Analysis
-
max time kernel
143s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
30-04-2024 02:57
General
-
Target
2024-04-30_d1cab9e32100e53544e2829c2379c6a6_ryuk.exe
-
Size
2.2MB
-
MD5
d1cab9e32100e53544e2829c2379c6a6
-
SHA1
11a58cfe710fb9729e85ba3864d496ddf1139551
-
SHA256
9959d3279bdd9e0ea9d6c94101120a611fe957b8e5feaa6244b7cef9ed19c9e0
-
SHA512
0f9cd9a2aec334702fc66dc0854c98a95e7a1c1021893795bc4e7705e46e7e3e3dd9907568f07b58d8a47fe0b221a159a6eb4f509af91fa355188952b8962adb
-
SSDEEP
24576:MOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58tTduSZpUR0GHrVQ1aW4mSOgv3isi:MOOh3aN4kuLbegmtG8pAHrVQ1/fSNvi
Malware Config
Signatures
-
Executes dropped EXE 14 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory 22 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 4 IoCs
-
Checks SCSI registry key(s) 3 TTPs 36 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Modifies data under HKEY_USERS 5 IoCs
-
Suspicious behavior: EnumeratesProcesses 7 IoCs
-
Suspicious behavior: LoadsDriver 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-30_d1cab9e32100e53544e2829c2379c6a6_ryuk.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-30_d1cab9e32100e53544e2829c2379c6a6_ryuk.exe"1⤵
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\alg.exeC:\Windows\System32\alg.exe1⤵
- Executes dropped EXE
-
C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exeC:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv1⤵
-
C:\Windows\system32\fxssvc.exeC:\Windows\system32\fxssvc.exe1⤵
- Executes dropped EXE
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵
- Executes dropped EXE
- Drops file in System32 directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\elevation_service.exe"1⤵
- Executes dropped EXE
-
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"1⤵
- Executes dropped EXE
- Drops file in Program Files directory
-
\??\c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"1⤵
- Executes dropped EXE
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4252 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:81⤵
-
C:\Windows\System32\msdtc.exeC:\Windows\System32\msdtc.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
- Drops file in Windows directory
-
C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exeC:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe1⤵
- Executes dropped EXE
-
C:\Windows\SysWow64\perfhost.exeC:\Windows\SysWow64\perfhost.exe1⤵
- Executes dropped EXE
-
C:\Windows\system32\locator.exeC:\Windows\system32\locator.exe1⤵
- Executes dropped EXE
-
C:\Windows\System32\SensorDataService.exeC:\Windows\System32\SensorDataService.exe1⤵
- Executes dropped EXE
- Checks SCSI registry key(s)
-
C:\Windows\System32\snmptrap.exeC:\Windows\System32\snmptrap.exe1⤵
- Executes dropped EXE
-
C:\Windows\system32\spectrum.exeC:\Windows\system32\spectrum.exe1⤵
- Executes dropped EXE
