Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
715s -
max time network
716s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
03/07/2024, 05:32
Errors
General
-
Target
http://google.com
Malware Config
Signatures
-
Chaos
Ransomware family first seen in June 2021.
-
Chaos Ransomware 3 IoCs
-
UAC bypass 3 TTPs 2 IoCs
-
Deletes shadow copies 3 TTPs
Ransomware often targets backup files to inhibit system recovery.
-
Modifies boot configuration data using bcdedit 1 TTPs 2 IoCs
-
Deletes backup catalog 3 TTPs 1 IoCs
Uses wbadmin.exe to inhibit system recovery.
-
Disables RegEdit via registry modification 1 IoCs
-
Disables Task Manager via registry modification
-
Downloads MZ/PE file
-
Manipulates Digital Signatures 1 TTPs 3 IoCs
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Checks computer location settings 2 TTPs 5 IoCs
Looks up country code configured in the registry, likely geofence.
-
Drops startup file 3 IoCs
-
Executes dropped EXE 10 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file 10 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops desktop.ini file(s) 34 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
-
Writes to the Master Boot Record (MBR) 1 TTPs 3 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
AutoIT Executable 4 IoCs
AutoIT scripts compiled to PE executables.
-
Sets desktop wallpaper using registry 2 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Event Triggered Execution: Accessibility Features 1 TTPs
Windows contains accessibility features that may be used by adversaries to establish persistence and/or elevate privileges.
-
Program crash 1 IoCs
-
Checks SCSI registry key(s) 3 TTPs 4 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Checks processor information in registry 2 TTPs 12 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 5 IoCs
-
Interacts with shadow copies 3 TTPs 1 IoCs
Shadow copies are often targeted by ransomware to inhibit system recovery.
-
Kills process with taskkill 2 IoCs
-
Modifies Internet Explorer settings 1 TTPs 19 IoCs
-
Modifies Internet Explorer start page 1 TTPs 1 IoCs
-
Modifies data under HKEY_USERS 15 IoCs
-
Modifies registry class 64 IoCs
-
Modifies registry key 1 TTPs 7 IoCs
-
NTFS ADS 4 IoCs
-
Runs ping.exe 1 TTPs 2 IoCs
-
Suspicious behavior: AddClipboardFormatListener 6 IoCs
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 7 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 59 IoCs
-
Suspicious use of AdjustPrivilegeToken 60 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 32 IoCs
-
Suspicious use of SetWindowsHookEx 54 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
-
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
-
Views/modifies file attributes 1 TTPs 1 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc482146f8,0x7ffc48214708,0x7ffc482147182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2220 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5624 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5984 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6532 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6996 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7028 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\BUG32.md"2⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140433⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=35E8933D6207A9F3620A6AF677591E43 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=35E8933D6207A9F3620A6AF677591E43 --renderer-client-id=2 --mojo-platform-channel-handle=1668 --allow-no-sandbox-job /prefetch:14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6FD7AEBD204C8B14B508717460F44B75 --mojo-platform-channel-handle=1796 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6802F27C812A6E19B228A68CBAFA06F3 --mojo-platform-channel-handle=2396 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=EF2C7D4B0439ACFFA169C73D338D879B --mojo-platform-channel-handle=2024 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0573FAC77FCEB1425C4A072E6BEF1354 --mojo-platform-channel-handle=1800 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\BUG32.md"2⤵
- Checks processor information in registry
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6928 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\MrsMajor.md"2⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140433⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=43D57918781C2D37C1E3E9583E15C572 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=90EC6EBBD9A3F49B812BB2E3EF5A4DBA --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=90EC6EBBD9A3F49B812BB2E3EF5A4DBA --renderer-client-id=2 --mojo-platform-channel-handle=1732 --allow-no-sandbox-job /prefetch:14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8656B47BF98D81EAC2F95F65D61A2C4E --mojo-platform-channel-handle=2368 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0161D8FECABDFBA3680B77550AA5233A --mojo-platform-channel-handle=2492 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3A79E059FE43BF7066A97B59EF2F5BD5 --mojo-platform-channel-handle=2508 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\MrsMajor.md"2⤵
- Checks processor information in registry
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6988 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6524 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1680 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7184 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7332 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5404 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6064 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1780 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7308 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\avast-englishversion.vbs"2⤵
-
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\avast-englishversion.vbs"2⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1716 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\kozalocker-englishversion (GoatLocker).bat" "2⤵
-
C:\Windows\system32\taskkill.exetaskkill /f /im explorer.exe3⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5000 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6216 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7044 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6340 /prefetch:82⤵
-
-
C:\Users\Admin\Downloads\DELmE's Batch Virus Generator v 2.0.exe"C:\Users\Admin\Downloads\DELmE's Batch Virus Generator v 2.0.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
-
-
C:\Users\Admin\Downloads\DELmE's Batch Virus Generator v 2.0.exe"C:\Users\Admin\Downloads\DELmE's Batch Virus Generator v 2.0.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3336 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6720 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5856 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7136677044265853502,8798139454498850069,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\MLG.md"2⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140433⤵
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=FBB10F6989A82C622FCCF472A06C3FB0 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=8F6A3CA4AF03EAF849DD7A013701E9F6 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=8F6A3CA4AF03EAF849DD7A013701E9F6 --renderer-client-id=2 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job /prefetch:14⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=33E4D998559D6D8909BA01E5C83BFB50 --mojo-platform-channel-handle=2320 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=62FAF29D1A8A7E2A7B64AAF580E3F496 --mojo-platform-channel-handle=1928 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=38C42D02671B42029D0101A00C4D9F08 --mojo-platform-channel-handle=2112 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:24⤵
-
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\avast-englishversion.vbs"1⤵
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\avast-englishversion.vbs"1⤵
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\avast-englishversion.vbs"1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding1⤵
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Temp1_Covid29 Ransomware.zip\TrojanRansomCovid29.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_Covid29 Ransomware.zip\TrojanRansomCovid29.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\7D12.tmp\TrojanRansomCovid29.bat" "3⤵
- Checks computer location settings
- Modifies registry class
-
C:\Windows\SysWOW64\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\7D12.tmp\fakeerror.vbs"4⤵
