Analysis
-
max time kernel
4s -
max time network
129s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240508-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
15-07-2024 23:17
Static task
static1
Behavioral task
behavioral1
Sample
4bd599176fbaab489642f3fafb083862_JaffaCakes118
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral2
Sample
4bd599176fbaab489642f3fafb083862_JaffaCakes118
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
4bd599176fbaab489642f3fafb083862_JaffaCakes118
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
4bd599176fbaab489642f3fafb083862_JaffaCakes118
Resource
debian9-mipsel-20240611-en
General
-
Target
4bd599176fbaab489642f3fafb083862_JaffaCakes118
-
Size
23KB
-
MD5
4bd599176fbaab489642f3fafb083862
-
SHA1
0e04611e74f58029492a2df576844dc8c4529e4e
-
SHA256
c7d3a16ba29abcf5261b66af753f44124fcb3a303059f7cee04334983a3b6d16
-
SHA512
d2be3727188dfffaee6b96296f0404e8e208a83cb83fbcab4d6eb833b9305b844dffdf73af61c6c63ab607d38df6dfe43c83b1935d2fb28039320cf6bb780645
-
SSDEEP
384:z7WoIqPIkK+slvwzUvEEa2cC/bvynigxz9DYnY2c68:5IqAkK+slvwzF2CDYnYhf
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
Processes:
ttyloadioc pid process /usr/sbin/ttyload 1580 ttyload -
Attempts to change immutable files 22 IoCs
Modifies inode attributes on the filesystem to allow changing of immutable files.
Processes:
chattrchattrchattrchattrchattrchattrchattrchattrchattrchattrchattrchattrhostnamechattrchattrchattrchattrchattrchattrchattrchattrchattrpid process 1625 chattr 1634 chattr 1638 chattr 1570 chattr 1621 chattr 1617 chattr 1637 chattr 1641 chattr 1579 chattr 1613 chattr 1630 chattr 1676 chattr 1708 hostname 1594 chattr 1626 chattr 1618 chattr 1622 chattr 1629 chattr 1633 chattr 1675 chattr 1610 chattr 1614 chattr -
Enumerates running processes
Discovers information about currently running processes on the system
-
Write file to user bin folder 1 TTPs 1 IoCs
Processes:
4bd599176fbaab489642f3fafb083862_JaffaCakes118description ioc process File opened for modification /usr/sbin/ttyload 4bd599176fbaab489642f3fafb083862_JaffaCakes118 -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
catdescription ioc process File opened for reading /proc/cpuinfo cat -
Reads CPU attributes 1 TTPs 1 IoCs
Processes:
psdescription ioc process File opened for reading /sys/devices/system/cpu/online ps -
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
Processes:
killallkillallkillallkillallkillallkillallkillallkillallkillallkillallpidofpskillallkillallkillallpidofkillallkillalldescription ioc process File opened for reading /proc/4/stat killall File opened for reading /proc/5/stat killall File opened for reading /proc/600/stat killall File opened for reading /proc/1296/cmdline killall File opened for reading /proc/1499/cmdline killall File opened for reading /proc/28/stat killall File opened for reading /proc/25/stat killall File opened for reading /proc/204/stat killall File opened for reading /proc/115/stat killall File opened for reading /proc/1500/stat killall File opened for reading /proc/513/stat killall File opened for reading /proc/1127/stat pidof File opened for reading /proc/512/status ps File opened for reading /proc/565/cmdline killall File opened for reading /proc/1127/cmdline killall File opened for reading /proc/777/cmdline killall File opened for reading /proc/984/stat killall File opened for reading /proc/1136/stat killall File opened for reading /proc/11/stat killall File opened for reading /proc/1296/stat pidof File opened for reading /proc/25/stat ps File opened for reading /proc/777/stat killall File opened for reading /proc/21/stat killall File opened for reading /proc/1305/cmdline killall File opened for reading /proc/160/stat killall File opened for reading /proc/204/cmdline killall File opened for reading /proc/163/stat killall File opened for reading /proc/1248/cmdline killall File opened for reading /proc/166/stat killall File opened for reading /proc/440/stat killall File opened for reading /proc/1183/stat killall File opened for reading /proc/174/stat killall File opened for reading /proc/29/stat killall File opened for reading /proc/1119/stat killall File opened for reading /proc/1147/stat killall File opened for reading /proc/992/stat pidof File opened for reading /proc/528/stat ps File opened for reading /proc/1/stat killall File opened for reading /proc/442/cmdline killall File opened for reading /proc/1144/stat killall File opened for reading /proc/137/stat killall File opened for reading /proc/984/cmdline pidof File opened for reading /proc/5/cmdline pidof File opened for reading /proc/161/stat pidof File opened for reading /proc/468/stat killall File opened for reading /proc/83/stat pidof File opened for reading /proc/89/cmdline pidof File opened for reading /proc/1016/stat killall File opened for reading /proc/1180/stat killall File opened for reading /proc/159/stat killall File opened for reading /proc/1310/status ps File opened for reading /proc/992/stat killall File opened for reading /proc/78/stat killall File opened for reading /proc/1142/stat killall File opened for reading /proc/17/stat killall File opened for reading /proc/174/stat killall File opened for reading /proc/1068/cmdline killall File opened for reading /proc/322/status ps File opened for reading /proc/468/stat killall File opened for reading /proc/1284/cmdline killall File opened for reading /proc/1/stat killall File opened for reading /proc/1058/stat killall File opened for reading /proc/1505/cmdline killall File opened for reading /proc/1182/cmdline pidof -
Writes file to tmp directory 8 IoCs
Malware often drops required files in the /tmp directory.
