Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
21/03/2025, 22:07
250321-11tpqavnz6 1021/03/2025, 22:06
250321-1z4tasvnw8 621/03/2025, 22:02
250321-1x5b2s1vcx 10Analysis
-
max time kernel
534s -
max time network
527s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
21/03/2025, 22:07
General
-
Target
https://github.com/quasar/Quasar.git
Malware Config
Extracted
quasar
1.4.1
Office04
brian:4782
3d55a3f7-d051-4d0d-8464-919085fe61f9
-
encryption_key
E1D8724EE75A756025454A9ACEF36841E7972BC1
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Signatures
-
Quasar RAT
Quasar is an open source Remote Access Tool.
-
Quasar family
-
Quasar payload 4 IoCs
-
Checks computer location settings 2 TTPs 3 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 8 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 11 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 3 IoCs
Adversaries may check for Internet connectivity on compromised systems.
-
Checks processor information in registry 2 TTPs 7 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 9 IoCs
-
Modifies Internet Explorer settings 1 TTPs 4 IoCs
-
Modifies data under HKEY_USERS 3 IoCs
-
Modifies registry class 64 IoCs
-
Runs ping.exe 1 TTPs 3 IoCs
-
Scheduled Task/Job: Scheduled Task 1 TTPs 5 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
-
Suspicious use of AdjustPrivilegeToken 9 IoCs
-
Suspicious use of FindShellTrayWindow 48 IoCs
-
Suspicious use of SendNotifyMessage 36 IoCs
-
Suspicious use of SetWindowsHookEx 16 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/quasar/Quasar.git1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x258,0x7ffe6b38f208,0x7ffe6b38f214,0x7ffe6b38f2202⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1884,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=2812 /prefetch:32⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2784,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=2768 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2312,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3084 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3440,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3464,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3524 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4740,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5108 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5064,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5040 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5472,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5480 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5828,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5828,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=564,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5836 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5888,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=4112 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5844,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5036,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=2560 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5836,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6080 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4708,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5108 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5220,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6204 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5012,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6280 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5140,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5028 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=5356,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5800 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6308,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3316 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5108,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3316 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=6504,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6440 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6220,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=6588 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=1012,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5032 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3636,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3376 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3636,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=3376 