Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1190s -
max time network
839s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
22/11/2024, 02:36
General
-
Target
74add6536cdcfb8b77d10a1e7be6b9ef.exe
-
Size
229KB
-
MD5
74add6536cdcfb8b77d10a1e7be6b9ef
-
SHA1
b35c295f625ce4203f70106d33ecdfb39be3537b
-
SHA256
f5ab764c439a45ed892a3346f228d36f24d7f2377d4cddc5e82a0566f8521082
-
SHA512
91c1f048b39bb620e498342a259b8edfdf0655c674870104d5d335d49598aed93b54e1793b80a0b5a3f203c493e07f72601f5174925021c94dee7d9afb78b1d6
-
SSDEEP
6144:t9Kx9J/srIEV00YdR29lGx/adfteNtUlnNCc2HLN:+R29l2QfFfJ2H
Score
10/10
Malware Config
Extracted
Path
C:\Users\Admin\Favorites\Microsoft Websites\_DECRYPT_INFO_elzyw.html
Ransom Note
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<!-- saved from url=(0014)about:internet -->
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' />
<title>elzyw decrypt</title>
<style type='text/css'>
<!--
html, body {margin: 0;padding: 0;margin-left: 0px;margin-top: 0px;margin-right: 0px;margin-bottom: 0px; background-color: #bfbfbf; height: 100%;}
a {color:426BBD; font-family:Tahoma, Verdana, Arial, Helvetica; font-size:12px;}
td {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f0f0f0;
font-size: 14px;
}
.style1 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 48px;
}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 60px;
}
.style4 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #28caf9;
font-size: 14px;
}
.style5 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 14px;
}
.style6 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 14px;
}
.style7 {
width:685px;
height:120px;
background-color:#393838;
border:1px solid #565656;
font-family: Courier New;
font-weight: bold;
color: #f0f0f0;
font-size: 13px;
}
}
-->
</style>
<script type='text/javascript'>
function init()
{
var xtime;
document.getElementById('fe_text').innerHTML = '00:00:00';
xtime = Math.floor(1732243871+(12*60*60) - (Date.now()/1000));
window.setTimeout('update_timestamp('+xtime+')',1000);
}
function component(x, y, z)
{
var res
if (z == 1)
res = Math.floor(x / y);
else
res = Math.floor(x / y) % z;
if (res < 10)
res = '0'+res;
return res;
}
function update_timestamp(tstamp)
{
if (tstamp < 1)
{
document.getElementById('fe_text').innerHTML = '00:00:00';
}
else
{
var hours = component(tstamp, 60*60, 1),
minutes = component(tstamp, 60, 60),
seconds = component(tstamp, 1, 60);
document.getElementById('fe_text').innerHTML = hours+':'+minutes+':'+seconds;
tstamp-=1;
window.setTimeout('update_timestamp('+tstamp+')',1000);
}
}
</script>
</head>
<body onload='init();'>
<div align='center'>
<table width='700' height='100%' border='0' cellpadding='0' cellspacing='0' bgcolor='#000000'>
<tr>
<td width='225' align='left'><img src='file:///C:/Users/Admin/AppData/Local/Temp/elzyw.gif' width='225' height='221' /></td>
<td width='415' valign='top'><div align='center' class='style1'>WARNING!<br />
</div><div align='center'>Your personal files are encrypted.<br />
<br />
<br />
</div>
<div align='center' class='style3' id='fe_text'></div></p></td>
</tr>
<tr>
<td colspan='2' align='center'><table width='97%' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td colspan='2' align='left'>
<br />
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a time period specified in this window.<br />
<br />
</td>
</tr>
<tr>
<td width='7%' nowrap='nowrap' align='left'>Open </td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.onion.link' class='style4'>http://bs7aygotd2rnjl4o.onion.link</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.torstorm.org' class='style4'>http://bs7aygotd2rnjl4o.torstorm.org</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.tor2web.org' class='style4'>http://bs7aygotd2rnjl4o.tor2web.org</a></td>
