Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
25/06/2024, 23:24
Static task
static1
Behavioral task
behavioral1
Sample
0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe
-
Size
1.8MB
-
MD5
0fea3a41bb2029e5b35030b6c36e7de0
-
SHA1
774625a63ea945f607ec1b78385e581b0181bc07
-
SHA256
d5adfedff600d6a7306c8c8271393e91b1b7ed899826598782ebc6665fbc3eb9
-
SHA512
883d0fa93d67ea94553303b0f154a246555db1ab86bdc9844b7162efb1b92af96eacba56f443f62e594a4ce3d3a3090a09c36836b1200429b3cc56d50e40e293
-
SSDEEP
24576:zUu0KmNRRpMboRt2WnBNkh5LphUi+X4NRVZEZOqJKjZOqJpruZOqJ1:4rfVTgRphHIwNjwkruwS
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe -
Drops file in System32 directory 2 IoCs
description ioc Process File created C:\Windows\SysWOW64\SouGoo.ime 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe File created C:\Windows\SysWOW64\Hook.dll 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 2068 msedge.exe 2068 msedge.exe 4036 msedge.exe 4036 msedge.exe 1184 identity_helper.exe 1184 identity_helper.exe 5204 msedge.exe 5204 msedge.exe 5204 msedge.exe 5204 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
pid Process 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe 4036 msedge.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 780 wrote to memory of 4628 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe 91 PID 780 wrote to memory of 4628 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe 91 PID 780 wrote to memory of 4628 780 0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe 91 PID 1484 wrote to memory of 4036 1484 explorer.exe 93 PID 1484 wrote to memory of 4036 1484 explorer.exe 93 PID 4036 wrote to memory of 1728 4036 msedge.exe 96 PID 4036 wrote to memory of 1728 4036 msedge.exe 96 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 3896 4036 msedge.exe 97 PID 4036 wrote to memory of 2068 4036 msedge.exe 98 PID 4036 wrote to memory of 2068 4036 msedge.exe 98 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99 PID 4036 wrote to memory of 4972 4036 msedge.exe 99
Processes
-
C:\Users\Admin\AppData\Local\Temp\0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\0fea3a41bb2029e5b35030b6c36e7de0_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:780 -
C:\Windows\SysWOW64\explorer.exeexplorer http://www.dnfdajiao.com2⤵PID:4628
-
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding1⤵
- Suspicious use of WriteProcessMemory
PID:1484 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.dnfdajiao.com/2⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4036 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaaeb146f8,0x7ffaaeb14708,0x7ffaaeb147183⤵PID:1728
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:23⤵PID:3896
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2480 /prefetch:33⤵
- Suspicious behavior: EnumeratesProcesses
PID:2068
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:83⤵PID:4972
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:13⤵PID:216
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:13⤵PID:2772
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:13⤵PID:3136
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:13⤵PID:2088
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:83⤵PID:2640
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
PID:1184
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:13⤵PID:1712
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:13⤵PID:4656
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2360 /prefetch:13⤵PID:3180
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:13⤵PID:5164
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:13⤵PID:5692
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:13⤵PID:5472
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,3751943557330964447,4649792092565950791,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:23⤵
- Suspicious behavior: EnumeratesProcesses
PID:5204
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1712
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4936
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5c39b3aa574c0c938c80eb263bb450311
SHA1f4d11275b63f4f906be7a55ec6ca050c62c18c88
SHA25666f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c
SHA512eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232
-
Filesize
152B
MD5dabfafd78687947a9de64dd5b776d25f
SHA116084c74980dbad713f9d332091985808b436dea
SHA256c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201
SHA512dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b
-
Filesize
5KB
MD5d5e27682107eecab943af994436ad576
SHA1e932d4686b7d45ea69bb9b3d2f5740c6d7d35317
SHA256ea18e0628bc776f5319b973507e9096416ef86e4744706ad97c2d8e9965407f2
SHA512ffe767f687997a6fea7c27b260661164f9527c0734639ab1766b20b13bc192514895baaa6e845461e27619a5163cd43bffffbacdb738907daad9fce6213c3e02
-
Filesize
6KB
MD56593c78cf75a1720a245d820d1b6c6c0
SHA18f667aa48461056a5cce6bc0a796db16546a24c5
SHA25630da1033c7372c4cb80c6a34974247d5043d100690c2d8b799aa2b166e497577
SHA51222efd17a5dcb101710f7bb7db7351193ee2689742ef68b241e2d4d2bc2c71d699dcbdb61bf7fc7e9be117c284904ae563d637c680a52d3eadf46692d4b5abed8
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5d3c49df10530988d4ae100ed4807adb6
SHA176a8cefedf10cdaa7a829d2f4ff440fbb2eea719
SHA256c10f927f3acda9b54a80bcdca03253312cb58bd88dc63f3ecfede7648763c8c5
SHA512f12ab2852d03b709fc7bb3000e6664c825ca39617818aa2d0bafd20f44f8303b2e16501b6dadfa415cfc7a83aa01d7d1061671d749758925c5e1f882cf03f0b1
-
Filesize
52KB
MD5b60da4e2e5aceba3ce3d87ee2cd872ee
SHA19bbdbf1f3ce2c000a86e0473da756a4b1031db41
SHA256b581fcc82c0462d60286a80912ab2ce5aca7d7b11c5cff0b5f74716dbb7dc453
SHA512664d6f893484252b339ff8f413a4cf9da9b0ef82ed74b097ba86a5f00b4d9740eef6e8a5b81e8be7e82ae4009928097baf15e65a03f31c4b92e44f593ce39874