Analysis
-
max time kernel
93s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
26-06-2024 02:29
Static task
static1
Behavioral task
behavioral1
Sample
106bc9c7056d9b34b276292cd4304863_JaffaCakes118.dll
Resource
win7-20240221-en
General
-
Target
106bc9c7056d9b34b276292cd4304863_JaffaCakes118.dll
-
Size
166KB
-
MD5
106bc9c7056d9b34b276292cd4304863
-
SHA1
cf970a1c94e04efaa250b0e870d223d53c6cdb17
-
SHA256
186fff28e57c20fe7dc492dd70cfc2afa683c2eae5d80c5a5d7dde1f78685015
-
SHA512
25f41bff5de05763010e6a6d33f9d3ec9c3dd3547e25635873fee79f0c1da1fff4fc474a9bb073a65292494f7c383ce99396d5324b220f6a4cc544d79044de10
-
SSDEEP
1536:f5lTUKCYmCgV5bT/2d1QYePvaLj30b9KVv6q7pbhD3fdaAsU3wNBz0KXs:TTU56gVxj27NePy330wN6qb3MAxwgK8
Malware Config
Signatures
-
Executes dropped EXE 2 IoCs
pid Process 1724 regsvr32mgr.exe 2540 WaterMark.exe -
resource yara_rule behavioral2/memory/1724-13-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/2540-33-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/2540-32-0x0000000000400000-0x0000000000435000-memory.dmp upx behavioral2/memory/1724-16-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/1724-12-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/1724-10-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/1724-8-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/1724-7-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/1724-6-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral2/memory/2540-40-0x0000000000400000-0x0000000000421000-memory.dmp upx -
Drops file in System32 directory 1 IoCs
description ioc Process File created C:\Windows\SysWOW64\regsvr32mgr.exe regsvr32.exe -
Drops file in Program Files directory 3 IoCs
description ioc Process File opened for modification C:\Program Files (x86)\Microsoft\px42A6.tmp regsvr32mgr.exe File created C:\Program Files (x86)\Microsoft\WaterMark.exe regsvr32mgr.exe File opened for modification C:\Program Files (x86)\Microsoft\WaterMark.exe regsvr32mgr.exe -
Program crash 1 IoCs
pid pid_target Process procid_target 1332 4896 WerFault.exe 84 -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115120" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3517187506" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{FC179BD9-3363-11EF-9519-56103091DE06} = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\VersionManager iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115120" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\GPU IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115120" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{FC1538F1-3363-11EF-9519-56103091DE06} = "0" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff3e0000003e000000c4040000a3020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3509843919" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3517187506" IEXPLORE.EXE Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115120" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115120" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426133974" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115120" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3511719047" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3511719047" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3509843919" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3517187506" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\VersionManager IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115120" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\VersionManager IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\VersionManager iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3517187506" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115120" IEXPLORE.EXE -
Suspicious behavior: EnumeratesProcesses 16 IoCs
pid Process 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe 2540 WaterMark.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2540 WaterMark.exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2996 iexplore.exe 3452 iexplore.exe -
Suspicious use of SetWindowsHookEx 10 IoCs
pid Process 3452 iexplore.exe 3452 iexplore.exe 2996 iexplore.exe 2996 iexplore.exe 4372 IEXPLORE.EXE 4372 IEXPLORE.EXE 3420 IEXPLORE.EXE 3420 IEXPLORE.EXE 4372 IEXPLORE.EXE 4372 IEXPLORE.EXE -
Suspicious use of UnmapMainImage 2 IoCs
pid Process 1724 regsvr32mgr.exe 2540 WaterMark.exe -
Suspicious use of WriteProcessMemory 28 IoCs
