Analysis
-
max time kernel
190s -
max time network
205s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
02/12/2022, 20:28
General
-
Target
19c4a5d7c1f20aca45fdb63697ce97477a8af0e357154cce3c6ac8bcf0d335f1.exe
-
Size
72KB
-
MD5
0acfa4e42ad0daffa0fd584b5d2ce042
-
SHA1
86ca34f7a5280c89cc6681d73ff49425a85bc180
-
SHA256
19c4a5d7c1f20aca45fdb63697ce97477a8af0e357154cce3c6ac8bcf0d335f1
-
SHA512
18250db2b2d88f1ecd5c6c39c8d09057c0b73788834635b7bee7af3409acf5c00487032a7b28db098dfd82d815ecd37cb3dd5660bf55ed5995570370d9db1866
-
SSDEEP
768:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrP5Z:ieTce/U/hKYuKP5Z
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\19c4a5d7c1f20aca45fdb63697ce97477a8af0e357154cce3c6ac8bcf0d335f1.exe"C:\Users\Admin\AppData\Local\Temp\19c4a5d7c1f20aca45fdb63697ce97477a8af0e357154cce3c6ac8bcf0d335f1.exe"1⤵
- Disables RegEdit via registry modification
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\602914347\backup.exeC:\Users\Admin\AppData\Local\Temp\602914347\backup.exe C:\Users\Admin\AppData\Local\Temp\602914347\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\odt\backup.exeC:\odt\backup.exe C:\odt\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\DESIGNER\backup.exe"C:\Program Files\Common Files\DESIGNER\backup.exe" C:\Program Files\Common Files\DESIGNER\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\backup.exe"C:\Program Files\Common Files\microsoft shared\backup.exe" C:\Program Files\Common Files\microsoft shared\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe"C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe" C:\Program Files\Common Files\microsoft shared\ClickToRun\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\7⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ar-SA\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\bg-BG\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\update.exe"C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\update.exe" C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\de-DE\data.exe"C:\Program Files\Common Files\microsoft shared\ink\de-DE\data.exe" C:\Program Files\Common Files\microsoft shared\ink\de-DE\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\el-GR\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-GB\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-US\System Restore.exe"C:\Program Files\Common Files\microsoft shared\ink\en-US\System Restore.exe" C:\Program Files\Common Files\microsoft shared\ink\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-ES\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\es-MX\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\es-MX\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\et-EE\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fi-FI\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-CA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-CA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-CA\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fr-FR\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\8⤵
-
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\7⤵