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=3508,i,3889484555378769840,15609259957572328779,262144 --variations-seed-version --mojo-platform-channel-handle=5300 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window2⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x220,0x240,0x244,0x224,0x2f0,0x7ffe6b38f208,0x7ffe6b38f214,0x7ffe6b38f2203⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1912,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=2232 /prefetch:33⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2188,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=2184 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2580,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=2728 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4236,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4312 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4236,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4312 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4400,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4408 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4812,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4848 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4828,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=3136 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4836,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4904 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4884,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4880,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4448,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4484 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4588,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=5020 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5024,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4444 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4372,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4356 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4008 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3840,i,13659608419602973885,1057023610643981276,262144 --variations-seed-version --mojo-platform-channel-handle=4572 /prefetch:83⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
-
C:\Users\Admin\Desktop\Quasar.v1.4.1\Quasar v1.4.1\Quasar.exe"C:\Users\Admin\Desktop\Quasar.v1.4.1\Quasar v1.4.1\Quasar.exe"1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe" /select, "C:\Users\Admin\Desktop\Quasar.v1.4.1\Quasar v1.4.1\quasar.p12"2⤵
-
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE"C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" /n "C:\Users\Admin\Downloads\ProtectWrite.potm"1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\Desktop\Client-built.exe"C:\Users\Admin\Desktop\Client-built.exe"1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /create /tn "Quasar Client Startup" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /create /tn "Quasar Client Startup" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f3⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\3ruokIka6mjz.bat" "3⤵
-
C:\Windows\system32\chcp.comchcp 650014⤵
-
-
C:\Windows\system32\PING.EXEping -n 10 localhost4⤵
- System Network Configuration Discovery: Internet Connection Discovery
- Runs ping.exe
-
-
C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"4⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
C:\Users\Admin\Desktop\Client-built.exe"C:\Users\Admin\Desktop\Client-built.exe"1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /create /tn "Quasar Client Startup" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /create /tn "Quasar Client Startup" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f3⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\3SO46U30fWOB.bat" "3⤵
-
C:\Windows\system32\chcp.comchcp 650014⤵
-
-
C:\Windows\system32\PING.EXEping -n 10 localhost4⤵
- System Network Configuration Discovery: Internet Connection Discovery
- Runs ping.exe
-
-
C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"4⤵
- Checks computer location settings
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /create /tn "Quasar Client Startup" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f5⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\TqFCJIeM440r.bat" "5⤵
-
C:\Windows\system32\chcp.comchcp 650016⤵
-
-
C:\Windows\system32\PING.EXEping -n 10 localhost6⤵
- System Network Configuration Discovery: Internet Connection Discovery
- Runs ping.exe
-
-
C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"C:\Users\Admin\AppData\Roaming\SubDir\Client.exe"6⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
-
-