-
C:\Windows\System32\OpenSSH\ssh-agent.exeC:\Windows\System32\OpenSSH\ssh-agent.exe1⤵
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService -p -s SharedRealitySvc1⤵
-
C:\Windows\system32\TieringEngineService.exeC:\Windows\system32\TieringEngineService.exe1⤵
-
C:\Windows\system32\AgentService.exeC:\Windows\system32\AgentService.exe1⤵
-
C:\Windows\System32\vds.exeC:\Windows\System32\vds.exe1⤵
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
-
C:\Windows\system32\wbengine.exe"C:\Windows\system32\wbengine.exe"1⤵
-
C:\Windows\system32\wbem\WmiApSrv.exeC:\Windows\system32\wbem\WmiApSrv.exe1⤵
-
C:\Windows\system32\SearchIndexer.exeC:\Windows\system32\SearchIndexer.exe /Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.2MB
MD59e26545bd48e26fc83f27f45223eba07
SHA1258dba75ef009e15b4f3ff58e7ce440e964bc0f0
SHA256d1de5e702ae0085cacd8f2fab8cbba7026bf1d1d983f2a9bbc90f7da4dd507c7
SHA512d1519455b2b9ef9ba9aed430b88c92a6b3af34aacb24f38f161b919bf1c9dbe12721c14d4d3d48d00cc8ee50ff09d8fd6657735aad616a6122b2f6a0964e914d
-
Filesize
781KB
MD5caebac7bbea3e4424f4ee3772ad707fe
SHA1a3c0036e7b7d3492e81fe1a9e47d35f513348bee
SHA25614f8e75be83fa91ac75008128ad0f6689c6a8f25d019e7efe32b8288ac5732e6
SHA5124cd5e926ac5321e19344f742248a280c98e1a1ab17d71a88879fd0d535b76973d471ab55886bcc32c0d64a6ad6ce70d9f267bb067ada31cdb8eb5954634f84d1
-
Filesize
1.1MB
MD5a2a939c272680d38c29f1294cec2908b
SHA1ba9992b1caff7cd42613466ef0e0d26fed93c761
SHA2569894cb623428eca05730957e76dd2c883faf59a1846afb25348d3ecaef2d26f6
SHA5126b975ac8e14fd878e777072fa4d114a6c74294645bf6e9f13ed674fc1720f98d3997184e5a47a7cc2aea43fc921ccb30fb9dc7f9178d28d6cd99d8feefdf5693
-
Filesize
1.5MB
MD5eec10611e61edfff71a3d98f43a37866
SHA188a37b9c93f1ce9fe67a443c7841138874cac2e3
SHA256a03fec79b90cd86e6cdff30a999d87dfdd52f9273e562119544156d999fbc167
SHA512225fe4ffafbd0d0c949181f8e368459b6d8c44f20008207ca81ef307382652a5b6a232682a6e0da9eccb500824a531d778e2a9e7a8133d693154dcf48541e5b9
-
Filesize
448KB
MD52fc370256e5aad8f934ba449a45c7d96
SHA114700adee05e38b9c2c6599b55707ab3ae18827d
SHA256d11d198ce95128641b9990dbe3b9b73a00bf050460a1097b0e3669c2cf5200d2
SHA51238a649427cb4b0b5f1fbb518041a703540bbf032661ebcf79f3e6319585ee335e18ceee62d7e1940a7c22211d00d13a87902044ccb8db60e6f7a1f023e9b050b
-
Filesize
582KB
MD570667541fc7e3c4ba12b04395a35c0a4
SHA1a6a93d63373b8db8a8f1fd90943d075bfc6c42ab
SHA2565002394d7bd5172ade25e5165a6427b7dcc449c2598ff4756dc4790eca4bfb60
SHA51251ced7dc1b855f1b19bc6d68e00a48a65a6421b043e270ffe6f4f3aa641d5fb0779a00d153f7a4e80d167552697d3ecd2f682c0729ee8053cd36566c4229f8b8
-
Filesize
840KB
MD588944a4ba47d2fd31e5a2fc869396edc
SHA1be9e5da7789d12548aa77ee2a0a9e031b15835d7
SHA256929e9ebdeb3eae1554186b1e1f3a075031f3543d71cc64973ce7797548b27058
SHA512fcc12878c6b64fd92cfbdf215b55e2ee5b08d77e6fbe2143893009f5cef4a9dc15f10edf3f104623827258715ba641c14fe7b6667d5b6ae18686859215be38c0