</tr>
<tr>
<td colspan='2' align='left'>in your browser. They are public gates to the secret server.<br />
<br />
<span class='style5'>If you have problems with gates, use direct connection:</span><br />
1) Download TOR Browser from <a href='http://torproject.org' class='style4'>http://torproject.org</a><br />
2) In the Tor Browser open the <span class='style6'>http://bs7aygotd2rnjl4o.onion</span><br />
(Note that this server is available via Tor Browser only. Retry in 1 hour if site is not reachable).<br />
<br />
<span class='style5'>Write in the following public key in the input from on server:<br /><br /></span>
<div align='center'><textarea class='style7'>
K1MTJ-7URB7-H5NKS-DXT7G-V4EBP-48CED-8TWS7-W0XNR-0Y3WS-CEKKP-TZAWR-JKGHY-16R1R-DVVP3
HEQV8-WPTKP-KNW7K-PPHQ7-K6Y0Z-6NH7F-BSK12-X3Z6B-T3HQM-0CQD5-BUJ0Z-SFM5H-HYWNW-C13GD
GESWM-SN520-VBRX7-ZQ0FZ-BHSRR-7RB6H-MUA06-3D7G5-50Q7V-880DX-452DX-704Y3-GF18F-QTH6Y
RYBDB-V18Y8-TARDR-RMZ6P-TN3XB-5FYDZ-KRFT8-0S47N-WYDFN-MNAW3-15RD1-87XB8-X40D6-SS22T
6X0Y0-3V4DD-EWUDB-SNZYM-CMQUW-UWFVW-Y8G21-HTSF7-QY0U6-SQ7UJ-FGAV5-BBSJF-Y182U-2RRAP
PYJVG-NV4SK-H3DXE-8W6R6-WXCVS-01FK6-WMPX7-32E5T-PMMDQ-YUBP3-QDSGT-8DSUG
</textarea>
<br />
</div>
<br />
<br />
<br />
</div>
</td>
</tr>
</table></td>
</tr>
</table>
</div>
</body>
</html>
URLs
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
http-equiv='Content-Type
Extracted
Path
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\_DECRYPT_INFO_elzyw.html
Ransom Note
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<!-- saved from url=(0014)about:internet -->
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' />
<title>elzyw decrypt</title>
<style type='text/css'>
<!--
html, body {margin: 0;padding: 0;margin-left: 0px;margin-top: 0px;margin-right: 0px;margin-bottom: 0px; background-color: #bfbfbf; height: 100%;}
a {color:426BBD; font-family:Tahoma, Verdana, Arial, Helvetica; font-size:12px;}
td {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f0f0f0;
font-size: 14px;
}
.style1 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 48px;
}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 60px;
}
.style4 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #28caf9;
font-size: 14px;
}
.style5 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 14px;
}
.style6 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 14px;
}
.style7 {
width:685px;
height:120px;
background-color:#393838;
border:1px solid #565656;
font-family: Courier New;
font-weight: bold;
color: #f0f0f0;
font-size: 13px;
}
}
-->
</style>
<script type='text/javascript'>
function init()
{
var xtime;
document.getElementById('fe_text').innerHTML = '00:00:00';
xtime = Math.floor(1732243873+(12*60*60) - (Date.now()/1000));
window.setTimeout('update_timestamp('+xtime+')',1000);
}
function component(x, y, z)
{
var res
if (z == 1)
res = Math.floor(x / y);
else
res = Math.floor(x / y) % z;
if (res < 10)
res = '0'+res;
return res;
}
function update_timestamp(tstamp)
{
if (tstamp < 1)
{
document.getElementById('fe_text').innerHTML = '00:00:00';
}
else
{
var hours = component(tstamp, 60*60, 1),
minutes = component(tstamp, 60, 60),
seconds = component(tstamp, 1, 60);
document.getElementById('fe_text').innerHTML = hours+':'+minutes+':'+seconds;
tstamp-=1;
window.setTimeout('update_timestamp('+tstamp+')',1000);
}
}
</script>
</head>
<body onload='init();'>
<div align='center'>
<table width='700' height='100%' border='0' cellpadding='0' cellspacing='0' bgcolor='#000000'>
