Analysis
-
max time kernel
99s -
max time network
102s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
21-10-2024 19:00
Static task
static1
Behavioral task
behavioral1
Sample
Bitguard_Pro_4.4_Cracked_by_31Cracks.zip
Resource
win7-20240903-en
General
-
Target
Bitguard_Pro_4.4_Cracked_by_31Cracks.zip
-
Size
8.1MB
-
MD5
ae74146566d2f7a90966ed650859119f
-
SHA1
d7978e13772877074857d9d5fc5d46abff749863
-
SHA256
27c5032cc5ece6baf23e8f6fd333cd46d1193ea31793ce9c8b4cbd19fd1ff5bd
-
SHA512
5105cbccdd4df4cc5d1a22871c3fe05e82598069460f140f836a96630644f1a85baf0a55ec51f21f8182254b51af03302a67299909fe68f2309755e7a82ab906
-
SSDEEP
196608:HV5fUcEm7lBJEcWF35vsVYeSCS3/2dMT9zUmPBVvQzgW:XPEmpBJEh3Z0SCfdaRYzJ
Malware Config
Signatures
-
Detect ZGRat V2 2 IoCs
resource yara_rule behavioral2/files/0x000d000000023a9d-63.dat family_zgrat_v2 behavioral2/memory/3308-66-0x0000000005650000-0x00000000058D0000-memory.dmp family_zgrat_v2 -
Executes dropped EXE 3 IoCs
pid Process 3308 BitGuardCracked.exe 1416 Renamer.exe 2940 Renamer.exe -
Loads dropped DLL 6 IoCs
pid Process 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe -
Obfuscated with Agile.Net obfuscator 2 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
resource yara_rule behavioral2/files/0x000e000000023aa2-58.dat agile_net behavioral2/memory/3308-61-0x0000000000460000-0x00000000007B8000-memory.dmp agile_net -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language BitGuardCracked.exe -
Modifies registry class 38 IoCs
description ioc Process Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" BitGuardCracked.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ 7zFM.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 = 9600310000000000835807a010004249544755417e312e34435200007a0009000400efbe55592398555924982e000000843b020000000a00000000000000000000000000000036322100420069007400670075006100720064002000500072006f00200034002e003400200043007200610063006b006500640020006200790020003300310043007200610063006b00730000001c000000 BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = 00000000ffffffff BitGuardCracked.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ 7zFM.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\NodeSlot = "2" BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell BitGuardCracked.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\MRUListEx = ffffffff BitGuardCracked.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 BitGuardCracked.exe Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000 BitGuardCracked.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 BitGuardCracked.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ BitGuardCracked.exe -
Suspicious behavior: EnumeratesProcesses 60 IoCs
pid Process 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3124 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeRestorePrivilege 3124 7zFM.exe Token: 35 3124 7zFM.exe Token: SeSecurityPrivilege 3124 7zFM.exe Token: SeDebugPrivilege 3308 BitGuardCracked.exe -
Suspicious use of FindShellTrayWindow 5 IoCs
pid Process 3124 7zFM.exe 3124 7zFM.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe -
Suspicious use of SendNotifyMessage 2 IoCs
