Analysis
-
max time kernel
151s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
04/12/2022, 07:37
General
-
Target
31b7c7e4b2271905339ffc3670f1672c28c554e1843e482a45534dec230bec26.exe
-
Size
72KB
-
MD5
06f0eca981c93c106aca61ae9a1df5b6
-
SHA1
c821943b376cca706085c3ab14eaf5ee1c1468e0
-
SHA256
31b7c7e4b2271905339ffc3670f1672c28c554e1843e482a45534dec230bec26
-
SHA512
fb630e9530d2e4ba65cf1eae545e21b6eca673e31926388f7e31e2e5ba6e7430d6be31ab179d36b59472eef26d3155db5808ec2846be5d0eb60e2d0f3787ac65
-
SSDEEP
384:i6wayA+1mwnA353BXR+oGfP5d/ZBHXME+l93qPAqee/w6yJ/wWD+S83BXR+oGf28:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrPo
Malware Config
Signatures
-
Modifies visibility of file extensions in Explorer 2 TTPs 64 IoCs
-
Disables RegEdit via registry modification 64 IoCs
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 5 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\31b7c7e4b2271905339ffc3670f1672c28c554e1843e482a45534dec230bec26.exe"C:\Users\Admin\AppData\Local\Temp\31b7c7e4b2271905339ffc3670f1672c28c554e1843e482a45534dec230bec26.exe"1⤵
- Modifies visibility of file extensions in Explorer
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3777102364\backup.exeC:\Users\Admin\AppData\Local\Temp\3777102364\backup.exe C:\Users\Admin\AppData\Local\Temp\3777102364\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\backup.exe\backup.exe \3⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\backup.exeC:\PerfLogs\backup.exe C:\PerfLogs\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\PerfLogs\Admin\backup.exeC:\PerfLogs\Admin\backup.exe C:\PerfLogs\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
-
C:\Program Files\backup.exe"C:\Program Files\backup.exe" C:\Program Files\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\7-Zip\backup.exe"C:\Program Files\7-Zip\backup.exe" C:\Program Files\7-Zip\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\Lang\backup.exe"C:\Program Files\7-Zip\Lang\backup.exe" C:\Program Files\7-Zip\Lang\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\backup.exe"C:\Program Files\Common Files\backup.exe" C:\Program Files\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\backup.exe"C:\Program Files\Common Files\Microsoft Shared\backup.exe" C:\Program Files\Common Files\Microsoft Shared\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Filters\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Filters\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\9⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\data.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\data.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\9⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\9⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\9⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\8⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\8⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\System Restore.exe"C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\System Restore.exe" C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\8⤵
- Executes dropped EXE
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\8⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe"C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\backup.exe" C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\7⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\8⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\backup.exe" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Stationery\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Stationery\7⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\de-DE\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\8⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\backup.exe"C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\backup.exe" C:\Program Files\Common Files\Microsoft Shared\TextConv\es-ES\8⤵
