Analysis
-
max time kernel
192s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
03/12/2022, 16:45
General
-
Target
c47901d302f4352cd027880c41305faabc00a60cc6fbc87fd2090d13c5e534b6.exe
-
Size
72KB
-
MD5
0747a520f87c84f8fa934eb6e0340920
-
SHA1
ce103dd425f677db1c93e79f7324aa2980f0a990
-
SHA256
c47901d302f4352cd027880c41305faabc00a60cc6fbc87fd2090d13c5e534b6
-
SHA512
982805d757ddf4231bba2910b2c87d992526d0eede06d855ba44ae69cc21421f2b8eb7671eb0e496cf929ed519a1aed96368ef14b4a020f9ee8973b18e806565
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf2O:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrPa
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 8 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c47901d302f4352cd027880c41305faabc00a60cc6fbc87fd2090d13c5e534b6.exe"C:\Users\Admin\AppData\Local\Temp\c47901d302f4352cd027880c41305faabc00a60cc6fbc87fd2090d13c5e534b6.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3702802559\backup.exeC:\Users\Admin\AppData\Local\Temp\3702802559\backup.exe C:\Users\Admin\AppData\Local\Temp\3702802559\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\data.exe\data.exe \3⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\odt\backup.exeC:\odt\backup.exe C:\odt\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\DESIGNER\backup.exe"C:\Program Files\Common Files\DESIGNER\backup.exe" C:\Program Files\Common Files\DESIGNER\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\backup.exe"C:\Program Files\Common Files\microsoft shared\backup.exe" C:\Program Files\Common Files\microsoft shared\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe"C:\Program Files\Common Files\microsoft shared\ClickToRun\backup.exe" C:\Program Files\Common Files\microsoft shared\ClickToRun\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\7⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\bg-BG\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\de-DE\8⤵
-
-
C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-GB\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-GB\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\ink\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\ink\en-US\8⤵
- System policy modification
-
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\update.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\update.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\update.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\update.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\fr-FR\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\it-IT\8⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\microsoft shared\MSInfo\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\backup.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\7⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\backup.exe"C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\backup.exe" C:\Program Files\Common Files\microsoft shared\OFFICE16\Office Setup Controller\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe"C:\Program Files\Common Files\microsoft shared\Source Engine\backup.exe" C:\Program Files\Common Files\microsoft shared\Source Engine\7⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files\Common Files\Services\data.exe"C:\Program Files\Common Files\Services\data.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\it-IT\backup.exe"C:\Program Files\Common Files\System\ado\it-IT\backup.exe" C:\Program Files\Common Files\System\ado\it-IT\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
-
C:\Program Files\Common Files\System\fr-FR\backup.exe"C:\Program Files\Common Files\System\fr-FR\backup.exe" C:\Program Files\Common Files\System\fr-FR\7⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\it-IT\backup.exe"C:\Program Files\Common Files\System\it-IT\backup.exe" C:\Program Files\Common Files\System\it-IT\7⤵
