Analysis
-
max time kernel
204s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
29-11-2022 14:28
General
-
Target
08d3776669cf1303beaf820eab18eba319a5ae6bb5896586ccf375ce5138e462.exe
-
Size
72KB
-
MD5
0439a8654dfb5e1231a7c8283174ef07
-
SHA1
26d51480ef96807917a9b4907aa6aed240086308
-
SHA256
08d3776669cf1303beaf820eab18eba319a5ae6bb5896586ccf375ce5138e462
-
SHA512
87c0fd3b1722b9559e7df8790f45c6d63b9a8b1b28bad4d99ccdabeb115ef16035f025c1f27edc1ca7958e89e9a30172336a3c6446b9098a0f883a891673b3fe
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2J:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrPd
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 58 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 56 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\08d3776669cf1303beaf820eab18eba319a5ae6bb5896586ccf375ce5138e462.exe"C:\Users\Admin\AppData\Local\Temp\08d3776669cf1303beaf820eab18eba319a5ae6bb5896586ccf375ce5138e462.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\4213419571\update.exeC:\Users\Admin\AppData\Local\Temp\4213419571\update.exe C:\Users\Admin\AppData\Local\Temp\4213419571\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\backup.exe\backup.exe \3⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Executes dropped EXE
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
- Executes dropped EXE
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
-
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
-
-
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
-
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
-
-
C:\Program Files\DVD Maker\fr-FR\backup.exe"C:\Program Files\DVD Maker\fr-FR\backup.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
-
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
-
-
C:\Program Files\Microsoft Games\backup.exe"C:\Program Files\Microsoft Games\backup.exe" C:\Program Files\Microsoft Games\5⤵
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\data.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\data.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\10⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\10⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\System Restore.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\System Restore.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\11⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\10⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\9⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\10⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\data.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\data.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\8⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\7⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\8⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Common Files\Adobe AIR\update.exe"C:\Program Files (x86)\Common Files\Adobe AIR\update.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\Versions\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\Versions\7⤵
-
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\8⤵
-
-
-
-
C:\Program Files (x86)\Common Files\DESIGNER\backup.exe"C:\Program Files (x86)\Common Files\DESIGNER\backup.exe" C:\Program Files (x86)\Common Files\DESIGNER\6⤵
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Common Files\microsoft shared\backup.exe"C:\Program Files (x86)\Common Files\microsoft shared\backup.exe" C:\Program Files (x86)\Common Files\microsoft shared\6⤵
-
-
C:\Program Files (x86)\Common Files\Services\backup.exe"C:\Program Files (x86)\Common Files\Services\backup.exe" C:\Program Files (x86)\Common Files\Services\6⤵
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
C:\Program Files (x86)\Google\CrashReports\System Restore.exe"C:\Program Files (x86)\Google\CrashReports\System Restore.exe" C:\Program Files (x86)\Google\CrashReports\6⤵
-
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
-
-
C:\Program Files (x86)\Microsoft Office\backup.exe"C:\Program Files (x86)\Microsoft Office\backup.exe" C:\Program Files (x86)\Microsoft Office\5⤵
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
-
-
C:\Users\Admin\Downloads\data.exeC:\Users\Admin\Downloads\data.exe C:\Users\Admin\Downloads\6⤵
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\AppCompat\backup.exeC:\Windows\AppCompat\backup.exe C:\Windows\AppCompat\5⤵
-
-
C:\Windows\AppPatch\backup.exeC:\Windows\AppPatch\backup.exe C:\Windows\AppPatch\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\WPDNSE\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD5ad2a837115a85ce34780048517683aa8
SHA15e69631b25743f7aab881761a303efcf26f94d5c
SHA256601e0d1d16c4f45aefb4b44c1ac0768de4eccfc464286ff79ebf64e8eae4f031
SHA512cafcc6676ec0c5b64231c9a50ba8861f7cdb36f297199cf4cca446cfcad1bb6b6e102c69cb3bb63da3ea7c4af470761fde3cf12e635ab78263a9ea23aee7a9ee