-
Filesize
4.6MB
MD5eee3b642471e284adc908051155d82e5
SHA1ad922df533457e790259745371f628764e1622bb
SHA25617fa82a5cb1dc111b20ca3f664bcf47e3e5f81a8c927a6ded56ed1a460a9d329
SHA512b3063eb0a2d45f57fdc78e4f9cc884aa47a12f7b2e0c31f906a0f444bfd523f705232e61a7d7a8f82e1857aa867d6e0e191fa368882de0b294354fce8715b29b
-
Filesize
910KB
MD570d58378fbb68a91c3245d5e30e6c6df
SHA127d4a0009cfd7c3fff793f7b31efc45a4e680cc7
SHA2562977a61c65a2c67f2b069f4d79198c6cc7f9bc4a376ea9276edca0ac4eff4661
SHA51295c6b01c7772ce3ff7d3a1c0706e21415fce1c4154b978d180804be9f2cdc19524cf58fefec9e8c3e34785b045b3b888ec220a321e6def2548ccc4ea8a3d098b
-
Filesize
4.9MB
MD57e742880c3449cdd07c5820ce40a2374
SHA197815b41f5dc300e7642312560ec004c513f47ce
SHA256acda76d55b586ae2675946cf005b31e3ae06033ac3af5736a8ff6900a12d7c0a
SHA51269b5052592d57cafa4bab45c39942d42b9975fb7259cb1cd82f20e1a409a934785d5fdb447cc6c9dd4c2f3ea5fcd64a98a16a41c2f060def665ba608ab898d52
-
Filesize
2.7MB
MD5e347ee2094707e516b2135a4e7f0d667
SHA1bab20c5319eb15d5de2653fd6cbca36e6f75b6fb
SHA256dff65da698057bb4ad4c13cd6422c1516e173027d347439d8f1e2a947b465ae2
SHA5124b5fed95d56198235e44b0c1aa98c7d6cb5d61ad296fd597e3a4f6e1d98f4969ba6ce8d729db0ddf065a4747edc4d6e216501f316d3ceca0c5b49a840af9e443
-
Filesize
1.1MB
MD58174f3baff564a4fbe3c1eae1a3bda51
SHA1b830942e073f1d3a9da8140fde6e42fd2e629b23
SHA256cfe9e79248ffc905a6a334db71b5e42c6f98cbd1ac91035f2d0c955ab45d8f10
SHA5123b1729ef3aebe847b853e1bc00469b3e3e08da11be65ad6aeef095836b0acc0c9ef5b977150434aa4e6379d6e6062926229a0fc24e7c2c5332afcb427d16bed7
-
Filesize
805KB
MD57d019f5f30a51e01c02bed0161c21128
SHA1cfcb05b8f6240d2ef575683fdde87097c107f3f6
SHA256560ad12f16f3c7fe50eb4bb56fcac7819d643532c603344c4341b402e1e6907f
SHA512b3218840b753b19ccdde93cf028ad8dce6119e1d8ae61804696ff8d06807339304bd74ff84bc449d856628d680de727b43c67c0463da5af6b25d677c45278f78
-
Filesize
656KB
MD582fc1f0699e48a2adffec25397a4c8ec
SHA12e4efbdff0f54e76c9ae4e432cf3d36c8edb49ea
SHA256b493875d7f9993998aacdfc628919ca96f8a500612b5e39a20ab843a87c186bf
SHA51240b9471071227ff372972047a1199b7e83500a312863f5b00e23ff6b3b33f7d5049cd2fec193d6bdf1213eb8c3a0c3d6623bff5908e9b077c10b2ad75db38a87
-
Filesize
4.7MB
MD545e673456cd18f636459fc1358784f61
SHA19bee18fcaa5d8cbc10cd6e69c86e99adadcc75cd
SHA25646acc85ad8d6871372f5217ffc8503874cf0628b7c05129fdfb985cd7a65bada
SHA5126a10d39eaf943c6e040e3eca4ec8582064591ec556266d71040a6cdbf406bcecbb52d752fefcce5419bb5f24cd1999949e49ba22cb589e3759fce1046fb8c647
-
Filesize
4.7MB
MD5f64c6305838e52ef0f32e4263a299b43
SHA18076d211de8122f2e1c159fa7ac89e1efdb2cce0
SHA2564667e35182940460d69f15bc6e564f666e9beff8ff29d396d0dcea2751e0e116
SHA5121f7134332ef66816b28cdea126c73f511d93102dcaa8d5d7f2e71471668221088db69977a73549325bfa3bf7afeea2d25af9f630f97a68a91ba5fcf0464f56b2
-
Filesize
2.2MB
MD520b69af39e9504e2924283129f42931e
SHA145d13f82aba28719cc80cca8e711252003fe590c