-
-
C:\Windows\SysWOW64\PING.EXEping localhost -n 24⤵
- Runs ping.exe
-
-
C:\Windows\SysWOW64\reg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f4⤵
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v HideFastUserSwitching /t REG_DWORD /d 1 /f4⤵
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableChangePassword /t REG_DWORD /d 1 /f4⤵
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableLockWorkstation /t REG_DWORD /d 1 /f4⤵
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoLogoff /t REG_DWORD /d 1 /f4⤵
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f4⤵
- UAC bypass
- Modifies registry key
-
-
C:\Windows\SysWOW64\reg.exereg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f4⤵
- UAC bypass
- Modifies registry key
-
-
C:\Users\Admin\AppData\Local\Temp\7D12.tmp\mbr.exembr.exe4⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
-
-
C:\Users\Admin\AppData\Local\Temp\7D12.tmp\Cov29Cry.exeCov29Cry.exe4⤵
- Checks computer location settings
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Roaming\svchost.exe"C:\Users\Admin\AppData\Roaming\svchost.exe"5⤵
- Checks computer location settings
- Drops startup file
- Executes dropped EXE
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /all /quiet & wmic shadowcopy delete6⤵
-
C:\Windows\system32\vssadmin.exevssadmin delete shadows /all /quiet7⤵
- Interacts with shadow copies
-
-
C:\Windows\System32\Wbem\WMIC.exewmic shadowcopy delete7⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /C bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no6⤵
-
C:\Windows\system32\bcdedit.exebcdedit /set {default} bootstatuspolicy ignoreallfailures7⤵
- Modifies boot configuration data using bcdedit
-
-
C:\Windows\system32\bcdedit.exebcdedit /set {default} recoveryenabled no7⤵
- Modifies boot configuration data using bcdedit
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /C wbadmin delete catalog -quiet6⤵
-
C:\Windows\system32\wbadmin.exewbadmin delete catalog -quiet7⤵
- Deletes backup catalog
-
-
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\covid29-is-here.txt6⤵
-
-
-
-
C:\Windows\SysWOW64\shutdown.exeshutdown /r /t 300 /c "5 minutes to pay until you lose your data and system forever"4⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SysWOW64\PING.EXEping localhost -n 94⤵
- Runs ping.exe
-
-
C:\Windows\SysWOW64\taskkill.exetaskkill /f /im explorer.exe4⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\7D12.tmp\Cov29LockScreen.exeCov29LockScreen.exe4⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
-
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\wbengine.exe"C:\Windows\system32\wbengine.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\vdsldr.exeC:\Windows\System32\vdsldr.exe -Embedding1⤵
-
C:\Windows\System32\vds.exeC:\Windows\System32\vds.exe1⤵
- Checks SCSI registry key(s)
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Temp1_MS 0735.6+7421.zip\MS 0735.6+7421.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_MS 0735.6+7421.zip\MS 0735.6+7421.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Temp1_GDI-Trojan.Win32.Lixo-by-ArTicZera-main.zip\GDI-Trojan.Win32.Lixo-by-ArTicZera-main\Lixo.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_GDI-Trojan.Win32.Lixo-by-ArTicZera-main.zip\GDI-Trojan.Win32.Lixo-by-ArTicZera-main\Lixo.exe"2⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- Modifies Internet Explorer start page
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4572 -s 10803⤵
- Program crash
-
-
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4a8 0x4a41⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 4572 -ip 45721⤵
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Local\Temp\Temp1_Sigma.zip\Sigma.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_Sigma.zip\Sigma.exe"2⤵
- Disables RegEdit via registry modification
- Checks computer location settings
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
-
C:\Windows\SysWOW64\appidtel.exe"C:\Windows\System32\appidtel.exe"3⤵
-
-
C:\Windows\SysWOW64\ARP.EXE"C:\Windows\System32\ARP.EXE"3⤵
-
-
C:\Windows\SysWOW64\at.exe"C:\Windows\System32\at.exe"3⤵
-
-
C:\Windows\SysWOW64\AtBroker.exe"C:\Windows\System32\AtBroker.exe"3⤵
-
-
C:\Windows\SysWOW64\attrib.exe"C:\Windows\System32\attrib.exe"3⤵
- Views/modifies file attributes
-
-
C:\Windows\SysWOW64\auditpol.exe"C:\Windows\System32\auditpol.exe"3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SysWOW64\autochk.exe"C:\Windows\System32\autochk.exe"3⤵
-
-
C:\Windows\SysWOW64\autoconv.exe"C:\Windows\System32\autoconv.exe"3⤵
-
-
C:\Windows\SysWOW64\autofmt.exe"C:\Windows\System32\autofmt.exe"3⤵
-
-
C:\Windows\SysWOW64\backgroundTaskHost.exe"C:\Windows\System32\backgroundTaskHost.exe"3⤵
-
-
C:\Windows\SysWOW64\BackgroundTransferHost.exe"C:\Windows\System32\BackgroundTransferHost.exe"3⤵
-
-
C:\Windows\SysWOW64\bitsadmin.exe"C:\Windows\System32\bitsadmin.exe"3⤵
-
-
C:\Windows\SysWOW64\bootcfg.exe"C:\Windows\System32\bootcfg.exe"3⤵
- Checks processor information in registry
-
-
C:\Windows\SysWOW64\bthudtask.exe"C:\Windows\System32\bthudtask.exe"3⤵
-
-
C:\Windows\SysWOW64\ByteCodeGenerator.exe"C:\Windows\System32\ByteCodeGenerator.exe"3⤵
-
-
C:\Windows\SysWOW64\cacls.exe"C:\Windows\System32\cacls.exe"3⤵
-
-
C:\Windows\SysWOW64\calc.exe"C:\Windows\System32\calc.exe"3⤵
-
-
C:\Windows\SysWOW64\CameraSettingsUIHost.exe"C:\Windows\System32\CameraSettingsUIHost.exe"3⤵
-
-
C:\Windows\SysWOW64\CertEnrollCtrl.exe"C:\Windows\System32\CertEnrollCtrl.exe"3⤵
-
-
C:\Windows\SysWOW64\certreq.exe"C:\Windows\System32\certreq.exe"3⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
-
C:\Windows\SysWOW64\certutil.exe"C:\Windows\System32\certutil.exe"3⤵
- Manipulates Digital Signatures
-
-
C:\Windows\SysWOW64\charmap.exe"C:\Windows\System32\charmap.exe"3⤵
-
-
C:\Windows\SysWOW64\CheckNetIsolation.exe"C:\Windows\System32\CheckNetIsolation.exe"3⤵
-
-
C:\Windows\SysWOW64\chkdsk.exe"C:\Windows\System32\chkdsk.exe"3⤵
- Enumerates system info in registry
-
-
C:\Windows\SysWOW64\chkntfs.exe"C:\Windows\System32\chkntfs.exe"3⤵
- Enumerates system info in registry
-
-
C:\Windows\SysWOW64\choice.exe"C:\Windows\System32\choice.exe"3⤵
-
-
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x4 /state0:0xa385e855 /state1:0x41c64e6d1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
1Accessibility Features
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Accessibility Features
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Direct Volume Access
1Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
1Disable or Modify Tools
1Indicator Removal
3File Deletion
3Modify Registry
5Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
264KB
MD5d640010b4904a8340a3f1abbd3e023fb
SHA1261077c4efdff7c7feea6bc05943ad4e73893189
SHA256e38744925727fc00bfc0484009170a66802bf1aac3d0d49ddc2176adbfae148e
SHA512f35db40a76b11a74d97eb766f9ab00b7b711408ae3eef1a45f115d1adff91e5bfb692139e2947a9ff1e23c35b4794b7aedd6b64fe1608dbbf62d562f7d94f137
-
Filesize
264KB
MD51c9fda4ca6e16cf4866921748e52c7b5
SHA1c7490391e536865145b0101b1d6922175da2f6d5
SHA2561fe81a8295859cb8942409d7f7aca20cca3c35c0ee6a26ff14bb50e68ab4b989
SHA512a7817e015ae738716305bf02fcd834a46e2933c118d2c91ad7bcaf5174dc4015524b233aa13cf00d7d8de12d7752ff236694b37150fc00bd6a637f6f10f862c3
-
Filesize
264KB
MD56b36cf4eadec8eb80fd9e34d87733f4c
SHA1f268bf1fa91777a8d734edab40c9a1a8acdeb596
SHA2561e51c728092a6f993fc087f5b6327069b184c8aad78d7be28be822357b38606b
SHA512be0c08a3b5f4f26ae8bd10d13d5e33d0ca6af7283ea28c45cbcc4c955fff93b52fd7da7646b57b2faa3d42e19925a63dacb828f0e60144e53ab1a7f0b15e70e1
-
Filesize
289B
MD5911d1b3697449e072e1b24edb945ce31
SHA1d51c5bb1aa9d2b4a6f48f312704a1625e68df1fe
SHA256e09923c4cda87aa932ad2ce18cac3f66c87e942bce1f642d56d4403b0e563a24
SHA512b6ca817f2a9761fa7e3dbe5c2daeb1bf5c93700670cc38ba7a971e7d92097f5f3cba0390247457cd6ea24f220783b999321ebd5b8708e38458f7e13fe92fdd4c
-
Filesize
292B
MD5651cf68c0b644f728ed64aabfc3ee4a9
SHA176844c135f8f7847af955ce5edfa45a81b6d6c82
SHA25633bca1977b3be8ce3fdf6c9a40816cb8e1e1a2b686e798f76bb0aeb29034a5d4
SHA5129f84c76151fafbb273609a9e87cbf63165bb390223f9f4a79600e6dfc7f7dec126aec563a817a8a610aed461fa615cdf0628fbddced2877099a9d438cc5a2daf
-
Filesize
128KB
MD51796ebf4d5fafcc657e884fa07309ede
SHA1cdeaada58750308a1d0dcdc068afc47e381c6aee
SHA256321a669f0e9d161373ca7f6711626b0eef91975ee4da1627ac9fcee05345cac9
SHA512b1072b40b497457ba65fccab6038f187de368475b7e5a369f53d477484f6abac6499e3dd44106403d8c07c0bbf3d0f05b4c31d78cfa2a3066c2acf237f8197af
-
Filesize
536B
MD5b876031eb6d74e3e15b7ea1fbe3ffac1
SHA113bca3b42680aa2ff641cdd663fd722136d2e861
