Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
20/06/2024, 16:12
General
-
Target
079f56ead49c756a3b3252c448b9ffd5_JaffaCakes118.exe
-
Size
826KB
-
MD5
079f56ead49c756a3b3252c448b9ffd5
-
SHA1
591dc67706272cc3301c19bb96b10d22e6cf5573
-
SHA256
f75b415a68f6d0b292a9f7f2a77bbdb5ca23a78bffac69665a42a7fbe57577e1
-
SHA512
63483b8d3a4325cf7df0d3ab1cff8af1ee7bf891e9f467771ba58441ddcdd27c06898472ada9ccab9d25d9b2a479204a2fde47876484dbace6982eb663c18b92
-
SSDEEP
24576:mKsoFg9ZYBcIZld7XgcTmFZO6mYeVfuS/t04u1:IoFdcm8O/hnF03
Malware Config
Signatures
-
Drops file in Drivers directory 1 IoCs
-
ASPack v2.12-2.42 1 IoCs
Detects executables packed with ASPack v2.12-2.42
-
Checks computer location settings 2 TTPs 2 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 9 IoCs
-
Loads dropped DLL 14 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object 2 TTPs 1 IoCs
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory 8 IoCs
-
Drops file in Program Files directory 16 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 16 IoCs
-
Modifies registry class 42 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\079f56ead49c756a3b3252c448b9ffd5_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\079f56ead49c756a3b3252c448b9ffd5_JaffaCakes118.exe"1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\m4.exe"C:\Users\Admin\AppData\Local\Temp\m4.exe"2⤵
- Executes dropped EXE
-
\??\c:\MP3\svchost.exec:\MP3\svchost.exe3⤵
- Executes dropped EXE
-
-
-
C:\Users\Admin\AppData\Local\Temp\soft256.exe"C:\Users\Admin\AppData\Local\Temp\soft256.exe"2⤵
- Executes dropped EXE
- Drops file in System32 directory
-
-
C:\Users\Admin\AppData\Local\Temp\cnnic_1009.exe"C:\Users\Admin\AppData\Local\Temp\cnnic_1009.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://tj.kmedia.com.cn/new.php?agent=CNNIC1009&version=1.0&ca=root\kdnic3⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0b4b46f8,0x7ffb0b4b4708,0x7ffb0b4b47184⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:24⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:34⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2576 /prefetch:84⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 /prefetch:84⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 /prefetch:84⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:14⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3160 /prefetch:24⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,18075793550805848336,1017492860389384046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:14⤵
-
-
-
C:\Windows\SysWOW64\setup.exe"C:\Windows\system32\setup.exe"3⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5208\setup.exeC:\Users\Admin\AppData\Local\Temp\5208\setup.exe 000108024⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
- Drops file in System32 directory
- Drops file in Program Files directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files\OCINS\idnsvr.exe"C:\Program Files\OCINS\idnsvr.exe"5⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
