Overview
overview
8Static
static
3pcstory/Ey...or.dll
windows7-x64
1pcstory/Ey...or.dll
windows10-2004-x64
3pcstory/GoodGame.dll
windows7-x64
5pcstory/GoodGame.dll
windows10-2004-x64
5pcstory/IOCPTcp.dll
windows7-x64
5pcstory/IOCPTcp.dll
windows10-2004-x64
5pcstory/IOCPUdp.dll
windows7-x64
5pcstory/IOCPUdp.dll
windows10-2004-x64
5pcstory/IconCache.bat
windows7-x64
8pcstory/IconCache.bat
windows10-2004-x64
8pcstory/TCPX.dll
windows7-x64
3pcstory/TCPX.dll
windows10-2004-x64
3pcstory/UDPX.dll
windows7-x64
3pcstory/UDPX.dll
windows10-2004-x64
3pcstory/gsbase.dll
windows7-x64
3pcstory/gsbase.dll
windows10-2004-x64
3pcstory/massctl.dll
windows7-x64
1pcstory/massctl.dll
windows10-2004-x64
1pcstory/pcstory.exe
windows7-x64
7pcstory/pcstory.exe
windows10-2004-x64
7pcstory/st...pi.dll
windows7-x64
1pcstory/st...pi.dll
windows10-2004-x64
1pcstory/st...nn.dll
windows7-x64
1pcstory/st...nn.dll
windows10-2004-x64
1pcstory/st...re.dll
windows7-x64
1pcstory/st...re.dll
windows10-2004-x64
1pcstory/st...rv.exe
windows7-x64
1pcstory/st...rv.exe
windows10-2004-x64
1pcstory/st...te.exe
windows7-x64
1pcstory/st...te.exe
windows10-2004-x64
1Analysis
-
max time kernel
153s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system -
submitted
06/11/2023, 15:42
Static task
static1
Behavioral task
behavioral1
Sample
pcstory/EyoonetMirror.dll
Resource
win7-20231025-en
windows7-x64
Behavioral task
behavioral2
Sample
pcstory/EyoonetMirror.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
pcstory/GoodGame.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral4
Sample
pcstory/GoodGame.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
pcstory/IOCPTcp.dll
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral6
Sample
pcstory/IOCPTcp.dll
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
pcstory/IOCPUdp.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral8
Sample
pcstory/IOCPUdp.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
pcstory/IconCache.bat
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral10
Sample
pcstory/IconCache.bat
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
pcstory/TCPX.dll
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral12
Sample
pcstory/TCPX.dll
Resource
win10v2004-20231025-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
pcstory/UDPX.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral14
Sample
pcstory/UDPX.dll
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
pcstory/gsbase.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral16
Sample
pcstory/gsbase.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
pcstory/massctl.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral18
Sample
pcstory/massctl.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
pcstory/pcstory.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral20
Sample
pcstory/pcstory.exe
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
pcstory/storyservice/fp2papi.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral22
Sample
pcstory/storyservice/fp2papi.dll
Resource
win10v2004-20231025-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
pcstory/storyservice/fp2pconn.dll
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral24
Sample
pcstory/storyservice/fp2pconn.dll
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
pcstory/storyservice/fp2pcore.dll
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral26
Sample
pcstory/storyservice/fp2pcore.dll
Resource
win10v2004-20231023-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
pcstory/storyservice/fp2psrv.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral28
Sample
pcstory/storyservice/fp2psrv.exe
Resource
win10v2004-20231020-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
pcstory/storyupdate.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral30
Sample
pcstory/storyupdate.exe
Resource
win10v2004-20231020-en
windows10-2004-x64
General
-
Target
pcstory/pcstory.exe
-
Size
27.4MB
-
MD5
82c25a0a74d083a20a6a4c0f2cd29638
-
SHA1
833f91973b228f376203270c733c8902be3d38d8
-
SHA256
7d01d270c1b6ea127648e1219d8bc1864fae51a411d6b820fd57f559411f3d13
-
SHA512
c37d74f534f0d224467b6250e13f3cd8e36f56e7e303fb9380188bc74f5315aaa02bdce24996c639afb8da04908880c0fdb4729c87ba64b110819938078ab19d
-
SSDEEP
196608:R+9rUtY2V6yuixJ+ChoaB9+B97+V6+lFLOyomFHKnP:R+J2zNxJ3B9G7WF
Malware Config
Signatures
-
Registers COM server for autorun 1 TTPs 7 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe\"" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ServerExecutable = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe\"" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ServerExecutable = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe" fp2psrv.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe -
Modifies registry class 51 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{70327066-412E-7070-4964-E99988E79BB4} fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\AppID = "{70327066-412E-7070-4964-E99988E79BB4}" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\Version\ = "1.0" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\AppID = "{70327066-412E-7070-4964-E99988E79BB4}" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\TypeLib\ = "{70327066-4C2E-6269-4964-E99988E79BB4}" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\Version\ = "1.0" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ProxyStubClsid32 fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\TypeLib fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4} fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\ = "FolderManager Class" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ServerExecutable = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\FLAGS fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\Version fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\0\win64 fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{70327066-412E-7070-4964-E99988E79BB4}\LocalService = "fp2psrv" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\0 fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\0\win64\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib\ = "{70327066-4C2E-6269-4964-E99988E79BB4}" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib\ = "{70327066-4C2E-6269-4964-E99988E79BB4}" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{70327066-412E-7070-4964-E99988E79BB4} fp2psrv.