Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
27/07/2024, 23:46
General
-
Target
02c6de821fc433304ee204d4b930392e_JaffaCakes118.exe
-
Size
9.3MB
-
MD5
02c6de821fc433304ee204d4b930392e
-
SHA1
68b1cc41a9d00e0f7d6dd3fa70b816e158839f45
-
SHA256
03595be308cd92512645f8f37b6731f372da3c6b5dbf298c4d16a9683a8e4f19
-
SHA512
c874685a0342e0b0af53630650188f2c3b5e2196ffbb10b74cb1c00e1cae0a35bcfba9d3d096b7d7f9bbe636862a653a85bb353b6308ce323e5ce6d8c51873c7
-
SSDEEP
196608:9AAkXmjdt4e14FhATdRzWEgOwZYKjm/lKIMaJPxEN0N:me4eyhWddWEhztlK7cPGQ
Malware Config
Signatures
-
Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 4 IoCs
-
Checks BIOS information in registry 2 TTPs 8 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys 2 TTPs 3 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Modifies Windows Firewall 2 TTPs 1 IoCs
-
Drops file in System32 directory 64 IoCs
-
Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 64 IoCs
-
Executes dropped EXE 7 IoCs
-
Loads dropped DLL 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Event Triggered Execution: Netsh Helper DLL 1 TTPs 3 IoCs
Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.
-
System Location Discovery: System Language Discovery 1 TTPs 9 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 5 IoCs
-
Modifies registry class 64 IoCs
-
Modifies system certificate store 2 TTPs 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 7 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of WriteProcessMemory 37 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\02c6de821fc433304ee204d4b930392e_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\02c6de821fc433304ee204d4b930392e_JaffaCakes118.exe"1⤵
- Adds Run key to start application
- Drops file in Program Files directory
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\Any_setup.exeAny_setup.exe /E /F2⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies system certificate store
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\cert\certutil.exe"C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\..\cert\certutil.exe" -L -n "Hancom Secure Root Authority" -d "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\uj06vnfd.default-release"3⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\cert\certutil.exe"C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\cert\certutil.exe" -A -n "Hancom Secure Root Authority" -t "CT,C,C" -i "C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\..\cert\ca_cert_sh2.crt" -d "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\uj06vnfd.default-release"3⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\netsh.exenetsh advfirewall firewall add rule name = "AnySign4PC" dir=in action=allow program="C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PC.exe" enable=yes3⤵
- Modifies Windows Firewall
- Event Triggered Execution: Netsh Helper DLL
- System Location Discovery: System Language Discovery
-
-
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PC.exeAnySign4PC.exe port=10530;port_s=10531;no_shut=12⤵
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
