Analysis
-
max time kernel
99s -
max time network
151s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
-
submitted
20-01-2025 18:09
General
-
Target
https://devpost.com/software/soundpad-crack-14qjol
Malware Config
Extracted
vidar
fc0stn
https://t.me/w0ctzn
https://steamcommunity.com/profiles/76561199817305251
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
Signatures
-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar family
-
Executes dropped EXE 4 IoCs
-
Suspicious use of SetThreadContext 2 IoCs
-
Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs
When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Program crash 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 3 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 64 IoCs
-
NTFS ADS 3 IoCs
-
Opens file in notepad (likely ransom note) 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 14 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 2 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
-
Suspicious use of FindShellTrayWindow 55 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
-
Suspicious use of SetWindowsHookEx 16 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://devpost.com/software/soundpad-crack-14qjol1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa3c4a3cb8,0x7ffa3c4a3cc8,0x7ffa3c4a3cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4760 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6424 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:12⤵
-
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\link.txt2⤵
- Opens file in notepad (likely ransom note)
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1840,17692270672670695731,5253450816769554898,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1172 /prefetch:22⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Unlock_App_Pro_v2.3.rar"2⤵
- Subvert Trust Controls: Mark-of-the-Web Bypass
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-
C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"3⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"4⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
-
-
C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"4⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\AppData\Local\Temp\7zOCD7D5949\Unlock_App_Pro_v2.3.exe"4⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2896 -s 8404⤵
- Program crash
-
-
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\7zOCD735B29\Readme.txt3⤵
- Opens file in notepad (likely ransom note)
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2896 -ip 28961⤵
-
C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"1⤵
-
C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"2⤵
-
-
C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"2⤵
-
-
C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"2⤵
-
-
C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"C:\Users\Admin\Desktop\Unlock_App_Pro_v2.3.exe"2⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1352 -s 8522⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 1352 -ip 13521⤵
-
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca1⤵
-
C:\Windows\system32\BackgroundTransferHost.exe"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.131⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
734B
MD5e192462f281446b5d1500d474fbacc4b
SHA15ed0044ac937193b78f9878ad7bac5c9ff7534ff
SHA256f1ba9f1b63c447682ebf9de956d0da2a027b1b779abef9522d347d3479139a60
SHA512cc69a761a4e8e1d4bf6585aa8e3e5a7dfed610f540a6d43a288ebb35b16e669874ed5d2b06756ee4f30854f6465c84ee423502fc5b67ee9e7758a2dab41b31d3
-
Filesize
344B
MD57ac7ff0af939af20b4c249825d91cc7c
SHA1f2fca96f084903642a67f44443b5bea851a0d3c1
SHA256d19928671a68a83ac985d5881aa45bea0cd35789adc8103580a4d10d67028f3e