SHA2565abebbea20f138571e5ff83ba827769640064fa019348572da14aa736f2bfb90
SHA51210b683fb32da57e81f6c1fb243cad1f83d8de7cd389781af2551cf92f4bcabfcf7e7d99294f3bd8c86d76fd95cbf42ad0dfc31dcabaee466046c5e3e46c9fc45
-
Filesize
2.1MB
MD534a47d34b3c2907d88f959c4980b8eaf
SHA145d3916a8da59b805d67bd18e55b0026370ad5e4
SHA2562abf2b931396f7de2cfb185355e1156e8d767eb15dc752075803c7e008df04ef
SHA5129db7f39e1d5db6324e90a84768fcb61d780e91c43b12f3b2f329d265bdc904181eea6c1849fad02baf69a2231e01b0abaa3b523cb004f25f5fede67752ff373c
-
Filesize
1.8MB
MD5b5817b074af72b714d55b9c43ec13524
SHA14b4268e371602187985748779a160fff1e9b2e06
SHA256e9437a321197ac626e7ca7dbc26702869e98c16deccb6f7784dd96b52a09fb5c
SHA512e8b966c65085159ff7d7ff7f60ba2316dc4eba93805e2b24ffc15124927114c33309e1a066e43d172b327249c30dd1acfaacac67ba35ef27729d36aeab86f157
-
Filesize
1.5MB
MD5e925c156c6092f90b4ad57d55c31691e
SHA16af1a751b735caeb1cb54b5a9b7d6c12539ef23a
SHA2567b5baeae8c58e012e7937c9da72435f0400e6cce069b256196ea5a42fc0cdf16
SHA5123c433e1750881ca2582ba7feb30ed6bbab2ca939a957970a8d732b45c7cda3d8483eebdd158f86eff3907d6990c020b4169811156acf67ef08388f6d0f231d3c
-
Filesize
581KB
MD55e27e33bb0294b3a6d7eed39f3422dfd
SHA10b58854ca849ed49e729b995cdd41642fc0b6bba
SHA25658848fd45f85433fe9d20a0a8f0799f0aa2362157541697d9304be3513a20d3c
SHA512c59ad854747f9746f66e0354b8294de06f013d37c5abb8867774a771c36ad94441bc741a01575a96b0705fb17c1588f8ed3c4a3a40a0432752ba1e82f5ea30e9
-
Filesize
581KB
MD53a9f74514ca1c1d1ab96a56c41040a34
SHA1b4af11504e1d3cea18a4f801bfd43d1e78fee858
SHA256539333d7f3db5bb523b1696bca23629fd07cc359edb271eaf5ba715d071e397d
SHA512e72e2a69d94cb09d19688da0b0ff0512c44cec72476d7875552033ab97472767fd1e5d9f090c584ad3308e132843a6758bd2082a249299b5c0e6279bd882b943
-
Filesize
581KB
MD54d69a47506587d006b5c567da95e2716
SHA16a357d7e76b1ada515a80aa5d2905b183825d86d
SHA25646a0604d704b94b7e4559881644b40626cc91019943963e7514cb5219a35f8f1
SHA512f1a7c4cd31ad2488e93825168c67291b1d3e7cb72708c7fbe94b342d16a05dda6ee9a6f082b12d999b8435c6120d91d3e1a252791042fe0177bd11ac01dcb623
-
Filesize
601KB
MD5f42eb31a1b86068dd8ceb4a26ece052f
SHA1aabb671db6682f02942f1b063907c92c38e33e56
SHA256b6d896950b2d1aed4efd837a297a9d35534b1c43e7c80aedbeb9530bf38f7713
SHA512be77686fc805eddbb6e14b598e7f31eb6398748627c329b598a5c6f37b34be70489efd7e5851c3cf836f9e33b62827c2b9bfecf2589ff12f0a7446f861d64c16
-
Filesize
581KB
MD55db84ca5b85d70befd67fab7025cf212
SHA1bc2e912f7956232669ea08eca50124d7155859c1
SHA25600331527924faca6be51f9f6bc3062efd7afe486c832aeb71942401ada25e1aa
SHA5129a3f53f7f03e9ad512eed061958165416f4bb05579c779594fc17623c9d953b3aa505b634ac2673e6e1d7cfa0cef0a8006c41efa7cf3badb6d5d5d685a1a0063
-
Filesize
581KB
MD5215d10eccbe658cf0322325466c32a5d
SHA18f62ad759cd2b629d2181efb3a7ee7c9fb8c799e
SHA256566fb14f86c2a3d4f2ec761777af4cd5d69547c18e85f87605af0f026e31f333