- Checks BIOS information in registry
- Identifies Wine through registry keys
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exeAnySign4PCLauncher.exe -install2⤵
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
- Checks BIOS information in registry
- Identifies Wine through registry keys
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exeAnySign4PCLauncher.exe -start2⤵
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
- Checks BIOS information in registry
- Identifies Wine through registry keys
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exe"C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exe"1⤵
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
- Checks BIOS information in registry
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5e7bf64956c2ec9b3c330618fa02dbc37
SHA15e8b43ca40eb5051ac804f1c50589fdae240909b
SHA2561db25f0b2ccccb639b083e309dfeee781a447dee962f6f6bd8ac126a3bed23d1
SHA512954dc837bbf010ef4d0d2cf542d925baf2cb567eafcba4cc49fe305e2bfb77d489c91f7060764dc48f6d25906daf65432d422c9968d28318d87ce4cb4debb919
-
Filesize
283KB
MD5e082bd597129b93f8afe414021f7dd30
SHA1d861f0cefd66ed14fde82b0541237e42c5c7c63a
SHA25622c4d27af891ac0d7d1cd511f0aade8c1aa1c1648a3b4ef2828764b0f9daafef
SHA5120f8cf28e99f74326d418a70e36a40fe6e078b78007298416fa17db3fce010fef2857af4eb28eb9e3eaddc7520bb737c85b14f4ad370e5552273c8e113b396f43
-
Filesize
1.6MB
MD537016e05495f1daca0af21f23654203f
SHA1ce75de300b5984a96fbbc561a70c21b6bf7fd02c
SHA256eb609f53bc2d1ca5f771b577f4a160b2974dc42196d82508d84d7767ac2ca6a7
SHA51298a077deb5b13eb74a1a8b105778f923112888339c0482645c481c9ae736622bf1cbf21c830eb18130ba161aebbf5599f0816ad6ed8de1ffea22cec46cbd78c9
-
Filesize
2.3MB
MD5dede7b51dee26b56e94991f33504ba8a
SHA17715ff2ee133265f94cc77f01e32d00f77b42cd1
SHA256e2333c3dda14fafbcbe1ab29bf433ae89280c7fc4b1f5ce4b3e45943415b7c6a
SHA512dd2181b0a87ac9fd66ffb6a889087584ead7630073eb501e3b357dfc7526dfc24d0a4e67fdb638199ab250f5d008baa085d0a3aeddd46ed5d5721d969101c915
-
Filesize
2.2MB
MD5d0d596a7aee7c949d4fb625269ccc4a3
SHA17f4db9b10ab88273eecfb145fe9a01293ee6c28c
SHA25680ce82de0a6635d47d0fc1be310ebf8e5238d8598f83e7df83be0215f18bb7f9
SHA5121f5cc7c07e6ad5222fef42589a21c31566e6606e202b00bacc0e9b960cb29f26f6c04eefa31b6109844269a4370b4a6b60d92e4577543bc905b0ffc0b7046550
-
Filesize
93KB
MD59e0702593906df98923c82a2464f606c
SHA156a704bc69cc3cd6ef8e3585d70a69a68d4b27d4
SHA2562acbed3b2c5a7f0a6967f1ab2798c5fd4eec335e99993d7828732a43c90f7bd6
SHA512ab3469f534387fa78c6c33aa702e1a5fd24061ba850de9c5488fdcce811a1ebb62ef7b12c4a80a89f19528b7453dc58b7e0865062449c63238ad7c994b7de69c
-
Filesize
1KB
MD536e4cf3c664e36b710d0141cea2c3b19
SHA1b82e21063fede690fdadeececabe42ccc892540f
SHA2562bcca8b209ddd583c1967e78862756e282ec697b168700d5ba108494796a1bf8
SHA512d3df430d21ae6c3014b117b5e0a80f07e5ca679053aa9539471e6daf7f542bedf8f63a6ddcf49e681098e379dc8689d21370d2f452e87ecb85e8e0c3e0c7c6fb
-
Filesize
1KB
MD5f2dc536e0578e2c5e8b3a0f514e8e5e2
SHA15a7121f1c08d9d5596cbdb3df9a57b64b8b6d303
SHA2563b66ef21e303deaabba6820c425ec3433a0504fac52297822477b355938786c6