-
-
-
C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe"C:\Program Files\Common Files\Microsoft Shared\Triedit\backup.exe" C:\Program Files\Common Files\Microsoft Shared\Triedit\7⤵
-
-
C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe"C:\Program Files\Common Files\Microsoft Shared\VC\backup.exe" C:\Program Files\Common Files\Microsoft Shared\VC\7⤵
-
-
-
C:\Program Files\Common Files\Services\backup.exe"C:\Program Files\Common Files\Services\backup.exe" C:\Program Files\Common Files\Services\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\Common Files\SpeechEngines\backup.exe"C:\Program Files\Common Files\SpeechEngines\backup.exe" C:\Program Files\Common Files\SpeechEngines\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe"C:\Program Files\Common Files\SpeechEngines\Microsoft\backup.exe" C:\Program Files\Common Files\SpeechEngines\Microsoft\7⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
-
-
-
C:\Program Files\Common Files\System\backup.exe"C:\Program Files\Common Files\System\backup.exe" C:\Program Files\Common Files\System\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\System\ado\backup.exe"C:\Program Files\Common Files\System\ado\backup.exe" C:\Program Files\Common Files\System\ado\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Common Files\System\ado\de-DE\backup.exe"C:\Program Files\Common Files\System\ado\de-DE\backup.exe" C:\Program Files\Common Files\System\ado\de-DE\8⤵
- System policy modification
-
-
C:\Program Files\Common Files\System\ado\en-US\backup.exe"C:\Program Files\Common Files\System\ado\en-US\backup.exe" C:\Program Files\Common Files\System\ado\en-US\8⤵
-
-
C:\Program Files\Common Files\System\ado\es-ES\backup.exe"C:\Program Files\Common Files\System\ado\es-ES\backup.exe" C:\Program Files\Common Files\System\ado\es-ES\8⤵
-
-
C:\Program Files\Common Files\System\ado\fr-FR\backup.exe"C:\Program Files\Common Files\System\ado\fr-FR\backup.exe" C:\Program Files\Common Files\System\ado\fr-FR\8⤵
-
-
-
C:\Program Files\Common Files\System\de-DE\backup.exe"C:\Program Files\Common Files\System\de-DE\backup.exe" C:\Program Files\Common Files\System\de-DE\7⤵
-
-
C:\Program Files\Common Files\System\en-US\backup.exe"C:\Program Files\Common Files\System\en-US\backup.exe" C:\Program Files\Common Files\System\en-US\7⤵
-
-
C:\Program Files\Common Files\System\es-ES\backup.exe"C:\Program Files\Common Files\System\es-ES\backup.exe" C:\Program Files\Common Files\System\es-ES\7⤵
-
-
-
-
C:\Program Files\DVD Maker\backup.exe"C:\Program Files\DVD Maker\backup.exe" C:\Program Files\DVD Maker\5⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\DVD Maker\de-DE\backup.exe"C:\Program Files\DVD Maker\de-DE\backup.exe" C:\Program Files\DVD Maker\de-DE\6⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\DVD Maker\en-US\backup.exe"C:\Program Files\DVD Maker\en-US\backup.exe" C:\Program Files\DVD Maker\en-US\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Program Files\DVD Maker\es-ES\backup.exe"C:\Program Files\DVD Maker\es-ES\backup.exe" C:\Program Files\DVD Maker\es-ES\6⤵
- Disables RegEdit via registry modification
-
-
C:\Program Files\DVD Maker\fr-FR\update.exe"C:\Program Files\DVD Maker\fr-FR\update.exe" C:\Program Files\DVD Maker\fr-FR\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Program Files\DVD Maker\it-IT\backup.exe"C:\Program Files\DVD Maker\it-IT\backup.exe" C:\Program Files\DVD Maker\it-IT\6⤵
