2b0d9d13c07fb
- SHA512
  
  b6a188c5fee4daea2209dd9af04a072b5809cdc5c5fb970c216d64d67ea87aa013ac01081d9971716d9e0fa66049b7510e0f4d17efa4c7fe6ca2bf47515d963d
Score

3^/10
behavioral18
- Target
  
  Resources/Data/x64/x86/openssl_verify_basic.phpt
- Size
  
  901B
- MD5
  
  8636f5a1483dbe42ec33362661050d3c
- SHA1
  
  93aca51d204346601ff1fa687ef413d51063ab17
- SHA256
  
  8c5800806b50b96572554ced41117b5b2f57aef880c21d709a3a2215797c93d1
- SHA512
  
  d7d610b5d5e7f716bdce9b44bb23a04160405ead2ca6f118f0cef6757ae2e91849fecbee8585f5634fdce06e225baebf7583bc09a7d14ef8e081c60a79c01e27
Score

3^/10
behavioral19
- Target
  
  Resources/Data/x64/x86/shadow_core.phpt
- Size
  
  216B
- MD5
  
  2915cfaae3198010ca2a51e0792dece0
- SHA1
  
  6dd4b5f10878164551b03b0eebf586a8473cd177
- SHA256
  
  59b32c5263f4c2524f83527bafacf333a522ea51c1d9bdddf34217e65b6f1e22
- SHA512
  
  f24dd6d167fab780de61d247cb0fad172f405d392ec4afc69bd74ca6f0fc37cf76d53c04c5d44813b9a952e8a2813d34305dee7bb6466d5b96da69c3edb0d5f6
Score

3^/10
behavioral20
- Target
  
  Resources/Data/x64/x86/userstreams_003.phpt
- Size
  
  3KB
- MD5
  
  93a01730c302336b6218ac315636c633
- SHA1
  
  95665cb2d40461b198136e418a62dfcb3a65226b
- SHA256
  
  8fd4e9b3a43ff9574043c18ea3892410aa44b7c362618bed10c8544b2c831858
- SHA512
  
  fc7186f8f3fae2a0036e63b37bab825649ecb0eca4a5801d7eb66d3224ee10d73bea97a2cd2bc0cb9bbd10624469f17e1073a5ab1ccb182edeee22e6ed891803
Score

3^/10
behavioral21
- Target
  
  Resources/Data/x64/zend_vm_opcodes.c
- Size
  
  9KB
- MD5
  
  c8fab3430c3ac5700ee5c479a82420c2
- SHA1
  
  5469164c55b861e74883188135293c5bf2037d01
- SHA256
  
  ba6d32bd26328959a752c7ec45b76fea5b942806812c2b00908686b88223622c
- SHA512
  
  b43586de86db844f36ae622c5b72044004c269e80cabd8a5bed9e037df324125776074a5a18b2a631d68fff107c1ce736bc3417c4b80315e25a74866321f08a1
- SSDEEP
  
  192:7q1W5QMcHEhNDI3Va42JN972e29ZDO3so9+mmmzAdF/igQCgcGKKKxHYKKmaKKII:7qE5Q9aNDsZ2JNAeOZDO3so9+mmmzAdy
Score

3^/10
behavioral22
- Target
  
  Resources/Data/zend_ini_scanner_defs.h
- Size
  
  204B
- MD5
  
  98d48182d936bc795137ebdd605e59be
- SHA1
  
  2c2a3323008bc8af44c3b93903310215d0db871f
- SHA256
  
  b5d35e0d22c9a860d07cab12c773653bf5be1856b70b0539f29496cba72dc971
- SHA512
  
  b75b76971a0ad79e8a36243efbb9b152d7f901dd2cd9bb714051f077c88b672083ec5b0bd4394b1a8bd8fbe04dd11e83600c69320018238ecb9c7ba66f6bf9df
Score

3^/10
behavioral23
- Target
  
  Resources/htwj
- Size
  
  2.4MB
- MD5
  
  ceea78710c5247be6a4dda72a209f3d5
- SHA1
  
  92d6cc42c820df8fee42748e1f778d3265cf582a
- SHA256
  
  6bf12cad0c848c4ff37152c30d263188d07da8c5f17dac4f49c2ba0691221add
- SHA512
  
  e2164edb3eee4bbf97aca6da81b1d2cb7b35bd2569d72c8f0a9fdf42738ae83100a399c7c831229706d857a4d4adbd5ea5cf1ab50b7c0feb43954bb9a7f44471
- SSDEEP
  
  49152:0oW77h3ZeJJ1ubXvArL/wmKYXV78GOWF9xY3IEAWF:jsZeJJcvzmdl7vO4E3I9WF
Score

1^/10
behavioral24
- Target
  
  Resources/maddisAsm_.bpl
- Size
  
  64KB
- MD5
  
  11efab4068cb4058207959e2638c2c1a
- SHA1
  
  b1eac0879dcda14bdc0c2efd7f261d7c175208c3
- SHA256
  
  11e3568f497c40331ee4a9e9973967e61b224e19204e09ed7451da3b74bd2ff5
- SHA512
  
  ced6167612674232429c25e52ba051994b09fdaeaf3316505904456ef8d7063f2eb03b5a158f0a424f0ecb49673e6a3d6b57d61183c5f8402da3fe53af0bd185
- SSDEEP
  