Processes:
4bd599176fbaab489642f3fafb083862_JaffaCakes118description ioc process File opened for modification /tmp/.stats 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/info_tmp 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/bin/.sh/sshd_config 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/conf/hosts.h 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/.init1 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/.init2 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/.shmd5 4bd599176fbaab489642f3fafb083862_JaffaCakes118 File opened for modification /tmp/.procs 4bd599176fbaab489642f3fafb083862_JaffaCakes118
Processes
-
/tmp/4bd599176fbaab489642f3fafb083862_JaffaCakes118/tmp/4bd599176fbaab489642f3fafb083862_JaffaCakes1181⤵
- Write file to user bin folder
- Writes file to tmp directory
PID:1505 -
/usr/bin/whoamiwhoami2⤵PID:1507
-
/bin/tartar zxf ./bin.tgz2⤵PID:1508
-
/bin/tartar zxf ./conf.tgz2⤵PID:1510
-
/bin/tartar zxf ./lib.tgz2⤵PID:1512
-
/bin/tartar zxf ./utilz.tgz2⤵PID:1514
-
/bin/tartar zxf ./sshd.tgz2⤵PID:1516
-
/bin/rmrm -rf ./sshd.tgz2⤵PID:1518
-
/bin/rmrm -rf bin.tgz conf.tgz lib.tgz utilz.tgz2⤵PID:1519
-
/bin/sleepsleep 22⤵PID:1520
-
/usr/bin/killallkillall -9 syslogd2⤵
- Reads runtime system information
PID:1524 -
/bin/datedate "+%S"2⤵PID:1525
-
/bin/sleepsleep 22⤵PID:1526
-
/bin/hostnamehostname -f2⤵PID:1527
-
/usr/bin/cutcut -d "@" -f 22⤵PID:1535
-
/bin/grepgrep "@"2⤵PID:1534
-
/bin/grepgrep -v "^\$"2⤵PID:1533
-
/bin/grepgrep -v "^#" /etc/syslog.conf2⤵PID:1532
-
/bin/unameuname -n2⤵PID:1536
-
/bin/mvmv lib/libproc.a /lib/2⤵PID:1537
-
/bin/mvmv lib/libproc.so.2.0.6 /lib/2⤵PID:1538
-
/sbin/ldconfig/sbin/ldconfig2⤵PID:1539
-
/sbin/ldconfig.real/sbin/ldconfig.real2⤵PID:1539
-
/usr/bin/md5summd5sum2⤵PID:1541
-
/usr/bin/touchtouch -acmr /bin/ls /etc/sh.conf2⤵PID:1542
-
/bin/chownchown -f root:root /etc/sh.conf2⤵PID:1543
-
/usr/bin/chattrchattr +isa /etc/sh.conf2⤵PID:1544
-
/bin/rmrm -rf /tmp/bin/.sh/shdcf22⤵PID:1546
-
/bin/mvmv /tmp/bin/.sh/sshd_config /tmp/bin/.sh/shdcf2⤵PID:1547
-
/bin/mvmv /tmp/conf/lidps1.so /lib/lidps1.so2⤵PID:1548
-
/usr/bin/touchtouch -acmr /bin/ls /lib/lidps1.so2⤵PID:1549
-
/usr/bin/touchtouch -acmr /bin/ls "/tmp/conf/*"2⤵PID:1550
-
/bin/mvmv "/tmp/conf/*" /usr/include/2⤵PID:1551
-
/bin/mkdirmkdir /lib/libsh.so2⤵PID:1552
-
/usr/bin/touchtouch -acmr /bin/ls /lib/libsh.so2⤵PID:1553
-
/bin/mkdirmkdir /usr/lib/libsh2⤵PID:1554
-
/usr/bin/touchtouch -acmr /bin/ls /usr/lib/libsh2⤵PID:1555
-
/bin/mvmv ".sh/*" /lib/libsh.so/2⤵PID:1556
-
/bin/mvmv .sh/.bashrc /usr/lib/libsh2⤵PID:1557
-
