Analysis
-
max time kernel
139s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
08-01-2025 18:08
Errors
General
-
Target
http://github.com/Endermanch/MalwareDatabase
Malware Config
Signatures
-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload 1 IoCs
-
Downloads MZ/PE file
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
Executes dropped EXE 5 IoCs
-
Loads dropped DLL 2 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Writes to the Master Boot Record (MBR) 1 TTPs 2 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
UPX packed file 5 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in Program Files directory 1 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Program crash 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 5 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 15 IoCs
-
NTFS ADS 5 IoCs
-
Suspicious behavior: EnumeratesProcesses 18 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://github.com/Endermanch/MalwareDatabase1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe3d8746f8,0x7ffe3d874708,0x7ffe3d8747182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2972 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5304 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6884 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6672 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7140 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Users\Admin\Downloads\WinNuke.98.exe"C:\Users\Admin\Downloads\WinNuke.98.exe"2⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7244 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Users\Admin\Downloads\Floxif.exe"C:\Users\Admin\Downloads\Floxif.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2380 -s 4323⤵
- Program crash
-
-
-
C:\Users\Admin\Downloads\Floxif.exe"C:\Users\Admin\Downloads\Floxif.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5576 -s 4003⤵
- Program crash
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4736 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1796 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,722183791710227682,8409621665747303278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7216 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Users\Admin\Downloads\PowerPoint.exe"C:\Users\Admin\Downloads\PowerPoint.exe"2⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- System Location Discovery: System Language Discovery
- NTFS ADS
-
C:\Users\Admin\AppData\Local\Temp\sys3.exeC:\Users\Admin\AppData\Local\Temp\\sys3.exe3⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2380 -ip 23801⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 5576 -ip 55761⤵
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x4 /state0:0xa38f9855 /state1:0x41c64e6d1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
MD5ccf7e487353602c57e2e743d047aca36
SHA199f66919152d67a882685a41b7130af5f7703888
SHA256eaf76e5f1a438478ecf7b678744da34e9d9e5038b128f0c595672ee1dbbfd914
SHA512dde0366658082b142faa6487245bfc8b8942605f0ede65d12f8c368ff3673ca18e416a4bf132c4bee5be43e94aef0531be2008746c24f1e6b2f294a63ab1486c
-
Filesize
152B
MD5bffcefacce25cd03f3d5c9446ddb903d
SHA18923f84aa86db316d2f5c122fe3874bbe26f3bab
SHA25623e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405
SHA512761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7
-
Filesize
152B
MD5d22073dea53e79d9b824f27ac5e9813e
SHA16d8a7281241248431a1571e6ddc55798b01fa961
SHA25686713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6
SHA51297152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413
-
Filesize
18KB
MD5abb8bd3b5a206b3a87c46a869c561e78
SHA1baa9e7aa2be00a396b2631a8e46a41af73c389df