- Disables RegEdit via registry modification
-
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Google\Chrome\Application\update.exe"C:\Program Files\Google\Chrome\Application\update.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\9⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\9⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\swiftshader\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\9⤵
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\9⤵
- Disables RegEdit via registry modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\_platform_specific\10⤵
-
-
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
-
-
C:\Program Files\Internet Explorer\data.exe"C:\Program Files\Internet Explorer\data.exe" C:\Program Files\Internet Explorer\5⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
- System policy modification
-
-
C:\Program Files\Internet Explorer\images\backup.exe"C:\Program Files\Internet Explorer\images\backup.exe" C:\Program Files\Internet Explorer\images\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Internet Explorer\it-IT\backup.exe"C:\Program Files\Internet Explorer\it-IT\backup.exe" C:\Program Files\Internet Explorer\it-IT\6⤵
- Disables RegEdit via registry modification
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.8.0_66\backup.exe"C:\Program Files\Java\jdk1.8.0_66\backup.exe" C:\Program Files\Java\jdk1.8.0_66\6⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.8.0_66\bin\update.exe"C:\Program Files\Java\jdk1.8.0_66\bin\update.exe" C:\Program Files\Java\jdk1.8.0_66\bin\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.8.0_66\db\backup.exe"C:\Program Files\Java\jdk1.8.0_66\db\backup.exe" C:\Program Files\Java\jdk1.8.0_66\db\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files\Java\jdk1.8.0_66\db\bin\backup.exe"C:\Program Files\Java\jdk1.8.0_66\db\bin\backup.exe" C:\Program Files\Java\jdk1.8.0_66\db\bin\8⤵
-
-
-
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\9⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\8⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\PFM\9⤵
- Disables RegEdit via registry modification
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\update.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\update.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\SaslPrep\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\9⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\10⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\10⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\data.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\data.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Adobe\11⤵
-
-
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\System Restore.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\System Restore.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Setup Files\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\8⤵
-
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
-
C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\backup.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\8⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\7⤵
-
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe"C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\backup.exe" C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US\8⤵
-
-
-
-
C:\Program Files (x86)\Common Files\Java\backup.exe"C:\Program Files (x86)\Common Files\Java\backup.exe" C:\Program Files (x86)\Common Files\Java\6⤵
- Disables RegEdit via registry modification
-
C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe"C:\Program Files (x86)\Common Files\Java\Java Update\backup.exe" C:\Program Files (x86)\Common Files\Java\Java Update\7⤵
