Analysis
-
max time kernel
142s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
07-12-2024 09:23
General
-
Target
d1b6223c9444283f76758dee7bcd907d_JaffaCakes118.exe
-
Size
756KB
-
MD5
d1b6223c9444283f76758dee7bcd907d
-
SHA1
73648b62774211b9c8b0cf66f3919a01df4b5dea
-
SHA256
e4d95be483d87f25db57da7bf5f280583803140f7419ba6692564e685926d1d3
-
SHA512
e20e24d272b3bd68a39f8a790fa1f38e417814d651fb35efeeec2c330acaa8877cd94b75b850b6bdc8c1dcda2fe52b8473fb8c16a741685cdeefde31845fdc5a
-
SSDEEP
12288:WGe6ASVjW+ewWqhIJ0JiUBxq4h6gX4+J68w+j/xucLX9R9otMtrhg3Indzc6Mq:86ASVC+oMIJaDBlh6gIfaDxumtXeeFd7
Malware Config
Signatures
-
Ardamax
A keylogger first seen in 2013.
-
Ardamax family
-
Ardamax main executable 1 IoCs
-
Loads dropped DLL 21 IoCs
-
Installs/modifies Browser Helper Object 2 TTPs 2 IoCs
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in Program Files directory 39 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 3 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 64 IoCs
-
Modifies registry class 64 IoCs
-
Suspicious behavior: EnumeratesProcesses 13 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
-
Suspicious use of FindShellTrayWindow 26 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d1b6223c9444283f76758dee7bcd907d_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\d1b6223c9444283f76758dee7bcd907d_JaffaCakes118.exe"1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exeC:\Windows\system32\regsvr32 /s "C:\Program Files (x86)\Snipeomatic Toolbar\snipetoolfull.dll"2⤵
- Loads dropped DLL
- Installs/modifies Browser Helper Object
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://www.snipeomatic.com/installed.html3⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:17410 /prefetch:24⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_stub.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=502145⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=502146⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe117646f8,0x7ffe11764708,0x7ffe117647187⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:27⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:37⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:87⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5948 /prefetch:87⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5948 /prefetch:87⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4580 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:17⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,13584693139018071988,8460978170924849867,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5300 /prefetch:27⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_stub.