C:\Users\Admin\Desktop\Client-built.exe"C:\Users\Admin\Desktop\Client-built.exe"1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1003B
MD5578c9dbc62724b9d481ec9484a347b37
SHA1a6f5a3884fd37b7f04f93147f9498c11ed5c2c2d
SHA256005a2386e5da2e6a5975f1180fe9b325da57c61c0b4f1b853b8bcf66ec98f0a0
SHA5122060eb35fb0015926915f603c8e1742b448a21c5a794f9ec2bebd04e170184c60a31cee0682f4fd48b65cff6ade70befd77ba0446cc42d6fe1de68d93b8ea640
-
Filesize
145B
MD5ba1024f290acf020c4a6130c00ed59e0
SHA101274f0befca8b6f4b5af1decc4ade0204761986
SHA256551b8c76c19c654049d2d8043a79b8edb3c03e1b695cabf76b4076ed4921ae28
SHA512e55b871dd3500f30d639089cc42a4edc3bd4d26d2c4fd151322a363fd8edec82d5345751953f9b581e40f22b6a8976faa0ea7ec9fd286f73f747120c87ea7157
-
Filesize
116B
MD52188c7ec4e86e29013803d6b85b0d5bb
SHA15a9b4a91c63e0013f661dfc472edb01385d0e3ce
SHA256ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62
SHA51237c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656
-
Filesize
551B
MD57bf61e84e614585030a26b0b148f4d79
SHA1c4ffbc5c6aa599e578d3f5524a59a99228eea400
SHA25638ed54eb53300fdb6e997c39c9fc83a224a1fd9fa06a0b6d200aa12ea278c179
SHA512ca5f2d3a4f200371927c265b9fb91b8bcd0fbad711559f796f77b695b9038638f763a040024ed185e67be3a7b58fab22a6f8114e73fdbd1cccdda6ef94ff88f3
-
Filesize
1KB
MD58595bdd96ab7d24cc60eb749ce1b8b82
SHA13b612cc3d05e372c5ac91124f3756bbf099b378d
SHA256363f376ab7893c808866a830fafbcd96ae6be93ec7a85fabf52246273cf56831
SHA512555c0c384b6fcfc2311b47c0b07f8e34243de528cf1891e74546b6f4cda338d75c2e2392827372dc39e668ed4c2fd1a02112d8136d2364f9cab9ee4fa1bd87f5
-
Filesize
2KB
MD5cd247582beb274ca64f720aa588ffbc0
SHA14aaeef0905e67b490d4a9508ed5d4a406263ed9c
SHA256c67b555372582b07df86a6ce3329a854e349ba9525d7be0672517bab0ac14db5
SHA512bf8fa4bd7c84038fae9eddb483ae4a31d847d5d47b408b3ea84d46d564f15dfc2bae6256eac4a852dd1c4ad8e58bc542e3df30396be05f30ed07e489ebe52895
-
Filesize
121B
MD57122b7d5c202d095d0f4b235e8a73ca5
SHA10cca47528a8b4fb3e3d9511d42f06dc8443317c2
SHA25693b603f06d510b23b95b3cacd08c3f74c19dc1f36cd3848b56943f069c65e975
SHA512ad6fba6e0710cc26149dcf7f63143891aad4ebba0cc45670d8885fade19dc1a50b542a15b10a7604b6b1be4b8e50fcd5514f40c59b83cc68bd10a15ab2a93c1a
-
Filesize
1KB
MD568e6b5733e04ab7bf19699a84d8abbc2
SHA11c11f06ca1ad3ed8116d356ab9164fd1d52b5cf0
SHA256f095f969d6711f53f97747371c83d5d634eaef21c54cb1a6a1cc5b816d633709
SHA5129dc5d824a55c969820d5d1fbb0ca7773361f044ae0c255e7c48d994e16ce169fceac3de180a3a544ebef32337ea535683115584d592370e5fe7d85c68b86c891
-
Filesize
66B
MD58294c363a7eb84b4fc2faa7f8608d584
SHA100df15e2d5167f81c86bca8930d749ebe2716f55
SHA256c6602cb5c85369350d8351675f006fc58aea20b8abf922a2c64700070daaa694
SHA51222ed0211822f6f60fe46184fb6e5e7fcb2b3a9d2e19f25fb6e84e1ca3a5d645183959309549cdb07c999b345cfdd9a1351f3474e03fb8d451b0f093d44844d7c
-
Filesize
9KB
MD5eea4913a6625beb838b3e4e79999b627
SHA11b4966850f1b117041407413b70bfa925fd83703
SHA25620ef4de871ece3c5f14867c4ae8465999c7a2cc1633525e752320e61f78a373c
SHA51231b1429a5facd6787f6bb45216a4ab1c724c79438c18ebfa8c19ced83149c17783fd492a03197110a75aaf38486a9f58828ca30b58d41e0fe89dfe8bdfc8a004
-
Filesize
1KB
MD5ee002cb9e51bb8dfa89640a406a1090a
SHA149ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA2563dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c
-
Filesize
85B
MD5c3419069a1c30140b77045aba38f12cf
SHA111920f0c1e55cadc7d2893d1eebb268b3459762a
SHA256db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f
SHA512c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1
-
Filesize
703B
MD58961fdd3db036dd43002659a4e4a7365
SHA17b2fa321d50d5417e6c8d48145e86d15b7ff8321
SHA256c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe
SHA512531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92
-
Filesize
687B
MD50807cf29fc4c5d7d87c1689eb2e0baaa
SHA1d0914fb069469d47a36d339ca70164253fccf022
SHA256f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42
SHA5125324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3
-
Filesize
141KB
MD5677edd1a17d50f0bd11783f58725d0e7
SHA198fedc5862c78f3b03daed1ff9efbe5e31c205ee
SHA256c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0
SHA512c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff
-
Filesize
82B
MD52617c38bed67a4190fc499142b6f2867
SHA1a37f0251cd6be0a6983d9a04193b773f86d31da1
SHA256d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665
SHA512b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0
-
Filesize
118B
MD56e8ea78b63bbcf8e6076d56a4b13a200
SHA14ed655b43d639a095f5dc5aa6b4aa2bc0e97f031
SHA256c6906891b0fc56f40719778327f64e28165fd3f86fa9c199ec2a33bcd647ccf1
SHA512c015babbeb7f94358e4f48bb2e2157e27f7d6266463cdfc826ffe86f6271fd1198bad91dfd5ce1dde2e0412358136138982c38e2c3161616804963da34ca817d