- Modifies visibility of file extensions in Explorer
-
-
-
C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\6⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe"C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\backup.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\7⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Google\CrashReports\backup.exe"C:\Program Files (x86)\Google\CrashReports\backup.exe" C:\Program Files (x86)\Google\CrashReports\6⤵
- System policy modification
-
-
C:\Program Files (x86)\Google\Policies\backup.exe"C:\Program Files (x86)\Google\Policies\backup.exe" C:\Program Files (x86)\Google\Policies\6⤵
-
-
C:\Program Files (x86)\Google\Temp\backup.exe"C:\Program Files (x86)\Google\Temp\backup.exe" C:\Program Files (x86)\Google\Temp\6⤵
-
-
C:\Program Files (x86)\Google\Update\backup.exe"C:\Program Files (x86)\Google\Update\backup.exe" C:\Program Files (x86)\Google\Update\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\update.exeC:\Users\Admin\update.exe C:\Users\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Admin\3D Objects\backup.exe"C:\Users\Admin\3D Objects\backup.exe" C:\Users\Admin\3D Objects\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\Links\backup.exeC:\Users\Admin\Links\backup.exe C:\Users\Admin\Links\6⤵
-
-
C:\Users\Admin\Music\data.exeC:\Users\Admin\Music\data.exe C:\Users\Admin\Music\6⤵
-
-
C:\Users\Admin\OneDrive\backup.exeC:\Users\Admin\OneDrive\backup.exe C:\Users\Admin\OneDrive\6⤵
- Disables RegEdit via registry modification
-
-
C:\Users\Admin\Pictures\backup.exeC:\Users\Admin\Pictures\backup.exe C:\Users\Admin\Pictures\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Users\Public\Documents\backup.exeC:\Users\Public\Documents\backup.exe C:\Users\Public\Documents\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
- System policy modification
-
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\6⤵
-
-
C:\Users\Public\Videos\backup.exeC:\Users\Public\Videos\backup.exe C:\Users\Public\Videos\6⤵
- System policy modification
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Windows\appcompat\backup.exeC:\Windows\appcompat\backup.exe C:\Windows\appcompat\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Windows directory
-
C:\Windows\appcompat\appraiser\backup.exeC:\Windows\appcompat\appraiser\backup.exe C:\Windows\appcompat\appraiser\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Windows directory
-
C:\Windows\appcompat\appraiser\Telemetry\backup.exeC:\Windows\appcompat\appraiser\Telemetry\backup.exe C:\Windows\appcompat\appraiser\Telemetry\7⤵
-
-
-
C:\Windows\appcompat\encapsulation\backup.exeC:\Windows\appcompat\encapsulation\backup.exe C:\Windows\appcompat\encapsulation\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Windows\appcompat\Programs\backup.exeC:\Windows\appcompat\Programs\backup.exe C:\Windows\appcompat\Programs\6⤵
-
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exeC:\Users\Admin\AppData\Local\Temp\acrocef_low\backup.exe C:\Users\Admin\AppData\Local\Temp\acrocef_low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\update.exeC:\Users\Admin\AppData\Local\Temp\Low\update.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\System Restore.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\System Restore.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\backup.exe" C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\1⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD50802ad9d3c1ad3301f076dd57139eabf
SHA1818bfc220b7187245b576fdaa26b2259204b11d4
SHA256d6864df1e77ed62498ee561bd4406b0e14b9385adc98d582caba08454922094c
SHA5123e728402ab3ff6e7febef42c6ac241925501ff05cc6831c6208b53cdc3bd7ceb68d011bd9bab12d850d8bdc7107d4a1a0b8c2c043a330c22db7ebf029e034f97
-
Filesize
72KB
MD50802ad9d3c1ad3301f076dd57139eabf
