Resubmissions
30-10-2024 16:29
241030-tzh39sxfkl 810-10-2024 14:58
241010-scnjssxajn 1010-10-2024 14:55
241010-sawsds1elb 8Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
-
submitted
10-10-2024 14:55
General
-
Target
https://drive.google.com/file/d/19h7IRx1Rq4FuO1dHitRyi71R47Nmacfs/view?usp=sharing
Malware Config
Signatures
-
Drops file in Drivers directory 2 IoCs
-
Checks BIOS information in registry 2 TTPs 2 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Loads dropped DLL 1 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 9 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 21 IoCs
-
NTFS ADS 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 16 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
-
Suspicious use of FindShellTrayWindow 34 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://drive.google.com/file/d/19h7IRx1Rq4FuO1dHitRyi71R47Nmacfs/view?usp=sharing1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd2c33cb8,0x7ffcd2c33cc8,0x7ffcd2c33cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5768 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12611117943992607504,11451604216633418338,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5116 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Users\Admin\AppData\Local\Temp\Temp1_7z2408-x64.zip\7z2408-x64.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_7z2408-x64.zip\7z2408-x64.exe"1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\Temp1_index (1).zip\index.html1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd2c33cb8,0x7ffcd2c33cc8,0x7ffcd2c33cd82⤵
-
-
C:\Users\Admin\AppData\Local\Temp\Temp1_MBSetup.zip\MBSetup.exe"C:\Users\Admin\AppData\Local\Temp\Temp1_MBSetup.zip\MBSetup.exe"1⤵
- Drops file in Drivers directory
- Checks BIOS information in registry
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
99KB
MD5d346530e648e15887ae88ea34c82efc9
SHA15644d95910852e50a4b42375bddfef05f6b3490f
SHA256f972b164d9a90821be0ea2f46da84dd65f85cd0f29cd1abba0c8e9a7d0140902
SHA51262db21717f79702cbdd805109f30f51a7f7ff5f751dc115f4c95d052c5405eb34d5e8c5a83f426d73875591b7d463f00f686c182ef3850db2e25989ae2d83673
-
Filesize
152B
MD5003b92b33b2eb97e6c1a0929121829b8
SHA16f18e96c7a2e07fb5a80acb3c9916748fd48827a
SHA2568001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54
SHA51218005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77
-
Filesize
152B
MD5051a939f60dced99602add88b5b71f58
SHA1a71acd61be911ff6ff7e5a9e5965597c8c7c0765
SHA2562cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10
SHA512a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f
-
Filesize
408B
MD5cbee60fa377205ffa814adcd64ebdc72
SHA16c1240e45c02a912cb44658b0f16249d01a87637
SHA256fb7feb50f11eb967b3a6257c4ea944133e34ed5566c3bd44a402ee2dd53a2216
SHA512ae8e3317b95be8a8a5315927432ba7cbae3d4165283d1d4e1ad47672cc5d2b9663e02d814e77f837b385819325ba67683a09b455374e8a68152f40924fd024a1
-
Filesize
2KB
MD53a6d072a3dc99a7d989f5b14028c4104
SHA1d117c7f24cb02a87f3eb8fad389937f697eccf98
SHA2562ee1c6871507532d1623aebeb52a2aa45712525e8fc4ac4175652a751caa38cc
SHA5123129888a3d08e2fb25e36fa9e49dea2f467667a9416f262e1a8baf6d3ce432dbe433eb7685fa6cc92020767068ccbb8fc3c58ec88a45337bb4242be7fc4d84f8
-
Filesize
3KB
MD5c7379be56d40a5e02ecef2cac03ccd76
SHA12c9e23a84463ef3b534705cdc68bf070dd22490b
SHA256e05866945dd0b81c71ce7566320ea5fbf073b2bc0e34186f7f827957f9752566
SHA5126fe85d327aa713aad19ed44a337c4c50218030f886ce6b83293d209f91374be7f7e1e92c97984a39abd99d056a1a749844552164aceaf4594adf46858bb47921
-
Filesize
3KB
MD540caf1fa2fcbfe1fc3cf58714e42abd0
SHA14886adbe156c32029efb23fac9140afee50d7fa4