/bin/mvmv /lib/libsh.so/sshd /sbin/ttyload2⤵PID:1558
-
/bin/chmodchmod a+xr /sbin/ttyload2⤵PID:1559
-
/bin/chmodchmod o-w /sbin/ttyload2⤵PID:1560
-
/usr/bin/touchtouch -acmr /bin/ls /sbin/ttyload2⤵PID:1561
-
/usr/bin/chattrchattr +isa /sbin/ttyload2⤵PID:1562
-
/bin/pidofpidof ttyload2⤵
- Reads runtime system information
PID:1563 -
/bin/mvmv /tmp/bin/ttymon /sbin/ttymon2⤵PID:1564
-
/bin/chmodchmod a+xr /sbin/ttymon2⤵PID:1565
-
/usr/bin/touchtouch -acmr /bin/ls /sbin/ttymon2⤵PID:1566
-
/usr/bin/chattrchattr +isa /sbin/ttymon2⤵PID:1567
-
/bin/pidofpidof ttymon2⤵
- Reads runtime system information
PID:1568 -
/bin/cpcp /bin/bash /lib/libsh.so2⤵PID:1569
-
/usr/bin/chattrchattr -isa /etc/inittab2⤵
- Attempts to change immutable files
PID:1570 -
/bin/grepgrep -v getty2⤵PID:1573
-
/bin/grepgrep -v ttyload2⤵PID:1572
-
/bin/catcat /etc/inittab2⤵PID:1571
-
/bin/grepgrep getty2⤵PID:1575
-
/bin/catcat /etc/inittab2⤵PID:1574
-
/bin/catcat /tmp/.init22⤵PID:1576
-
/usr/bin/touchtouch -acmr /bin/ls /usr/sbin/ttyload2⤵PID:1577
-
/bin/chmodchmod +x /usr/sbin/ttyload2⤵PID:1578
-
/usr/bin/chattrchattr +isa /usr/sbin/ttyload2⤵
- Attempts to change immutable files
PID:1579 -
/usr/sbin/ttyload/usr/sbin/ttyload2⤵
- Executes dropped EXE
PID:1580 -
/sbin/ttyload/sbin/ttyload -q3⤵PID:1581
-
/sbin/ttymon/sbin/ttymon3⤵PID:1582
-
/usr/bin/touchtouch -amcr /etc/inittab /tmp/.init12⤵PID:1583
-
/bin/mvmv -f /tmp/.init1 /etc/inittab2⤵PID:1584
-
/bin/rmrm -rf /tmp/.init22⤵PID:1585
-
/bin/grepgrep ttyload /etc/inittab2⤵PID:1586
-
/usr/bin/md5sum/usr/bin/md5sum /bin/ps2⤵PID:1587
-
/usr/bin/md5sum/usr/bin/md5sum /bin/ls2⤵PID:1588
-
/usr/bin/md5sum/usr/bin/md5sum /usr/bin/find2⤵PID:1589
-
/usr/bin/md5sum/usr/bin/md5sum /usr/bin/top2⤵PID:1590
-
/usr/bin/md5sum/usr/bin/md5sum /usr/bin/md5sum2⤵PID:1591
-
/tmp/encrypt./encrypt -e .shmd5 /dev/srd02⤵PID:1592
-
/usr/bin/touchtouch -acmr /bin/ls /dev/srd02⤵PID:1593
-
/usr/bin/chattrchattr a+r /dev/srd02⤵
- Attempts to change immutable files
PID:1594 -
/bin/chownchown -f root:root /dev/srd02⤵PID:1595
-
/bin/rmrm -rf .shmd52⤵PID:1596
-
/usr/bin/touchtouch -acmr /sbin/ifconfig ifconfig2⤵PID:1597
-
/usr/bin/touchtouch -acmr /bin/ps ps2⤵PID:1598
-
/usr/bin/touchtouch -acmr /bin/ls ls2⤵PID:1599
-
/usr/bin/touchtouch -acmr /bin/netstat netstat2⤵PID:1600
-
/usr/bin/touchtouch -acmr /usr/bin/find find2⤵PID:1601
-
/usr/bin/touchtouch -acmr /usr/bin/top top2⤵PID:1602
-
/usr/bin/touchtouch -acmr /usr/sbin/lsof lsof2⤵PID:1603
-
/usr/bin/touchtouch -acmr /sbin/syslogd syslogd2⤵PID:1604
-
/usr/bin/touchtouch -acmr /usr/bin/slocate slocate2⤵PID:1605
-