SHA1818bfc220b7187245b576fdaa26b2259204b11d4
SHA256d6864df1e77ed62498ee561bd4406b0e14b9385adc98d582caba08454922094c
SHA5123e728402ab3ff6e7febef42c6ac241925501ff05cc6831c6208b53cdc3bd7ceb68d011bd9bab12d850d8bdc7107d4a1a0b8c2c043a330c22db7ebf029e034f97
-
Filesize
72KB
MD5e91d8b9222944cf554b64fa2ca0e81ce
SHA1431d30d7406f2a8ad53c56f5865ac08749a80ed5
SHA25612898c6208c9bb2b34dbefd6bdcf15d239c3aa4984e702502c053d30ffaa0622
SHA512e38b7a28663b675c578fa0528eff14a594922aeb3655657c3aa6e9ec4e5cb2a74429d9b5fa1b3a29a8f5218e4ec49244c39cd6ea8ea4c22d4ed9a4b5fca118f4
-
Filesize
72KB
MD5e91d8b9222944cf554b64fa2ca0e81ce
SHA1431d30d7406f2a8ad53c56f5865ac08749a80ed5
SHA25612898c6208c9bb2b34dbefd6bdcf15d239c3aa4984e702502c053d30ffaa0622
SHA512e38b7a28663b675c578fa0528eff14a594922aeb3655657c3aa6e9ec4e5cb2a74429d9b5fa1b3a29a8f5218e4ec49244c39cd6ea8ea4c22d4ed9a4b5fca118f4
-
Filesize
72KB
MD554bd5cc09e262caa1e44522b490ea8b8
SHA1db225aac3079e7fde162396cae4c3c2804f6ed0c
SHA256d32df12d3b2d96f4485835bbd89ae09b24dbaca5be52d5ecbc33749b6f6354c7
SHA512f14d5400ad1305e182834c5f389483fd6032d4eedaac80bd7d893ad7a880ddab1d19a96995e13d423baf1b42588382194436af7e27d1d5c5198d5d30a6e80280
-
Filesize
72KB
MD554bd5cc09e262caa1e44522b490ea8b8
SHA1db225aac3079e7fde162396cae4c3c2804f6ed0c
SHA256d32df12d3b2d96f4485835bbd89ae09b24dbaca5be52d5ecbc33749b6f6354c7
SHA512f14d5400ad1305e182834c5f389483fd6032d4eedaac80bd7d893ad7a880ddab1d19a96995e13d423baf1b42588382194436af7e27d1d5c5198d5d30a6e80280
-
Filesize
72KB
MD50f91d071e634f75b232b235f0f724a43
SHA14ad05d8bd4bc504c604ec350aeddf5eda9dbfc69
SHA256cf0efd99d89e947fd4350516254cbbbd866e51d94d0f4695c5e16bf4b77e20b4
SHA51275e5fa00ee815b2e2bd56089d64c8cbdff54260b1a8c18958808c4fce65f225c780323201e280be561e54787f4dea59cdce3b72af1b926eba037447c9073bfe9
-
Filesize
72KB
MD50f91d071e634f75b232b235f0f724a43
SHA14ad05d8bd4bc504c604ec350aeddf5eda9dbfc69
SHA256cf0efd99d89e947fd4350516254cbbbd866e51d94d0f4695c5e16bf4b77e20b4
SHA51275e5fa00ee815b2e2bd56089d64c8cbdff54260b1a8c18958808c4fce65f225c780323201e280be561e54787f4dea59cdce3b72af1b926eba037447c9073bfe9
-
Filesize
72KB
MD54ffd0abed726ec1d6de6e45ef7108806
SHA1831a841995bfb9952de7d7a3919949450f950ac9
SHA2560d9bc5e4ed1e535ebe4c5c6e49b1c6abc687474aaabb460f820ac7092b041cf8
SHA5122e47c830ca75a3ca025e867ab050f2cef8c37071db3e25f7080fc0871c498f516efcc2bdca0073b648b356bbb1e7be6cdfee36580a112e2a327ed017790056d9
-
Filesize
72KB
MD54ffd0abed726ec1d6de6e45ef7108806
SHA1831a841995bfb9952de7d7a3919949450f950ac9
SHA2560d9bc5e4ed1e535ebe4c5c6e49b1c6abc687474aaabb460f820ac7092b041cf8
SHA5122e47c830ca75a3ca025e867ab050f2cef8c37071db3e25f7080fc0871c498f516efcc2bdca0073b648b356bbb1e7be6cdfee36580a112e2a327ed017790056d9
-
Filesize
72KB
MD5490c6a3ab420139c6b85fb15ff661031
SHA1c49d4377c79a2dcaa9fb1b802f273cce7d0e3726
SHA256d1b57a1cdd1bf12b634f549a81fc793c30192a5733ad03facede4f325114095a
SHA512d26768ee9f00f2a982b8694a74f33cb503709ec7101d515707fac2b2703387db014fb4bfca28550f0ee01971ed355f856c93fc35ecb0824c89cca11351cf8983
-
Filesize
72KB
MD5490c6a3ab420139c6b85fb15ff661031
SHA1c49d4377c79a2dcaa9fb1b802f273cce7d0e3726
SHA256d1b57a1cdd1bf12b634f549a81fc793c30192a5733ad03facede4f325114095a
SHA512d26768ee9f00f2a982b8694a74f33cb503709ec7101d515707fac2b2703387db014fb4bfca28550f0ee01971ed355f856c93fc35ecb0824c89cca11351cf8983
-
Filesize
72KB
MD5e60b955b38493bc076057446ed678f09
SHA106dbe6869fc0685decf5aa816c1927682684bcf7
SHA25671bd8b0612946b39881a3c4db7c546fbbdb427dd81dd4398e3e02fe45196404f
SHA512438f28197629dc109ca571a39ea4f31d3e3e20450ef3d2e560740358087c077387a1f9761b23f0e0dc07100bd3761002bfc68291a5ef34919b10e4120516c205
-
Filesize
72KB
MD5e60b955b38493bc076057446ed678f09
SHA106dbe6869fc0685decf5aa816c1927682684bcf7
SHA25671bd8b0612946b39881a3c4db7c546fbbdb427dd81dd4398e3e02fe45196404f