-
-
C:\Program Files\DVD Maker\ja-JP\backup.exe"C:\Program Files\DVD Maker\ja-JP\backup.exe" C:\Program Files\DVD Maker\ja-JP\6⤵
-
-
C:\Program Files\DVD Maker\Shared\backup.exe"C:\Program Files\DVD Maker\Shared\backup.exe" C:\Program Files\DVD Maker\Shared\6⤵
-
-
-
C:\Program Files\Google\backup.exe"C:\Program Files\Google\backup.exe" C:\Program Files\Google\5⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\backup.exe"C:\Program Files\Google\Chrome\backup.exe" C:\Program Files\Google\Chrome\6⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\data.exe"C:\Program Files\Google\Chrome\Application\data.exe" C:\Program Files\Google\Chrome\Application\7⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\8⤵
- Drops file in Program Files directory
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\9⤵
- Disables RegEdit via registry modification
- System policy modification
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\update.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\update.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\9⤵
-
-
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\backup.exe" C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\9⤵
-
-
-
C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe"C:\Program Files\Google\Chrome\Application\Dictionaries\backup.exe" C:\Program Files\Google\Chrome\Application\Dictionaries\8⤵
-
-
C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe"C:\Program Files\Google\Chrome\Application\SetupMetrics\backup.exe" C:\Program Files\Google\Chrome\Application\SetupMetrics\8⤵
-
-
-
-
-
C:\Program Files\Internet Explorer\backup.exe"C:\Program Files\Internet Explorer\backup.exe" C:\Program Files\Internet Explorer\5⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Internet Explorer\de-DE\backup.exe"C:\Program Files\Internet Explorer\de-DE\backup.exe" C:\Program Files\Internet Explorer\de-DE\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Program Files\Internet Explorer\en-US\backup.exe"C:\Program Files\Internet Explorer\en-US\backup.exe" C:\Program Files\Internet Explorer\en-US\6⤵
-
-
C:\Program Files\Internet Explorer\es-ES\backup.exe"C:\Program Files\Internet Explorer\es-ES\backup.exe" C:\Program Files\Internet Explorer\es-ES\6⤵
-
-
C:\Program Files\Internet Explorer\fr-FR\backup.exe"C:\Program Files\Internet Explorer\fr-FR\backup.exe" C:\Program Files\Internet Explorer\fr-FR\6⤵
-
-
-
C:\Program Files\Java\backup.exe"C:\Program Files\Java\backup.exe" C:\Program Files\Java\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files\Java\jdk1.7.0_80\backup.exe"C:\Program Files\Java\jdk1.7.0_80\backup.exe" C:\Program Files\Java\jdk1.7.0_80\6⤵
- Drops file in Program Files directory
-
C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe"C:\Program Files\Java\jdk1.7.0_80\bin\backup.exe" C:\Program Files\Java\jdk1.7.0_80\bin\7⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files\Java\jdk1.7.0_80\db\backup.exe"C:\Program Files\Java\jdk1.7.0_80\db\backup.exe" C:\Program Files\Java\jdk1.7.0_80\db\7⤵
-
-
C:\Program Files\Java\jdk1.7.0_80\include\backup.exe"C:\Program Files\Java\jdk1.7.0_80\include\backup.exe" C:\Program Files\Java\jdk1.7.0_80\include\7⤵
-
-
-
C:\Program Files\Java\jre7\backup.exe"C:\Program Files\Java\jre7\backup.exe" C:\Program Files\Java\jre7\6⤵
-
-
-
C:\Program Files\Microsoft Games\backup.exe"C:\Program Files\Microsoft Games\backup.exe" C:\Program Files\Microsoft Games\5⤵
-
-
C:\Program Files\Microsoft Office\backup.exe"C:\Program Files\Microsoft Office\backup.exe" C:\Program Files\Microsoft Office\5⤵
-
-
C:\Program Files\Mozilla Firefox\update.exe"C:\Program Files\Mozilla Firefox\update.exe" C:\Program Files\Mozilla Firefox\5⤵
