Overview
overview
10Static
static
10apk/cyberR...ws.jar
windows7-x64
1apk/cyberR...ws.jar
windows10-2004-x64
1apk/cyberR...x.html
windows7-x64
3apk/cyberR...x.html
windows10-2004-x64
3apk/cyberR...x.html
windows7-x64
3apk/cyberR...x.html
windows10-2004-x64
3exe/crypte...te.bat
windows7-x64
10exe/crypte...te.bat
windows10-2004-x64
10exe/crypte...er.vbs
windows7-x64
10exe/crypte...er.vbs
windows10-2004-x64
10exe/crypte...-0.dll
windows7-x64
1exe/crypte...-0.dll
windows10-2004-x64
1exe/crypte...e3.exe
windows7-x64
3exe/crypte...e3.exe
windows10-2004-x64
3exe/crypte...-0.dll
windows7-x64
3exe/crypte...-0.dll
windows10-2004-x64
3exe/crypte...in.exe
windows7-x64
10exe/crypte...in.exe
windows10-2004-x64
10exe/crypte...e3.dll
windows7-x64
1exe/crypte...e3.dll
windows10-2004-x64
1libssp-0.dll
windows7-x64
3libssp-0.dll
windows10-2004-x64
3pidgin.exe
windows7-x64
10pidgin.exe
windows10-2004-x64
10sqlite3.dll
windows7-x64
1sqlite3.dll
windows10-2004-x64
1exe/non cr...x.html
windows7-x64
3exe/non cr...x.html
windows10-2004-x64
3exe/non cr...ed.exe
windows7-x64
10exe/non cr...ed.exe
windows10-2004-x64
10exe/non cr...x.html
windows7-x64
3exe/non cr...x.html
windows10-2004-x64
3Analysis
-
max time kernel
118s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
19-08-2024 09:44
Behavioral task
behavioral1
Sample
apk/cyberRat/Port 7262 sample build/Google News.jar
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
apk/cyberRat/Port 7262 sample build/Google News.jar
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
apk/cyberRat/Port 7262 sample build/index.html
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
apk/cyberRat/Port 7262 sample build/index.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
apk/cyberRat/index.html
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
apk/cyberRat/index.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Batch file for 5864v dll crypted darkgate/update.bat
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Batch file for 5864v dll crypted darkgate/update.bat
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/launcher.vbs
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/launcher.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/libssp-0.dll
Resource
win7-20240729-en
Behavioral task
behavioral12
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/libssp-0.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/sqlite3.exe
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/Crypted_with AU3 with startup only with decoded Launcher VBS/sqlite3.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/libssp-0.dll
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/libssp-0.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/pidgin.exe
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/pidgin.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/sqlite3.dll
Resource
win7-20240705-en
Behavioral task
behavioral20
Sample
exe/crypted/Dakrgate 5864 startup plus rootkit/protected_AU3_cGig/sqlite3.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
libssp-0.dll
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
libssp-0.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
pidgin.exe
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
pidgin.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
sqlite3.dll
Resource
win7-20240705-en
Behavioral task
behavioral26
Sample
sqlite3.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
exe/non crypted/Darkgate 5864 port sample not startup/index.html
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