/usr/bin/touchtouch -acmr /usr/bin/dir dir2⤵PID:1606
-
/usr/bin/touchtouch -acmr /usr/bin/md5sum md5sum2⤵PID:1607
-
/usr/bin/touchtouch -acmr /usr/bin/pstree pstree2⤵PID:1608
-
/bin/mkdirmkdir /usr/lib/libsh/.backup2⤵PID:1609
-
/usr/bin/chattrchattr -isa /bin/ps2⤵
- Attempts to change immutable files
PID:1610 -
/bin/cpcp /bin/ps /usr/lib/libsh/.backup2⤵PID:1611
-
/bin/mvmv -f ps /bin/ps2⤵PID:1612
-
/usr/bin/chattrchattr +isa /bin/ps2⤵
- Attempts to change immutable files
PID:1613 -
/usr/bin/chattrchattr -isa /sbin/ifconfig2⤵
- Attempts to change immutable files
PID:1614 -
/bin/cpcp /sbin/ifconfig /usr/lib/libsh/.backup2⤵PID:1615
-
/bin/mvmv -f ifconfig /sbin/ifconfig2⤵PID:1616
-
/usr/bin/chattrchattr +isa /sbin/ifconfig2⤵
- Attempts to change immutable files
PID:1617 -
/usr/bin/chattrchattr -isa /bin/netstat2⤵
- Attempts to change immutable files
PID:1618 -
/bin/cpcp /bin/netstat /usr/lib/libsh/.backup2⤵PID:1619
-
/bin/mvmv -f netstat /bin/netstat2⤵PID:1620
-
/usr/bin/chattrchattr +isa /bin/netstat2⤵
- Attempts to change immutable files
PID:1621 -
/usr/bin/chattrchattr -isa /usr/bin/top2⤵
- Attempts to change immutable files
PID:1622 -
/bin/cpcp /usr/bin/top /usr/lib/libsh/.backup2⤵PID:1623
-
/bin/mvmv -f top /usr/bin/top2⤵PID:1624
-
/usr/bin/chattrchattr +isa /usr/bin/top2⤵
- Attempts to change immutable files
PID:1625 -
/usr/bin/chattrchattr -isa /bin/ls2⤵
- Attempts to change immutable files
PID:1626 -
/bin/cpcp /bin/ls /usr/lib/libsh/.backup2⤵PID:1627
-
/bin/mvmv -f ls /bin/ls2⤵PID:1628
-
/usr/bin/chattrchattr +isa /bin/ls2⤵
- Attempts to change immutable files
PID:1629 -
/usr/bin/chattrchattr -isa /usr/bin/find2⤵
- Attempts to change immutable files
PID:1630 -
/bin/cpcp /usr/bin/find /usr/lib/libsh/.backup2⤵PID:1631
-
/bin/mvmv -f find /usr/bin/find2⤵PID:1632
-
/usr/bin/chattrchattr +isa /usr/bin/find2⤵
- Attempts to change immutable files
PID:1633 -
/usr/bin/chattrchattr -isa /usr/bin/pstree2⤵
- Attempts to change immutable files
PID:1634 -
/bin/cpcp /usr/bin/pstree /usr/lib/libsh/.backup2⤵PID:1635
-
/bin/mvmv -f pstree /usr/bin/pstree2⤵PID:1636
-
/usr/bin/chattrchattr +isa /usr/bin/pstree2⤵
- Attempts to change immutable files
PID:1637 -
/usr/bin/chattrchattr -isa /usr/bin/md5sum2⤵
- Attempts to change immutable files
PID:1638 -
/bin/cpcp /usr/bin/md5sum /usr/lib/libsh/.backup2⤵PID:1639
-
/bin/mvmv -f md5sum /usr/bin/md5sum2⤵PID:1640
-
/usr/bin/chattrchattr +isa /usr/bin/md5sum2⤵
- Attempts to change immutable files
PID:1641 -
/usr/bin/touchtouch -acmr /bin/ls /tmp/utilz2⤵PID:1642
-
/usr/bin/touchtouch -acmr /bin/ls "/tmp/utilz/*"2⤵PID:1643
-