-
-
-
C:\Program Files (x86)\backup.exe"C:\Program Files (x86)\backup.exe" C:\Program Files (x86)\4⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\backup.exe"C:\Program Files (x86)\Adobe\backup.exe" C:\Program Files (x86)\Adobe\5⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Esl\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Esl\7⤵
- System policy modification
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\7⤵
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\8⤵
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\8⤵
-
-
-
C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Resource\backup.exe" C:\Program Files (x86)\Adobe\Reader 9.0\Resource\7⤵
-
-
-
-
C:\Program Files (x86)\Common Files\backup.exe"C:\Program Files (x86)\Common Files\backup.exe" C:\Program Files (x86)\Common Files\5⤵
- Modifies visibility of file extensions in Explorer
- Drops file in Program Files directory
- System policy modification
-
C:\Program Files (x86)\Common Files\Adobe\backup.exe"C:\Program Files (x86)\Common Files\Adobe\backup.exe" C:\Program Files (x86)\Common Files\Adobe\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Program Files directory
-
C:\Program Files (x86)\Common Files\Adobe\Acrobat\data.exe"C:\Program Files (x86)\Common Files\Adobe\Acrobat\data.exe" C:\Program Files (x86)\Common Files\Adobe\Acrobat\7⤵
- Disables RegEdit via registry modification
- Drops file in Program Files directory
- System policy modification
-
-
C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Help\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Help\7⤵
-
-
C:\Program Files (x86)\Common Files\Adobe\Updater6\backup.exe"C:\Program Files (x86)\Common Files\Adobe\Updater6\backup.exe" C:\Program Files (x86)\Common Files\Adobe\Updater6\7⤵
-
-
-
C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe"C:\Program Files (x86)\Common Files\Adobe AIR\backup.exe" C:\Program Files (x86)\Common Files\Adobe AIR\6⤵
-
-
C:\Program Files (x86)\Common Files\DESIGNER\backup.exe"C:\Program Files (x86)\Common Files\DESIGNER\backup.exe" C:\Program Files (x86)\Common Files\DESIGNER\6⤵
-
-
-
C:\Program Files (x86)\Google\backup.exe"C:\Program Files (x86)\Google\backup.exe" C:\Program Files (x86)\Google\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- System policy modification
-
C:\Program Files (x86)\Google\CrashReports\backup.exe"C:\Program Files (x86)\Google\CrashReports\backup.exe" C:\Program Files (x86)\Google\CrashReports\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Program Files (x86)\Google\Policies\backup.exe"C:\Program Files (x86)\Google\Policies\backup.exe" C:\Program Files (x86)\Google\Policies\6⤵
-
-
C:\Program Files (x86)\Google\Temp\backup.exe"C:\Program Files (x86)\Google\Temp\backup.exe" C:\Program Files (x86)\Google\Temp\6⤵
-
-
C:\Program Files (x86)\Google\Update\backup.exe"C:\Program Files (x86)\Google\Update\backup.exe" C:\Program Files (x86)\Google\Update\6⤵
-
-
-
C:\Program Files (x86)\Internet Explorer\backup.exe"C:\Program Files (x86)\Internet Explorer\backup.exe" C:\Program Files (x86)\Internet Explorer\5⤵
-
-
C:\Program Files (x86)\Microsoft Analysis Services\backup.exe"C:\Program Files (x86)\Microsoft Analysis Services\backup.exe" C:\Program Files (x86)\Microsoft Analysis Services\5⤵
-
-
C:\Program Files (x86)\Microsoft Office\backup.exe"C:\Program Files (x86)\Microsoft Office\backup.exe" C:\Program Files (x86)\Microsoft Office\5⤵
-
-
-
C:\Users\backup.exeC:\Users\backup.exe C:\Users\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\backup.exeC:\Users\Admin\backup.exe C:\Users\Admin\5⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Contacts\backup.exeC:\Users\Admin\Contacts\backup.exe C:\Users\Admin\Contacts\6⤵
