Overview
overview
7Static
static
3Synthesia.exe
windows7-x64
7Synthesia.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...al.ini
windows7-x64
1$PLUGINSDI...al.ini
windows10-2004-x64
1$PLUGINSDI...rd.bmp
windows7-x64
3$PLUGINSDI...rd.bmp
windows10-2004-x64
7Synthesia.exe
windows7-x64
3Synthesia.exe
windows10-2004-x64
3bass.dll
windows7-x64
1bass.dll
windows10-2004-x64
1bassmidi.dll
windows7-x64
1bassmidi.dll
windows10-2004-x64
1msvcp140.dll
windows7-x64
1msvcp140.dll
windows10-2004-x64
1readme.html
windows7-x64
1readme.html
windows10-2004-x64
1vccorlib140.dll
windows7-x64
1vccorlib140.dll
windows10-2004-x64
1vcruntime140.dll
windows7-x64
1vcruntime140.dll
windows10-2004-x64
1vcruntime140_1.dll
windows7-x64
1vcruntime140_1.dll
windows10-2004-x64
1win10-midi.dll
windows7-x64
1win10-midi.dll
windows10-2004-x64
1Analysis
-
max time kernel
117s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
25/06/2024, 14:53
Static task
static1
Behavioral task
behavioral1
Sample
Synthesia.exe
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral2
Sample
Synthesia.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral10
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Synthesia.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
Synthesia.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
bass.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
bass.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
bassmidi.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral16
Sample
bassmidi.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
msvcp140.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral18
Sample
msvcp140.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
readme.html
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral20
Sample
readme.html
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
vccorlib140.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
vccorlib140.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
vcruntime140.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral24
Sample
vcruntime140.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
vcruntime140_1.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral26
Sample
vcruntime140_1.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
win10-midi.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral28
Sample
win10-midi.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
General
-
Target
Synthesia.exe
-
Size
12.6MB
-
MD5
a367aa2fbce65bd03509076fa4656dd4
-
SHA1
db07c17b5736472d2061096cefda9a86c0e6c1b6
-
SHA256
9b9016b5402fd2bba74ca80fbd4c1fd33424276a5d909bfd6d3e88246276bc9f
-
SHA512
2d60368ec1452eb74f35d4167b21bc2ae4cd230a86a3bf7f62ca0b57ab8fb8b78a5b6dacc6d90deee2f65184aa4c83cdbd60dbd19fdb0ad5f12ec4ae3cc49500
-
SSDEEP
393216:jQDiKZYqASUg/nHArZfCWbUFuF9NB7I3M07FRQ:jgiKZDX/grZfCWzF9vIcE7
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
pid Process 2860 Synthesia.exe -
Loads dropped DLL 16 IoCs
pid Process 1748 Synthesia.exe 1748 Synthesia.exe 1748 Synthesia.exe 1748 Synthesia.exe 1748 Synthesia.exe 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 1308 Process not Found 2860 Synthesia.exe 2860 Synthesia.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 10 IoCs
description ioc Process File created C:\Program Files (x86)\Synthesia\msvcp140.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\vcruntime140.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\vcruntime140_1.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\readme.html Synthesia.exe File created C:\Program Files (x86)\Synthesia\Synthesia.exe Synthesia.exe File created C:\Program Files (x86)\Synthesia\win10-midi.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\vccorlib140.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\uninstall.exe Synthesia.exe File created C:\Program Files (x86)\Synthesia\bass.dll Synthesia.exe File created C:\Program Files (x86)\Synthesia\bassmidi.dll Synthesia.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 50 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\Play in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%L\"" Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\View in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" --dont-save --on-startup Play --on-song-end Quit --speed 100 --channel-mode All=PlayedAutomatically,NoSheet --channel-mode Ch10=PlayedButHidden,NoSheet \"%L\"" Synthesia.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\Play in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%L\"" Synthesia.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\shell\open Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\View in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" --dont-save --on-startup Play --on-song-end Quit --speed 100 --channel-mode All=PlayedAutomatically,NoSheet --channel-mode Ch10=PlayedButHidden,NoSheet \"%L\"" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\Play in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\View in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\Play in Synthesia Synthesia.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\DefaultIcon\ = "C:\\Program Files (x86)\\Synthesia\\Synthesia.exe,1" Synthesia.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\DefaultIcon Synthesia.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\shell\open\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\View in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\View in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\Play in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\Play in Synthesia Synthesia.