/bin/mvmv /tmp/utilz /usr/lib/libsh/2⤵PID:1644
-
/bin/mkdirmkdir /usr/lib/libsh/.sniff2⤵PID:1645
-
/bin/mvmv /tmp/bin/shsniff /usr/lib/libsh/.sniff/shsniff2⤵PID:1646
-
/bin/mvmv /tmp/bin/shp /usr/lib/libsh/.sniff/shp2⤵PID:1647
-
/bin/mvmv /tmp/bin/shsb /usr/lib/libsh/shsb2⤵PID:1648
-
/bin/mvmv /tmp/bin/hide /usr/lib/libsh/hide2⤵PID:1649
-
/usr/bin/touchtouch -acmr /bin/ls /usr/lib/libsh/.sniff/shsniff2⤵PID:1650
-
/usr/bin/touchtouch -acmr /bin/ls /usr/lib/libsh/.sniff/shp2⤵PID:1651
-
/usr/bin/touchtouch -acmr /bin/ls /usr/lib/libsh/shsb2⤵PID:1652
-
/usr/bin/touchtouch -acmr /bin/ls /usr/lib/libsh/hide2⤵PID:1653
-
/bin/chmodchmod +x "/usr/lib/libsh/.sniff/*"2⤵PID:1654
-
/bin/chmodchmod +x /usr/lib/libsh/shsb2⤵PID:1655
-
/bin/chmodchmod +x /usr/lib/libsh/hide2⤵PID:1656
-
/bin/psps aux2⤵
- Reads CPU attributes
- Reads runtime system information
PID:1657 -
/bin/grepgrep named2⤵PID:1660
-
/bin/catcat /tmp/.procs2⤵PID:1659
-
/bin/grepgrep smbd2⤵PID:1663
-
/bin/catcat /tmp/.procs2⤵PID:1662
-
/bin/grepgrep rpc.statd2⤵PID:1666
-
/bin/catcat /tmp/.procs2⤵PID:1665
-
/bin/rmrm -rf /tmp/.procs2⤵PID:1667
-
/bin/grepgrep http2⤵PID:1672
-
/bin/grepgrep 4432⤵PID:1671
-
/bin/catcat /tmp/.stats2⤵PID:1670
-
/bin/rmrm -rf /tmp/.stats2⤵PID:1673
-
/bin/mkdirmkdir /usr/lib/libsh/.owned2⤵PID:1674
-
/usr/bin/chattrchattr +isa /usr/lib/libsh2⤵
- Attempts to change immutable files
PID:1675 -
/usr/bin/chattrchattr +isa /lib/libsh.so2⤵
- Attempts to change immutable files
PID:1676 -
/usr/bin/killallkillall -9 -q nscd2⤵
- Reads runtime system information
PID:1677 -
/usr/bin/killallkillall -9 -q xntps2⤵
- Reads runtime system information
PID:1678 -
/usr/bin/killallkillall -9 -q mountd2⤵
- Reads runtime system information
PID:1679 -
/usr/bin/killallkillall -9 -q mserv2⤵
- Reads runtime system information
PID:1680 -
/usr/bin/killallkillall -9 -q psybnc2⤵
- Reads runtime system information
PID:1681 -
/usr/bin/killallkillall -9 -q t0rns2⤵
- Reads runtime system information
PID:1682 -
/usr/bin/killallkillall -9 -q linsniffer2⤵
- Reads runtime system information
PID:1683 -
/usr/bin/killallkillall -9 -q sniffer2⤵
- Reads runtime system information
PID:1684 -
/usr/bin/killallkillall -9 -q lpsched2⤵
- Reads runtime system information
PID:1685 -
/usr/bin/killallkillall -9 -q sniff2⤵
- Reads runtime system information
PID:1686 -
/usr/bin/killallkillall -9 -q sn1f2⤵
- Reads runtime system information
PID:1687 -
/usr/bin/killallkillall -9 -q sshd22⤵
- Reads runtime system information
PID:1688 -
/usr/bin/killallkillall -9 -q xsf2⤵
- Reads runtime system information
PID:1689 -
/usr/bin/killallkillall -9 -q xchk2⤵PID:1690