<tr>
<td width='225' align='left'><img src='file:///C:/Users/Admin/AppData/Local/Temp/elzyw.gif' width='225' height='221' /></td>
<td width='415' valign='top'><div align='center' class='style1'>WARNING!<br />
</div><div align='center'>Your personal files are encrypted.<br />
<br />
<br />
</div>
<div align='center' class='style3' id='fe_text'></div></p></td>
</tr>
<tr>
<td colspan='2' align='center'><table width='97%' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td colspan='2' align='left'>
<br />
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a time period specified in this window.<br />
<br />
</td>
</tr>
<tr>
<td width='7%' nowrap='nowrap' align='left'>Open </td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.onion.link' class='style4'>http://bs7aygotd2rnjl4o.onion.link</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.torstorm.org' class='style4'>http://bs7aygotd2rnjl4o.torstorm.org</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.tor2web.org' class='style4'>http://bs7aygotd2rnjl4o.tor2web.org</a></td>
</tr>
<tr>
<td colspan='2' align='left'>in your browser. They are public gates to the secret server.<br />
<br />
<span class='style5'>If you have problems with gates, use direct connection:</span><br />
1) Download TOR Browser from <a href='http://torproject.org' class='style4'>http://torproject.org</a><br />
2) In the Tor Browser open the <span class='style6'>http://bs7aygotd2rnjl4o.onion</span><br />
(Note that this server is available via Tor Browser only. Retry in 1 hour if site is not reachable).<br />
<br />
<span class='style5'>Write in the following public key in the input from on server:<br /><br /></span>
<div align='center'><textarea class='style7'>
K1MTJ-7URB7-H5NKS-DXT7G-V4EBP-48CED-8TWS7-W0XNR-0Y3WS-CEKKP-TZAWR-JKGHY-16R1R-DVVP3
HEQV8-WPTKP-KNW7K-PPHQ7-K6Y0Z-6NH7F-BSK12-X3Z6B-T3HQM-0CQD5-BUJ0Z-SFM5H-HYWNW-C13GD
GESWM-SN520-VBRX7-ZQ0FZ-BHSRR-7RB6H-MUA06-3D7G5-50Q7V-880DX-452DX-704Y3-GF18F-QTH6Y
RYBDB-V18Y8-TARDR-RMZ6P-TN3XB-5FYDZ-KRFT8-0S47N-WYDFN-MNAW3-15RD1-87XB8-X40D6-SS22T
6X0Y0-3V4DD-EWUDB-SNZYM-CMQUW-UWFVW-Y8G21-HTSF7-QY0U6-SQ7UJ-FGAV5-BBSJF-Y182U-2RRAP
PYJVG-NV4SK-H3DXE-8W6R6-WXCVS-01FK6-WMPX7-32E5T-PMMDQ-YUBP3-QDSGT-8DSUG
</textarea>
<br />
</div>
<br />
<br />
<br />
</div>
</td>
</tr>
</table></td>
</tr>
</table>
</div>
</body>
</html>
URLs
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
http-equiv='Content-Type
Extracted
Path
C:\Users\Admin\Desktop\backup_elzyw\_DECRYPT_INFO_elzyw.html
Ransom Note
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<!-- saved from url=(0014)about:internet -->
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' />
<title>elzyw decrypt</title>
<style type='text/css'>
<!--
html, body {margin: 0;padding: 0;margin-left: 0px;margin-top: 0px;margin-right: 0px;margin-bottom: 0px; background-color: #bfbfbf; height: 100%;}
a {color:426BBD; font-family:Tahoma, Verdana, Arial, Helvetica; font-size:12px;}
td {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f0f0f0;
font-size: 14px;
}
.style1 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 48px;
}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 60px;
}
.style4 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #28caf9;
font-size: 14px;
}
.style5 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #f5e700;
font-size: 14px;
}
.style6 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
color: #d7001e;
font-size: 14px;
}
.style7 {
width:685px;
height:120px;
background-color:#393838;
border:1px solid #565656;
font-family: Courier New;
