Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
18/03/2025, 19:38
250318-ycrjca1kz6 618/03/2025, 19:35
250318-ya273a1kx9 918/03/2025, 19:32
250318-x86gpsw1hs 618/03/2025, 19:31
250318-x8flaaw1gs 318/03/2025, 19:29
250318-x7f6es1kt5 1018/03/2025, 19:25
250318-x5evks1j19 1018/03/2025, 19:16
250318-xyyn4swzdx 818/03/2025, 19:13
250318-xw6a6swzb1 1018/03/2025, 19:04
250318-xreyeswyfv 818/03/2025, 19:00
250318-xntmeawycw 10Analysis
-
max time kernel
210s -
max time network
211s -
platform
windows10-ltsc_2021_x64 -
resource
win10ltsc2021-20250314-en -
resource tags
-
submitted
18/03/2025, 19:00
General
-
Target
https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe
Malware Config
Signatures
-
Chimera 57 IoCs
Ransomware which infects local and network files, often distributed via Dropbox links.
-
Chimera Ransomware Loader DLL 1 IoCs
Drops/unpacks executable file which resembles Chimera's Loader.dll.
-
Chimera family
-
Renames multiple (327) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Downloads MZ/PE file 1 IoCs
-
Executes dropped EXE 2 IoCs
-
Loads dropped DLL 1 IoCs
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 25 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 33 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
-
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
-
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/MrsMajors/MrsMajor3.0.exe1⤵
- Chimera
- Loads dropped DLL
- Drops file in Windows directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x264,0x268,0x26c,0x260,0x288,0x7ff9e971f208,0x7ff9e971f214,0x7ff9e971f2202⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1928,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:32⤵
- Downloads MZ/PE file
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2312,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=2296 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2332,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=2416 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3500,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=3580 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3532,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=3652 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5404,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5364 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5412,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4928,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5084 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5864,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5864,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5724,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5644 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5720,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5128 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5732,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5744 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5460,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6120 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5948,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5244,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=4868 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5692,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5988 