Analysis
-
max time kernel
83s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
07-11-2022 17:33
General
-
Target
a6042f1fb82e7c577590eddf4abaa1fb1d520be2bebfe189591c3677693a945f.exe
-
Size
72KB
-
MD5
03ace3e019d7bff66037b9fcbb04deb3
-
SHA1
9c83a4b8040a01ea54721d92b2452f2552878b66
-
SHA256
a6042f1fb82e7c577590eddf4abaa1fb1d520be2bebfe189591c3677693a945f
-
SHA512
0b741b9d92f1d063215ca28f1614641db40452aa7de67a2e31cdc6e0541fd16f64877f5fbfab67f38e46daf8951d915a67701a3285f9b127671f43cb9519a8cc
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2a:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrm
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a6042f1fb82e7c577590eddf4abaa1fb1d520be2bebfe189591c3677693a945f.exe"C:\Users\Admin\AppData\Local\Temp\a6042f1fb82e7c577590eddf4abaa1fb1d520be2bebfe189591c3677693a945f.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\240985795\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\240985795\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\240985795\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\backup.exe\backup.exe \3⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\data.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\data.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\System\ado\update.exe"C:\Program Files\Common Files\System\ado\update.exe" C:\Program Files\Common Files\System\ado\7⤵
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
-
-
-
-
C:\Program Files\DVD Maker\System Restore.exe"C:\Program Files\DVD Maker\System Restore.exe" C:\Program Files\DVD Maker\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
-
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
-
-
C:\Program Files\Microsoft Games\data.exe"C:\Program Files\Microsoft Games\data.exe" C:\Program Files\Microsoft Games\5⤵
-
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
-
-
-
C:\Program Files (x86)\System Restore.exe"C:\Program Files (x86)\System Restore.exe" C:\Program Files (x86)\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\7⤵
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
-
-
C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
-
-
-
C:\Windows\System Restore.exe"C:\Windows\System Restore.exe" C:\Windows\4⤵
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\AppCompat\backup.exeC:\Windows\AppCompat\backup.exe C:\Windows\AppCompat\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD51ded44d64a664a4a9cfc40753728aeaa
SHA1db51ee4a7fc026d9686a293390ea9adad3399499
SHA256dca20c1b4ec55cb4751c2295a9748f83067cbcdc3fd9bda9142e6e6f55cf37d0
SHA512e25783e83cdbd078efd4e6c4617e733fdd4ac3eb2123f1992ba2497a242490e3cb8177c181977a8d60cf16716f9e9b10d22db13633b28cf6839424f2825543e3
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD55abc6044e4f1663de53c9cb167412e58
SHA16be781975d847415813735139fe02bd9f4831c95
SHA256fedf569072e95e70fe84435eb0018ec2dc60be3ce4de33ba9598b526ae9bb296
SHA512af5eea2159cc58663413715368dfbbd6e14557eb8ebafb50d5ec5d934bbcd78e4ec7bb19bd6b91a66441d892c585471d6e1ebf6a6f0ebb3ed992529313dab308
-
Filesize
72KB
MD55abc6044e4f1663de53c9cb167412e58
SHA16be781975d847415813735139fe02bd9f4831c95
SHA256fedf569072e95e70fe84435eb0018ec2dc60be3ce4de33ba9598b526ae9bb296
SHA512af5eea2159cc58663413715368dfbbd6e14557eb8ebafb50d5ec5d934bbcd78e4ec7bb19bd6b91a66441d892c585471d6e1ebf6a6f0ebb3ed992529313dab308
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5fa7c6e4f0b48c2597cf190ddb1dd336e
SHA1156b730a5211d0dd72d07a0cf4a495fee2ea8cf5
SHA256f44358b4b4eca2dd975e4b70cafd9e8f4ac256550412385fba8b92e5bee127e9
SHA5128eae39e3d5552f3a7dd2aefc5965a83108bd08f9f3c44c4e5c8c8b02ff1055561f3ec37729e7c4773a6044290a04cbdc5395c85606a236f9818996c4ec745018
-
Filesize
72KB
MD5fa7c6e4f0b48c2597cf190ddb1dd336e
SHA1156b730a5211d0dd72d07a0cf4a495fee2ea8cf5
SHA256f44358b4b4eca2dd975e4b70cafd9e8f4ac256550412385fba8b92e5bee127e9
SHA5128eae39e3d5552f3a7dd2aefc5965a83108bd08f9f3c44c4e5c8c8b02ff1055561f3ec37729e7c4773a6044290a04cbdc5395c85606a236f9818996c4ec745018
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5265143841a094124bf4b0fc89ca3d54d
SHA13dd076c4b784a66f1d6dd04a16ef74569d1ea459
SHA256b6644b35f79005cddd6197bb4dd559b45806460373c657e2d43b8a5edb407230