SHA5121f4001a227f37200448f27a7500bebfd41ff3aa3f783d51c87534e26b4f1831cbcd057e322562c322d34bc5fbc87b5304f8817624aa6315bf2bb4db95d195549
-
Filesize
1KB
MD581c4f67c10ffbd8cde9d4adf7ad8e966
SHA168da4b11028b97c10aa34df09f28988141837f14
SHA256e66c3bb08eda523bf040e3df90b6706d805067d4c3cacfb24793dd2812fe8d35
SHA512f05173ca2542040978a19367d3210d5bb889e1eb3ee4e769e810a7e72c5981d2b906928be1db2667b80b4b24d0a4f380ae4dd4428a78fff36f6ba12876fb3bf7
-
Filesize
1KB
MD5ec746254751b75cc482da57c8a3ead02
SHA11c019ff4294187cae3986e6d3474b7e39e1ea4de
SHA256e54153845de915701251e84af58a6f2b88fd3456a0a4655861f33c334b936da5
SHA5124d1148f0518b1fcdd126a4ce5a9407bfaaf107a64f55f34c099038b7314e1cb5906213e1a5a5ee713fa4d78856a2a15b92ce7e825b399f638cbfac610be99443
-
Filesize
1KB
MD5913113a4e0ae839cca81c060475cd91f
SHA1c43536a391aaa12de143843e624bb5fde1c36cc5
SHA25616afc10a401db5c68a50eaedc76198757fd677ca20aa3f2fe6791c89f2c9b07f
SHA512ad557ca865f048c20490536f780dd72c2a10c1690163ceb2d469bd2412aec5dbeae1555d242d9cdf624f449215219eb189022c351d02f649b6ca2237c407b95f
-
Filesize
1KB
MD5c2e0273d364b8629744d6b9f5ab50126
SHA1a0cd6a6da47b7315f58acb1fc6fdc214c93b5dbe
SHA25688c274840638cc0b2c8acfdad6f9594eca423c197a39032a40c45f603c69f04a
SHA512a9394878d2e7e05360d8ed8d764de9f3bd0ad27f6705072331169f78d711386d6da92d152b28e8dde7312cd0f7def805a69eecc8f14beb36babc22777f8f353c
-
Filesize
1KB
MD51d68b4509a9a9d30af715857af94eb6e
SHA1f76a329251374464355ae2cc46bae71d3866dd54
SHA256e9eeaa943822c4e03ad01f3326c04734ce7595d5aac797de6dfd81ef51e820b3
SHA5127c358cfd9d277bf98f7901c6ab034a3f10c8d038d04dbe312a8acb3b796f10a7e610407af65b54231b0f450333e1e582ddafe06e9ee0369bec947a8c16367af9
-
Filesize
1KB
MD50d73df95d76e0d1ed2dd7af493a9583a
SHA1ae27611ee7725c640fc8e429c29ecebdfd31eedc
SHA2566b24a73eb6d7725cd9cfa74d038f3295d33867f86a7efe5746f998450da9a318
SHA51286f91ce99a2890c542686b803abd124c1b019bea32c56c3b0cfe1d472de94f43ad3495e747c4d5b41b16d1f3b065f7caea6d800334854bcfe92021b061b16eff
-
Filesize
1KB
MD50d3dd8492da7764424902c30346a4eef
SHA125a44654187f7b4701860f2d571f528d3cd4d6f3
SHA256efb2bac7fdb49528b0ed679dbef8c323fd42b472095192ebd94a9c3ca3ad54b6
SHA512232b85d5b3ba0b25f57e325ad5eb882e047fa813007a84c4a9cd50d6d5135a5059cc2cd31c0831f5252dbecc586a0a00bd66ffa909e99f08f2a8fe422136c43e
-
Filesize
1KB
MD53c358d13a20a45f6e879030550e35844
SHA133293585459110c968e85c8b464afdeea02bc58d
SHA2567c48fd35f6aba2b1980e0dc0c041befa56a01d805a45a27df44eecf182f4d881
SHA51219661e2cece14b24b4a4b2fbd49cac4f902ed5d353544f0b9c3cac6b0c6e5fa7c144430133b817872ec605c9c132a453cb5f4fa011e07cbaf5aeb9e1b7f570a3
-
Filesize
1KB
MD5dc3eb7c59490b93396b34cba7e7d4e9b
SHA15f891b17b86ed8ed985ac85f6c86dfdbb3786557
SHA256d5d1fd46eda10892db7fed42f4285ba6238e5cb7ace6971430352a5fac1f4ce5
SHA512308330e7962a15ccf10f974fc052b3c0f46a58d9238f99640badba03a1c2dc7579aa46ae4ce8d5313a7e32fcbfd65473ac5b2be7e2a73180e1e740a5a3692ca7
-
Filesize
1KB
MD51d7a6ecdeab591ae7628f7beb53f3dd4
SHA10849ebdb49eebdded35c4a339188f5977d4d20d5
SHA25687e8d328c77923a2479932278725933d4674e2755b15a9ae8a014979b677bf34
SHA51291ce4cc1bda7e33461c9f1e445de5f69145b814d57f2d7efe4f6b5972094388064603997f4f35bc69f0dfde71df17de9cce30300e2250967f5768fdbe367f18f