SHA25668d1e50fc58f8d77f53b64b7ae5fb3cacb9fb78d4b31ed80dabfc6f438d2c351
SHA51295443c10178078012aa8b4ecb5e85d455006342b20751a9f2c1222d80f35a338b59fbf074104f17a6a5d90ddcf8b129f6ef475366189fcca9220bb41783f1a4f
-
Filesize
97KB
MD5700e7d6f9cfc26cea4d04f65f02b3452
SHA1e5580200e54edb7cd4f7c5daada5c031434cf334
SHA256c3d8aef5d450a90e4a51335532c977515e589143be772697e666c8c9f4ab0c0e
SHA5121cafa5bab9838052312d8a6ced7d9baa4f28ef77d48681ada4dedf29400d235b51e187a1f207cfd8e008ee6274156cb7ef2821fdf7cbcc65d697ff4f469d7a82
-
Filesize
9KB
MD5d92be63e0b074119484fc058e639dc3d
SHA16e25e73ff12e65100ec998bca37dac0abea6cfe3
SHA2567e34b5b8ffa1099ddeabb0af1804b2861c45627fa1bcf22bdeb37d78d16eee10
SHA512bd9a84030eb6e9efab9b5b68941bfb88e6ec38ce304938fb32a97fcea6de11d323c6d4c2b187cfb36b76e8de76dab2e01a796443479b908cd93d7faf61fb800c
-
Filesize
157KB
MD53da54b6ffa2d854603bbf4e214f17d72
SHA1ea6111317887bd4d67025886a9acec14aa1a9407
SHA2566532910bd09e0893caa81cd3217a65890f2799b506c871b3a5d698473ae7e3f9
SHA51241cd01658887682a3afa3c8f7e15caec9874f0e5a87ef93e5a56ebd97ee87b531a9e899fcffb3f82a0a01563eac207a9938e2eecb87d805263b4a3d1ff79e784
-
Filesize
157KB
MD54df7e5b90aa0b3029912588820b3a03c
SHA1ad9b6b25fb5e430e5921fe568f6ac953df3a1283
SHA256667d1e517d6421155470655daff0336a6bebd96c901f2da7c74548720dea2a49
SHA512faa2b7926c556a420ae155d23c0beadeb43f5ae02fa35d68011a53500b1c2776c9ff95617efb32532cd1b9d63903c9569d682ce278a5642437b43cad0d397987
-
Filesize
12KB
MD52c61a191a329f2574ed99fa59234bf55
SHA14eed6a102c95e15257e14e2f4de7e841c7e80a5d
SHA256e680a0ac3334edd63a5c994d4e95648651ccc0ab76f3f5cac5eb42ac361bf929
SHA51257eb2277d2d50ca3aa84cf5d5185223afa2d7306894c2c4e85a3446576fff404eaae2cfc4fac434c6511aea7b46477b1efe4c2cd673088af41b39c0761e658c0
-
Filesize
39KB
MD5de6b28c3b7012e0de074b2b958f2570e
SHA1e1991028f2f8cebb4d8d8a45fdc2c95bb6d5fad3
SHA2564d047df0cfd44e385f6c21507eacbaef60113eb2dab72f391313f1d779a78468
SHA512a666c7648c3ed36a231889c2370b1a37f4c05410cf96c5aa3b273526fe45e6cecc82753ead1b78beac7043a25dfb823a95a5955da7e25d3eb213dac497f8b1da
-
Filesize
39KB
MD5885768618884757a5f46b4619e0d33dc
SHA19eed706694da4aeacadbeebce9c6936a5114514d
SHA25671bd44287419560891f74105a4b68115663651e7f2023ef882f8725f2a58f3aa
SHA512088df4c6d1a82978a4dc23b80538b35e4870bb96b7eec6d52bf51cabb55845129ebac108d9144fb82bae765f9f582ae379c7de348b40d552bc3c1f782919b1bf
-
Filesize
152B
MD5477462b6ad8eaaf8d38f5e3a4daf17b0
SHA186174e670c44767c08a39cc2a53c09c318326201
SHA256e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d
SHA512a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e
-
Filesize
152B
MD5b704c9ca0493bd4548ac9c69dc4a4f27
SHA1a3e5e54e630dabe55ca18a798d9f5681e0620ba7
SHA2562ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411
SHA51269c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32
-
Filesize
4KB
MD54842a6b39fec93bc65191274820ba412
SHA1c88ab1a4696cdce30447ab17de8ce795bd29db4f
SHA256ae3168a0cf49200b9e33907cfd7d62d0e6e0fb7913e6f6422c144a92e555ba7b
SHA512bdb680315b4b82ee87f100cb5966f21a910654b2d2df09ba134e7661fbd327c01460fe3edc6f25c458ef9ff0e93b0fcdc0184c051a330c22dc173107da0b042a
-
Filesize
24KB
MD587c2b09a983584b04a63f3ff44064d64
SHA18796d5ef1ad1196309ef582cecef3ab95db27043
SHA256d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067
-
Filesize
70KB
MD5c71e661f482d2a7bfc565060281b324f
SHA14f66536e4d59091e4ce33e84207965c51330ecbb
SHA25660edc95aa4f8233ce27dd1b122a78632a0b9aa5be0f183b27a08dd9fc58a4932
SHA5127bf62c927d45ba24d1465977e8d741b2aba4faee95f7d3767fbbd781c62b3c6bc97e1fb9f525d43f3c77202ae6f8904f3389c3ffc84c306c43be876ce4a180c3
-
Filesize
352KB
MD59518a5fbff2ea2c7eec7a4320c9a06b6
SHA14a7733b97c30f0829563ca48d8feefc4cf10e819
SHA256365efabbd032f178ecc66723543af28308757534c5eff14cc1634cf29b5835a1
SHA512c3b13039c16d299453ddfc989a99fc129466baf7447852fe0525ee08a47a37ff7789632a127e324f64fc4a3f2cb6970271ec255960864fca7e51318536609952
-
Filesize
106KB
MD5609130b4a8a71bed6310bcb3db155b6d
SHA1639f14b814da4166e36b08612636652b05db9d92
SHA2568cd71f142df605d3fe4f60451e9fa856a69db259d0905f510709aa3f4cf5d76b
SHA51299461a47f063892e708e34df4b0753eaae2fcd6b9b2680b96192cff714dbd8057bc8017d68ca62527ba5317a64cc63c8c6e0ef2bda90ba22a1127f297cd88d93
-
Filesize
105KB
MD5b2d384c8292ec850cf4646d6b295d17c
SHA1d27a44d77659fbfaf2fc92fbf4fdc1672c014a8b
SHA2561e41e8bb549e6a3a4c0ed46397e9c6971d6382456c726692d107e8d2dddd4fee
SHA5122e1670055c13f3234a418f120e97c2e05f87976c011347eaaa3d8678fde833106a9ce2ac0442f0a982984467860652532d766a3fc9bc386edf889d6340a117ff
-
Filesize
156KB
MD5677d9c8fc852104fdeb5eece3cc6f504
SHA1ba5027dda0fdf2559e274e6124ddd3b82bc30437
SHA2565d2094f5acc56fed35c37d0a748ef5f467c9e31f0d86dbb46cef46489ba92327
SHA5121a578ec149be1f25b7e825397a38f7b3a9c56a0963b2330d3a24129140786a7282e494e6691faf09c37af42dc2ca01c80252f41a2a7105b25e4e8fbcc31b5234
-
Filesize
16KB
MD5782c27ffc28e8c176cc4389976a562be
SHA17577fe5760ea89fd3231c8dd104a34ad357672df
SHA256792b56e8bfbf9f08266820658dbb67acfd622317c6457951e1465ad333dbb56d
SHA512b299bb3c24030743adbaed3cab7919b0dbe6ed9cab9d84158d888a7d19ce2ac335f413b461f89be1f63c84d90d24ec2646a2e25ed0a0c74e7d70dd20f0e469fa
-
Filesize
35KB
MD595457bd657bd9a47921e4603268bc0bc
SHA163a2befa3c8c76d5f36d27b578093160dad72bd1
SHA256d43ff91df15cd7c3c8a881cbec7f7b742fd86390190f919188a5cede7917587a
SHA512b68e7f25ef26adfbd30108882ec6c99b9613eaa74536c08d31cc5809dfda4dbb8847ca2192e40e8958eb537d5b0654ba831838f9beb646002f6523b21eaa9f3b
-
Filesize
25KB
MD517fba2da693dca50d5654776f28e1731
SHA11a5d4fa00d30e7140becc2d916520e87c8e03c1f
SHA256f1db9851128081566a676107f61bdd135d55e725b81a551272b8d3c809a94ad7
SHA512cc04489f11cf2d97b5ee73f0ed88234b1681cf0de11ee809fe928d9361d336d9d72b76ee3d7db5add45e4ef2f5edd696a9ce6c97a34b64be2fc420493615e3a7
-
Filesize
253KB
MD5f49110329f18f4e694521dc01ce53eda
SHA133b6daac653ee74526f84615b3d6bd4be5cca87c
SHA256fa993a91620c8b490aee9b90f61ff59106f6048bbae760b831eded74a0fbac8a
SHA51233e43b09c501ab0cc9c53d5f3ce2b7b92f15c47f43ccf4146f121157bf8518935f2dfbfc06e04c6f7a790da1b6b0be91397db9b2729e33932293404829aac88c
-
Filesize
47KB
MD5127b7a9f7009939d0ae5dd1a48386985
SHA1f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac
SHA2569d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962
SHA512b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287
-
Filesize
19KB
MD5f1835bee43eb0d3d612f66e06ff4bda5
SHA1d3cfde687ff861ffe9e5eab708dafea3374eaf3b
SHA256150991463676ba1d0dfc77e7dc1cf9820264e52aeb620558aff0cdf9ff1e1914
SHA512499051a8b1e65ff71e27547b4ede86b8b7d96c2b43843aa44f899d32b578d4e6d5e6838201cd39218eb1720af29b5f641dde386ab81cfd948c6e28f1ff9bb885
-
Filesize
97KB
MD5f03b625b41e6669d63dd48c535134432
SHA1d09c27990544a1694e0541ecccd0d7095d8af953
SHA256827f422d8f2a5181e9f316c0b7e076a45d72367c47d8b765d4e811fc75e4fa40
SHA512d34528736eb3767d8b0a9fcc533cbaf5d87cbd0726a2e251934dd3253070848df9e3e2e1b1b54a6b1e967383b8d289bcf31cf1a9ed0b11a7f7a335dcb1592f25
-
Filesize
164KB
MD5ad7d9126b4711f5a6b10a8d3425c1dcd
SHA1575bb66604aad364dac5e2ef00457a5f739011a4
SHA25651445a7292a38d4a9ce7d26855590f8e71fdf2dfffd18dee5c6f5dbe31317003
SHA512fc41f141b1b92f548451afbbf0bbd3e033428f8a112bc272ec8262f0dec5cffab4914c8382d226b3022ddc0bd18af7e0d37c464295e4ed05f6b9deb4266118ba
-
Filesize
809KB
MD54e0fd939c1a363d23ccae3d7929df599
SHA1599ce43eebeb61aa36c08116ba84fcc81ea499aa
SHA25633f2573ae756a04677c62a4a3953160c169226145256d90b0443f0074fe2522d
SHA5127e269353327b150346b4601a92ff91f6ebfce2004b62f03ed55f977b9ce9a520ede65940eadb85b007e0a6778c7af48d4cf38c028c168e8962cb56388ceeb2f3
-
Filesize
42KB
MD54bdabc799a50f4cb28e7bb018a885ff0
SHA1adc1c1086d5a92af7d570ee2ce8ad497be92b78a
SHA2564813cbd8e1d728cf79a458ddd0fbe693967197a02d8b44b36a63c9001916a7f2
SHA5125716d45c33a640e20c4a0d59b3ca3d559c645b28dd9eadfd7ae619e328966d42201700e21ea7f3beea186a027fea5a25b45d9eb443cb5bac3e106ba36daa3c7f
-
Filesize
209KB
MD573114278e36c204bb6b54586df76114f
SHA18598259fbf0297acfa57c3d3fc2552cd542d17db
SHA25691b29b52846728e2b8c308bdf1dc681223aaff0f0ea63b6860a6688975ca1fcd
SHA512fab484f8693bb4c91d0586c17eef85dadbaf8219b38f33f6b7d6bd439b1109d6579c484bc137a45853cc809f039325fd217b6bfea72fb0ab6b5ed0db0c5ac886
-
Filesize
32KB
MD5d2fa74eca9d32a4d2e972aac6374e508
SHA144d505f520ec8840633b7ec0534a98a135f0c261
SHA256ef08e7461ad13377993a74ae88ea9afcac9d54c3051fc9291cdc1df89ff339ef
SHA512a6c545da622f610d174431ef09cd466834bf47c14fd9cfa6571a4207452844a161958adf6c30370facae99a446fb7d0a33ef0d6745024430c9c977043ab00f47
-
Filesize
162KB
MD5656abcd278e8ccb670d731ab234f36fb
SHA17890827918667198da32ef043bde58935df636c2
SHA256a00c214b105544b2f6cfd7406d5471383e41cb12b2239195a39ff20308800a47
SHA512c68cda33ae76525b2ae541691dd3ed17e1d7d8a164c4ece93aedf3d942ae19fbcd3b150558f877b65c6e8f7c584b39ac8fc2cf4905ab60a8ff758a0377c452de