-
-
-
C:\Users\Admin\AppData\Local\Temp\5208\loader.exeC:\Users\Admin\AppData\Local\Temp\5208\loader.exe4⤵
- Executes dropped EXE
-
-
-
-
\??\c:\MP3\svchost.exec:\MP3\svchost.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
314B
MD5b4a2252bc27a6e5f54a3ba04448fc7b1
SHA173a646ec50689b1ebdc3e3f97f2e3e8cb19229ac
SHA256fcd41a93a6f9ad38ca3135b06bd0ce84030dc3b45780cbbdd761e840c4ef2c7a
SHA51223a5923b4eb938fe2ddf1254e003138909b1fd1b7f3ab0f7e04542382a417b9d34cdbe0d3c9a0b71e9149b4153e70c01ac335e7b95e0ca3f8fa73d026d873ce0
-
Filesize
301B
MD592c547117bf04280e270035e21cc1429
SHA1d302d250e7ace0f9a39c7bee14ede6e08e46c41d
SHA2562574cc7bcb8c07977619f2b9fff5f46df9b91bfd378a286077a33b4539eb87ee
SHA5128d9d29f9a036ebc46d42b99652fe9b9c0319b1f90527978e243a2384dd2f7ea4519adf2c3b35dca546190c5f7aa1ae4833811eaf4af57e990231c6397ccb9584
-
Filesize
34B
MD5d2b2c1ab03ff9e38269cede40bec2764
SHA1e3e5f0d84a291a6b8eae570ae580a1fa3fc46ab5
SHA25690471c14ac28a1b54f7574684cb2bfba7c74051b4dee922bcc264618d4b001f9
SHA512372536773b80bcc936499ca55363fb803552137190c35057f9c9a9c786b358d5bfa2eeef5db9b11d86285b35e0c13fb4a868bf7028219bce20bdb0a514c60108
-
Filesize
152B
MD5f61fa5143fe872d1d8f1e9f8dc6544f9
SHA1df44bab94d7388fb38c63085ec4db80cfc5eb009
SHA256284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64
SHA512971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6
-
Filesize
152B
MD587f7abeb82600e1e640b843ad50fe0a1
SHA1045bbada3f23fc59941bf7d0210fb160cb78ae87
SHA256b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262
SHA512ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618
-
Filesize
5KB
MD527ed3d0acca649b1eef51380b58c69bd
SHA11c2a8524832ca4cfe9369cd240741d401e1e3c56
SHA2563e4ae5d1ba504ca6da6e1b3cc78b9aa4e56fdd8d7086e66bc0f580dc09e32814
SHA512461de41f50b3b4eb51c7be794c67c654793d4934be6b3f2805be2d6dc45567765dd494866b15bc284190ee018c1bf0b15423d7084d13c2989285e7c626dd68a1
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
8KB
MD5cf031d2a2211722f76fc392caf49851c
SHA18c405a97fb79dd343f18360efa6efeb3dcb0d29b
SHA25604d22919e12260c0e34d417bff61d7f4275d7b9a6b4bea3868ab997f62b5cbb5
SHA512765486e17d7d3b47460779d7f0cb69caf9eac423b8f31d7e6df3370e5390e63a7d9aa64586cf3ee6e74b5dc79f82127dec4d45ea0ad8b146bfad9dcba047ce89
-
Filesize
72KB
MD59f230f967a8607b7565cfcb83d963a96
SHA126d9a68c80bdf295fb77c13da638f5a837b44f65
SHA256059c575fd355c00fb43f011dac04be452fb68e2e389cff5db5602ba59643c8eb
SHA5128b574cf07124dbec0088ae967814063bd0a4ba0e5f7cb958a990c5a671d44aa7fe26b6cbac793bcd8805f61801d1e0cdeab91b04430d5ece41e336de7b57aeb0
-
Filesize
1KB
MD58d7910052a4a6c16c546852504a12d01
SHA1e6457a970120eac337833923227f0ec5ea413f28
SHA2566fd2b3b8d66aeca486e5c7a62d5b8d065741e6921920bcfc49f5b07acce94774
SHA512900e11b325ebf6a2af6045578124e75d440148123bba0e4f283dba3a4dd6248375beeb3818144923d167ae435a6b7ed2325922c2696248d1588d4176d23d6530
-
Filesize
183KB
MD5b06090ee2881c1bac0d275b17d140d3b
SHA1f319594ba026cac467da265d2a87c76168fe5375