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=1 --customer-type=1 -- "https://www.godaddy.com/forsale/chance2save.net?utm_source=TDFS_BINNS2&utm_medium=parkedpages&utm_campaign=x_corp_tdfs-binns2_base&traffic_type=TDFS_BINNS2&traffic_id=binns2&"5⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=1 --customer-type=1 --single-argument https://www.godaddy.com/forsale/chance2save.net?utm_source=TDFS_BINNS2&utm_medium=parkedpages&utm_campaign=x_corp_tdfs-binns2_base&traffic_type=TDFS_BINNS2&traffic_id=binns2&6⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe117646f8,0x7ffe11764708,0x7ffe117647187⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,9340670856219834946,5529726073077957772,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:27⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,9340670856219834946,5529726073077957772,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:37⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
-
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5730d8fa88d8b06ff5a4e5b56489a306c
SHA15eb8ead4fa3b0d1ac70753c9b52e791a2990bdeb
SHA256b7e0f69cefd9e6f5a49040bd8ed2552c73497bc828fc50d902384bfb115f6358
SHA51254c07612b865492fb367888b42ce452d81ba270685ef7ed794966032ff1e75c5c17086c6b447cd2cd9e884246cb02a44cd259894ef81a725136c463dab0280a4
-
Filesize
17KB
MD5130f14037780bc1853005b0753936395
SHA17e65e748252114402ea9ecd97247abe131de115d
SHA256f2824521c88e4b1c08e3144cc192621476c339ced1ab8a321e42d5c795f2729a
SHA5121617debf836d7fb01fb2f6853a4a763d967b6a30e918271a22afe1b5ac8247dce441ed1a7cc5c94ce81f3e779efb49ea36d8b4467d7e8c9f7d02cd4e09c60cc9
-
Filesize
5KB
MD53753249e9cf870545aff904c351c62ad
SHA1e08a78cb7903664c0776a1d5a07455485b2697f7
SHA25678e02ba3d6d60f44ebd5d9fb6b8c26df8326b87c4cfe76c3334bf50511c397b3
SHA5120c3a866f141c764dabed73c222416d919419ded396cb99b1bdaab77ec166fe09f8142dbb59727793109ab2ea1f752562752763390911e8677c81cd58492a4d2a
-
Filesize
1KB
MD54ce770a6e20bdd5b57fc406edb5e5c9d
SHA17a97843c871549281295c2f11a1888fd3628b515
SHA2563a4bcea74e23b899ab3b7a99b2d046b2ad36959314e0c8d3d44e811340b2ec65
SHA512b745a2a836b7cb16e7a4c8144030485f7a48da574c0fb0f004e9643cfdb6fcd1a8ff11e54d3fee70caca7c87495752f458873f9e52fda08f6470a95ab6ccc94d
-
Filesize
14KB
MD5f31221ea317f96dccd0f80a714558a51
SHA1b709a1ea654033b26681e00ba9d3380b5fc1c1f5
SHA2560728809962454119fd73117905c66b3652b2fbe780b01721abb2ce57eb767342
SHA512825116590d183b4cb1bb3bab8ee45e59c84d4d4b2bcf64d2cb33c1589e3d2b1175e14c84c22a99aac2a8b2f4d805290d2d4d8216339084b5c2f4b32235428b83
-
Filesize
17KB
MD5d096c647f6a3d1f38af0cca88ea8f8ac
SHA1eb1cfc986d02ea61148204c4e3e3e4d8528485e7
SHA2569c0c46dcdd6a76c0c362f36734c6ae046a498f14dff3ae62064249ee5fd1029a
SHA51246b9852889fa1a887f5b0c340ed66cf9f154252f8248076a67d34631ce67755171c0cdd42383166e929ac1a9e28a05a85398636afcd491b24e505449323fd1ed
-
Filesize