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD56660522b4c949b49ff3b2a104145a310
SHA1588eb3a0e0b6f08a1130aab78fb0bdf44b2f806a
SHA256a578bfe175e83e19fb47113eb010a4709dad6a305bee21c39bab82bab3e36359
SHA512fb0a828519783c185c9ff9d8ecc9d7b3b4587c9fe7d7e1b97e178eba1cff58c3a33c7566f44642ba08f7cc78d0c0a772af6da76e67f87a2eced80c24f685ea12
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD54c59ebed2334ba3cffb5a751d110b945
SHA1a366784a26a95b3464ddda14886831a478c82ac5
SHA256ad05a990abcf54b536e73d711d52fcd8c5f80e6453a929c2fd7158a6258b8bc0
SHA512888acbb07a19e3ee7c44769a5d56db9dd6b05f9dd5411bc85cfa517305eb7433d2794d52522b48b720de016040dbdd9af2bb7bc826c1fd1c40b865d8bca18328
-
Filesize
72KB
MD54c59ebed2334ba3cffb5a751d110b945
SHA1a366784a26a95b3464ddda14886831a478c82ac5
SHA256ad05a990abcf54b536e73d711d52fcd8c5f80e6453a929c2fd7158a6258b8bc0
SHA512888acbb07a19e3ee7c44769a5d56db9dd6b05f9dd5411bc85cfa517305eb7433d2794d52522b48b720de016040dbdd9af2bb7bc826c1fd1c40b865d8bca18328
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD502f13d9944f084e26020de2c3051d260
SHA16824edc864ed2d8ac974956ed43e6cd75ab61d30
SHA25680d2547df3cb5fbaa63c283f45b097fdb23baab80c2b5994431eb9c8ee0d8d5c
SHA512af8a9e0d6dfb59c599b88beafe957e37bedee15d65bfb7db486839608e1e93b3b0f9bab11de90873ee81871df83501e8efce3af2ad5c6bcff6541dff76da7c11
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD534adb8d2cc5e1a26f39350bf8d57beb7
SHA1f8b579612b0da0022e3115df97a30ce511283de4
SHA256be15f447bf90252e65dbf9a7a7c64b15dbec4afdc5e23ae8b88274f17f03f65d
SHA512d6f6bb8ba611b74618014fbbb9389b5b6b1a3482d4c53721a80768910dd1a4ed0aafbf30e03088788e54ab3b6e8005304bcacfcb07025d7a70f616d2c7fbb63a
-
Filesize
72KB
MD5ad2a837115a85ce34780048517683aa8
SHA15e69631b25743f7aab881761a303efcf26f94d5c
SHA256601e0d1d16c4f45aefb4b44c1ac0768de4eccfc464286ff79ebf64e8eae4f031
SHA512cafcc6676ec0c5b64231c9a50ba8861f7cdb36f297199cf4cca446cfcad1bb6b6e102c69cb3bb63da3ea7c4af470761fde3cf12e635ab78263a9ea23aee7a9ee
-
Filesize
72KB
MD5ad2a837115a85ce34780048517683aa8
SHA15e69631b25743f7aab881761a303efcf26f94d5c
SHA256601e0d1d16c4f45aefb4b44c1ac0768de4eccfc464286ff79ebf64e8eae4f031
SHA512cafcc6676ec0c5b64231c9a50ba8861f7cdb36f297199cf4cca446cfcad1bb6b6e102c69cb3bb63da3ea7c4af470761fde3cf12e635ab78263a9ea23aee7a9ee
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5df0b171e3af9e8741f25440713fbbbfe
SHA1ba3867a8f35f433637017df45e0764a7abb2a60b
SHA25606c51f9bb06e74f468aed4118bb8e06cac5d568a2a16e2cdfe9bcc2f22a340b5
SHA5125fec6623fd9f31aa84e0d704d2b685503241010cb6cccfd2e2e0a7f16f8a7aeb9cf0d1824c202045e9a6567f0b91befd5980a5d04c349604a5e9a742cbe32700
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD5ad75116dab3dd2f86c9972fa5dbb2134
SHA1b760327e215e5fe67cf4447b9426d64c0649d587
SHA2561faea0ad4c6054214b87c86ee30c55e7e381af0603033d204c01f94ed3db486f
SHA512edd019ae5ee3966729315f5a746e65775100d17e0ab3382a207990c16a09253d9b5bd4532d32c1ea81f0c9965dadb1ba04c3120aeb564b0e0e88a831ecbfea43
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD53efe87a37640d145f0bab93628195d05
SHA1da7deab1b97f84705b7d339cdab181aa51a60156
SHA25639d9f05928b2d2eb9101716bb9bee55bd497e96b347a65eef56fbe707fa3ccf9
SHA512c4ce897d0a04c1f46e68efce18407fdbff9ae91ae5beae5d9227dedda8883a024c5781607a319904d18479687014891db5623daf185c45834bc90e429c6ac2ab
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD56660522b4c949b49ff3b2a104145a310
SHA1588eb3a0e0b6f08a1130aab78fb0bdf44b2f806a
SHA256a578bfe175e83e19fb47113eb010a4709dad6a305bee21c39bab82bab3e36359
SHA512fb0a828519783c185c9ff9d8ecc9d7b3b4587c9fe7d7e1b97e178eba1cff58c3a33c7566f44642ba08f7cc78d0c0a772af6da76e67f87a2eced80c24f685ea12
-
Filesize
72KB
MD56660522b4c949b49ff3b2a104145a310
SHA1588eb3a0e0b6f08a1130aab78fb0bdf44b2f806a
SHA256a578bfe175e83e19fb47113eb010a4709dad6a305bee21c39bab82bab3e36359
SHA512fb0a828519783c185c9ff9d8ecc9d7b3b4587c9fe7d7e1b97e178eba1cff58c3a33c7566f44642ba08f7cc78d0c0a772af6da76e67f87a2eced80c24f685ea12
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5d40cec8beb41304be40209a2ca1258ea
SHA18fc1755da2550caf6403ce1bc998b1aa71ef9562
SHA256ac5f895a8575bafe1ea3d6b8c3786cc437fc5145fa14c975572f144c41a4409b
SHA512502afe1dfb9ec831672fa4f795cb69c9bae7a6ba7899b8c51aaa91b0bb0e272ed51250abcb25b2f7c088270f1cebf28b12894bc70e399a363e27d58e49995e14
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
Filesize
72KB
MD5c43a73908a776c83b56632f22fbee28e
SHA1b09cd285cdc8e9b2820b0bdb9c3cdbb9eb312014
SHA256cff6b71196688f65fb355a674ccd7ea6fe346ee334038d00998ecca7140bad37
SHA51233ac018e8d740db77406a746f9a0a3cf824af8632db55b2f8bfaef7ebe5180a46fcc72908f5febb6ac07b2e366cdb39e943e5e9143529f366b424c5f4a519aea
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
-
-
-
-
Filesize
8KB
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-