Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
19-04-2024 19:54
General
-
Target
fb0d5ef6aa00ea8172c2f06a18006bba_JaffaCakes118.exe
-
Size
871KB
-
MD5
fb0d5ef6aa00ea8172c2f06a18006bba
-
SHA1
35ec47d2141b860e9c075867aa271cb393808d71
-
SHA256
ebf524997af43953c6c124093182cc565d30cc0efda51c01a08e1b2264ffde49
-
SHA512
72e6d8aa90f190a88ea09e9d48d401e1ad2c0e6a982ffc0d1d9b515997ea406c26c0de1ff01b50854ad4dbf07e1099b7e6f4ef524eb4baf87bd5201ab5fa03ac
-
SSDEEP
24576:au1e/bbLrswYfFBa6sFXFZb9H2QPY9EjIgqbPbKmuxyqsNJ:aOefswYfruDlTPcYIgyP9q6J
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 2 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs
-
Looks up external IP address via web service 4 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory 7 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 12 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fb0d5ef6aa00ea8172c2f06a18006bba_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\fb0d5ef6aa00ea8172c2f06a18006bba_JaffaCakes118.exe"1⤵
- Adds Run key to start application
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\1HITSG~1.EXEC:\Users\Admin\AppData\Local\Temp\IXP000.TMP\1HITSG~1.EXE2⤵
- Checks computer location settings
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\windows\system32\cliconfig.bat" "3⤵
- Suspicious use of WriteProcessMemory
-
C:\windows\SysWOW64\acf.exeacf.exe4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://adf.ly/ynSD5⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaf66946f8,0x7ffaf6694708,0x7ffaf66947186⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,16979954283208964265,11311737673347760493,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:26⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,16979954283208964265,11311737673347760493,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:36⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://toyibg.blogspot.com/5⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0xd4,0xd8,0x104,0x10c,0x7ffaf66946f8,0x7ffaf6694708,0x7ffaf66947186⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:26⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:36⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:86⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8544 /prefetch:86⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8544 /prefetch:86⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:16⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2955311567022545356,1999724321033769436,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4152 /prefetch:26⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5559ff144c30d6a7102ec298fb7c261c4
SHA1badecb08f9a6c849ce5b30c348156b45ac9120b9
SHA2565444032cb994b90287c0262f2fba16f38e339073fd89aa3ab2592dfebc3e6f10
SHA5123a45661fc29e312aa643a12447bffdab83128fe5124077a870090081af6aaa4cf0bd021889ab1df5cd40f44adb055b1394b31313515c2929f714824c89fd0f04
-
Filesize
152B
MD5e36b219dcae7d32ec82cec3245512f80
SHA16b2bd46e4f6628d66f7ec4b5c399b8c9115a9466
SHA25616bc6f47bbfbd4e54c3163dafe784486b72d0b78e6ea3593122edb338448a27b
SHA512fc539c461d87141a180cf71bb6a636c75517e5e7226e76b71fd64e834dcacc88fcaaa92a9a00999bc0afc4fb93b7304b068000f14653c05ff03dd7baef3f225c
-
Filesize
20KB
MD50c537a82da568b1528a5b4c5db95f169
SHA1cbce4bdcd79433b66466b9fe3c0fec730b1a5bb4
SHA25673279553e1043b5a1f12766aadf552ffdaeb0a22bff842e68a299dbb7af01ec8
SHA51276ed9ad0826f246c6a3b1b00215625e38437d477e1df4c57c2a56071a4c2d80465a62062b44e33de2ba58f90e664f0c9bdedc2b274ab54706209b812c0d95485
-
Filesize
44KB
MD557ae46a87a9955c7c61ce5cfebde0bf6
SHA12a9297a0e2ee5f4e0a9b1de88ffd2121d5d2ca77