SHA512e46674c08fb63edaf4a8491dfa585b35596eecdcc2927462192e8d0f4cba26e673210c9f60682a765c003ec8e5f4374b765c24ee11618f3125b292d4a98f8ded
-
Filesize
581KB
MD511a0fc23c41d9946f96ab7548ad47e53
SHA161c8e8e127b0bd85680a03c30160be3c4d714b16
SHA25659722ca19af466c77c5d0755be0433c57c8e29010742312827886e1afd7f5d53
SHA512a8084e348bb8d6eaf024d9f8775ddc1925b2ca84babbd92365b0d56e6d631354c7780bda4341b96fe6ef3010d1c5e23e89ff9e9a2b99920dec1a78a0d3b7aef5
-
Filesize
841KB
MD5d5eed9d9cb5caed554617eec4e48e3f2
SHA140c3310ed563abb1848998b68537a6475af1701e
SHA25619231242061e33ad5b285a9c9235bb3d13bf182af46087215924f96717e6dc40
SHA512a472c82541e8f987190ac6159a5aa539adc38cc77ef2e1797dd4f94eb57e69d1a134e84a54e854bbee4bf65ae60de9add0706418d9a00c11fe59d5ba442136cc
-
Filesize
581KB
MD59cac92c278cbc6b961500de957db437f
SHA14440392cd5fb2d9f55c901a61ef15d943d74423b
SHA25663469926b87ac028ac305c5d272a0442d93ffe54a656e9e536750367545255f1
SHA512f300f34079977c179ae4bc3f6c869c85e3129c15ffea944b85984dfadb4f00b6f59ea4daf02fd99d0d21920dac46df2d8a20230e367af6190a0c6f9f90f7ed79
-
Filesize
581KB
MD5e5abae358fa0909766e651640a92c93f
SHA13a8989fe4e7c51d8f83fb05033f7b2b268f988ba
SHA25641f0fb9ccf6690fa6ebd621939a3b8df6fe407e8cfa74f999a1d87112720f0ba
SHA51244674f0771007a67a2bb4d0c356c2e71e37b293ac5d9bc09de42e83894e28fbbffd6a505304237d83a857e5046acbcf639c92b5f7373f18800a302aa562afd10
-
Filesize
717KB
MD51d61c3617d36187436b3e2bf7621a5c8
SHA195666073a57979d2b521e188c0a290e8966b1a6b
SHA256c3630277a6300ccbd778dbdd48c3afe4629af3d3088961ddfd7a984710dceede
SHA5124371ef94b6dfbdcb639a69c19f7163c9062354e46b376933121c496d3fd112d2c57ae2214dd68071140c2af0086ba8b19b26b3001c051a99351d35e7cd136d76
-
Filesize
581KB
MD5487882f8b7b21b866e56b481ff8641f7
SHA1e2cb1467581cf960595d25366d8b676795c0035d
SHA256e41521618a5b1ceb0b4b4c71d9a243a28312853383c99c735f59c4a776de002c
SHA512c123216acb348b42e82fcd2e8850681fa5378f6a5a0f179fde9707d04a9d46309aa8c2d319c43d8efa33cb7841515c7f913c4fa0ba85a19587ebecf37ad91a55
-
Filesize
581KB
MD5c900ba685b6863ddb5bf11e2ebf6882c
SHA1f614335f20c872d08cc34e2244500ccd95e8c7fe
SHA2566533342bfea413e08204dede6ef8b4f579696f3a0f6e261284eb3ba2fa1e2345
SHA512c9ff3f5d348854114da6d544403f0eb20377bdc59cb80ba0c941a42d433f1a2f371618d38491c319de7832e38816a7af082f2365d1f309a4c72e42f8eb3b1cef
-
Filesize
717KB
MD5834e026ca463601fd2474fa0f95ac479
SHA1142fccf60fb1f850875b289edcf7a278c92aa269
SHA2563427a91c1a0929cd4a2dc269aa070456e6eeee0d62f5b966d21d031230e1c96a
SHA512169c6f25fea7cdb95bcc32903ab680057b920e0b713998083ab367adb817ef5a017ddcc95d69a66c235c6c2906174341839edec74ab58b0a2c7a485b87a808b4
-
Filesize
841KB
MD598531aa94258d4fe8f52330c79c7003b
SHA11881830d296ab34fe380d441820e31045cbf3e53
SHA2569f7696ee8ef9fd103493f746003b66ce26a07115db539477cbcb151fd4c36e46
SHA51221ab3176cc418a9660f1c495e5b1587e6f3b2879eb880df4518fa89176214b9a0015649787f61eada02632e7de27a1ec78631df9682bf46d750711aff4cf032f