exe/non crypted/Darkgate 5864 port sample not startup/index.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
exe/non crypted/Darkgate 5864 port sample not startup/stubbed.exe
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
exe/non crypted/Darkgate 5864 port sample not startup/stubbed.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
exe/non crypted/index.html
Resource
win7-20240705-en
Behavioral task
behavioral32
Sample
exe/non crypted/index.html
Resource
win10v2004-20240802-en
General
-
Target
apk/cyberRat/index.html
-
Size
320B
-
MD5
444da12821a326256a5e24ba00a172a6
-
SHA1
ff78e28f267610433a0047e0fc1987528ab3916c
-
SHA256
500eb7dcad515a6b442d77fd100bf67365bf1ba318c88c006d75bdcc75aac707
-
SHA512
648f5103894e9e4341ba28ce3f43430d14e0c2cb3e663a006bd29bca20bc940a776cfbcfc82c182de750051f090f5d578071943a84cd1d7afe206c53d4341490
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
IEXPLORE.EXEdescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language IEXPLORE.EXE -
Processes:
IEXPLORE.EXEiexplore.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10e1c9721cf2da01 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000000da2f02bc6e345580ec7a666da0ca5c2dc4b48e22950daf1b1f976543d4901d3000000000e8000000002000020000000e82eabca2b2b0e655362b2b5ca4936e36b06205d1a65269341dbdaa4d96be7f820000000ce5c3696d3fa73c210ff90aa203586b4bc4fc637b827761d38b3faff5f7dc18740000000a5f014c36c4b5f70697e6001cd3d1de13dcddae037874edeeae3a55ddbf5573f5464e6466791bd47ad8b4a0199408de8437cfde7d4459afbaf47a3f8e454ef3d iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9E4009A1-5E0F-11EF-BD75-DA960850E1DF} = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430222534" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002f8e41e3384fa749ac47329e409d9909000000000200000000001066000000010000200000009aff0a8b6b68208956e02a05800a8de33e74d81955147a9cd93ee794a4775c18000000000e80000000020000200000001be01274a3504eb181e67ac0febff905c9bee13a72ee6fbbdb72ef166a912e2690000000c9299136e464031111207da956d4b78e93c23ded9ab3c61b6fc6136c8df9fb60caf4c8441ae643a022bd0b4ecd94ee16a034d6c76e5a78e2cc98530e3a7424866ec63bc7391a619e4ec43d30de68c51de8f0f391790356d0ce00ac3be14c0bc4b7ca214b26be583965123337a831a51a2acf3ecc914c4552310de5d6e76ced45841ee2ea75a8f856dabbb1375ea488a8400000000e8ba72fe271ff68cd4b7057d7f69b5ee36ab2ada06b95d7ce736cc0601c8a9d53f8924dfd412e5d2c01aafd2788f7e500616065066e365d912c15f04e979977 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3502430532-24693940-2469786940-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
iexplore.exepid process 2576 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
Processes:
iexplore.exeIEXPLORE.EXEpid process 2576 iexplore.exe 2576 iexplore.exe 1396 IEXPLORE.EXE 1396 IEXPLORE.EXE 1396 IEXPLORE.EXE 1396 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
iexplore.exedescription pid process target process PID 2576 wrote to memory of 1396 2576 iexplore.exe IEXPLORE.EXE PID 2576 wrote to memory of 1396 2576 iexplore.exe IEXPLORE.EXE PID 2576 wrote to memory of 1396 2576 iexplore.exe IEXPLORE.EXE PID 2576 wrote to memory of 1396 2576 iexplore.exe IEXPLORE.EXE
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\apk\cyberRat\index.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2576 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2576 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1396
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD55358703ea059dde14fa671d62d992eae
SHA1083ebfcd279d6bd489098cbe418882b449101078
SHA25615448ae9e59b0b93cec19cbe910452b92d48ec4d97a26104ad2b476974dfd695