-
/usr/bin/killallkillall -9 -q ssh2d2⤵
- Reads runtime system information
PID:1691 -
/usr/bin/cutcut -c6-2⤵PID:1696
-
/usr/bin/awkawk -F " " " {print \$2} "2⤵PID:1695
-
/bin/grepgrep "inet addr:"2⤵PID:1694
-
/sbin/ifconfig/sbin/ifconfig eth02⤵PID:1693
-
/bin/hostnamehostname -f2⤵PID:1697
-
/usr/bin/awkawk "{ print \$11 }"2⤵PID:1699
-
/bin/unameuname -a2⤵PID:1698
-
/bin/catcat /tmp/info_tmp2⤵PID:1703
-
/usr/bin/awkawk " {print \$3}"2⤵PID:1707
-
/bin/grepgrep bogomips2⤵PID:1706
-
/bin/catcat /proc/cpuinfo2⤵
- Checks CPU configuration
PID:1705 -
/bin/hostnamehostname -i2⤵
- Attempts to change immutable files
PID:1708 -
/usr/bin/wcwc -l2⤵PID:1712
-
/bin/grepgrep eth2⤵PID:1711
-
/sbin/ifconfig/sbin/ifconfig2⤵PID:1710
-
/usr/bin/headhead -1 /etc/debian_version2⤵PID:1716
-
/bin/rmrm -rf /tmp/info_tmp2⤵PID:1717
-
/bin/datedate "+%S"2⤵PID:1718
-
/usr/bin/exprexpr 14 - 122⤵PID:1719
-
/usr/bin/headhead -52⤵PID:1722
-
/sbin/iptables/sbin/iptables -L input2⤵PID:1721
-
/sbin/syslogd/sbin/syslogd -m 02⤵PID:1725
-
/bin/rmrm -rf "../shv5*"2⤵PID:1726
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.1MB
MD5d5d689ba6020abe746c52ae7438d9eb2
SHA10a4ece3b3c332c39922b8d521c8f2087e9cf22b6
SHA25615d4469eb3da716fefcc0c395a5b1d1657ad0555ec3ae623e727bb0dfcee19cf
SHA512ae2459b496385844c20813e8fdc6c227facc6b16cd1bfcc467eb61309cb8316b5dc44d66c13de1a7a1c248a546654bc51128f6d1f2f8bb92f7e9f1898cec415e
-
Filesize
340B
MD58c053b4b674ebfcf6d38503608c5c8db
SHA19927d232e5bb15e3b6bbe461e0041d74649b963a
SHA2566bdd745ccb67873f8e05c871ea6f153bb4daa683d7873e22c93fa716f53f61dc
SHA51235320ff6eed384649f02262a46bf9fdabdcf1f9808738b7c6af3fea01a1b54c963d038c984c3d794445030632ab1ae38c8d6bbf319a362233a40ac9314a55222
-
Filesize
24B
MD5ba6ed6a3d425270d5374b0c2b54b3008
SHA158635a2e5fa938e55f777cb55a6df5fe44f6b4ec
SHA25691c48fb19d87c95033df44d44e58474ab5e2a7176d231c11bb5e45c7d52fa359
SHA5126f2ecc0fe867ec1cc575dc8cbba8566ac32dea4252b355f4267afb18d15dd759baecac3d8b74656a6008b7d20be3033ee4650f8b9cece8c2eb2466dc6fcecd0c
-
Filesize
54B
MD50dae4739f83623a59236ecfabe00007b
SHA14b2b361ba9cf76213d2c4d6ba67e80099405f810
SHA256513dfa0b7341549c6141df2ebdf1eedf72f1904d47725a17213b3bcb80916ac0
SHA51212ab203d1434f29cf4b5f81d72a0790d9ddacd20df5d71e2a0d429b2bc8c80cff5c4a4c1332452deb9d84817088a1223f55ef2411f0605cfbe00eb2fe8aa1d74
-
Filesize
55B
MD521df30feebe94d25ce99e861e3642895
SHA13624439d7e9ac4463f83f1658205367ef27a2234
SHA256d3bfdb3e0f63a093f8e9bff6925ddc52429fe09fe4de521add28b373d44fe0f5
SHA51226fbc52d5c2984a74673397e6edce3bf8a14e4d52a1abc7ffdfbf1bae9768b2583512632625d01bac896c623b0ec10fa24f6aa3c54ec2a70450b02d9bb37cecb