SHA2565a82e3bff4f8db0e696e0514417abe8e7f28654451c28b5e601ee14e9da61f18
SHA51216ffb9663b60ed6653daa05fb82dac8fd3d5783332bb454ac0249aa21aaabe2c15a1fdb22fcbbea6b61ee945666d73a2b1ad445af6f8d057ccad9dacd0746ee5
-
Filesize
6KB
MD553afcff5b2e72f07a8d3cccfe9b7e655
SHA12c39686b81d588faca55309743d6c89a37989948
SHA25690bccf5d665f87367e887172e326999bd9283afa5e50f2bbe8c9298e3fb75037
SHA512bd0ee9a92645e54a78352b82ab59300e5f6c5c88fc77a9ea6f519ca2ccb189abd18f37cee82e073295668140bde54df2cd5cd32dc65f92cf05cbdf9f375e5310
-
Filesize
6KB
MD5bde107931dfa46ef772d59d1f665b8ee
SHA169f1393f8f17c661f2ffaea1c921fe69fc92679d
SHA25667eff6b399a23a00224ac097a2921ce9b1924cf6a074bfcdcef3ecf3131777ca
SHA512ff1a10689ec11f6fd14481b790aa05c68bbe3c2020c75221af3d5bfe2062e5d1a33d1dc53442203cde434e13833b139a2b433b1de9bdcc13110452699c20ce83
-
Filesize
6KB
MD5f90703e4cf3e4a624f802cf7eb997ce3
SHA1493833c70027c086d30699458b449eac7e879c86
SHA256dfef862aea84d034d4b021c5326c879c2b9451fcecbf1970f57924f5c8076071
SHA512890e1eafb7c926470db2b1e8ac849599d51b20884338cb6b9b80e2d85b82e4c997ce003abe7fbdb3929fbeb2c77f4e71b577b4d96d9c57720d70a14ef9261178
-
Filesize
6KB
MD583b3b7f4bdc4918d9d047cb2a3e12f60
SHA13223911a546ed0c1bffbbccbc5ec94dede96eb6e
SHA256ebbe5313c6d48009be308813a014ff8a115a843959b457d1926117f1d17779b8
SHA51217d95de37ece92e0fba401f370ae538e2119aef3af2a8717545952ce0588e0c61e936d15a937e133c82cf8605c7e8459addf720637fa512b523cf460a0492728
-
Filesize
2KB
MD5357d20e202494824bfd7dd6c4af1b343
SHA137f18f6a74766a50f68ae17610024844bf6e80ec
SHA2566d6baf70ac2bdf52c21e213be1f655aaa21660178f3abedc72ac5749a55dbad0
SHA512e8ccba501d5987f28d7d3d3a0b20c5ac67ed3abfafd5c29bd816cb9e768a42c62316ab5705e64c19781112d5ead784db612fd9e39fff2e9e4a4430ff30b6e302
-
Filesize
1KB
MD560f67b1b80da3e4a3065b16a0c3b6387
SHA1ddffe2ed45dd64a1e89fad81d156a8868127bcb7
SHA25656e6f66f0d3744fffcc6590dda02f200ce24cd0432dc2815221253daf1aeb22d
SHA51215cabe8f2893da824fb4eee8c69a2afe030f8e7b99b10e85dedc3f80c42208fad8231344aa1397084c6c7137d6491e0fc4a1867d8383b17b735d080fd88c2a99
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5b08a5a641f4285b2476cd02f0012e25b
SHA1c84124184ba2f47922744ed0326f950919c8bd78
SHA256f1f65ac497b32491b1aeb4f36e488f7f2abb0f1b67881880147a99587f00d084
SHA512dbe20d35d4da3c1d32136ab8844048e13fb191578c90ce0a71b410475d1aca8ae3a6e574a298ef145bcef72f7d397076dfba98839e13bdbaf97f10046fd01cf8
-
Filesize
11KB
MD5adef4a7adae3464fb21512af77389cf7
SHA19f0cd49290c28acd19a7ba8bc5f5cc75b20c0d41
SHA256dd2eb137eedf188b7ea8cd08b481e645a6f1bccbe25dcba4b35e0d1e570dbc51
SHA512ed237875f5ab2a65c1b06fa560835367461611a9ea1043af13b73f52cba1d874b5e6d23532c912c09226a6540bff0996e5309870d92749a010c47f576ad281f5
-
Filesize
11KB
MD59b8f03607cac3619d08587ef1c7ac6fc
SHA138555691e11f1c2cab0cc6e2d55f1f4435f07664
SHA256d96a53c861ba154fd9c7f27817dc6fe16e1d420a7bd9b8efee28eab825828c5f
SHA51218c73ae06807ccd1366dd5426bbdd4a9f1bb6e94f71403da0845639db70d2ec0054424ddd005a1f4065331661113486da78d9970d9fb95aea12b5db8d7f65d66
-
Filesize
2.9MB
MD5c61f315d1a982255bc65e91d0189ac74
SHA16df7a0dd4f9c7181f84820709b140799d805a7b9
SHA2568118b51e365a8d81ca0525176ac5f94260d119a8193d083e074c0ada5bf7fe5c
SHA512b0e7fddb727c3ee8bd0dc515d71e64823f741ac65095949a301199cbc950bd318c3ade6bbfc4c6f13ddc1183932b191c0e0c580d4491da3e2c07dd366a05cfeb
-
Filesize
65B
MD51900eb98aa9a9c242098dfc3f8e8cc37
SHA1b9aaccf15bdd2babbe1bdf5aa91e595651c7598a
SHA256b815336ae77e2a2993088369af959f66934d50e51ee4d155bf573d02815cc34b
SHA5129410fe6c09b38999756c176a021fbffc7b63a9eb0ed443559a7f3926a49cbb813cf3fc4d4ef48880e9c5e4881ecb5fa33f40ed79c8ab26e958400a182e7138ab