-
Filesize
26KB
MD5086122a4bfb7a51510e3f0f0358446c2
SHA1409d7940193c0a6201fb28376f9ca1ec4e09d979
SHA2563c982a4b7283f4a728760190c40feaef16cceafab2f04f372c7848ff1b65c270
SHA5121db1eb3cc8fa2fea162297b95d6f9d5fff99d2ddecb2e5a70eee014585f6c51550816dff2b295aa268e7040c5414c89c6c7d45f0c924a612dd98ff4e7974c309
-
Filesize
73KB
MD5cb09153ae0f969ef30c093fa4a934581
SHA1bf864742df735c295b0e060bf4353f6c523141c5
SHA256ee3546de764dfdf26e685a60249a7e1a52ea071fd7f433fff5cfbddbabccb553
SHA512f03f272302643ab3d3cfcca02047c0182f3f30ef1aa269212ed7c40523a380fbd6e88c0a3cd1270a41c0360269b1756ddfb6ebed551325f78db676fbc2d52d08
-
Filesize
51KB
MD56351ed39b222eb879b007399ba302bb4
SHA1dd337a61210f5b131aeafa82877ec326d66aa0d9
SHA256d2d9005faab30f8724eb2b0f270168501d38a65860c012061c4b4e34d1406ba2
SHA512c58e87382315a61ff8d8c8023eb47aa794e7f2ddf803e83e2e45dab83cd1cf58288e5ed2ee9a5047876bf31388f5e4536831659bc454c130496df75015dac384
-
Filesize
51KB
MD5bcd709bd87ba943a1658a8fb588450fe
SHA157599251ba1c27016a5d5d937f6b549efe2cdec1
SHA256d86116737e093cd6373383a75a576e72ca616d5050dc1980bf4305e4a24e4c9a
SHA51271ce6c566b58c88c9bf853cc5bb27fb0b518c477ab806039d0bc6fd9b038e4df95a6050a4b9051d45c004f6b998f723fc97ed5235aaf766b6ac3b3137a0663b3
-
Filesize
103KB
MD54b4ca8541bd16c226334c7f9d69e38d2
SHA1b9d3ecc23a290fd0d30d8696448c0a836ad9097e
SHA256d6332781e45dbdda8cda2167703fda5e5016b8c37d87d91a9bd9d665053eb1d8
SHA5126c4bd496022248df4ed6e90b27ed6690a5e7e1183fad9f2c65aa61ebb964f755eee2ab775072ee89f9d7ceeb0bb7eaf294661b6cef3def935f79ea844e089884
-
Filesize
143KB
MD50564b5a8e203ba80cf092aa8dfb3cd06
SHA17201078c0b8cb3e32e39ae5f1f448074fe6afa37
SHA2563cfda5ff454bd3d2bca33510f3cccb30ba40aed6e0e9c41c754466ff6ca7f15c
SHA51286cde72670f99c98ee49613cb75eb8048ed3485b8f55b629dde25777670fd076d6eaecd1d866531a060f0e7d907028b17eefbc35f2ddfcf2c73d409dcb3965cc
-
Filesize
62KB
MD51721006aa7e52dafddd68998f1ca9ac0
SHA1884e3081a1227cd1ed4ec63fb0a98bec572165ba
SHA256c16e012546b3d1ef206a1ecbbb7bf8b5dfd0c13cfeb3bdc8af8c11eaa9da8b84
SHA512ff7bfd489dc8c5001eea8f823e5ec7abf134e8ad52ee9544a8f4c20800cb67a724ec157ca8f4c434a94262a8e07c3452b6ad994510b2b9118c78e2f53d75a493
-
Filesize
20KB
MD5baa80a18dd87df5735d95654441feed0
SHA1e600bd34f9822eacbe76dccac24d70178a839d2c
SHA256cd12b1ca0960d19a282b891a804a3c21729d00ef26ea23b674e908465d4a691a
SHA512ba381c34f3be056d6d44debc209d97921c2bdd8e3af66a8a899e4ba2b67d163395789e32aae31ee80c7d0d0c35685c01d1e734ebcb7645ffa54a72f0729adab2
-
Filesize
19KB
MD59db75af2ae54430b2c88c452b4d66505
SHA1805a267ffe69bc89075066761742682e32461a47
SHA256921262b9d71dc673eed53926026576bdfd85b2f3192e12ec3931de84d48a8b33
SHA512bacaa8f5afdca197f3642bb4f673321a6448c5e6c10cd10624cd214b3c0a0e8976d542efa2c9724360cfa7116f129b4f6a456dc3ed718cb8d75632ab55c89a44
-
Filesize
32KB
MD578265e63dade6a61ea63da207127601d
SHA1e1c784bd3816eceecc980927be1bc45a27810e0d
SHA2566295fef9acda056d703f91cfcf9525fee1aa4e5411dec4da22651d7a4ab98262
SHA5127671c1ba32bae370e4a6f18c68de20974979a38a481bfa9aa9c43690079fdf1a379367dec2c93198e9916681797143c8c9194db8c27a85f6e036089c17b6df68
-
Filesize
3KB
MD56f632b2ec4e0409b4daa23a0843b29fa
SHA175ed4e7c8db8744315f3855e88ead1a153e3c6a5
SHA2561918c5f401cf1deb38beddd8ef62b5ba3ab7a928836c1799bef09dca74507a37
SHA51297dc378710da4a9dea677e48f7728f9d810a0c70fc07da4bf83d5480fefdee9634d8142ab9e6971b0353dc651bad8fdfb65a93820032289514e8c223724bc286
-
Filesize
229KB
MD55457bcc699921ff4218ec7e319eba1f2
SHA1956fb4241de8851d48c6e7dbe6eeaf6f92f762d4
SHA256ad8d9e5144fac37fab76ec5d6fc9df03770ef9a313cedf2e6d38df7e9c089479
SHA5128b150b6c61d8eaee0196a4eafce6e05086c62c0bce22ede70c84680a10fcda4a3575fb977fc778f2002ed62bd6b858063544be29753d5859955f63b2afb7f585
-
Filesize
291B
MD530059794f39c7445cadf33630638917e
SHA17459901bfdba30c60fe983310057a4f25ef76196
SHA2563abb04348eb75f46f31a3a1192c1f9b9c63763a1e6e56511a04f9c04282e0744
SHA512e534b68e786bc8555e9c547f01092153347ffb85219304523a3df4ac3582f05de2f01f250d8724c89c3f9822f67af7c4f86ad463cee1fcca3ecfa08b7ea32f09
-
Filesize
7KB
MD5b7eaf8f63d8b6101520a152d02b139da
SHA1d59700ba8dac87874a3d8130aa70756b86ac0fe5
SHA2568a7a857e7283169653f1f112d43518979cbd366877cdd632646ff7d9983591f1
SHA5124b35256e0793c114ab7ffea97980ecc69467662dbec55a3a0827ea51033ddcc31c850bab3e2bc06fdd5e4893ea47fdb7114d5566984920e79916d8724bd16002
-
Filesize
227KB
MD52d27ee0aba4b8c10aea557dcf4502f20
SHA1ac0c0abb0a1704a10b0e4de07dbafe4b3e47e450
SHA25622854f750196aa907eabea8052b83a672e6a33ee7f9233f4a19acb5354921aa7
SHA512b15b64dc987230c347f617b10fe121b4a9a3d158fbb464e2586f19d2e121a6206c740b646f1ad0058c8d1bcc53b9f802742f57e317a7a8a48beab6fb269302e2
-
Filesize
1.4MB
MD54a4983a36026dc83e812a3bf435aad79
SHA1947968ee82b55326059567268410bb2a65f5c8ec
SHA256e4a70329f952eca33e3a2fbaa3576a866a0496b2b6d0e8fabd218401dbc37d6d
SHA51298db4c2d25988f39306a7e5fcfd6202a067a97102bf8e8aa9ef84d21d6c539f433a853b434b9fb6243d2f87b5ec7fce9bf3c7dd147813d3aba1ea5e9cc16eeca
-
Filesize
279B
MD5ec34ef221291aa3d3cf90253344aed62
SHA1ff2224fe7059ee1ebf8157b92978c45e6b67ab84
SHA2565f999e3bffe8a23e7f803e11a197360cb374b123a6d92c573a0d67cf7b9b0318
SHA512e83198d105cd83e4a8805af405d202e5eaf9364106b03dde8bb54fde37427b3adabbb8127ec9944dfe607568906ae6ac32845d2258bfb7755ebc7cf84dbeafc8
-
Filesize
281B
MD563b6829919c4696da60497ccf2306017
SHA118ba97cf9b2796fee8d81663ca1104025c827745
SHA256362921074e6b115c14233a749909c10d09cc1fe89d75a5939ad6aaffff18dee1
SHA51238ff8d426df5b8fb8c5512025c2d204e83ee648bce2cbfe5c46fa4caeb80754e0e5f3b6fe68f040e69f5ea81c1a0cc587ef4f6e369ed7fbdedaef79c4f3490af
-
Filesize
74KB
MD5f9301e6bcab137c670b3cbe19ff209ae
SHA18e4601870a0647fdf93783896a9d23cc2f7940f4
SHA256f89a560a56c5a761602e4b9d6aded61c147487796bc0abaf8c6e8497a1fa0d02
SHA5122bbef3b73c2406a09dde169e44108882b79e870f09506f4b7409a7da7ddc0db1315519009f76fe5872184c99e45ae311beb2b413ca025f02863b65c04b90a601
-
Filesize
347B
MD53501e373e41e729769edbedf8abd7dac
SHA13202248d9ae5312fe9cd53b471ddfe1079cc2dbc
SHA2569c8065f324a3f0b341627c667a6640d7f78e2ea7b7b3c77e7d6595a2cd0da683
SHA512a848e44adb548b02923bb7fda01b33d2a443da6aefe4de85258b7abfc686b799337edf4e33604b5de0af297c53ac703d20d89a8a31898ba5f1493fb71ec8d3e5
-
Filesize
2KB
MD5923b0c857235889ee63c8faf9b981622
SHA1ee2213f9b3836209a6f104d9f9d1ecd558a6fbbe
SHA2568911985c5dc9c2ca8ba689a7db1902069eacaa06a0665a3d756d82a8d7c5d736
SHA512afaffc7f04c8969ec0ca23988155b7d9581a32d417b01031e6274d414877c3d86e2c705121a2044009fe0b346c47ad7ed45a3c44171d37e5d4634acf911c37e9
-
Filesize
1.3MB
MD597f3aa6788309c7c1fee7e12d41750c4
SHA1de9c53f9dfefc9faa289f5c24cf54b8bcc2cbbbe
SHA2560a8e9d63c543865bce41bbe94e3e02862a7f7d080877cf0f6c49f3658f801180
SHA512c45fc608d2e029964352e7dc3566a589c7c8ba0cfd7d89071d19b254aa51387a6685b2ab0e9bedf2df8f2a04924d7f164a90cf8d69af7006bc56d037fc2c4c1e
-
Filesize
29KB
MD51a7191b5a10db0b1a1717aa39154f65e
SHA15792a2a337a074f8ebfea2973784ea5712d3decc
SHA256c600b4733e009b5e1655454291d8c479e39c89f45773e31d745ab5e96bd70de2
SHA512d0db1107c0a5908c8b32843c46c2e0e31bf1e8fafc20645c54b0b361073588ddb20d5c2638688af59bc6b8a4af4cc39a67128e02762976b35ae9bd397cfa2c5a
-
Filesize
57KB
MD58b73ab4f96a87837a753a4cff97ce44e
SHA1195e6a444d6189dba15abd81ec1eb578db5801db
SHA25651ef783ce3652e2b45990bd60bf820adabef5551b1cf24375c2173a4b1ddd6fd
SHA512d34f56fa8ffa9fe266910e46e4607afa31d1491aed1c33c655ec6dbd0046bbbbf3f8f6ca3d476e30b63f6603fa993ed02a43eefa48d5598c4682f25610b49454
-
Filesize
7KB
MD5553a0a3baa550262dc8a91d5cec06040
SHA1f39b2715aebeea10f649aafa5df1a401c1a32a19
SHA2565df0dcda063a63812408b84b920ae6d79abf513342e200ba6b0f23efd5bdd137
SHA5124379ca0906104ae4f390a701e6aedd209823ec4ad4e62249b9d5f095bab1251015fcc105671f30a01f2461444648b9255a8c64d59c5852e1aa206cfaa0ac8b40
-
Filesize
552B
MD5952da8c10e8836eb5d4ee3a58e3ab3ec
SHA13b79ab299391c4ba1ee6d278bab89f818d58aa65
SHA2564ef19b1e0e9b64535f65b3d165cd65e304dcbfa8680ed80a0762dbff9a480642
SHA51221d3fb7849d7ff6a4f4aaa510fd9aa8b31b7c195e238cba2e1bed60691a8d55ad138d73d94a6f2c39b93bf6b5d3914f2ac49b10cceea6e1d6d19655b52bca384
-
Filesize
3KB
MD586f9f0722e17e364edaf7d5bc692ae35
SHA1debb7a435c4278ae7f6b083e264a7da1e4b4e236
SHA2560d937853bf6974ecd72f583097d68e403d7cf44d7c5deba15bad3ff004e65093
SHA5125a911b35dc097f0b7d02e126e52736359292b26bc5e3dda700a15d2ba44832cd8d8e97cd3a1869919a4585a5c319ec404859b75e7e7b19df7283fb3784bc5d14
-
Filesize
48KB
MD5c8f02f64f7f1789d10d43d73fff8be13
SHA1af1bd6c9549f229f42ca81c694d7cbd47c579d3e
SHA25642052cc2172b162a6278d826b54f335180d07c11b0eefd9f796efb4707b487e0
SHA512f928e11a7507895f79a0e488d0e8703c1eebb76e33ba30530c8360abdb96463c6e58143558fd0b2cca44eb87e664f0439a255a40af45b69e918890e2a11cb59c
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