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\ = "URL:Synthesia Protocol" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\View in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" --dont-save --on-startup Play --on-song-end Quit --speed 100 --channel-mode All=PlayedAutomatically,NoSheet --channel-mode Ch10=PlayedButHidden,NoSheet \"%L\"" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\View in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\Play in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\View in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\Play in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\View in Synthesia Synthesia.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\shell\open\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%1\"" Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell\Play in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%L\"" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\Play in Synthesia Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl\shell Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\Play in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\Play in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mxl Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\Play in Synthesia\command Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\View in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" --dont-save --on-startup Play --on-song-end Quit --speed 100 --channel-mode All=PlayedAutomatically,NoSheet --channel-mode Ch10=PlayedButHidden,NoSheet \"%L\"" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\View in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\View in Synthesia Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml\shell\Play in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%L\"" Synthesia.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\URL Protocol Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\View in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.midi\shell\View in Synthesia\command Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.musicxml Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.kar\shell\Play in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" \"%L\"" Synthesia.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell Synthesia.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mid\shell\View in Synthesia\command\ = "\"C:\\Program Files (x86)\\Synthesia\\Synthesia.exe\" --dont-save --on-startup Play --on-song-end Quit --speed 100 --channel-mode All=PlayedAutomatically,NoSheet --channel-mode Ch10=PlayedButHidden,NoSheet \"%L\"" Synthesia.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000_CLASSES\synthesia\shell Synthesia.exe -
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 Synthesia.exe Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 Synthesia.exe -
Suspicious behavior: EnumeratesProcesses 8 IoCs
pid Process 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe 2860 Synthesia.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeShutdownPrivilege 2860 Synthesia.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Synthesia.exe"C:\Users\Admin\AppData\Local\Temp\Synthesia.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Modifies registry class
PID:1748
-
C:\Program Files (x86)\Synthesia\Synthesia.exe"C:\Program Files (x86)\Synthesia\Synthesia.exe"1⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Modifies system certificate store
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2860
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
251KB
MD5bad0d33c7e0d150ddf9835cd8c373ea5
SHA17231815986ed07a0af10c371138a02a52f4f2b51
SHA2564bbb323f48fa7ea549abd59ecfc30e71b574d20f52e295b7e3ebf19f07f53efe
SHA5122777a2ae0dcbc6c5891be0cfb88b49ba9d4646d3fe58d749742c126aeafb19496b21d63fc0060d591424f22744d3bfb9c34af60371aa362b92b60506dd72da07
-
Filesize
890B
MD5db2aec0f88f00c47c7b6aed1deb34463
SHA11101cb68fa3dbff9998580821bfce1d7b450b1d6
SHA256301bd0397cc287eb88e86229eac0a29d64d318b281cefcd5897310143260a137
SHA512bdcaead4ecadb96733e7b8a36d99eb53db072c4e5235128ed528d99e59984f40908dd761e10c4601c91cffd401f8abc628a0f07954e13072526c2f60bc1f8d42
-
Filesize
19.2MB
MD55dc12d9dee11f6490a909937e56991cc
SHA121f6376cb3c755e742ee1c7450deb5fdf4068931
SHA2561993138131ec80dff681ae5e31935f99f80afa7508472edc7d502bfe2c53a2c6
SHA512c11118fc24b89dcb48f008de46cc908570bd3477a8f294d57172736c3c8f11256142de1846863363409604f501c3b3b33a2418f2e5fd25653b03309f149fed42
-
Filesize
78KB
MD5040c88ba574f8795a565eac6b0486e1d
SHA157d14727357dbd3e97b9b4b02224470c9b269943
SHA2566f79dbd3c54836e87c407c648956f472244c7159cee43e73780cebcf2709051d
SHA5129fa2d5d8461dd06d6ea0aa7aa4f08c9bf7804d90d00c9e3efc3696dfea28e837cfb18f195d3e4fa6a9a549cd03910e84d62d623aa15677867503bc30fdfd2eb6
-
Filesize
15KB
MD509d8971beefefffd710030dd167a99e0
SHA1a0117786ad77213f3eb48cfdc3819786cb796b7d
SHA256caf64a4e9449220ba618a9aa2ae4ed3774c5d0f193bda44be22676c27ae0ec95
SHA5123956f0c6bcdf033e4a10ab33872a66e0668da28ec31cb7a2c67ef7266d7c0845998a2a85a6cc25aba1df73909df8104119cf5f1f86c1e91f8fd201765aea49f0
-
Filesize
12KB
MD58cf2ac271d7679b1d68eefc1ae0c5618
SHA17cc1caaa747ee16dc894a600a4256f64fa65a9b8
SHA2566950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba
SHA512ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3