-
Filesize
70B
MD574e8461d4c9dd715082f15ef51e3ecac
SHA10504be0510ac79c4f7c8d5477032408f9b63a651
SHA2569fff95a586ab017f278fbf2f579d424e29164b5fae02f509176b9a600c4091de
SHA5120682c5966466f49b1f53b872e5f10a4264f11a65f198f8e780365e6c683899815f90613cf8cd900d7b8d47247c343ab6002183a405313ac07fe026a2f634e02c
-
Filesize
16KB
MD5dbfab1026f0ecb2da80664aaaa4dc2df
SHA15f6ba72969e1537764225a7734dbe82803cab5ad
SHA2565ffc23b653aca3456f8904805c49d763b4222af7b4d03b50d21f43bfcdc7a72f
SHA51259110f203e31ec3a4a2d7c2ce9c7825cd4be49e176af02dbe75cb8d683cca324eeff132e9b61eac183cef73248115589bd8b02df9dc6f2418538464b26e48f14
-
Filesize
42B
MD5e5f6d25a37ab24a48c82631b89bbad91
SHA1bff487e8094ae83d1f22e9aa8c1299b18d5ee945
SHA2568a0a7a94db129cb5992937e60ca4987517d47478ddb717cde31db4201e47f13e
SHA512ca1a1d98c2774f6117001d76eaae5898754d2f72c58ad72e3bb295ee8fa36b9e3336a7193ab0384a2765fbc1a15f0de1280322687001e316c4fd0cdaf24093c1
-
Filesize
84B
MD507bdf03254d1a560efa2e429faf99bc9
SHA114a6a0c13e10302d373fc7dd749bd02d826575ae
SHA2566967fa87b368f071c4e0d20a9b3adc3f74b756a7823036dd63d0e21375b5c2df
SHA512b53670afd1edfe47a68f265204a9254565245458f06e462827d176ddfd9db4b913f4b966e41f6e39469b668d29248c2a9823de033edf827a6a3c68ec719c4500
-
Filesize
132B
MD5fc6210437e7b99a1a011420086f448aa
SHA14b497f01d530ad73a0528de71e051bf4053c0b25
SHA2563428f7d5cb668efc10039df2ff8106e99195a3d85218a639d781c5d78fcace75
SHA512aeb3750a0aca0278713b742125cd5314dc10259c50467bc57a1ec644c9d04d3ea5c593fe6ff2d6f778fdec5888d92f4d2125c27c82ae083447d74c15377d15f9
-
Filesize
179B
MD5d8d06c72332be09ec7c8a4e8c2529ff4
SHA1bdf65d9438688b9463e2fa0f272c38b00065efee
SHA256cb7f119919564a298c23a3624b87f2ffd5b1c27a1d3a904cf922e13ad535bda5
SHA512bde07e1b19be556b137e33ef0ded9b6a616a0ea24f2ca9a1655ff92a508115e7a21f103d13d89092e385a59ee93d78a44ee1b2f2322940829d9aa5d759bde729
-
Filesize
229B
MD55c72f1a08578d9ad6a26bb64c5d4824d
SHA188bf94980645d88fbd704ebe93bda300641bfe84
SHA2562063622ad7615f0c20e117e5c96a12b874d04d6b989008d7c4fb2ced71204217
SHA51249879f21e66710496c034ecad2d3787b003d1a4b547858be4dbe8792fa14071df8911891bd468b3c7ea6396165e30dad497459597678f0a888b4a042f75f8064
-
Filesize
5B
MD522ea01bf426fdae49b9b7cf004c6d4dd
SHA16131673bf21f62e30fc4cf309bcfa6f2f38ef0c5
SHA2564c4a7bdb988f50b1955b22645128a7a689060d6e4cd69612b5c408728c65e6cf
SHA512eeff1030deb87da71d05396e31a557b4b4318f7cd67e1660049b1502444dbacea928ceeeb3e6d453112d37780a1a3321b232dd291dcce50b6297cc478d70207a
-
Filesize
232KB
MD5f11b2b59639b1edcb46026472786c747
SHA1a6fe59e11456bc7f19e28b38aa9c1f9c1a13b70d
SHA256189fbf2416c8205430d8eaa85e2947bc15504ca335ad4a77ec668ff3cbf9c84a
