Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
32759fc3e04...18.exe
windows7-x64
2759fc3e04...18.exe
windows10-2004-x64
7$PLUGINSDI...ge.dll
windows7-x64
3$PLUGINSDI...ge.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...sc.dll
windows7-x64
3$PLUGINSDI...sc.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...dt.dll
windows7-x64
3$PLUGINSDI...dt.dll
windows10-2004-x64
37za.exe
windows7-x64
37za.exe
windows10-2004-x64
3Uninstall.exe
windows7-x64
7Uninstall.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...dt.dll
windows7-x64
3$PLUGINSDI...dt.dll
windows10-2004-x64
3WackyBirdHunter.exe
windows7-x64
3WackyBirdHunter.exe
windows10-2004-x64
3aminstall.dll
windows7-x64
3aminstall.dll
windows10-2004-x64
3Readme.rtf
windows7-x64
4Readme.rtf
windows10-2004-x64
1Analysis
-
max time kernel
28s -
max time network
28s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
08/10/2024, 23:55
Static task
static1
Behavioral task
behavioral1
Sample
2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgImage.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgImage.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/cpudesc.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/cpudesc.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsisdt.dll
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsisdt.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
7za.exe
Resource
win7-20240729-en
Behavioral task
behavioral18
Sample
7za.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Uninstall.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Uninstall.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/nsisdt.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/nsisdt.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
WackyBirdHunter.exe
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
WackyBirdHunter.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
aminstall.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
aminstall.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Readme.rtf
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Readme.rtf
Resource
win10v2004-20241007-en
Errors
General
-
Target
2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe
-
Size
4.9MB
-
MD5
2759fc3e04ec20fddaa801c3ed9f402f
-
SHA1
39027ba18c138ce47223fb4c5804593593af1e95
-
SHA256
af6bbab59c56d5088f97e2bc417100a0c0081d6e40020b5db342df47b60ffdd3
-
SHA512
ff3cd5f8e72607a6aceb41e64945c65d88105643c5bd4fe51cd1657908b5a86f5d6f93dd91b606a004afd82d7a1f7cebfe760ada8dba5d4277617cf3e048a0ef
-
SSDEEP
98304:AVMyTpUxdICi112FZLLhIScRnOp+ONsizbKTW8rfXaq:AV/9Ie31C5IJcp/NnyKq
Malware Config
Signatures
-
Executes dropped EXE 2 IoCs
pid Process 1728 nsD0F7.tmp 1972 7za.exe -
Loads dropped DLL 64 IoCs
pid Process 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 1728 nsD0F7.tmp 1728 nsD0F7.tmp 1972 7za.exe 1972 7za.exe 1972 7za.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 20 IoCs
description ioc Process File created C:\Program Files (x86)\Wacky Bird Hunter\install.log 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File created C:\Program Files (x86)\Wacky Bird Hunter\7za.exe 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File created C:\Program Files (x86)\Wacky Bird Hunter\eula.rtf 7za.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\Readme.rtf 7za.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\Readme.txt 7za.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\eula.rtf 7za.