-
Filesize
53B
MD522b68a088a69906d96dc6d47246880d2
SHA106491f3fd9c4903ac64980f8d655b79082545f82
SHA25694be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88
SHA5128c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff
-
Filesize
76B
MD5ba25fcf816a017558d3434583e9746b8
SHA1be05c87f7adf6b21273a4e94b3592618b6a4a624
SHA2560d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11
SHA5123763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f
-
Filesize
280B
MD5ce8117d3033b8dce032014be85c0a0d6
SHA12252ef98914a169fd3b688a18dc0001ec30838b1
SHA256e79e33d6c574b23ba18d6714a459f8f3e479d14badd6dcd250ac791ee23444ae
SHA5125a0d37fba6efe2cca40d9cbd1468afe36d45bd0eeedb0915b3ba35742036ec756636f8370756171c152065da620dcf22e7fafda892cd0f74fa91cc364e148dfd
-
Filesize
280B
MD5e854a9d4d1fdeee8bd8b3852bb56423c
SHA145b3272af1c7e2a208c7e7a89a76a44fd5afe764
SHA256b88c3a4ff3478abdacb60bd5ec7782d6d10a65ff0ff338cc77d0e5f0046fcf16
SHA51257a8faf204f1a985c2b4e2927e0589d0ec7a58c1fa77deb814c097308cde081e0c301a0180cc5268bbe2a5cd03080c5e5d0168ac820f3da03a2ff563ecab2036
-
Filesize
280B
MD565044109d1beb8ed8d59560642cbc519
SHA10084485b0aa26069232fab51ee603682e8edfd17
SHA256a1e0b448218678b30356cbbe4092ea091435e7450822a9748361b6e8b198962d
SHA51296dcc68fe92f98c4329a8335cfffdb0849a52562431045ccc42076bda0abf3842491303fb669246bfd04e64113688d3f90000a09571dd76ff84b52e34e45f9b6
-
Filesize
44KB
MD585efa92f71832d3ef46aef8762355177
SHA1284f4487789f55d4b661a2cfbcf1e37e8dd3061b
SHA2567a4a2f9f3c6decc393b44c54cef15dfe42b08c3f2e6a0f00d7723e130f32be6e
SHA512279a8c0398d696ac4d6de46dff9501afce56ffb7a70aecd6e969c3e2895d48c461ac6b0c8dae4cd3ad0af3716d0003a0c5e22ff0b2e6a63528f82c5a7d9b6ae5
-
Filesize
520KB
MD54e7bbfa47f483a79f49daf1c7572d18b
SHA1db6f82e2d9094e353b5be1159857a8dca1c61769
SHA256ec89076a92e66884c357e57826c52a0facfa5b659ec3ceb3b197857ba335f62d
SHA512bd5976c4d25f6db456afd0b5dd252335b739763aefaca3f791571d9630f3ea08b2323eef5c29d67f68c8d84ebd347548857dd841381993e17ffe4dea9a2397b5
-
Filesize
1.0MB
MD555d1126b4c320f77c40ad9a2e814575f
SHA1d81041566e6bb4e014bdfc776de3d7c872d1af98
SHA256e74004dd27237a706f7c22b3832eff301bdaeb2b420dc27fb1d8bed09c38203b
SHA5128fc40583b8680b450efb8b53668e021ed03a6c8783b11934784fbb2dd1ba9878d9a78ff2bd69b1a549ce3406f58e47ab9bcfa8bd4f1d0d3e36a868ed93d9d5a4
-
Filesize
8.0MB
MD5589417ecd14cd4d67dd56382216e045b
SHA103fa5c71eec7c89e6ca8613890736253a775e5ce
SHA256372c04520c28194f893899ca42b224eabc091b86790c4406471dbdd9abdf818f
SHA512d34123c21b1a0b1a9c229b15ed1244b8cd9640599dabaff051f1650bc1c4ed1bd5644b97281d6cf7dd2e780187ea3faee6b426810b568d988f00ee5b94e1e4a0
-
Filesize
53KB
MD5b925daba1b43484421e7cb20b00e3102
SHA1bff29fd119e0c6aafb55177b7b6c42bed733a6e3
SHA2565732fab339504c8e4feafcc6e13532286f46a85be255bf3a7de76276ac6c82bc
SHA5129acaab754689747090106d2581da5695e5e2a4f690017190b96a46e699cb5f75019e0bef09e87f0b35849f6637dc555348ce79fdc51109fe0f3ad030fcc89045
-
Filesize
38KB
MD5b8103746b4757c6332fe545f11de8f70
SHA1588965d6333eb015af39c7f44ce71dfac67fb0f7
SHA2564177d563a186175d3a67091c399db6c57fc271e202406e244d4bc8ad95b1aebd
SHA512c83bd52d674d90752dfffeb76971a4f9684054d6f02cfdbe8f336758ac46d8b430f306cc64be00112b8c38d191afd1b8395d58600b12cefcb6a052ab70214ebf
-
Filesize
21KB
MD5eb5f2f8b27b3794eb0b9d7302f3ed208
SHA1ceb14ae185daed71ebd356c06f067ee90ca75a3a
SHA25616a56eb5759e2174470278fec544af28e58f93a2e895141c140eef9409efeb60
SHA5124c1441f9bc16c6c03df5c727c75e238d41aa24127904f86d18eb755564765eed86674de1d6d19406c2f9085454bbaa26c9b65f31973a364906878a9fa4688eb8
-
Filesize
21KB
MD5ebda77e86ff9ed5584eaedb70c3b2999
SHA1125d7bf49cbf6e901df22223176f5abb8ef5e311
SHA2567cc4f62862bced753383f53467784d06d92a1c6df91a8cd6a8cf9e15f51bc63f
SHA512ca950d9aba66b9da055dc286ae92b6d68d5bfc13c9e40326549fdc7a4e9d4fca0eff5cbc3c8a8f75d74c57444265bba5cfa1582419b9526e0e0e9dd7ad4c05e2
-
Filesize
37KB
MD59a0f2fed78beabcb1af818103e79eb49
SHA1e36dcc0472152bec227a1f5a81b5024ff3624452
SHA256bc3ea6c39f4b013cb279391c0adbbd540219cae079703926d37a82dab9046450
SHA512c4a96707d57cb474f45d669a52e31cc4f34e783b3600781c683c88d470cc6f6c3a5c5a399af33b8a193c57df87e797087fab9f6817048baec5a75e44ff835c6e
-
Filesize
37KB
MD5dd669e358ca60e3526facb44bd97422b
SHA13e29c63f2632a5fab938b406299a05ae3e808bdd
SHA25653d7d1b27bef2e2a7632f6811242a28aceda7f593e678b17012ae7252b45c705
SHA5122e49d73db899a9d17f66eb7d87e222b1035c49705fc575d1f5bd6c66a93c385a7f9bdfb087163661231092e4acdfd42bbdb90f57831df45f3e91e18641abb2d4
-
Filesize
27KB
MD5482e69a70bd0db3690f0422498dbfe51
SHA103d8c267e5f48ccc5f4e781e82c7e443e354794e
SHA256e24cd258636323a750f60e58600f3cfda0f90cea73d9fd79294b5748b7d2ef6f
SHA512862300384a8d6218654f7c231e9627b3ec3744817bcf4267008cad979d17f413ff06f5e7c84c822683c4a36676e92aa85bbb9d6216ae3f8187a5e2c710938de5