SHA5129bccdcbd31bd0297ad3feadb230212e7ad4c95f6c9f784008657233d9c3394e12c0d2260d5cfba16d07ec954a242d9d0ee28c7bf370f9bcaa8dbd401178ebaae
-
Filesize
192B
MD5e2d412840e8276a5d452dc3ee0c4401f
SHA14911f35c76683bcd87fcf01161288aca705e955b
SHA25649505e6236c0ae40a7786cbecc9a82ff14010e31cd7995c7ab3e9852a2a9a0e3
SHA51217b52b601720c9a6c047d36121ebc2b3339be7e31760aa6510a338322629bf0968e04b531bbb57d01a7b16f17d06fb94a9882ddb714ffb17c0e64f777b290cc8
-
Filesize
540B
MD5e027ca9c92d843fad705484cda745bee
SHA1018ecefc1618aa837d3ab4b2d5a2aefd354e1edd
SHA256ac016fd7640370715d54fef426472fc9cbfbf76fbfc695333f7003c5326830a8
SHA5125d07c7a1dbe19fb50e5faf365d55e4d07d0aed20eb03b5cad492b6b4b98d5a6086532463d8d0f9c139d3c577ecae3b73d5c9f53c0ecb261e3893e462f5c45261
-
Filesize
152B
MD5fdee96b970080ef7f5bfa5964075575e
SHA12c821998dc2674d291bfa83a4df46814f0c29ab4
SHA256a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0
SHA51220875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff
-
Filesize
152B
MD546e6ad711a84b5dc7b30b75297d64875
SHA18ca343bfab1e2c04e67b9b16b8e06ba463b4f485
SHA25677b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f
SHA5128472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e
-
Filesize
408B
MD558ac7c2424f32a631a2e708f82bfdc94
SHA192225df36a3759b5c2cdce3aff2149caacaf88ab
SHA25691293ea245a954c205753b5d191de9daf2d9bde9454dca562f788991871b08a3
SHA51266b7af34bbb060e9a45ddd7e799dca159ac9d25875fa8bbcc31b17b9315830f547815b64c772b43c23059fd7d73afc8277efc695d89488c12e1c81ebc3a97f5a
-
Filesize
2KB
MD53dd52a267af2b438f059c7fdafea80ee
SHA1e341c4d512dd6311b8a84069a0680f9426361133
SHA256209fb7de92092d9a86673588a5d2c74b83f398dc747bd24f4a2bb0ab3625dc6e
SHA512034f8cb16ff812bb1e54611645f0f57a804430fbb27b84b7cf4b0d20e9a4a06bd3060d1011c8a96dc0077db25f3c2575b463d02c39a749bafa5c0a772d47b2d9
-
Filesize
6KB
MD5d27894d840d00c5da8958494b6407105
SHA17e92775acbeca1e24184f67274d87bc8b8aff1fb
SHA256aaa12f39a9659155eac0e77ccb6a4bd603d1cbb2f5b7f231b4636fe36c715343
SHA512416c9b218b270486f79546ee8b3a66e40838272265113e8f1c7072f3a0007dde5e3eddfef1540684171d4ebaa01df918c1805581fe2298b7492273e68869f421
-
Filesize
5KB
MD566e4abb0a7dfb008a2a6ba3b5a5ea469
SHA1ef7e8a68be59c3ac25946fc0ff0140a6adbe2afc
SHA25639247bb8e95fe99743e4e7f328a79ccb467082a2e94099b8041e6ca4f497bb8a
SHA51207cb73d1ce1e53ef74b3e66f93757bcfcb8c37be62d215a49fdb925dd33a42034461db5a1ff8e99ceddcd39f1fe0edc1d8d5844c7b67dfe6cf1ea2fe251d2af4
-
Filesize
6KB
MD5b00906dc9e840792ee733ece46240833
SHA15062774d0288e271c1a0eb5538dde27cfb9eb2bf
SHA256be5009f8c8ff84ae4c15f8372de2fa8dd755d8f76a3897fe718b9fb6024991db
SHA5123255f7d1bc940b8fd0f5898ad8a33ea8a641a3a975394fdfcb0c6a6176e77ca97782deead0e508b37c36d27e58ace49667d4605416cae44fa55121da2315e90c
-
Filesize
6KB
MD531a16694c270d16166f94666ff008898
SHA12d9ff75cae8491deeddeca69053e5780b0fa604c
SHA256888a60845dae36680f84cdf46d6a7ae82449743b015f0e4b66a6b9fcd5513edd
SHA5127fa1a069b0160d277cbfb819c5766fd39b8187325e1918aaf75be99e9925467f58aebf7bbb3789bf5eebca8698af88cb59361ab7ee1f8bd3f103a2141979b5fd
-
Filesize
72B
MD554f60c2fdbdda4bafac83a41cd2fd114
SHA1b8a31c9acf5b87703a853ff25a39d43e4d0dd73f
SHA25605d110a9f327633a4ef6ec107644274d11031cab90e876817eec791d8a7aacb4
SHA51255a6456a89fdbd941351a9c8748062d16d36679537467d2f160856f939765466e4113110780032c33e4a9332b3130dc8a6ef6d5f2bd2e483ff5e14bd3070980d
-
Filesize
48B
MD508b77df0d1cc40535940e28a88e0b5fa
SHA1675626ac6bdd3da2bba9905643c96b6169e6e3a9
SHA25631921111eef734ae03099d81d75461bf6c3ff22579311fe13fdd3f569ffe5d5e
SHA5129881b9c2d12220a9c2272161f031a0193249fb1a465f6d25b9ff8cc3fd2104e45d1d7c8f9a04cb481ab1f537781e93e230e082a0c4bb68e8592e3e0b1fda2b1c
-
Filesize
1KB
MD5233203473a24324633d7c8b0d1e1def3
SHA1e3f984f3bc83a2aaeb3c532100e864f5608829f5
SHA2564b19ed6898a6f431e3e13b7f2a91394456b138c2d8a658e854c68ff8044e3df7
