Analysis
-
max time kernel
154s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 19:00
General
-
Target
e6f8b7f3b39c433a1f70e6e0da3088172635542e08db4e76528bb47e9b6c37ed.exe
-
Size
72KB
-
MD5
44c1be4c460252a85f3234326377e4b0
-
SHA1
0bbb4328214c03ccf4acebcd57dac1183165ec20
-
SHA256
e6f8b7f3b39c433a1f70e6e0da3088172635542e08db4e76528bb47e9b6c37ed
-
SHA512
27dcd4a1c1942934817c50954b15c5d5a71475f08f5a682d992217ba5a7c6e06c1c211998b5ae448c2eedf0be292889e839f7f628b06dbcdc8601d881304727e
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2T:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrP
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e6f8b7f3b39c433a1f70e6e0da3088172635542e08db4e76528bb47e9b6c37ed.exe"C:\Users\Admin\AppData\Local\Temp\e6f8b7f3b39c433a1f70e6e0da3088172635542e08db4e76528bb47e9b6c37ed.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\3670412730\backup.exeC:\Users\Admin\AppData\Local\Temp\3670412730\backup.exe C:\Users\Admin\AppData\Local\Temp\3670412730\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\update.exe"C:\Program Files\Common Files\Microsoft Shared\update.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\update.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\update.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VC\7⤵
-
C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VGX\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VGX\7⤵
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\ado\data.exe"C:\Program Files\Common Files\System\ado\data.exe" C:\Program Files\Common Files\System\ado\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
C:\Program Files\DVD Maker\Shared\data.exe"C:\Program Files\DVD Maker\Shared\data.exe" C:\Program Files\DVD Maker\Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe"C:\Program Files\DVD Maker\Shared\DvdStyles\backup.exe" C:\Program Files\DVD Maker\Shared\DvdStyles\7⤵
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Java\jdk1.7.0_80\backup.exe"C:\Program Files\Java\jdk1.7.0_80\backup.exe" C:\Program Files\Java\jdk1.7.0_80\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\bin\update.exe"C:\Program Files\Java\jdk1.7.0_80\bin\update.exe" C:\Program Files\Java\jdk1.7.0_80\bin\7⤵
-
C:\Program Files\Java\jdk1.7.0_80\db\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\7⤵
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\bin\8⤵
-
C:\Program Files\Java\jdk1.7.0_80\include\System Restore.exe"C:\Program Files\Java\jdk1.7.0_80\include\System Restore.exe" C:\Program Files\Java\jdk1.7.0_80\include\7⤵
-
C:\Program Files\Java\jre7\backup.exe"C:\Program Files\Java\jre7\backup.exe" C:\Program Files\Java\jre7\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Java\jre7\bin\backup.exe"C:\Program Files\Java\jre7\bin\backup.exe" C:\Program Files\Java\jre7\bin\7⤵
-
C:\Program Files\Microsoft Games\data.exe"C:\Program Files\Microsoft Games\data.exe" C:\Program Files\Microsoft Games\5⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Program Files\Microsoft Games\Chess\backup.exe"C:\Program Files\Microsoft Games\Chess\backup.exe" C:\Program Files\Microsoft Games\Chess\6⤵
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files\Microsoft Office\Office14\backup.exe"C:\Program Files\Microsoft Office\Office14\backup.exe" C:\Program Files\Microsoft Office\Office14\6⤵
-
C:\Program Files\Mozilla Firefox\backup.exe"C:\Program Files\Mozilla Firefox\backup.exe" C:\Program Files\Mozilla Firefox\5⤵
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\data.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\data.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\8⤵
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\8⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\7⤵
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\Versions\7⤵
-
C:\Program Files (x86)\Common Files\DESIGNER\update.exe"C:\Program Files (x86)\Common Files\DESIGNER\update.exe" C:\Program Files (x86)\Common Files\DESIGNER\6⤵
-
C:\Program Files (x86)\Common Files\microsoft shared\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\6⤵