- Modifies visibility of file extensions in Explorer
-
-
C:\Users\Admin\Desktop\backup.exeC:\Users\Admin\Desktop\backup.exe C:\Users\Admin\Desktop\6⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
-
-
C:\Users\Admin\Documents\backup.exeC:\Users\Admin\Documents\backup.exe C:\Users\Admin\Documents\6⤵
-
-
C:\Users\Admin\Downloads\backup.exeC:\Users\Admin\Downloads\backup.exe C:\Users\Admin\Downloads\6⤵
-
-
C:\Users\Admin\Favorites\backup.exeC:\Users\Admin\Favorites\backup.exe C:\Users\Admin\Favorites\6⤵
-
-
-
C:\Users\Public\backup.exeC:\Users\Public\backup.exe C:\Users\Public\5⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
C:\Users\Public\Documents\System Restore.exe"C:\Users\Public\Documents\System Restore.exe" C:\Users\Public\Documents\6⤵
- Modifies visibility of file extensions in Explorer
- System policy modification
-
-
C:\Users\Public\Downloads\backup.exeC:\Users\Public\Downloads\backup.exe C:\Users\Public\Downloads\6⤵
-
-
C:\Users\Public\Music\backup.exeC:\Users\Public\Music\backup.exe C:\Users\Public\Music\6⤵
-
-
C:\Users\Public\Pictures\backup.exeC:\Users\Public\Pictures\backup.exe C:\Users\Public\Pictures\6⤵
-
-
C:\Users\Public\Recorded TV\backup.exe"C:\Users\Public\Recorded TV\backup.exe" C:\Users\Public\Recorded TV\6⤵
-
-
-
-
C:\Windows\backup.exeC:\Windows\backup.exe C:\Windows\4⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Drops file in Windows directory
- System policy modification
-
C:\Windows\addins\backup.exeC:\Windows\addins\backup.exe C:\Windows\addins\5⤵
-
-
C:\Windows\AppCompat\backup.exeC:\Windows\AppCompat\backup.exe C:\Windows\AppCompat\5⤵
-
-
C:\Windows\AppPatch\backup.exeC:\Windows\AppPatch\backup.exe C:\Windows\AppPatch\5⤵
-
-
C:\Windows\assembly\backup.exeC:\Windows\assembly\backup.exe C:\Windows\assembly\5⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exeC:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\backup.exe C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\Low\backup.exeC:\Users\Admin\AppData\Local\Temp\Low\backup.exe C:\Users\Admin\AppData\Local\Temp\Low\2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\2⤵
- Modifies visibility of file extensions in Explorer
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe"C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\backup.exe" C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exeC:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\backup.exe C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\2⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- System policy modification
-
-
C:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exeC:\Users\Admin\AppData\Local\Temp\WPDNSE\backup.exe C:\Users\Admin\AppData\Local\Temp\WPDNSE\2⤵
- Modifies visibility of file extensions in Explorer
- Disables RegEdit via registry modification
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD5feca33c376b3f9eb2512abc22c785d5b
SHA10ef5fcce6c6698f98b88295e0fcc20e5a32ebf80
SHA256a72bbb23c0cf92a466dbd8ab128cf87d4ae54384e1cb51e364235624e98fbfc4
SHA5120ebf918e773888b3f879a31044273235ada950e47571704d31da0878d6dcea6c8dd42f4796593b834f420c93f1a891a78358018a937ef84caacb7724807af1a9
-
Filesize
72KB
MD580440959e971183a9b90b6c41c98dd18
SHA1ddabb123db89d0f664baef9a0dc2a38faf5de858
SHA2564307527c424c3d96035885511ba04e02018a28f8db0a854ca7c8f41121923a1a
SHA51292bb6f2ec930dce60bef2c17341f7ff31b65bc3c2ddc2b78473d5205c1783e2b4c385d13cddedf1668d29c41c190b44f18b34f822d427b098c122e4ba696f862
-
Filesize
72KB
MD580440959e971183a9b90b6c41c98dd18
SHA1ddabb123db89d0f664baef9a0dc2a38faf5de858