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\System\ado\en-US\System Restore.exe"C:\Program Files\Common Files\System\ado\en-US\System Restore.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\System\ado\ja-JP\backup.exe"C:\Program Files\Common Files\System\ado\ja-JP\backup.exe" C:\Program Files\Common Files\System\ado\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\fr-FR\update.exe"C:\Program Files\Common Files\System\fr-FR\update.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\System\ja-JP\backup.exe"C:\Program Files\Common Files\System\ja-JP\backup.exe" C:\Program Files\Common Files\System\ja-JP\7⤵
-
-
C:\Program Files\Common Files\System\msadc\data.exe"C:\Program Files\Common Files\System\msadc\data.exe" C:\Program Files\Common Files\System\msadc\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
-
C:\Program Files\Common Files\System\Ole DB\backup.exe"C:\Program Files\Common Files\System\Ole DB\backup.exe" C:\Program Files\Common Files\System\Ole DB\7⤵
-
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\backup.exe"C:\Program Files\Google\Chrome\Application\backup.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\8⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\System Restore.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\System Restore.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\10⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\win_x64\11⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
-
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Internet Explorer\ja-JP\backup.exe"C:\Program Files\Internet Explorer\ja-JP\backup.exe" C:\Program Files\Internet Explorer\ja-JP\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Internet Explorer\SIGNUP\backup.exe"C:\Program Files\Internet Explorer\SIGNUP\backup.exe" C:\Program Files\Internet Explorer\SIGNUP\6⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.8.0_66\backup.exe"C:\Program Files\Java\jdk1.8.0_66\backup.exe" C:\Program Files\Java\jdk1.8.0_66\6⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Java\jdk1.8.0_66\bin\backup.exe"C:\Program Files\Java\jdk1.8.0_66\bin\backup.exe" C:\Program Files\Java\jdk1.8.0_66\bin\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Java\jdk1.8.0_66\db\System Restore.exe"C:\Program Files\Java\jdk1.8.0_66\db\System Restore.exe" C:\Program Files\Java\jdk1.8.0_66\db\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.8.0_66\db\bin\data.exe"C:\Program Files\Java\jdk1.8.0_66\db\bin\data.exe" C:\Program Files\Java\jdk1.8.0_66\db\bin\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Java\jdk1.8.0_66\db\lib\backup.exe"C:\Program Files\Java\jdk1.8.0_66\db\lib\backup.exe" C:\Program Files\Java\jdk1.8.0_66\db\lib\8⤵
-
-
-
C:\Program Files\Java\jdk1.8.0_66\include\backup.exe"C:\Program Files\Java\jdk1.8.0_66\include\backup.exe" C:\Program Files\Java\jdk1.8.0_66\include\7⤵
-
-
-
C:\Program Files\Java\jre1.8.0_66\System Restore.exe"C:\Program Files\Java\jre1.8.0_66\System Restore.exe" C:\Program Files\Java\jre1.8.0_66\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files\Java\jre1.8.0_66\bin\backup.exe"C:\Program Files\Java\jre1.8.0_66\bin\backup.exe" C:\Program Files\Java\jre1.8.0_66\bin\7⤵