description pid Process procid_target PID 4980 wrote to memory of 2184 4980 regsvr32.exe 81 PID 4980 wrote to memory of 2184 4980 regsvr32.exe 81 PID 4980 wrote to memory of 2184 4980 regsvr32.exe 81 PID 2184 wrote to memory of 1724 2184 regsvr32.exe 82 PID 2184 wrote to memory of 1724 2184 regsvr32.exe 82 PID 2184 wrote to memory of 1724 2184 regsvr32.exe 82 PID 1724 wrote to memory of 2540 1724 regsvr32mgr.exe 83 PID 1724 wrote to memory of 2540 1724 regsvr32mgr.exe 83 PID 1724 wrote to memory of 2540 1724 regsvr32mgr.exe 83 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 4896 2540 WaterMark.exe 84 PID 2540 wrote to memory of 2996 2540 WaterMark.exe 90 PID 2540 wrote to memory of 2996 2540 WaterMark.exe 90 PID 2540 wrote to memory of 3452 2540 WaterMark.exe 91 PID 2540 wrote to memory of 3452 2540 WaterMark.exe 91 PID 3452 wrote to memory of 3420 3452 iexplore.exe 92 PID 3452 wrote to memory of 3420 3452 iexplore.exe 92 PID 3452 wrote to memory of 3420 3452 iexplore.exe 92 PID 2996 wrote to memory of 4372 2996 iexplore.exe 93 PID 2996 wrote to memory of 4372 2996 iexplore.exe 93 PID 2996 wrote to memory of 4372 2996 iexplore.exe 93
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\106bc9c7056d9b34b276292cd4304863_JaffaCakes118.dll1⤵
- Suspicious use of WriteProcessMemory
PID:4980 -
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\106bc9c7056d9b34b276292cd4304863_JaffaCakes118.dll2⤵
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
PID:2184 -
C:\Windows\SysWOW64\regsvr32mgr.exeC:\Windows\SysWOW64\regsvr32mgr.exe3⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:1724 -
C:\Program Files (x86)\Microsoft\WaterMark.exe"C:\Program Files (x86)\Microsoft\WaterMark.exe"4⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:2540 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe5⤵PID:4896
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4896 -s 2046⤵
- Program crash
PID:1332
-
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe"5⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2996 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:17410 /prefetch:26⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:4372
-
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe"5⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3452 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3452 CREDAT:17410 /prefetch:26⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:3420
-
-
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4896 -ip 48961⤵PID:2692
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
Filesize471B
MD5b9b9f42ce6d2b20bf169d05480d239d4
SHA132b094cc2ff79f07fcd68d585846b919bc350e4d
SHA2564d16bb8c9a34d4de9d39bb5f0e87095617b5ad551112db17b38b6cb752fbdae4
SHA51236b45c544439c6b1fab4c2fa58712475a65ad467e3da61086c4a953d6587d35f5c6ae7de740863295ae0d3534cbf67d0bed6843d95b6786b50431bfeebcf1010
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
Filesize404B
MD5664da857810f953dd8b79e589d61e101
SHA1dc2567a1881d7de6644399205cd1f077154fb093
SHA256ab2adefc380e01792e4b33bb1b9400dddce6573df5c92a6a4dae7c72666752b4
SHA51271e25fc6c5a713535e7874b19affed52b1e314d9ed36d69841674ffed65a03ce98d403dc6cfb48452b261ceb50a6f79fb2f5ebc3ddf4f69a7bdf2320e8b8971e
-
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FC1538F1-3363-11EF-9519-56103091DE06}.dat
Filesize5KB
MD58f68e7122643285908426782384d7b61
SHA1e7f75a229d8cabee4b4f2b8348f2edbe759d2a40
SHA25659592892c3594b016a72ab64782b568e04479af2e412662db55e6082cc5fee56
SHA512df0c667d8d4bc58c15ec4e34043faa25ff3d82a3c8b0bd7d824e823476cb9a4355825a44c9ba730feea5b2ad772431ae60bb7d0638db7fb50406283d6d57966f
-
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FC179BD9-3363-11EF-9519-56103091DE06}.dat
Filesize3KB
MD55acd0c6c3e515b96f0cefa79cb9580b1
SHA1f820ba5c724d3ce9b4725ebb0b312973c7e4001c
SHA2561b93758171224b37694ac80ca05ce14c7f5fca74ba323aac8dffd64327bc72fe
SHA51231c2d83325a5f24a2ae51226f8e9563b7a91dacc4e9b12f28b5cda6b4dfca43c91d49014961e94d2b67ea40cc550d9feadf871c855fc05d5ac9c27f9971a6fb6
-
Filesize
15KB
MD51a545d0052b581fbb2ab4c52133846bc
SHA162f3266a9b9925cd6d98658b92adec673cbe3dd3
SHA256557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1
SHA512bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d
-
Filesize
17KB
MD55a34cb996293fde2cb7a4ac89587393a
SHA13c96c993500690d1a77873cd62bc639b3a10653f
SHA256c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee
-
Filesize
96KB
MD58c51fd9d6daa7b6137634de19a49452c
SHA1db2a11cca434bacad2bf42adeecae38e99cf64f8
SHA256528d190fc376cff62a83391a5ba10ae4ef0c02bedabd0360274ddc2784e11da3
SHA512b93dd6c86d0618798a11dbaa2ded7dac659f6516ca4a87da7297601c27f340fffa4126a852c257654d562529273d8a3f639ec020ab54b879c68226deae549837