Analysis
-
max time kernel
166s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 17:06
General
-
Target
358ce16a93273b5754ab28fff7c435fec31c87f6a9c8f37ca7bb28546b62c6cd.exe
-
Size
72KB
-
MD5
002cc8536dd6d2190b68e6c91550ca47
-
SHA1
2214c305746e298eb66f4d8d6f8905a00805eb9c
-
SHA256
358ce16a93273b5754ab28fff7c435fec31c87f6a9c8f37ca7bb28546b62c6cd
-
SHA512
f3beef2d1e8a9d363d62da3f0a32c5c82929b1515af33049fd91041137b443c5c796ed4092f80d9cc3fca9818ac82a1a7640eb95cfdb4d8720c9082c76668284
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2Q:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrM
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 7 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\358ce16a93273b5754ab28fff7c435fec31c87f6a9c8f37ca7bb28546b62c6cd.exe"C:\Users\Admin\AppData\Local\Temp\358ce16a93273b5754ab28fff7c435fec31c87f6a9c8f37ca7bb28546b62c6cd.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\238232213\backup.exeC:\Users\Admin\AppData\Local\Temp\238232213\backup.exe C:\Users\Admin\AppData\Local\Temp\238232213\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\backup.exe\backup.exe \3⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\PerfLogs\System Restore.exe"C:\PerfLogs\System Restore.exe" C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\data.exe"C:\Program Files\data.exe" C:\Program Files\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\data.exe"C:\Program Files\7-Zip\data.exe" C:\Program Files\7-Zip\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\Lang\update.exe"C:\Program Files\7-Zip\Lang\update.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
-
C:\Program Files\Common Files\Microsoft Shared\ink\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Executes dropped EXE
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VC\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VGX\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VSTO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VSTO\7⤵
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
-
C:\Program Files\Common Files\System\ado\ja-JP\update.exe"C:\Program Files\Common Files\System\ado\ja-JP\update.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- Executes dropped EXE
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Common Files\System\es-ES\update.exe"C:\Program Files\Common Files\System\es-ES\update.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
C:\Program Files\Common Files\System\fr-FR\data.exe"C:\Program Files\Common Files\System\fr-FR\data.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\DVD Maker\it-IT\data.exe"C:\Program Files\DVD Maker\it-IT\data.exe" C:\Program Files\DVD Maker\it-IT\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\8⤵
-
C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe"C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe" C:\Program Files\Google\Chrome\Application\Dictionaries\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\backup.exe"C:\Program Files\Java\jdk1.7.0_80\backup.exe" C:\Program Files\Java\jdk1.7.0_80\6⤵
-
C:\Program Files\Microsoft Games\backup.exe"C:\Program Files\Microsoft Games\backup.exe" C:\Program Files\Microsoft Games\5⤵
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
-
C:\Program Files\Mozilla Firefox\backup.exe"C:\Program Files\Mozilla Firefox\backup.exe" C:\Program Files\Mozilla Firefox\5⤵
-
C:\Program Files\MSBuild\backup.exe"C:\Program Files\MSBuild\backup.exe" C:\Program Files\MSBuild\5⤵
-
C:\Program Files (x86)\System Restore.exe"C:\Program Files (x86)\System Restore.exe" C:\Program Files (x86)\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\update.exe"C:\Program Files (x86)\Adobe\update.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\8⤵
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\7⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe AIR\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
-
