Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
145s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
19/04/2024, 09:29
Static task
static1
Behavioral task
behavioral1
Sample
fa01e41af84eb41076a5df4a6682c865_JaffaCakes118.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa01e41af84eb41076a5df4a6682c865_JaffaCakes118.html
Resource
win10v2004-20240412-en
General
-
Target
fa01e41af84eb41076a5df4a6682c865_JaffaCakes118.html
-
Size
91KB
-
MD5
fa01e41af84eb41076a5df4a6682c865
-
SHA1
d151aab181d2eb0729a3f3cb4eda41344ab15608
-
SHA256
5cb163ef054ff77abd500bff4b07cebda5a0190a7145eb00d633e1be05667cd6
-
SHA512
2796df827f23b6683bb0b51db645a7c5295a98ca7fe43a2cf4fc5c36ff572530e87daeca96f748fcd0dc7d878c5dc2585635a81a47dfb8c64dd7d3c34f59674f
-
SSDEEP
1536:k8SI4H2XAhKOUYIuVFwr6jfedyScDV12xaLYHhOoNqPfvYMc4If:aH2XLG9Cy5DVb/Y94If
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 2160 msedge.exe 2160 msedge.exe 2284 msedge.exe 2284 msedge.exe 2312 identity_helper.exe 2312 identity_helper.exe 2492 msedge.exe 2492 msedge.exe 2492 msedge.exe 2492 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
pid Process 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 1288 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 1288 AUDIODG.EXE -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe 2284 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2284 wrote to memory of 1228 2284 msedge.exe 85 PID 2284 wrote to memory of 1228 2284 msedge.exe 85 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 1172 2284 msedge.exe 86 PID 2284 wrote to memory of 2160 2284 msedge.exe 87 PID 2284 wrote to memory of 2160 2284 msedge.exe 87 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88 PID 2284 wrote to memory of 4900 2284 msedge.exe 88
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\fa01e41af84eb41076a5df4a6682c865_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2284 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff5b1b46f8,0x7fff5b1b4708,0x7fff5b1b47182⤵PID:1228
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:22⤵PID:1172
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2472 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:2160
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:82⤵PID:4900
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:12⤵PID:2792
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:12⤵PID:1676
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1132 /prefetch:12⤵PID:4576
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:82⤵PID:3708
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:2312
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:12⤵PID:4140
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:12⤵PID:4460
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5808 /prefetch:82⤵PID:4340
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:12⤵PID:4076
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:12⤵PID:1324
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9445492883986130727,9059169414870672389,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1360 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:2492
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1572
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3500
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x2f0 0x3041⤵
- Suspicious use of AdjustPrivilegeToken
PID:1288
