Analysis
-
max time kernel
387s -
max time network
452s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
02/12/2022, 19:53
General
-
Target
d7f653b8a4f06620f139f28169db6a92f463b25cd8541ed05d75099db79d4be3.exe
-
Size
72KB
-
MD5
68ac7c9025198b790844d12d81f034c6
-
SHA1
3734e85ce943bb78a493597331ec483811ec0fb4
-
SHA256
d7f653b8a4f06620f139f28169db6a92f463b25cd8541ed05d75099db79d4be3
-
SHA512
fa02bf7f19bb8a5ef617183c3d4732abfbe30f1b91c71540f0ebf0a2fdeff86a83727c9ece9e91206a7546ef3cbdc4d1aae475ec7b84f302e4b899680a213f65
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2q:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrW
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 16 IoCs
-
Disables RegEdit via registry modification 32 IoCs
-
Executes dropped EXE 17 IoCs
-
Drops file in Program Files directory 11 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 18 IoCs
-
Suspicious use of WriteProcessMemory 51 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d7f653b8a4f06620f139f28169db6a92f463b25cd8541ed05d75099db79d4be3.exe"C:\Users\Admin\AppData\Local\Temp\d7f653b8a4f06620f139f28169db6a92f463b25cd8541ed05d75099db79d4be3.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Users\Admin\AppData\Local\Temp\888503787\backup.exeC:\Users\Admin\AppData\Local\Temp\888503787\backup.exe C:\Users\Admin\AppData\Local\Temp\888503787\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\update.exe\update.exe \3⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\odt\backup.exeC:\odt\backup.exe C:\odt\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\PerfLogs\update.exeC:\PerfLogs\update.exe C:\PerfLogs\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\DESIGNER\backup.exe"C:\Program Files\Common Files\DESIGNER\backup.exe" C:\Program Files\Common Files\DESIGNER\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\backup.exe"C:\Program Files\Common Files\microsoft shared\backup.exe" C:\Program Files\Common Files\microsoft shared\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\ClickToRun\update.exe"C:\Program Files\Common Files\microsoft shared\ClickToRun\update.exe" C:\Program Files\Common Files\microsoft shared\ClickToRun\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exeC:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exe C:\Users\Admin\AppData\Local\Temp\acrocef_low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD57707dfbf129649f4e5fb15952c13b980
SHA135cd4fa1cabd009a6c7d80655493d0bc744e25c9
SHA2562211238919dbe9f0c8467f2329199797a4374a0d73eb39139316e1e09a429f79
SHA5127dc22d8ee40977e33d804c23c1f1899b5f45252064a5fa6e7d82a3d2270f42b784b631132f6a38ff83dd7d8b791e4ea01ff247da878765ae7b447a1346c84829
-
Filesize
72KB
MD57707dfbf129649f4e5fb15952c13b980
SHA135cd4fa1cabd009a6c7d80655493d0bc744e25c9
SHA2562211238919dbe9f0c8467f2329199797a4374a0d73eb39139316e1e09a429f79