SHA2565e582e17a9c787cc717a61b1bca96c1fa13919d57241040998a0b994142ba482
SHA512666deb0e4d082644d62f96a1fb9855212f1db2dc717d2ac54aafa7822269e1cfd222695f04addb2ef49a8d51d93cf827837faf6663ed15a278b0bc2a43977c23
-
Filesize
72KB
MD53d8a11f1dc9127afc415a3c5aa0f4ab8
SHA1fd0773db131ed9ab5a366e0a99a811d4fdd683cd
SHA256f2f89bedc3a84fd261910c96d07219985db61f2e7d23bbe52cab034e3b52dd28
SHA51219dfbb2542335fa10e5f151143a414623d780105ee424f2a1245f5ade5b71fded7c2559b35f7acb4bb2c76acb70ba2b3f46c97812241c9b5297de2416e4aab3e
-
Filesize
1KB
MD514c13b0909bd6605a3c00bdf8fb76c54
SHA1479e4599fde1cfbc76cb472718595aa2ca54f2a4
SHA256462820dfc6b5465d2e4aa64e039efc1baac86cfbd5a5170e4e36e25ad11487f3
SHA5121d51e6a25d6713a9b77e8a083fd196921fe25b30c008cccb1766b59939e325f6590f80802f1439b7edadedfd6b0dcabccca5ed884f3239684bb7afb61115daa9
-
Filesize
124KB
MD5bc69dffa76af3297b653bfc814f7b87f
SHA17f1284aef70bba9ce2756b9d43674a41f439f717
SHA25666a977915f1fda86d6a8e3e6cd3372aa61908ebd1d198931d856298c3430ff61
SHA5126c530b229fde28544cad846800df291d982780655eba7e9d1240e9abebb6253be4247949e9aa5bd325e2b8b6f84b2c732e441bdb6092e21a623434293327138e
-
Filesize
68KB
MD557b46fc2b9cb59275cdcfb5e1722f48f
SHA1e984165bb7b8b9975d7c4007cb2b37c384f322fd
SHA256db16cf6625fd786d0cf6a4691618293a8f104f32154262f4a7bd050f953f7bd5
SHA512ad29ac58f2a9af5690a65942a4458e44ea9844aa2bcd775c02a5e66f31c2410929bf6044b6f5313250f4ddda0c06bbcd66d6e0d93f4ba34e6e8cda0a33e3c6f7
-
Filesize
148B
MD5b2a535b4bc451c8235816ea28ee6a985
SHA1cce08821e54ba633edcf454137b57c825ccb8291
SHA256f74a08e780a5d72c3e85a267209053a2261b50b306089ffbfa9925c65f386843
SHA512e2ec531c50853a6b16781927bdbc1452e898e76dd10afbd20cec6e2a323a4d821a492a185740690c289014c2b99c074cb8235c0fbcacc5907acaca5be564a314
-
Filesize
76KB
MD570019002fdac4580e81d7ff75fb598db
SHA153aeaa509dcaab85faceb62610226e6b8ff1f1c2
SHA256573fbbbb4ef33a6962295cc45bfc80e86e590e4ebe4a26183339c89b15987935
SHA512105a3601d23af930abb6c94aeaefb239b42fe7eb8fa451db09e207095ccd5cfa71c7703942921bede3a3f9f909f50b1a4219587283635218554bc8b40562995c
-
Filesize
83KB
MD52312b02cf8c50bc32cdb0686a9c3ac96
SHA18461152d2c7cac6ef022d1bbbf37a51d5643fc0a
SHA2563aa5ff904e88601e6b7bb2d35f275f4a58486bd0e61cdf160cc48417bc6a529d
SHA512550ff69969150b5ceb96a169eecaacb1fc8c1349fd79d2137683c2aa1da6b46d724c03c3a58f84edc4b8b860e04b9f077c233c35a599f5a71c70acf7c13982b5
-
Filesize
179KB
MD559edc983e52851d195e7c61e8efad602
SHA11dc1ee794381fa1b5acce47edb051208336d8d1e
SHA2565afa252752ab6ed4df37b46833cb35274c3755da48d73171f352caee9ba3a30e
SHA512e78e75ccbd86b2e887a95e6f6c0d904c9d1b75de9c83d2a3419165541b2120435e8ddb322b8d5c5463f97f2f022896a5c434367c798a36062bd3a884959585e2
-
Filesize
16KB
MD59257560aab0a5993cb6b2cb533b34511
SHA14debfd9679a4c64395cb4c2beb12ec83ca9b41a5
SHA256538cb1597ad80408f10cb487b58508b4390f22e5e1e03cfe01d6c94a0a3aae25
SHA51235949b5c23d1767f998eed59b300ec5078f7bc425789a2cc6975aa962cd641eb465fba7a9cd4b8fa11c71d9f7c1e4ea842dbc5b7512fc63d5be42e7d11029f7a
-
Filesize
104KB
MD5c8d32d9ce600888693ccb1864bf6bdd2