-
Filesize
1020KB
MD537c4a93759c2940c545561f4f877617a
SHA1736b6be75a508f80a1be7cc14dcf096b493b750d
SHA2562b6822634742b18c291b6f3e6582594b0e1fb1eb0d2591497417aa5acc8fb68c
SHA512988737c0f040dbdd703bffa4faeabe15b14e17ff0d15164baae251b08bddb56881afb3c77bdf2394ed13ddccb579acfcc4d33f0a0265fce3f8adbe5140391608
-
Filesize
581KB
MD53d7869919eccbe76af0027997d2bd37f
SHA1dbce7c4687fa3e87367bd8dc402bf46ef61e081d
SHA256722299aeda4e4021d847979f15766abf42d881298bd4c66919b307fedd94a801
SHA51210a36c356ca43ac5aa2687dc9ff62cd1fd35d387944dc8e4eab50799ca4968942373713255efe108531ed7f25064c4e733185a23df19fae21ff08f935041f3ba
-
Filesize
581KB
MD56223c131af80c4d555d2022956c4eff5
SHA16f7de0deea59359f347eae28620a018a127dc13c
SHA2567fd66dfe0f62629c5e283d54a683537b42c55a4dbf2f8638bd954fb733a95095
SHA5126315efca77f0200a5f4589e10ed41de473ff1dc78310f6a442dc59dace50157f42d64eb5672cb9d7a20700a9f22b6621b872b13f922326831742084ecaafc151
-
Filesize
581KB
MD532fdee3c06f4969ce93d5c9038daf328
SHA1b8fb3e74665a7a65d43d8414ed4d8dacd667b621
SHA256e28f11d61208c91b74c946fc0da90686573dfee95cc9c1b0b0a5143837255d89
SHA51260c7a31611745373ca36b38faf0bd20f64fc997153c50060e8fa002f8f640c6381179ceaebfc6725afc7377da8bb3e60c3080322481ba1885f393e84fa3c4142
-
Filesize
696KB
MD5d84cb619eb82e39e72054e6d47599cfb
SHA15eec0a5b13d9a58f2409bbf1b301d50f3b1c533c
SHA256e74d459901a2afb360e9cef4a8f6fcb65fd7a0930a883820bea043f80bcd3788
SHA512c51f31b725e04214abce0bab762f88d8e130a724c9acfb01ee42eaa757a660f1c9a870c5e922119d8969a309adcb561889723d62f2032d009da3d207aa4c688b
-
Filesize
588KB
MD584f01c30ec812d7861a94982b1bab78f
SHA11acafb91f62da7067017bd2660c8f856b1fd4e03
SHA2568bea3706f3f2c64b7259eef2b6e3875bf52d28937f2191ba03132dce0b768e42
SHA51289c2bec103532b4faad5bbc2eee8e1a1d6a3c248404cc1ce86ea37da0fd7abe1189eb05d6e0cacdedcefc8eb0c38aa2ab1272f12f390f930461a30a1171a67f5
-
Filesize
1.7MB
MD5058f0f5a1094e8bf4dca84be5dc26e6b
SHA1b28add52e66a5f0fd5896f06f632936e52dc64ab
SHA256a6453d342aceae6d1cad5c67c9f1daca554b4ac4b06545dc89f261dd111c71e4
SHA5125f805435dcd2d0f496a91510a4b4ef01b2f982df59e6e2e2393456acca636c6f0524339bb5d68f7988714029673540dbb09c622ed94af26e8383d943f4d324b0
-
Filesize
659KB
MD58a5a2b0a556cf3230a2f874367f51c99
SHA1e1864eeda6341b17cd1e5befd74efc0981571911
SHA256b10eaf0aa73587b5fda171e70aecb47bda77f6f559b80b8666e46a107eb36ba8
SHA5126f733bd1d483061a913ca1a0f0a61ce841015d884587ed1dae308d4cfbc4e79e5ab56faa97b0fbf640084d18517b57f56eda57f5c422640972785d171fcc04d6
-
Filesize
1.2MB
MD54164238efda3242459a2178d939d56e7
SHA193ec0b9069926df9b0b1c8acf958b1a61cf6518d
SHA25684fa9b5222ce9fa28512be92344a456f1d90cc253c5ceef7ddfdae8285b3d48b
SHA512a7da8e41f3cc05743317ca33e85047ee2a42608ccf56580cd10a0c6524c0ebc641756850a9c402df300a79d886a420f85896a97f0213d5034d35af0160e4fc9c
-
Filesize
578KB
MD5047d3e7e33133bea6786c93c08bc6670
SHA183c3693dd574139338c4b0124f5c86c8a21f8971