SHA5127dc22d8ee40977e33d804c23c1f1899b5f45252064a5fa6e7d82a3d2270f42b784b631132f6a38ff83dd7d8b791e4ea01ff247da878765ae7b447a1346c84829
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD530417c3815157bfa6d7fa3fb5c0ffeee
SHA16bbbcef181c9083b1cfd110bafab2d9c9f29d102
SHA2562aeb9c531888f1f7b118dc99f5d8c94924885290e4d35888823d38d78ca39f54
SHA512013280e18e4788129ccfa5968566fa97a535461a70072b684371df8b00c76e733a9084a37376641df83aba3d0b24f67651ff154ca6db477fdb766b305724a475
-
Filesize
72KB
MD530417c3815157bfa6d7fa3fb5c0ffeee
SHA16bbbcef181c9083b1cfd110bafab2d9c9f29d102
SHA2562aeb9c531888f1f7b118dc99f5d8c94924885290e4d35888823d38d78ca39f54
SHA512013280e18e4788129ccfa5968566fa97a535461a70072b684371df8b00c76e733a9084a37376641df83aba3d0b24f67651ff154ca6db477fdb766b305724a475
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD530417c3815157bfa6d7fa3fb5c0ffeee
SHA16bbbcef181c9083b1cfd110bafab2d9c9f29d102
SHA2562aeb9c531888f1f7b118dc99f5d8c94924885290e4d35888823d38d78ca39f54
SHA512013280e18e4788129ccfa5968566fa97a535461a70072b684371df8b00c76e733a9084a37376641df83aba3d0b24f67651ff154ca6db477fdb766b305724a475
-
Filesize
72KB
MD530417c3815157bfa6d7fa3fb5c0ffeee
SHA16bbbcef181c9083b1cfd110bafab2d9c9f29d102
SHA2562aeb9c531888f1f7b118dc99f5d8c94924885290e4d35888823d38d78ca39f54
SHA512013280e18e4788129ccfa5968566fa97a535461a70072b684371df8b00c76e733a9084a37376641df83aba3d0b24f67651ff154ca6db477fdb766b305724a475
-
Filesize
72KB
MD5899bf1030bae2bc88b03f1536792e357
SHA17e2cfa64925bbc2f52340e713a7e5d7d7189558b
SHA2565eef001745114cba0bb0024ddf70379f6759c51f7084fdc83960d96deff2f014
SHA512ccc86dffd337921cdc335678aa8d6ef25d2f0ce3f486cb1c0fe66acc991d767ae8e5c2dcd91f09a81fcf23a5759493cd4b0bda81982e2a536756d81ab7840356
-
Filesize
72KB
MD5899bf1030bae2bc88b03f1536792e357
SHA17e2cfa64925bbc2f52340e713a7e5d7d7189558b
SHA2565eef001745114cba0bb0024ddf70379f6759c51f7084fdc83960d96deff2f014
SHA512ccc86dffd337921cdc335678aa8d6ef25d2f0ce3f486cb1c0fe66acc991d767ae8e5c2dcd91f09a81fcf23a5759493cd4b0bda81982e2a536756d81ab7840356
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD5de42398c952915f89537aafcc645cbec
SHA17eae5772d378e24543dafc21d09ca0bcc257d1a0
SHA25652da163f11fac58af949e02067e90389079957348cc20e2d95bdb8775334e864
SHA5126841755db51dc09df6a491fca9bf5e4e60a2763488ccf254675bcfd5d9c1c93fa5abed719d829998c50609b76c9c01a12ea8c9df4a963ca2243e5f2708874fdc
-
Filesize
72KB
MD5a994d15bd475065af1084195d6ccbc5d
SHA1cbfbf94dfd8a40ca94c6707274ce9ed6d4d5ecb1
SHA256cec7362339fa997615aa99ee5a7f37a02450f06a5eb1e757177a3fc12072125c
SHA512a6bbfb4dda821621d4a69b4fa5a42e6b9ce4c764edeeba670bdadf47bcdea3b20489094e1c8ba36a8c6d5c859ec11211d71b87c5f14f0757e890c9e2576a836a
-
Filesize
72KB
MD5a994d15bd475065af1084195d6ccbc5d
SHA1cbfbf94dfd8a40ca94c6707274ce9ed6d4d5ecb1