- Drops file in Program Files directory
-
-
C:\Program Files\Java\jre1.8.0_66\lib\backup.exe"C:\Program Files\Java\jre1.8.0_66\lib\backup.exe" C:\Program Files\Java\jre1.8.0_66\lib\7⤵
-
-
-
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
C:\Program Files\Microsoft Office\Office16\backup.exe"C:\Program Files\Microsoft Office\Office16\backup.exe" C:\Program Files\Microsoft Office\Office16\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Microsoft Office\PackageManifests\backup.exe"C:\Program Files\Microsoft Office\PackageManifests\backup.exe" C:\Program Files\Microsoft Office\PackageManifests\6⤵
- System policy modification
-
-
C:\Program Files\Microsoft Office\root\backup.exe"C:\Program Files\Microsoft Office\root\backup.exe" C:\Program Files\Microsoft Office\root\6⤵
-
-
-
-
C:\Program Files (x86)\update.exe"C:\Program Files (x86)\update.exe" C:\Program Files (x86)\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\6⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\7⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\8⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\8⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\7⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\8⤵
- Modifies visibility of file extensions in Explorer
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\9⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\7⤵
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\ARM\System Restore.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\System Restore.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\7⤵
-
-
-
C:\Program Files (x86)\Common Files\Java\System Restore.exe"C:\Program Files (x86)\Common Files\Java\System Restore.exe" C:\Program Files (x86)\Common Files\Java\6⤵
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Disables RegEdit via registry modification
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
- System policy modification
-
C:\Users\Admin\3D Objects\backup.exe"C:\Users\Admin\3D Objects\backup.exe" C:\Users\Admin\3D Objects\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exeC:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exe C:\Users\Admin\AppData\Local\Temp\acrocef_low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD503d54c444be1fbc1adbe8e8ee9893bab
SHA17f262ad554bfb840d471f0d52fbe1bc09260d52d
SHA256b0c0400a564103c9c23b876944e9c2c55c7cce37219830781effcb3399acd0c6
SHA5128f881b8eab9cc46e722987d840fb01f7bb8278cf8c293b89a6d77bdbc4118f0d32029c8ea40597da81701027e899543fc587401d4ef813f24f56709108c9ca35
-
Filesize
72KB
MD503d54c444be1fbc1adbe8e8ee9893bab
SHA17f262ad554bfb840d471f0d52fbe1bc09260d52d
SHA256b0c0400a564103c9c23b876944e9c2c55c7cce37219830781effcb3399acd0c6
SHA5128f881b8eab9cc46e722987d840fb01f7bb8278cf8c293b89a6d77bdbc4118f0d32029c8ea40597da81701027e899543fc587401d4ef813f24f56709108c9ca35
-
Filesize
72KB
MD501277c2758f1c28021effaa0e77b69db
SHA1b4aaccb486bb60e0f3dbdb09105ab2166a6e24a6
SHA2567aa5dd41f6eb7d9f1f647079c1f93451aee0e3e764b99139312e9adcfb21391e