pid Process 3308 BitGuardCracked.exe 3308 BitGuardCracked.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3308 BitGuardCracked.exe -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 3308 wrote to memory of 1416 3308 BitGuardCracked.exe 113 PID 3308 wrote to memory of 1416 3308 BitGuardCracked.exe 113 PID 3308 wrote to memory of 2940 3308 BitGuardCracked.exe 116 PID 3308 wrote to memory of 2940 3308 BitGuardCracked.exe 116
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Bitguard_Pro_4.4_Cracked_by_31Cracks.zip"1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:3124
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:3492
-
C:\Users\Admin\Desktop\Bitguard Pro 4.4 Cracked by 31Cracks\BitGuardCracked.exe"C:\Users\Admin\Desktop\Bitguard Pro 4.4 Cracked by 31Cracks\BitGuardCracked.exe"1⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3308 -
C:\BitGuard\Utils\Renamer.exe"C:\BitGuard\Utils\Renamer.exe" -n C:\BitGuard\Utils\temp.crproj2⤵
- Executes dropped EXE
PID:1416
-
-
C:\BitGuard\Utils\Renamer.exe"C:\BitGuard\Utils\Renamer.exe" -n C:\BitGuard\Utils\temp.crproj2⤵
- Executes dropped EXE
PID:2940
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
205KB
MD53e0c10d8f78319005a4e4d81e2c5642e
SHA1f7f59f0c0e161a025c17c34b813a7885bc74e19b
SHA2565c01e7dc3d737569f89490b5a281b4ca5e4839d6e140559ca5c42fce4ffa2d24
SHA512ffc51711830e04f7193075c09ffa7428c6a587886efedcf6fd8871176c139181c51cc13199356362886d685bd5cffc6025e450e1bec03b3a254f6df7ccc011f7
-
Filesize
99KB
MD5a3e7189f7a7579b380c8b5395cd5c2fe
SHA14c3f5f5c60701723dab3ef69e64011aa629c8066
SHA2566dd44b64cec9987e06be597306f6cb78d55d12342f8b06042c1a23d02a764ad0
SHA512e658fe5d68965bb1fdef053eb0a99c2883fcaace1142339c480ae5a8971a65babdcf099a257870b46b76e5f853203f954f6cc55229c29dc3a1580ec1a1be8a78
-
Filesize
51KB
MD5a26ababda9741f74de7ea9ffeb53d66d
SHA1c494e284d3ba3b825bfa6cfa67a77e16c031e5b0
SHA256d6655d3ceca5ff82d33390e82b8d40bcd96e1bbc49cf9741661eb08a3a3e9b5e
SHA512c6e8da342e81224b4bf3b23946226b790b7edd4a64662a889b5aa367d7e7e31c0c7401b868a514d037ad466c08378731150f4b907e7674d9a19fe075284f7809
-
Filesize
166KB
MD5a796ebfc24d2f3b6e0284f3f2079057b
SHA19ee09f2920b7b4967dea7833a2acc0fdad745c96
SHA2560e51bcf333b5af7c804639783511c65bdbb8e9d362ee9a041301d46e3b155dba
SHA51251e406e2859940b8cad3f9fa35247fc584d49218ba9a316b2f63ed0c349a3735e7657497e1ec5382eb459ef06eb1908e7c6d45fcd8441fbb4defb16107833bbc
-
Filesize
366KB
MD5bfc85a9c75eb78e637ce8d84f2d0e8bd
SHA1105e5021691d72a3d7c7c217aac1d1e6d0ccaae3
SHA256d2abca70f00a61019443be706f60cce5e2dd52ece6d4544f48f1045bd796e748
SHA5126aaf03c534a34cd1958f34b0fd234db1a6cb7b0f2ff3e4f5ea75a362052dd1a9957a498b6513d7834a8a3b3b0e8ee1889481200230849d702e287182a9329886
-
Filesize
45KB
MD5362abcf65a5897a54e7f7e1107868d82
SHA1cb0c929a20045cc32fbfaeb0f9c349a32613f0e5
SHA2565e30f2a8ece3efde7c83782b7481deb57bf75c1d9b17342a8691be939e98bf72
SHA5120256857309fc3994ddef118f2fce88b2915961b0bbf18ccf5585d714608018ab7ae8395b06efc3f82e07012aca68e183e0a1a617c9c20bfb7335e11a3ff251ba
-
Filesize
22KB
MD5ed737ff05dbb3ac878ca2d9e137f4208
SHA1938205ed6c9fc2b1ea81db6b7c3adf600bb8d8e8
SHA256b08e687ff35e3669e5c4cd7ab7c95f18fd959d08dc98b8ebf17a69826115b054
SHA51285ad0aa5490fd5c03baf4d6333630a4849b30ba260185bcd8954208bc9b608de74ebeb581ae4eeefca99180bb25b7d94a9c32d07e69bab7354b1d4a1b36ce549
-
Filesize
23KB
MD50bfe707e64eeea613fdfc8657997ec85