-
Filesize
1KB
MD578d9211607e40e4529a4ebd8950a5d65
SHA1572ae5e999792bb7bf3d556e9fbbd0c2a3e8eb6a
SHA2561a37a4bb6a65e2e06466a250779d22da2e90cd0c305fb057e78bd32a0111d237
SHA512df847072fa6dc50069924b7d98150c651f7746608a25e97ea0b66cdc08fc0acb3d2fcfc2e7cbdd90bd0a5744afeb759d6f885788943241f31ef0b543f731a1b5
-
Filesize
1KB
MD561747c43532e687facf06de42565cb87
SHA1dd32236484312abf140a88942936ebd496dabc1e
SHA256880febb841584f86c4bcc6c9fb54e6b4476605ad13a55f4532857621835b283d
SHA512c0afae8e05d9bc62f5a57110e6f9ea83dc21766403c98e596fa455a1baa25f66b992ad4028ceb86224ca8c0df468f182864b7a8bfa7d6393462a1c378afd1eb8
-
Filesize
1KB
MD57fa865b6927bba7be2e2aa4ce6cf3152
SHA1c618ec220aa010ff35c643b621d56856e9004c8f
SHA256df545cdef6bc70a461534f15e9588af2578ea41cfbaf2d0d5dff6ab91866bd6e
SHA5129ca60c82b76382f4118281ba866df994ea1463890fb0330112d29bc32457938c8cd2bddfe230c515af15a6f73929a7f3cac91cefac47bc3fe3295ab0ea03a9b7
-
Filesize
1KB
MD5e84b8b1d46bf4c78b2a0534f0bbb10d1
SHA1239822a12b84418517251e98bdb8fd5fcae89409
SHA2561fccbd01edfc39a9d0a17695d8f7f5bc66a5c75ec05278c06f91ba5dce321f62
SHA51226c43e8f18d475bf7ba7b1c1f1300c89e37659f388520bee429f298daa4dd729551f77081200fbe5f080c627700dfff1fc09c16c0e0e30c8c100cd3ba042d8bd
-
Filesize
1KB
MD55bfe0c9f3cb29500f663b4b7f836aa64
SHA18bb9174b8d83693aadf9db3376c1bf334a21283a
SHA256f3f56cd450922c6e770996af7a7ef733d5a0ed2bcb451488b85025164c9a9492
SHA5128ef1894473a74193bcc0a62ac09de5f11d649f14df6054140bac49cb686f343bd766bdbce68f768af1d06d144f65b0c48878de48bc9eef7f52938a3a018ae803
-
Filesize
975B
MD5515aa6edba665d0c48214c6634ab7981
SHA17660d8c1c5afa1edbea38c458074f07917769672
SHA256b0126f356207d51a10aa543d47db73e5ac0b819ffd4874d49b329be0d584d7cf
SHA51285694f4f6cd1c8e5a58736ee645f9b50213bc26dc2d9ac3ea70349abf51f541961db00d9e66eae7b2b44ee49d4d4dfbd22d89479426d1fcdf8e147fe0ca74066
-
Filesize
952B
MD5f3e6c93347568ef0a945382abc44a5f4
SHA10a73c8dc9d6a74aa5d2600825a4c414bd7c5dbb8
SHA2568fdc6317d53f9cc5bd254d16249c38ec3d5b73ae13dea06c04c6d24a9dcf7086
SHA512a7a89ca8e9ed7e90e31994f50fb431cb9d078f9a3e7749141418d5aea1f71bbd8d48bbeed324489b49dd87362689745359b44def0ac55a86af21a3d0471aca02
-
Filesize
889B
MD5322b7c6659e177c6b2254060ca188d27
SHA1977e396f0de154423a471700918ea8e594405bf1
SHA256a002ff556c601863b08b9aa33a8e6666e97e72bbe552f66eb9f2395c68c7bc98
SHA5122623071fafd689c6fe43c2ddff33c617337330d3f3ed05c33d9a8c9d5c53768926b317900a4a2c22c2ee047de56dc2596182e786d468674f185542dd251a58ac
-
Filesize
887B
MD5689b17c654e0e0e099551642f75a86d8
SHA1027268293e5f5d17aaa4b3c3e6361e1f92575eaa
SHA2566fdb3f76c8b801a75338d8a50a7c02879f6198b57e594d318d3832900fedcd79
SHA512f141729ae13b8d8cab109695be307c14d519a594da07a12f0f9f2157d171dbe0c8cdff26a22d9ab36d392543f3694bd4ce4b7878722dd0dec6b99b299ce2e8fe
-
Filesize
679B
MD5fdc7c531b17d9b58542b39ad64740f86
SHA162d5c44105fba527026c44e6b4491fe03287ff1e
SHA2560741d0f4b342a50296baae3e10c4fc19ab088efe905cf9a5346f2a843d5dc5b7
SHA51245dc42759b12e55644e4c160992d5be818ba41d938832d688f79624e4972eb431f8ebf429992d929c71ce73c03fba23e05be7ed7831a1874d4a6d6775583c48e
-
Filesize
4KB
MD55f7327e4921502f6f2f48afda9b67f75