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5120a75f233314ba1fe34e9d6c09f30b9
SHA1a9f92f2d3f111eaadd9bcf8fceb3c9553753539c
SHA256e04101215c3534dbc77c0b5df2e1d1ff74c277d2946f391f939c9a7948a22dd0
SHA5123c4eb93e425b50e8bcc1712f4cc2be11888a0273c3a619fc6bf72ccab876a427158f661bfc80d0c1e47ef4116febf76a3aaa31a60ec662eae0e51c7f1d3d89b3
-
Filesize
152B
MD5bc2edd0741d97ae237e9f00bf3244144
SHA17c1e5d324f5c7137a3c4ec85146659f026c11782
SHA256dbce3287c7ae69ccbd1d780c39f3ffa3c98bd4609a939fff8ee9c99f14265041
SHA51200f505a0b4ea0df626175bf9d39a205f18f9754b62e4dba6fbb5b4a716b3539e7809723e1596bcfe1ba3041e22342e3a9cbaad88e84ce9c8c6531331bbc25093
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize456B
MD539ef284ab795dfcd6aa5b0ed3729ce8c
SHA10fa8424399f64eb11b712af59c49be4aaee9164e
SHA256ae5834d22edd57d2971866682364a1e76e8655c23a042f1a6f197790b2c7dccb
SHA512da5bf7ca3dbd3d187d887c4298a7cb9d1c8144d2a8ceffe20866d90a5e9caea4ebe34f94347689e68b7ddf75fa7b3b88c4216c2d04f5280caf1c2fba8f920b20
-
Filesize
669B
MD5ba97292516906889e4f9abc53a81168a
SHA128da2ea6f5273090d068d38145e7252c679acd48
SHA2564bbe3a4713cbcc1d436eafbd68e8e5045f664a76bebfb388d1bcf63e55b077da
SHA512e585d53c7be0118ce679159874275feda6b2e6c5ac9c09240431d9df47e5679ed3e387802cba298bcdf73126fc730ed48e1ffc216af568b1874b0625f22708b8
-
Filesize
1KB
MD5b121cd41a14f5641e96fc8e4d08b47c1
SHA11ec351dfbf2cde57741d405a47522687a0363332
SHA256156c8c973d15460bd2cbde75f2b595dc42415a56897ce1b0e57da157d84b5358
SHA512f691161c211f376c8687fa9a52263b362ea1a992b4b07842569db2bc0e9572f1ac7d06ddf8cdbfdfbd2d58e32071ff2dfe82b8b3f1e6b88edcf5325cfc9590ae
-
Filesize
6KB
MD54b29005cfa93b9ae7aacec215bed82cd
SHA1868659b641bf4a2cb340fb38de18327dc48913dc
SHA256276e65dda827da07976ee850dd6dbce71976a0848db570c45abd09a4c8d95343
SHA512966b3d20100878b1ebe5aa2ba616caca03fb57abd251a77e0335a39ce59dc51051a3e6e83518c93fff4c2c34604fe4c04bdb503e93b6150cac57717d59881b67
-
Filesize
6KB
MD5bdb064dba3d4deef9447dcb589d15cb4
SHA147c16c1a0cabab909454d235456c6327e641e29e
SHA2564d04aaeba28e57d18687bcfc136a69ed1c299e85aa135de11118c0e685d3f646
SHA512d7a55a3e53ecca05e6c7068b681a8e1486ba6eaa604ba35be3a6742168733e78e0648f61c736060b7eabf375f46b593df4e32ff089850f7db2b5fb566046837b
-
Filesize
874B
MD5af5c7d02344f2eaf2717fb5081b8ce2a
SHA183d02caf6ddf802f2d2d235077a1038f278f57c2
SHA2568a896afeecb322dbf055d77fa26a1de627a3aae33a988d4cb98d0f69d660ed2b
SHA5128d32bfbd467c73acb76f50b84a7b84999ae1cd07263b276def34f2d1b294669f47d1acf35856fa0cb4aab7bd15aa934ee15b24b7ef9a80054e23a8d343cecaa5
-
Filesize
706B
MD5ee8f06b3fe0cbe9a45121b1d8122c96c
SHA1eb9271f2eb61a5c7cd885b2a1dace4ffdbcdcb41
SHA256c393fa3cf89454858dd92e19b694cef702d0358ea3caf5bae362020aa919a8ca
SHA5122ffe17b9e9486c5854cc2f0d0f6ec4c8ce086726f3ea27a3520b826b410e87276c7bbd783a48eeb23f161297c843063577b700ca51256688d549eb5211da3cf9
-
Filesize
203B
MD5a4f9cf315c638db70074ed9c81859dab
SHA107899605d3286c40e9668161761ea3b1d61f56ad
SHA256fa743f2d5367143da821542789f70e792b7948dd960c8d313c3329debb000939
SHA512102217f0d021d17162aa488616c8fda34ee7028e95086cd5b2c59f96602f6cfa3e466821579ae26aa6c458fab63289bc2a5528d30cb39e76daa4397f37f24085
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD592500ceeca34f16feb0177f9dcd16bca
SHA130c9cbcc3acca364963f0098198a2a46a588abb3
SHA256d365da937b0583d694f2eff6af7e1c71818f1686d38b31bac687cf465067bded
SHA512d0571f636c18af9b910695570a1b63f0517209cc002d39ed3b86536919bbf9e7c4f84700fc5dddac24707a6af33b661719765d50484af519be7311f69c4abf1f