-
Filesize
18KB
MD589ee4d8818e8a732f16be7086b4bf894
SHA12cc00669ddc0f4e33c95a926089cea5c1f7b9371
SHA256f6a0dfa58a63ca96a9c7e2e1244fcff6aea5d14348596d6b42cd750030481b82
SHA51289cc7dfae78985f32e9c82521b46e6a66c22258ebe70063d05f5eb25f941b2fd52df6e1938b20fe6c2e166faa2306526fdf74b398b35483f87b556a052b34c5e
-
Filesize
38KB
MD5543c23a48539eaed6b58131ab1cf44c0
SHA197f2364d4800b88cab3ac337d9c1f8d4b442337c
SHA2565d58ed637b2bd5bbc6c042150784ef40de3be3687adcbd2f1eae5394ea2f8759
SHA512b392c67711eb3490887b416bd5e7b39489406a12a5ebaa44e0fa17f1853e5b04be7e193adebcda3fa72c3cd69ae952a65272699737d12364d8a1fb07e5cf5be7
-
Filesize
16KB
MD5db2656b672846f689c00438d029d58b6
SHA143b8d5085f31085a3a1e0c9d703861831dd507ce
SHA256aa3f28db9caadce78e49e2aeb52fda016b254ed89b924cdb2d87c6d86c1be763
SHA5124c57c347b10ea6b2ca1beb908afc122f304e50bd44a404f13c3082ba855796baef1a5eb69276d8744c1728578fa8b651815d7981fcec14a3c41c3ca58d2b24ab
-
Filesize
384KB
MD52f5a15de6e83ba957f198ff46fd5f13a
SHA14197eeac4be0c9625fdb5434151a586d95767e87
SHA256957c0f19e87bab9c9be1fbe6f4e4ae0ae98b5304bf3a10ad203db904d01ce7b0
SHA51246610647704e791b5b9f66e89977e3bf719cb4727eb90317b70e0a2296e7920117f1e2ec089b7381ec500c05a443cec93e78cbfabd882448c3973a71014ee89c
-
Filesize
5KB
MD5d8a68e6e68edd968b56cb0407b020922
SHA1e46d85c6ef42a4b6c8246fe7a2388c60adb14fee
SHA25699778d6e92c18549891c6d429c4f9fb040a751df9dc134cabf39833079b32ae1
SHA5121a31a142ca8e1c3731dbbb498c96a896d92dbef1b3a51fcdf07a185272af83c9c293ba17ac000ce8fe49d6de80305b5128228a4720635c8f2e7970cb334d0074
-
Filesize
5KB
MD5ec6ec2921f6a279ebab72940082908bd
SHA1aabb7f7d57c481d1ce9952cea5d3bc95ed7a9f99
SHA2568f606fedf3f74f5373cbba0a67284d2fe5259cd68288a17f2acca8e7f49a01c6
SHA5127309fc78f37494326a15b2bd279bd4884d94e7a26512513524a3a7ce88bcb99b94f4e460475a6e1eb515c98dbe952cc26c743461f3cd436ca9fd0a4c0212a88d
-
Filesize
3KB
MD59f24e46b1e64b5357be39ba1973f3b26
SHA12623d4f4b70a37d0e0e26316f92a7be31bb29526
SHA256b7a6fe06f1e3ef46f832e8b6d2092d08904ade14a641181d9fc9e4d67b531dd4
SHA512c743e0c3f20fac1de9ca2b8056bc33e5b3c2fcf599a7bd406e471f2845eb314534425e06233c1c955a4bacf42988988b0247b7cabc856c4ac6d8cff264792573
-
Filesize
264KB
MD553d04b8a30b74b708cdb3b6bb9c27b56
SHA1e2c53a590b728e20aa3902d087e20c73b47bf9a3
SHA256f855c1b9243e3328b0340e5d8ef6fec36e658b815f7f24fb9c8c1bbbf1201d66
SHA512bfeb8beac6ea8b8dbc4a9d60d48a6f578003c4739f1ca86e1bb1557e6d4aa1abbd1f39dfc1046f0372fb92fd7051d9e8ee00c7a942079806231ad747677fb1da
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
20KB
MD592737edcdd89733fba0296430e16c556
SHA1c9815cfd283c2098ba5f834e4f8f662b9ea8890e
SHA256f8d7e0ae08a2dcc3c4b63f2aba297ebe070fdf918a414312075090859445e8bc
SHA512c3d76d299d5cfe2fcfa44181fbbb36b53de028fc01575c891c6b126f1fa70ba1015d6dd85a8067f13ed62d853225025750199fa9e8a154c788d4cc58e824ed70
-
Filesize
192KB
MD58bf3dedd549a557ec5971bce2e07e109
SHA1d50af0449045a1fd8c554ca971785cad71fee755
SHA2566a1278028bcfccb76175a6d9e6b0bda5f5adc6cfc6369f92e67a61c61d1d0d48
SHA512a83c0d3298341bd44c2a25d85259cc291a57be7b88a6e8e334218ce1380d6f5ed4b7ad9a072daa094434266218f6d85b0072cc07e4e426a896bb5672183daa98
-
Filesize
107KB
MD540e2018187b61af5be8caf035fb72882
SHA172a0b7bcb454b6b727bf90da35879b3e9a70621e
SHA256b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5
SHA512a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12
-
Filesize
3KB
MD57313b544b109726b13d09fc019133a1d
SHA14540438b7fb77229ff8739fd171578ab83dbb06a
SHA2567d121a59563a1bdfa4d63d63b02d5c95c8ec688e0d5a1f16da42d4c1f52cd9b1
SHA512fbc45fa7833b17e018ad6c04a07a75fb313d97622fc299fc8645b36212e3536922f4ec67a279a4f3f8b5f6d37b10ec9489e7940f30b21a518487f76f78daa70c
-
Filesize
3KB
MD51087f3af4cef1c8b96638b32014c45e5
SHA126676ab755fbc632828e5605d6dd00b651915fdc
SHA256801497d389b83f4a30f2c3614419ddeb14193e16cba55782fe478f0456af873e
SHA51299471564e850c55aee37c94bb2c33495cdff770ee9c29bda60d00ecb35c387b794ef56593e497f86e7ac5d311389ec3bb8400af4c6cb501960d2b0f94cda59f3
-
Filesize
2KB
MD54c6d078adc6cd3a285ad5d8fba703a1f
SHA1993649905d154c5e09bdb04d1e0c4dc703b5bb11
SHA2563b80eb7db224bb117fee68a0d876e570d542dc5118fd16914bfe084681f5edd2
SHA5128c3423ac72f1a399190ac713ff97ef17974f0f9eb4092d0d124ef57e40ccd468847d54914721fcee03c8a280711bd5c6ad9d9719458833b7a149d179b058fc58
-
Filesize
2KB
MD5e94ca4f76d5e407f175b0a087c7e3826
SHA16989f2f553c3a14c2c747280dbb2adfff8b503f8
SHA256058c46dbdac037ed43da89e91240e9c932b1d38e7f3d87a2a8e39a3c11dfc1cd
SHA51212d7a160c337ec97448c7a3c97da270a997b1b7d91397d3205a2409c527274e721f2b73666a3b014ed0c6ab2161eb8f35827431b97a3292cc5bfb4a32aa8e913
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
18KB
MD576264e99b752754549ea19d40f93a459