SHA1148fb27e4a7fcd9aeb6179a98fff4d4daa5e8329
SHA256ff92e725b5d01e66bebc88e7a2ee8b79db2b024ce2cdd25c2bba32b457b8307a
SHA5121afc540c21341123241a74e55a71b9970b28b17d1f9a0cbfd6107af7dd0e0c922b97daa9f0450c041c225fda24fb9f54b2f054965bc38ed5826b3f9fdd07c78f
-
Filesize
3KB
MD51c972d9de79662f582197d8f377d4728
SHA1d1b6008f4b0d40d9dc358e66813adae0018d09a0
SHA2567c1f094ad5701113473771bb02e79b34714c763ec822be62d09d950b449a5a8d
SHA512d1dcb33929f6c9c3b533d1a8af2be3e15f3a543a9b722b9cc6e95766e16c7a84bb36a1473092b50761eb99977ce16a5133c9d63a760057639f5f8f1ea3ed4b59
-
Filesize
257B
MD5fdd1972d19a09acd9830dc0abc987619
SHA10b1930643d8ed64ce4336e2c00b35fb697a7aabe
SHA2565656de5fd79f01c3e3cd35ec7ce45ba3265393a68625030608d62ce51ff35e5b
SHA5124a3bd0a5e17d818b629bd56c05bb05e8402fa4c95c8717b993696bfb9db77192c8c705a70d9ab4595f478dccc66645489dc3246ef3995cb85ca64c6ba18f6400
-
Filesize
97B
MD53e40d1210d833f998f60b1ced70130e1
SHA1502ed70b0cd8700178771312ff1903cd889158e2
SHA2563bb855b23d138622ad3a12c24e2fcb1e4a5812c54a289f4396e70ac669452e83
SHA512a3f73b5ecdc740cd876e01197acf2e496c881c46a615a61bbd9ea430b140051471f845016bea701148cd7cfac0557f43ab0dc0e171de9d2ada7759c43d514c7a
-
Filesize
1KB
MD52fa4b237e32df463593e9b5340ef4744
SHA1eb9aa64c4395ed7847dde917e9208f51641cd8d6
SHA256cdddca4ea35f5c12cb00bccd842212acb93801f547853bc37398b4337d42dccb
SHA512c452a0f2fc92642f016c4531cefc4e4f749b9d7a2ee8380cbab3af24a8a00e6e9747743358dfa5bc51c8e85ef5a15cea897986ffddf6cef137356c2078cdea44
-
Filesize
1KB
MD5b3cf0b23a27739ec0b32b848f13e52b3
SHA12e3550f44cc4f1919c38303b0220f7a9aa63f5ab
SHA25635bf3f9f71aa5f76c0fb7581ff087b87b76933140a30efc5e0e79dc3471e70fd
SHA512832b9a537103c6c42e67b2ec2ef640890abdb82e329597bbe63454ab2840d7ba91e4b6edaaf28587cc4b77fd3a92ebac7270ced4baf3114a080e5abddd2cc2bd
-
Filesize
925B
MD5762017a124745b0b9a09f8a339c1f4dc
SHA1b9cd0cf69835eabf3f137f2049e4c924878477db
SHA256e5c01cb4093279faa19fcfa24ea43eb1b26d07a615adf7240184a1e716b761c9
SHA512639b66452340ccd9b699dd9d01e885d1f2d0331f8a37c477449c80dd9bc97534730df5b42ec5ce3f447a8c81fbd360b3424c7fded196c1b5f90d01355a732f4c
-
Filesize
204KB
MD57957e822b5e67afe2cb64e1fbfc923db
SHA149e065f2ebc213c445e8c637b32f101674ca4dc8
SHA256480c54abd5c555520ee38069d9233b1c2739286471376a56ee66bd756a37fde2
SHA512ed44cc693175c01e1d1a7b856ca800e3cd641a3f434ffecd1532324111aa55010601c1aa92ce069133c012d6e89d5b99bd9526283da9b972b53f788a820e63bb
-
Filesize
28KB
MD5c3700234160aeea85be0be637744f8a1
SHA127b86964b29ffb287180cc2875e4467e7b092084
SHA256b6a12653b2b8024f64bc581e67dc10a469edcfdabdad3da405ef7b709eb34805
SHA5122ff671c0633f78d3e6736bcc445b72de1d81a74dbae29673f4c88d57485ff3a0f2de2a60a137113091a55feca7c5dd1fa7816b0d630fe5f5fbd0af70667da4e0
-
Filesize
24KB
MD5a4f672b53c53e322d8f474e7980f432e
SHA15359b8ac02d98801edc6c2eb46e223c39ce42ee3
SHA2566b8d5ecd92b9705d54ad48c873226991de558e57c36effeefbea63e006aae75f
SHA512b25d18403a586b03588ddc6b283b09bd431c71d3cb548d4fe59628ab3431fef7c7c2364ee05bf1e3983379f11e7c442f21bdcdc6df191c4f08379ba15a10cc43
-
Filesize
558KB
MD55264e5d087b395e91b739778e8e76933
SHA167f216749c1a8ca7194dcb7a2cceb47fc6457f59
SHA2564a846a28573048cad28714b7623e7c5f03001b66d55092aada3da7a3c397b26e
