Overview
overview
7Static
static
33e15e0cf08...18.exe
windows7-x64
73e15e0cf08...18.exe
windows10-2004-x64
7$PLUGINSDI...RL.dll
windows7-x64
3$PLUGINSDI...RL.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...nz.dll
windows7-x64
3$PLUGINSDI...nz.dll
windows10-2004-x64
3Analysis
-
max time kernel
143s -
max time network
142s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
13/10/2024, 05:35
Static task
static1
Behavioral task
behavioral1
Sample
3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BrandingURL.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BrandingURL.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20240729-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win10v2004-20241007-en
General
-
Target
3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe
-
Size
497KB
-
MD5
3e15e0cf08f72ccdbd83cfa3c15d1218
-
SHA1
80cf9cbe02ff444fe4275d19b89a5718408312f8
-
SHA256
794b9970769e96f91101b488f83c2c2504f296929f2dd5ab4c96eebb09d50b43
-
SHA512
182b204fbb985367407a10e1e70e6cfaca0c6a6d43751f2ba9fb6926ad62d73737ccd07fb868c968db474a6bd3fd6b9d73956ce58291751111e842eb2a409590
-
SSDEEP
6144:xe34R2yyAizh36dqXEVTrnCRZG/t7FTBqTzP7n7O7L6K2Bfo7pl:J2yuzh36VVTGf0ZTsnz7O7L6ju7pl
Malware Config
Signatures
-
Loads dropped DLL 9 IoCs
pid Process 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language IEXPLORE.EXE -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d075cfcd311ddb01 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434959599" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b1319000000000200000000001066000000010000200000008f82438a4b819a01870569fe3e30fa6857b4d521160992986b7dc899c97633fc000000000e800000000200002000000083b39299f928638400601f84ad4df6fd5c930db3af67b45d17065f91b1c6b5e720000000014ebf814a42edd6ea2805340ca585bd41ecab3d6d3fd42762fb5555ea1b147440000000185be49c28c26bd7ab16478d4e60be47e7d8452842c341f7f6119b01fa785dbcf25ff50bc71735dafe70f3794968b36b618a28c59e12249a0a82b40911e138b7 iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000651aae527f43c9e6a4ae8c3d72b2b317388632a7c4510b844158fd317865aa62000000000e80000000020000200000002e96d8ad9c53725bb89a6287f4a1cd443c2abfe6984b61581a2d17d9ccdea32c90000000c96822b319ef79fb7722e38a177ad4602dadb53ab86d0f21c4665da95e0e821509afc28c5e495689e4c2a91bdf643d4e077eeff27cd55217c1b77f21ccc35ea495323a254ca939786972c089194780fc8a6e3d3f64db7beb412d66102e693e3b2382d6e6fdfd86a5dbc965151ba92c9b471e2006ab59ef77b9793a055b63682913887c40ce36701febe235e47d4a65044000000019d6d80e338efb27a14d1629a2b17f2620caf144337e3c7039f972fcae4aa4f3e05f569ab5debe280e03afeaeba2328ffe2b39aa5666c80afc6d291f546398ab iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F5E26E61-8924-11EF-BA44-CA806D3F5BF8} = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2920 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2920 iexplore.exe 2920 iexplore.exe 584 IEXPLORE.EXE 584 IEXPLORE.EXE 584 IEXPLORE.EXE 584 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 8 IoCs
description pid Process procid_target PID 2208 wrote to memory of 2920 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 30 PID 2208 wrote to memory of 2920 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 30 PID 2208 wrote to memory of 2920 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 30 PID 2208 wrote to memory of 2920 2208 3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe 30 PID 2920 wrote to memory of 584 2920 iexplore.exe 31 PID 2920 wrote to memory of 584 2920 iexplore.exe 31 PID 2920 wrote to memory of 584 2920 iexplore.exe 31 PID 2920 wrote to memory of 584 2920 iexplore.exe 31