SHA256a1eea8b5277e7e3bd6411970a0dfe1d6b44a0ae3b43ebf788f25d1544e3af6ed
SHA5126032f78ada98afc075363ae2200e2ee0a07553630ed23a060061099c27a76ea52f114699da0572229eb5b88c8a45bfb7dd18b6033e860f1a5b9044f5224cc02f
-
Filesize
3KB
MD595353fda25ad0a4e6eecffa63550db65
SHA1b7f761f03db58da6f78b4166a5073d1d2dacae33
SHA256d5fe3b996fb00a16e950ac2ce7f199075def956f44bd393cbfa554a6f4d89abd
SHA51235ec5016a7b8e8f1c8fbfbf47d4ead02e65e67e815b7a0699293be208ea912c3bcaf2804175417f77a47de064936e00573046638ac409a045363ae989c44245e
-
Filesize
1KB
MD5b4b90a831eaf4276ad0213b00bf46437
SHA199cdc9352be719575d684a33d8fb03988e821512
SHA256f8666d416b8ae27c031aafc530901d9607263e9c3f3a8007378bd6420d1dcb0a
SHA5122d2be2992bdf40ec20dc0fd6bc50469ade8e725ac9a14e9f2ee7ad0eee14ac728ce2b6725d16ded7514a872b3a1abee15743190e6c87a7b8e8be1d1046524a3f
-
Filesize
5KB
MD5693f58c78f7b869a4810231b16716a8a
SHA1b6cf5fe14e4e96b71428ad84e2fae8d52327f4be
SHA25674b2356b88e7831f5b58d99b2398c800bf718e600c249c851ad52f9f5a805340
SHA51297f756cfc8e1dcac4b424609ad3df36a872a2450fd84db9182eaa466c2a17d73c6e94befe7acc98ec60e691bfd645f2377e3796025357c2ab5039a711e9b344e
-
Filesize
6KB
MD537bb4a19f88cddc3d50e73e62bcde7f0
SHA1b4c6a801057acddb6c70da3acb65040b54195997
SHA25632fdd62a3dd9b316cd6799342132874d12d2baf89fcec9fa78daf61941cbe433
SHA512e3972a38b5e3cbc8b5e2ac52e5a01282ea1808debd668ece894971cf4d8b01f6fc04d071491c57c20c05b866124b6be3064017fa46e9d04b62c61f4889021c4c
-
Filesize
6KB
MD5675fb18c7ff62d84673c75c015423d36
SHA18942ec137019c24efcc8ad68725f000792fbad5c
SHA256ada99a1e4c744c965acab07fda040cbd529250d3c6d6405530211702d4330e2d
SHA512990231b9e5c145913bff328e1a17b33513fa7cd4ec2a59dd4139105289307d6d1861d34780fb1713b569d439374930a913b6ca6a340e8816d681737fcfe8a0d8
-
Filesize
6KB
MD5f38a26f91040aded65a32775fd36037b
SHA14c486513936e3b6e2bcf72aa4c07666add5bbfca
SHA25603d073486f0342feca401b4bcf2e7394798823aa6752259d909f5af1738ac23f
SHA51203e7a6c3a3a6d838c245c4360a14096d28b50e56d9226f391c90b09824eac117b1a1767a7031385e20204fcf2d4a67e47b0796126f09c37bcb0a31623b137b89
-
Filesize
1KB
MD5aee88ebcc31babcee5bccbad00aef4bc
SHA1082140515bd82cb8e0f2b111f6040525a3aaf401
SHA256c2b41aae62e78a66028aef8ecec78588fdb909c910fe8b96f7f45f8c10cc56f6
SHA512650209dc9d1a9fced9cb5a9b795939f8be51b6b83bb4ae12a6d3e4b9e45d057af3a157340caf69d41f52358c98a333309d53ad0e62170d69d25ae70b83fe4dd4
-
Filesize
1KB
MD5249fd6f77c1ed1cc50a39bce33602c0d
SHA1a725b02be15ebfff53cbb4a6497e345eaea2f4fa
SHA256921fde76d25ed723807583ff4ab9396391a5c4932c3ce80abadd109beb68a365
SHA512e285a9d737902eb7ec0a707da44a61c1bc39c2c6b952eba9d83574e0bb01db04acbc8cf844964eacf1676498d5afcf6953c1554dded3513e0b3b2524a12ec57d
-
Filesize
1KB
MD54dd7bc485e503e4d513e39797f6911dc
SHA1dd903ae9e32f170743eb1f096359b57bcb7abaa2
SHA2564e8a05f6112b163a9b898aeef31f83aab621bfce8314973dec638cf0f2719a34
SHA51255538e6cc2d80554e614e29b7f7cb4131f18d3efa881ca61d2f72ea85cba4418e5945fd0c0e49b3c5a4765bfff9327764fae4a331c4e3a45d99ab2d975cf1c6f
-
Filesize
1KB
MD52d3b466c1a1ff9dcec22415183c8f7e2
SHA1ed4ea934e126d3f1bdf5f588495492a6d728df85
SHA256616c2bd2dcc845c0044338602a049a9ff05015cb49db556ea7f9b5f0d5737160
SHA5121cb7c5f1816218fa8cf12c82a448bc4d4498e7aaff073e5fd384844aea6e3375d6c9deac6ad0fc71d3af017f72a6de9b700b4bf30125f17dcec08305ae1ae16b
-
Filesize
1KB
MD587bb39cb687b24157da50cd97a5142fb
SHA19c8cf8611c7eb22433e44bf64ded6791514a6d44
SHA256b71406a21e71072406c3562789b0f0bb0f7e02fd44411d73cfa5ce415cec128e
SHA512d55b52f60ddd3db5620f3da5e88b314d6d943dd6c2ba0c1f78ffee9898c546004c37ff99bd240197e831b3f25907bcc881399b5ae4b755d8b7c63d90aff9ec3b
-
Filesize
1KB
MD541c0f631c7020feda776e752e7613db8
SHA19c4b5ca6665021f481970a70c8a7a6b73eee021f