SHA5127f44ffb4598b1ecd9d299869fb8405bf16f3fad3994d3566628effa9cd2663287ae980c5a6f48fda0e7e891aef87eba00989b14bff1829718f827b237c82c809
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53308ca0d878c53e6d6b905f71f60be5f
SHA1579af9b96fcb7d0af70cf8fbbe232c45d7271103
SHA256c3104070a0f69c847aadc24eb9b2a123e5c0561f617fdc654fa8ed968ba57ad4
SHA512006637150a7b49062c94195cbb14f32e670dc435592db750f1a3a426f8a5ad090dfc3065abe752c6fb971b037d32470e4e77c36c3790fcab44a08eb69598973d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f72cc2e5a70b733722d9e7cb25376853
SHA129c27999a2d3cdce322a0155a7dd343ec82dd75e
SHA256460bd18952ebf5ee068a516ac1ca4096530d623dd885384e243751fe68bd56bd
SHA5129482988990d464c943378e8c4adb9994d4608dbb9399e56463ddc301f29f93fa2ed0bade4cdda9242c76121b7803229d1f78da2a0d3ff7ebcb5de5183826ec9a
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD500bab58df1262c40f0fdeda3546c75c3
SHA1a387b47912c919d4b51c47907b160363cfe68154
SHA2567188c5d7feef46dc24f31051c741f829cfe7069c2baf29b28c7d78c3be0e366d
SHA5123b518f79331dab8d8400780afbf281b95d110340964f9462d6cd35b25bf5cc67e73624e674e6144e7c1acfdd4ce4c566a144c000b24ef049e68bd794486b7c23
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d06fafa787e399219d8c066f4fa27596
SHA1af38acaedde1b9cc3646b6298d679db22264afe4
SHA256f7f50755b6545eb1b45162ea31cfff8c40cc4afe6143f5a696d09877bcd235d6
SHA512bdffae754f43852f735ac55a2f56dd074b584bcb6755a4634b75122b02d2350fb7bbe99511eb92921a105213ffd25b39d514ef1be7d4a4dff5ea3f8ced6e1918
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5466fa97c509e03d9e6af65cb8525a49e
SHA17a89a17dfbce3aba8e4612abfb5edab8d896399b
SHA256a252227c02aec51a138773a2c2d4d8fe07d05e1b94d553dfa29b2cd4a79bbaad
SHA5126c2a7f6af79985c6ec51657d4d772a50be1cd1988314eda0979a3234e8523ee52472d0e18d66ab150ed81b469eed2a6fd02b90c9cc490d45865635635444d121
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD52286e0ff1f56909442dd73e3ebe03117
SHA110958ed804b3dc12f74e8288c767685eb6b6e922
SHA2568a9eac893243f65920961361f357456b6a9b8b452a7f8a4b2276f34f9b978aa3
SHA512779fa0eecbd130ca9ed10a424a6e4e6530013c671ec54f4be62c7d72f4e1b72d79d6ccd2094dcebb6e5c0ab9414a244a51a72f6cc20304f1b842c616e1a265ca
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD554c768f40e0f196dbb583f00ad4aa220
SHA114a88b5eb1eb6209dc343ad9b48900a4069677cf
SHA256054134b5c1943e4a80e6147fe28a008e1ce052caff4692c70d9154c46269f957
SHA512752d48f72b676eba8d43f16bde1c8bcacff28c56384497ee498b0095547eec856754f94b0529d861a41c5741ec8b1851f6f24057d160e0aba10348fb57e1d4e6
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5da46aa8b0e2b7753c40c32a26c1a9c47
SHA156f22b37b54cb08494264da76626d68efc4c4d14
SHA2564aa89ea3fa27edb2cef3bad85e65c8882da16bb186d868ac3429fb306ee30948
SHA5125f834897090898812fcfcf73d6041eda83f68dd660223780ad98b01d3f1370051c3c4635d54986c59888e3b168ccd10bc1e4bcedea4b3fe7bfe15615354e5c32
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53efd8307b11a8e35e52088c749fb6b42
SHA199e2c2a81f3ea49ac7f2f4bff11cbf422b6ce3b6
SHA256d0f0fb4dcb9104628ac9e544d24078f4effbc3ce60c30e7eccaef1e5fd66866a
SHA5123669fad6cd44d31cb17cc2909966b00e77cd532ce25f84b88e9079909e58192ece8b6a2923f0a252a44294c18295e6a92a2ef4d6c6b50aa72d00c8437d762cce
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e228ed8aee12c19d8405009d5c219880
SHA1348b6db26fab2da4d177eaeffb238bf6fc9b947f
SHA256ce2c3512fa9b889959fedace68abcb5a49c5d1edbcfd349b95a0b08bd4a540ab
SHA51228b7290af30939e159524b94326d40bc66f6bbfcfb51d4f2185c2808f450e91789874065742a450d0218ea380627e0f91494f65fc3506b6c56005967dbe07ef5
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b