Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
295s -
max time network
290s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
-
submitted
01/07/2024, 03:57
General
-
Target
https://dl.zipna.me/Prison Architect.exe
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 3 IoCs
-
Loads dropped DLL 21 IoCs
-
Enumerates connected drives 3 TTPs 64 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in Windows directory 15 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 5 IoCs
-
Modifies registry class 25 IoCs
-
Suspicious behavior: EnumeratesProcesses 8 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dl.zipna.me/Prison Architect.exe1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd2cd69758,0x7ffd2cd69768,0x7ffd2cd697782⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1544 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:22⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2120 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2832 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:12⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:12⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5304 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5336 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5428 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=692 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=916 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1476 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5472 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5472 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5364 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Users\Admin\Downloads\Prison Architect (1).exe"C:\Users\Admin\Downloads\Prison Architect (1).exe"2⤵
- Executes dropped EXE
- Enumerates connected drives
-
C:\Users\Admin\Downloads\Prison Architect (1).exe"C:\Users\Admin\Downloads\Prison Architect (1).exe" /i "C:\Users\Admin\AppData\Roaming\2c2t LTD\Prison Architect 1.0.0\install\Prison Architect.msi" AI_EUIMSI=1 SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect" SECONDSEQUENCE="1" CLIENTPROCESSID="5000" CHAINERUIPROCESSID="5000Chainer" ACTION="INSTALL" EXECUTEACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="MainFeature" AGREE_CHECKBOX="Yes" PRIMARYFOLDER="APPDIR" ROOTDRIVE="F:\" AI_SETUPEXEPATH="C:\Users\Admin\Downloads\Prison Architect (1).exe" SETUPEXEDIR="C:\Users\Admin\Downloads\" EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1719565641 " APPDIR="F:\APPDIR\" TARGETDIR="F:\" AI_SETUPEXEPATH_ORIGINAL="C:\Users\Admin\Downloads\Prison Architect (1).exe" AI_INSTALL="1"3⤵
- Executes dropped EXE
- Enumerates connected drives
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 --field-trial-handle=1672,i,5126166296794053675,1294840302951414218,131072 /prefetch:82⤵
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding C1DC583245F5B23B9E33216B344DBB16 C2⤵