SHA5123be8bd9cf9bea20549641cec5847d47a1cb91e92508f0462dbaa6c0883f00ddf4376e04ed5b6a6b81356773b9cfb61c7341e285aeb7e5a696f7476070c461607
-
Filesize
72KB
MD501277c2758f1c28021effaa0e77b69db
SHA1b4aaccb486bb60e0f3dbdb09105ab2166a6e24a6
SHA2567aa5dd41f6eb7d9f1f647079c1f93451aee0e3e764b99139312e9adcfb21391e
SHA5123be8bd9cf9bea20549641cec5847d47a1cb91e92508f0462dbaa6c0883f00ddf4376e04ed5b6a6b81356773b9cfb61c7341e285aeb7e5a696f7476070c461607
-
Filesize
72KB
MD506f7f0485d2e41dcac37188f0a47e1f0
SHA173151bd97d0ecd2695755e6ab1a6c7b8965c4b72
SHA256e614d1a90b93d19645e35ae05480d15db5dccff67e50c1000c2927bad8a38d1b
SHA5120683a48909e4a02a87f385758cf4cef7a4af304d00a004a89a14f9b0393dc69dce181cba9ade94a94594c51f9886f609df643ca610e71bec776b609f1f96a155
-
Filesize
72KB
MD506f7f0485d2e41dcac37188f0a47e1f0
SHA173151bd97d0ecd2695755e6ab1a6c7b8965c4b72
SHA256e614d1a90b93d19645e35ae05480d15db5dccff67e50c1000c2927bad8a38d1b
SHA5120683a48909e4a02a87f385758cf4cef7a4af304d00a004a89a14f9b0393dc69dce181cba9ade94a94594c51f9886f609df643ca610e71bec776b609f1f96a155
-
Filesize
72KB
MD526aabc04bcda9dbb329d3d8b23397a59
SHA180186d6d046ea91d87e64536a0e8bffe1b42434a
SHA25648b599d929f4ddb29da621954c6f16e2234c0520c41aa89903ce549429f33193
SHA5121495c34e6cc514df535dbefdefcf91a67b08d0a1f406e0cc03c7ac3d9710ab3ed0e4a71bd499e8f3a598e03a49c3b5e4064aa966a9a5e46a7bb8b0c7b975e54b
-
Filesize
72KB
MD526aabc04bcda9dbb329d3d8b23397a59
SHA180186d6d046ea91d87e64536a0e8bffe1b42434a
SHA25648b599d929f4ddb29da621954c6f16e2234c0520c41aa89903ce549429f33193
SHA5121495c34e6cc514df535dbefdefcf91a67b08d0a1f406e0cc03c7ac3d9710ab3ed0e4a71bd499e8f3a598e03a49c3b5e4064aa966a9a5e46a7bb8b0c7b975e54b
-
Filesize
72KB
MD530be2fdd54bddaa6b412d4a79f4928de
SHA13157a44852d9acff5185646a4116fb6ef3e49109
SHA256b87fff23030a63c00764332ae0a70064ec7911386a338728ca6acfc21682ede0
SHA5123e959957370a9c243b32ed62e0739103e0fad65361b597d2d41b8b08efad2bdbcbe8de9ed844411cffac4db785963cf6b82a2a19fd33608a4e460ab46b581a01
-
Filesize
72KB
MD530be2fdd54bddaa6b412d4a79f4928de
SHA13157a44852d9acff5185646a4116fb6ef3e49109
SHA256b87fff23030a63c00764332ae0a70064ec7911386a338728ca6acfc21682ede0
SHA5123e959957370a9c243b32ed62e0739103e0fad65361b597d2d41b8b08efad2bdbcbe8de9ed844411cffac4db785963cf6b82a2a19fd33608a4e460ab46b581a01
-
Filesize
72KB
MD5877cdd0db0a2882f3a380c3ca6d6c8d1
SHA1b7c7670a95c8ec24ca126e268e6ea1156909ba5e
SHA2569f42472b7178ca2ae262552531af271689b5c6cbf8b50e1b890fbba19d28e8ac
SHA5122289815e9b92ee221a07779a3dcbd31b4056c0f8cadf0f270ed3b1e9902878da05a90aa91e1b94e46f5ce32cd175ab18d9e7ef49ef1149e1dfdd136c84cf8446
-
Filesize
72KB
MD5877cdd0db0a2882f3a380c3ca6d6c8d1
SHA1b7c7670a95c8ec24ca126e268e6ea1156909ba5e
SHA2569f42472b7178ca2ae262552531af271689b5c6cbf8b50e1b890fbba19d28e8ac
SHA5122289815e9b92ee221a07779a3dcbd31b4056c0f8cadf0f270ed3b1e9902878da05a90aa91e1b94e46f5ce32cd175ab18d9e7ef49ef1149e1dfdd136c84cf8446
-
Filesize
72KB
MD516452bf5855744326346eaf5fb2b085d
SHA149ec45891b76506197c03f9d0e92d7856b3be22a
SHA2569994b78050634b571a38a52f1b366db82ae79a1bf8b2e25c3bbce49d1349d1b1
SHA51270bf9eecb0238f45052d438bc1546db14d44a3fb25e90366d51849289ead480d7ec52638c51d4b0394cced6f43fcf1cb5aff7f676cb7f7284080edb5fa461699