SHA16c2502e847fb3af8e3a175c9d1e4fe3ca547fbc4
SHA2563f29dd5ec4cc26eeabee3cfb0c5f9e7db30fc26840004e5c0c640159af80149a
SHA5129d5657e5966cc86eb47e206256d89723b753cc6975393a5c107d98571466684f4526e7266f8eabc547aa72eb838ef133ca2b828eca7dadca0141a6772d9ab34f
-
Filesize
92KB
MD5088efc555a77d8d35a9ff367ca48d86f
SHA15c016e6df88e1b99cce466416e1468d5218a8714
SHA2564390163d8757c37885369d90071955de6c5789b000a351698042ba18eff34f05
SHA5128c3a43936600315ddc6b3fb30aa963c91ea7752c0e9b7f1b2f0584e9650da44bc525893877672efae96d804ec4530236931812fa9530721090990b8547cbe6b5
-
Filesize
28KB
MD5a4bf929fdcb401b8cfd9fd212686907e
SHA10dc1a0e285c94dd4ec57cc7e72ef1623d83c0abb
SHA2567b8fa22c5f80b10ddb5fd7932c402d78e24751ce9b86af2df65530f576572297
SHA5125ee0256db29b77fc96267d83580863a9082fbc735fcd63b5a1fef4d43699d6a1b8727633f79205d2e58298da7d9bcfffab61f599e698c9d1408667b615f015fa
-
Filesize
144KB
MD55af44e42174649b95758b0e5ef79adf6
SHA154a46171e18e28d209323816dc75d73da1b019cb
SHA256b8d2d0987c28cc8385930d97c2cd40003673977d07ae2f336a1d9476d9b2eba6
SHA5121f5ae69358b424408e196bcee452b578d653ca908b1d2e0a89355529268d10830951bbda575af0d7f129ded71daf3b1d43f117cd35aa2600e8253f537f6b3592
-
Filesize
479B
MD5b6dc48b82c701dd676c4350890534991
SHA1c56c8c37152b509b5a4ee73bad7d2eb409ec3dea
SHA25646568287f15cd3fbeb8458938c55b898624dc67213c67ee8bfe3fe7942218421
SHA51218c2030012612500b152e7c9cacce062dbe2b1b796b4cef4f8ad008ca37fd72a2204ae5167dbff1aca0f5adff2694aafcadb4cacb7a48cbe782f88caa2ac7302
-
Filesize
413KB
MD56401dc5833d65f4d95bd6e8f78fdf8a1
SHA11efd3bb9c4c47b2fa6ead197fe77716ed2bb5c91
SHA256ae306c43432223f40d3421f571f583dcd48a6df8f7fccfc0b23a6072cccdaf78
SHA512422059292b703591338b6e334bc4efc065737c6f728d3524b3b6631dc4a4ac65f675a4b8419663b7cf1719bd327e65cb3266c8dcf2c85306972265a882df8deb
-
Filesize
235KB
MD5f2324a0a589478957b66b967c8d95d8c
SHA143b6fc49d383871518e0072e7d0aa8433b3a15a6
SHA2569ef6c19ee82db6cc5e763b275a65fff3050d3734386d6a554f9216153a7e5579
SHA512101bcd0ee104a13a299d854926ed19b4b473c3938b9194acf5e53df9e8840662a7da9cde5fcc53bb538f835d4747e1b71a5f9bfe8376d78c3467ab2ce40af469
-
Filesize
132KB
MD53872b1238b8e6c1b92c20e63b6560009
SHA12feb195222bd6cbb4b8dcff5da91b281da21d6a2
SHA25621f78e1451c84270533f30e09cf163ae6110594899909f23cc2474019d11cbd5
SHA51282db9e8dcf58b3527f06e947d5d755c701436f0e1b4928a7206c56c53d8bbe875cdf60f74eb4b7b043114c2dfcfb1e44d694a0c928519e0b254c24f6e806480b
-
Filesize
381KB
MD5d5bb1996768ed9f61915be739a1fcc43
SHA1cdcfdda76f79cd2a06ea4b5606cd9b23b2ee1dda
SHA2563f67f049e44e220349dd292aaa95a40463d00d481a883fe3803e5402fc70377a
SHA5120ebb6d803dd33b7c52dce4c8a2fa218c64c2e2af3116b4680e3be6a68e0062b936996cefcbb81e8b8b7fb1c10445d0c458d825e299ed398bc63fc94e00f7b08c
-
Filesize
1.3MB
-
Filesize
1.3MB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
348KB
-
Filesize
80KB
-
Filesize
128KB
-
Filesize
8KB
-
Filesize
128KB
-
Filesize
128KB
-
Filesize
728KB
-
Filesize
4KB
-
Filesize
728KB
-
Filesize
728KB
-
Filesize
8KB
-
Filesize
80KB
-
Filesize
728KB
-
Filesize
728KB