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files (x86)\Google\CrashReports\backup.exe"C:\Program Files (x86)\Google\CrashReports\backup.exe" C:\Program Files (x86)\Google\CrashReports\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Google\Policies\backup.exe"C:\Program Files (x86)\Google\Policies\backup.exe" C:\Program Files (x86)\Google\Policies\6⤵
-
C:\Program Files (x86)\Google\Temp\backup.exe"C:\Program Files (x86)\Google\Temp\backup.exe" C:\Program Files (x86)\Google\Temp\6⤵
-
C:\Program Files (x86)\Google\Update\backup.exe"C:\Program Files (x86)\Google\Update\backup.exe" C:\Program Files (x86)\Google\Update\6⤵
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\6⤵
-
C:\Program Files (x86)\Microsoft Office\backup.exe"C:\Program Files (x86)\Microsoft Office\backup.exe" C:\Program Files (x86)\Microsoft Office\5⤵
-
C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe"C:\Program Files (x86)\Microsoft SQL Server Compact Edition\backup.exe" C:\Program Files (x86)\Microsoft SQL Server Compact Edition\5⤵
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\System Restore.exe"C:\Users\Admin\System Restore.exe" C:\Users\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
- Disables RegEdit via registry modification
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Users\Admin\Music\backup.exeC:\Users\Admin\Music\backup.exe C:\Users\Admin\Music\6⤵
-
C:\Users\Admin\Pictures\backup.exeC:\Users\Admin\Pictures\backup.exe C:\Users\Admin\Pictures\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Users\Admin\Saved Games\backup.exe"C:\Users\Admin\Saved Games\backup.exe" C:\Users\Admin\Saved Games\6⤵
-
C:\Users\Admin\Searches\backup.exeC:\Users\Admin\Searches\backup.exe C:\Users\Admin\Searches\6⤵
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
- Disables RegEdit via registry modification
- System policy modification
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
- Modifies visibility of file extensions in Explorer
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\6⤵
-
C:\Users\Public\Recorded TV\backup.exe"C:\Users\Public\Recorded TV\backup.exe" C:\Users\Public\Recorded TV\6⤵
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\data.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\data.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD5f2f09c2ca0724e43794c932c2954b9fd
SHA1074912cb8f3a21c7935d807da95a0c114c79be5e
SHA256876193afce63d66c81229347e041a9ff1936a85a87b2666676d2be902e6d3b5b
SHA512a92c05a37ec4520a4debb93c312016324a9175085a1e9c37869e0f60ddcec173cc7ece851f5a6a64269820f557c2df692e3e423081f9e3831be82af0cf34b0ac
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD5733dbb7c519f541c83bfe68cd1aa5ea1
SHA1be3f1731fce80cdf37d492f7ed60db750997265b
SHA25664ad1cef4386d485d2214c19770eea45f5cdd0e280cec7046d77f2c201388def
SHA5123878eca30dbcd4d212ce841e21916c333f277f2036a92ccc21d596ee618234ffdc85c68e7740d0fbfeed75be41d04b0e289c3559d813cd4f2af7089a695d3732
-
Filesize
72KB
MD5733dbb7c519f541c83bfe68cd1aa5ea1
SHA1be3f1731fce80cdf37d492f7ed60db750997265b
SHA25664ad1cef4386d485d2214c19770eea45f5cdd0e280cec7046d77f2c201388def
SHA5123878eca30dbcd4d212ce841e21916c333f277f2036a92ccc21d596ee618234ffdc85c68e7740d0fbfeed75be41d04b0e289c3559d813cd4f2af7089a695d3732
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD51782a84def97f301059d2b508d801872
SHA15728dc617b77364c0381a9c27114686c39a98d66
SHA25629015dbf77a3c63d0832ab8903a9d8fe38ab6069c4e345a142dcd968179e27d5
SHA512fe0901acb8250b6cbc75f454b7774c3061b56ea05756b927ae6e06d0e517ea8a2c421648af887cacd3510ba9597f4eb66f0b56782592c7dd340204991827485f
-
Filesize
72KB
MD51782a84def97f301059d2b508d801872
SHA15728dc617b77364c0381a9c27114686c39a98d66
SHA25629015dbf77a3c63d0832ab8903a9d8fe38ab6069c4e345a142dcd968179e27d5
SHA512fe0901acb8250b6cbc75f454b7774c3061b56ea05756b927ae6e06d0e517ea8a2c421648af887cacd3510ba9597f4eb66f0b56782592c7dd340204991827485f
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5d41c52a9295995745e9631776d192057
SHA167310ff2922fd89d46c6a1a76914c9984b82f019
SHA256de3d19c3dd574466227e9dd01b44a0212be431f9df79da5057154cbda97daef0