C:\Program Files (x86)\Common Files\DESIGNER\backup.exe"C:\Program Files (x86)\Common Files\DESIGNER\backup.exe" C:\Program Files (x86)\Common Files\DESIGNER\6⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\6⤵
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
-
C:\Program Files (x86)\Microsoft Office\backup.exe"C:\Program Files (x86)\Microsoft Office\backup.exe" C:\Program Files (x86)\Microsoft Office\5⤵
-
C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe"C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe" C:\Program Files (x86)\Microsoft SQL Server Compact Edition\5⤵
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Users\Admin\Favorites\update.exeC:\Users\Admin\Favorites\update.exe C:\Users\Admin\Favorites\6⤵
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
C:\Users\Admin\Music\backup.exeC:\Users\Admin\Music\backup.exe C:\Users\Admin\Music\6⤵
-
C:\Users\Admin\Pictures\backup.exeC:\Users\Admin\Pictures\backup.exe C:\Users\Admin\Pictures\6⤵
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
-
C:\Windows\System Restore.exe"C:\Windows\System Restore.exe" C:\Windows\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
C:\Windows\AppCompat\System Restore.exe"C:\Windows\AppCompat\System Restore.exe" C:\Windows\AppCompat\5⤵
-
C:\Windows\AppPatch\backup.exeC:\Windows\AppPatch\backup.exe C:\Windows\AppPatch\5⤵
-
C:\Windows\assembly\backup.exeC:\Windows\assembly\backup.exe C:\Windows\assembly\5⤵
-
C:\Windows\Branding\backup.exeC:\Windows\Branding\backup.exe C:\Windows\Branding\5⤵
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD54cdd67cb8d3b1e058f96725053abdd1d
SHA1eb47308f4afc5ee459f1989e2abed922f75b5c9a
SHA256e239f5b99216d98a6e1d2ca01c62697a9f8a9ed3696f1cfeecb1a758bb22694f
SHA512c4f3eb039a5016efa319e41288615d5c90e28f7d5c2264aab848cc839b208c49913f451f8944b67032daef364a65f1b6f408b1a571f7a6aead38921f0720788b
-
Filesize
72KB
MD54cdd67cb8d3b1e058f96725053abdd1d
SHA1eb47308f4afc5ee459f1989e2abed922f75b5c9a
SHA256e239f5b99216d98a6e1d2ca01c62697a9f8a9ed3696f1cfeecb1a758bb22694f
SHA512c4f3eb039a5016efa319e41288615d5c90e28f7d5c2264aab848cc839b208c49913f451f8944b67032daef364a65f1b6f408b1a571f7a6aead38921f0720788b
-
Filesize
72KB
MD5a48484fc2fc7bc0a82554f025a794829
SHA11753a7f65db5e2c38cf1f3d3e091f69bbcca4289
SHA25667e00df9655738e3f4ef07cc3d0f067f0c421fbed34d8df2ff26613c95d0456e
SHA512f3aa9d28beade0cdf66d3df805f0eb272ac7e34fbc2d47ed7fd97ca3f6fc0bceb6955fab1722b61fffb6d4d1c0fd1556d3ee672ad43c066156433199eddda00d
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD5c07f2191b9749463eb498800a7da0112
SHA1c9c4967fba15f42b3f5e8bad43ff419d2da633d6
SHA2560e7ddb7ad341f9fffaf279bfbcc6604b1030290c9da77c065775f177bc18b365
SHA512df77fedccdbf1657f403177ec705f189717bf82149f7b97434a3e2f57dcdaa9254a028c0121429c3269d5cf2825925cef4c11ebbbbc2271fa515c184f156f178
-
Filesize
72KB
MD5c07f2191b9749463eb498800a7da0112
SHA1c9c4967fba15f42b3f5e8bad43ff419d2da633d6
SHA2560e7ddb7ad341f9fffaf279bfbcc6604b1030290c9da77c065775f177bc18b365
SHA512df77fedccdbf1657f403177ec705f189717bf82149f7b97434a3e2f57dcdaa9254a028c0121429c3269d5cf2825925cef4c11ebbbbc2271fa515c184f156f178
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
Filesize
72KB
MD5e2b8a95d2a33ca133ba204da4cbf1d03
SHA1b3638d1197b5dfcbea19eff6badf64e4c19bf572
SHA25663cff1782d0d40b33730dc5c852c30deffeb41379ef799fe28aa2eb15b06cfbd
SHA512681ccd7eb19fa63516e17c5419a229249b0789928fb9e24451c4f5763004505727804a034fc2ae94ed23e85190f65d4fb8436adb90c967d255cdd00c54e12b69
-
Filesize
72KB
MD5e2b8a95d2a33ca133ba204da4cbf1d03
SHA1b3638d1197b5dfcbea19eff6badf64e4c19bf572
SHA25663cff1782d0d40b33730dc5c852c30deffeb41379ef799fe28aa2eb15b06cfbd
SHA512681ccd7eb19fa63516e17c5419a229249b0789928fb9e24451c4f5763004505727804a034fc2ae94ed23e85190f65d4fb8436adb90c967d255cdd00c54e12b69
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD5cc19bd0535462f7580ef49f8889dab3f
SHA169abf2b4f3f357cc144e2103f1a713f025de3423
SHA256a7cd7a4fbdd53fa6bcbcc5bbffa7ac6909501e3423420b250635ef5f56b83c87
SHA5125bbab9c439ed7a636d9e0be8858b27c3a6d9413490925e3decd9176a87b10e8141e6d7416cc902229571e49a03f81728f62390e427dc5898c17f7349788e3613