- Loads dropped DLL
-
-
C:\Windows\system32\srtasks.exeC:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:22⤵
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 92E577CA9D84340EAF731B05895D0F372⤵
- Loads dropped DLL
-
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
-
C:\Users\Admin\AppData\Local\Prison Architect\Prison Architect64.exe"C:\Users\Admin\AppData\Local\Prison Architect\Prison Architect64.exe"1⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4081⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
21KB
MD5540ba6d5301bf47d7c9dee6678bfe85d
SHA1df3e2696f64210dcb9de55581a5b02c6e0b95df9
SHA256c00c1a878e4a3fe83d906a83d6017319f83840ef1c128123f1558745aafbe4e1
SHA51240ef8df064a385ff96952d82e11ef12a3136b00a64ab1f6f499378471233a9e9eb6114fb01f26c8f5bcefd645c4496648ca80b85e72640b17e8e66bc046f4304
-
Filesize
1KB
MD51c535f4fb6d6decf4c2ccd0c8baeed4b
SHA19ce32e96aa670ee0e76182ab43107923b3566589
SHA2564b8c61b368cd448d5e899b32dc7c4c6d20f8d6e77dcdbc881de3894389a679d3
SHA5120347efecb607f8e3813a02c819c508721e13627103bdb1de2a6cb2a4fe60af9b8acc97001af5df623bfe243e43c120d3d64710961279bd788ca827ce4e1f23ca
-
Filesize
864B
MD5eed9a3a68bc3e0f9390f9046a04978bb
SHA1ac8dfc46d60d2e66e4701c01cdee54e68f68fe09
SHA2568f96eb089f5421357bbe1b2dd4d0a6daa65c261b75f569273719d0b6c3559c87
SHA512341ae055ed505f4a3fa8817a270792ef70258cdfbe1e1d8baa01d5ad8097910cb81341f7f65b616aa5358ec14c2bfd857d2125ae5899828f14ee181f5462d04a
-
Filesize
6KB
MD59f73dc27771fbc1245c93974923f82b7
SHA15d759670c4d81acf3819183613a44f893593a869
SHA25661d102b7274fe0fd0431e203477bbd6283a3c2cfea09c2a5b84cf6fb7e97613d
SHA512bb593f836566a7c88790cd667bc1fd0de9babb2f58edecd7062e73988a8d601bf2f0a7272287923cf0d42cb054baa682e586c5a18f495e2cba9649ecce28376c
-
Filesize
6KB
MD5ebb6c18daf3a394474fbe7c4a4a54221
SHA14026793365b2a45152ee32d4b7851cdcc1b03f8c
SHA256ad6f16695da2c83a610470d0c3dc75292202c6eeec4fe4c278f1f1dff56e7f2a
SHA5129b4a5853fef73479a0f067419ed9784d05d3f0111ef2a0bea279b2879383cd95f9daef7927a2114e6087e17d27720413f03752079c6bd76ca2675f3f25acba0b
-
Filesize
6KB
MD512326e5ec5c30d880d440a3880aa5569
SHA106b74597732620b52448c698c58338ed74a505b5
SHA256dc924ac34c136c647c6000622b11bc13b99f882165d6f18b907fd724d8cd3d57
SHA5126524d19dddfca086055dd44414bfdee307b14886301e66569b408024dd938106e46ab0851b25ac2e09a4bdb6701a6fa04a8101262fcb5c8302b919668c308ac6
-
Filesize
6KB
MD5eb971d3489f66e6dd7181cbd896571de
SHA16708d755a01ba7b221e7727e872137a3bc5bb5e9
SHA256387a1e35fed699efa2aa90a8c5568409f0e1e4ca8f1c6517797dcac11a75bef8
SHA512fba6731b91488d68ed13f53e2f1ac55ffbbf5499b1c4b9cb8ff8f1643e371abba3a83f32f236e218f7f6a90c98bbc74fd4a2f8bb5c8fab6e14b47113e60bfec4
-
Filesize
158KB
MD53f56d33d4e728d6d49d430d0380e5c78
SHA11257c85781a6e4a0fcd17c55a11c474f3f0fb5ec
SHA256b4a7267a8f2993a0c9641d66a7462367c0670284c0d98828507d98728e32b4da
SHA51248354e37fdf611cdae49e0d5b664f7e19f4c1789c16f316478da15838e4db29aa817e5729ef956bc31e4f267f5a27f28108e1eda5ff53371969e26f60c0adcf3