115KB
MD57bb096d53d9ca88388254afae9068995
SHA1f877bbc27707547db79bc2a1fb05489104b05168
SHA256c171108e3d59968b9de54565a732c5a87e90f83e079156b3c92386c192768e17
SHA512901a05a0ba94ade6d9b90836bebd01c4af131457630cfd059ce6a1eba40c7b654c7b9f83079df6d08160e21e8a1842571bef6d077328fae097ac88cd9a6c5b97
-
Filesize
496KB
MD520a6062a938e56319ecc28fcbf71c191
SHA1da5096492160899b52a5a3414ec0829a38764600
SHA2568718d1d8154d0e4fcd0e2c84d02f580af677b96dac589426b0ed7e327f550a58
SHA51214bcec751dae012d35f25aae59dcec9dbaf0b8674035328cfa3a586228e40ffb6d2bbd3d4b068cae587f47f4f233ccea452ca016ecc4fc92b48a7a1a0baf3da4
-
Filesize
13KB
MD5fde327cb58ee99a1672ca9752e7de95b
SHA15acdaf53d05595fd9508dc4406d3cc9ee484ef08
SHA256feb4b3f4d9fdb93e893caee2603280bc7db1fa1dbcd7fe11d9b54e265e27061f
SHA5124c0ea3450543fdf72de468566355c9c8053c6a4a03662b9362cae7d060d9f62d1ab51250ebb2fd95d1bfcadd8a66223c6715872f3de70ed3ed63e643ca073740
-
Filesize
717KB
MD5a9ea14a1fd7dbd79e7fc81c73b97a1b8
SHA146351d7552860351cd5cfb66a5056de3eb616157
SHA2569c2ab69190aeb45e65faf317cbb752beb43895a29eac69dba12b7d6fa035a582
SHA5121d0a15b2d128679c8275dea4a371e7b669a80d4d3e2d8a4c2f52d9987a2c589a7179f2885dc330cb58962bdbebb454513fab532405234a418b65b46e01dc4949
-
Filesize
351B
MD511a71d1605719e4d22536924af2739c3
SHA103cef4b3b57a07fe1bbcede567cb1ae1274c6b2a
SHA256faf8da0be449f2f77179acb5d7c5947f933e23e03398ed8b74e8f242ef1fdef8
SHA512f7bf080ccd48138424f653a301aebdc678b36bfbc4f249b6dda8a1bc6adf4495fc589bedaf1bdac04fc40ab4e908e088b61523bebaa67850097d58f6e531fba4
-
Filesize
280KB
MD5d464b9ca5f771d88c6b2a2b7ba359aac
SHA1c401a9e54bac45cd87aa70c83abd0e193fc47d0e
SHA256d7fdb53aec3090b81881ee63c47c3f766a25245afd892026b96dc82eea5d21e3
SHA5129de2566e953eca760d86978feda5e51a9a1ca0f75b0347b8483ffe3bd80e96ba2ba52570476df0550b23851991360b631b6f3cdc8c4ab8ee1ca565ae4afc4a54
-
Filesize
10KB
MD59b4976f23d26be71ead311dc13184a73
SHA1fac39f5597afaf4a0c60e0618847bcb64a6a5f74
SHA2565c9a1a4b1d3877762aaefa806c67b1b7382bb8dc0619ba1954af9d1056151e6c
SHA512f2afb8461a2afb68ac7e9143611dea71561e26af3243f2af7c153be43a176d6a6f39f68d13c3f8057075e2ffb29a64cfe51605d83fd3a7506e8b5d4f623420c2
-
Filesize
3KB
MD586a6a5fd8128a2cf8401d7cd84525581
SHA1ff02ab29b6ba344ace4c62b807b5b87167fd876d
SHA25663da9d985a598aaa5c5d4e5e5e7569bd64b3877f73aba371b8ec72565900b7d5
SHA512df9a951f25610a29a48da3625206afd9fc03cb4fbcf1b9ef65a9dfc78442e062e3250e3451d9163addce7a385ecd544d26065153e20b400970ca873944ac59d8
-
Filesize
392KB
MD5cb21d826d9c39aed19dd431c1880f5de
SHA16eafcc2fdfdf73abea334ac7afb903829f6ff2a6
SHA256f1fd0f1a54f196b19a6f21044092c89c02353dad173c236d80f6474cb8a7ea7f
SHA512d4223a0ad6118b1dae8505ad4675f6e87e4fa9ebca6fdbe2ee3f0ea868ced15f07fb5ae2d9a41d8992a9d41a9bbe4b16f7ac6eeb1c99324ed8fa3a8fc47af150
-
Filesize
148KB
MD5b7713a243e845d4a94e660609cb38184
