Analysis
-
max time kernel
147s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
27-08-2024 13:26
Static task
static1
Behavioral task
behavioral1
Sample
c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html
Resource
win10v2004-20240802-en
General
-
Target
c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html
-
Size
50KB
-
MD5
c515a4e688dc5db44fa6e685777d9bc8
-
SHA1
ab1017fb3fc74259bd913bae209099095242317a
-
SHA256
dec94f45bee22f64c76f16fd63391c452acc6743de30cabe0f90831754858287
-
SHA512
12340e09ad38248de83b79152ec4a732a46e576e52af1fc65545fb0a119bb6334067860bb7a201cd7cdcaf7aa11a9a58af62a068586df27a1b78539a4312b41b
-
SSDEEP
768:yy4pDJTOIJ/AT6cItJToTVqn1jBUL5bVw6i34Q1F7wFC09kaWOyP1w4/wuZbyBam:yyODV0oc1lyP1w4/wYy0yB8ZQXMPqyi
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
msedge.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
Processes:
msedge.exemsedge.exeidentity_helper.exemsedge.exepid process 2360 msedge.exe 2360 msedge.exe 4820 msedge.exe 4820 msedge.exe 3696 identity_helper.exe 3696 identity_helper.exe 5724 msedge.exe 5724 msedge.exe 5724 msedge.exe 5724 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
Processes:
msedge.exepid process 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
Processes:
msedge.exepid process 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
Processes:
msedge.exepid process 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe 4820 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
msedge.exedescription pid process target process PID 4820 wrote to memory of 2912 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2912 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 5068 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2360 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2360 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe PID 4820 wrote to memory of 2424 4820 msedge.exe msedge.exe
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4820 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea18146f8,0x7ffea1814708,0x7ffea18147182⤵PID:2912
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:22⤵PID:5068
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:2360 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:82⤵PID:2424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:12⤵PID:2204
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:12⤵PID:244
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:12⤵PID:3080
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:12⤵PID:1676
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6224 /prefetch:82⤵PID:4544
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6224 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3696 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:12⤵PID:1584
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:12⤵PID:3572
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:12⤵PID:4316
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:12⤵PID:216
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,8218910982029709804,4997158967747677007,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5148 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:5724
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2340
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2332
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5f9664c896e19205022c094d725f820b6
SHA1f8f1baf648df755ba64b412d512446baf88c0184
SHA2567121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA5123fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae
-
Filesize
152B
MD5847d47008dbea51cb1732d54861ba9c9
SHA1f2099242027dccb88d6f05760b57f7c89d926c0d
SHA25610292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize216B
MD5316b020901ed444533c37ce361d9dfd2
SHA1fe3b7b72a2bc4dd852384eed958f633d0548394e
SHA2560cbc2e59a6f74988fd6e1066b97f246e6549073c21e1e4a489b05f52276b8955
SHA512bf8acbcb38b680fc9c8092d90faf165d1c6e1fc52fd08a2720fcd7a59d2c3d1257ef10ccd303aaa433b3db51302382bca8aca8ebb004b546f36e1aa7d1bda60b
-
Filesize
2KB
MD5a99f1eb94a24e6e16585fab9f8622052
SHA146ca98c7cdea4bf9570321e381a188936c9a7808
SHA2566af2fea789a40143e480673b51bd3022dbe9511dfbba1e617569f6a87bcf05d1
SHA51230af59ef0d862f0bf55989201377d8ff0c8983020e4947d91046ba5a46f8999db913a5d9b48ce5b7c49d1ea1293c18161e3b8eb103511c8157643055658e5bfb
-
Filesize
5KB
MD5d74f5da9826f5584961ded4d66eb5f52
SHA139007b082b6ea92bb8b569e90b688b52a5cc2fe9
SHA25651d39340890333026a57c8b607f5cf90a4d09e1b2890422a82cb25104bcad91a
SHA5122aefe54d03fad562687a852bf7589b823d1436698255805ef7f54703f39f5cafa8372388443fb093f1ed9c2cb474678d932c5140c7df086edd5aeaaf2160cfe5
-
Filesize
7KB
MD51afa736de43b67dfa253905eee3b85ed
SHA1145a057e35ec3065ef05a7b9a7aa7219d1c5c270
SHA25646d75e702552627ea25bb5072c5129bf71bf8ab5c70b21207f6db14d440341eb
SHA51268f04e75eeba23563aba4ddc72fc83fe77845e92019c62ced4e3508b33b0223c6796324f926ff0e0d932aa7f99698a57980dd3b8cf7e4d4143836a8f13a7fda6
-
Filesize
6KB
MD5f8395720909e6db0b46e5728a7439bea
SHA15fc1758fbe42a6b9f31711a02e70ec067df430bb
SHA256593263df522e58f687ea6344daf579bc2ba1105c227d8a428dbe740d158f2ace
SHA512b726291e89c9785babc569d0f6b7445651ee43ed6f188af9af47e9f094c531534f3093e561197f8b8abf1a66850b6da7be0c3e9add6b179c5b1bfc10005d15ff
-
Filesize
538B
MD5ae8dbcfaa2f8292670dd7b190d65c034
SHA1f5bee45701ce4fb78c09f58541f1a47a37c2798a
SHA256ae24241d045f2c02dda83a5b21d50710680cf08ec89a5e2a42183fc429945b2e
SHA512e324db7455f3d2c07c5e51fb627a359ac3f191c38c7c50b38b591022c2f179231bef19e62394e8808e1f4b6bcde40e92a6f0b4086dbefef1c88f71d48fb507ca
-
Filesize
538B
MD57217aa823e18eaa76d885a99f7739f83
SHA1eff70020b4eaf71cb7655d5c0fe339723e7ac2ee
SHA2561a2167ab2ab558e5b359164769c11816f6f06b0ae01f7163faf4b7f6a70c1330
SHA51282ffb66088012f74749706df0d4d330c1a82f3642ae1ea9d01f42faffa2f8c843f6805385800b22b46a6d3e122cff195e4b59d59a028a2e356995e3eac5faf99
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD558168a069559a902bbc615ab48c77ec4
SHA1e3c91890905bd7ec328cabae9201d0b197907845
SHA256a8d4d5286d518ae648a8d14bcc44d844144cb88a25511b6b2c5abcc0ee3ff6a4
SHA512e9fccea345ac2ca574232d718ba2ab2d45038433d7df39ec9097993be8b4f2ff3e611f169ee57babec907cbd52c75b75cdb54eca001aff2508ccc8d2e0be5552
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e