SHA25686da435a2fefa48e57a9b34ed7a9c590c0ba2e9495e6ca750d2610780d2da5e9
SHA5127532bbb130640378fb473598e5dbe446fb0821decff5611b30c3c91a03f00d44679166b9205a6559a0d80e212c8e1749443b24c22b6f006497824688f1477cc2
-
Filesize
940KB
MD578462d9e56617379cd1b5e7a84c70935
SHA1b65860472e1d85b8276056300103589aa4f07182
SHA2562eb98dbeea2002a8c8d05a8753c65dfcfc65e22b7e36515a751d5cec4ed7ff0a
SHA512f7fe010959bc39479db3f42aac65f25ad31d6db9f192030961193e1c33a3e5aeeb5edcf770ec759e08322adec75fdd0ad1d5ec0ddf4d2f787a6a8c9005831ad7
-
Filesize
671KB
MD5d4a055fe57f3d67bc3afd178ed623981
SHA18080cbb48da23be1a5c837359f427d0843daa8c1
SHA2561be305fbb88752b1d5baa4d4901b8f149c14bb1b90c816bd36752a27d7ec4ba0
SHA512563156f5c37f0ac21d27cde315bc82329dbbb479cc74c17dedfcdb15d36cbcc2f909452c6b0260f66ac89230d994bd8d3210d6ffc2ae35e410825944d75ed1cc
-
Filesize
1.4MB
MD58bbaa86a481eb11e0544d64237214e6d
SHA16bada0559fa30aa8d45e9db99445cb0021fd50bd
SHA256aaf1f0aa9505dc387a106fad98199f4ec63acf56b5d565ab10058abfa46e9ce5
SHA512c288b61bd37a0ce349221db7a9a6b52cfefdb31327322711fd0371bd08f068ea7084393d1dbfcd46d8411937c425d084aa42f63832b34e8dcf1b39780bde3eae
-
Filesize
1.8MB
MD5b809274758730007285fe26f751da2f1
SHA1e5ad93c638eda285a06e1085c41b228c97846063
SHA2566ea0cc3831972421f8cf2a75e170813cb8063f9b514fc26d165eecad5488fda2
SHA512473aa883cb10220d427eaf24603ca5f4a167c29f2277695c88ef828e9cf711ae906fda78a3ed2e671ad574a2a272901a798836cf58d3a98b594b17ee1fb0c376
-
Filesize
1.4MB
MD5531931f9d3ec419151617917e436cb71
SHA19ecee6580b981d0975c3c9df52b05cfdd7167a2c
SHA256f3dee5896bc9e79ccee007fb8c50ec00a36e81abbd6c965f8641b1f59374c043
SHA5123ef46704f854c982c0fadb901887185446a0603f657da6c9d5f6817e925f3130e601804a8d5ed8d4689d63d37d8060c72277cce9408b5cce1196c9f03397444e
-
Filesize
885KB
MD5ca9819f82ca91e0ea6a55c70f65b35de
SHA11bc5b7d1558ce057b0dbab97bea1f73ae5250ab0
SHA2562784158d4080fff83c7d6c7d6adc02b0ff64439ac8f760f3f0879ad99752be10
SHA512e00b77227ad50f7d5d5d796b35da9090187b5c5029b4c313406d86654480e1cb2941b578f55d77ecaa20b79bbc35d11fc6a396585c6798ee84c58728aaf3ec35
-
Filesize
2.0MB
MD570ad44ca04775567ccef757c802b7814
SHA1f7971d19cc9731eb93fb5c35bdc85bd8ec8ca672
SHA25610b191687d04996672e01fc7f1740c7979a853d8ae8428d47e6cde421c857b85
SHA51202f2f8c06bbc00ad6a900d8bb52c6fea0729e52dca46cd37e98567550b830b1a6f3ec747a8420b07ed6f3e6909e88793e5c8a1870e3ffbe4f953c14ac03479a6
-
Filesize
661KB
MD54c9de17f44773105f38f134162861b12
SHA175a5d0e791dc911aca4d87b4e640bb11b9064b6f
SHA2564a0d15c61a86d53e01fba6edd34fd2e5309552af81359d546e6ab39056c2fe95
SHA5126bbef5ec1a6011b5707c090579403f927601a0cf0081f89739296b0be6788049d3fb3f2704a7396f1e717d1895831937a4ace604a3193f8a69324e085eccbdb5
-
Filesize
712KB
MD51b4850f3113e0e44adba66592cb7e079
SHA16d385503b838baf540d7e02a34bb8aaf5eddd15e
SHA256bc52053bfc46529ddee9a3b12aa392fb8071681faa0b62967ffb3944d0e82f8d