SHA512438f28197629dc109ca571a39ea4f31d3e3e20450ef3d2e560740358087c077387a1f9761b23f0e0dc07100bd3761002bfc68291a5ef34919b10e4120516c205
-
Filesize
72KB
MD5bf1fe4f63cbcda71b37ddbe725ed34db
SHA136186917a1135281ada778aca6f3ce6372873821
SHA2561dea440768e4e22d78582bb15fdad73fd893222f7ca197f20dfe5a27de1b358e
SHA51213e74c7df47211b5f2808cebb01a732c04ce99e3b9a622a10415a4774bf98c6a202331deca8845cdfb9abe906f8a5e7a3a5cada8a293e62ea6bc258ea52b092f
-
Filesize
72KB
MD5bf1fe4f63cbcda71b37ddbe725ed34db
SHA136186917a1135281ada778aca6f3ce6372873821
SHA2561dea440768e4e22d78582bb15fdad73fd893222f7ca197f20dfe5a27de1b358e
SHA51213e74c7df47211b5f2808cebb01a732c04ce99e3b9a622a10415a4774bf98c6a202331deca8845cdfb9abe906f8a5e7a3a5cada8a293e62ea6bc258ea52b092f
-
Filesize
72KB
MD51ecad155a6516a1a2f63eba638dfff9a
SHA14516347552895f1b33df9cfd58c2b6b4b2f8439e
SHA2561af4a0f0c16ab5414f240902b0c1136d2b18bc8327f0bab2bfcf75313d074e3f
SHA51283b7c1d374233a48c9dbd1983321c2c7f9b4f4df13f8a8da88eef36b6665ca4a5f1e498421b7236435de110b19ec6efebf7603971bbc31fc784a7bddf4597cec
-
Filesize
72KB
MD51ecad155a6516a1a2f63eba638dfff9a
SHA14516347552895f1b33df9cfd58c2b6b4b2f8439e
SHA2561af4a0f0c16ab5414f240902b0c1136d2b18bc8327f0bab2bfcf75313d074e3f
SHA51283b7c1d374233a48c9dbd1983321c2c7f9b4f4df13f8a8da88eef36b6665ca4a5f1e498421b7236435de110b19ec6efebf7603971bbc31fc784a7bddf4597cec
-
Filesize
72KB
MD5fbf291d5ebb8efa558996c768c5ef212
SHA1cc70440dc774a1d3a20fc3a59dd53a1039fef99b
SHA25667327f69223c77b21c542141d1f202fb16129cfe9d3f5d1289e34cf52ce1a2fd
SHA512e678e4a1d0ac6e8b63461819473286c03289e13021e7a72a0f4d17f2a597931431d3ab7b12cd0e308cc38e1be5d9e1dc27453211343dbe2fce9c20a7b12515a9
-
Filesize
72KB
MD5fbf291d5ebb8efa558996c768c5ef212
SHA1cc70440dc774a1d3a20fc3a59dd53a1039fef99b
SHA25667327f69223c77b21c542141d1f202fb16129cfe9d3f5d1289e34cf52ce1a2fd
SHA512e678e4a1d0ac6e8b63461819473286c03289e13021e7a72a0f4d17f2a597931431d3ab7b12cd0e308cc38e1be5d9e1dc27453211343dbe2fce9c20a7b12515a9
-
Filesize
72KB
MD53d1188ae29f4a12c25621a80183f1b81
SHA1548aa4a639cafe8d5bfe4f05c3dfc6ef1681d40d
SHA2562a51b79136cff834c1c1830a83eea30c832355e4fef75444f95dbe8db21259d2
SHA512add9066d8c3eb1bbe9c080d714c25b6fe3f07964c7a715109b03b741aaf813da8002bada95573aa0ef98336ba6ccc4f053e15ba31153a81c74a0f67d63c1132e
-
Filesize
72KB
MD53d1188ae29f4a12c25621a80183f1b81
SHA1548aa4a639cafe8d5bfe4f05c3dfc6ef1681d40d
SHA2562a51b79136cff834c1c1830a83eea30c832355e4fef75444f95dbe8db21259d2
SHA512add9066d8c3eb1bbe9c080d714c25b6fe3f07964c7a715109b03b741aaf813da8002bada95573aa0ef98336ba6ccc4f053e15ba31153a81c74a0f67d63c1132e
-
Filesize
72KB
MD56962b4d50d30b9ebd11ce3c98cabe433
SHA1a47b6986f54c390aed54b6ea51a132b445d97b8b
SHA256d87679472be6b8cf30fd0a36678eb5ee70d51cda721abde1f50891d0a37e3d58
SHA51249ed35378785beeabb721224ea8155dc4fe08ee0e1ac44d51b479ab3de52258377bd4d90272b07f60921c2c4b5d4a0c71c33006c09d432f60ba3f867c2389ab1
-
Filesize
72KB
MD56962b4d50d30b9ebd11ce3c98cabe433
SHA1a47b6986f54c390aed54b6ea51a132b445d97b8b
SHA256d87679472be6b8cf30fd0a36678eb5ee70d51cda721abde1f50891d0a37e3d58
SHA51249ed35378785beeabb721224ea8155dc4fe08ee0e1ac44d51b479ab3de52258377bd4d90272b07f60921c2c4b5d4a0c71c33006c09d432f60ba3f867c2389ab1
-
Filesize
72KB
MD5a73af0e5e4c6a056fadd39970fc6c0e1
SHA191ccb77a058742ab1602d2f77dc2cbc7b5f6fb41
SHA256ba378e27b41a00fc71e94c5e9343906810c86311b9acf6050dbc0644cf742884
SHA512935d0452ff918dc01adbbcf649861b16d79a2318e096d51a1919774660dac38d095bb93606a17d68f57533ff85566e11405aba32bdd642489cc950d1397042f0
-
Filesize
72KB
MD5a73af0e5e4c6a056fadd39970fc6c0e1
SHA191ccb77a058742ab1602d2f77dc2cbc7b5f6fb41
SHA256ba378e27b41a00fc71e94c5e9343906810c86311b9acf6050dbc0644cf742884
SHA512935d0452ff918dc01adbbcf649861b16d79a2318e096d51a1919774660dac38d095bb93606a17d68f57533ff85566e11405aba32bdd642489cc950d1397042f0
-
Filesize
72KB
MD516537e54676902f00dac6b726397a644
SHA119f7ec7e0918890a534de7c0d6f801cab703e3ba