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\eula.txt 7za.exe File created C:\Program Files (x86)\Wacky Bird Hunter\Uninstall.exe 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\data-01.7z 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File created C:\Program Files (x86)\Wacky Bird Hunter\data-01.7z 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File created C:\Program Files (x86)\Wacky Bird Hunter\WackyBird.lvl 7za.exe File created C:\Program Files (x86)\Wacky Bird Hunter\eula.txt 7za.exe File created C:\Program Files (x86)\Wacky Bird Hunter\Readme.txt 7za.exe File created C:\Program Files (x86)\Wacky Bird Hunter\aminstall.dll 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File created C:\Program Files (x86)\Wacky Bird Hunter\WackyBirdHunter.exe 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\aminstall.dll 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\7za.exe 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\WackyBird.lvl 7za.exe File created C:\Program Files (x86)\Wacky Bird Hunter\Readme.rtf 7za.exe File opened for modification C:\Program Files (x86)\Wacky Bird Hunter\WackyBirdHunter.exe 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 3 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 7za.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language nsD0F7.tmp -
NSIS installer 1 IoCs
resource yara_rule behavioral1/files/0x0006000000018d83-183.dat nsis_installer_1 -
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeShutdownPrivilege 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe -
Suspicious use of WriteProcessMemory 14 IoCs
description pid Process procid_target PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 2648 wrote to memory of 1728 2648 2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe 30 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32 PID 1728 wrote to memory of 1972 1728 nsD0F7.tmp 32
Processes
-
C:\Users\Admin\AppData\Local\Temp\2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\2759fc3e04ec20fddaa801c3ed9f402f_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2648 -
C:\Users\Admin\AppData\Local\Temp\nsj849C.tmp\nsD0F7.tmp"C:\Users\Admin\AppData\Local\Temp\nsj849C.tmp\nsD0F7.tmp" "C:\Program Files (x86)\Wacky Bird Hunter\7za.exe" x "C:\Program Files (x86)\Wacky Bird Hunter\data-01.7z" -y "-oC:\Program Files (x86)\Wacky Bird Hunter\" "*" -r2⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:1728 -
C:\Program Files (x86)\Wacky Bird Hunter\7za.exe"C:\Program Files (x86)\Wacky Bird Hunter\7za.exe" x "C:\Program Files (x86)\Wacky Bird Hunter\data-01.7z" -y "-oC:\Program Files (x86)\Wacky Bird Hunter\" "*" -r3⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:1972
-
-
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x01⤵PID:1680
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x11⤵PID:1928
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD583bb5287cb9405e2fa47e1e5606da800
SHA18e931389d2498d829bd435f000d7cf7cf2056649
SHA2568c7cbc2855a1801d0ce6bba6b432ba413ddd6d5b6dcc0b06f443bec5ed85a811
SHA512cb34cd8fae157c4ab16541473cf3714e649a3bb46f658162a661348e87163bf296d52d907d90cb9874af95e82e59f150aa6f6fb1cb763ade2da3d59b98c50e4a
-
Filesize
7KB
MD5a3f29d638d38fa62fbc099353631c25e
SHA130fd4b815b925e1cf94015bc1e0a8f1101660e0b
SHA2560ccabc3733a75c5b7e0d2b6dd9fd2ba5712dbce823424187d89b719d830ae570
SHA512ca4dda8368b01b356a9f1ddf190b31a07547bb4e04ec08d13beaaf919b6b97ecfb343d559a7b714bcbd64848eaefb81f01c6dbdd5e1058e25305727bff969170
-
Filesize
753B
MD5e4692889d44bf023e21a34695668751d
SHA1ebbec4bc200146dfb792e26a6316be84ac2622a7
SHA2568c80de7cc82c5af05f5fd4133dbe568589af6da5d4304b32f8474e847e3afc29
SHA51284908d3722e13f9d6aa5e84afe63990a31e359c594d5ac7b4c3b0d99d1885356d4b1c529aa1422131452072aea1c3770a234e0aeb3d40b6685666a172dd59ac6
-
Filesize
702B
MD59f1ddad5e2ed11721455775034463677
SHA1e57200474eda59cffb766467e289eaffad1e9905
SHA25670a6ff5d5cf2de3c249a4e399a6de9550f41a03121d9f1f83b35bf16fcfd890a
