Analysis
-
max time kernel
145s -
max time network
133s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
02/10/2024, 13:12 UTC
Static task
static1
Behavioral task
behavioral1
Sample
0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html
Resource
win10v2004-20240802-en
General
-
Target
0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html
-
Size
6KB
-
MD5
0ad37aa8b2529241d8757eb9e87e85ae
-
SHA1
d22eb85861a2f31ae7bed588ebf10a09993d544d
-
SHA256
acfba7ce2fbff75405eaafd4f7ffafc0401610e8e10a95561b1c210b5cd4f36c
-
SHA512
4ab6585bb5411d2d8cb63eb50779ecd1ccc786616a426307234bba93993b2f8e7f15199f3c94fb3fafef87c8329b5d671551f77670a242aff03cc04cefc4f6da
-
SSDEEP
96:uzVs+ux7yiLLY1k9o84d12ef7CSTUQZcEZ7ru7f:csz7yiAYS/Hb76f
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 3688 msedge.exe 3688 msedge.exe 3844 msedge.exe 3844 msedge.exe 3284 identity_helper.exe 3284 identity_helper.exe 5108 msedge.exe 5108 msedge.exe 5108 msedge.exe 5108 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
pid Process 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe 3844 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3844 wrote to memory of 3108 3844 msedge.exe 82 PID 3844 wrote to memory of 3108 3844 msedge.exe 82 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 2068 3844 msedge.exe 83 PID 3844 wrote to memory of 3688 3844 msedge.exe 84 PID 3844 wrote to memory of 3688 3844 msedge.exe 84 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85 PID 3844 wrote to memory of 3680 3844 msedge.exe 85
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\0ad37aa8b2529241d8757eb9e87e85ae_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3844 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffae1746f8,0x7fffae174708,0x7fffae1747182⤵PID:3108
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:22⤵PID:2068
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:3688
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:82⤵PID:3680
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:12⤵PID:4288
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:12⤵PID:3840
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 /prefetch:82⤵PID:3064
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3284
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:12⤵PID:3104
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:12⤵PID:4908
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:12⤵PID:452
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:12⤵PID:2416
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,12941575798125323819,2256881611094461517,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1900 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:5108
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5076
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4856
Network
-
Remote address:8.8.8.8:53Requestcounters.gigya.comIN AResponse
-
Remote address:8.8.8.8:53Requestcounters.gigya.comIN A
-
Remote address:8.8.8.8:53Requestanalytics.hosting24.comIN AResponse
-
Remote address:8.8.8.8:53Requestfc01.deviantart.netIN AResponsefc01.deviantart.netIN A54.185.91.11fc01.deviantart.netIN A52.13.151.103fc01.deviantart.netIN A35.86.47.99
-
Remote address:8.8.8.8:53Requestfc01.deviantart.netIN A
-
Remote address:8.8.8.8:53Request14.160.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request14.160.190.20.in-addr.arpaIN PTR
-
GEThttp://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpgmsedge.exeRemote address:54.185.91.11:80RequestGET /fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpg HTTP/1.1
Host: fc01.deviantart.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Server: nginx
Location: http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg
-
Remote address:8.8.8.8:53Requestorig01.deviantart.netIN AResponseorig01.deviantart.netIN A52.26.23.167orig01.deviantart.netIN A52.33.77.108orig01.deviantart.netIN A54.190.123.115
-
GEThttp://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpgmsedge.exeRemote address:52.26.23.167:80RequestGET /2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpg HTTP/1.1
Host: orig01.deviantart.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
-
Remote address:8.8.8.8:53Request58.55.71.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request11.91.185.54.in-addr.arpaIN PTRResponse11.91.185.54.in-addr.arpaIN PTRec2-54-185-91-11 us-west-2compute amazonawscom
-
Remote address:8.8.8.8:53Request167.23.26.52.in-addr.arpaIN PTRResponse167.23.26.52.in-addr.arpaIN PTRec2-52-26-23-167 us-west-2compute amazonawscom
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request28.118.140.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request100.209.201.84.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request30.243.111.52.in-addr.arpaIN PTRResponse
-
54.185.91.11:80http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpghttpmsedge.exe735 B 686 B 7 6
HTTP Request
GET http://fc01.deviantart.net/fs47/f/2009/249/a/c/Red_and_Black_Vista_Wallpaper_by_Treber.jpgHTTP Response
301 -
52.26.23.167:80http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpghttpmsedge.exe1.2kB 439 B 8 6
HTTP Request
GET http://orig01.deviantart.net/2350/f/2009/249/a/c/red_and_black_vista_wallpaper_by_treber.jpgHTTP Response
404
-
128 B 129 B 2 1
DNS Request
counters.gigya.com
DNS Request
counters.gigya.com
-
69 B 124 B 1 1
DNS Request
analytics.hosting24.com
-
130 B 113 B 2 1
DNS Request
fc01.deviantart.net
DNS Request
fc01.deviantart.net
DNS Response
54.185.91.1152.13.151.10335.86.47.99
-
144 B 158 B 2 1
DNS Request
14.160.190.20.in-addr.arpa
DNS Request
14.160.190.20.in-addr.arpa
-
67 B 115 B 1 1
DNS Request
orig01.deviantart.net
DNS Response
52.26.23.16752.33.77.10854.190.123.115
-
70 B 144 B 1 1
DNS Request
58.55.71.13.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
71 B 133 B 1 1
DNS Request
11.91.185.54.in-addr.arpa
-
71 B 133 B 1 1
DNS Request
167.23.26.52.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
448 B 7
-
72 B 158 B 1 1
DNS Request
28.118.140.52.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
73 B 133 B 1 1
DNS Request
100.209.201.84.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
30.243.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5f9664c896e19205022c094d725f820b6
SHA1f8f1baf648df755ba64b412d512446baf88c0184
SHA2567121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA5123fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae
-
Filesize
152B
MD5847d47008dbea51cb1732d54861ba9c9
SHA1f2099242027dccb88d6f05760b57f7c89d926c0d
SHA25610292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f
-
Filesize
111B
MD5807419ca9a4734feaf8d8563a003b048
SHA1a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c
-
Filesize
5KB
MD5ae2ef4b720ee781621a487a75cd82729
SHA1e3bf2906df0089a6ba9cc9b6ab0d7a3ca7162878
SHA25667a1bff03a077042bbf7a94ac449c6c4876bd00896b169139d103e20e8794e4f
SHA51239a8e3db8463eef9d131bdbaebaca10c1b788a7cf4e77c4c4cc55493b1cf9e438934a7f7fb06d1d0993bc7e84d3d02ecada56ba854b3a431fa162e7ed1afa3d3
-
Filesize
6KB
MD5e00d8f5edf2febd3802edcc3e1f202da
SHA114842a161ea93dc10c2f11877183aae952e22816
SHA2569c4459fc9249453945a4e1f43d6aab46e9442e0cbce9e125d134b4d1cf95d2ac
SHA512491ce7c210d4bbf9f13addb3874aa919b3a105c6f216a64900e3caaa63731772e6766e03d1822aad18a7acc3b2ed3a96b03ac11672a6e8623bf87590f4090f16
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5fff93528fda27983e9dabe2557639944
SHA1b412af2649b22d6303205cdfaa68c4d4c4c29833
SHA2567aa686adde1353152f794b2c6f6ba638f2a1296944e79c67de15ec6d1045390e
SHA512c13c4d4ccb7c1b42a39ea65be7c0f3d7fbf7c2ff2bfea43974bd3e73e9c344c2a65738e20fb9d4c23b3cedce9edc0207e068e3b6cded91e90a1173b1ae5a4994