SHA256d8bd55862956352acbe2af93f4cdaf1fd07313375343d1a58632c0841b204a17
SHA512df12fa00faa29932655811154ed07a95117e381b3dc08bdc34654cd9ab66603beb873ddba97b8c74eda09918ddeb1a051b32bfad847edfe0ebc85a9ed7cf9944
-
Filesize
1KB
MD5a78e4680befca6ef07dde45471bfe992
SHA11b047f3c51aff76ada15a8955b4f9032bf5a6901
SHA256faaf4feb87ac47d1e52c567cca20473294859919b8173e5fa5f88ff6baa5fd04
SHA512ad3fa3ff07dd2c2fe706297f80cce499a4a8439375558a9bb9c860a05a6119955d4294cb084aeabe7c58504782d3a31724aa00bcef65a27f9257c11baaab957b
-
Filesize
1KB
MD5ad18fd014bdbc03b7ed46f6f37cec537
SHA10e4b10d5a49864b0181026c3118774deec5009cc
SHA256f6ed64c72c86e0b531742c5419c71af7d1440aa42ce9aab41945db95ec9b2fed
SHA512a1de121d767a0c1a86baa5edefdb07e9a454d3cd61f69eeb6bb9068379a63f440f75b3148cb94ee095a94b2a0003e3b6d51d773043c907183c137f356a72c225
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5e33d24a1c6bddb4f6392266603e8ea45
SHA1638748ec6d2efdb7d7f58fe15de1a10a84894fb2
SHA25652c57d02c89bf501f0432cff90d013de10e170524c89a501e046cf2f9f182fe5
SHA512c13c7d163d719dccfa5db8ed4b5ddc0b9c7d5636c4d7e4279c3b43062e8f933f3895cc3e40fef4bcee15267b2a2e11603990397e376c6c1c9981a816f64482b1
-
Filesize
10KB
MD5ef6cbad2b3a90688f3bf27ed09f10b9c
SHA1ba3faa47e941d4449f9357342d4e18df1d1d13a2
SHA256ac6f2864fe7f08edf51fee1cafb2734402bd0a9824c589079228857e713b01a4
SHA5125614cac1c52748931ef070fed97716478e7533948f97631c085bb29cfc64e5357c590c8d1cbe5af1d61b82b146a386a9eaba589bd3ebdde3dcb18c682c80bcb6
-
Filesize
10KB
MD56b7e3178721f4f7c6fca8ee5a34783d7
SHA19c59dca54b850a78d5de05ab56acd31dfe8aada3
SHA2568f56d5f73f01687c276be317a5ade7bf7e45dff8cd39cb15c094588381380577
SHA51257148b86e6e53a1d1148184b621aeeb529f0146a7da298333850d3bb2989427c676fd3ffcd81f73fbe592b3b8f2556abeae3cafa6324e3da4c7e5f8d24c113a6
-
Filesize
7B
MD54047530ecbc0170039e76fe1657bdb01
SHA132db7d5e662ebccdd1d71de285f907e3a1c68ac5
SHA25682254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750
SHA5128f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e
-
Filesize
39B
MD55bab23550d87f5289492508850e965b8
SHA1753ba866033acefce32ce0b9221f087310bcc5ad
SHA256092680746cc546b40d62a2c718599c2031fc590fff2f72e08b8a357970619474
SHA5122518bce1ed90225be957bb038549e086fb541e32a377d912571da0b29b59effbabd75dba82ce37f74ee237920a6c8614c62865a013004f18477844857db7a399
-
Filesize
2KB
MD5a56d479405b23976f162f3a4a74e48aa
SHA1f4f433b3f56315e1d469148bdfd835469526262f
SHA25617d81134a5957fb758b9d69a90b033477a991c8b0f107d9864dc790ca37e6a23
SHA512f5594cde50ca5235f7759c9350d4054d7a61b5e61a197dffc04eb8cdef368572e99d212dd406ad296484b5f0f880bdc5ec9e155781101d15083c1564738a900a
-
Filesize
136KB
MD570108103a53123201ceb2e921fcfe83c
SHA1c71799a6a6d09ee758b04cdf90a4ab76fbd2a7e3
SHA2569c3f8df80193c085912c9950c58051ae77c321975784cc069ceacd4f57d5861d
SHA512996701c65eee7f781c2d22dce63f4a95900f36b97a99dcf833045bce239a08b3c2f6326b3a808431cdab92d59161dd80763e44126578e160d79b7095175d276b
-
Filesize
32KB
MD5eb9324121994e5e41f1738b5af8944b1
SHA1aa63c521b64602fa9c3a73dadd412fdaf181b690
SHA2562f1f93ede80502d153e301baf9b7f68e7c7a9344cfa90cfae396aac17e81ce5a
SHA5127f7a702ddec8d94cb2177b4736d94ec53e575be3dd2d610410cb3154ba9ad2936c98e0e72ed7ab5ebbcbe0329be0d9b20a3bcd84670a6d1c8d7e0a9a3056edd2
-
Filesize
532KB
MD500add4a97311b2b8b6264674335caab6
SHA13688de985909cc9f9fa6e0a4f2e43d986fe6d0ec
SHA256812af0ec9e1dfd8f48b47fd148bafe6eecb42d0a304bc0e4539750dd23820a7f
SHA512aaf5dae929e6b5809b77b6a79ab833e548b66fb628afeb20b554d678947494a6804cb3d59bf6bbcb2b14cede1a0609aa41f8e7fe8a7999d578e8b7af7144cb70
-
Filesize
192KB
-
Filesize
468KB
-
Filesize
192KB
-
Filesize
144KB
-
Filesize
144KB
-
Filesize
192KB
-
Filesize
468KB
-
Filesize
192KB