SHA512e34df8cadc43477cb4d5b2ac3b299dec6eb7c7878c6ee34327a6097c0bb5326f5dcdd60b704d6fd7a3410f3caac97e10c0dad4c33576c34ceb617c0b7a6b09d9
-
Filesize
762B
MD5649d61b5deffc190abd95ac3c6f4f907
SHA1608a6d1b32f0bd8aaa8e52c0104a02a50be4d33d
SHA25642a29386b73eeded177a583f535b3c253939c25565740a0c0e237f078bf514e1
SHA5126719fa2f9f2b4258795a8035fad159281655170e765d6183e9b94824d35226c824fdc5cc3738409c04e81d9a6aa920d123db5e4cf145eec71a81b660c1b92daf
-
Filesize
6KB
MD517ae02eccba09107ef3fe5461025bad7
SHA1db4a903dff43320cc656e549653bb4687362ff2e
SHA2567a015572ef90a52331b1a2f56970b350a9b7b60539a9fab6efd3b4acc4bdabaa
SHA51299bdba7f5f8937144f4c91eb1b9ba818791e022076a5aa9c6d277d71bf16dcd983832fab492a2645c949f9dd4291c551997b9842b721339ff1ef2e4a9c6c0787
-
Filesize
460KB
MD5632f81520aeef635c2e86a7ebd032131
SHA1fdc663954b7926f90f0626801c3eb821f91d9e42
SHA256dfa9dc10c2e18009cba21d219ff6792b908b5a3c0946bac162265b461c02d6be
SHA512b30abe7f17561da6083f00791b5d1f0607fbc030c5dc496c1cdd1271bf1036c74f778cc7d29fd93d70ca5e149988b8e87b63e9f6fdc68440179495dce4c36007
-
Filesize
87KB
MD5ac3149c788837a0c992a16c97a5eaeee
SHA102ed08872f396b95bdbf59585684f8dd7db4afa7
SHA25635e47a664caa4f41755a337c286b39cd68d0e7b9348144f222c77e4945e5c99c
SHA512d7197e80cc88b21b109f2a044c546f8f43d69f16b875161e7b82d1d35e99907f8494341a33a18e75f08a1c3e973effc759bf186fc10bb7add98a7abb6a196605
-
Filesize
4.6MB
MD58e3b1281bc806c281fc19c16150fc636
SHA13f40dc0bd951dc01a57fed47308884b42e707804
SHA25604a39bb1801482b3d212b39c95f1d5cb43b08029d9d4132dc33d3c3172972ff9
SHA512b86dd4452497ed690a1cfe4d6042badb5485534703306d2b83602fe19e4162300599122e87599b0cea75bf90863ec041268b9b9e0bbe0b9d85f591b280d4be4d
-
Filesize
76KB
MD51355477b5c55c14e7e9afbcd85b9f90c
SHA1ec698ea604194fe4c4563d289f176ebbee84188e
SHA25670275894c9fa5286b344add663882434216caf45b101584e6755ca297e1b2a22
SHA512f3b37e5b099485f7fa9575408f81710f49c9309aa02c6ddd4ac2afdc9942d2c321f187be64cd00a1f883e45af4b6bbd3c1d5145abe939e81c1282d5c1eaa9776
-
Filesize
12KB
MD53c19f79ce11facc2fc4d3351dbb263e0
SHA117f4bf4b18ea7700f70ac7d825dc997be0d25f71
SHA256cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9
SHA51205c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273
-
Filesize
10KB
MD5725145e8caa39635cab9899c47c72eda
SHA130478c907551bd920bf359638b091fc5c10b5a53
SHA2561759e4f7777fb8c9ed356a7d4dc237a90e0760061685d44ea02d40ca9e359ceb
SHA512de31286ea10321f762a3b6e7c6c82177d5b6f45a82adc936fcbbc23105708cbbbec903ba94ba94e7723e80f1828393e5395ef575b37136b19de7535e74e24547
-
Filesize
4KB
MD51178db8f35343834993d79887aa12350
SHA1dab6309d66b84b6656c12c83aa8506f1c10b5e09
SHA2566f64f1311a633ce83abd6f9e08dea53ba8836fb7239f889a7a74e80d70f48b87
SHA51245196d63701037bcf55e0801f6d027844037cc799dbc847be579a04db0bb522e4c7c85b89a7ad15a5b0cf4d7d9d306fa3a36515bc554dde9cf1e82fbff0ad24d
-
Filesize
4KB
MD5d25102051b33f61c9f7fb564a4556219
SHA1c683964c11d5175171bd009cb08f87592c923f85
SHA256e58e5d1d8da2ea526d0d754b4faad3773021166b0720723efb7b30f1f5075398
SHA5128828eec31926251d7e51b5bf1050c3519c9b7fca4f978fb6ee0bf18f9642c3460687f10ff79e5892100ecadbf49725711567c348e1dfccb3644bd9ef992a92f0
-
Filesize
6KB
MD505d80bc376fef439fb7d2dbb004aa662
SHA1e83904b91cee7a9b93ed84591bdcf2bb700edd88
SHA256c49f3d805e87f6df15dc0410770dcec4df09f73b20f6d88b44f55223da64c96c
SHA51287b9e1ee7382654d3568dd0a0e59d3f2175372358b4f815e4f42657b79fd3f852203cdf26a73606f1b5d4ec9daa3d4d61952eaf494cf9bb00036741ac6b3fac8
-
Filesize
5KB
MD5df4795dfabe3bc9278a73d496cc4b40d
SHA12648ded47e29ecf3e1a1cc20c631e83caf566897
SHA2562261027077f23c8dba6b72af28862832aaa059740d0f5634b46cabb14326dd10
SHA512013d9712c3d699a7f41ab3e55931c9abb421fb2eda3542da5a4831ad2f073a1b0643120cc78147db0bfcd01df98ade3045ecb2f1e252fff1dc40be845e5ae303