388B
MD5fd029b581aa2c1774d4ad07560ec13c9
SHA12b12ab41182d53c718f2e8baecacb329169df182
SHA256908da661a85392d485dc5149310e222b94163f6f2db4192968bf272e5d71d64d
SHA512f45a53e1e3e57011058305958fbb7c16efed898c6388b20e783b5b5c63322fa0f14dd60250b103916fe8215999c3555c5e763566f3b6f140a0993d330a458fde
-
Filesize
391B
MD5acecd47462c8a9c783a12c885eed0639
SHA18a6ca9c015e000e1e501e420b963f5b2c40947b9
SHA256cc4224fe5e3fb3be38a888a076c996d6a131052a48d1343dd224dd101d9d4c7f
SHA512dd9125bc36e6d6dadc5f9547093c2685c769374a8a8d5507b08c13105d7b1530e6c80aafbda209e07df30ed5660983f79d91affc151441b359493a86d1dd3413
-
Filesize
394B
MD5dcc4187debd3e73766fa9c72240c373e
SHA1bafd3c00a49f65c56be1faa2a474fd88ef86f05d
SHA256e759fa55a00514e3d78f347b019f4b7349e2b11c77045764329307cd49bc790f
SHA5127171a18b523e75c8bcf582b29f19994f850e326cff43e6455711fcb3804bc270a56f09681a31c2e6bfa5a5dff6c56e15390eb6e4f3fad907fd925bc2ae44981c
-
Filesize
351B
MD5c29e1fcf30c9a4d71e88443805f2dd85
SHA1ec823aa1adb4a207877101cf1574a17ef332d155
SHA256bd528c407c413d0a5aa27026175390c9ab2818027d23cd62b4b426f185c55ab3
SHA5126c8cc46a0bb1ae875df188eb3b5e68837816e13e6f85b3494afbd38c288a380492588913cea2263fabf68de851b2f45c5bc55e10d8f09e6d09511c856dc32ebc
-
Filesize
23B
MD53fd11ff447c1ee23538dc4d9724427a3
SHA11335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA51210a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824
-
Filesize
2KB
MD5ee801dd4accfbb8173e3674516c0138e
SHA1877414b02c860493198790d2b0dd9335c3571da4
SHA2568807bfc8982d53fec22d78aa8db9e4d51bbe42e4558e08f4dee5d43632a49d19
SHA512d7200417825e5cfd510edf68acc3fa7bd038187bfb766bf95f54887dfb196bba0732bf61a1e143ac5c9e446c414264d300f85674d1e75b3b12faa00cc08691a5
-
Filesize
9KB
MD5b97314ad320ba71638201dee92a08922
SHA109d0e643a88dcee24c8b21dfaae80afebd970c26
SHA2565f4f38c8428247596df41da65278b84a69d31077052c6a03c384586df54f5b70
SHA51252b053b0ef9cc712b6799045a2d5c64647843ef7bfedc6698321c0f477afea8868a55e6029d9aa413bc7eab05221a721adcf08ab60179fe8a20d665e6d93e603
-
Filesize
3KB
MD5fc179afd5d4b6387f1cb7028dc341104
SHA14ed575282fb3b26de6eef7c7f0baa73c1c09a469
SHA256c5e46a1550fcb59cc7b1af6fa0e33474f4b47352cc596dabcdfd5f0dece2746d
SHA512c7b744d1f23297a43d316b969307ca3e6daa9c69d38b84677dcb5a87d717283f43d42eb78ab4325a5f3374c7893efb30b36d9b86ac56cb48e04ba4afd92af868
-
Filesize
3KB
MD5f415bf482a13d22dd7b15525eeb29790
SHA1c1fbc6c0a5dbfc54567409ba7bd244abd947793f
SHA256885f1b765ef176dd6237cdfcd6bdef0b6677e96a131241861737d97ded053e2e
SHA512dea2b22b706641c97f1c71dcc238e327cd835536a44a7d66e0d460f083305042baa40b9295cbd696308a6307033873018340081d55a294cb97a771936bd60bd3
-
Filesize
10KB
MD5b459a53dae63dff001b08d26abc913ba
SHA14e79ec1e14a1a50889af5185376f8834a921f115
SHA2565870959a3319ed0b378221bc1e18b2ec2e5277cc7291e806c49473a27a1361de
SHA512faec8518a2a005fff86f29a82f3de0550bcd582ddfecb6919da183771384a21c93f75d984e81fdfad982a7196d3786689cbbeec16624e4fb1ab16132038d9a3a
-
Filesize
9KB
MD5148241c5976df8ef42c797ac04f49cf8
SHA1dd33a5204df7c57047df6290640d950890a89c1c
SHA25695bcb9488c2af12d1c3aa30e075823b4dff4efeafa3db5dea641ca16286c08b8
SHA512a86152c95a506228522087e92c08dcad14a034de7637d35f8e6656dac2451b3d009936443e7edecab7281f9be5a30992a07f281c158fd1c8b2071529856d082b
-
Filesize
5KB
MD5ee85f1c30ccba97182625785bd14d45d
SHA1d6bf12015a754e21eb2f66264efe0e866f9007c0
SHA256abc2950cedd96e98b1c054cffbc43ef2754f2e1df87fccbc643943d41ee6aaf0
SHA512170b359ce27ab3f58b2854e8cba4e9ee0fa4eae1462552287862c89cde8dbde1e2172a1717e7b98a43b6dda3c9d0bae0d99d9192d333d29d11ca9108ff6a5a3d
-
Filesize
8KB
MD555707d59c151622b8b6f73b3ec748840
SHA1469dd2fb8ae0bf0a166b046831473f1e145da7f2
SHA25651604ae27b0f6d9adb2cf911128f2f5bc43e3f5f1ebf95b64c5d99a091bad96a
SHA51289deb5df97f040a372fb71a01edbf79592f0d349e153028b1dc7250f6b62e948d944fa173fb0678394fde45a91b5da0959c03207ef1b3adf8f1dc57136f2d3b3
-
Filesize
12KB
MD5fdf92250e0ffcf05eada6c320caa6c4d
SHA19c903b7594e6e0485265b7d62857584b858daa4f
SHA256c7814a49cbe941126c1a4ef78a23d54d07fae532614ad08be1cb54498125e6a4
SHA512bf95c4689fb1428c55b90ebab58a5d13f9ac0562b3ae6cb98b33cad4f70fef36b733d582ac545c53102af91035064abdb3c254004601c3bf4bec901b88e11a1b
-
Filesize
13KB
MD515c4a9ab4e51d3e5de8f404c93d574eb
SHA121181ecba4119d96294e548b8b3314bd23b84f75
SHA256370261701ea2995dfc508c5a6bac3a5ea6223156ea6df83b77543a4fa6ff6511
SHA51253526283d33497a0e4f82e0be0626a3db5613b575b94fca034c7ba4356be8ffc4ba486835fc970f945b6c3ae119d7b4a38654a468e3788be9df71560084246a5
-
Filesize
6KB
MD5f4904048a4aa6e3f3551f9bb5cd98a7b
SHA13069da5fde0e034abc25145b9c3206a26b101d6a
SHA256ccde2a638b4e9b48fed2cbc9aa91c1e8d0e5e56a1c77d5fe82ccf1b80fce4cd4
SHA51249305bcd7f2087c8ce3531b5ea4d8d68608e297268d029a0c6ecde6410a6fb1ceaf9082dc0329f3a9838a528cc9984f39975f4a0e9c6bbffd1ba02e2c33b43e8
-
Filesize
13KB
MD505e186a18cc5feddba88e9f599e8c3a9
SHA11351293cfb709c803619ef62fcab7feb532e8c39
SHA256a655681a3a71ade37668280d64433b4e1216eec1404160da514691b7a1e2cf4f
SHA5124c88d228e2975e89b524bc00ce2a9b86ccc48b6f03ae0a6b32965f5c344160d033e13c19897b22bc258e9b6c3ef8f768d2c64a39b3577d1b589fc576c734a4d0
-
Filesize
6KB
MD5c30fbfe4fae9312200c89b49bc108a34
SHA1546e692c5d3d213378bb357c8816c8bdd6f39268
SHA256188999739a3b41e2e18eb4e0c0c7c85001f5cadd1c7ec6b5ff04d2269d731368
SHA512f76a16c1ccd4af012ad2894e107adab98d5df23eb75eadee68fb4fd0497aa2be3d6064e12c29431ce5ac842df48f7ea8cae6c1eb0da3dda6601f07b40be6909b
-
Filesize
13KB
MD5103bf7be419f49300356347ab81673d0
SHA1f24aea0feb219450416b106cc4b63d136e68ddf7
SHA2567820b203a1231590ef09b7bab5b0e9046e23066d5861d98f67e7606cd5ca5818
SHA51232d8f044bed2f47e3f988208f33fd4faf865d0df1bf51e01a00483d8fb8f13b0f0258999443b94396bf019b0ee3b2337192dabb46bb7d619fc5fc2eed53e33cb
-
Filesize
7KB
MD5f95102a2572c9fba5b37f7fb243c89c6
SHA1630e33d97f7005e1c8bac241f946ac9569bd207b
SHA25696ec4f1bccac43bf73518a298d2b6c8331dcdd26d6fbf70e47690e3880f6f29f
SHA5124c2bf46abdbd9bd0a1154d3f305e9a563245ef3adde3f5fbe53a385a4d97f4a068173c1a45607c9e025374e89b92c3be9f965992f256eb56b94cccdafc152f93
-
Filesize
7KB
MD50bf72a0377faf81eaef2c52fe6bff43e
SHA14013c51eebbea1e75c4f5fb36114724def2a4d8f
SHA2563675ed5a953fa9fb5fd8e738c350f0d3f20864398de90633a0966dd386aec7dc
SHA512a4586250dbf865b87878a66c19f085fbcabe150711155e37f2fc5c24e63cd2ae2f08d6375562e54e517493f958eda3714ac357c5741f893c108887f0739bbebd
-
Filesize
13KB
MD532131d5a36e0593df241efbf79d59fde
SHA1fb7f17ccd8eb20679ad96dc264561f20e92cbb07
SHA256bf3162fa882d9f78f2c6a019e4896da3d01db3e1ef5edc36b67967bfbad25a46
SHA5123d0f0e4d3f26b16a40917a1e2d2594d1d4919fcb8612fe8ead064fe534514d025996e82ee7a2ed8e7ca2064f12e8a3a743217efcc0ae36711c1314da5f8f0d4c
-
Filesize
7KB
MD5cd124df59afd30112eecd9fd8f8b1d05
SHA1497a475a882d978607672b12ed2540ad028fbbdd
SHA256e1086b954c203c9cd0d2d159095a1b41519c2f7f21616e9fbd598bac56645ff1
SHA512a2c8d5e97e97fc3bb3fbbddb0d437784dd961f3afa5f2c9be0c3fb2be128ef1b138fbf61bc34116c4fbfbc9a8386d44bba0967e59f6133b4813413fb722a1671
-
Filesize
7KB
MD5a665767d69e2c00fd7b8dd4cb8b74558
SHA10e848b1987fd6fb6bb99203339655fcce1b221a6
SHA2565453d60209080e3270af222c5a0c16b1b773e61cccf63388126d044a71b72ee5
SHA512268c60de341ee89b6d91d43f8b3530239c2a7fc6027c4c19fa5653a3510ab2926594b7108b3c2fb821e87376faf706704be4c9f214c64810fb68f583e490f5fd
-
Filesize
8KB
MD57e52db924427f191deefe11776f81baf
SHA10b5637aa6b44b836ae5be1ece3b9839d4ccefcd5
SHA256f36ca68fdcc460ae532bd694dd6e56a05fd972202d4d07726cf85fd17e11763a
SHA51267f0e8fbf4b7d6b0703adfe4248358295486f938bc40e893a9e0582481903d556cc9fb04cc00bc897a65f624ba8f26568bf7b23127fa240530976ec3c6f3b099
-
Filesize
7KB
MD572b2096ea7e9c2369ecc07ff17832bcb
SHA163c50a74dc60393a80f319669247e4ac58dcfbe7
SHA256afb9c445714950ec78e4d6f8bd030b18825422cbd43f3f690230a0723446dd2b
SHA51284636f8270c5ce1bb0baedf46320292609ab5a3d62e4b23cd90f0e28ac4fcac59384fa0e256837d446ffe50a9bbbf020c2772e623de4ed2606d40fcaa7400740
-
Filesize
13KB
MD586e37c786835dddd250f5a170f3863d9
SHA1c8aeb4d1e2c84eb88c722076938eba335437bb58
SHA256a4f2d22046cd03b5a8671b17fde9a2fd1e4f2ac0743a9bd8781f5a0bc2b739ff
SHA51298678654b63674e4aea51fef581dd4bbe56be74e5fcbecaca586dc10b4a48355694b34e1d612bb41ce4912a18ca89ea68a2c55458b59c7139e9e0a7813afff04
-
Filesize
13KB
MD50f62ee716d8a0ef9b853707ab3ad08ee
SHA1e41b2ae7c3dc12dc42b413ab799ec2164edc707e
SHA256b82d1a4fc51bd5cb71eeecf77194af9ec8b3848b43b2524060899794c1a0c799
SHA51207a00e1b9f9b119ff2d9d57986438b2297e0fe42375f6cf29a6f6ccc00d6db49262eb66dbe81066da54df6aa1aae6584068638e1e0d8b4bbd2c8e8e2617fae3b
-
Filesize
13KB
MD5c89440f7df6eb8ba6738a7dbc213e9e4
SHA12bd896716bafb67d88844d68ba3d0792430427cf
SHA256228fb8ed16b476032cddad62b0cbb72a7d060adf9684fb2a8b22ead7f93263a0