-
Filesize
72KB
MD516452bf5855744326346eaf5fb2b085d
SHA149ec45891b76506197c03f9d0e92d7856b3be22a
SHA2569994b78050634b571a38a52f1b366db82ae79a1bf8b2e25c3bbce49d1349d1b1
SHA51270bf9eecb0238f45052d438bc1546db14d44a3fb25e90366d51849289ead480d7ec52638c51d4b0394cced6f43fcf1cb5aff7f676cb7f7284080edb5fa461699
-
Filesize
72KB
MD59710b9424622d0517ec24d95513f0108
SHA174f37536fbc376b5b47f05f475c5be76449ae818
SHA2562069dd1c6b2286c64287182a5100e89a7499ff5d8ccca20a08eb1887c6da37d1
SHA512f1970ac1a38f45b4fd923ddede7924465aeeb1edb423db9d0581634d0398d21c77c19baf33e15bc4c3717c1d34d8814ee12aca032c09fab56d763caad2da76b9
-
Filesize
72KB
MD59710b9424622d0517ec24d95513f0108
SHA174f37536fbc376b5b47f05f475c5be76449ae818
SHA2562069dd1c6b2286c64287182a5100e89a7499ff5d8ccca20a08eb1887c6da37d1
SHA512f1970ac1a38f45b4fd923ddede7924465aeeb1edb423db9d0581634d0398d21c77c19baf33e15bc4c3717c1d34d8814ee12aca032c09fab56d763caad2da76b9
-
Filesize
72KB
MD551b7891e2ed519e6afdaf2057dfba4e5
SHA1150f8341da842b3b9862bb08bf7f55aa661effa2
SHA256f484fbf150e4d5bf70b5833f9b6d4638b1aeaef325599a5a9eb36c289399462d
SHA512a38e3cc640b2cba403fad1ff788d1d08de49e31368cbeae33aed8bc116acd4db5b50703d10e00675576f7ebab529445765dcd49d2271d562678ae44826c36d79
-
Filesize
72KB
MD551b7891e2ed519e6afdaf2057dfba4e5
SHA1150f8341da842b3b9862bb08bf7f55aa661effa2
SHA256f484fbf150e4d5bf70b5833f9b6d4638b1aeaef325599a5a9eb36c289399462d
SHA512a38e3cc640b2cba403fad1ff788d1d08de49e31368cbeae33aed8bc116acd4db5b50703d10e00675576f7ebab529445765dcd49d2271d562678ae44826c36d79
-
Filesize
72KB
MD5f63d7dd4eae5dc0dc289c146167b5413
SHA13a0289e82e50793c83861988ee5295cc1bacce84
SHA2564a131287f2b28b4c2ff175f3fe230e4820fafb74c40fb5e83f727314b5983db9
SHA51269ea4b030df8c0394a4a7493e08c6b1e46f31e6407b7b45202ef8acbc63e1812b22fc08e436afe704225c87998fac14d57a32de4e3b472212b9e30ca7941d246
-
Filesize
72KB
MD5f63d7dd4eae5dc0dc289c146167b5413
SHA13a0289e82e50793c83861988ee5295cc1bacce84
SHA2564a131287f2b28b4c2ff175f3fe230e4820fafb74c40fb5e83f727314b5983db9
SHA51269ea4b030df8c0394a4a7493e08c6b1e46f31e6407b7b45202ef8acbc63e1812b22fc08e436afe704225c87998fac14d57a32de4e3b472212b9e30ca7941d246
-
Filesize
72KB
MD5bb179af38ce2bddcd005e4475a856ee4
SHA11486cee30884ed75fad1dd10d7545d223562bead
SHA25674dad19e9cdf6e907b01a99d0edecd9bdae858a86d3a61f4b7762a7a8c902902
SHA512ca19feca5b40f8cc775e5fd3eb7226beb5d505b204b323dd457b84cc78ead05f9a894efa3b383c928a5cd2e76fb0c968b78865daed828fd44ca5657d0a6a14b7
-
Filesize
72KB
MD5bb179af38ce2bddcd005e4475a856ee4
SHA11486cee30884ed75fad1dd10d7545d223562bead
SHA25674dad19e9cdf6e907b01a99d0edecd9bdae858a86d3a61f4b7762a7a8c902902
SHA512ca19feca5b40f8cc775e5fd3eb7226beb5d505b204b323dd457b84cc78ead05f9a894efa3b383c928a5cd2e76fb0c968b78865daed828fd44ca5657d0a6a14b7
-
Filesize
72KB
MD5212b86e9c909aa3798e8fff826cbbeb3
SHA1c4d8592e15c937fd6f7eb21398039e496cc77357
SHA25610a9a3d55e2506ac3c339322abfc35319484f5f9122a35bb552f26adbcb8ed10
SHA512e1f6c15a083932b34d58bf443fb805fe992089478f1657c01895a1dd527969966530f13c213844a5ef8c2d780a791e89aa995f76e843990e1cdf185dd5f5a2b3
-
Filesize
72KB
MD5212b86e9c909aa3798e8fff826cbbeb3
SHA1c4d8592e15c937fd6f7eb21398039e496cc77357