SHA18ff72e287bc44e45fcce8a15b1ea9bf9e2365cba
SHA256369bf908d5acea6ff4555db6d90c7178ec84c88f9daf3abe17a74d6c58caab1f
SHA512d85f68d9c57f4fa8515e73f836cd60982002c2e58fcc8c5778beafa619ed6a78856395e279c451475d6d31604d85404edc1df36ac2d6650516f6e9c715be0f01
-
Filesize
15KB
MD55e9559edee33325f3d210e14c3c0b209
SHA1d8c1d8e9821091c71b1c7e82ce4ef4b984ebbfcf
SHA256e9fd3b3e213a7416c276b5b6c740fc223aab5fa1758d3c97842241ed648b4086
SHA5121d4761a0f01c388bd18b1b469e80cd5e8565f26f4d194fae1f816fa316a8536df49b24006aa44ea23f41fdab94a504c5c2f2d3d03658b79f6d45dfe6b31f120a
-
Filesize
1.1MB
MD5d9e08ec1c571d8139255cf305e3fef40
SHA172aea7c18c901a3246eb276258e3b37a95048b4e
SHA25648f144f744a9ce60659ee8cc7094610252aecbabf95492fbc612db919d144918
SHA512de9b6fa6cd5025fd4639ff930caec751a3f466c39a15c6a117cba9f20348918928b3ab84a902d9a03b6b5fa233e4370393387025a470f2ea7437d36e6028ae90
-
Filesize
333B
MD5cb57ab1a24152d8b1a08739fabc2a164
SHA112797b5d9c57414aa472424f79a60d5d2341191b
SHA256085465ef8ed286795e91856b3e3da02e0c509552096632ec2d63d9a17d2996c3
SHA5125c53539dd1a79e4f265e9bad8b2161a3780f1d901cf695667fb3dc57460dbe66f1d8be9a99103600c027f13f9f6cc51a0e83fd853b7925f79e56a70d437796a9
-
Filesize
939B
MD5a350ecd0b5ab253003663e4ec0c14f02
SHA16d1540b89d12fa29d642c7d1a151bbd578039076
SHA2561269073c875a48ebc2fa7e43b3223546a89d9e7019c48fdf724c4946f79a8e12
SHA512f2f8500fc0d42837cb7930330a82b871906fc4d5484ae8f636023ff2efc5c71141bb5dae26f9290dd8ec96302531806f14d6512bd58f8f0f7378ca40d42db647
-
Filesize
2.1MB
MD56167fb063bd1ac47bf0cd4a5dd4fc1ac
SHA1915af8611509fe9bd83964ba50e7e2f7f25f5b69
SHA2565f7ad0df1eb08e81f66d4006d3a9e5cb40fc05e381f36d7bd0513f334f6a251f
SHA5126bc8e27457fa700af4fec9f3515069a7f0d116f33ca67bdd0713562f9a0c1aeaab075de446d040f028ec4f508db482c34d5a6d787c76e89daeee36c5ef67dc6a
-
Filesize
2.5MB
MD50a03f1c39ecec04d044b661a7feb4b67
SHA1ef7acf458e42d7a5a3d963455fb4f828c494abea
SHA2566deee133a5f12c4705a9d3961d71b68309a6ddf4f2966733e59eaba3ae237e7d
SHA512939b52e5a77ba415dd6bdbcedc33a6655c908bbe2d7876da02e1cfe0e30a58b794b7dc1117329d0dd62120389079e9412e9659c685497bc4ff16c9e8861bcdd1
-
Filesize
3.3MB
MD57f460969a3aacd3a3f875ae3e936f6c5
SHA104b8d4a4251e2bf1047e47423c36a3d40e4d8047
SHA25620d99480a8e4c066aee9bbaf70c4aa5a273c4d8a0bc22ab5660ffe7986d37484
SHA5128604ee612b012c1391b0fa01ad4b273c5d46058eba1fb2161886fa2cf945b2241671e507eff1cbbf8ca46ba54e2b1b55449ba4246f49aad85caa27343be4dda7
-
Filesize
3.2MB
MD50cf454b6ed4d9e46bc40306421e4b800
SHA19611aa929d35cbd86b87e40b628f60d5177d2411
SHA256e51721dc0647f4838b1abc592bd95fd8cb924716e8a64f83d4b947821fa1fa42
SHA51285262f1bc67a89911640f59a759b476b30ca644bd1a1d9cd3213cc8aae16d7cc6ea689815f19b146db1d26f7a75772ceb48e71e27940e3686a83eb2cf7e46048
-
Filesize
3.1MB
MD5af39ef68cf43e234df56a8fe1897568d
SHA14d1969a9c4d83607e46364dd2fa933975a86b48e
SHA256a077eb57bbcdc2ebeae61704a794b6d382c8984222e81bc7210f3d8c686cee82
SHA512cf68bcc683a4b44e8b980e2c45f79af9bccd47ae4fa0dd793c94626adb6fa69b07b29748f71c1a9192553c8285327bba59106d3582f813b4fd50dcdca2d8e530
-
Filesize
8B
MD5e26832d5d8bc1116f5c002aa4f0a7280
SHA1c6dab8635cc7bb906c626734e60d3895e42e3d2e
SHA2569ab6fcd10c82aa9f690cbd11d1cffdb52503b1ce0017079f47a69cfc082b0e9b
SHA512f8c128dc2501f8dc0c671d553d6a1ce9f24d7ab93abbe8001a5e06969de045f6c6ccae8026cd456c59f1a861537031b395b546c8697c075b43dc0bf1f36a1a48