SHA512383179e0a2720921f853570b7d3da3b2b1b9210a36809f3ba2aebd435a2b8abb3aff4814bf102b0bd358a7a45bd35865efda891a8f0763c2bef5c59d17c7a312
-
Filesize
13KB
MD50a02ba264f938658e5f92222dc8bc13a
SHA13392f816f7243ae4a7c80fbe405c0fb8f4e274b0
SHA256171be2749a78fb58423dfc7cb97aa1a465e493ce0d186c6ff22f16d1ef192a92
SHA5120d91585767a551649afb70f754b4d3bf14cb4051bf5a208ba795798646f1c3987828b2b531b46c46db1296f626808be860b0ead9620cd6219caf87b856a00210
-
Filesize
13KB
MD587dbf04788c4696611ae9c7d1af4e9ed
SHA1f8cf3ed4f987837feaa43215487523860892bc85
SHA2560628d2f27e2af4e089da29b4bfd151db3a04a9ee7aa9152022f9eb3246159c7a
SHA5126e2b005d054f891d033ad97aaf3bad5bf6e007545deb9373bfeaef9c1fe912102cba4334ec157da41f142ea212c6b84b62f4fa8a202a76e119f5deaf9b01189d
-
Filesize
13KB
MD5d947fb43b2535a2a46958492520377f9
SHA13133f55563654ea10c8fe219d69f49f61adeb216
SHA25615f4c9fcb5dcfa3e5e8d6b5933c2647cb30aeb067df9b8b8f8f37eb978e06323
SHA5120795082a4a7a9eba14a7f5ae27dd4187d43ade4dc63b34e742be497c2a6433fe1a4127d6a9768e86ad15a1dd12c11d8aae59d2bc3500afaae0dde6448d6d0b4b
-
Filesize
24B
MD554cb446f628b2ea4a5bce5769910512e
SHA1c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA5128f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
-
Filesize
90B
MD5bd9b71a89a52dc8babc85e01d0c36908
SHA1493280d812d3ede30413d1c1b954f61b1f6e07db
SHA25696e270bf5ce742f24c78aeafa0db77075ecd21ea2e1f03adc3a7a11afdbad5d0
SHA512caede39694ad10f769e7ad4da9e3ad0fa0f4e8f14ef8e39ca32b54668ddd9aa2577a57107ad72e14749ca5f82f1ad452f9ea5dd6831cd93a0718d94c5ff65ec4
-
Filesize
26B
MD52892eee3e20e19a9ba77be6913508a54
SHA17c4ef82faa28393c739c517d706ac6919a8ffc49
SHA2564f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae
-
Filesize
90B
MD5b9e8a1eadc92edebbee873de0dd92e6d
SHA12536fd423be49a7a281064e8b32c0e9ade5f8c27
SHA256d946878fa7a833b27a987e520f0f55f48f8c7902b1c328449ffa220f5fbe4c76
SHA5120bfcd333024d97356d25729c15d0e8a4d4e236a91ecc87b0780fc93df8814b0d73df04ec8c3f1192868fee54660d8104f8e9bf563706c2b08c07a04f845a26c4
-
Filesize
90B
MD5ae5f8a8c3ba96d1e29479bc4fb5be5a4
SHA1db21914dc1f9d4842e094e9f815af38770044532
SHA2569b2683a80d27f4cee4c10299fb1f2952742baca99064611f642dec8d1680a730
SHA5120e29cfa6f85a3ce67f08b00badbdf952d5e3b1dd8fa23d58715a92b0e77bc6d4b36465b5715c15f93d24c19c4af9b84eeb4108fa403d2d3497473e9d25ed6a70
-
Filesize
90B
MD5e27ecb134987b3be8fb7f325d8fb4a22
SHA10b27e4afa4ba769fd3e2bf8b424235b9ac855d97
SHA25698a6f52fbfde890d37c28e47cf960131a7ea1074dc8d5d436a73d209640863fa
SHA5127ad26daea91e32daa6c12b19519f1a207d1616689cad9844282c19611bde6704508ea15c6cc155a244afbf4a950cffd859648b290969a84c4d9dadeeb72bd87b
-
Filesize
90B
MD5b08fc77c51d26f655750954aaef669a5
SHA18c46e32a417e9d3becdf2308a55d55bda556e90a
SHA256647c42c760ace32b43891be6b94b0ac94cc6252dcf4e959b2bbed7bc3dc0cbc1
SHA512e56cf1cbbdbcf9d145c886414b84d1da6e8ede245af68cb289c57c1e4cbecf3b69e7abbbe8a69f26fcc67d4291f1737515bb54aa2d8f148d1af6d0f9605b26df
-
Filesize
90B
MD5803bdc9341913765ff4d36b456746c7a
SHA146ad593e22c74c0cd576df36b6966b44324f46a9
SHA256dffd77be70a9f3240bcff1016f370ae8bccdd910c1825dc6921362cc9b36ab53
SHA51261f0ba2463d69c6bb272aefdac7a4fa498a37ec856e2318c2f893fff41837cd52aed49d1eef37a3fdd8a1391d2aeb427b194c51cf2ee2979a045289ca8d306f0
-
Filesize
2KB
MD50cec5e31020f6573fe8753827cfbf3ce
SHA1723aa1319ccf7173733770d012b1c738c8534491
SHA2563b4dbaea414400fe85349c9c1c5386d54a8141f7f23b163ce3c46f42cd470955
SHA512a5d8d05d511691891f756d0aa3aa3df110fed3e2db6f4d21e831f6f7cda78ca4d3ada139ac1e5948df680e88bb659b51deadedfb5b35818a2ad2f41090b7d638
-
Filesize
4KB
MD56fd1a41539224f2feeac6449f7ce1155
SHA17089df1867d7b20204ce6b3a3dd5434ff12535a6
SHA256ca44b7313a37fe52eda40093ccb72e886890f1778201a0ca4802d83e2376a6a7
SHA5127fe0366e920c3f410b42475070de8c081f129155c3eea0bd87743a13b91560e2faa6120abe74a6bb21633f09b3e845295f84fb13a617c773e3df0f48d6448a47
-
Filesize
372B
MD58d28dd79bf7dc9d500753865aab3287a
SHA198be32da77674eac45f9f1a05aa48bb04b23df1d
SHA25602cdfcf075d8848bf3618e3bade73b0344f354c560007c858ac2a656345f6cfd
SHA51267505c7cc66a63b85057851f4b59703574eb102f16ca89cc67410401dc7dcaf081e6219512ef1b7ada6c6ed71d3eb40fc91ca11bb950bf26f1e9166b053db140
-
Filesize
1KB
MD54d5b2d1e29719a85d6aef9289114ce46
SHA168758b40ee1f373669d083c6e989cf17e148dcd6
SHA256e145ef6fb9e8b95607930ac328d8cc641b4c835988ea00d75b23e93ea039d499
SHA51243fcd071aaf9742550a3cf9681272fe1a4a3f77e8c83aa593a551d48e6954084a8bc9537a876e74af3a924c6694389878c2d17b0bfb89eb1731a0675c082c7b2
-
Filesize
4KB
MD533d8eebde9c33f36af51a36281e3eb95
SHA1001959a7b55fdcc9dc99ba72f36439c4bafd9418
SHA2562cebecae552ef3e9ab44454fe9e14970bfc7b90f6dc98135756867543dae8513
SHA512d8dc179347baee7ef4f731787074fe9e1b033def4cec8b6798266b988c0cda1fb3b31b818f6a1660b86657360539e4649fc8324c832092a4463d5817039111a0
-
Filesize
4KB
MD51a8b9275ed00b8e27039acd29398e689
SHA1ac9fabd43eefd8820b4dbf43a269dbe0bb180688
SHA2568eb213eb5be1252f636a04150e4ae7618459abc42bf2829fb79c31036ca401f3
SHA512750f46c783e8c15f0821d19438bd26fab66abfd5cad1f00612433668495827512b448e7c62ab894d569efe6c01d1e69f1ef4aa5b8ae96e362a49655103f6fde2
-
Filesize
4KB
MD5ff56eea9599e4b83385c66ea3e0ca9b9
SHA1363bede592cc6b2dafc1574b0919c0d70c918191
SHA256c2e64d52871a39e9c6ab73c1bfeea9a9bbfba1a69fd4c23af896e81482d191a4
SHA512eda46277453fc7b52d019ddaf9f8c69419d699084e8d1f7cedee61a373cdbedbb9c45278ba9a0a4c2863471fc5b1b168b90c21d0f53060646f9759cbd573d837
-
Filesize
870B
MD58b8ea74c646c50d4e020635010a8f29a
SHA1fd30268d81b98568dddbd50d942e9b40e323e840
SHA256e68aadabcff08c7016c15dc90b5a2285deee3dfedb591c85e12887a46b926c4d
SHA5126a689f698be4fd40bba880fd1087b6ae9c0105ffe1d7e9c4f211729e1f46af0bed25a5cb5bdc9e3c2c818bd6f2937b74d0ad3798557fff25c5ef909564512c19
-
Filesize
2KB
MD520a832c486a74f4fa1b77b1069f6fc58
SHA1aa20cb39e46513248ed0cc82b3bf2b90c70d9e29
SHA25655093cd79454608a7c8a19774c21bc3944406f1eb424105e5aabe035cdb3792f
SHA512b5336f6741d4e7c6a37044d915a9cbc9fd65e16a5061c9ce8b85508a9c2dc06a84cfd7949bd775e98ef4225867a8b3f38efcb71edbad91c4548d18004e4c968a
-
Filesize
4KB
MD5fc637a31e9eecaf665deecbd85276c8d
SHA12c2244b5e151c7226a8121bd2b8de40531924cb2
SHA256edbaf95ae8a0b16bf51144cceeb3b640a91b33661d2ec231073f25eceb6eb469
SHA51264bec3de96476445582a9cae544095b4a0461c012bc5f822edad047628b477c7973f1a7c67dd57382efed5728681d766d5b1f827aaef8498366516b1209a8d27
-
Filesize
4KB
MD523f2c2a5c42d1da2bdc8d7b0cfb325c7
SHA1f1461d3db11e30c9fa7077766900e3dd32408b0e
SHA2566217d7fa1a621cd1250ab72c74ffe1aa433a40062e802c1a18d65506a40f301b
SHA512d6c081a20c2b788202aae2c194b2d7a39212bffe4cbd1864ef8fa3b01bb7abae94de0bf8721c2d178e2d529c885cda11203f1276b3ef3896e81ef52e8bb3ba81
-
Filesize
4KB
MD524aec99087f51ac8f1930db205b5e4d4
SHA1ccfe62eb114c4e9215b0ce3a7fd697d166da32eb
SHA256336ea2497e37641a5c35b0e6565ce8bd7ed4ad75d878feb465ce57d2879e4875
SHA512866a7f88f6dd9345112f39fbb6204ffcfa54cbc07375c6becf462d6e2d922d649906eb79381b678626619a83c6af11c241306bd261d8daeb0c949385fc65e94d
-
Filesize
870B
MD557929c627e183e5a8fa38886ad7ff48e
SHA19e7d050a1a97788fa0af5329ff33aee8f53d3180
SHA2565d1b2a4601c467228e72506b86b5b72ec5af61e0a81bccb7a5978e9fbd866721
SHA5128f1da148053a8d26dd98f7dac88b3fda5df01ef2c0ef6f356b912868cf52166e430920b30b40329892a398667a7950e733622730bb5dd1c5a325dfde24fcb55b
-
Filesize
3KB
MD5970c77dc0ba8845a60ed4c0377527640
SHA12532e190bfc26b5ea82ab77761ee5eae4c499d9e
SHA256902e2e16c9321fe839d389ee07e66f0dc485d5fa44c966a568d95680e3e37165
SHA5122a02701eaf75c05994867f3d261bdb6448b87e75a89cf21b94f52dffb0f50f17382fd0fd1900e32f0c33e0ca43d4b59c50f864f80a63d3b38a4396652b0be014
-
Filesize
372B
MD57158bab79248cf3f6ab41cd7877252f1
SHA19b2f56152772cb51a51fa5458d70b0cac6af7a2a
SHA256ee86fbf87e6c495bdb9f75d80e0c14720dbc80525f2158bf9b82ca45fdffa488
SHA51202358eb71a04afd03c3a0a74eb83c3b24662154859159a8b9e8de337eae4baff3c34d865acf300c5cfa4609a5c43f2494221d14c2827a6dbd85d0679562adb67
-
Filesize
1KB
MD572ad83578bca83786308660171e11b57
SHA1203f5b2c771f2a90ac1bae702f486156e110d503
SHA25699c3f1c066d91cc31afda874844a6f6233697ca377ff6df8ba264e7f3d7bfab7
SHA512956ca761a604170eb8d9f7141cb0cde5598f02ee54935fad5adf3fea41207bb318ceac29060d7eea7a92eb40ebdb5051899cd18b327690e2dd6d07e7302fd567
-
Filesize
2KB
MD57e478305eb0d30e12dc2075232ee1c93
SHA1ebcd84ce8f84a6705b29e571066bb59a128df1e3
SHA256b883c56317f024cdf0cd621c6825c8befcf794aba2caf2a7b24cde78eba1cbc6
SHA512c7386ebc8744a7190872d279ed1ecaad6e857052d059cf1aa6e559e422425c4b93c4ed93791de0fa13fac8b21510b9985f507a209fd2b0a621830662fcc5dfdc
-
Filesize
4KB
MD5e6ca66a25a87330633f2ace1176beb4b
SHA11f2e20fa483caab40bb58929c8d08ac415e1efa3
SHA2566e0e835ce1b78e42e0f8c5c4e89cd596a75161569a054cbd0cdc12d0765d662c
SHA5122edf40f310dfcece79dca6241b723d7a5a015d40681075fa9d95504e7abacf5676434116b6e5e90207109bd33ba1e05e9dd1d3f34309bdfaa9fefddfdf3aa86d
-
Filesize
4KB
