Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2024 13:15
Static task
static1
Behavioral task
behavioral1
Sample
a5ba3aaf70cf578072d054021eb44115_JaffaCakes118.html
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a5ba3aaf70cf578072d054021eb44115_JaffaCakes118.html
Resource
win10v2004-20240611-en
General
-
Target
a5ba3aaf70cf578072d054021eb44115_JaffaCakes118.html
-
Size
65KB
-
MD5
a5ba3aaf70cf578072d054021eb44115
-
SHA1
b7da6b7d5c098f3832563b18072cf020a61c9369
-
SHA256
c5e876ea11fcf8150b2d7cace14c3571f32a0433920e1773d90ed41469af13e5
-
SHA512
35bc35ba9846511795cc9157b16a78ae45a53a37a7b79e8302c1c16f26b0552294175d86d16fdc2bdd25c9d94c89856694b3fac145b0bbea665c2d47a27d25ca
-
SSDEEP
1536:WL2i/juqQhtmScJKOvyfDh31Z5n0bIFe6WErUJ2EweFNVL4c1NtoGZUxmUqNbrZg:WL2iKRcJKrbh31Z5n0ZFz1NtoGqxmUqA
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs
flow ioc 13 sites.google.com 6 sites.google.com 10 sites.google.com 11 sites.google.com 12 sites.google.com -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 1020 msedge.exe 1020 msedge.exe 1380 msedge.exe 1380 msedge.exe 1068 identity_helper.exe 1068 identity_helper.exe 2612 msedge.exe 2612 msedge.exe 2612 msedge.exe 2612 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
pid Process 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe 1380 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1380 wrote to memory of 3752 1380 msedge.exe 81 PID 1380 wrote to memory of 3752 1380 msedge.exe 81 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 4812 1380 msedge.exe 82 PID 1380 wrote to memory of 1020 1380 msedge.exe 83 PID 1380 wrote to memory of 1020 1380 msedge.exe 83 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84 PID 1380 wrote to memory of 2708 1380 msedge.exe 84
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5ba3aaf70cf578072d054021eb44115_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1380 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb16d946f8,0x7ffb16d94708,0x7ffb16d947182⤵PID:3752
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:22⤵PID:4812
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:1020
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:82⤵PID:2708
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:12⤵PID:4244
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:12⤵PID:5104
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:12⤵PID:1536
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:12⤵PID:4056
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 /prefetch:82⤵PID:4516
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:1068
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:12⤵PID:4084
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:12⤵PID:4724
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:12⤵PID:3844
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:12⤵PID:2128
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,8627119279850487136,3519755126106366447,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:2612
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2516
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5048
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5dabfafd78687947a9de64dd5b776d25f
SHA116084c74980dbad713f9d332091985808b436dea
SHA256c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201
SHA512dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b
-
Filesize
152B
MD5c39b3aa574c0c938c80eb263bb450311
SHA1f4d11275b63f4f906be7a55ec6ca050c62c18c88
SHA25666f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c
SHA512eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\25599a51-4426-4d03-b8d0-aaafe7217baf.tmp
Filesize6KB
MD55fdf226e5a1fa2c845401caf4e0e1dc1
SHA16b801b8671cb5bc841edb42dd90860e762eb0cfc
SHA256b65e5fd34093ffeceae0e29ad011cfd48cbd2676bb600537c43d5217deddc7c3
SHA512e645378588793e04addd7b5ac1ada7bba62f7680cecf8896d2ae45fcb2dc9e629cf0bc90b5fc15fd81bcfaeeeb3245ed3dcd4d2d9877d2766c667ad75f2ce631
-
Filesize
23KB
MD5e1c71f7c04be834f5587230db2ad24b3
SHA1f3bab9cb99d9f343bf7ed3981aaa7450515d2424
SHA2569fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899
SHA512205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize192B
MD564a8caa5bfd17e9570006739ce6d45a4
SHA1e0c4f2da8d6658ec6eb7a6fd97063681b656d775
SHA256965c16a2e9bdb9251c5b56c7210e76e0ce06725bfdfb9a325fd30e53c2b2f228
SHA5126f16e8d553f9ad33e890ebf4a1a975e48e94fbbb1bbdda5de6245a8d5ef2d5ff4759f3d82f73a77ad75cb5039318e726cf73ded21925631d5c0d2702c7ac5516
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize168B
MD558360c2894ffde70e5b41c3f82033b24
SHA1313c942a9098c1af12f072b18435db8642e2f9bc
SHA25687131d51b03fba138a6629580ab4749a4215cf8b11e861a2f934e12df79fac34
SHA512ba04730e327aa0b8e65b73f78d1cd6106877302328aee97eef77649fac0bbe191946ee6cb07ade12af6c59735d83b6150cdc2dd8b5574e46859e00250a7752b6
-
Filesize
2KB
MD508a0fdde4982af1c228769392db04799
SHA17a83dd66986d35633d89e55bd6811f624df9962e
SHA25650d4fb1e00491cd9a2c940c8426514b917e650bfbb4b2dcf1bbaa1b27c24c1c0
SHA51227f981c6e74bbb0d2f2346cfc54777c7b40cca1806e6f6d2c04f256b50d6a6c0ad42862b286edf0779834b4fc034d06bc769951d6e2cbe7fee3fd781926d3a34
-
Filesize
7KB
MD54fa15209446a70f3be97aa4077a09ec5
SHA1e42439a9d9a265ea3c973a3a111850f6cf38bf23
SHA25621d2fbbd326795a62bd416157623f83535fc0960589b79e4c219c04133964606
SHA5121bbaf8750ffd54cee5e721b09d5c8e4a574e25e0b4f5abd3c469377da16b58f46532519e1be66950297d51f12e50debafe3c075a257e1f79fab6586bd8bb1c42
-
Filesize
7KB
MD5bc15041c4ec992ffd0067d0fc9b2a261
SHA16e2a61fe5e1ceb69e67fd556dca4d48ef630ca48
SHA256132d5d180eb2dc099158b2f8ba44a9d5f8647bd5db9245fdc3e19bc68c9a21c1
SHA512cff38b44a0528d5aace62bc56d0f7210bd6274cb2f3ec72f06aaf90b18ecc193197bac74ba0f62264a12ea9f5dc4a13870f7de026392fb833efe396bc55e0ada
-
Filesize
7KB
MD521b773572b92fa069b9dc0b88d2891b2
SHA1e96afb82ceebd8472ffc7f4fcac06d74541db42f
SHA256b53a1c7f727843f7e2e90e0679efa840bd9b2d2cffddf50c0e35660ca0699b65
SHA51206d04f76cb36c054b536da88e4b5cee65cc1b32b191d9d843f793402c9594212c317b2832450a13fffa88b735698269a5ea70564914a7aaff2b7e62b3885c629
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5455e430f369100b201d8c0e9be3666af
SHA12bf33306477c9bca33e59605cbb1e13519376935
SHA25611a439cd3be12c277e23f04e6ad350770263c8c3f9e5d063efc6191b32bc2f6d
SHA5125208bdbe67fd5e19bc8f91a0a59b7fdfec9f6e0a5d38ed501e82eeff00526bc43eb1a5ba9c0f2efc3f925087bdacfc85316e146b6500018588932b378b92c17c