  1536:eNy3eqMne0sXB0IWtCLwEJhY0w1FwbiD7wlwei7:CqMnfIB04LwEJhY0w1UTnE
Score

3^/10

discovery
behavioral25
- Target
  
  Resources/madexcept_.bpl
- Size
  
  438KB
- MD5
  
  562ec96d0f65b0309ad7508d0e0ced11
- SHA1
  
  0fe9dda664f4f8d9ae18603c5a25756710032a6f
- SHA256
  
  fb64a5954b726d2d0f0bc26113a36dc8a86c469af994ceeaf2e2609743a0a557
- SHA512
  
  876b82534764b2d156ce64d52771d38f245d330957287773f6b2360f48564b8d4a304449fa6f6400052165aaf433a191af2d3b38b194a9b1e892552dc0805fba
- SSDEEP
  
  6144:XlAz49EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNMa4Yn2lZ:XlG4ut30F8slzYlQcW/jd++2nJ6u2lZ
Score

3^/10

discovery
behavioral26
- Target
  
  Resources/rncr
- Size
  
  60KB
- MD5
  
  76a4092e17dfa9aa53244c2ec8913505
- SHA1
  
  9b7d7ac93947b76f8b71a9b5388e7ded53031096
- SHA256
  
  c1e5e6c17d54a79906df7b24ad55fe9e92c78983dcac0375b1c208df4c342ca6
- SHA512
  
  b3ec096b7183c908c18a41d456ddf73d694463624f34ac22a772e2095491c6e3c7c7915237a3e4097a0d5e31ba8e16d9d01fc0e86f939bdb52d01aaf2ec3ae72
- SSDEEP
  
  1536:+SZDT7oKTyV+SJDPZo+IkYrqswjlGW9f+VrpAx:F5noKtSdAk1lGKfirix
Score

1^/10
behavioral27
- Target
  
  Resources/rtl120.bpl
- Size
  
  1.1MB
- MD5
  
  e71e48e31ac728a6de7c020645f0c32f
- SHA1
  
  7f86eadd1b7a0ab87b7ce7c2029bdef3d6fe1d8d
- SHA256
  
  40a1d1a2f276738f568700ddccac99cdcd35b973fc8be86ab826c0d1abc9d6ff
- SHA512
  
  5e41dbe7efac8a042a14c2f976d1afcd45e3f7531fb60daab61ac17ffd339d34e1c6746fce9e4b591b026598a89e38f36c6d24e33e2de0b39d81806259f9be2a
- SSDEEP
  
  24576:0bhz5FWbA1msvIRzM7Rk5JZzSQ4+Is2D9Tx0gbo9:b2hTKgbo9
Score

3^/10

discovery
behavioral28
- Target
  
  Resources/vcl120.bpl
- Size
  
  1.9MB
- MD5
  
  9a438a75e68e88cdabc13074a17f8a52
- SHA1
  
  97c94801d37d249ece7ba9aca05703303fd9cf06
- SHA256
  
  ccccadde7393f1b624cde32b38274e60bbe65b1769d614d129babdaeef9a6715
- SHA512
  
  19d260505972b96c2e5ae0058a29f61e606e276779a80732dbee70f9223dbff51dcb1f5e4eff19206c300ee08e6060987171f5b83ad87fdd8f797e0e2db529fc
- SSDEEP
  
  24576:v2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6W:vRSf0Ww+NpPSyzYY8c8YEPI4+W
Score

3^/10

discovery
behavioral29
- Target
  
  Resources/vclx120.bpl
- Size
  
  223KB
- MD5
  
  8aaa3926885b3fa7ae0448f5e700cb79
- SHA1
  
  47bd7d281ddde5ebef8599482212743bf2f7e67b
- SHA256
  
  47396c301fbe78bfaf9e344936a0f7a4e6d174c096f847e160d822e48012162d
- SHA512
  
  86d395ca89ec2a988f035ecb32640ddac99247e2568673246388fe310e8c3a44807049e8f3482fae86c453d5e3529a8f2daf8614a1086b6d979e64fd917bbe3a
- SSDEEP
  
  3072:f4af8kXL6nX0YXjvkWQ5vYhbNkWPFOEJ8YZbjeTl0Y25zFgYBzRKy6sB65avEtAf:Qaf8kLWL7Xov8bNxdOmrfgYmHA6G
Score

3^/10

discovery
behavioral30
- Target
  
  Setup.exe
- Size
  
  1018KB
- MD5
  
  a596f60ba9cc2f9b9330f54cc84791fa
- SHA1
  
  e518cee3fff729bd1769b23d1c50494d05745731
- SHA256
  
  9e27421ddecb5d76e0d6c914352bb8d9d31e1c57ecdbece7abd384f0fb78ed8d
- SHA512
  
  f05a363bcc6db812ff3e95b8ec570fb365d5988330298a5d4b4e22038cce65e668ee8178425e0b67f8e92974ba0ddaa99c7ce53ac467be0ebe3ccaaee6d2b886
- SSDEEP
  
  24576:NmTiTSM8JwbdwSkCkFtY+dtZhVLbIGst7ulpayKcUw4xHSqv6Vv:rSM8mbbkm+HL44pay+lxHX6d
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral31

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Enumerates processes with tasklist

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31