SHA256a89630ff13a8261f3f303e22966fb1afb17a7a45c96abf1b8382027539c60650
SHA512a075bf05fa1911194098459b0f20c29579244e70bd30a1640b3ffd96ec5460f3f5f028fb7b1b5d35e54a7f0849488a86582e9107b9fe7777919b161696b59cac
-
Filesize
72KB
MD516537e54676902f00dac6b726397a644
SHA119f7ec7e0918890a534de7c0d6f801cab703e3ba
SHA256a89630ff13a8261f3f303e22966fb1afb17a7a45c96abf1b8382027539c60650
SHA512a075bf05fa1911194098459b0f20c29579244e70bd30a1640b3ffd96ec5460f3f5f028fb7b1b5d35e54a7f0849488a86582e9107b9fe7777919b161696b59cac
-
Filesize
72KB
MD5252bffe5dd7ee280d1d7d06c8534fdf7
SHA17d875aad459fe869799a1b438b58168934693f75
SHA2568428cfa6b1d741cf6c6b0581b66de2054b191689b5cb85c085b0761fd1d1de27
SHA5128bd63bddbab4e1517cc0ac9dd40467ed0eb4736bbb095e548da9109b8050791230463b5a3628c53a0b7cc22c5f2b57b24c601b2b7027b02340f854d2846f9845
-
Filesize
72KB
MD5252bffe5dd7ee280d1d7d06c8534fdf7
SHA17d875aad459fe869799a1b438b58168934693f75
SHA2568428cfa6b1d741cf6c6b0581b66de2054b191689b5cb85c085b0761fd1d1de27
SHA5128bd63bddbab4e1517cc0ac9dd40467ed0eb4736bbb095e548da9109b8050791230463b5a3628c53a0b7cc22c5f2b57b24c601b2b7027b02340f854d2846f9845
-
Filesize
72KB
MD552b6d6ceaee25482099ec3ddd0d2fd4e
SHA1f8fc2553c0414205c93165ef1670a34cac83fc8d
SHA25609aef781b89fcdc48e1e99181028d98ba9f7676546f7a97db1d64b137e39d99a
SHA51218357f31f472dd8d3364d4e953f462ad8fc05e23f4c27755f3848aac25622a10bb23e3f57964889147bd3c1b17f252973a63e512401fd1b8ad7c21e0cfbdb509
-
Filesize
72KB
MD552b6d6ceaee25482099ec3ddd0d2fd4e
SHA1f8fc2553c0414205c93165ef1670a34cac83fc8d
SHA25609aef781b89fcdc48e1e99181028d98ba9f7676546f7a97db1d64b137e39d99a
SHA51218357f31f472dd8d3364d4e953f462ad8fc05e23f4c27755f3848aac25622a10bb23e3f57964889147bd3c1b17f252973a63e512401fd1b8ad7c21e0cfbdb509
-
Filesize
72KB
MD5ae69bced306967eac6af29d99b2710b2
SHA18fcf29108f334c96a54f3fe6722bff84e31c9a13
SHA256f5c33149066a696a3fea554fc2f8244bced5f20d28d361b35ffd986b3780dcb7
SHA512519012fe6bba0de2241e3b30a94cdde5a5020985eee5adac8bf589a82ce8abcbd34f0fd42e249fe664a53374364ce5868a6236ab23e6c9c90377c8307b3a0235
-
Filesize
72KB
MD5ae69bced306967eac6af29d99b2710b2
SHA18fcf29108f334c96a54f3fe6722bff84e31c9a13
SHA256f5c33149066a696a3fea554fc2f8244bced5f20d28d361b35ffd986b3780dcb7
SHA512519012fe6bba0de2241e3b30a94cdde5a5020985eee5adac8bf589a82ce8abcbd34f0fd42e249fe664a53374364ce5868a6236ab23e6c9c90377c8307b3a0235
-
Filesize
72KB
MD534b4f649013c0dc913a3edac2291b86f
SHA1eda5e40a8ebe84bcc1d7a848714795d27e39f2cf
SHA25652ad3e421f725636adae9844c9829f54295c6c67cb263f007d409ea9919541db
SHA5123bc8713d1923b7a17184becabef7168cacd70d0a3c812835441d12d5d0b7b18231839eedadbe4389870d50056b888b59a2b37eae0acf941a891a9fe2c261841a
-
Filesize
72KB
MD534b4f649013c0dc913a3edac2291b86f
SHA1eda5e40a8ebe84bcc1d7a848714795d27e39f2cf
SHA25652ad3e421f725636adae9844c9829f54295c6c67cb263f007d409ea9919541db
SHA5123bc8713d1923b7a17184becabef7168cacd70d0a3c812835441d12d5d0b7b18231839eedadbe4389870d50056b888b59a2b37eae0acf941a891a9fe2c261841a
-
Filesize
72KB
MD50802ad9d3c1ad3301f076dd57139eabf
SHA1818bfc220b7187245b576fdaa26b2259204b11d4
SHA256d6864df1e77ed62498ee561bd4406b0e14b9385adc98d582caba08454922094c
SHA5123e728402ab3ff6e7febef42c6ac241925501ff05cc6831c6208b53cdc3bd7ceb68d011bd9bab12d850d8bdc7107d4a1a0b8c2c043a330c22db7ebf029e034f97
-
Filesize
72KB
MD50802ad9d3c1ad3301f076dd57139eabf
SHA1818bfc220b7187245b576fdaa26b2259204b11d4
SHA256d6864df1e77ed62498ee561bd4406b0e14b9385adc98d582caba08454922094c
SHA5123e728402ab3ff6e7febef42c6ac241925501ff05cc6831c6208b53cdc3bd7ceb68d011bd9bab12d850d8bdc7107d4a1a0b8c2c043a330c22db7ebf029e034f97
-
Filesize
72KB
MD59697a32cc38ce923bda474ea3b0a469e
SHA1abe7ad51309718a97beaaf1a64fd74a01dabf88a
SHA2567213d59c17ebab3d0fb3d41760f86e9a71918d4d780b0712d3afbf140e230ce0
SHA5126234761069435ea6c99c88ae7190a8340fd8fe1e6dceb2f85ca0938eba6ff503f2e00365ba887e47935418458574cc55d8f2f8ac3318c66b524e9d0c5c8da31b