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6116,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2872,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=3380 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=3496,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6156 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=5652,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5136 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6372,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6440 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6332,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6836,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6892 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5008,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6728 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=6964,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=7004 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6404,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7260,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=7308 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7384,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=7480 /prefetch:82⤵
-
-
C:\Users\Admin\Downloads\HawkEye.exe"C:\Users\Admin\Downloads\HawkEye.exe"2⤵
- Chimera
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6480,i,3879679834912732594,9186687274245365787,262144 --variations-seed-version --mojo-platform-channel-handle=7496 /prefetch:82⤵
-
-
C:\Users\Admin\Downloads\HawkEye.exe"C:\Users\Admin\Downloads\HawkEye.exe"2⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
Network
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD58365ff0c9ac7d050b416d468915d5a6b
SHA102034d8a11693547293f08dfc42a1fe78153da8d
SHA25608bf961fe776c850723845212247aca07305e2524f403ef56c2a9a821b12f8ef
SHA512876fe89167f8b04421950b69128613556e9283231eab5554dd4cf124d16a2d37a77afbcbd4e9d09dc6474ab5f48274c26f5b5586c75293682faac3499da96aa9
-
Filesize
280B
MD5aa9afd16e8041e8c80250b50ea6899e4
SHA1a3a698d431952253255c343f2b35f74e73e63088
SHA2562bd7f856d73f78bc3a4de32b447b21babad42c009b19fcebe2f8cdeca2380926
SHA512344de0888df8851d957ca6fab055eb9e2f1aa6d958022c2c30442cd6aad4d158d0a99f8908184abc60fb1e0ccdd3d9395d8c0d37fc317d3700974c3348d4a5ff
-
Filesize
331B
MD55323e48f692fd88e61cc5d7067364014
SHA1c8f0b4bc2478d5371d7a42e7de3151db9b1f1f72
SHA256fe819fd7b9e3ea216903c5337ee805b34501722aa8e5a366180236406c7b9b23
SHA512c2dfb89f0443a6e1940023472b75232b2e88e18200d34cd32d7ea0063d313af57bdd884ecc0a1e847c64809769b60009aef4dfb531ddfba9bc268c4a7cf1123d
-
Filesize
5KB
MD553048eb3b018f86cd0f48a22fe847f64
SHA1f69046d9638c8e4542dd97811945ee0f05bb629c
SHA2568d68e56424861dbdd61c5a443490728018e4adc1404150789f4a356d03073dca
SHA512f291aca924d5fb5df664ab3e47c27dc6a9ece308654ac636d564f294041651183f768a82fca5f8497233f2d9ad5f7759cda7a5643759373ee5c0dadc70743306
-
Filesize
5KB
MD5a688e6eca582f9c6eb0eee590c188f82
SHA1d5c952c26347033581390f9c4b010fe4f98596d4
SHA25679c8cd123e785dbb7cc99714e69ed0c5f5514850a106cf9abfa75116b820219a
SHA512eaa8418cf1c8fb944e51d6b703abb26f795f0c4e81e2592adfd62a86b891b97a03b5b986ed47fe7dc161f8f9130b9ac1e7225e1dd04d3dc4b1a8ef3880b4d672
-
Filesize
4KB
MD58c38c95f93890dff0ebf61d9f91d2fc2
SHA183fe55257f76f7e8c0b16efe9014e5170feb2e97
SHA2567f466f50c672e507edcfc23584ca8b89ac65bc9de5505c9683a760d98c975c74