font-weight: bold;
color: #f0f0f0;
font-size: 13px;
}
}
-->
</style>
<script type='text/javascript'>
function init()
{
var xtime;
document.getElementById('fe_text').innerHTML = '00:00:00';
xtime = Math.floor(1732243867+(12*60*60) - (Date.now()/1000));
window.setTimeout('update_timestamp('+xtime+')',1000);
}
function component(x, y, z)
{
var res
if (z == 1)
res = Math.floor(x / y);
else
res = Math.floor(x / y) % z;
if (res < 10)
res = '0'+res;
return res;
}
function update_timestamp(tstamp)
{
if (tstamp < 1)
{
document.getElementById('fe_text').innerHTML = '00:00:00';
}
else
{
var hours = component(tstamp, 60*60, 1),
minutes = component(tstamp, 60, 60),
seconds = component(tstamp, 1, 60);
document.getElementById('fe_text').innerHTML = hours+':'+minutes+':'+seconds;
tstamp-=1;
window.setTimeout('update_timestamp('+tstamp+')',1000);
}
}
</script>
</head>
<body onload='init();'>
<div align='center'>
<table width='700' height='100%' border='0' cellpadding='0' cellspacing='0' bgcolor='#000000'>
<tr>
<td width='225' align='left'><img src='file:///C:/Users/Admin/AppData/Local/Temp/elzyw.gif' width='225' height='221' /></td>
<td width='415' valign='top'><div align='center' class='style1'>WARNING!<br />
</div><div align='center'>Your personal files are encrypted.<br />
<br />
<br />
</div>
<div align='center' class='style3' id='fe_text'></div></p></td>
</tr>
<tr>
<td colspan='2' align='center'><table width='97%' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td colspan='2' align='left'>
<br />
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a time period specified in this window.<br />
<br />
</td>
</tr>
<tr>
<td width='7%' nowrap='nowrap' align='left'>Open </td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.onion.link' class='style4'>http://bs7aygotd2rnjl4o.onion.link</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.torstorm.org' class='style4'>http://bs7aygotd2rnjl4o.torstorm.org</a> or</td>
</tr>
<tr>
<td width='7%'></td>
<td width='93%' align='left'><a href='http://bs7aygotd2rnjl4o.tor2web.org' class='style4'>http://bs7aygotd2rnjl4o.tor2web.org</a></td>
</tr>
<tr>
<td colspan='2' align='left'>in your browser. They are public gates to the secret server.<br />
<br />
<span class='style5'>If you have problems with gates, use direct connection:</span><br />
1) Download TOR Browser from <a href='http://torproject.org' class='style4'>http://torproject.org</a><br />
2) In the Tor Browser open the <span class='style6'>http://bs7aygotd2rnjl4o.onion</span><br />
(Note that this server is available via Tor Browser only. Retry in 1 hour if site is not reachable).<br />
<br />
<span class='style5'>Write in the following public key in the input from on server:<br /><br /></span>
<div align='center'><textarea class='style7'>
K1MTJ-7URB7-H5NKS-DXT7G-V4EBP-48CED-8TWS7-W0XNR-0Y3WS-CEKKP-TZAWR-JKGHY-16R1R-DVVP3
HEQV8-WPTKP-KNW7K-PPHQ7-K6Y0Z-6NH7F-BSK12-X3Z6B-T3HQM-0CQD5-BUJ0Z-SFM5H-HYWNW-C13GD
GESWM-SN520-VBRX7-ZQ0FZ-BHSRR-7RB6H-MUA06-3D7G5-50Q7V-880DX-452DX-704Y3-GF18F-QTH6Y
RYBDB-V18Y8-TARDR-RMZ6P-TN3XB-5FYDZ-KRFT8-0S47N-WYDFN-MNAW3-15RD1-87XB8-X40D6-SS22T
6X0Y0-3V4DD-EWUDB-SNZYM-CMQUW-UWFVW-Y8G21-HTSF7-QY0U6-SQ7UJ-FGAV5-BBSJF-Y182U-2RRAP
PYJVG-NV4SK-H3DXE-8W6R6-WXCVS-01FK6-WMPX7-32E5T-PMMDQ-YUBP3-QDSGT-8DSUG
</textarea>
<br />
</div>
<br />
<br />
<br />
</div>
</td>
</tr>
</table></td>
</tr>
</table>
</div>
</body>
</html>
URLs
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
http-equiv='Content-Type
Signatures
-
Maktub Locker
Advanced ransomware family capable of offline decryption, generally distributed via .scr email attachments.