SHA51259ad03375d35f72a478aa561655717ee79d52ec0c0381ad3f4401337f5236744c6bf72761a052c78c5ec86525c7852f3f01ce6ac36a4bfbdd5c9d367e8f08853
-
Filesize
72KB
MD5d41c52a9295995745e9631776d192057
SHA167310ff2922fd89d46c6a1a76914c9984b82f019
SHA256de3d19c3dd574466227e9dd01b44a0212be431f9df79da5057154cbda97daef0
SHA51259ad03375d35f72a478aa561655717ee79d52ec0c0381ad3f4401337f5236744c6bf72761a052c78c5ec86525c7852f3f01ce6ac36a4bfbdd5c9d367e8f08853
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD5f2f09c2ca0724e43794c932c2954b9fd
SHA1074912cb8f3a21c7935d807da95a0c114c79be5e
SHA256876193afce63d66c81229347e041a9ff1936a85a87b2666676d2be902e6d3b5b
SHA512a92c05a37ec4520a4debb93c312016324a9175085a1e9c37869e0f60ddcec173cc7ece851f5a6a64269820f557c2df692e3e423081f9e3831be82af0cf34b0ac
-
Filesize
72KB
MD5f2f09c2ca0724e43794c932c2954b9fd
SHA1074912cb8f3a21c7935d807da95a0c114c79be5e
SHA256876193afce63d66c81229347e041a9ff1936a85a87b2666676d2be902e6d3b5b
SHA512a92c05a37ec4520a4debb93c312016324a9175085a1e9c37869e0f60ddcec173cc7ece851f5a6a64269820f557c2df692e3e423081f9e3831be82af0cf34b0ac
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD538c7124a7cdac031227c668aaf261b66
SHA177443e2ef42e3c0155a5cc7b5e38540de7b2a325
SHA25618bb51b6deb9882f2964f255726b1a41a02d3334ebcfe23feeb8094852380782
SHA5128f14e62fb1d6d178f477deddc1e966b26eb557b523ad3c81cf7070532813a554f6b8a4b1229f9a7eeb67399563d34f1edecc2aeb026a662a2ee54b46f14eb627
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD5d4046eefdfb3dc344fd6ec55941f33cc
SHA134a0f7e290a13baa97a2a7c9adc43703ee27c16c
SHA25659d8988cde58eb7022856ba78e3d1cbff8ef4ef395222a11ff1cddbdf50a50bb
SHA5120df4de753b4c7bd80d7a61e4968f319b177ced57c4bda5b8129482418a20e5af24246649975d19b38957737724c665bcc28794772c870429c1e5ac69628be43b
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD539a953e83d57dbd8562e277a1759b01c
SHA14e94655e57406fabadcb2e7934d5bb546bf1fa68
SHA2568b257a86ee4251792778768a7af1d539714a25593a3526f858daa78d569ade5e
SHA512f70c21bf2fecdd972745a4c04d1e87d82a2f5eb993f9ba792cf63ceb7bb2275edc235c4199572d50285fb0f4d09b67db320ddc495c07a0a192f314cd6ef43b90
-
Filesize
72KB
MD5733dbb7c519f541c83bfe68cd1aa5ea1
SHA1be3f1731fce80cdf37d492f7ed60db750997265b
SHA25664ad1cef4386d485d2214c19770eea45f5cdd0e280cec7046d77f2c201388def
SHA5123878eca30dbcd4d212ce841e21916c333f277f2036a92ccc21d596ee618234ffdc85c68e7740d0fbfeed75be41d04b0e289c3559d813cd4f2af7089a695d3732
-
Filesize
72KB
MD5733dbb7c519f541c83bfe68cd1aa5ea1
SHA1be3f1731fce80cdf37d492f7ed60db750997265b
SHA25664ad1cef4386d485d2214c19770eea45f5cdd0e280cec7046d77f2c201388def
SHA5123878eca30dbcd4d212ce841e21916c333f277f2036a92ccc21d596ee618234ffdc85c68e7740d0fbfeed75be41d04b0e289c3559d813cd4f2af7089a695d3732
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD59471c7fef769c42574b305b59b3daba5
SHA12ffb995a2a49c09d437f8bfd01fc96e7eaac5c16
SHA256e71d0ddf0c6a5c1232eb5de3b637e935a2b6336d19c685843366e25a59bc094e
SHA51216b45384dada37b878a4b845fe611450b70f37b6ed2d92f32f87a1ea390dbef51d0aa69457966e0a220f7d1dc511554a82e39d1c5936da2810e239a740679201
-
Filesize
72KB
MD51782a84def97f301059d2b508d801872
SHA15728dc617b77364c0381a9c27114686c39a98d66
SHA25629015dbf77a3c63d0832ab8903a9d8fe38ab6069c4e345a142dcd968179e27d5
SHA512fe0901acb8250b6cbc75f454b7774c3061b56ea05756b927ae6e06d0e517ea8a2c421648af887cacd3510ba9597f4eb66f0b56782592c7dd340204991827485f
-
Filesize
72KB
MD51782a84def97f301059d2b508d801872
SHA15728dc617b77364c0381a9c27114686c39a98d66
SHA25629015dbf77a3c63d0832ab8903a9d8fe38ab6069c4e345a142dcd968179e27d5
SHA512fe0901acb8250b6cbc75f454b7774c3061b56ea05756b927ae6e06d0e517ea8a2c421648af887cacd3510ba9597f4eb66f0b56782592c7dd340204991827485f
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
Filesize
72KB
MD5e5640b96200b2bb7bf0b89c3c938b3f7
SHA16ebc78d9303939244f402dd240033f4c2009e7bf
SHA256680b056b426cf85563149b29c2877260c4c5ba8a88d7dd5ec71e5781b317edb7
SHA512c08ed27ff5aef5da9c7ce3d37c1d61be7a853c5214eb13889bad74237f42ee4c2be3e2a80b3a8cda28d59964fd81316cdcc984cdd814c1ecee442f17f7e5899e
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
Filesize
8KB
-