-
Filesize
138KB
MD5e52da4a72885af3d27b877b5fa635e5f
SHA1a3dc22e1c46e32a4a9600844987669dd956e0427
SHA256f819347755758395cb05cf3a6b3924435ac06758c407f87e231a30fb16afa6f7
SHA51258c82889938a751525fb6cc00b60548732594306c3d8e5814f57c49eacdb1f77988eb6bd1cae964d64747429852c9599316ecc55d8c3663f6d826b0fcbefc73f
-
Filesize
137KB
MD5f5b82a890eff0820c3e56e77d33c73c8
SHA16ddeae586299c698682ae9c2f370834a75a138f3
SHA256de5ed125c870697307f525ef53613281e1072a7de1ac95270c1d1b6b5119fb8f
SHA512125f239ccbaf5f672739115437e9e0ad5ebe5ef31d483d07465be6f54a2abe520cfe3b98ade765bf39d3a4fc87cc11b56e0b05668a5d295a798393956104b5bf
-
Filesize
138KB
MD55fe5c7b73da4cf9337665b925cfd5472
SHA18a53b023c4890752bbbe03b28e02306309bb0acd
SHA2567013b45bb49db26da97cbbafb12da3396902320e8f23c14783cc6c51529d6369
SHA51269008d3b8c2272250f3ef3e843ec1487872caef697dfd24500bbd84ac0f5d55bc6da4f794782073e3726c7b7aa295e25a699237bf75d5190a047d9eb901175e3
-
Filesize
109KB
MD53a31d854982d64cd202d0117f1634396
SHA10752065b0d60f3b8189f7ccb2352ab30200c8217
SHA256962c0627dab49d47f3e62e22c24729e71338f973eccd49036b67cba9817f19bf
SHA512941afa27d6eb316ea44b6e768bc88d13e369554b4c5498100ca25c5a128f4f61f742e9f1363ab812da38d372903fca8e0682a5c2a0a8246eae6bba0b0d29aa59
-
Filesize
112KB
MD5bf7955c98a5975c0f326857cde1b43c0
SHA1bf395f65f4c723a80fcbf3bc111ddfc6eeed75b8
SHA256a5e5602fed7ab71cc54c65fe570eda64eb2e183b239bf737772cc8830f452490
SHA51275ddf99e49758db4dacb773956418c5dee3247ab73d10eee0e3c13907eab3ef54efdcfebd264ef521134adc6131826f1d09a010cd28c1c50b8f1a9b3cf406365
-
Filesize
105KB
MD50d895c93471e3956672fac544fdba7e9
SHA13880dc37a2031f06827be4c7129a32d1f2c236fb
SHA256aaccc05810dbca258ad34692e0a15811c17a94f93372314b9894ac3a2ee4001e
SHA512745f7dcdeb766f114497cfc7eeacdb7c2c317753d8ae3f661e7a1a4d75c688244f9035f127df2df5868b61e8c917d34862eda95fd454e55173e115965a9100fe
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
351B
MD510c2ddad3f5ace4fb85314a5a7cb5663
SHA18b790532297b533400779cbb1a0cdd2d59e63f0a
SHA25685fd6e91208c5c3dde3f0b397c7fc6e152a747657518c5ff3f2863d55276ada1
SHA5127d61342a669e676cafe718d8546e4da712aa7117e6f15faff7506249dabc1b60d21f271fdf59fb17f9bd1a9ac0c29e70e0d18456da96f9b418166dfa07f9a00e
-
Filesize
643B
MD5aa68e93395eacb208cd81462f79be41f
SHA1b1eed3301f3b14a82b1a79cefab0e2043eaffc24
SHA256f627366927802935478b24d35735fa3dd1f0146945302e96d8bf67113d48d71c
SHA512fcd94088eac6e5d9abfe1cc2c2243aceb753436cd0310b3f97d318591a55e9f37bf41f29edfacf7882d0aaabe5d80bc394d07ed001d5694f355463b4a08cdcea
-
Filesize
4KB
MD528512e6abdbb9287ef3874242a3caede
SHA1579bc4a54e7ed8fee4a84d92b82486e1f807639e
SHA2566fc267270d7626d9011c2a177f13402d9b4b694ad8da80ae8fcce2902b3193bb
SHA512d3926135006c17a06d59a0d9465fed5bd0be07f236b0f1426ff71e5f3c94c782b240b9ccb210cfbcafc25ecd3a2d945b423befc7b3b400caa39e12cbee1a023f
-
Filesize
13.5MB
MD5a54c9aa78742f7e2fa5a107bf524aa00
SHA1238f79b7cd6a499f51a319ed7cf45b4bd1851cf6