SHA2564307527c424c3d96035885511ba04e02018a28f8db0a854ca7c8f41121923a1a
SHA51292bb6f2ec930dce60bef2c17341f7ff31b65bc3c2ddc2b78473d5205c1783e2b4c385d13cddedf1668d29c41c190b44f18b34f822d427b098c122e4ba696f862
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD5cc07c72c528d0e1e7f9e9bde705f769d
SHA1ef779e1a579d6e2929aebbd9884eebb58124764b
SHA2563ea7316fe240ec0e305a2e50abf4b4eb20b44923f73dd38891486120590931c6
SHA5121850852c7be931f3206b751cd25faba8e08eb82715f792c65b01f46441b23ffbb0ac0599e968a6c9167462c625ae4865a089c397e09538479577e3559ec7e588
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD5a52cca3152c99c82ff0a63c7e2b34d6d
SHA1f44de010bfcc5141d4b64fd831794bfb29e0d54c
SHA25689b1b621d1e227fb9cd8a3669d3704d1f3ee8f36878c4da4feff908e3f321ad7
SHA5127f662d05998786a3a543a95bcdbc228aab16132a5bd5aa2655d394ee1925967375fd6c6c8629f31c402a739edf90559d4a0d7dc83b6653d61006bf5524bb734c
-
Filesize
72KB
MD5a52cca3152c99c82ff0a63c7e2b34d6d
SHA1f44de010bfcc5141d4b64fd831794bfb29e0d54c
SHA25689b1b621d1e227fb9cd8a3669d3704d1f3ee8f36878c4da4feff908e3f321ad7
SHA5127f662d05998786a3a543a95bcdbc228aab16132a5bd5aa2655d394ee1925967375fd6c6c8629f31c402a739edf90559d4a0d7dc83b6653d61006bf5524bb734c
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD5f21a562c426c406007609038683e7d4d
SHA13363658727e1bc4a7198f6248d5abba2b6aa9a1f
SHA2565b5fd61d6e45dc8db743bee217628e373b0f526bbaff1d913d7953ce427574e3
SHA51209af51c144196f28a974ec28888110824e532be3590ddd52a3666aacaef148a819660e8ab9f2f3ceba0712c18febb7d3213388f352bfa9ad75c54a5c52ce0498
-
Filesize
72KB
MD5f21a562c426c406007609038683e7d4d
SHA13363658727e1bc4a7198f6248d5abba2b6aa9a1f
SHA2565b5fd61d6e45dc8db743bee217628e373b0f526bbaff1d913d7953ce427574e3
SHA51209af51c144196f28a974ec28888110824e532be3590ddd52a3666aacaef148a819660e8ab9f2f3ceba0712c18febb7d3213388f352bfa9ad75c54a5c52ce0498
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5ec40486f99b260650226ce829c95a0d3
SHA13ed57ed98d16a2f763e197f93034a8936d188530
SHA256e0b74ddb9389c289f7b8e7aa41861ac44619cb3a05d792e14921275357ad8d44
SHA512885c3fcb247afdc6949498f88285b5bcef4ac5c49aa44dfa701a989beb9137045147b2135db0aac76c033b3d3ee709e7f460a2e01f49b08322688b5278eb112d
-
Filesize
72KB
MD5ec40486f99b260650226ce829c95a0d3
SHA13ed57ed98d16a2f763e197f93034a8936d188530
SHA256e0b74ddb9389c289f7b8e7aa41861ac44619cb3a05d792e14921275357ad8d44
SHA512885c3fcb247afdc6949498f88285b5bcef4ac5c49aa44dfa701a989beb9137045147b2135db0aac76c033b3d3ee709e7f460a2e01f49b08322688b5278eb112d
-
Filesize
72KB
MD5feca33c376b3f9eb2512abc22c785d5b
SHA10ef5fcce6c6698f98b88295e0fcc20e5a32ebf80
SHA256a72bbb23c0cf92a466dbd8ab128cf87d4ae54384e1cb51e364235624e98fbfc4
SHA5120ebf918e773888b3f879a31044273235ada950e47571704d31da0878d6dcea6c8dd42f4796593b834f420c93f1a891a78358018a937ef84caacb7724807af1a9
-
Filesize
72KB
MD5feca33c376b3f9eb2512abc22c785d5b
SHA10ef5fcce6c6698f98b88295e0fcc20e5a32ebf80
SHA256a72bbb23c0cf92a466dbd8ab128cf87d4ae54384e1cb51e364235624e98fbfc4
SHA5120ebf918e773888b3f879a31044273235ada950e47571704d31da0878d6dcea6c8dd42f4796593b834f420c93f1a891a78358018a937ef84caacb7724807af1a9
-
Filesize
72KB
MD580440959e971183a9b90b6c41c98dd18
SHA1ddabb123db89d0f664baef9a0dc2a38faf5de858
SHA2564307527c424c3d96035885511ba04e02018a28f8db0a854ca7c8f41121923a1a
SHA51292bb6f2ec930dce60bef2c17341f7ff31b65bc3c2ddc2b78473d5205c1783e2b4c385d13cddedf1668d29c41c190b44f18b34f822d427b098c122e4ba696f862
-
Filesize
72KB
MD580440959e971183a9b90b6c41c98dd18
SHA1ddabb123db89d0f664baef9a0dc2a38faf5de858
SHA2564307527c424c3d96035885511ba04e02018a28f8db0a854ca7c8f41121923a1a
SHA51292bb6f2ec930dce60bef2c17341f7ff31b65bc3c2ddc2b78473d5205c1783e2b4c385d13cddedf1668d29c41c190b44f18b34f822d427b098c122e4ba696f862