SHA1ed0fe02af87bf34fc42772a64810dfcf358be1c8
SHA25664a5d90a5acdba9cda5ffe1ea4065b120b7a137300efcf12a0b2a9a3e6861ee8
SHA512fc984fce63387c164273e8be57eb8005e92b9246e061bd298e9297fb16559851ef1abac180f7e11c3d7ccdefd2b1a67ded39aaaedd689b87731b8cc7cc8c6ab6
-
Filesize
9KB
MD5e5afc0d6c61d50b92f85ea549d251737
SHA10fec11351de4028b312e23f2fc974624127e2fde
SHA2562d1354e210573d2e4ae30899606978ce946c970ae8a99026565aa98d9366c23b
SHA51201da484816937a0a1e686934506c76c3afbf72bda2c9817db6c2c92668eb6212e37d46da034a5f74539a6cda919e7bae08852005773a34106324ec204822c1de
-
Filesize
284KB
MD5e054edafdb3997d84201275a743488ad
SHA12df120342d1befe0329d4941a60a3205fee5e597
SHA25611b2e109ba8012d8ddcee1dd8b6ca060aedccbb60663f964d34d4ae50449d105
SHA512f58549d4900e996637880685b4d6e69318ee7d1ff229a1e3931c226ffcf9f6d2375713ad5587a58dccf36257b13901231f523116ce54b4587d254a579301e713
-
Filesize
532KB
MD5168160f56873fbd542d0f3870609fbe5
SHA1c2f142a14b8f1c512f452e9ffc82a756985e2c01
SHA256ff8c2c025efe03bec848bf614e752f44fbcc2ef6e3253ef4e45fa86da015bb89
SHA51258edab6c072bc946fd807be66d22535352ffda54858659a350c4b03b0614cfd7776cd2b21c87b977a6a2df3ce1d2a89d191c649a8772b32550ca94e18c92f33c
-
Filesize
53B
MD569baf51b16b1bc0e7de892d0698ec59a
SHA10910a119c9e6f773e021d1b51142e8b6d65e48f1
SHA256eeaeeb1bdfeca6493d71b29f8f4449a24998f1c7f8e520c4008e8bb75c85c94f
SHA512d093c4e860827ee5d3e44a917fbafbc1b72f3afd6e56dfb4df38fcf89c80673c79399bed785df63960dced50bb41f813d65aba4d75984fec9b0ca6050dd76c3c
-
Filesize
2KB
MD5b26eaa0539b91fc17ddfa00b785b3370
SHA1d82452e97f2f857b3d67d2a304e7e4b56fe804cd
SHA2563c5092a1d46123b14f9cfd8ecf27298d61ac0b1576947b415cecb71c985b62e3
SHA512d68834aa32c2f1d570bf4efc442548f4b304833c397ba4a416a2b74f737a097808272ac373f8e61e7f7efb9af96a051e9e1c7cd103772736a91ae35021ab3998
-
Filesize
2KB
MD5872a5abb53b670a47ffe5a6488868b00
SHA18d2bf9271f652dcb552ce3978d3076dda508a21e
SHA256c80b223512aa937b03958c51ac2807303c8108829aeed70f44b596b6d1246071
SHA512769235bc22f73dc54e4b3c062f09f6b23a2cefb62385e83e5f06544bbe0362caf176c801be1480b7d48bc57442749bd2a3ac32450b85b1b3106db6b92356f6fe
-
Filesize
2KB
MD5112afb8daa762ee3831756903f517f06
SHA18573da89e05e53786c8995e7cd4510be837e593e
SHA2566afa7fbb53fa7ee927dd1daf980f6f8a8006e9424cf9815a62569be41328d711
SHA5123453f67c4fbc43e0dc536015698277fd283b22737868565852f0d08fb072b5e92faba709f8b2c55c7902cb85bcc45bac9b3f00fa665614583758573056cea19b
-
Filesize
471B
MD53d6369c7b766bc365846cc8a4cbf342b
SHA1593cdf5d7fae21b31813f20db26f7452218ff8af
SHA2569b9b6a3af40491ff920270c0be40c0e8484adb1bac0ea0e9da6ce17464591010
SHA5122fcc65941c227cb765e0c94417f6bbda00c7b4acc428906e6e98300c3e1deb08479728284f39ecbef7de02f7b0357487d2ebf0d9f3065069cc955d9643e14d37
-
Filesize
450B
MD5a6da704e1db8224ebff36f3992cdab8e