SHA25605d744daf2d7decb8518e9a3bdf7884c2018e1b14ce150f57154495338f177d0
SHA5124bb51f0a7fb094547c7d264b0f531f96466a33c720f75cef4a7f206ffca889453a748df5c72a118cc3e60370b5619e5ccc2f0d9f5763ff32c7f0642edfe8d397
-
Filesize
100KB
MD5a58316546659ab4fbbe609158ddefa58
SHA16731589a9ea03755bfcfa61e1501632c4a917298
SHA256068d63bdcb709a4f56ea61f66ebd7acd729d78b315bed7066d988c473927e1bb
SHA512237332a0819c842753154a2a552e4dced15136a24a63a79a865d4127e9c4f882441f4bd49d86293b4a1488fe18735be070c9160ffc7353fead7b33f347552c47
-
Filesize
1.3MB
MD501190d8b6805fd4d2a68750fbd041966
SHA1c5c967d47cc57112eec5fe7db0229b36e22ec661
SHA2565761e7789d813626cd68ee1e62429cfeb92bdd814cd29ef12fc4ae9ec1dbaff3
SHA512c079f1674f800bbcfe97d95e596314ba9f74bc7f87433dede4da91978c9ba9b1f0b22a4b690a07171983c46ac35e523a52df143072f700279914279de133957d
-
Filesize
28KB
MD533376d6a76edd8232787c4a4947c65b3
SHA13a17910b7e16b2ad263432fad9a3cfff17b5f5a3
SHA256c45ce0fc336294d504655f6b2b11bec5e58f5947253bad1d7c062f645662a242
SHA512d70d2278bf1ab32b90a772cf8c43460e1dde78963489f3242189f13b5c75c83d3983d7d4f2b2994f0273b8b9c2e14686f17fe96ca2155a8d74e1da9f1979affa
-
Filesize
24KB
MD5f550f449baed1315c7965bd826c2510b
SHA1772e6e82765dcfda319a68380981d77b83a3ab1b
SHA2560ee7650c7faf97126ddbc7d21812e093af4f2317f3edcff16d2d6137d3c0544d
SHA5127608140bc2d83f509a2afdaacd394d0aa5a6f7816e96c11f4218e815c3aaabf9fc95dd3b3a44b165334772ebdab7dfa585833850db09442743e56b8e505f6a09
-
Filesize
173B
MD56bbc544a9fa50b6dc9cd6c31f841548e
SHA1e63ffd2dd50865c41c564b00f75f11bd8c384b90
SHA256728c6cc4230e5e5b6fdf152f4b9b11ac4d104fa57a39668edea8665527c3bcc2
SHA5122cf43d3a3f2e88805824e4c322832af21c4c49d5309387aa731ddbea8cc280a6049cab4526e20b1c87c39c8781168c5ff80083c94becf0984b94593b89ab77f8
-
Filesize
19KB
MD5af7ad9a40809c0d00004383c656c3692
SHA1898b75659e67e7e1dcc9e028ba92b9888ce53bac
SHA25683bfdb826d2d753f31b12c1d0a62e36d96004dc32038ae85d9006ca578612b60
SHA512b325313982285754cdfdc61b165d1968ddd0437a1c0bb46d35c04be03e3444a3d189baded903eb91806552d26c1544d0576d2f8ea754ea4776054cb237bfcad5
-
Filesize
404B
MD550e27244df2b1690728e8252088a253c
SHA1b84ad02fd0ed3cb933ffbd123614a2495810442b
SHA25671836c56ec4765d858dc756541123e44680f98da255faf1ece7b83d79809b1c3
SHA512ba3d3535bfd2f17919e1a99e89fdb1c9a83507ff3c2846c62770e210a50aee1281445d510858d247cc9619861089aaf20f45b0b7c39f15c0ea039ac5498fa03e
-
Filesize
134B
MD5a0efb0e7b9cee25b09e09a1a64e96ba6
SHA10c1e18f6f5e6e5e6953e9fb99ca60fdec35d6e39
SHA256f044f542bc46464054084c63596877f06c6e2c215c0e954c4ace9787ced82787
SHA5127e53f9f564aaa529b3b15035671957c2923ec98ddee93758ea7a4c8645ee9058962078771b853e3490290fde1f57030dff5092d40d69418776ffee89f79c8a7c
-
Filesize
253B
MD59554be0be090a59013222261971430ad
SHA19e307b13b4480d0e18cfb1c667f7cfe6c62cc97c
SHA256f4302ee2090bc7d7a27c4bc970af6eb61c050f14f0876541a8d2f32bc41b9bab
SHA512ac316f784994da4fed7deb43fe785258223aba5f43cc5532f3e7b874adc0bc6dbcd8e95e631703606dfaa2c40be2e2bb6fa5bc0a6217efe657e74531654ea71c
-
Filesize
1KB