SHA25610a9a3d55e2506ac3c339322abfc35319484f5f9122a35bb552f26adbcb8ed10
SHA512e1f6c15a083932b34d58bf443fb805fe992089478f1657c01895a1dd527969966530f13c213844a5ef8c2d780a791e89aa995f76e843990e1cdf185dd5f5a2b3
-
Filesize
72KB
MD52c9f7b8ba7d132017e1a6f148af91567
SHA13db8119027cfbd40d5bda192a104ae95afd616b7
SHA2568fa6916b380acdb1d2b1ccc23b8583545c1cbaaace6843d8ec29c1122e41d92f
SHA512a1586a6372d20a3eb14353b9695061fb2c1b3d94e2052dd8e170e813c0896487e2074ffa4af5680818a26c9bb1c96f47bebe10e99b2486344b7fded152dc60f1
-
Filesize
72KB
MD52c9f7b8ba7d132017e1a6f148af91567
SHA13db8119027cfbd40d5bda192a104ae95afd616b7
SHA2568fa6916b380acdb1d2b1ccc23b8583545c1cbaaace6843d8ec29c1122e41d92f
SHA512a1586a6372d20a3eb14353b9695061fb2c1b3d94e2052dd8e170e813c0896487e2074ffa4af5680818a26c9bb1c96f47bebe10e99b2486344b7fded152dc60f1
-
Filesize
72KB
MD59710b9424622d0517ec24d95513f0108
SHA174f37536fbc376b5b47f05f475c5be76449ae818
SHA2562069dd1c6b2286c64287182a5100e89a7499ff5d8ccca20a08eb1887c6da37d1
SHA512f1970ac1a38f45b4fd923ddede7924465aeeb1edb423db9d0581634d0398d21c77c19baf33e15bc4c3717c1d34d8814ee12aca032c09fab56d763caad2da76b9
-
Filesize
72KB
MD59710b9424622d0517ec24d95513f0108
SHA174f37536fbc376b5b47f05f475c5be76449ae818
SHA2562069dd1c6b2286c64287182a5100e89a7499ff5d8ccca20a08eb1887c6da37d1
SHA512f1970ac1a38f45b4fd923ddede7924465aeeb1edb423db9d0581634d0398d21c77c19baf33e15bc4c3717c1d34d8814ee12aca032c09fab56d763caad2da76b9
-
Filesize
72KB
MD5bde0517bec0bd0b4286a53e74f9097ab
SHA100466bcf59b17094e86781a2335bb854a1eff147
SHA256e99f2a8dec595e2bef056990636047221cd09c1b78c86e7acfab339f7b1aa19b
SHA512ab4f164da1153ff9bda5a897bb12b0ae7d9240c4574889fbed0e53bf83ed6aab8b40730b5a91034c337b8ccbcf0adb37025f8afb37d561ca319c1d1b94cd99c7
-
Filesize
72KB
MD5bde0517bec0bd0b4286a53e74f9097ab
SHA100466bcf59b17094e86781a2335bb854a1eff147
SHA256e99f2a8dec595e2bef056990636047221cd09c1b78c86e7acfab339f7b1aa19b
SHA512ab4f164da1153ff9bda5a897bb12b0ae7d9240c4574889fbed0e53bf83ed6aab8b40730b5a91034c337b8ccbcf0adb37025f8afb37d561ca319c1d1b94cd99c7
-
Filesize
72KB
MD5ef442e78c3ec7720704f43ecc67ad949
SHA19c40ed9bc91c8c097c420b770079d66d133d69da
SHA256f4e401d8a00bd28ad611b50d79e21862f4a9501be8a18c7961b191fa9b79efc0
SHA51210ec192a98f7883dfd09d0863051b01d409c8fa12066af37411fbd6889dbe1d496ace602f02854a344f5acd833ccccc6ac789ef1a35dd791ac7bf72fca1e4fa4
-
Filesize
72KB
MD5ef442e78c3ec7720704f43ecc67ad949
SHA19c40ed9bc91c8c097c420b770079d66d133d69da
SHA256f4e401d8a00bd28ad611b50d79e21862f4a9501be8a18c7961b191fa9b79efc0
SHA51210ec192a98f7883dfd09d0863051b01d409c8fa12066af37411fbd6889dbe1d496ace602f02854a344f5acd833ccccc6ac789ef1a35dd791ac7bf72fca1e4fa4
-
Filesize
72KB
MD5ad6ac0e4fbf3ec3d3dca15e0eb2c4e19
SHA1341b3c70c0bd21347090a5d640bb7e4515f3c91e
SHA256629d9707df84f33cfe940fe01215cee3e35fe748718d0d99a8a6d33d237666a7
SHA5121f7becdb95765479cc093349fde4c69b668a61e162e984e3ce784f6e9474c489bd5f456c6db2dd72bddfdd148292bb7022d6aec8994ef1590af16785ed1fc7ac
-
Filesize
72KB
MD5ad6ac0e4fbf3ec3d3dca15e0eb2c4e19
SHA1341b3c70c0bd21347090a5d640bb7e4515f3c91e
SHA256629d9707df84f33cfe940fe01215cee3e35fe748718d0d99a8a6d33d237666a7