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\Version fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib\Version = "1.0" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ServerExecutable = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\TypeLib\ = "{70327066-4C2E-6269-4964-E99988E79BB4}" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4} fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\HELPDIR fp2psrv.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\Version fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\TypeLib fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4} fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32 fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\FLAGS\ = "0" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ = "IFolderManager" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\HELPDIR\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice" fp2psrv.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\TypeLib fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\ = "FolderManager Class" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe\"" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0\ = "lightningLib" fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4} fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ProxyStubClsid32 fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{70327066-4C2E-6269-4964-E99988E79BB4}\1.0 fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\ = "IFolderManager" fp2psrv.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4} fp2psrv.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4} fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{70327066-432E-4D46-6772-E99988E79BB4}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\pcstory\\storyservice\\fp2psrv.exe\"" fp2psrv.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{70327066-492E-4D46-6772-E99988E79BB4}\TypeLib\Version = "1.0" fp2psrv.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 2160 pcstory.exe 2160 pcstory.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2160 pcstory.exe -
Suspicious use of AdjustPrivilegeToken 7 IoCs
description pid Process Token: SeManageVolumePrivilege 936 fp2psrv.exe Token: SeManageVolumePrivilege 936 fp2psrv.exe Token: SeManageVolumePrivilege 4944 fp2psrv.exe Token: SeManageVolumePrivilege 4944 fp2psrv.exe Token: SeManageVolumePrivilege 2160 pcstory.exe Token: SeManageVolumePrivilege 1392 fp2psrv.exe Token: SeManageVolumePrivilege 1392 fp2psrv.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2160 pcstory.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 2160 pcstory.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2160 pcstory.exe 2160 pcstory.exe -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2160 wrote to memory of 936 2160 pcstory.exe 88 PID 2160 wrote to memory of 936 2160 pcstory.exe 88 PID 2160 wrote to memory of 4944 2160 pcstory.exe 89 PID 2160 wrote to memory of 4944 2160 pcstory.exe 89
Processes
-
C:\Users\Admin\AppData\Local\Temp\pcstory\pcstory.exe"C:\Users\Admin\AppData\Local\Temp\pcstory\pcstory.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2160 -
C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe"C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe" -RegServer2⤵
- Registers COM server for autorun
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:936
-
-
C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe"C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe" -Service2⤵
- Registers COM server for autorun
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:4944
-
-
C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe"C:\Users\Admin\AppData\Local\Temp\pcstory\storyservice\fp2psrv.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1392
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
55B
MD56b8a2424526f4439064205defd409d10
SHA110ba7c37d1f038f6a10e2785095a6f651f36549d
SHA256c6fa1a0c9d2dc40677aa913787871bb2c18776b8149d024a3d1baa6c0c5af8d6
SHA512bd4fa2a5e61cd7e8e4af27d32d79255ddcd924cfcdb69f05e352f512da7ee02828212d40ffacb84a09afcd1de5498893b7857facaeb0c31952b4cf8fa65dbcf3
-
Filesize
1KB
MD5345fbf9a9bfc58efbacce2711f0d8fce
SHA1b11829b2e3b9ae6606b524ba48ae6fd45b47b52f
SHA25648d1591499a8ae60ee78f953206e5704418a5c469cd6d6e8398614baafb66191
SHA512c1ddd1a336d9884a2a369315e667230a14572c4c2880df0a66044e1270a8247b8ada68ad91b5633288117442fc220c8ab8f547305468a58a06917102fcddf04d
-
Filesize
2KB
MD5accd1ca5d44800f61cea12a1bafdc920
SHA1258c9bb3ac156ea5da3725f0633c229c45e86a6e
SHA2560eca5b26e6d821cc93bf815686bb012d40ec8fed87ad05e480f95b2f25d1e503
SHA512f61828322a1f3ef5787edaa9cf3033fefb0e68d89850a1eb67cd837c784770aade2c6d8c439a2a1dd7e04340ee8119d8be87995d65d95b33b883804338aeb8a8
-
Filesize
2KB
MD5accd1ca5d44800f61cea12a1bafdc920
SHA1258c9bb3ac156ea5da3725f0633c229c45e86a6e
SHA2560eca5b26e6d821cc93bf815686bb012d40ec8fed87ad05e480f95b2f25d1e503
SHA512f61828322a1f3ef5787edaa9cf3033fefb0e68d89850a1eb67cd837c784770aade2c6d8c439a2a1dd7e04340ee8119d8be87995d65d95b33b883804338aeb8a8
-
Filesize
643B
MD5f3553feb1cbc5848d174b0fff0f81907
SHA1743a6f71ad423fd4831d23a526ddc421af7d80c2
SHA256b1f4470590920383e3c1c0daed75ced10964fad22cd71debb7d6c72edd79f2a5
SHA512cae5f395620ac95e694c6e0f2cf6ac1fb90d632f140d8afb53ef03d6247880fcf5225e991b5d9ffc72aaa576e8e4c0b8bdfaa918d17fbb33bfec37622fc25987
-
Filesize
2KB
MD5c299c32129d4a93898d2e8c41e3debef
SHA1096be4eea3b38bc7fb4405d529ff3a74ad02729b
SHA2560e63d6b3e025100d45dd148d378176eb58338b839e14401992a209cd10b89d39
SHA51286b87797926832e1ab81859d3275d375d6806b02cfa01bf4a9306b614d54c3ee19cd50084a3b0ac9acee78b93fb9e246b7e518b6bcb19d48a590b5f3281b1ab0