SHA512a1f9f95fc35642f6cf0104a0ab277e10359ec836977b8d2da2812ff26aaaea2d11b2e0dce18712c9296a62c51e6c2a114c9bc85634fa342aac384661cfe73e35
-
Filesize
1.2MB
MD5aba9a1d88c35d1e380054a18d2087291
SHA151ae68d6efd42bb51653a3dd0733a1c36ed5c632
SHA256178dac494dc58ff2a2874d54cd2fc96364a12fec2b5bd25d5bcefea187a8979e
SHA512ecef7bc477ab3819cc5d266af57cbe4722daf106fdc5dbf663ee700fd487194607fe541248bd00e69bddfc39ad31810c1c768eb510fae10bed89b3e9fa361256
-
Filesize
144KB
MD5894222e8962b46263c26aa9ea08c2050
SHA19778d5e7d4cd15717f3240cae4255934ccd5231c
SHA256e5c6a460471e5f1d37c083c1069e95e253ad80c25e42f5624f6824bb1f4ce826
SHA512472787c8827cb5df1c527caee6bb0766429a096f3931f30d7a435d891a0741b333c16000ae53cf1bb2398ba77187c5ae240145b30f51899bff074232e7f900b5
-
Filesize
14KB
MD5cf95ac23bf29820858daa738a45c666f
SHA1baec586aaa13cbc4623a0371065fb523f7d8ec3c
SHA256d28631be5c2a582fab6c47d5348fb7ff058c2f72c312e816f6106d1c9ee2c3ef
SHA512451d4323132c5dd0f622226a04b739b1145f13501675b5733d7b69c6be861c350ca2aa21f2ecd916ef398a1d519e41f5e5fdcbf7aa68b7b45e01048c3e869ea2
-
Filesize
388KB
MD5abcff5d047d6c23b6902ca5e163e372b
SHA11c567d7f01934f86d7d18f7d580fcfa48c369a89
SHA256c5caf3852aa1560622672ff46394156982027b525448cc9ed0e5bcdb8031bb5f
SHA5127e95cccf1046ba9b605e6f79e4ecf7ef48c8d5e541373c94971c7ac8208ae46e37bb69c1d5d86dd98a14ee1781a5b7373af859842aab3cf79f51887d87cf4c7c
-
Filesize
332KB
MD5fc3d8d8d0e798c3d538ee61a9534e77e
SHA11bfa5253236d992d6be87f3edc197a159304d725
SHA256998ae57117e9da50dd69d5c4127d878554ee7e3e3f6a1e5757d135a2e2f6bf30
SHA5123cb40d2fb6fb80c5ebb7d2e5ed29cbc152db66a4f47409abb09fa595888c6d424c633633c230ee76ab5d6c5756f45f37eb7b3e885e99c56b9bd2cb82e8984587
-
Filesize
152KB
MD5c4ecea701f20212a2edfdd3048e80fcf
SHA1c9437b1112ce79e77adfd2502432200e9c22a2d2
SHA2561334d018d994c0237354a0caf2e88c0c146599e844de6d9b3e045b70e2f98296
SHA5129aaff55557b02e9758eb2ad32bf5bcfdd638e031387dcd1fbdc8163bf6206ba3d807c1bcb84839b8bbaa333dacead5aa6c385d4059af4c554cf035f4959eba3d
-
Filesize
476KB
MD5da64e467d08091baff34d11dc5ce221c
SHA1c5587ecdda54d9bd41d725a0b733f1b0497a70e7
SHA256e7beeb18da5fb23053892440530c7d69f66207841f51cbad5e8d61144ce72fdf
SHA512772f1477f59ee9039be32bdf38fe9888d3cbea5530afd6cbbc1448ed1516e15cfeae81ce99f980f232e9a9e0152aa922de2eb77509afd811135477afdfc1029b
-
Filesize
116KB
MD5b88c2629b423f8523562502fa41ea887
SHA124a7a9005ab1f9072b59e9bce354e60742e7048d
SHA25601eb6e86f92e75c0d0d2f981d29513448269d443b585319796f51ddb1576e83e
SHA5125c1afcab24a08f7eb48d6971929f1413380720a6633a1c0fa9e8c7b60c4dcfdb65010bfd2dd190652431a304db8efb8e04dcf80cc011d250736861ba00832754
-
Filesize
25KB
MD5d70354316a65057b5e8fcc834d32e380
SHA1c7010124e6647cb09558bb08b7ddd8938b8e7329
SHA25640b325db483a312d33f56812225b7f06be21a4c2bcf9839a39bd8f5498409491
SHA512deb7429dd3680f433d2f553422842c0bdadf977a6dce8c5905c6d2f9a10d1de517775a8df712e9ca96d6ecc75b0c4daf0903b07ec6d2328d3c200cd885ff1cd8
-
Filesize
76KB
MD5953dc07cebdebb4606aaba39cbb4a033
SHA17856dc02ae13866f802c792eda4a19c0f1d4886a
SHA2562d5fc9a50190a9295c7e3fe0b7a0c94617bdbe0edb949a20314c19f25f805d24