SHA256cec7362339fa997615aa99ee5a7f37a02450f06a5eb1e757177a3fc12072125c
SHA512a6bbfb4dda821621d4a69b4fa5a42e6b9ce4c764edeeba670bdadf47bcdea3b20489094e1c8ba36a8c6d5c859ec11211d71b87c5f14f0757e890c9e2576a836a
-
Filesize
72KB
MD53adc97b90c9f98a4ea22b09aea1e100a
SHA1dca8358affa24be6a409d311f4b8e65a80bdb926
SHA25687da74adc2fcfa1616b74bf8a5af84280ef8184c182a6bf25e8ddf27f556eebe
SHA512978d9bb0584ab88f145de7b65a1f13bfc0239e44397850458719b851fdac2f0dd257d8146c7ddbb55dd104decce87136968f2d499e830f158585e6e1ceb4b11e
-
Filesize
72KB
MD53adc97b90c9f98a4ea22b09aea1e100a
SHA1dca8358affa24be6a409d311f4b8e65a80bdb926
SHA25687da74adc2fcfa1616b74bf8a5af84280ef8184c182a6bf25e8ddf27f556eebe
SHA512978d9bb0584ab88f145de7b65a1f13bfc0239e44397850458719b851fdac2f0dd257d8146c7ddbb55dd104decce87136968f2d499e830f158585e6e1ceb4b11e
-
Filesize
72KB
MD5362bd073b93713baf8144105087fa6b7
SHA161609c79005fa94138cc77761730dc992db3daba
SHA256b60d4016508451deb18155dbf9bdfad393b66b8ecccb7e42b931902776a9844a
SHA512072eafdf4bd9e4c95a7a5c16306163cc02be43b57a3f0b49d368ea5f6e0eeb75c4cb8781750822a7b85d57b8e9b7e265732e56118c95c55ccd637beb52475027
-
Filesize
72KB
MD5362bd073b93713baf8144105087fa6b7
SHA161609c79005fa94138cc77761730dc992db3daba
SHA256b60d4016508451deb18155dbf9bdfad393b66b8ecccb7e42b931902776a9844a
SHA512072eafdf4bd9e4c95a7a5c16306163cc02be43b57a3f0b49d368ea5f6e0eeb75c4cb8781750822a7b85d57b8e9b7e265732e56118c95c55ccd637beb52475027
-
Filesize
72KB
MD53fa7fc20f486f1503a47995c5558f21c
SHA16ead3c4601755d668dd1fe38ea1d9e1756c1f0a2
SHA2567d4691e9e4cfec54845e402dbac1d17a4fff4942c5cc1f7ffff8294571718ff3
SHA512c9e410620c85e1e6b4839a969d4b717f6cf43c770e828ed378ded734a5f0876643d60bfa996fe98ac7304d254e196a657791425b0f847d62a9c9b9384eb94cb8
-
Filesize
72KB
MD53fa7fc20f486f1503a47995c5558f21c
SHA16ead3c4601755d668dd1fe38ea1d9e1756c1f0a2
SHA2567d4691e9e4cfec54845e402dbac1d17a4fff4942c5cc1f7ffff8294571718ff3
SHA512c9e410620c85e1e6b4839a969d4b717f6cf43c770e828ed378ded734a5f0876643d60bfa996fe98ac7304d254e196a657791425b0f847d62a9c9b9384eb94cb8
-
Filesize
72KB
MD581e80661f3d0b51ca669d5e1e0166fb8
SHA1c131be6cfdf3ee986ec8e5e381e279c1d314b2c3
SHA2561b162c052341ed809f37a0ecb7bf53d68ae98b4e928696396e84c47fbede06e1
SHA512f7798c4156847baf4d7ae9c547eb6d49438892f8ba4d347a9312b13b1b0fa0a772c401ab3fcdcdc7ba91fbae3c5f9e9fd15d2e793c307dbbaab162e0dc25e930
-
Filesize
72KB
MD581e80661f3d0b51ca669d5e1e0166fb8
SHA1c131be6cfdf3ee986ec8e5e381e279c1d314b2c3
SHA2561b162c052341ed809f37a0ecb7bf53d68ae98b4e928696396e84c47fbede06e1
SHA512f7798c4156847baf4d7ae9c547eb6d49438892f8ba4d347a9312b13b1b0fa0a772c401ab3fcdcdc7ba91fbae3c5f9e9fd15d2e793c307dbbaab162e0dc25e930
-
Filesize
72KB
MD53adc97b90c9f98a4ea22b09aea1e100a
SHA1dca8358affa24be6a409d311f4b8e65a80bdb926
SHA25687da74adc2fcfa1616b74bf8a5af84280ef8184c182a6bf25e8ddf27f556eebe