MD5bff5f81a685128ecb22a7c9736c69613
SHA10bce6981bba24f227c16f0848e344cc9369d04b2
SHA2563d369d2e8779a5ebcf66f40a5af4d91d6fbd98a9dd81f696217c8e6addaa71c8
SHA512299f9a31aa155217fe58451552e54618fe87fec2b1bb785a2d4ec66a29a065350be7ee1b91cb3f04dc818d8bb690b79ce47e7d1ce219ea3d03c292cb2a79227d
-
Filesize
1KB
MD51539a80d3cc5e1b27d4a5286e6b9c77b
SHA12a844f6f6f2b583f51930de9d58a452bdeae30c2
SHA2569227562bfb54d261c27e1bd4cdd82974884011ec078ac3baa622bb8c6c1baa57
SHA5123c592c5300040f8c7565a2a4cc1bcfe5f4fdb2cff83048dc2941056b2cb67480a8c74eef79f0f138275d6c13eb2ba711eb4f69f41f381b10243d87682f7567c8
-
Filesize
4KB
MD53a1f1731c189ce5a0379353eef6639bf
SHA14bd15d71921f1e244dd241156a917d58343ce886
SHA25640d157d668a1798aa4a8d4fcf168cd7918b546a7ac7d43dfb5a0b490085de1e9
SHA512f51b23f7d1fcd14300979b6ee62c3989c1df9dfe4495cc92ed74bded205789a3520090a1b8e5bb840440704c96122cd577304a41f18438a69f2fb1938dec0b96
-
Filesize
4KB
MD56072b2b79c6c4f61782f17aaed329172
SHA121e7364eac77c95dfd126fdb0905defab79d319e
SHA25680378cd4a7eadc2015fbf967ea4b348e73ac30d77c032e2cf7aa883d4d8edee4
SHA512e6417bfec5368b877851ba572116bf860ffc359174aff196b2bc337a1fde995301ca4a56bd60c48d3dcca8b93e29c16e976a305e5d9299128e5889c9b772f000
-
Filesize
4KB
MD58ce068562756dbf5b8e3664cb9bef293
SHA171afe691a01654d3783aaa722203452bc679f724
SHA2562c6f75321f4771f31f1bc4d6722298bef7d02018ce90f0bd21e4761809db3631
SHA512b987bbc72c840d46b879a300fe17ea7b0275b904186ce6e41d27580399696fcb8f255bb56321ffdd2aa3cd2400bbf831c6b34f32123bd943df316b3ecb99da71
-
Filesize
1KB
MD5700d7b925cf1920eae0561b894063989
SHA1d5b5cc18415c40ff35dbef69054249ad725ffe33
SHA25681bb2853433f4b9d29c2e2fe32c44829efe47c16683b644b8398e93b52d9f28e
SHA51242ce355b3c319f5e223708870a930e052f7622c84a3246a94a06d6b5957bcc743fc7dc9dfc7488321d9a3ae52ff9cf64501218b02c02172422429e2f87e22d3a
-
Filesize
2KB
MD552ba513bfa13031e5c448d5ff8f45ac8
SHA1b42e51fdd2a4f06fc557d18446c3198125f66b23
SHA256338209c6254ff97c8242af540708fac7267e456a38e05c9851e91194c3cc6163
SHA512424d1d2bdbc6398622d28db278159c5c0da9d18d70e7d58aa079533b068f202342aadf124197cdacec23c6f83a54443a49aaa99a1279dc776d37fa96ab619d0f
-
Filesize
4KB
MD5b3e179364cba4e07a42583b79084b506
SHA12792c6b0c9be3ed2d63ff96bf18eaa7b6db1a416
SHA2561035a42108d4c1d4424aeddb13b2f05214cc920f2c6aa2e9cb614bab7dd8b773
SHA512ab7cbe6c5aaaecb4c7ea02748f1c2dc3616f0533ad97e1376b7da7e1f716b21458c8d0adf45b68dcf7b94d6cc007373595156ea80dc1e6670d187e59b98c93e1
-
Filesize
4KB
MD545d49b49068477e8281db7ddeec2ff06
SHA1fc4efb374144c0adb4285cf521a059b5748addd6
SHA256ed12c37334391ea00f2088edd5186320fd2d6019d0cb43cb96c231fadcd72882
SHA5126f4b2c64b9a29ea724d82d7aff7a2b5ff7a8fab301ded9a01a58b767e3f1f4560493832a9dbbbca8a2a38815b74e0211f63338e029aab12bedb08d05fb736fd4
-
Filesize
1KB
MD596fd2bcd205a04361dc81af46677b319
SHA1e5c25426534479ed1cb61713cd6bbd7d2e1a69f8
SHA25699071742e30042626da21b8ae857d22b96830035a16f4d056ab79caf3e3aa280
SHA5123894931a09cdbb8f2e9755615b8277bf8731388b0a43dda2a1266ead2ecad2162077a89fe70fc294f84f10ed5f34c646fe600504528e1c1d672eb0c33157ea32
-
Filesize
4KB
MD565b2fa21391411a7eb9236a6e00e7897
SHA12ade3762dd39cb147eb4019594b5fbc217f31ca8
SHA256b6a7873bc84668db76c3e08a8171f8051e73d59a3d5a855be65b801dc793e801
SHA51219824e31fa1078f85f8772b31f564d0138d2492d8f4ca6f88c06751f314dfbc3e199d70f71f5834cab2a34bdff1ed97b21018d98e123bf08283168e1e0c52c3a
-
Filesize
4KB
MD5cebe143330bc31f076f0d8a09150eb3e
SHA13366967236908c1ff94cbdc46099874da866de4f
SHA256a2f45870cd0c54c60abc412da8b7cfcc6e81419f80fcee609e91fb38cd3692d7
SHA512c0782b370d4c5f33f77d6f7e9f0dbb7623f0c09670c3631dd0c026e3d6b1a1a33ccf72a5f746ea0643a65931a4b0e1f1ec008c52ef6fd757e6298a9010738e3b
-
Filesize
4KB
MD597c8098a6960af14e4f4e3be85827682
SHA1c60e76c9af913b37f3fc80cea254d7a457538484
SHA256e89dec039e27f6f5515ca27932a28380b5ce8be613020a2de17419c7de6fbd93
SHA512b359efb9f8cbe27d6f71c379f412447f00cf627f20675cdfbc5cbf7dc5e27bada898be15802e7a0e71bec8f01fb8d6c19878474ae1667e5ddb9ca64cea68d3d2
-
Filesize
4KB
MD5b7f949f6280b3fd543efbb372b8f24e9
SHA1966cdc367ae1f37a12870bbb29c30a53da71d7b2
SHA25681034e3e0eb9df7ebe16b28f37891b217d2c82eaad9f108ee78039a755a39a57
SHA51239a4a9ee21b0ccb703100aa875ad4f088c1390e855771f0b384002a0422aa79db49f88c5a0df3c2d5d18720f68dce2c486baa32fd012afaa2da343351d91cb2d
-
Filesize
4KB
MD540a995c48aeee14b9756ef12c276a581
SHA18b9c19b5b8fc27b7ecd2fca6d55d1d1b79602b15
SHA256902918782ec3669468fa31564063295a82e61dc887ff928a848354f5e57b2b42
SHA512f44aef3243635fca99715174d6b81ac72212f652044eda4f8e6a6c5dae0bf29dc9115d0ea08759850a794b0db05bc24616ded50b28bc89c1ab82a85b8e0d9df1
-
Filesize
372B
MD5f4bb255d01eabfa3b55090bf9ba5b19c
SHA1d8d94415d9e79ea0082570cb9284d54cfe09c4b0
SHA256f3e8c5453bc3bdaa572a1dffc321a35f19626b150416336ed010730f300aee62
SHA512a6aff13dd539d86ed5404588aaded789bdea13f891d37857ffc99dda847774f283b748752704bfe5a36d85c57010ee891c7ede9d90992bb44e5be53bf9b64bfc
-
Filesize
19.0MB
MD5a97a84f0a7dcdd5ac12389f444e00366
SHA14e32298915a4461a71ac4571487a27d96e0e78ba
SHA256e74c977ee368ec683d52febe676b26c11085e072c5e3f608d5c45bacd0d4a877
SHA512a6ea7cbc4324140c6d34d417268efa725e34e82b88146418fca8f6c281489bdf01ad22b73ed4ce1580b87c7fb2a05b7d2340ca6d7a621e0d267736d21f1c564d
-
Filesize
15.7MB
MD5f8c5eb6297dfae0059ba1f77f4e644d6
SHA17379c6f3bd7b6d5270b4bc73e3163535c48be488
SHA256fe0d8924c6e3c7085d9789b3888c1d54afc5f23e0446c877394fcf840c920508
SHA512cf9dbe2fd60317aed75e29cd4bade316102c7e98f85050ed54c2ea587fc4c6d233bcc8ed061779e12513cbfc64a7c6a0b28c27b4623651a08beda23922e4a6f0
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
12KB
MD5ab8ad564ff2dec544592e1b1c232f261
SHA149002ebe43d5731eb2c6a3f5cbc68489f3b6fea6
SHA256d428aaab9239887c6bb47641970edf0b5d7a68b4f09d1e7d5f1bc190124496c1
SHA512cf835f27feca3dfb0afda5f1203a5053a611cbd8594cc5f6d765cb217aa465ec93190d5210e3a01b0cd5abb64363cd2bf06f778258b2cdd0529adb50334d1616
-
Filesize
11KB
MD5e6b2ae4cc98afbd14297551f0498662a
SHA1ab827f0c06ea06dd49b66a30df188add7202ec0b
SHA256523de91f756e00333940633c134ed1786b628009119fbbcbeee935b12099f46e
SHA5127c32719084e23bf52c6328bb446e575b2d112257ddd910f395f7916aa8a17ba9a1b181b1744aefe3cb87798cb8a76ab8a5e341330512d574358a591b66c96078
-
Filesize
12KB
MD5f8764f8105a0edef230b05653b5a90c4
SHA1ff9d8ef378e0822c80764d4018ed763d80999df2
SHA25652fa77bdc41daabcd01a50e5df84a88645daabdc2acdb2a95e48e8431a6f91f4
SHA512d575a42cb5e8cd35558bd0c730c6b0cb01f65b045b5ed3be71906e51cc1c97c759a8c15df02ef3cc012fdbce12bb2994bec45f218e4b47ca2edfb9357db4764a
-
Filesize
12KB
MD5b431d6c165e804e5b3a4dcef51e61f07
SHA1f80a9b74903873fa42b07ca160654024f1c4871f
SHA256970012635d971a0e6fd66f9f2bc362702c660f204000db90b60860395308c248
SHA51288bf31c480b8c8b2d3e06b082039e6feaabd8d5a02c75eec0d88225cfe1edb01b6657cdd46d35db2dfa6c0c86558a2654bca574f13523e1092225d7f73cac3c3
-
Filesize
12KB
MD58c00a30b007f947cc26d275a65acd1e5
SHA11dc00393d1fd29ff61340b8d110a6f428f96d125
SHA256ea188492223f708699d9fc12de35cd7231ea8bb6ba8ef223027f0fd23d76a2ea
SHA51257c4e4faf74745995d0156f749768eb760c9fae31bb44075959f59732a0cd8cf429c2d28abdc06cb351a8fb1a4c2082c8253686e43f399de80bece65adfa13bf
-
Filesize
12KB
MD59899640cc2a10e8657957edd885258d7
SHA1e3d07caccdba6bfede4f3d27f6f12df9d34cf222
SHA2569aae1c8af878ec953768d52ebf1a6d478745c3572bd3f7bdfc0ca3e46854c9c1
SHA51239ea8ad662317560995e0ba327f1b51cbdc5918d66547e7c18a4ac9f00b185276daa955b0992841baba27c1b69444735d2562294dd5f6e35d30492de73f4bbe2
-
Filesize
12KB
MD58e192a5dcf4cd7f64cd3fa981903f51b
SHA16233fd6428d81f7fe97cf205e65fde19d6eb6487
SHA2561abf9b3580ced28bc93f80b97638a32d2db245ab8fea99025b3b13d032481112
SHA5127883b718edf6e1de97571529fb98d2752b3939ef0220bd76609229b3213356282ff2203ed7dab548dffe90b5a1c8b861e7db52dc226ec0039188baa64d5d5223
-
Filesize
12KB
MD51345fb1cdedba0b63b1759cd22bfefcb
SHA10f3b19e2be565077782eb09733b2db115e960c17
SHA2562c18a7dee088542d7995fb3daafa4769d623b687a3ecf3828c3572194a6d32b2
SHA512374998bb89e97f2453ad1808311bb484017edcc550675863ac37133fffdd03dd81168e53021bc23acb34da93efe5b900d7ac0faf2a978a30cd40aeb25eb17ef6
-
Filesize
12KB
MD520ad63659f4538ba8192422406096540
SHA1162d857e420b622457662010b712950802f1e740
SHA256adce09317abb55170608d45f4b2b13ae5d7a15c654913bae7664c0545bfecda7
SHA5122f66798625c2808183897c736b35b7f76879471c260381556d38bf4ae56787178c01430e3cebb723fb02ba6bc1c209d3544cc8b47c92db2feda232f453ee988c
-
Filesize
12KB
MD57b7149beb5bf0132d9fa06d2d865c739
SHA1e1844d57c1fbaf3894cdb7e202bd9123af288bd4
SHA2567c3bf75a4f2ce676ec7770ccce921daf56762bf121cb5be288c597f82de08949
SHA512921ac268bd726421dc2f792c521f4836a3997d4d79eb6b753cc86879b221f462d04261165351306c42d0a465f51e7b16431400f3be12a2f534658d0a6eeba9f5
-
Filesize
12KB
MD52144dc7963bdd848949f8b89e89da468
SHA10b79097e699524aa4b3bed7aced9f9423bff8138