SHA1f0e80b7e94b7b36cff590e0b6ebbed9ad231bc57
SHA256f5d458ab386b128711cb3e069e19dac77159f196f814de460f876f3ffa22d930
SHA5121c28358bfb3612e95683c21f8dd564473ca0956a2fbdf3d4a1b2c44f1a5fe0fe339246c7c8012eaa082e3cfff9e8ce35abbe22cad33397af7774f8fca9520ece
-
Filesize
16KB
MD58e80d30457f722044d500f6e98023d3c
SHA1b886a462262c6856031d9c0e8c9fbb2e3898c544
SHA25696a9feb6f2ca4a7937253f9ca137e5325c7255f73b99107d7e586b247727383e
SHA5124e296cc172a9c48566ecc1cc2da7b83e71621c2e14d523451816d5ada5d415a0ad6afe0a60997e884ed4fd83b1eaffc9ceb3820ae37e3507f83b4946e60b3e64
-
Filesize
17KB
MD5afe78ce416e1f4f7a348290c321b2c40
SHA16e6ca288520dedce11c09d2bfe5c0eb75cc7773e
SHA256db4f9d0a4b268aea02a9aae09ca461b7550c94411b539a4d23dcb907e7044cf9
SHA512d77443400a3aae1c45f42c68a006230b03e4e042f9d6f34d4884fa678ffc4093145472179cc21986b3df6e5c0dde24bd17df30969af2ac440fe994c95106ab6d
-
Filesize
16KB
MD54108d2d2a156bc92ccbba9a615c4a35e
SHA150cbf536544c4b1051afcdb0e3730416a1158958
SHA256e10de207c9c4c77ab475f0c92530e43556a22df221440346f5a88e7086963ea5
SHA5124eebb8dd5f0b4327cf0cbe3c7dab98711a6ea83b593a2fb94b4003eb7e746e0e88ada7e4e92bffc808488b9009495b6c93158b5f117cf1f2c46f6e20b973ad60
-
Filesize
36KB
MD53743f280a2b7c505021bfe131496478f
SHA19a0fa762968885a0f97279593d6afc73f7b3011f
SHA256fa3c3a3e2eac3d21158f6a046fefc649126cc1a7f0be0a0389e0c2f24999cc12
SHA512cd7682ef5e9c39fa48bf08d3649081d8320b99d7beea6b5400dc2f237181bd5906a84afa7eda6fe7ab71f9cb3e8a9e45a6970e880da8ed56a3d96db7edfd61b7
-
Filesize
338B
MD57191655aeda00c031961d9326043f807
SHA145c50b2c136fe25059543d31833d58e569ccdf50
SHA256de6e14415287b9db5414f7027c6fc6e455d93cdcb4ca950e9c945c22f22f989f
SHA5126624ef9c93e30238b4cf05aa8fcae655aabb8015f10a5c950cb6576fb3db76d6550b418801823e3cb03c94bc1e6eb1b263ab734d0eea13fc4486da0d3d56f422
-
Filesize
112B
MD5919bf1cdcc99fa52163a8994466f7e5b
SHA1201f2ef75482286c498383a861458b9fc17f8195
SHA2563c9e80e24d80eb60b228d616a15c5d9aacb1a1d23c71fabe20e126f1ca02fbac
SHA512e0423379b90cdbb979cd6461264bde8b8ae4d5ebd5aa2ba7072040fca3a453bc61f5f3164976947a2bd6975883dc92179a644e1411b9c52d7ce550d3dd871d38
-
Filesize
344B
MD57e8f11d1b1dd4137c96e9bd5cfa8775c
SHA1d199da36c87985e474761841460094635ecaf116
SHA25682e24f049419f9a420a9105ded9d1c191de4b64d3d39a3f29cbf7a06c3aa7f67
SHA512a16841838f0869fba25fd8396f76881a01dc4ec629e82c5a952d33a5bc9a1666f963f500be254bb3bec98d827610eef25096f62a9ad8b8e745e7675fa4391d98
-
Filesize
326B
MD5b6167da76e1785bf082b9956d8ca8079
SHA19f066e64b673f996886f6040a196f6d7d56bc958
SHA2562dcbee327b2efae1de9e5b865213b4168b2d7269850c400fa116f005a1308033
SHA512641f4af3c9b0a5361b7a326949009d06b8d98cfe7ca604a4a8a80e42e3c5cf694cf77ad1b5f21154799954adfa259925e215901a9deab50646e8097dcd717b67
-
Filesize
22KB
MD5e3d37e1f2f59b3c385b8acab9b127b36
SHA10022a3a22b1cc0d3eb09628c414f3e1edb3c75d4
SHA256d436b99a71a020c1e3cf4b0f23fbbf9246b8bb9f804a764853060b42c72acf2a
SHA5121d41c3a8878a4956acc111d910046eb4e64d0c6be720955fd86a2f2567ad26c15f5c5a4de663d78acefc0c0e23616f8953226ad1d1e645e4271130b1d6d92c18
-
Filesize
128KB
MD593d72d1e11b9ea98a1edd5c83829c123
SHA1f60c17d8db579e6035f7dfb1bb69c61d4ee54a78
SHA2569117c5c1e62f5844b377ac1777a3b415afd52ee1144b75ada383ddf2776a937f
SHA512e23f286b178af59db4ac0fa794a05171b652fd43db8b7b2a4ae20ac408610fa1e5f756b140dd5ae5c8be746b45cc7e55e1e9dc46b74db479635912c35ddd1812
-
Filesize
113KB
MD560beb7140ed66301648ef420cbaad02d
SHA17fac669b6758bb7b8e96e92a53569cf4360ab1aa
SHA25695276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985
SHA5126dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5
-
Filesize
66B
MD5dd1a95bb670d66d80e751de3fcfe20ca
SHA1556f54c5d2b48f84a7ca7fe3ff0604d6a6118d70
SHA2567a941a2a3019ba1b069c105d6fcf66dc07f9b13fa739cf3d98653fda96dcb5a4
SHA512ed49e7b7d607f4b8ddf3e620f8df332989fc1af441ed17fe9ed3c50b797bc4f376e8f864d9488a85191e3561e324866109b8387c1599fdf67dbd704611141ac5
-
Filesize
467B
MD52259c5142d7573e13350c12784871270
SHA1cdb0a9e890c624182c007b1ce96fb76a7c971d65
SHA2564e0723e088995a898e21535eae66196e7c0f1a86fc1f235c769031b5e758a6d1
SHA5127380a800d763c44d893102a6f34ae1f17ee934563dd55667c2db38d600613de44c27a4db30d66e75debd669a602929ff7d723ef76b316f3c6faf381d5605bc74
-
Filesize
462B
MD5e7a1209e52fdf0cff6e589a1337fbd2b
SHA19ace1fefc11540a7602d1e63c73f9b8b0b35e195
SHA256a3723580f3e99c49965f012e8c0bd7377b5e70e025c8cea40d9fb85e6aa3e8bd
SHA512e22ce448c5238eb9c949f902c721d219a2d92282aee2d9a3c0d4a1fa3266ea62def923b1358daf90b5aa24b42a513607c58be9b340c418ccbc2a81d907ceccb5
-
Filesize
22KB
MD509879187ea6e8fd3d969a59475a0cde2
SHA1b3c9aebb7aa958c90f431e0f1114e1151e42e85a
SHA2566314377592925daa6ab90b4d6414c3dbd36d5067b321ceabc09b6ed3edd1b6fd