SHA512978d9bb0584ab88f145de7b65a1f13bfc0239e44397850458719b851fdac2f0dd257d8146c7ddbb55dd104decce87136968f2d499e830f158585e6e1ceb4b11e
-
Filesize
72KB
MD53adc97b90c9f98a4ea22b09aea1e100a
SHA1dca8358affa24be6a409d311f4b8e65a80bdb926
SHA25687da74adc2fcfa1616b74bf8a5af84280ef8184c182a6bf25e8ddf27f556eebe
SHA512978d9bb0584ab88f145de7b65a1f13bfc0239e44397850458719b851fdac2f0dd257d8146c7ddbb55dd104decce87136968f2d499e830f158585e6e1ceb4b11e
-
Filesize
72KB
MD51086f7e58d238a86a1235b684b0e979e
SHA18727879040c2e7b727af4d189330cc9fa927372c
SHA256e53a59d5ce2a908086648817fe9dfd0e547c8b02f5d8866d85d2a7c255f612af
SHA5127e671a576478d2e719bd128cadf5f78bd40441c69bfabfa92acbe62ff651eba3c0e05575793c5e2e15b13892e9f984ddfb930f9c0f042c90a15e1720427f5e86
-
Filesize
72KB
MD51086f7e58d238a86a1235b684b0e979e
SHA18727879040c2e7b727af4d189330cc9fa927372c
SHA256e53a59d5ce2a908086648817fe9dfd0e547c8b02f5d8866d85d2a7c255f612af
SHA5127e671a576478d2e719bd128cadf5f78bd40441c69bfabfa92acbe62ff651eba3c0e05575793c5e2e15b13892e9f984ddfb930f9c0f042c90a15e1720427f5e86
-
Filesize
72KB
MD5766cf15139c3cf1602d4ac0fb5f55ef4
SHA18c5f66821cb40aaf01ee78989fa57cb3b8fd1d62
SHA256d973c4d8bc5378638c43fa357456035b8233da6442e05913cd19f22efba2f105
SHA512b6bde1e29aa1de62efb503d566d01d69dc1beeec59f160140e78dfbf122fdd7d8d4313eb9f60c0234aeb69ad12f0d0f27b77b5821f95aa6952546dd473482adc
-
Filesize
72KB
MD5766cf15139c3cf1602d4ac0fb5f55ef4
SHA18c5f66821cb40aaf01ee78989fa57cb3b8fd1d62
SHA256d973c4d8bc5378638c43fa357456035b8233da6442e05913cd19f22efba2f105
SHA512b6bde1e29aa1de62efb503d566d01d69dc1beeec59f160140e78dfbf122fdd7d8d4313eb9f60c0234aeb69ad12f0d0f27b77b5821f95aa6952546dd473482adc
-
Filesize
72KB
MD561fc271e6a00458c449673c25706cdb6
SHA1b552249591d4550f132a4140f3f2bbe71437ed03
SHA256014ae2902740082b5bd5b55149a26d13d132b6db6661fb7dc14afd76771c0f2f
SHA51253bf46d85c36d744fc451bc1edc8dc31f0c45e278fbddfcd26d120f21687ea38e6692e3c400b8b9963991c6835b21c5c9ed4e0ce8c32ed482531b292f92aad09
-
Filesize
72KB
MD561fc271e6a00458c449673c25706cdb6
SHA1b552249591d4550f132a4140f3f2bbe71437ed03
SHA256014ae2902740082b5bd5b55149a26d13d132b6db6661fb7dc14afd76771c0f2f
SHA51253bf46d85c36d744fc451bc1edc8dc31f0c45e278fbddfcd26d120f21687ea38e6692e3c400b8b9963991c6835b21c5c9ed4e0ce8c32ed482531b292f92aad09
-
Filesize
72KB
MD5dba6675187af811b9a2db35d47c6417e
SHA125263a3759fb9f177ed310cb13c34dc8c62fd27d
SHA256918d814a2156a13057330ebddeed07dc779cce7cee0be244572cd0a0c9b99c36
SHA51244039e4c4b7a5f49000a57753ec7e5f444bbd9047714d7a22ea19c3470896242fc6e3f839f0c054cbe3c1c9349f8177158e73a6a9fb240f220718cf716f7fb9b
-
Filesize
72KB
MD5dba6675187af811b9a2db35d47c6417e
SHA125263a3759fb9f177ed310cb13c34dc8c62fd27d
SHA256918d814a2156a13057330ebddeed07dc779cce7cee0be244572cd0a0c9b99c36
SHA51244039e4c4b7a5f49000a57753ec7e5f444bbd9047714d7a22ea19c3470896242fc6e3f839f0c054cbe3c1c9349f8177158e73a6a9fb240f220718cf716f7fb9b