-
Filesize
72KB
MD59697a32cc38ce923bda474ea3b0a469e
SHA1abe7ad51309718a97beaaf1a64fd74a01dabf88a
SHA2567213d59c17ebab3d0fb3d41760f86e9a71918d4d780b0712d3afbf140e230ce0
SHA5126234761069435ea6c99c88ae7190a8340fd8fe1e6dceb2f85ca0938eba6ff503f2e00365ba887e47935418458574cc55d8f2f8ac3318c66b524e9d0c5c8da31b
-
Filesize
72KB
MD5ef65ba2f6739def1a33a5b21e960e842
SHA19def909fe5169fbc84ad23b184146c12b5790915
SHA256f03294f4d4bde28c84c714ad88ebd4072d8f6ab39d9c6df0cda4b0f320ac75ac
SHA5126b29d355aa16be7485f8577f85e5b3adf64d864e0150c6d57cae885471045828e3721b67b9990d13b0432a7ba80abf7ddb977be7805db7c38493a84baa1b67b0
-
Filesize
72KB
MD5ef65ba2f6739def1a33a5b21e960e842
SHA19def909fe5169fbc84ad23b184146c12b5790915
SHA256f03294f4d4bde28c84c714ad88ebd4072d8f6ab39d9c6df0cda4b0f320ac75ac
SHA5126b29d355aa16be7485f8577f85e5b3adf64d864e0150c6d57cae885471045828e3721b67b9990d13b0432a7ba80abf7ddb977be7805db7c38493a84baa1b67b0
-
Filesize
72KB
MD58f4255c71805c9226c209000e3b8c9a0
SHA15147df0fb0e8ab1a8e7ab6981fed6026237cd1d3
SHA256c77a0f97983096d7bbda340ded3bb9ed23a606a423f3338aecfb13d39571d8d1
SHA5122cf0e2ae112ffad2d9b47b2ea7d9a8ff61039420c998a227ad38534a32735f255ed3982150485360ad12499184020819286de550fceb70afdc63b0b277c00065
-
Filesize
72KB
MD58f4255c71805c9226c209000e3b8c9a0
SHA15147df0fb0e8ab1a8e7ab6981fed6026237cd1d3
SHA256c77a0f97983096d7bbda340ded3bb9ed23a606a423f3338aecfb13d39571d8d1
SHA5122cf0e2ae112ffad2d9b47b2ea7d9a8ff61039420c998a227ad38534a32735f255ed3982150485360ad12499184020819286de550fceb70afdc63b0b277c00065
-
Filesize
72KB
MD5ebe8b6bfcefedf6e166d41e7d96eebd0
SHA1c096ed5405f936c1f7c21839fd00d6c6b2af64e1
SHA25658b87e4a2eb5bb5e04c5ed3419e9708343de0a97b63ff73d42b03312df9acc82
SHA512782bbeaca18a17c0a2c4e60be1e929475789c331b04444172baa2116e668fb7fe74a853a8e16a4fbfa75e7cf5ef2b9be09c3b7ab224cadbe5f8145a81fb0993e
-
Filesize
72KB
MD5ebe8b6bfcefedf6e166d41e7d96eebd0
SHA1c096ed5405f936c1f7c21839fd00d6c6b2af64e1
SHA25658b87e4a2eb5bb5e04c5ed3419e9708343de0a97b63ff73d42b03312df9acc82
SHA512782bbeaca18a17c0a2c4e60be1e929475789c331b04444172baa2116e668fb7fe74a853a8e16a4fbfa75e7cf5ef2b9be09c3b7ab224cadbe5f8145a81fb0993e
-
Filesize
72KB
MD5ebe8b6bfcefedf6e166d41e7d96eebd0
SHA1c096ed5405f936c1f7c21839fd00d6c6b2af64e1
SHA25658b87e4a2eb5bb5e04c5ed3419e9708343de0a97b63ff73d42b03312df9acc82
SHA512782bbeaca18a17c0a2c4e60be1e929475789c331b04444172baa2116e668fb7fe74a853a8e16a4fbfa75e7cf5ef2b9be09c3b7ab224cadbe5f8145a81fb0993e
-
Filesize
72KB
MD5ebe8b6bfcefedf6e166d41e7d96eebd0
SHA1c096ed5405f936c1f7c21839fd00d6c6b2af64e1
SHA25658b87e4a2eb5bb5e04c5ed3419e9708343de0a97b63ff73d42b03312df9acc82
SHA512782bbeaca18a17c0a2c4e60be1e929475789c331b04444172baa2116e668fb7fe74a853a8e16a4fbfa75e7cf5ef2b9be09c3b7ab224cadbe5f8145a81fb0993e
-
Filesize
72KB
MD526e0f9b6ac662062679f50ab4c30b98c
SHA1dca0ccf81176a12df5cfdfb6003ecf3c7c3994ff
SHA2569ab20cdd296bd0e66784b8e761c74a17d3df9075b335041dfa3c2f10edf2135a
SHA512e97bd49a0a39b38eee824f3f34b4b6e6ee2557861a3a656e47302b3644e069df917f9674ccbd0aded617acdb1c8f2d2eb2179b3bc0e4678649d651274823f73d
-
Filesize
72KB
MD526e0f9b6ac662062679f50ab4c30b98c
SHA1dca0ccf81176a12df5cfdfb6003ecf3c7c3994ff
SHA2569ab20cdd296bd0e66784b8e761c74a17d3df9075b335041dfa3c2f10edf2135a
SHA512e97bd49a0a39b38eee824f3f34b4b6e6ee2557861a3a656e47302b3644e069df917f9674ccbd0aded617acdb1c8f2d2eb2179b3bc0e4678649d651274823f73d
-
Filesize
72KB
MD526e0f9b6ac662062679f50ab4c30b98c
SHA1dca0ccf81176a12df5cfdfb6003ecf3c7c3994ff
SHA2569ab20cdd296bd0e66784b8e761c74a17d3df9075b335041dfa3c2f10edf2135a
SHA512e97bd49a0a39b38eee824f3f34b4b6e6ee2557861a3a656e47302b3644e069df917f9674ccbd0aded617acdb1c8f2d2eb2179b3bc0e4678649d651274823f73d
-
Filesize
72KB
MD526e0f9b6ac662062679f50ab4c30b98c
SHA1dca0ccf81176a12df5cfdfb6003ecf3c7c3994ff
SHA2569ab20cdd296bd0e66784b8e761c74a17d3df9075b335041dfa3c2f10edf2135a