MD50b044ccde7aa9d86e02a94030d744ac2
SHA10594ebb3737536703907ba5672ccd351c6afb98a
SHA256bce5b6de3a1c7af7ec14b6643da25f7c9e15bd5f1c4a38abfcddc70a5e93bdd3
SHA512dbfba793722589f1a76dbc75c9a2f3646733e4a079a6b70003716a7f7b8fa1a6a2b234ec9132f5737e91d20d460db1e29826b2d7ac740f73136975f19e336cd8
-
Filesize
66B
MD5821930553ef406b0c82d9420d3351c78
SHA18511c65f0048f8f30797a13b3d7d8264c314cbd4
SHA256d5e9f3533cb7d727611aafaa5af22fa07efeaec0391a011ecf9803bed867de7a
SHA5129d55bb01e40bb411321e60fbb1e60748a7243392456030d81f853448af0af75e27ef87455ad1eebf96af754e803aabd1a82f0653deda52832769f5b74171d9cf
-
Filesize
66B
MD571fa2730c42ae45c8b373053cc504731
SHA1ef523fc56f6566fbc41c7d51d29943e6be976d5e
SHA256205209facdebf400319dbcb1020f0545d7564b9415c47497528593e344795afd
SHA512ea4415619720cc1d9fb1bb89a14903bfd1471b89f9c4847df4839084aae573d49b4969d3799ad30ff25b71f6e31f8d9f30701e1240d3cd6a063819c04873f21f
-
Filesize
66B
MD51fb3755fe9676fca35b8d3c6a8e80b45
SHA17c60375472c2757650afbe045c1c97059ca66884
SHA256384ebd5800becadf3bd9014686e6cc09344f75ce426e966d788eb5473b28aa21
SHA512dee9db50320a27de65581c20d9e6cf429921ebee9d4e1190c044cc6063d217ca89f5667dc0d93faf7dcc2d931fe4e85c025c6f71c1651cbd2d12a43f915932c3
-
Filesize
206B
MD58641f45594b8d413bf1da25ce59f1207
SHA1afebb23f5a55d304d028ca9942526b3649cddb52
SHA2560403ed31d75dcc182dd98f2b603da4c36b6325e9d159cac4371e1448244bb707
SHA51286a5f959f8462f866466dc706d3ae627b1fb019b8a33ee7fe48e3b69f92bf33dc0f1417c0d5116552b25b488bcb5d9050a33773e6883ebe08410267d95b2353a
-
Filesize
66B
MD530384472ae83ff8a7336b987292d8349
SHA185d3e6cffe47f5a0a4e1a87ac9da729537783cd0
SHA256f545ec56bc9b690a6b952471669a8316e18274d64e2ebc9e365fcf44363a125a
SHA5127611f930a0a1089cc5004203ec128c916f0c2aedae3a6fcc2eaffa8cd004dcbf154714e401947921a06896ca77c77daec7f9bda82369aacd3bb666f8a0331963
-
Filesize
66B
MD54b84f29fbce81aab5af97a311d0e51e2
SHA160723cf4b91c139661db5ecb0964deca1fc196ea
SHA256c93be5a7c979c534274fc1a965d26c126efa5d58c14066b14937e5aba3b9eb55
SHA512775eadccc44fddbd1e0d4231bc90d222f0a9749199e1963449ad20285ea92941a5685cdc12c0cd8c0ef0a21e10bdacaf139e5c69cd5e402cc110679323c23df1
-
Filesize
154B
MD51966f4308086a013b8837dddf88f67ad
SHA11b66c1b1ad519cad2a273e2e5b2cfd77b8e3a190
SHA25617b5cd496d98db14e7c9757e38892883c7b378407e1f136889a9921abe040741
SHA512ec50f92b77bca5117a9a262ba1951e37d6139b838099e1546ab2716c7bafb0fc542ce7f1993a19591c832384df01b722d87bb5a6a010091fc880de6e5cfa6c17
-
Filesize
66B
MD54e0ac65606b6aacd85e11c470ceb4e54
SHA13f321e3bbde641b7733b806b9ef262243fb8af3b
SHA2561d59fe11b3f1951c104f279c1338fc307940268971d016ebe929a9998a5038ee
SHA5127b28bcb4e76af3b863a7c3390b6cd3316c4631434e1d1e2df8d6e0eb9987a61a4f1a24de59567394e346d45e332403a0817ed0b0b64d7a624dbe48e30db9bb64
-
Filesize
404B
MD517368ff7073a6c7c2949d9a8eb743729
SHA1d770cd409cf1a95908d26a51be8c646cace83e4c
SHA25616e6e7662f3a204061c18090a64a8679f10bc408be802abd2c7c0e9fe865cbb4