SHA14806892a8cc70f92c6922f1a21cf3a652cc6eb09
SHA256e5a51d724b8acf9eeb55bafc9a5eb2aa4d4e3fbd71211fb65697303ceb29c396
SHA51241ba6c4c3b6ffa1784da20eb37b6c3fad90ffaa0128b68dae0818b047c2468228aa3d9d14f0da39310b92238767d9ddce877632595ac5c4f804b5fa03a680970
-
Filesize
466B
MD5d7e39e4d4a839b3686b7bb08a2096a5d
SHA1ac39181d266a4ce97b4327ca5825a835915e3bb5
SHA256f0a4835c191606efefcd5ccc1f103cd20d18754b92765b1a7e42560415b0464d
SHA512580e4b2021dbc406d1c81f84fdcb804fa09fdf4f228863b90435c7c6136a1bc5a2a1d5e0ed8f440834a6d2bb950b276c643a5609235836623076b43c366c3e90
-
Filesize
470B
MD5536a4d48af5825e8ce1449fdb98c6f08
SHA171391bcea0a729cfcf1a5b44e53f911a793266bd
SHA2569515e19c3bb420cf45de5251aa0253bb1bce3e078b1734c53a63458670443717
SHA51232a160f4fd9a15b7da1c79f68e5055d876453ecf5ea498bead4239faa43a8b38d9a6f5092e0e5d68e7d79874dc8429a913999a6b92944ac462b96bbb4839c0a2
-
Filesize
412B
MD57f0b9c428b527acf253bbadfc196773d
SHA17544b255fa441b7670db81d7b5e509cdf8465591
SHA25677e4eda9605b8cdf6f7c85b1bc4d0c44f29db0e27736133f72954e998db385f3
SHA512eb307bad23c7aa9e7a9093fae67efdd22f3b2c4662326c4f29a7b38c3242647152f820c1e82b599b947ae4b2ff820726a9927ace631308318f7a3117e45f753c
-
Filesize
152B
MD50a9dc42e4013fc47438e96d24beb8eff
SHA1806ab26d7eae031a58484188a7eb1adab06457fc
SHA25658d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151
SHA512868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f
-
Filesize
152B
MD561cef8e38cd95bf003f5fdd1dc37dae1
SHA111f2f79ecb349344c143eea9a0fed41891a3467f
SHA256ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e
SHA5126fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d
-
Filesize
5KB
MD53122a0c4b04a52b5dcd9f1ada5995804
SHA163e529150b95a3d6814f8d25d578fa7f2fbb7d47
SHA256b633a78acdb33d9a73680a394a43c8e30dc2de4db57e7bfe89ff43ef6707c34a
SHA512ceae241a76f6afaf10fe7d35012e31cd6cb7dc5720e12575dea193fdb2fb403d76b54c5a8b3ea3377068fca638aaf5fd12338c472c2b61fdc89d1b6cb3e56938
-
Filesize
672B
MD51dfab44cc70f7e0ccf0bf29e5fd05947
SHA13d9a479290ef809ab360d3000fa1cd8cf2e26fc5
SHA2566a238713bf2f4eeffb1dda59abe88c9103816f897aaa6044d45d0cd25c9d74ea
SHA512a10cef6b518bf1ac49f5395ac34f7dec7542c3a9d14da81d8d021f601bf71c6a903ed17126d9a9e8d0f402da837ef08c13bf10f115c0c500c2b5d02e56780755
-
Filesize
830B
MD5a31660ddbab173277d6c9c4748b5a950
SHA1a82baf032771b8b07c6e2fe4455b64a0362dac36
SHA256d4a7c53aa4fcd98401f9be1f845d23515d1158e9ec1263c3bab93f02f8bdc3ea
SHA512997b611d5dc87dc82a4878f7a5507d5c75734d7a8198bf768188f578aa67b5276a1203b7035ebffca768260f5e62a86013321bd65443d87cf1a97eee0f87dfac
-
Filesize
6KB
MD5567d10a24693ce365072a46a63da96e2
SHA1387fd52ea0bdaa94ae1d273aef19723104a992d5
SHA256bec50c606e1e88c13989adc458e5467e25bb43e4df2ce043554e97fe53af5dba
SHA512cc930fde8567c08d8d689fa4d4e3fdb7d1c79add901229c1766e74a81bc576115d5e773e2bd43fa5ac7b958b4cf33e95b5e0d740ec27fc4dfd9a8ecfa06a44a5