SHA5122d2fd0c7eaf2219a1c024cb2d9a1f6f2842a69bcfa27b8a635f1354d691a6cbd376b37312d312872fadb7b51b80d112c17b361b692e75deb9ecce616c0cfcb86
-
Filesize
3KB
MD52e15cdd4f2011e8db1b378f3a0979690
SHA1ba536f6df50cde6c1cef2e51aa9770bbc6b761b5
SHA2568a44734fdbed017dbace204d626273b9ff7ae0afe2f878849f069192820ac267
SHA5123f9e01c0f272ac76572e51922540027129bef796474f31d3bdf07a809bdd767dc11195dbad63ece29d7bae988ab42a6c8b80af095ffbdab87111a1110cc34cd6
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
107KB
MD540e2018187b61af5be8caf035fb72882
SHA172a0b7bcb454b6b727bf90da35879b3e9a70621e
SHA256b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5
SHA512a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
2KB
MD55e385552286a476e8b2c5d8c6d86f633
SHA1f379e2fb9119a9aa79f7cf1e71307feffcfb0fd7
SHA25650e153dd515694e508dfd8ac30d140b511de84a2238270f20ede5ef8c8ca255a
SHA51218666e058f2b7559a3f06a788d7cc4e25ac54b2099d044f0ae1fd8b657c12b7f3a3f069017e0b272ba2febf21f6295b82894aa6e66aa5b898401ec7a35ff50d2
-
Filesize
4KB
MD5cf763a9e6234818943dd497b7ce71d7a
SHA138ae71efe96f62f6ed555ae4cb3234bfbb3f0914
SHA2566f1cf00351610bc237417d148878cce519cde358cba6aa5058b54f2e3fcbc8f8
SHA5120108c501c3a5aeb1a440882dd309e3e568552911b96240ded998bb679c5f9b5e5f30d6f58e115b65caf0034bd2e60e00958286ccdbcbcffb4b063cfecb41551f
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
16KB
MD5f343e72a8e982fd05f578431904d4c41
SHA1cfda333515efac408a2d08cc6565046d414fc80b
SHA25677f3064997d506dd80fd012a7e8268881e22850f5b18cd65ab221442d608d6f1
SHA512ecd36f321c471b149f5341d6ab8c1896e8a88f9ea963e80905cc4d19f22be0a6355f947a614077e2d3734f87114b50e72c224140242c7bb04449b89ba86c8b9d
-
Filesize
16KB
MD5dccfaeebf225c7127ce804da02c545e2
SHA15c81e6d8f8afd7fc096da81d6ce8f0ae64a78908
SHA2560c18fdbbbe011625cf18adee21fb99c99e6ab37f42b6962e580ae1fa6832101f
SHA512926af89033b20db2014c778b0b66e1c2a8f8f9e82a9ced0d2e7c4fbf513981129dac8295c8e0463f7fe538ef6c09f882067f7d1b59d764bf35870e9ab0880eb9
-
Filesize
36KB
MD513ca812d5889671142d1f98ffa0dfc50
SHA1aa790fe8e2eb67a38ae8e4cd3c052e244ba2d4c4
SHA2564c5af65e925e16895eba7cbaf65274116d52170a039509260595f94f664a0ba2
SHA51264017b998dcfe38ae4765fc70fad74be51f3b9940729f61882df39ba5040da61f5a9a83850e611077ab3cf525a02b74e8e877aad9c3cfb532f304d269095069d
-
Filesize
22KB
MD5244d09e2929caf4a92e06a1d28846687
SHA1905dfc95e462740a7287a78165db42d702ecdd89
SHA256b4da5d2899bd56d7e6cbe0f926836caaecb090a57525418dd8a9cc8c7ff82a62
SHA51290bb0d0c850f5a9b4e3d0fc1cd1b740779c730a6a2702d33a10cc6ff210a814eeed1bb20e8b149eb50536c67a2070a19fe4f9126398597de3832d8d6e67c55e4
-
Filesize
465B
MD5d17c50e4423ff7dd6669186aac406f0d
SHA16fbfc5b491464f99c514454afaa9581e5b9818ec
SHA256618e362cceb65cccb34aecd18cc6fe49c5438521b58a77843a2362cad2f573cd
SHA5123406d77987eca1539aef7e1b39c0fd4111f7980cd887bd24d216f0dc3a36fc8be17f4cdc29b87e7bcccf268b062f20c02dace94c365bfafa63453e11c94d4f3c
-
Filesize
896B
MD5e46255e377aa22def8456a64a777a2f2
SHA1d0a95557c01666415d9ce2c3006eb2921ed90068
SHA2566d9f224bdf22fbf1de1fccdf2582417ed84524190a8d5ea8fc7142cc304368cc
SHA51206305a58d6de03fd22d7fd370ab0642c6b657d3d626ea2e9940fd9b507812d7550ed1d3539453929593bb1b9d0391f6699963546bacbc2ee9a4b9de14d6f6219
-
Filesize
18KB
MD558ec923f385c1fac0bd09f7eb2453cb4
SHA11e0ad7fe51a7b791228d289aae471e0617b44296
SHA256541923b20a07f640314600fcd43465b77d6b0d5be7ae214d1b6ae63be0662cd0