SHA512cbc3a378335f131d0146e5fe40cea38a741a0754a26304daebfda6f82c394cf0e151654782c6c8c7bbf7c354fcb72a2c66a77a87df528c2a3fa87c88f204059d
-
Filesize
520B
MD570db38d656afa3778dcf6173d390e61b
SHA18b8674d6d70d67943d313d2b74222daa4bd1691d
SHA2563a0a5b69f9da7cae9fc631326ed8aa97abbaaecf2bf15d0a73169a29f3381e83
SHA5128888ab493c7342f69b33279eaec4f99c41a906929d65503c48c7059d199fbab267ba9ad6ef6e57a7a56d2a321c01e46008f770afe67fa99ec7b7676ec2376c05
-
Filesize
3KB
MD549ad8e9164fd6facb8a8bfd6f62972b8
SHA1e23605df242772a047d6d3543aaa72241066abb9
SHA256914a0241a557591dfdcf3ed1ef0e557ceb153f32c716c53d13342dc5318bbb79
SHA512843359888242b97b12185954fe6f04bbe8ed14c71f101a79d4863ccdca7d1b03b4e1f0c6cacf26f87a91c5eacb0d4571481bca81a0c3dfd8add475310a6269f2
-
Filesize
404B
MD5583580e2c651f5c230fb3235b7ca0e3b
SHA1a9bd6aeef43a6f4c0c00d1ecd98a585d7eb0aaa3
SHA25665172283ee04f2fa18d0e57b21471be2e68017d1f61816aaaa6be070b446346f
SHA5126c61e6c06c883113a7a0efbd352120354c070f5c17d770b6b821c42cb9d9ca895992842b29b51bd3e569b0c95e93709dd7c1c2a26bcff0ad425079f5302670ce
-
Filesize
18KB
MD5f5a120b564fc7823d1c269b7a6e70473
SHA11b85466c12f83b7872214f787390614df50eaddb
SHA256c178ed81de4aa8b049efcf0670c10cf2043a51c6be1144ee95d09c1c2afd6087
SHA51296d285759f8a8c5d17d7cac4ef224995dfa09554a3687c7f34e63651888c98a9c60095cd1a71c82030781ff6e7d58b7d49068bd9f53126ff7b775579d3368ace
-
Filesize
273B
MD5f6a5e71e9cbe8d3654a2cdf91aae98fa
SHA18871a1ae25cff6c5a3e6288a58fc5f4d7a92409d
SHA2564801d63bd9bdc6279765ba785b0da9e10730764a9c3645934a46c691547c0612
SHA5121b3146dfdef9c46123f27fa355790036f296d600bb10fbad12363c71c8e3a840863512f4a581daa18ffabb3ec5a3720a6337c4bac54be8b9b49d161b9459a1c9
-
Filesize
276B
MD517242d201d004bb34449aab0428d2df1
SHA177a332c6a6c4bfc47a2120203cfeabb8a2268a6b
SHA25615405855866fa2b7c60afbc8ba720aae8f2ba7fb60bfa641dc9d10361e56f033
SHA512605a97e2614c664417d53263be21c67b1504a46ee61b92b0a84ac18a7baab05eb56b72d4cf27372ae6c157928080ba16e24081e95458eb122ba18f3722c2d21f
-
Filesize
225B
MD58ba33e929eb0c016036968b6f137c5fa
SHA1b563d786bddd6f1c30924da25b71891696346e15
SHA256bbcac1632131b21d40c80ff9e14156d36366d2e7bb05eed584e9d448497152d5
SHA512ba3a70757bd0db308e689a56e2f359c4356c5a7dd9e2831f4162ea04381d4bbdbef6335d97a2c55f588c7172e1c2ebf7a3bd481d30871f05e61eea17246a958e
-
Filesize
205B
MD55e947815d865acf099fa753283e09179
SHA17d98046d20a73439c53044e0ebb5f0b34afaeea9
SHA256c1d0663131fe901d890cdd9f18af8f9a553bee4848cbd978f5122e8383b5534b
SHA512b22e31c37d84128b271c5e5a70fdce90a3bbc02059d1bd032841b3383dbeeca56ec9abe6335453abc8ded1de84e6fcafb648d76d4dcc79246339e9a5eb6d5270
-
Filesize
180B
MD51a883668b735248518bfc4eefd248113
SHA11112803a0558a1ad049d1cac6b8a9d626b582606
SHA256bcbb601daa5a139419f3cd0f6084615574c41b837426ebff561b7846dfec038e
SHA512d321878ed517544c815fd0236bdff6fcb6da5c5c3658338afba646f1d8f2e246c6c880d4f592ff574a18f9efdf160e5772bbf876fb207c8fd25c1f9dd9ddfd04
-
Filesize
175B
MD5a2c4802002bb61994faabda60334a695
SHA10a2b6b0ceb09425080c5ba4b9cbdef533cf69eba