SHA5129f77ff4dd67c6b80f6317e7e61a1bcb6b9635fe19f40c907c2bd64e74953ad0775c66e6d081a3083b07717be8a487a45142c45af0e93355b6d6ce5f9ea0e5029
-
Filesize
584KB
MD5815f71d35455c1e9e0a515f69500bc28
SHA172e70fe8c2dd000e88350f9b1020f4f360af3d49
SHA256c012fe3b9b7c303a63f0ee9d717afe8e53edb8b7324bf5142dd753f899a5550c
SHA5129528e18c3f6ebe16a4a63c99a56961e1933a2c6e0a0a1a9f8b1284618a4951709ea3e295ff7e3ce54354bf9b61e9b751b98973350da4f8cb873e4fc6c74cd188
-
Filesize
1.3MB
MD5b69280f67062d52d6115ee73e7826598
SHA1502ed01ec41965dd99460da992d060d67526037e
SHA256376d0f2c3b855ecbde4cf82d112a69cc2264427d7f3d3d89003cd54299ba095e
SHA5124176a500d8d4a2db142883fc14f19ca1a263b20d96a0f2f5936d15dace4aa042518d30e1b5082cbff47fd239526e2342253a8e374e48d815e73910655c734fdf
-
Filesize
772KB
MD550d55196b5f0722146129847626cce75
SHA184630238890d32c3dbfbcb632db4a07890a7e904
SHA25634e7f099cea710a73ca6dce4ca826c11d39c8bc3d677ad86cdc3a88cc04b84ab
SHA512ffbaa7e4c23dadb7b692608697da82ba36f1781f79c630dc62392ac56d7ed7887cc89c34d88df67ed7a6cc125ff7ff3b81054142171aa2f67dad7fd7bd556460
-
Filesize
2.1MB
MD5cb893266ac555ad44b82953462685b4c
SHA157b652e96b6441f2fb2d17f7e5969748225ed643
SHA256dbb0039fb9f71a7465e2bf38ba93b894b5833047b09ab4b0aefbc50207265de5
SHA51257837b2af7370f0f61d22de32b2589160bf4a65e27b1d1648d907adf539e7ccbc53903e3c3eb50d5e00e49b40363ffe13d2213780e437daf71e0870a70c53a44
-
Filesize
1.3MB
MD5265f0871cf0e5e671a34f46e2f99f302
SHA1cecb6d530ac0efa20ea663d0e4b1f002b61622c2
SHA25653582b9b140ef26d33d01217e62b9f617e8a963c723ac113ff06159847b86e75
SHA512d692b56b957889137091c01ec21b923e423226289e6975157ef4e41db4608ca2a93bc03435812d1ea2ec3f786a5b09432ffcde89bce4ae82f5df284c521de8cc
-
Filesize
5.2MB
MD5d833f09f5f7f29d8a6eb8be8578f528a
SHA15e5c93ad8d2fd11b7b11c22b11ef994244ce6ad8
SHA25633a9380c3af04619ae25919dfc4658158fdea6b89fbbea36b82a18a1076dcf15
SHA51247a5b35b4c990d0d493bec7a1607c216d9ccd7b8d00d6b463265f81c4386c32651e0a3ec0b1d1a4119569b82a035cb2003e505a1aeff11e9ec6e66d869eb7dba
-
Filesize
1.3MB
-
Filesize
1.2MB
-
Filesize
1.2MB
-
Filesize
740KB
-
Filesize
740KB
-
Filesize
1.8MB
-
Filesize
1.8MB
-
Filesize
1.0MB
-
Filesize
1.8MB
-
Filesize
1.8MB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
2.3MB
-
Filesize
384KB
-
Filesize
2.3MB
-
Filesize
384KB
-
Filesize
2.3MB
-
Filesize
384KB
-
Filesize
2.3MB
-
Filesize
1.4MB
-
Filesize
684KB
-
Filesize
384KB
-
Filesize
684KB
-
Filesize
384KB
-
Filesize
676KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
676KB
-
Filesize
596KB
-
Filesize
596KB
-
Filesize
2.0MB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
828KB
-
Filesize
828KB
-
Filesize
604KB
-
Filesize
412KB
-
Filesize
604KB
-
Filesize
2.2MB
-
Filesize
384KB
-
Filesize
2.2MB
-
Filesize
384KB
-
Filesize
792KB
-
Filesize
808KB
-
Filesize
808KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
904KB
-
Filesize
680KB
-
Filesize
680KB
-
Filesize
600KB
-
Filesize
2.1MB
-
Filesize
1.5MB