-
Maktub family
-
Deletes shadow copies 3 TTPs
Ransomware often targets backup files to inhibit system recovery.
-
Renames multiple (140) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX packed file 5 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Office loads VBA resources, possible macro or embedded object present
-
Interacts with shadow copies 3 TTPs 1 IoCs
Shadow copies are often targeted by ransomware to inhibit system recovery.
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 12 IoCs
-
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
Processes
-
C:\Users\Admin\AppData\Local\Temp\74add6536cdcfb8b77d10a1e7be6b9ef.exe"C:\Users\Admin\AppData\Local\Temp\74add6536cdcfb8b77d10a1e7be6b9ef.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\74add6536cdcfb8b77d10a1e7be6b9ef.rtf"2⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\splwow64.exeC:\Windows\splwow64.exe 122883⤵
-
-
-
C:\Windows\system32\vssadmin.exevssadmin.exe delete shadows /all /quiet2⤵
- Interacts with shadow copies
-
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5KB
MD513c868e109968d23c72b3e5de04abfa3
SHA1743507da7f922fe061fe0a791b421857fc7c1083
SHA25676957d7a86db61be8f50063b323dfee1c91922f3677456f97ca761007f00b092
SHA5124b218438f4951ba09282b1a6e1b79dc6362836a667dd7539fc4bc0d62b4f4f31ea1005bb20d2195eb77266540a72fba0e052983731f41a607387fe61781e0bcc
-
Filesize
2KB
MD5a945a8899cc5fa3620b89fb23997f887
SHA160dce9277089ceeddb5b1ac4bdbe6b575e7a29bf
SHA2565ac025473de03bba56f3b92496571804a1f7dea2a75005caaa9ddac5dcf91de5
SHA512896d66c2b95c2c2cc85679ef0b1b510b531872079dc7f475d88c65ed48ca3d9299a023e2c1208848ffa52c01dba0103e57bcdb4cfec2c593a3088e0eeef30bed
-
Filesize
19KB
MD5def5ec4c64b3b6c51ceca02b0a2e7a82
SHA1e2ba99dadc38b62442fda548f480b44694b8d426
SHA256a205d15c22258042a3a654b01a6299986a23a38baf96f9b70371828b89915531
SHA5129fe33e31167e5c6fda3d8c5ca55d3c27b1bd14f547f737ab82a5a91a3400dcab287b56e5c9586661da70d70f017b27f0af6bdbb754c95743843dd9d6f7afab2e
-
Filesize
5KB
MD53447c812184ad6059d152379c83373c9
SHA101564265e5125ab4d36d3b4389c788859fafcd93
SHA256c672b9c7472fff2a1702b4a8177cc6f4ee0b9e41d825f26533de7f08dafc85b1
SHA5125fefb3f555249d751be934a5b1115d5476a96fdc2e1c89bb1b8cf31165de832407dcc526c2ddc4ddc89663ae4b29a46aa5827497697952660e14a827a117c794
-
Filesize
5KB
MD5ee869afb1bc5d5c1b0f957f439ad50ac
SHA12ca1d0c98f8ad6cc80a0026dc046f17e183c36fa
SHA2565bfd82880c7be0c39f6c166fcc1813efedd9f213525b344cd3e9c87bdb457745
SHA512bf3a1f77456ef63448dbb59c29de3110bf3ef373dc87c1f44288610a8a5a1f9c2856496ce67309e8e397e0c1556bb7ede3711faa4fdfcd77794f62ad83c42936
-
Filesize
4KB
-
Filesize
136KB
-
Filesize
872KB
-
Filesize
4KB
-
Filesize
576KB
-
Filesize
576KB
-
Filesize
136KB
-
Filesize
136KB
-
Filesize
136KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
872KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
136KB
-
Filesize
64KB