SHA512cbdd6e2747112454330917456ea03ca4175eb7a2cac48e998151055314275de765c6d98de667f1f5f4861a68c5ed47a3db30e336cbb3df94cfb994cea2fce428
-
Filesize
72KB
MD5265143841a094124bf4b0fc89ca3d54d
SHA13dd076c4b784a66f1d6dd04a16ef74569d1ea459
SHA256b6644b35f79005cddd6197bb4dd559b45806460373c657e2d43b8a5edb407230
SHA512cbdd6e2747112454330917456ea03ca4175eb7a2cac48e998151055314275de765c6d98de667f1f5f4861a68c5ed47a3db30e336cbb3df94cfb994cea2fce428
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD51ded44d64a664a4a9cfc40753728aeaa
SHA1db51ee4a7fc026d9686a293390ea9adad3399499
SHA256dca20c1b4ec55cb4751c2295a9748f83067cbcdc3fd9bda9142e6e6f55cf37d0
SHA512e25783e83cdbd078efd4e6c4617e733fdd4ac3eb2123f1992ba2497a242490e3cb8177c181977a8d60cf16716f9e9b10d22db13633b28cf6839424f2825543e3
-
Filesize
72KB
MD51ded44d64a664a4a9cfc40753728aeaa
SHA1db51ee4a7fc026d9686a293390ea9adad3399499
SHA256dca20c1b4ec55cb4751c2295a9748f83067cbcdc3fd9bda9142e6e6f55cf37d0
SHA512e25783e83cdbd078efd4e6c4617e733fdd4ac3eb2123f1992ba2497a242490e3cb8177c181977a8d60cf16716f9e9b10d22db13633b28cf6839424f2825543e3
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD5674551c1f33b2331b4f7edcd48c52615
SHA1bec58b5550079a0b948447e323e659184096f8e5
SHA256d78f046efcc16eac28c88a7841053c5d5cb8534b65d50b75996b962123aba64b
SHA512be83c7991c45031579b1f67074aea9b130e650c34fa9bb5d4c21c11e30ae8efee1eb003627a2c876ad40d95b5752169e6327b7548bb3c31e65f491a919d41cf0
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD55abc6044e4f1663de53c9cb167412e58
SHA16be781975d847415813735139fe02bd9f4831c95
SHA256fedf569072e95e70fe84435eb0018ec2dc60be3ce4de33ba9598b526ae9bb296
SHA512af5eea2159cc58663413715368dfbbd6e14557eb8ebafb50d5ec5d934bbcd78e4ec7bb19bd6b91a66441d892c585471d6e1ebf6a6f0ebb3ed992529313dab308
-
Filesize
72KB
MD55abc6044e4f1663de53c9cb167412e58
SHA16be781975d847415813735139fe02bd9f4831c95
SHA256fedf569072e95e70fe84435eb0018ec2dc60be3ce4de33ba9598b526ae9bb296
SHA512af5eea2159cc58663413715368dfbbd6e14557eb8ebafb50d5ec5d934bbcd78e4ec7bb19bd6b91a66441d892c585471d6e1ebf6a6f0ebb3ed992529313dab308
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD5e005965b746a3f94209f48d57fc0e163
SHA13bb39129ab9644d555f69e4f55d633c09a865277
SHA2565f52b7207161b8b71a305a53667e4c67b36bacfe2ccff8673931a400b965ef7a
SHA51216b826da0d604c10d24d33344d79ab29a5ecab78a9dc8547cebb1da7e0b4372b1dc3c07eb2936ebf578db6f76fa2b2e8a295e1981fb13b14b44d6035e32bc8e8
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5b0db4f6e8615a38c1c9448532aff60ae
SHA18c84dcae930903b7e6a3bb0e94c75bfc9fe89592
SHA256a33735f77e57e14ee7350f12b4df7f0a4b7ab6bba2f9d8fd244bcaf25e28dc9d
SHA5120b2d5a76757e12e61c4b6c94a418098d8f4bd66236251f79ce12fc5be9908727d9d79de62ec90ba84cdfae1ce0bb73ab14523af313d9eaf4b5b973c587d56561
-
Filesize
72KB
MD5fa7c6e4f0b48c2597cf190ddb1dd336e
SHA1156b730a5211d0dd72d07a0cf4a495fee2ea8cf5
SHA256f44358b4b4eca2dd975e4b70cafd9e8f4ac256550412385fba8b92e5bee127e9
SHA5128eae39e3d5552f3a7dd2aefc5965a83108bd08f9f3c44c4e5c8c8b02ff1055561f3ec37729e7c4773a6044290a04cbdc5395c85606a236f9818996c4ec745018
-
Filesize
72KB
MD5fa7c6e4f0b48c2597cf190ddb1dd336e
SHA1156b730a5211d0dd72d07a0cf4a495fee2ea8cf5
SHA256f44358b4b4eca2dd975e4b70cafd9e8f4ac256550412385fba8b92e5bee127e9
SHA5128eae39e3d5552f3a7dd2aefc5965a83108bd08f9f3c44c4e5c8c8b02ff1055561f3ec37729e7c4773a6044290a04cbdc5395c85606a236f9818996c4ec745018
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD518b900b82dbca1dc6c2c2bec013dcc50
SHA15975bb3a1c34a0cc1b3f40e39b2228e8718ee887
SHA2566eaa626485e660a1171bee06da8134c1286e1c96ddf0e23ce48f9176a4bbf57b
SHA5125c8f2de21f3aeb44533e5d921082dfd034c1e65b36857c5428bcd2c6b891ba9a284bb14572133f701e0fb52c357879057fa1409faa86e2765d9716077a7a8373
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
Filesize
72KB
MD5b76d2001086104df9bbe46763aa9e488
SHA1867b15e1757f67c862a8a2c5b9a04a0fd3ce6325
SHA256602fc4db9446d4339fad9a0b8bccc47539c625feda270ae23c4508606ffd6dd8
SHA512a49cbb0d11a0b75809c162a3537d1f0c3e6468855bfe3ce3104a560c01c8e234d06550f89796fba17f32a55470089da6d9d617a0f1638d8caabe69de4d1589ba
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
Filesize
8KB
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-