Processes
-
C:\Users\Admin\AppData\Local\Temp\3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\3e15e0cf08f72ccdbd83cfa3c15d1218_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2208 -
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://pf.toggle.com/s/2/2/227024-658930-adobe-after-effects-cs5.zip?iv=2012101410&t=17287977312⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2920 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2920 CREDAT:275457 /prefetch:23⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:584
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53a310f80c5def3fdce87dd65ebf0a64c
SHA150dc0ed0f9b10cea32d3af81f032b58997f867de
SHA256a4e4cc78b39f57d9f9834aeb9dd8619308f57f340085f01fd8857e2f077c373c
SHA51264563e4361a5c4690211b80e37ae44669ee22b7838c17cafdcfc24649ca39f040f7f240bfecfbfb73ccb89709fe4b329f7c2491668f9b7d2594e201e2c3457ff
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5629913528b0c50ed711f9a6733e16a41
SHA1995ae24e252c80bbe94ac5b70ca4ba2205493a30
SHA2567905d1ffe847e88bedba80f9bf9255b435adaa40993741b05eed919c9905e8b8
SHA512598b5338bc0f6d4d6db44a647fc4ef321556572c74acfbc50f222c0dbb22889eedd7f9a0787317d3942879a7d256b07d473dea557892805ad5ca9835992808ce
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c977b5fe40df3886ee3792928f0078e5
SHA110e1e97189eef12bb02c4413f97833f192c97476
SHA256077bb43191f97126a22d6cfd535720f304603f61350a7dd5effd4bb9fb9c7a39
SHA51210aeed34f56d715e383a509c8b68490555cbf1af9e2ebf3f38553536d755e4f65cf0172636b25302797c40093501d5179fd09fd50a114228201fab08d37a3cd6
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD591f2ad8d510e0542e4e807435adf8fe9
SHA1b37e2b41100b9e3bfd3e18ced97b22f7335b49ce
SHA2568b80c2adca85a61bfb377efbb16edfaf22d49bd10972d92af5830b4c0991e021
SHA5120993f5ddd75a9e253b05e093637b1a3503867bbeb10f53c022080795bbaca47cbae3f0082af91bd526cf6a126efecf2616505fcf5b1324ca579b70505919cdfe
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5952e3110b6e3d39e0f02910fd0c3d894
SHA1d354e77a1331a4f06936fd6b37478a9cf9b78c9a
SHA2560557cae0ab9203fa51c402d79e8b1ebdd7f3de0fd49c9a9712d7ea0c0e4be59a
SHA5124c32ae6d692f6ef8ad0bdd808e1923f6fde297f493e81fb17cffe4069dcf1b227954ad3da117f3fdb5148b6614ea3b4ebb9a2cd0166b656f44fe8a609ea819e2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD57378122e8b13f7b5144fd885cf6348d7
SHA173ee1a3e95c8ca38c29231e1f9e5684973d05f67
SHA256fc5102d0fabd8d96b8004405211d4bd04762f970f7692dfa65809448a193535e
SHA5122e1710d93f4d0a1bd0243fe2ac6ce2d2dbfef467f41a4508991e394dd544b9a82511e1906090114c6a90cb54a7afd5697050d3f38b04b9f21ed43b5831e31518
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ea9f6e29f8c89483a97b70cdb1ea106a
SHA197e04f33517cb75e126c4fcd3c92f9cd192c505e
SHA256e7df40c1149d425583cbd40acfea77e9d4b18c27d719dff9e2bcda3d3953ad6f
SHA5122979d4ce0862bbf0a8dc2af0385a63bbdb9fae4186c4e3932d8ac1ee6b3a51c4f0bbd1784b15a83e08364e34c0ffe44202e2965c7971386963ed0ee8b9caee88
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD581bb92856445c6117f845e056e9734c0
SHA14aab584468750f5faf4af2807aec3b5085f10009
SHA25617dc2e1e185c74fac02e99eef784611a73ed8961f8ca68ce5036a04f3324a746
SHA5122c8588a9c9364fa3669786a18efba16c3a388cf0c3045989908b780e6003e251ae15e1e0c5052e1eb4353cac8bbb08f31dbbfe7361d5af32ae04ea9c8f282c24