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD568b2607a5110f9ca53fe5938a9c7df1a
SHA1fff43c23ff2cc24b7e4d3216de84185d584d2afc
SHA256ef088320921241cd9c78140e1c0b772ebbc8779975ee2d9198f8feef44537929
SHA512ba9edbcd1c24e151982d9707df65a9ab18ddb79fadd0b88d6edaa12d9a5f91a3a7bd8e423e0fd4ceeed52febdc9aa7c49bee1585e4cbf99019220894f93b44e7
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD54cdd67cb8d3b1e058f96725053abdd1d
SHA1eb47308f4afc5ee459f1989e2abed922f75b5c9a
SHA256e239f5b99216d98a6e1d2ca01c62697a9f8a9ed3696f1cfeecb1a758bb22694f
SHA512c4f3eb039a5016efa319e41288615d5c90e28f7d5c2264aab848cc839b208c49913f451f8944b67032daef364a65f1b6f408b1a571f7a6aead38921f0720788b
-
Filesize
72KB
MD54cdd67cb8d3b1e058f96725053abdd1d
SHA1eb47308f4afc5ee459f1989e2abed922f75b5c9a
SHA256e239f5b99216d98a6e1d2ca01c62697a9f8a9ed3696f1cfeecb1a758bb22694f
SHA512c4f3eb039a5016efa319e41288615d5c90e28f7d5c2264aab848cc839b208c49913f451f8944b67032daef364a65f1b6f408b1a571f7a6aead38921f0720788b
-
Filesize
72KB
MD5a48484fc2fc7bc0a82554f025a794829
SHA11753a7f65db5e2c38cf1f3d3e091f69bbcca4289
SHA25667e00df9655738e3f4ef07cc3d0f067f0c421fbed34d8df2ff26613c95d0456e
SHA512f3aa9d28beade0cdf66d3df805f0eb272ac7e34fbc2d47ed7fd97ca3f6fc0bceb6955fab1722b61fffb6d4d1c0fd1556d3ee672ad43c066156433199eddda00d
-
Filesize
72KB
MD5a48484fc2fc7bc0a82554f025a794829
SHA11753a7f65db5e2c38cf1f3d3e091f69bbcca4289
SHA25667e00df9655738e3f4ef07cc3d0f067f0c421fbed34d8df2ff26613c95d0456e
SHA512f3aa9d28beade0cdf66d3df805f0eb272ac7e34fbc2d47ed7fd97ca3f6fc0bceb6955fab1722b61fffb6d4d1c0fd1556d3ee672ad43c066156433199eddda00d
-
Filesize
72KB
MD5a48484fc2fc7bc0a82554f025a794829
SHA11753a7f65db5e2c38cf1f3d3e091f69bbcca4289
SHA25667e00df9655738e3f4ef07cc3d0f067f0c421fbed34d8df2ff26613c95d0456e
SHA512f3aa9d28beade0cdf66d3df805f0eb272ac7e34fbc2d47ed7fd97ca3f6fc0bceb6955fab1722b61fffb6d4d1c0fd1556d3ee672ad43c066156433199eddda00d
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD594ac2df7216b8d52f92536a2e9ab85a2
SHA1b0c7a874af64ee65c01391a962ed536efee4cbfd
SHA2561029c88fcb880ff83a337dbc84252594e574de5647bb914f9d56e0bc4e617b9f
SHA512ec19a9625af3e04a785890c345a68afb4b3e6d50cba4fb9fc112375e9e6dfed21f4e887758c90b9cbb0d6d15a32fcd745cecaa623fa793ebe4112c9eef3d1401
-
Filesize
72KB
MD5c07f2191b9749463eb498800a7da0112
SHA1c9c4967fba15f42b3f5e8bad43ff419d2da633d6
SHA2560e7ddb7ad341f9fffaf279bfbcc6604b1030290c9da77c065775f177bc18b365
SHA512df77fedccdbf1657f403177ec705f189717bf82149f7b97434a3e2f57dcdaa9254a028c0121429c3269d5cf2825925cef4c11ebbbbc2271fa515c184f156f178
-
Filesize
72KB
MD5c07f2191b9749463eb498800a7da0112
SHA1c9c4967fba15f42b3f5e8bad43ff419d2da633d6
SHA2560e7ddb7ad341f9fffaf279bfbcc6604b1030290c9da77c065775f177bc18b365
SHA512df77fedccdbf1657f403177ec705f189717bf82149f7b97434a3e2f57dcdaa9254a028c0121429c3269d5cf2825925cef4c11ebbbbc2271fa515c184f156f178
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD501ac1f3c15ee5a6ef7080e669cb45f91
SHA1744083da4f461e53ce1c46eb7cb1ac9d389a2348
SHA2562fd6e7c993e12358376959ddff1bb889e7fcbb5a61e785207042605628fae316
SHA51223012ff3474c7f9c4c984e9d317a27e0db4e594cc4c92588ee898516fd37d81f6127e83156b25320f01e32cd44c6b6a689087c133a8358a0ae32f00e876805ed
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5087b5614eb4397ecf7cb84a5c4cac226
SHA11ede0a2d9a782765aaae4d66b2da5902b06ae871
SHA2564de1be541c105b1ec17c785a14ecf152b09ed2bc275898e1f6ed11028816a6b5
SHA512a97e93c79255bab0b030f2db550f7b3322f14326a9e1564cdb9776da6ac1e59ea7bdac00e996cd35a1048efaff95e64bbca7d5e531e5e5bde2f45797bc3bc78a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
Filesize
72KB
MD5f3b0c45f1896552bc5ab5e38add7082c
SHA18b65f92dcd4250c18dd0a93f9fb34e1955bcbf37
SHA25643353f152ec506ce58c62a059b857b0cb82f9e99ac58700a6134d844ab5ac3ce
SHA512778b97437d4df7cab9b0205e26168b5f02012e692fb2e0794a368e0a7b945b0f3cfb9e4655184acd6636c3a6cb1a9882c939fac9ba092b7077dd2832888ce04a
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
Filesize
8KB
-
-
-
-
-
-
-
-
-