SHA5121f7becdb95765479cc093349fde4c69b668a61e162e984e3ce784f6e9474c489bd5f456c6db2dd72bddfdd148292bb7022d6aec8994ef1590af16785ed1fc7ac
-
Filesize
72KB
MD5020bdbfe98b1bc7956900fdf04365ef1
SHA1b5a19f616da554ae6750ff27c884ba6f628e5011
SHA2563ac0e5a81d4a928d77e44b2b83b3663a17e9a5e9492794c076b09f30b1cbd72a
SHA51276ace902f6ec805f857a27ba9645b04f9ca5e95acae70d36b4a6fb066d90cdfd76d728a22dc93f8893914f576b85696b08a9ca8ea979c3a25cd61c719d708fac
-
Filesize
72KB
MD5020bdbfe98b1bc7956900fdf04365ef1
SHA1b5a19f616da554ae6750ff27c884ba6f628e5011
SHA2563ac0e5a81d4a928d77e44b2b83b3663a17e9a5e9492794c076b09f30b1cbd72a
SHA51276ace902f6ec805f857a27ba9645b04f9ca5e95acae70d36b4a6fb066d90cdfd76d728a22dc93f8893914f576b85696b08a9ca8ea979c3a25cd61c719d708fac
-
Filesize
72KB
MD55742b328760565b5754f814abf7e6dc6
SHA1d8a36620871bc75353535f78da98f20144970f51
SHA256ec55813faa1298261ed1d049ec776d8507991bb1a1f6e5afd7ac741c4c96b054
SHA512f33d6b89e2a6a7dcc02ffec5d5bd566756ed36597c4d46414e9e1b443079cda6838139c7acf3aa39267fea70170ce360c32eb98929fb3ffb4b9104f61aa45932
-
Filesize
72KB
MD55742b328760565b5754f814abf7e6dc6
SHA1d8a36620871bc75353535f78da98f20144970f51
SHA256ec55813faa1298261ed1d049ec776d8507991bb1a1f6e5afd7ac741c4c96b054
SHA512f33d6b89e2a6a7dcc02ffec5d5bd566756ed36597c4d46414e9e1b443079cda6838139c7acf3aa39267fea70170ce360c32eb98929fb3ffb4b9104f61aa45932
-
Filesize
72KB
MD5930df48550c05efe9cc2904d4cc0f984
SHA10be705a8cd4a612142ca79aa52ce6c72ae548e8c
SHA256f3e15985e4ee25b4d8494cab7b967518dab4d4412456d3a84990080ab215943c
SHA51249dd2460bd2536bc2ae4fd9b33b5c7a6dba02a529b9e16133f43d3b6096085ab91087c31e7a3ad2d95c56bf81425a89fe5c9a553c4e7834ae087f4e62f5b7528
-
Filesize
72KB
MD5930df48550c05efe9cc2904d4cc0f984
SHA10be705a8cd4a612142ca79aa52ce6c72ae548e8c
SHA256f3e15985e4ee25b4d8494cab7b967518dab4d4412456d3a84990080ab215943c
SHA51249dd2460bd2536bc2ae4fd9b33b5c7a6dba02a529b9e16133f43d3b6096085ab91087c31e7a3ad2d95c56bf81425a89fe5c9a553c4e7834ae087f4e62f5b7528
-
Filesize
72KB
MD566d4983cb275e895e90f6f63ca4d958c
SHA1a0e5fce64c228e5545e08cdbb0acce76ba1fb89c
SHA256be62eb6e270b33d1a133b4de6ef1a54d9577cdafc014d42b00921f16d2798aa3
SHA5124471c0bc6fdfac36882b336872d5595399f469de5fb17de8ec89eb178bea32f30e4c4e95596d34825df2e993f1369044fd268dce31bb097a054d899a665ccf73
-
Filesize
72KB
MD566d4983cb275e895e90f6f63ca4d958c
SHA1a0e5fce64c228e5545e08cdbb0acce76ba1fb89c
SHA256be62eb6e270b33d1a133b4de6ef1a54d9577cdafc014d42b00921f16d2798aa3
SHA5124471c0bc6fdfac36882b336872d5595399f469de5fb17de8ec89eb178bea32f30e4c4e95596d34825df2e993f1369044fd268dce31bb097a054d899a665ccf73
-
Filesize
72KB
MD5fd86c7971979ab374f53fadb40a2270c
SHA10567cebddbbc49bb65fe5be52219de5724434f65
SHA256e91f824ac758ca9413147b8d95e1e78a126a1e60f9d582be7366c86917285d84
SHA5121074c5456013995941bef2284d830e6b4703b701adb5364e41af6065752b0c361f4579c5adf004cb6a105efc572b537786663e136279e64abc148ba3d793d55c
-
Filesize
72KB
MD5fd86c7971979ab374f53fadb40a2270c
SHA10567cebddbbc49bb65fe5be52219de5724434f65
SHA256e91f824ac758ca9413147b8d95e1e78a126a1e60f9d582be7366c86917285d84
SHA5121074c5456013995941bef2284d830e6b4703b701adb5364e41af6065752b0c361f4579c5adf004cb6a105efc572b537786663e136279e64abc148ba3d793d55c