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD57b9a93c7d7b6f724f0bad70f58f267ca
SHA193d8fd76d936d5322f0e3bfac3c7bbacb1a078a7
SHA256da71ee9f5708a78b439712cb332375bd86ead1b72a943608347dd50d08772272
SHA5129da5ada78714e09392683b47f4bfb52d4a530f69cd1f9627dcfc9f05b4f3de57711be3378b4ecb1533b69790526c871e3781ff1cced166a92ad0c8e1e076b61b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f259b72c01faebaac869751061796443
SHA10ff8a2003f295311240bde152df4d53ed9adb0ae
SHA2566e5b46e7001155a6115a919b1764a637d079581622822ed5ffa488f9eda2a1a0
SHA51268142ae23c7e7c48b4ff8c319b183284595fef855355326f856af344de2fb328994cd33338ea597ac35d632bc0f05158fe7ec1d4d2e93669a48107dc98b529b6
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b
-
Filesize
409B
MD5d5b933bf77d72032b4792ce201da7ddf
SHA105434e353ee98c42cd444d52bf47816ff3751160
SHA25609dbf494c3c0dae80187fa6b8b4741e5e6996cb07c81ab23445f182b35ae7f45
SHA5129cd570edfe6508f63c184877e24923f6abe939900a779472399de0d0f088083fba86a8d53a117730f075172272b141209d72c38d3744e626ac9428f7a823de87
-
Filesize
1KB
MD5462c896155c5686a54a7544b189611b1
SHA15c415a95c0a1345bb59f7da5cacbe37a8d27e69f
SHA25615b747ac27b6df0358b03e2322ecdadcc730e187134f9475a546af16f9bcb3b5
SHA512a4d87f1409652536866c176bbb1d445f82760b88e2fd2f7fdf736d2960a50bc5f51092c3109006e70bf6ba6deb697ab20ecd630ba837d24207a6777cfd09af77
-
Filesize
1016B
MD5de86f93cee23f29c4146d0490847826f
SHA1cd01e4525e6b2cb3e6ced0589af4be9c2d0a0826
SHA256b7b742ad61715e695a56cd0d1735d969bc7fc2c68899d823fb3ccc677a966ceb
SHA5123b00c9aa5f3286e963c0ab8e3a827d7382d847ec68313f1a40088d68d0f6eeee61d6a56edc8c45f0a963c80afc9233acaa6fe75123887647ea88ba1aa9222565
-
Filesize
4KB
MD571c46b663baa92ad941388d082af97e7
SHA15a9fcce065366a526d75cc5ded9aade7cadd6421
SHA256bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
SHA5125965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
-
Filesize
14KB
MD5325b008aec81e5aaa57096f05d4212b5
SHA127a2d89747a20305b6518438eff5b9f57f7df5c3
SHA256c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
SHA51218362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
Filesize
5KB
MD59384f4007c492d4fa040924f31c00166
SHA1aba37faef30d7c445584c688a0b5638f5db31c7b
SHA25660a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
SHA51268f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
-
Filesize
14KB
MD5a5f8399a743ab7f9c88c645c35b1ebb5
SHA1168f3c158913b0367bf79fa413357fbe97018191
SHA256dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
SHA512824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
-
Filesize
11KB
MD5c17103ae9072a06da581dec998343fc1
SHA1b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
SHA256dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
SHA512d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
Filesize
17KB
MD509caf01bc8d88eeb733abc161acff659
SHA1b8c2126d641f88628c632dd2259686da3776a6da
SHA2563555afe95e8bb269240a21520361677b280562b802978fccfb27490c79b9a478
SHA512ef1e8fc4fc8f5609483b2c459d00a47036699dfb70b6be6f10a30c5d2fc66bae174345bffa9a44abd9ca029e609ff834d701ff6a769cca09fe5562365d5010fa
-
Filesize
20KB
MD550fdadda3e993688401f6f1108fabdb4
SHA104a9ae55d0fb726be49809582cea41d75bf22a9a
SHA2566d6ddc0d2b7d59eb91be44939457858ced5eb23cf4aa93ef33bb600eb28de6f6
SHA512e9628870feea8c3aaefe22a2af41cf34b1c1778c4a0e81d069f50553ce1a23f68a0ba74b296420b2be92425d4995a43e51c018c2e8197ec2ec39305e87c56be8