SHA256891dc8b9999ba1b2d25c1a044b49330b66b86f986478282f4e5950b726e9878f
SHA51234e51215e347df35ae4cf8420e2148420780f78123a37450682ed92841c6e1dd1635317cae1ef925a001bda733228db0f5de87faa0a10c36cb967e9b70691689
-
Filesize
1008B
MD5502fa5a61aa74b423169331a26151fb9
SHA17633548fd309c38b66271b11e011091f1dca287c
SHA25614ba54cea7b759fbf5302d7476d0df2c7c35b556a397078a0a155b1ac117fd6c
SHA51278bb6bd45f2fd4a0fd56abf5f4ce7f0836e2f122a632c733047fa7df4b002991a9592039f11cbcd2c63a5c48dcbdb0f2cb5cdd44da4376441e67a731d7c461ac
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
5KB
MD572d5742d31098ac3429fcd65fce0e756
SHA1603d2f042ccd82273ef8832ede56334097bd3a6d
SHA25616165ce0349497a68e7e0729e14c26daaf6c31ac2ace01d04a4c0d4b2f7eded9
SHA51211189d318cb5b6e9a3dd2b4c7b22c8e8171243d919fbcc474ff15276965a85c01b93f73247fe641fe37e31c7bf96494ea8892b9d9c133a6500d810a3b7a3a3a5
-
Filesize
6KB
MD5f9c8f2d0e6b4b5dd33075467bbfb0610
SHA1141da34c98f15aabdc4f1760f42fb28ec53e966b
SHA2563de81e01d2a909957060729e70052ba15e1c762fc11fc74281dd9e0b875bbb63
SHA51219509da0bb2dc3f49a94bb95e0e92be634d5497a8242a9f4d409341538721562558f795f791020a175c0031c7c12977449998abbd464b3f3a1deda7d6cfbc081
-
Filesize
8KB
MD5a87b18f6ffbae539d95a8120d7616536
SHA1f79d918891d0fc914bf680ebdf52696fc79e9119
SHA256195f5abfd54a2a54b352c73f17ceb543b83407f5534dc297bf8440274bc75cdc
SHA5126531b31b74e2bc52c937e0dfba5449074c6a344e248c72b0d3e5bedc29000d1b85a77437f85480a5abd8810333fbd59ec95204c4ec9750a30a797b29ff8ec4ed
-
Filesize
9KB
MD5cb3b91973b59a421058731a4e0c0570f
SHA1cbc70902c7b63113ae6aa0130646467b819447a5
SHA25607079b550b69fd52dae8202840326fb2f8abea95ee113660d18a1cf33f4838a9
SHA512f8bcf813a494398e26bbea2d1efdc391cf889997a61a7cd9d973fd85b0d7a5932e1cc72bf1a342731a756329ffd80887f4905688572d10a02cfdd53e8df8e7cb
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
8KB
MD501bd7dd2f39dcea3bbca13f3ec6091e8
SHA17b05572499d2d81aca76bfd14b6caa2d40710d03
SHA256910ae6f026397281174eea4efeabf0fc9bcf4ebba1bcaf29e5711504ca89c92d
SHA512744f6bcbd6130a7336d17d0c22a99b3e5925046d981804e52b82133c589738c717d5ee01b6b57aa6556eb1f050d37f19e78d9626ee262a26421f5737fe10ea11
-
Filesize
11KB
MD566ff24b2c82e3a23711dce2d7a71f8cf
SHA171ebcaf2f6e7498457164bbb844c597112045ff6
SHA256fff8f766f5f73c76e27676b68f98b8efbf9a20c4269a80144a021f68d3c76321
SHA5122c241ab08dcfe8ef437e1d6096fb647186ea22231347217103e0cd633dbba2a566c0180021f34d8b4ea305a470dc50ecf15425bd65fc6019c88f04ae2e678377
-
Filesize
906KB
MD56be0c57192e36388808f2e22c0c9b6e9
SHA1dce214d53029a296e399adbe32a4e4eb254ecd2b
SHA256cf273892a6f3990ac80525d110aa08b24211297c5e4c31328da38719ae1dbee1
SHA5124753b1688427e36ab2794a7379d8b6068070984df1ac77c13a0e37484d9fe8d2a04cca423d33eb040337ea05e51499e6b305ba0c5dea67a301f586e33fe60f9f
-
Filesize
43KB
MD595e5b11cece6b47819d4958e5871b0cf
SHA128838fce8fb45287788d640e78c2f786f8122289
SHA2561f30608923d4845852561484e2082b2c908515d82204ff6ca84823c3d745b6f3
SHA5125d16887d9bbf957e06d01cd79428498b2bd59e17bdbf259a3b72bd25c310dd26c028319a284be8c606960107f133f64a368e8b9709ffb62f743c32468ed71667
-
Filesize
2KB
MD56cf9bab2719ef4ab921d36d4babbb710
SHA118794b2057c930115a64a64af65b277118880495
SHA25603a87a2aa98020adaf773cfa6585eef752c34179fa390107e9fd3a601468d589
SHA512b3886d5cf06b0791cd5b23519cd1cf0a6c558175ad633a0966e5fcac3b95740c55a77c9e813d254cf9d64b1168e6df4f70436b9e47301ea4bab7fe45628b2f81
-
Filesize
614KB
MD5ea8f1ebc9734eae0a72938a24c319a25
SHA194ad4f05d784d29bcd59f015917000ef82ea7b43
SHA2567daca7b7a3aa2a50bea44171d1fdb6d49e4cf73dfebec1bb9fba8f6a6e525f16
SHA512088b84f74b9fe74c7cd80944d0c85fd7db82886c6434ff2f0e552b49d49e37836c640ddf80b548722f8fe195351fe7a65fc969fe6d8baad695701ab270e58988
-
Filesize
304KB