-
Filesize
72B
MD57f5962cb1cef46fd698e9487a3f82c17
SHA192dd81e0affb684a8114594b90317c59a62fdc43
SHA256b7965fbfb8ebf1a826ee27e86d53f4a86ff91c3bd398c11d87e9545ef037684b
SHA51265b21d08b0192ba2ad6684c0e13414c3e58f1c408a463ae167fc61670810cbad7bd227920ed7603a19febaebe9c8475165c5598ff81062f710d730e74d2c06e0
-
Filesize
48B
MD5e96ad900f67d36ccef4b6b40bdad62c4
SHA118472e1236515513004b666e740c9f01fd679c22
SHA25623040f9e2fad55c8bca26068c1c9aa12a9fec453fad9d5dac9f62f441fec2daa
SHA5123ce2f7b181c4a4d169adcf1191b5cd42a1fc953cefb869801956967f7edcf375df644db75b123a44c12eefe50a90d97fa9e792248b45e48c2366f98cf9ea3f4f
-
Filesize
537B
MD5f4a6505ac9ac85ee2bbd5f65042f9088
SHA111651622e28d36aa64fbd3b046263e36ac0a4b79
SHA256b195b33c2967e6fef4b8b849646ed877c4cc68cd3fa50378577c37040996a106
SHA51274b6e265d247db0f85ca32294ae43437798d246c56cc7ed44d4273ab60c2ef8fdd5f6dc4356f4738c9aecae8fd02557e2b6fe336bcd0887c761509c01db5be11
-
Filesize
537B
MD5330acd99e9b4634e22e36bb92de9f042
SHA1bc4d1bb6034ead3bdfd628ac613cbeb2bd5fb1bd
SHA256111f34de50b60d960934000b02b3c657dbc106d92d1713a432dbc81ec82c4250
SHA51205ce664b02af7cb3319bd267aab2b03252a4721ea2c7caaf70b43d681c630ca62bb257c398af81786b796ceae6ee6cb0e07ab3073f5cea4e0174cfd10c630244
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
8KB
MD5eb0d8766a7c3b27f7fb2dd299ecafbe9
SHA12a979afafdbe4a47d23229af3038c2f34d0280ab
SHA25621b9cd177d8d3292002f8d5ea70bf563c38024f77b99909669c2ef0aed29523d
SHA512260dd01dd209a910c89599903e444a9f8232b3cdd9e894926773eab2bc16e62b9892fb71ad6552e89d67afb474ca0c26b22107c890652dfd93c495dc08199e06
-
Filesize
10KB
MD5b8657ae81c1564049922dd9a12572dcf
SHA1227f4002f3e24f34e3a78569e923942cf1fa99c1
SHA2563d7c7c5d5db04cfdc2d878f3029e7f3b5ad2da82758db1ea7a57b3a3b3972704
SHA512d1f57dd4999e164a1ae00e0c8de865f0e16a070bdd2a773287cc7d1d30b3450b3c8aa981e0eead741607963a269ecb993340e55dbb5516385a61ecf20f55f311
-
Filesize
13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
Filesize
771B
MD58a3ff81b10cf5c5ea46f8f69cfc1082f
SHA1aa3b1986680ccf22fb8653bb6e1acafcbf8c7f4f
SHA2560d7cd1b7b5a1f384ef344a467bd1cf716d4c50378f3400b26cb09f6abc92f51f
SHA512924c03bf7dfd0dd8d1947f360c1ef236c2bf57912b8323302a4ca0fd177273a14f5db5ba3073a238d806a311b79f4402a1a49dc54c96df9d73f5916c3b83c722
-
Filesize
17KB
MD55a34cb996293fde2cb7a4ac89587393a
SHA13c96c993500690d1a77873cd62bc639b3a10653f
SHA256c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee
-
Filesize
631B
MD5fb2ed9313c602f40b7a2762acc15ff89
SHA18a390d07a8401d40cbc1a16d873911fa4cb463f5
SHA256b241d02fab4b17291af37993eb249f9303eb5897610abafac4c9f6aa6a878369
SHA5129cbcf5c7b8409494f6d543434ecaff42de8a2d0632a17931062d7d1cc130d43e61162eedb0965b545e65e0687ded4d4b51e29631568af34b157a7d02a3852508
-
Filesize
148KB