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD5cc07c72c528d0e1e7f9e9bde705f769d
SHA1ef779e1a579d6e2929aebbd9884eebb58124764b
SHA2563ea7316fe240ec0e305a2e50abf4b4eb20b44923f73dd38891486120590931c6
SHA5121850852c7be931f3206b751cd25faba8e08eb82715f792c65b01f46441b23ffbb0ac0599e968a6c9167462c625ae4865a089c397e09538479577e3559ec7e588
-
Filesize
72KB
MD5cc07c72c528d0e1e7f9e9bde705f769d
SHA1ef779e1a579d6e2929aebbd9884eebb58124764b
SHA2563ea7316fe240ec0e305a2e50abf4b4eb20b44923f73dd38891486120590931c6
SHA5121850852c7be931f3206b751cd25faba8e08eb82715f792c65b01f46441b23ffbb0ac0599e968a6c9167462c625ae4865a089c397e09538479577e3559ec7e588
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD5764ce2aba217f983573e3523e1872965
SHA1c8a59daee0b9288014c1be295bbdf1f0ef0d13cd
SHA256214d0c6e17ca816f72e964ba0dd8f77775b9800ed1506890a775f22d6c731e11
SHA5124f8d8bb74ecb3e8de5109afa9be9e8d869a088ac4c1ddf13ae85df7a9a660f7460404b1fe700f2f8a58f62dc8a940c52c2da5e5d44c9aba32b03c92341022128
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD5a52cca3152c99c82ff0a63c7e2b34d6d
SHA1f44de010bfcc5141d4b64fd831794bfb29e0d54c
SHA25689b1b621d1e227fb9cd8a3669d3704d1f3ee8f36878c4da4feff908e3f321ad7
SHA5127f662d05998786a3a543a95bcdbc228aab16132a5bd5aa2655d394ee1925967375fd6c6c8629f31c402a739edf90559d4a0d7dc83b6653d61006bf5524bb734c
-
Filesize
72KB
MD5a52cca3152c99c82ff0a63c7e2b34d6d
SHA1f44de010bfcc5141d4b64fd831794bfb29e0d54c
SHA25689b1b621d1e227fb9cd8a3669d3704d1f3ee8f36878c4da4feff908e3f321ad7
SHA5127f662d05998786a3a543a95bcdbc228aab16132a5bd5aa2655d394ee1925967375fd6c6c8629f31c402a739edf90559d4a0d7dc83b6653d61006bf5524bb734c
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD55b3d921837f6c95d0b4d7cc0108b2242
SHA13f500fcc14b45f55a7e07825b4d418a50a5a0e18
SHA25696cde22ec247bd275d539f810e5ab45d8eb8f0c1442a4cb890b37a90f7e3159c
SHA5128c18d2cdb116265bc4395601cf8119e82e01a4d7552933f3dec325283b59ef588fb174ba26848fd6b22743fc0c768606bca96c6ff1065429b14abf3b5d0db0b0
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD594b355e3d490a58dd72cf815765361bd
SHA114e10629d689ebe613d9447f847aa50b237e4eef
SHA2561fdef5ca052473067a3a7dbd39fd4a4e97b8ffa7819113ec6997386b0cff5e28
SHA5123ee6ab74322efac720114d514500e811dc7557daa402277a0d218ae09024e18e77a9f3cd69cfe1f2b244130b420aaca60eaa4d793f64ac288896d4acdcb80b5c
-
Filesize
72KB
MD5f21a562c426c406007609038683e7d4d
SHA13363658727e1bc4a7198f6248d5abba2b6aa9a1f
SHA2565b5fd61d6e45dc8db743bee217628e373b0f526bbaff1d913d7953ce427574e3
SHA51209af51c144196f28a974ec28888110824e532be3590ddd52a3666aacaef148a819660e8ab9f2f3ceba0712c18febb7d3213388f352bfa9ad75c54a5c52ce0498
-
Filesize
72KB
MD5f21a562c426c406007609038683e7d4d
SHA13363658727e1bc4a7198f6248d5abba2b6aa9a1f
SHA2565b5fd61d6e45dc8db743bee217628e373b0f526bbaff1d913d7953ce427574e3
SHA51209af51c144196f28a974ec28888110824e532be3590ddd52a3666aacaef148a819660e8ab9f2f3ceba0712c18febb7d3213388f352bfa9ad75c54a5c52ce0498
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD54aee5e3370a1d220db58c589db63d237
SHA1ddd221265fa5710d11fd8103299b8ad8075ae06f
SHA2564a69e327337eb8bc22ba3f885468f6b127b5d52c6f0ffb845498cba6c4486d80
SHA512b35d55836c359fb9a9b81a4aeaf2aaa05fc19c0923cea67ab7530db1c1f40102c27ef2b5d48e2d18512378ccad7d67795f09c7a4e683a4c29cbf4239dbdde8c9
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
72KB
MD5bf49b0ccf30f389d688a1fce5a94fa4d
SHA14c91552f72fa484a8cdecce85cc8473f6fa18f44
SHA25614cf91cf371394116155a6ab5de9a8ff00e6d9bead8fca7b6450b60fb61f6602
SHA512dd0300d928c8a7228785700140041e1fe543cd9c341e3e14714b325e0a0be5c95fa611a9b392a07b01adaa896f6b9e4349961e2abc47700c932e913b90f8e917
-
Filesize
8KB
-
Filesize
8KB