SHA512dc7c058728d64c9536ca8d42294257390985896f72c412f1aa21718a786dadb4565fc05ac3dc4334c774366501b54aa1a1746b693a2d6a4b0e4d2b016497a3b7
-
Filesize
900B
MD554e00c6c0353b6cb6a367548f5b3e1d0
SHA195739fcb9125be42caf33defa16c94133ed14456
SHA256b39c92a3df03477134494d0635ecc43e95b22c85b3d08184b2aa02d37d02b6e4
SHA5124ff68dbc6a4e00cecbf1333512a6445d6771f101a0fd03f8b46f819dd5315fb8c9329f67488843c6d19f76b49862f4ec19d767c70321d64b5a085ddeadbd1429
-
Filesize
19KB
MD541c1930548d8b99ff1dbb64ba7fecb3d
SHA1d8acfeaf7c74e2b289be37687f886f50c01d4f2f
SHA25616cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502
SHA512a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75
-
Filesize
23KB
MD516d41ebc643fd34addf3704a3be1acdd
SHA1b7fadc8afa56fbf4026b8c176112632c63be58a0
SHA256b962497993e2cd24039474bc84be430f8f6e6ab0f52010e90351dc3ff259336c
SHA5128d58aa30613a2376ccc729278d166a9b3ec87eca95544b9dec1ee9300e7dd987326ea42d05dca3f1cc08186685f2fdaf53c24fd2b756c1ed9f2b46436689dc74
-
Filesize
804B
MD54cdefd9eb040c2755db20aa8ea5ee8f7
SHA1f649fcd1c12c26fb90906c4c2ec0a9127af275f4
SHA256bb26ce6fe9416918e9f92fcc4a6fe8a641eceea54985356637991cf6d768f9fd
SHA5127e23b91eab88c472eec664f7254c5513fc5de78e2e0151b0bcc86c3cd0bf2cb5d8bb0345d27afdd9f8fcb10be96feaa753f09e301fa92b8d76f4300600577209
-
Filesize
81KB
MD52e7d07dadfdac9adcabe5600fe21e3be
SHA1d4601f65c6aa995132f4fce7b3854add5e7996a7
SHA25656090563e8867339f38c025eafb152ffe40b9cfa53f2560c6f8d455511a2346a
SHA5125cd1c818253e75cc02fccec46aeb34aeff95ea202aa48d4de527f4558c00e69e4cfd74d5cacfcf1bcd705fe6ff5287a74612ee69b5cc75f9428acfbdb4010593
-
Filesize
34KB
MD5ae3bd0f89f8a8cdeb1ea6eea1636cbdd
SHA11801bc211e260ba8f8099727ea820ecf636c684a
SHA2560088d5ebd8360ad66bd7bcc80b9754939775d4118cb7605fc1f514c707f0e20d
SHA51269aff97091813d9d400bb332426c36e6b133a4b571b521e8fb6ad1a2b8124a3c5da8f3a9c52b8840152cf7adbd2ac653102aa2210632aa64b129cf7704d5b4fa
-
Filesize
13B
MD53e45022839c8def44fd96e24f29a9f4b
SHA1c798352b5a0860f8edfd5c1589cf6e5842c5c226
SHA25601a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd
SHA5122888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9
-
Filesize
55KB
MD596bfd7acfd0b0328796b43c9c4d2c5dd
SHA138eebff2847f52397d9ea103731f0532cf5c53e2
SHA256a0f37ef073925cfc640f3567b43148134fa746d9a416aac31ae03a617aabaab7
SHA5126ee629212358e585cdde0c0d1b43673d8bcb2ccecf85c7db3880df31e98e903369745758c5b693efe9ced3e3ba039fe86434d725b54de3fbd2ba490cf34f9676
-
Filesize
55KB
MD53a9b572ba62caac9440777a8da45c5b9
SHA10316271ab056fba731d4eb7920ba0b4ae96b4f6f
SHA2564b4df09fa121f8d6c99dd718ab8f567e99d2403ddee1daa3493fc36484ed8dc0
SHA5129742e48093fa6c40f101f1206f3cc2d6e118d92b0e4134fd01e7bf2b24ab18ef1811d1bbb61d4f531d1fc5bbd67536c0ec06f58a5f76ea3067fc76f234e0b5fb
-
Filesize
40KB
MD5ffd905905c011002c0250cff92abe8f4
SHA12ede9b14041e710976e2d49487a74f2bde037923
SHA25689afeaa89db778f41d1f9b7be885e4ab69af841a29b3ebed88e03d3028f0c791
SHA5122abdde230ec9b7c54f67b7a96c4c029797622d50d5aafca7b1b220b880cf158667f368ace73a389362403bce5f181c7b40f5fd7cff6ec54898d91a5f9133658b
-
Filesize
50KB
MD5d192131846a4316fff6dad431af89550
SHA160c54f3d64895e7eb51df3e4bfbfb7c41dede661
SHA25617448a7efec2eaa2a37a1b8d2ab8493505e246324138faf46a44b25c98a3891a
SHA5125aab552303755c83e578b15e388ed2fa9223df845c9bb4a14ce126adf23070ff3eeaf0f86b1ea827236d6876041812b5047349ae8ece781e69507372505bc446
-
Filesize
55KB
MD5b730ff66d66107aca42c20f68b7667d5
SHA1f798f38c8364045efacf65459d8fd82a503c91f0
SHA25656b409beba33a2df42176fb25c60d954cdab2912313f7fa78d629be851b5eb13
SHA512fddbc42836a5bb52f0f0df28bc64f28c834ddc42250de91d0d39dc4528ea66395103cb93081fcc311edd1f039dc318862938ef5855b741df5c76035a00c881b5
-
Filesize
62KB
MD5f89e21411e22359584864e3992e44608
SHA129c01547fe29c5fd05e1227e789323b07dd9526e
SHA2560e9179b9e179e61c522962e6fbf7602c078302a6982b542e82117ae198552e56
SHA51221f2aac6691e6fcfba0df8c3e92fd9a68e5578b9830d7353df6c22552afcac3eadbfada94f1ad04cf43458cb1e6eab46317a1248b6f522f76227c24ed9f0efef
-
Filesize
62KB
MD59d276205eb5cbe65b8f28bb0e0bfb9db
SHA1e356f5221047cb8c1fc9de5dac165a8d9b960345
SHA256363f5f1f7791bbb117f43eb650e701d3ab91757cebcfdc122178d508ae55cc1d
SHA51288f01a916f45982911e117eb79b02f4b1601de5e65a846e35cca232a89e94a3ce0d5570bed07c4409b9e4eadcf11b5a8265003bb3e869defe4004b8c196a003d
-
Filesize
55KB
MD5e1ebfa5a580118e31ae267fbe7700d33
SHA1874ca5b405f7caf1128889e417e307962c1d1058
SHA25636f20296b9dc384035535daf22321e7833b8d831ca7f5330a556fb74d1b15c4e
SHA512397eae92f3bcb85dc86e4e1dc84c25de538c1c3f6498787b50f5c11c388dcf2e0a0c309b30be34d4dba42efa95d0e2406fd9b9aeea7d855e6ff24f5a13887bfb
-
Filesize
392B
MD51eb5778b10f80758afa62a68377fc964
SHA1c0e586067cda8be2332856462cfe18909bb70201
SHA256c08b46976105c31a2a74dbcaad4dd845ef1fd5795975c0189d4ff5d403acb967