SHA512ecf470c753b00e0eb8ac5683b2d49914ac3397aa37f3acec46413c470edf59f87a45fca464a794cde61d7337ff3b9b6af830ee8c693da57e0692fa0afde56076
-
Filesize
19KB
MD541c1930548d8b99ff1dbb64ba7fecb3d
SHA1d8acfeaf7c74e2b289be37687f886f50c01d4f2f
SHA25616cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502
SHA512a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75
-
Filesize
49KB
MD59e62b3c4ff7a3ec68e8ea6acc4a5a4ed
SHA1e974c8e0684fbcc9a2b4a2f2cd22ea19d4afecd7
SHA2568353628fe9839595165781c66c6ea5e5bfc5923eab409bf2b791bb0ca1e0dd4c
SHA512981f9963b551065b13682a16a4c3f5f4eb75898af9e70f9f0db83f03f7d83ce4ae2460f018b28d7c67826a03a03a068273012a5e94450f3dfbb5a674bd898454
-
Filesize
55KB
MD557a664cccbd9524cf49718c2c4ebf981
SHA1a77e3e1cb4b39f1e49d93b023a5ad9dff6ec776e
SHA256426a66b72b886e96e7dbb496d5bbb8f23e454d1795c65bde43b003308cb42074
SHA51234b1677d722d78dd8cda2a490ba3c070187a033baad8902efb9b0bc923161a7b67c71be292174bc20a03b930e78537013d5ac148faf1d12ebba5c3feb65b19e5
-
Filesize
40KB
MD5ea2085ddb869e02bfa5920a2da248fe1
SHA1916e49957a4af40d0ad0535fedf0eca44d0327f0
SHA2561616fd94649bf1fb8afb1187aa32e837cef089cfd8bee984e4b19eb001e1812f
SHA5126a175180f5bcc4d96df120ba3c55d2f5bcc3d2e433d2b4c6957639d6a55f28d44ec2173f8088861de754f1ef5b552df07e8f4b5ba5ddfb4ca0349be3ef4a1576
-
Filesize
54KB
MD53db4ef28d3859e2da91aeedaa69e8930
SHA167f20b731c7b4a00788a09f1947c122ce8bd7217
SHA25685da617e1c51ed8899c187ecc72157521fb93a8da501e203cf6993650633b6af
SHA51200fa4f03ecd4c68e85d8dfb6d531ef5910ed6a6a005145d91b756b50e5e7755245cb661fd200c82e97c3f764b009cfaf62bd597c2c0da776b6dfc91360209e39
-
Filesize
392B
MD5949036779e1e04bd9ba4b2194b8c7f7b
SHA11f1d4c5c6278c7814bd1d18e4e94a3cdc0d48bee
SHA25688eed90e289c4d92825944edc56a9c1c60a7f44df492f5fe05a47fce2eb5194d
SHA5124d872d29e068d787183b17c31932a960d664dd24478348b171aad86fb1acdeb54220c1f442ae6fc35ee5d261fdfeedcc93abc4880be958ee0ecffd3630808dd4
-
Filesize
392B
MD5d92938b89bc60a20ca7e5a2732c32b11
SHA10be8c4e318c84155ea7303a8e098601ac20f8f67
SHA25612d21e32fae65a3e89e37830a9f748fb55d854aa11afc1d35140426e47b6087a
SHA512de519eaf7ff383339aa3d7ea50709c48d9eec0c97c333a8d0c1bc8bd1298a7a4eb08cc035c1cd75e7cadfcc7d9a2f18cac3b020402ec9f075f7a6c7884394d6a
-
Filesize
392B
MD5da7572eb4c9ae20e5a096756aa91d87d
SHA1120f8e3279ca807a0e4f951ade2544df7910ba8b
SHA25663acd7128aad504879fb216bbceecda92e6c35896801c66c68a0b5e47078a46f
SHA5129dbbe48a262a87c184660d4e417a113b12ab26f3dfb35cee04913dd266dbb86ad54e80ea43a8c01e4928f4dc6412d4aa0f23e36261259ad586a3e21f3a3cde78
-
Filesize
572KB
MD5f5f5b37fd514776f455864502c852773
SHA18d5ed434173fd77feb33cb6cb0fad5e2388d97c6
SHA2562778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e
SHA512b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6
-
Filesize
2KB
MD5b41c060f299e88c642de6a5efac3613e
SHA17c9ecb17a6e1ad9d2872ec44c67e38c436e1824f
SHA256630d6267f95917693e696897df2591c7931c87b6adf96b0b4b9cb4c1048ed258
SHA512f97bcad9c7a6022c1df25c56995f50a31da36df20a750178a863518781bd0a87d212b09bf7025a63fb8ed3d91688f60303d940c009243ca6271f50116c445ada
-
Filesize
232KB
MD560fabd1a2509b59831876d5e2aa71a6b
SHA18b91f3c4f721cb04cc4974fc91056f397ae78faa
SHA2561dacdc296fd6ef6ba817b184cce9901901c47c01d849adfa4222bfabfed61838
SHA5123e842a7d47b32942adb936cae13293eddf1a6b860abcfe7422d0fb73098264cc95656b5c6d9980fad1bf8b5c277cd846c26acaba1bef441582caf34eb1e5295a
-
Filesize
64KB
-
Filesize
104KB