SHA512aeb7b5e2a495bf6aeae21134cf4b2b9e4af7a00918f3503f449cbd7c4a90e0f0906f304c1a257d626294276fff57c6123ad29667d2cd056fe44081df26de44d6
-
Filesize
1KB
MD54cea0bb169d9518538fb329a261eb709
SHA12236eff0b4a6551e07194741672cdb3cb659cdfa
SHA256789bf7127f41a58990996d752a29e68daf3b16675c0cfbac642022f11086ad69
SHA512a0a7df8c4aa0cf5f18659dabc0e019931157d7dd22c23eff1dd755cdfa69388b93a848538c7fc2e4a0edc6001d338e9f1d19a0c8e030ffac877835197b256953
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5e2b514c03b31a1fe182809085ad54678
SHA17b51860ca24ad275446d03e08025a7e64238a24a
SHA2562dce489f554e8f88247637ded7f0dcf5b0cb46b0146c5111a657e13ad0bffcb3
SHA5125ade4ad82d0e23b73c3f0683efb17f543ad411d8e5cea9ff60337b24735686245c8eae3c65d7eaaa4ba1e5d473ddb2879b3e3e6931ca177ad5426c51af5b841f
-
Filesize
10KB
MD5a8e9560cae0efbb2ef6e24a503f43e52
SHA1fc799e254d6cbdc133f027b7fcdef4a3128f687c
SHA256ccd1f1d6bfd8c919f39b765c5e233b943217083ffd2d4469828b3ff039c92562
SHA5127cfed80506a94b690587c02e93d409a6ae7e964b2502aef9f798f7c4fa5d15827f5f6e5925f14c829caeef986b23e76a1f060b00f3b646c39ad63d9f4984deb6
-
Filesize
10KB
MD5e64e9fb18a1b3b5bb7452dfce1a60c4d
SHA19d65efcece54628643455863f9552091f9a4c7c6
SHA256baa76318ae1834b8a9fd6f5ce3ae1721fccb7ba56824150659850ef492933041
SHA5120e06b2742bbd120eb479718ba3cbaf093da7210f19168af478e5ace61830885b28bd57b8839852ed0b562a4c9946c934b45767670364e62e9aa4ccd84004d758
-
Filesize
10KB
MD507eba69cd45bf4d7fcad2299cbc2de9a
SHA13d73043dab714ae33934e0c9e61d56fb89a42c4c
SHA2562d667cec5cd155595c976378c3256b4fd5d3b463f13a78339d608e3d4539bdb3
SHA51279088aa0cc1afb1d23497e63f3b4309efb925e5aa9a1d288cf7fb548f88d5243c37a0ef6471d510c259cb7681b4910f790d28023471ca5adff464cd359bdd4d3
-
Filesize
11KB
MD58eb38e7d8d9c8bdeeeff8cc2a43544fa
SHA12b6f2d1873f84b51e581c92a5901ea1b63168926
SHA2568da30f053ebd81cfc5b9275fb9718255cdd3d13043e3a29ec971e56583ba0b5d
SHA51283a5472c51f58538523b3ff3e97fdb904abb0f851c2e3735b7c7971247ec961df45cb4685e2c0b3b9697bfd9daf7178f2fa573e985ec694a740a793ce77c714d
-
Filesize
106B
MD5a40d0d11af2972002ae9a78c41e2a990
SHA1d61bc7c03e4a9891b1f735b5eafdb0f05cb60610
SHA2564748338b6b8553a5049e7177b2205904ac50495b263dac36db2f1314e62453c8
SHA512acf6d6ef2311ace4f62974595d1d117065034fd549d7adca56aae26a8a3104ef9d09cac1cf0f8bd8314a9f9340480cbbb066540d668527bacf91495e3da8f834
-
Filesize
397KB
MD5056e999d4ba1027c69815aade12368b7
SHA125fdd923175be73d4f72e45b0a9b8a97874ea9fd
SHA25675dc559f87e506726e1a63df4d980f580f5076aef9e912d3346cb2e7e30cc6f8
SHA512b30ec438a4a9f267cd6a52e1d70141d356beb578ed67b8c1dcb628c011e7c17cca445feff323b8161b8694a5a7e45c24d6b98ced88a006aa9a33192bf81ee8cc
-
Filesize
271B
MD5012e86f5d2c758460e605e51f61a0650
SHA19b02cc122154d8437c717e26530bba67a2ad7e2d
SHA2562b19b809e76ffdc7c5ccb592a6ace3d4a820efd4c499eca110aebf888091c2ba
SHA5122ad338c286cab4a90aa0a93be04015746d734bd648484fb2f9ff31b1f1bac76dca34c7f05031e15cd9b16393240701075977194589de11578234c525343e603a
-
Filesize
26B
MD5fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98
-
Filesize
146B
MD57f16e4e412447ac4d78ebd64b38e3dad
SHA106e27aae0b7bdb8972882c28f24d73756c915788
SHA2560d1bb60245a3f62232db720d20e9b55eed187d31cc426dddbf82db5b91fe5224
SHA5121c3d0fc1ddeb1a4246929c5069a6773f9b3458ad25204dbce6c06e92aa43ef4fdd960aaf197f482ea66c50af25eecca3fe26f57a3393d5a7da967ec4873ab5bf
-
Filesize
152B
MD50994e57ab1b7e7b9e5c6b1d887fa062c
SHA1f2f71d489d3ba9974cda73fd5ee89a926909d29d
SHA2568c490c51b724d3508aa3f1f7c26a42f8e3fd83a069f2cc5468537d20f5e6307d
SHA512cbb4549bae51e5c153aaece7366ba58119ad3d91eec0b7c4f28f4aa16290270541625079bfb56bc2aa2b450c638310462156f7216ac249a0c265300269511a2b
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
5.6MB
-
Filesize
416KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB
-
Filesize
384KB