SHA51233086ffdd493049c7a9429cc52dea533669e9463fce4361485b059f348044c7e75fbf1e0425200eb03413500bd68879d6a61de9558f28090ef89e04a8623e6a3
-
Filesize
25KB
MD5e9fbf4bd121a07c0229e03d8ca44d54b
SHA1f8e767969f2625c9eda52165f7f0f979347b8875
SHA2561b191d2e84aa3766269cc2552418806516e7e0c5c459eedab05d5fd416424335
SHA512200b10611ea04b880e15be1c1eec43d8c36c946eb501f8e7f13d2150a0effa901d947085756797a5cd372f47f2bacc67e78610909ae18b59734b09d329937244
-
Filesize
364KB
MD5fc0dc47b7de24ca8dbf4f7876b5eff98
SHA1a4c2673c81850f8afe481f45c686566fce1898b1
SHA2567dbaa3bafe67480b9654b4baea249fadc91607c80d6c5f7eec82552252efe64a
SHA5128733da5b181079b38996c314aa6dcc03a6f598e60a0e0de1768365a8166b6afd947c98f25b39b5e51d11087b307cb90e15fb1ebfe123700e8ee95abf0845031b
-
Filesize
50KB
MD54e7bc5cb9335f07323e90e484ab7ccfe
SHA12cf8f65c27478f6a5de87fcdbaa9e66e128244b7
SHA256230fd595d82c33ff27005ca81efebbcffe9043c0eb0e7952b91aed5071f8a4b3
SHA512917ab7f6f17afb671fe48b2cf866deb53ca142e6f24fbc4eb96ff739b4e132b4098f743433002ad8016590ff662f407bca41a9f65861fba49dbf696cfbb5771b
-
Filesize
29KB
MD55af3726ba18d0d22adcb56f61ab19c6a
SHA181b04444018e07ba24ba07e6b16ad71486cbdc9f
SHA256432a8be57e634a3b32805f5e55559f19bb6d9cd7cce3f14438ba5b946fd4e1aa
SHA512e5121a10b322723ddccfe367d1a1d9f04bfd6d2ce95595f9281729d4cd0f324e8623c708b5f94547425eeb22e91539898eb0691efdaf44251ed0743858ee41c9
-
Filesize
96KB
MD52e6b9a2c04e063ea3fdc557c1b375f75
SHA123fc698d391d5183126031ab2f7882a3bf9bccaa
SHA256729d8e3b1982b6a29ac76cee8a5e5ad64ac74b840b19ae5e9362b8b33051b58b
SHA5120b2577dc659d6c82ae74f6c1bc4de663d5bbce9f4b97c4592ede76bd8729c076da386ded85d0601c30f2673c18c3adfff9bfc28eabdaf0d66f8590d79cdee813
-
Filesize
72KB
MD5f6fc5ff28cd788dfefc5e43c2c210f9e
SHA1f6b4ecd0a8a7fbcb2fed1dce02e2dd3a139d9f66
SHA2567a1ded8fb411c186bb8e7b4effc13310e0479811401c2aaab2d3f4e738edfc0d
SHA5122ffadc57fc7c769e02498086300ceb368807e1bd74cba41991e061198a76ff1f60cea03a4386f2e8585a194ff555c994ab981111be8afc8dc21cdda637832f08
-
Filesize
41KB
MD5937f4ac3a315bf45da8130bf4c1f07cc
SHA191cf9a5f0c7e4bce63a5ae062d26540e28ef8e2c
SHA2562a27b402a1bf38fe8679a00955c837fd0311b20e052213193b981631216bee21
SHA512c22aae4305655170fd07efa205df1ceb409aabf9777a239eb728fe00283273c8243aeb47610a53c6fa3412773760361763e9fb95a338a783f934c2373db339dd
-
Filesize
116KB
MD58536fca979cc83f7e73f457b22c6887c
SHA18dcd064314a3dd4eb2e0a35fda091216640e1172
SHA256bda0634667d5cdc4fdccaab98ef229dff14f01a405ca8c8e67d3583452c9d8eb
SHA5128353d83478b9fce0c97c1557987e0ade4e1a0f355f24c6006372cedcf287dfd0c2f8575a08019b3023bd40411a3857123faa6dbf219f11cec958608ad8513ce0
-
Filesize
29KB
MD5b352b60f43880596ce5ecc3445127e7e
SHA14bdb3aae26ff2ab8304f30cb19d700497c3e4abf
SHA2566af900b578699891a07ca36358bf7fe1b0c184fb858f7686a5fe9de104d0fad0
SHA512dfc0c2bf87e5582bdc5ba8533b52dab2d8fbeb7c71d77596fb014bb841f3be042f99156ff08f1f3f64cb7e89aaf2f223a4bdf536841ecffbe7a047cb6e9cada1
-
Filesize
100KB
MD518be192fc54f89d888c6edbf8ea9ed26
SHA1f3de7e8377bd876787d8ddc18519eea9592737b7
SHA256458fddc46857bb7357876e36a9aad8f8e6c92922dc162a598529448b719d11a7
SHA512634aca11ffd6bcc9ed385c744f6b56571eb93ef77a61c996c74c903051faec74ecc95f42ff5675c375017d8d79457f1f5b78556a0f0c8e44bf6c5fa3750ec0a3
