Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
145s -
max time network
141s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15/05/2024, 06:50
Static task
static1
Behavioral task
behavioral1
Sample
44f7dce2921ae5a3b62b58dea016ca03_JaffaCakes118.html
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
44f7dce2921ae5a3b62b58dea016ca03_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
44f7dce2921ae5a3b62b58dea016ca03_JaffaCakes118.html
-
Size
175KB
-
MD5
44f7dce2921ae5a3b62b58dea016ca03
-
SHA1
12d1798684970aa9f89f0c03a0c38644504883ba
-
SHA256
46b195148f9c2a3e79e01ad0d1a2d9284e17708522b6db59122f14947a7b0e1c
-
SHA512
e373bf5516f3f733031a5395296a3f3f102faa1bae39615e6938ab72cf44197db60235b4c2a5fb10b2c0627409e71e981263bc0fee7ae7d67ff1b3f0ff1193c1
-
SSDEEP
1536:Sqtz8hd8Wu8pI8Cd8hd8dQg0H//3oS37GNkF1YfBCJis9+aeTH+WK/Lf1/hmnVSV:SOoT37/FgBCJiVm
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 3932 msedge.exe 3932 msedge.exe 3276 msedge.exe 3276 msedge.exe 1016 identity_helper.exe 1016 identity_helper.exe 4996 msedge.exe 4996 msedge.exe 4996 msedge.exe 4996 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
pid Process 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe 3276 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3276 wrote to memory of 4456 3276 msedge.exe 82 PID 3276 wrote to memory of 4456 3276 msedge.exe 82 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 1652 3276 msedge.exe 83 PID 3276 wrote to memory of 3932 3276 msedge.exe 84 PID 3276 wrote to memory of 3932 3276 msedge.exe 84 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85 PID 3276 wrote to memory of 4876 3276 msedge.exe 85
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\44f7dce2921ae5a3b62b58dea016ca03_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3276 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff956ee46f8,0x7ff956ee4708,0x7ff956ee47182⤵PID:4456
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:22⤵PID:1652
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:3932
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:82⤵PID:4876
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:12⤵PID:2772
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:12⤵PID:2324
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3076 /prefetch:12⤵PID:4440
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:12⤵PID:3888
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:12⤵PID:4348
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:12⤵PID:3788
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:82⤵PID:3336
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:1016
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:12⤵PID:4472
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:12⤵PID:2180
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:12⤵PID:4040
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:12⤵PID:2000
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,4931118103646269169,710559295969997915,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4612 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:4996
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4388
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4820
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1904
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5ce4c898f8fc7601e2fbc252fdadb5115
SHA101bf06badc5da353e539c7c07527d30dccc55a91
SHA256bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa
SHA51280fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c
-
Filesize
152B
MD54158365912175436289496136e7912c2
SHA1813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59
SHA256354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1
SHA51274b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize360B
MD5fc38c4681a06be4fa3790abec949787f
SHA1119e72de106d97f9570572c970ba8d7b22a0180a
SHA256c4625aea3f70870e9afa9c22388026060e7124cb082ee3c71849fadb2a94d85c
SHA5127c1272497be7da8a22033636d0697db99389cb966a13dfa7159b431f74619cf7c07b05a31e6ea6fbfbcdbf01236406f7c9358e4eab58de152c9fe54dba107a97
-
Filesize
2KB
MD5ea3b8c020a90283e8477d5fc4afa7526
SHA11d0aaaf02bf06c4514444e01823f146b01feb5c6
SHA2566fdf38382dd21a98e52b2e819fbaa99cabd8505ec13b1bd0f128b58710c02312
SHA5129966a806a4f7055c8941e9def03a0160767d6263cde20626d2104e978d9c7160a1a45a9d1572fa3a4acb61275d7477ebe94a2286409e029aad056cfabb6951a3
-
Filesize
2KB
MD57038106dc20534bbbbd56fea7ee79059
SHA1af29ab455b8a2391bc2e52e976a24722d3871727
SHA256c872569ef764342d9b0d49f0fd5a648b1741c5f3d83f5f5a8fb782989eb56702
SHA512f0e234f10a10d2fab7d3b898fc7caf874c4590e03557b43281e2d73eedeb2e953c4c8824564dfd2f7704042be5005d6075fdf710ec9cd94c93a3671da14ad842
-
Filesize
6KB
MD562a50f823956987e0a186e03d962fa65
SHA1276a188d01b4c73bf846c00406182c8f0597004c
SHA25697ca34b90779508b9ef960d19354d96092853d27e65b4e14ea552363e4779b43
SHA5127b6185a25f5ae2963624203be8a72bb557bce8bf96be417e590803ff09e5fe1eccd18f7a208b7682127af8dfb7ffa133cc6548ea20fc28f58000647eb1c7eff0
-
Filesize
7KB
MD51d5648d59717e2c9bb33deeccde17b57
SHA1e29ce697db4622150b4d39ff51977387729ac19d
SHA256bbdd4fcfe825aec21ec4d7d9a734cf531dac9daa5f6e81b17688d5e191f82f95
SHA512af88c4fe269e3d4585a8008905edf4553d6bfa6d4683d485e8d498c9664df2b17ebb6e16a8bfaf670136a68d5b438765267d9ecab4a7b2f7e35f2d823d27b2d1
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
11KB
MD5bcbf3acfe13a6d39f95e64ac51d71090
SHA11605155300694e77bea8c6efb4900ea301065ed0
SHA2565730b14b48789680fda73eb5f2ece82280c73d7d273bc003ee53fc61d9b0b2d5
SHA51259698223ea168aed8e0fafa859a4dff0af4a7c8d687eb26bc2f97f70d60c2033288ac3f572afe8c1ddd2ff106396cea52d1e63dee1a36766ec9b4a14b9e5ef66