SHA51248fd7fd52cb38e598840cd565b4133398a6d5dde8d0c3b53fb12b4e5c1096117a242e6a533191f9e53ecf4e0e0e0d444e4094c14b9cc6eedd7714a913ee285a1
-
Filesize
392B
MD5130cdd1518bb95c146cd319b9819edc8
SHA1527cb8afde0f58710beb52a52d594e0efb7ee1fc
SHA2569282e442dcfaf690dbc3dfb2586a2a720aff76156042b2d0ed2ead8c16a2a13b
SHA51209885824ec7d90bb7b90ff904b2fc8e91bbcf3cb3483c4632c217dfa89c515d35a61da9967278ada51d978c9649b2c9eed028a22c0438afa04d86cf95fab7608
-
Filesize
392B
MD58d89d5059d4f49851bb23dfd8a51adf9
SHA1a8ff8ac7104a09333bbb4d8a107eb2db0e5edbfb
SHA2567090d7e60be072887f11369ff760aca9e19212c17266aa16786156f951e9947d
SHA51251c11a05efcf77ac2320459f6c04bcffa2ea05915c03f892451140023b097b022d3c7584be30189b0e4208e87d0155fce8d1bf572f383e8d65b1118268420f47
-
Filesize
264KB
MD58a285a64325063c34fca234652cbc2dd
SHA11a2794ebcbeba3df209a347cd408b3a26f0ccd94
SHA25630cfdfee0118b598a5e4a46dce4f4f15fbc6cc52267a8fa1983b94b8c2c26976
SHA512a0d0bd8cf50bb3f2815057210328e8b879834b54f7827a293a6df26bc67902085819021bb5285b56e773a97184cdb1a1c733d6b6833e8b859d9dfbe18e56a6a2
-
Filesize
66B
MD55bbd09242392aacbb5fac763f9e3bd4e
SHA114bb7b23b459ce30193742ed1901a17b4dcf9645
SHA25622b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297
SHA512541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670
-
Filesize
1.8MB
MD5d7c9c6d2e1d9ae242d68a8316f41198c
SHA18d2ddccc88a10468e5bffad1bd377be82d053357
SHA256f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547
SHA5127fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3
-
Filesize
24KB
MD5aad9405766b20014ab3beb08b99536de
SHA1486a379bdfeecdc99ed3f4617f35ae65babe9d47
SHA256ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
SHA512bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852
-
Filesize
66B
MD51f33d8a2bbc6db595ccc17b47068ccf7
SHA1cbfee5fc3f28d9c8dbacfac977f658738ecf4587
SHA25629a10b42dc39ea728e4cbaa24d269beecdd719fc700fcd07434b6fca46733252
SHA5124ef2c0ea191867f5fe15ff9c7f86624c0a04917ba6de38c6d5192993582d636131f838407a77a3014eb0bf989f9829bc8ad412d2f2cd70bd8f4501de1cda23d4
-
Filesize
638KB
MD5a1fbb0296814e30fa4e6710376dc2cd0
SHA11720d466dccd6b64bb839580c6c36c08f74b9c2e
SHA2567c4c71093987705407cdc53acf99584947eeffc828e933a47bfc6b335d646f12
SHA512d514eadd3711fa5c1e51d3128b5c89de7a0f966d767b689bcf6cb1e4b9ce278d5f3d49cb9f0867d4c022c604bd04fe113be67449123974565d35ff47d1f7dc11
-
Filesize
86B
MD5961e3604f228b0d10541ebf921500c86
SHA16e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472
-
Filesize
66B
MD51d09a9a5e62b846125cd7b929cccbe44
SHA15271237c4d13f7735689a5acc52e48c491669aa3
SHA2561703e4e777b285aba435e71256890a5fe92d24cb01e0eefd03baddca228eee2f
SHA512cd2a2acc126ac6a7dcc81088047c894a427a44c5caa96003c1f3521beac3b46c117f0794e564838de14a18a3f65cb7988ba86b404e690ec77a57518247c03fbb
-
Filesize
2KB
MD52480dfcb159a3ebe87a1b980852a7a1a
SHA1607852a9fe6c992c4f71e9c89c6bd020f8be5af9
SHA25632c4795bf4b4afe1502cfabe308aca80477e6f95cd123afc95ce06d2fb0a7165
SHA51239af8293d4b27a6fab58ecd648310543a6a44d3b0a538f6f33aa315734b9b4951f039fda1def06017288dd429fabcb721410051bf8c4c84889aa78e56587ef0e
-
Filesize
3KB
MD595e64fc7b2e97246247178d473daf3ea
SHA16c98981bb77d84fe8b7a7eeaf5fc69788aaeaa72
SHA2560f2f4c4bf5f14ed42c45739affe7e5610c4aea0bf5284ffcb9acee1c57b67acd
SHA51242c710f103e37e63356ac073ed52879882fae5b0d52068cf8d7e757de52ae081584fbdcfa52e5af2b6061fea12e56ccfc5cbe7496e8a01e454622043ff9e759d
-
Filesize
3.1MB
MD5d4d0f593700f7dd6494924a000b341e2
SHA1ad7f02e09f6c162ea9f892414573f13bbdf2dace
SHA25688995545a3b69bf0113bbbeee1221c7799546ed44a37dcfde2861dbbd5bcf247
SHA51202d66e3a4e743a3abf4abb51c1e64789bd2891b4ed1fe00e767de5e17a9e43c71b6947bc3c5af06463cc475fb8ef9dbce982ce38b338120461ea0101e6a2a801
-
Filesize
1014B
MD58aba93be39de49c8e3730a8dc1dd36d5
SHA1f4e925b3ce92ac0801b571d45c998e8125b21237
SHA2560eb2d57e398283e2b0ccad5349c003f8c87952ef0cfb5d91220bcf45082f78a2
SHA51261ae599b10eb3b2b67d7a13c48e916a41a7a4ce4d5d9d82c6a1553d9bff9b80ca25af2fd041726ed8208babb436ff62d8138b83b9bef169aeff21ecfa385de2e
-
Filesize
4KB
MD5b48ca2d0bc538be1eaafb83f9eaae9e7
SHA19785b43a6bbb60cba651181b9582052e5848fff4
SHA2560e41af108bf3803afa4072a11128b3c84584e00fb9f8b0903bdb26504130f510
SHA512bedc18f58306a5aa87fe2587de3de5c2039dd993fb8454ed2c38b11f63c41c532d858b3fc415ce08e5622986e796bb0ec9d9f8633f2d9271fce35eb6ea1082d5
-
Filesize
3.3MB
MD513aa4bf4f5ed1ac503c69470b1ede5c1
SHA1c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00
SHA2564cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62
SHA512767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
1.2MB
-
Filesize
712KB
-
Filesize
88KB
-
Filesize
3.2MB
-
Filesize
304KB
-
Filesize
96KB
-
Filesize
376KB
-
Filesize
104KB
-
Filesize
320KB
-
Filesize
3.1MB