-
Filesize
72KB
MD503d54c444be1fbc1adbe8e8ee9893bab
SHA17f262ad554bfb840d471f0d52fbe1bc09260d52d
SHA256b0c0400a564103c9c23b876944e9c2c55c7cce37219830781effcb3399acd0c6
SHA5128f881b8eab9cc46e722987d840fb01f7bb8278cf8c293b89a6d77bdbc4118f0d32029c8ea40597da81701027e899543fc587401d4ef813f24f56709108c9ca35
-
Filesize
72KB
MD503d54c444be1fbc1adbe8e8ee9893bab
SHA17f262ad554bfb840d471f0d52fbe1bc09260d52d
SHA256b0c0400a564103c9c23b876944e9c2c55c7cce37219830781effcb3399acd0c6
SHA5128f881b8eab9cc46e722987d840fb01f7bb8278cf8c293b89a6d77bdbc4118f0d32029c8ea40597da81701027e899543fc587401d4ef813f24f56709108c9ca35
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD59b2cf375e42233afe553943c3643986a
SHA139897ac9bba06fb6aab6685d3b319241e8e23031
SHA2563ec5f5654174483b46646e707aff335ee60d07e1c502bb5e763b51e66d18f440
SHA5125aa96c0751786efb08d0ab848ebe0dd0a53decacc976fdc31d85fd588648d3a5d65c4d5024e5546594e19b7f07557c05f239b18daf98b18a1b26ef6b0fa678a6
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD5d180b8f97975b358ade8f6d6802527e3
SHA1d18f0b1ed5fbfc4e026a26005af5190ec0c6720d
SHA25633534e83ec8d00fec33cbbc953f6cafd8742ec29f00671b9b14ee4fc64d8de0d
SHA51215deb4dbe8ada804dc35af03159f7f5bf0c58502f7fe158a80719e225a6e86d8af7fe46f17922edccdeaeb57ea5074180e853a0598b13d64a56b616e65d35b8a
-
Filesize
72KB
MD5411a0db50155c3ce32adda3fb9239ffe
SHA12954d4718356d406b42f12d90a81f6440e67fad3
SHA256c868e30002083a85785b0bdbc9f7eea12c49bf0aaae4d1463def6d1e94d4c262
SHA5127b473133f3adc871c7bd3587e92f3bed0672bad76485168fc373729a72b1eb4d3eab301557076871d93b6445ffc6ff60ef237c4fa38c719d271b1fce16b92733
-
Filesize
72KB
MD5411a0db50155c3ce32adda3fb9239ffe
SHA12954d4718356d406b42f12d90a81f6440e67fad3
SHA256c868e30002083a85785b0bdbc9f7eea12c49bf0aaae4d1463def6d1e94d4c262
SHA5127b473133f3adc871c7bd3587e92f3bed0672bad76485168fc373729a72b1eb4d3eab301557076871d93b6445ffc6ff60ef237c4fa38c719d271b1fce16b92733
-
Filesize
72KB
MD5c51f3c7b6ef754e907350928712d1875
SHA1faa03377acab3a496643f4c890605476c2982c63
SHA256bc78c945081015c61d9c1dd7a0f4e128c29c7637307b81ccc018168e8572136a
SHA5127df812545624af96a9b8f58896df70730479e099493bfb51dbeec87cc709571b274b3ad363cf4cf23e5327daf27ace4e304c40ee8a900ba03f8593040b9afd6c
-
Filesize
72KB
MD5c51f3c7b6ef754e907350928712d1875
SHA1faa03377acab3a496643f4c890605476c2982c63
SHA256bc78c945081015c61d9c1dd7a0f4e128c29c7637307b81ccc018168e8572136a
SHA5127df812545624af96a9b8f58896df70730479e099493bfb51dbeec87cc709571b274b3ad363cf4cf23e5327daf27ace4e304c40ee8a900ba03f8593040b9afd6c
-
Filesize
72KB
MD5fe388bd6298ac55bb96225686bd6e30e
SHA1d3522aaa92cdd005be9c286181827b79be425bf6
SHA256ae63ddf2836ce756f134cdbc18f33c46001ac2430d2d1b20cea7aca712824e8a
SHA5122dca965f71cd93d1e035a0d94014809d2db2804efc1d00c784cd1effa0ecff22045ea20d02a77be4a7ca1678e8834c49c9cab89d7bfbee11aefe0a79d9193a03
-
Filesize
72KB
MD5fe388bd6298ac55bb96225686bd6e30e
SHA1d3522aaa92cdd005be9c286181827b79be425bf6
SHA256ae63ddf2836ce756f134cdbc18f33c46001ac2430d2d1b20cea7aca712824e8a
SHA5122dca965f71cd93d1e035a0d94014809d2db2804efc1d00c784cd1effa0ecff22045ea20d02a77be4a7ca1678e8834c49c9cab89d7bfbee11aefe0a79d9193a03