SHA256092b59c89f78654bf12361c82b8313f9bb805eb8d3a13c0bb013c6b8b925a880
SHA512ef4980b7fa8652ef1181a379dc21a625b4d97b8d0b69f52a2e9d81e0986ece7a5586ddf446c6e8777ba2b8b089aba34bcf32b32c36f382dd8bb7f176be94eed4
-
Filesize
12KB
MD5a00097c01412f03853bb62057a3795f9
SHA1592f6835cc100b9f4b49e946c5f80c7e50b75af6
SHA256308c5037cab304e8ca3b6086d04c58b06337acbdb50063181ec5ae46dedf5757
SHA512797223458eeb2b540863cc018c57296a601747d6b4897dbacd7ce3b894dfd843c4b4b2ab48926fd8f1093da58021be14942058c4bff30602c79474939c8113b3
-
Filesize
103KB
MD58bcd083e16af6c15e14520d5a0bd7e6a
SHA1c4d2f35d1fdb295db887f31bbc9237ac9263d782
SHA256b4f78ff66dc3f5f8ddd694166e6b596d533830792f9b5f1634d3f5f17d6a884a
SHA51235999577be0626b50eeab65b493d48af2ab42b699f7241d2780647bf7d72069216d99f5f708337a109e79b9c9229613b8341f44c6d96245fd1f3ac9f05814d6a
-
Filesize
1.3MB
MD535af6068d91ba1cc6ce21b461f242f94
SHA1cb054789ff03aa1617a6f5741ad53e4598184ffa
SHA2569ac99df89c676a55b48de00384506f4c232c75956b1e465f7fe437266002655e
SHA512136e3066c6e44af30691bcd76d9af304af0edf69f350211cf74d6713c4c952817a551757194b71c3b49ac3f87a6f0aa88fb80eb1e770d0f0dd82b29bfce80169
-
Filesize
542KB
MD59f0563f2faaf6b9a0f7b3cf058ac80b6
SHA1244e0ff0a5366c1607f104e7e7af4949510226ec
SHA256a8054338891db7231f9885ca0d3bc90a651c63878ff603ede5c3efafa7e25254
SHA51240cdf4c754977e60c233417e42a62be02f9b5bfe239c0378664c28757ce6ce1fc3b91b83d6ef6bb184c4d831761f57a07255526d12a3a955c3b473bddb97f4c9
-
Filesize
473KB
MD57d538a430eb4e0bfd7671b921a8b76a1
SHA12add11e25d07dc9e154ae1be916c869804047146
SHA2563a4ea5e72e50bcba550efa034818f35785076adb37af4c1cee9374fe9e013ec1
SHA512b6f0883f721d534afac93fb022f57593069aa17310bd874c37c66b0731c79d8885cc22614837e107c2b35f21210052e1a34b7b61c49418c3909493bf3e0011c9
-
Filesize
171KB
MD5b13850aceaf6c1ee66c61bc94135fa25
SHA1f23280f6bec2f097ddf77b97bb19b643a2c5a80b
SHA256ae2a43a7d58e9766fac59032ba1ecf1df7866ce5bc09b879c6bb111036789ed2
SHA512d4344edb6e4a460e162169e5621fbf851538c70c6489cca034d1600c3a9a677e8cfa0607e464ea8de3a22066928f540833bc10bf18ae3b1ec7e9147c0d3a897b
-
Filesize
191KB
MD5ec8982bb5bc336fe8803c4ce78ca6b3a
SHA198d52086cb0fbeacdf6e722ea77553f701506ceb
SHA256d8e07b6a5984bec06dc7507fcecb31c7260b9367bd25ae4e9c6598f30d7c93b3
SHA512c312605e5ae560dbb8e8ceb6db164235b115fc85739d46ffc9c19d534cb8f0d6e5800993b301a4bee175d7a8508a4fb39c9e7200efa1c52f5e736ee46d86303e
-
Filesize
10KB
MD5298637607244c741872c976cc6c8d838
SHA1589e7096409a67b4edf2a4b31985b30e96dda4d0
SHA2563b6378d85a811f7f815aa313aafbbc30d7cfa4c0f1cafa6e3d58b67fff39809f
SHA512928326e8ec55d5e1f88b2c8b965ad69ca7696b400504aabe47b081bd6fbc2e3c851a1ecb549eb66f2370150b9f3a9c41fb52a20d1858c9d7c370b2cfdb182255
-
Filesize
23KB
MD54c1ba8fd2c3b0d920d7799c6ae74e56f
SHA1668cb8aff972e70148f915a3f782a4fe956047e0
SHA256eb2ee2019f57f715ba46af173362530aea165b59d6fd0281f3eea7bf9ee4fd6f
SHA5124af923d0100fc6b529cc2f7c1389b6a7d48708b7a2fb7e9b019c737fbef1ba6c2708c8a3c92f84415bd2e190c4e0867aed295b5e1bc1431545e9e7e16bb54b81
-
Filesize
23KB
MD592ebd01f7bb919da6500fb74f1ec3d9d
SHA12e4ea9df00c2da8bf67731144125623e606c843f
SHA256e68425d2da90e2a73504b699bcd3f012e3cad27b44ba5e1fc8feb5320d3459a6
SHA512abac92cefa39978fa51c2821be88077a67966ed47acda5d219c17285a83b4ed67e6553106d8f0b6ce30189b4abedbc8df3794e0b8b535f033c69c9eb249ebd3f
-
Filesize
264B
MD5fee1e3e7bb682346d7b954d2d0f1b5d2
SHA15dfdb79462c4116bc96d976d41bf06391cb87a33
SHA256ddfd2eafb75da5a029c5e73e38627c2ce8a79707e92574b54067b04af1be3387
SHA512b53ba3310f5d7f7309adbc56144978ab8fc6e8d718b752789d02aaad425ae953bba0fe4883c490bde08351cad7aa5d871ebd5ac47ad2a40110ef4f069de266bb
-
Filesize
10KB
MD5a6ad06125f967a1a0816a6d88035f67c
SHA1c204065cb48fa7c59b420de07258bb6a4606ba7b
SHA256ad327aef24b432f01256077b978e28f605fc8bd0329cf0a1aa762b33ef981ae0
SHA5125f17b623cf153b26a7244b4969540516d0f12becfac1208e069f3b0055c2dbebb7a37bedd80ceb84d1df459ab9fa06d09830a2cd5e8396c9ad1349dfca43eebd
-
Filesize
861B
MD5c53dee51c26d1d759667c25918d3ed10
SHA1da194c2de15b232811ba9d43a46194d9729507f0
SHA256dd5b3d185ae1809407e7822de4fced945115b48cc33b2950a8da9ebd77a68c52
SHA512da41cef03f1b5f21a1fca2cfbf1b2b180c261a75d391be3a1ba36e8d4d4aefab8db024391bbee06b99de0cb0b8eb8c89f2a304c27e20c0af171b77db33b2d12c
-
Filesize
240B
MD5a6e3b08f3da9932333bf2de25ee538f1
SHA1309e4abc4aec19113b902646b7f214d320a68d55
SHA256c8370843d7e1f04992ab9424b0a15512ec1f81f0ad81652947eba9310f164bba
SHA5122e8f7e7ae59d6a8c656584b8d5b0672d110bfec2e8ab4a9a5919af875453c9bf2b6e8153bf6a0502f335c347fd74c94ec0c56b88a642051058777281da7a05e7
-
Filesize
1.7MB
MD5272d3e458250acd2ea839eb24b427ce5
SHA1fae7194da5c969f2d8220ed9250aa1de7bf56609
SHA256bbb5c6b4f85c81a323d11d34629776e99ca40e983c5ce0d0a3d540addb1c2fe3
SHA512d05bb280775515b6eedf717f88d63ed11edbaae01321ec593ecc0725b348e9a0caacf7ebcd2c25a6e0dc79b2cdae127df5aa380b48480332a6f5cd2b32d4e55c
-
Filesize
308KB
MD5b41f41dfc34cc8bdc2525044760d6e2e
SHA107db32c6c2d6aa20a05c15f43cec70fa1ac2efd1
SHA256065cfad474b90dd23e333b653d26cebde762d6b19ca051cce0b4157d3924667b
SHA512b26df6771769dc3be4fd3a08c9b46ffe57ce57419eac919d2937c82c0478bb999044a45d5242ba87d2e48a5e91e9ac9308f33f2a37bbd30a01866e48ecdd418d
-
Filesize
20.7MB
MD518d864b1c6b485ebc3da38d13377de99
SHA17c059264dfef0257875d2ab00c9fe6d5c9e6eedc
SHA256600dae12ed7c7e5b313dc59be30dec573a871a9da8ea4344dadd15f228122dfa
SHA512b6896ae5a5dee626f0d9fd5f663d317ab2f5d7a2269b603cbe096c72ead4f5a37b0570952dc1c33c702083c531dec32af3a375a71d11ac610b4978dc39b9bb0e
-
Filesize
240B
MD5944a8a8e1d6f8fc575d745de547ac61d
SHA1ad4700e5f66f418c5106c0893693a8f3e3bc4689
SHA25681871a5b699a88f31beb4cfae3025c2df7dfd10477af16e94b06665a136280ac
SHA512511cecdd9d25e97ae2965f3f7378f991727849995f894d9fe18a048be28e5fde2e00faa1e0dac88bedf00f46b7c1315ad6582b7bcf754ef790d8ce1d5174d5e2
-
Filesize
112KB
MD51b3cf59e94f7d599ed2d54c1f82acb5a
SHA110d84b9096c92331106212af9a88cc7f8119c458
SHA25657c3e5002750b9da9dbf7526a1288bbd84f339fadc16f828ef20d1889c51e483
SHA512113328d190125c1dd0f7b5dc323a68c41f5a98c1afbec51e414c5f2776097bb1daf44af9aa58acb221c82c11e68b580f414ead1cf8184caf28da259793555a45
-
Filesize
654B
MD5d256b5ab1954e7fa2638b02bb1601ec1
SHA1cff3618ad44a275a4b0afe6bc3865b2253faa4b7
SHA2560119352fe24a6307f700addd4d76b8f4270361f265012cce90a362f56e1d9243
SHA512136c2df11264a527a0b085706ea5662162ed244bc006da5e81aaf97313c13358ee00ca2c2d67a7f019d449c80aeb4fd646c3872ad3ad87501718232e8ba96603
-
Filesize
58KB
MD50ba2d3a3cb7185c7111c565e039e9b52
SHA19381f3598acdc21136141674fbb7e05c9498dfb8
SHA2568366f11f3df2673f21db892e6199c38055f7895dcc43f46ec3a03ed4ab94127c
SHA51225252283281019fb75df4266ed9b9a669f678200856a0369580b4108bbb4cd220d22857f111b56393f49023b864333dd70a2309caa3049b6e9ed6dcf480e1b92
-
Filesize
24.0MB
MD5785e18d17f4e2134d93c51fe3d5ee6b1
SHA1aa00b501547ce619b158d7ea6bdad104b3db00a4
SHA2569579c6d8e98d60688af84034100c1fb1e242f5c1b7a3ab44544200d600b85154
SHA5129c4f1b0d3f654fe72c461b0eb248866882ec45c1bcdb2cdd9851a1996246e528d475a2b9730cc893d2ccb2b1b1961864225e5dc4e6db20cbd828547d3a178eae
-
Filesize
1.7MB
MD5187bbac84c1878d4427fd901d1f85557
SHA1094a4ebd3c51923878b83a516545f12d7f556439
SHA256da8a8541e7b6c33f38a1c9607073989f08dec0695c18c18b15c8af199a807600
SHA512bc6962debd2b679ddcbb080607c2d60dbbda257f58f5303496f5ffaf6e448c3eea1ccb7ecf4f6bebb4de7c0016fdc12b4fae311d12db937cc4aade5f14ef373e
-
Filesize
390KB
MD575256220b5bfc94348a32685985af787
SHA1a63e1eba08e1d0b520ca5e3ba92d07d0e938f430
SHA256d6a5b4ac0b84250c190475874969626dc170ace6f51ccd9e5dea2d133fc377d5
SHA51240a2642ac858546f477c98f3f50c9a3f8985a904e25438cc14de19ec1ac41fe681d5d8bcda8ec44f2c82c9076da279936bf852949deaa96f04780ab433c9b36d
-
Filesize
43B
MD5e1c349613b45937a4c32d58f159c7da1
SHA1d94356e0a32b07f1222242c9bc05078e369defb3
SHA256f5d24057c873f9a70e67684a8562f550e2f6de2e317b63393256b1bc3bd9dd79
SHA51295ac12721c9eb84c503b11b62009bf709dabed449fe1f92c41614571ae776341d139e7b16a73b462d26f79714770b62e2122aa5c46af67e7872dc9969d830526
-
Filesize
362B
MD5cb1f16dac1328423173e403300ca93d5
SHA15cf379db08711c6e5b532fe6a774a443f22e23fb
SHA25600225d2881339e946b6b76b8debdbd6e90df3b131160932cd7bcc351fa703ee8
SHA512e9994415c6dbc99db8172f58275a6714a8027411abe5a7c09fd9ec618f5a439ca14597d592f5f6d8db11c621ae85fd3960e30533cd9efe0a79f61561765ed56d
-
Filesize
244B
MD5e6bcdfe913b0b19bad3ba37b2c06b65d
SHA1b3fc0d7c10eb73484673172981af44bdbad1e581
SHA25660e8cebd0ab2fb6cc2c279114545c4d3bc2504788574121edb4d2aa842312794
SHA512ceffeb0388073a0a90054ed77dd63bedd6f1cb78a21e7974a0656ddf1a9cc2d2082cb490d7eb300fd5b2cefa5145ec06cce4d648f4fd1c402967c73668fb6ed8
-
Filesize
736KB
-
Filesize
736KB
-
Filesize
736KB
-
Filesize
736KB
-
Filesize
736KB
-
Filesize
736KB
-
Filesize
864KB
-
Filesize
128KB
-
Filesize
1.8MB
-
Filesize
1.8MB