-
Filesize
33KB
MD5c276fec2bd190914b997a52655f3da46
SHA1911692ab8925939bd77294108c12ba89582725ce
SHA25671433a757112397417103e24d43482a7150a027aa70f0c4c4ff0e0f779bcc359
SHA512685263f6e3cec6df5ed82e9ab18c3b96c67ae57dcf59a5764f6e152236c225723a52dd59e6ca2dacfa705b47eb3a9599fd077468190e0d5b7bf0382ab08c7b45
-
Filesize
796KB
MD534928bc9500565d1d8206cc002ecfb85
SHA1fac8228974009162b0c0476e2b2b4adcb391173e
SHA256aac8ab150d0fce35adff0be9a2cd4d83c92bcb7b7df7ee2a2c5b07550ed9fb1a
SHA512899b457f4dd6ac2f0de31698f7ca3e2881a5abcaa529821ea127d0cc334e24a5ce2cd2be024dba2e6818849725fbb1d882352786b0d05adaacc077414c0b67fa
-
Filesize
541KB
MD50b3595a4ff0b36d68e5fc67fd7d70fdc
SHA1973614ac9622d5ea9cdd68febce3258d196408b6
SHA256372af797353f9335915cd06d4076bab8410775dcaf2dac0593197d7c41bbffb2
SHA512e191de0236e05e0bb198c51e2f630b56b833b868383e7ab0bbfd91010fa57a9402364e1082c0f267b1e24789f6d7e6d0253d2a932369f469588eec6ada3f48be
-
Filesize
617KB
MD5c9564cf4976e7e96b4052737aa2492b4
SHA143851fe4644c0a1eb31fe80f427777f1f0015efa
SHA256c3ac989c8489a23bb96400b1856f5325ffc67e844f04651ea5d61bc20a991c6d
SHA5128e9817ab398a86af6982d39fed018ff5282f60c5330dbef6417cfbe73731d8503c63da32107d948cc1eba14dd30aab614c7c858300e4f79ca418dc42d353f9c8
-
Filesize
140KB
MD59a4a4a35adbeba2b47c435a7bb9b8dd2
SHA1538da93d169bc5ce060279ee3234a14e5f8f1a5f
SHA256e048c35e4d809532c0ca98e49ec27f7d26367051265cada3d381f842a67c50c4
SHA5129b195b7a5b49ea1986973ecfe1ed6dfbad020772af733a16dbb07d1c177e025db43ba8817ab4dbcd2f39934d3169fadc8d930b1eb5b599807e715ea7a3271512
-
Filesize
124KB
MD54b252a2d91509dc995b60e5f1ea92df7
SHA18788b12219f96d4fdc0fa0fc277fdf6aa3591cc9
SHA25694fc68c7fe0df25e78b5d109b3fb8a7436c8864ae215cadd25463cdfc3e8e9ff
SHA512f28aa4890126e951e7d03f21488c7f9f72a681757b99f3639d51d08b000559a01fbd359ec7672b53250b79bec2defb27bd4a10f7482a4fc1487844fbf06954a2
-
Filesize
504KB
MD542dfb5145ed3da34a05bd789b9db6da8
SHA12c4ca214e3d50b0de46b605bc4fe97768317e27f
SHA25653590892565ce456ca1a606a1263345dbef6f08915ee2206beb3f4733a2646f5
SHA51201204281647aca2153b9c0e3add9123690a035f4f345bd21a83af48d51e3d4b165787ea0a0be360920f82fe416545553c03e90306c9c8164e249cc3d40425de1
-
Filesize
60KB
-
Filesize
188KB
-
Filesize
464KB
-
Filesize
144KB
-
Filesize
104KB
-
Filesize
44KB
-
Filesize
796KB
-
Filesize
492KB
-
Filesize
5.7MB
-
Filesize
88KB
-
Filesize
352KB
-
Filesize
5.7MB
-
Filesize
52KB
-
Filesize
104KB
-
Filesize
84KB
-
Filesize
1.1MB
-
Filesize
64KB
-
Filesize
320KB
-
Filesize
5.7MB
-
Filesize
5.7MB
-
Filesize
52KB
-
Filesize
64KB
-
Filesize
320KB
-
Filesize
492KB
-
Filesize
352KB
-
Filesize
6.1MB
-
Filesize
6.1MB
-
Filesize
144KB
-
Filesize
84KB
-
Filesize
6.1MB
-
Filesize
5.7MB
-
Filesize
796KB
-
Filesize
64KB
-
Filesize
5.7MB
-
Filesize
5.7MB
-
Filesize
1.1MB
-
Filesize
88KB
-
Filesize
44KB
-
Filesize
104KB
-
Filesize
104KB
-
Filesize
60KB
-
Filesize
464KB
-
Filesize
5.7MB
-
Filesize
6.1MB
-
Filesize
188KB
-
Filesize
352KB
-
Filesize
492KB
-
Filesize
52KB
-
Filesize
5.7MB
-
Filesize
5.7MB
-
Filesize
544KB
-
Filesize
208KB
-
Filesize
612KB
-
Filesize
208KB
-
Filesize
544KB
-
Filesize
612KB