SHA512e97bd49a0a39b38eee824f3f34b4b6e6ee2557861a3a656e47302b3644e069df917f9674ccbd0aded617acdb1c8f2d2eb2179b3bc0e4678649d651274823f73d
-
Filesize
72KB
MD588768e0e85eca220f058ee85b968b3a3
SHA10e10d7d6e33026c390541407af34ec96b54c978e
SHA2560e917ffe501e430cef8cb13e5c092bc8e57dfc42f30808aac20263ff16979b8a
SHA512f18929a3a72ef40e4bf15b9a1c2db5d20ed26c55bf497235802ca9cbc1c83721cec441abc3f9a133c878cfcebe9a2705603f9306c54dafb5441fe3ff5d04f381
-
Filesize
72KB
MD588768e0e85eca220f058ee85b968b3a3
SHA10e10d7d6e33026c390541407af34ec96b54c978e
SHA2560e917ffe501e430cef8cb13e5c092bc8e57dfc42f30808aac20263ff16979b8a
SHA512f18929a3a72ef40e4bf15b9a1c2db5d20ed26c55bf497235802ca9cbc1c83721cec441abc3f9a133c878cfcebe9a2705603f9306c54dafb5441fe3ff5d04f381
-
Filesize
72KB
MD5a11f99c88feb720aa05e805036acd0ae
SHA15ea6b1cd43b87c91f54fb7172d0bf57620ffb1f6
SHA2568875475bf31865794ebfc72d4dde055a1612e53edefcaf16ebfeaeef62141b65
SHA512ddb7fa4dc808010906f34f0a6ac96f5e4978e9d87fd2fabe0bd16bf8aed4aba9b7a0d299d6b0b824de54b285add1358ed421d6dbb3693fd095ce5918b1f2f8d2
-
Filesize
72KB
MD5a11f99c88feb720aa05e805036acd0ae
SHA15ea6b1cd43b87c91f54fb7172d0bf57620ffb1f6
SHA2568875475bf31865794ebfc72d4dde055a1612e53edefcaf16ebfeaeef62141b65
SHA512ddb7fa4dc808010906f34f0a6ac96f5e4978e9d87fd2fabe0bd16bf8aed4aba9b7a0d299d6b0b824de54b285add1358ed421d6dbb3693fd095ce5918b1f2f8d2
-
Filesize
72KB
MD5b1aad9bb0912fa012e647e136aeac30d
SHA16fdd89fc399979ab4c5f2fa091d8b6fa33a86a8f
SHA256b0d405ed49ff599e8fea9b08d48faf8aed825ef837cce7da6eb361276a8e0e9a
SHA512bbb315d1eb14c141b4c70d7a66a5757d99eff9a5f440852910266dde30167984d8056ee63090ef1ba47daa891c16d1bb7438f845803221f0af1038f0e823e914
-
Filesize
72KB
MD5b1aad9bb0912fa012e647e136aeac30d
SHA16fdd89fc399979ab4c5f2fa091d8b6fa33a86a8f
SHA256b0d405ed49ff599e8fea9b08d48faf8aed825ef837cce7da6eb361276a8e0e9a
SHA512bbb315d1eb14c141b4c70d7a66a5757d99eff9a5f440852910266dde30167984d8056ee63090ef1ba47daa891c16d1bb7438f845803221f0af1038f0e823e914
-
Filesize
72KB
MD5fc724f729ccd5361f713be2339aa9226
SHA1100ac7c581eea8cbce5dee44e76947abdbe6eba2
SHA2564858e4e34428e037efd89505e5c04de0da1964aca547c450a7ac9d1bd17ca863
SHA51237a344015c009236f69c2ff4d409690ed2516f093940d79538dd4883010724702253207532f209dd3cbe757771163b22e610f6bbe2b716450d83899d2e614164
-
Filesize
72KB
MD5fc724f729ccd5361f713be2339aa9226
SHA1100ac7c581eea8cbce5dee44e76947abdbe6eba2
SHA2564858e4e34428e037efd89505e5c04de0da1964aca547c450a7ac9d1bd17ca863
SHA51237a344015c009236f69c2ff4d409690ed2516f093940d79538dd4883010724702253207532f209dd3cbe757771163b22e610f6bbe2b716450d83899d2e614164
-
Filesize
72KB
MD56b0029c91f337937e72facb31e0bee9f
SHA115760e13c58656f30e886f9b2c0208e2453cc957
SHA2568df826a0382cd60905b839e4318b53a4860f80bcee0854c74427dfe78c1a9a58
SHA512b2729324fb1ea011a6a436e442fdb21ca34f41d66a2ac5ed469730e00efa3ba06fc73f750e8c90c821f848df605561a36a61de916566c9e9b97063063f378f2a
-
Filesize
72KB
MD56b0029c91f337937e72facb31e0bee9f
SHA115760e13c58656f30e886f9b2c0208e2453cc957
SHA2568df826a0382cd60905b839e4318b53a4860f80bcee0854c74427dfe78c1a9a58
SHA512b2729324fb1ea011a6a436e442fdb21ca34f41d66a2ac5ed469730e00efa3ba06fc73f750e8c90c821f848df605561a36a61de916566c9e9b97063063f378f2a
-
Filesize
72KB
MD534ba501154c76637acb0aa65c075b398
SHA12c91277db82176b5f171d7c3d5ed9da978b5ca7f
SHA2568e203c685b28e03b6afc6dc158f069364e726ae551ec231ea3f692ceb4db2d27
SHA512fabd7ff6733368f931ab3a2c4b9c0b2a49a2c120f987b2c2f26937eeacce3627735478680c93b5779205cbd46b0fd1de0b4de681fbad5e89444dd9b2dc31c5dc
-
Filesize
72KB
MD534ba501154c76637acb0aa65c075b398
SHA12c91277db82176b5f171d7c3d5ed9da978b5ca7f
SHA2568e203c685b28e03b6afc6dc158f069364e726ae551ec231ea3f692ceb4db2d27
SHA512fabd7ff6733368f931ab3a2c4b9c0b2a49a2c120f987b2c2f26937eeacce3627735478680c93b5779205cbd46b0fd1de0b4de681fbad5e89444dd9b2dc31c5dc