SHA256a3b59dbc5a39d551455ff838e71b5820560ca3484c6411b9d69df33d8113619c
SHA51234e130edc650c3de6020f2d2b5dc1404b7aee0105eb7e315c15c5aa61398d174377e9b6a2aecc55f79f54c04812b8745c6739a201539e291538979e6b024da31
-
Filesize
238B
MD5516172d0ebf941237cef32fcee8cdf43
SHA16bee117996c16c7413be876dfc15978d14813091
SHA25656e64eaf6349ece08005e6f7299de413ed00112d53518215d90690be2b2a4f1a
SHA51246477a58aa7e9eeae29e1c1d826bf045422709b7c8f428985c617b366012c58121d4404523a75efe77fc6d8e061a6bb209743d0a2af81545898f51c8855728ec
-
Filesize
2KB
MD5c288a7a350a1a5a5eee9ada36cb6011c
SHA1d1174e488d08dc4ab9bba3fd7653724d5553898f
SHA256030e5bb7b7fff395c38433516cf96988939cb794d9d62d550d7eab9cef7d2b2e
SHA512dc7f9486699b4eb4b8295590112b540ed619c2b956948eec3b72fe86226740f43392dd1898d5f27d553e775351c527ac316f4606389b92bedfc996845649a859
-
Filesize
819KB
MD53604517a3e6e69ba339239cf82fc94a5
SHA1c4757e31f9c8a90ee5de233792da71c8915050c5
SHA256bdd1d14c9cb54b19f6a7f37adbc7537ce8fd2f6fa59a74a4a90b08c7979708d2
SHA512c22ffc410886fae221dfee6ab469e44694f87cecce14d505a059f5fe01c1b4e1ad93c15b78c7623e821a37737491e89c627ddae5d03c407a877835ab6d611619
-
Filesize
3.2MB
MD5032bb369103dac02606fb919f6658f3c
SHA160b39428ab3493aab7babf3a1c5f2a951ae853bd
SHA256daa61c42d53be45c7709a0b0f66a51a0a47ca84eab787e0627f6da255c96ddff
SHA5120f1fb9bb34e699ee6d4a1dc58f99514fb1df81ad0cf37b3ffe938295a70d832a5702cec3df16d30d400c77014d09228e6d02d3e65d5d6d0f1c5e34f39d55e313
-
Filesize
3.9MB
MD5e4526c579c68d97c3ce26f5c50371e07
SHA18bd48ea1827e09e7e3ca909cce85672027992bf7
SHA256c43fc663bee72bd504c2c24b8030e9061c5cb9e508f944355c00e3eacab0473a
SHA5120154030dd57f01a84918edbe305a6f1c8256cc5a2bd928b630ea0343e30a7a4af4be4d2e923bf4326ada89e47f918e4f2d23ff84972175a49624531a043efe0f
-
Filesize
2.5MB
MD58ab38086d6f9254a4c144a332f20edd8
SHA1e5da8c261e7ece9589e376062d75b4009bfd4da4
SHA2562e51331e9057fff3e20b6359bbafea0776025d8e690ac1309347d2f72e0d69b8
SHA51213d22588b90c40a2fdb688c0c9146bfb5730c60b2e24cf6be15553989ebfcca5b5d469faa6ae5e0c3287254fbe12e2d5f011b7a81d4b1ef4708b4bca086d5b5c
-
Filesize
877KB
MD5899a6d5f1c9e00ec2f43e732c6b7548f
SHA1a795646d8c878a21beb51120a8c709dc83b87960
SHA2560ca4e5eb5a7bac56a3ee31df50110a4e89ab4781ecb1da43bb5cab66ff799491
SHA5128467de1ede139dbf6f6d2225c58f379d140972101f2770e59ef50d98d6793bacfc62a4abe80644d7ab587ee20c8da02839efb95ae3f0689dfa837c4495c1a172
-
Filesize
26.0MB
MD593045ed57407ed36db49a7764828eadb
SHA14a2fb8551555fe020a96c21f811bce92d3b74c71
SHA256cc43349d54846bdff7dda5707d95d6db76397509b747e652a2f4f88b466edd51
SHA51236db9f881dd623b851a8b4689a4e1368beb4722a39c77ba8850d5fcddb6dd5cc872943b906f4a4afdd86489ee3f7ee54457c4a4ed1909032ade1060b41d4b388
-
Filesize
5KB
MD553a37923c2aa99c936b743add9ed56bf
SHA1c7f36d5878f7dcea45ee23c362bdc5cad563da28
SHA2562b345f4c02562704c67e358f4c73e1071dac5178e36c634e664e0d0898622f11
SHA512803b3a85215ae1d6eaca5b88b5325049448b806a6a0586de4b3388b7945c45fdcff0a52e08e8036314c3f918e74b34a0bdddfcd750dea31301d30cafb2a8923c