SHA5121967f43b4b274e2afbc30e8e1bad314085e488066b22233e6ec033dbae10ae111320296b9d429e94cb3079636a37e433aeac928b4ef23a56dedae1741815416b
-
Filesize
130KB
MD5931606baaa7a2b4ef61198406f8fc3f4
SHA1d3a21675a8f19518d8b8f3cef0f6a21de1da6cc7
SHA2560d06f9724af41b13cdacea133530b9129a48450230feef9632d53d5bbb837c8c
SHA5124be40f2440619e990897cf956c32800dc96c2c983bf64519854a3309fa5aa21827991559f9c44595098e27e6f2ee4d64a3fdec6baba8a177881f20e3ec61e26c
-
Filesize
42KB
MD51f27bad424fa872edc3c2cfc50c4daa1
SHA10ca639850c9b1a9fc463c48d3229d9822fcc08fd
SHA256331461536894ebf97e5d4115fc3ec4f33b207f3d2dde380adfdfc4edd8a258d2
SHA51251c4e94f75da29867091ecada3fec0fd1c87b14b598323bad8ed52a9e0c5221de982a1ad99d272f92eb8fc43125c66227b937b3eb5f5ca621044ba70c607453c
-
Filesize
130KB
MD5558edc26f8a38fa9788220b9af8a73e7
SHA13024d44e580e9c67f32f6c585d50e2a6cc9a7cac
SHA256b76435c80333d2c1fd18e0e7682f1c9dfb5da8d507e93e3c416f54b481c428d5
SHA512edaa425b441044f015e8f68fffa1664e42372d00dd0e7b0924d24ce947aa8e5f96b3bdc326fa2f8b978e3fcf638a1ceca45a223735db73f1607df66990feb56f
-
Filesize
26KB
MD53dfdec02342af331dbaa70e8be88b988
SHA153810bd325c059930536467db0271fe41344dbdd
SHA2563ebb6d41888a42802e43416e85fbece5f83bcf02dd1614d2933c766207c12a28
SHA512909ca3af22ac9da7eb30f0a0929c6501f97d2188cb9257019e87222eba44dbf83b25735233b9b82bfa04b961761adad20bba4d394200caa00be0942e11183e5b
-
Filesize
105KB
MD5daf2cfb715d205893e4f6854282dad18
SHA1939708b9e10f46934e31f91c915be71c7c491e61
SHA25629615b5441c4ebdd6bb1e7e3301aa5f4313b326ee009645cef443fb7bab3e1e0
SHA5129d96f140cd561f35edab13e960031f1475acd5c93d8f85dc8636f207a929952e3da9cb19086d673274edf944501b5026769b086fff2b875af2bc331882e8217d
-
Filesize
33B
MD5b46702355aecfc0bd14c525655eccb8b
SHA185ae2258fdf63f04130470356e4d0ba13cce49b4
SHA256d4fe551995b5a5c5c71656ad1bf102c790f0a8a8415e1331ee9948e451a23db7
SHA512db411c4f553c0eefd8672bf395679d48fe7dd9ad467d2ee5e738dd62815b2091c191c32db87bf88ae1aad3689a020c2e565091e1086f5fd1733c75847091f151
-
Filesize
62B
MD553e75bf7964b0fb15cbe3028a151ed65
SHA1116589e3b65166f73be2c6e8bb3b09c07641a762
SHA256550618b776401129e1bf6000bc28a7891ab0a6431bac3382be1ee1a585282805
SHA512ec2f45bc08e02e16db6db32bb71daff158c4044ed7268b696a62bf0efe9de59c331d6afb0b9101b5686e41cc701c491d75b0617c18bb68fb3393bea2ba702316
-
Filesize
50KB
MD552b4ccbad7807f5a2f34d1379dab1109
SHA1fc15ce78d0bc4ae915b2ad57d4500d742d81ea44
SHA25687070051536cd04382ef5585cf305cc95eb25910281f6b1201b3d22ee44bd0d9
SHA51293f9112e421ee3472b29a42bca073c088f0b8948a8fdf092c38d9978c00e30f4bef474a2af27f468d5b8ee8d601c43588e8fe1e1c1cc874addcb590098298edb