Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20250410-en -
resource tags
-
submitted
18/04/2025, 04:43
General
-
Target
JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe
-
Size
209KB
-
MD5
bca126cc681c07440b291fe71f5ab863
-
SHA1
f3caf966a3290b4ca7952a8a6dc023ef417ff897
-
SHA256
9afadba0006723439d704c1bf3af6cb9e3b3e0d4796dd2fe89d8fbcc7d25c7af
-
SHA512
5192b23d110f68197747f420e3fe32c37fb853f177820ca6d40b33f2aaf989eb847ecff1a6ef5d799499807d286f3611cf653fad46c1062364351b44f0b04ca6
-
SSDEEP
6144:dQJQEgZAppJtRWH7YumzfX4k6/Bpfs/scDI8T:duppBDumzfX85Rs/sDo
Malware Config
Signatures
-
Ardamax
A keylogger first seen in 2013.
-
Ardamax family
-
Ardamax main executable 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 32 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
-
Suspicious use of FindShellTrayWindow 3 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Ardamax Keylogger\akl.exe"C:\Program Files (x86)\Ardamax Keylogger\akl.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Program Files (x86)\Ardamax Keylogger\qs.html2⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x31c,0x7fff998ef208,0x7fff998ef214,0x7fff998ef2203⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1940,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=2356 /prefetch:33⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2324,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=2320 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2340,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=2592 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3536,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=3572 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3548,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=3568 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4248,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=4264 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4268,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=4288 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3524,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5176 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5328,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=3460 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3660,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5404 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3504,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5884,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5944 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5884,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5944 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6108,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6068 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6356,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6396 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6124,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6132 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6392,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6424 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6612,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6620 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6776,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6768 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6936,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6944 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6928,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6780 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4404,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=4624 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4288,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=3780 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4508,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=4280 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5240,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5832,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6848 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6188,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5824 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5400,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6152 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6592,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=6852 /prefetch:83⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6172,i,3585263440447764991,8605586052311128026,262144 --variations-seed-version --mojo-platform-channel-handle=5824 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Program Files (x86)\Ardamax Keylogger\akl.exe1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start2⤵
-
Network
MITRE ATT&CK Enterprise v16
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
228KB
MD54f0592beb14e55d9295afbc005faef07
SHA1dd0533f0d0d8eae441cba614a40d896fb7398930
SHA256239e59fc07c7cd95f8f95f9356d916aedf75b844f08d8e500a5143275c50e49d
SHA5129235efb1072e887ef92761a6d8c579d004583f00ad2743343f2fccace95bc3a75b16fb3220274ab372d7185f8203c5ae7a15f8a070ed86ee8d6804d4b3c261eb
-
Filesize
4KB
MD5c0aec89e4dc32fb0455b5ba72ab60bcf
SHA1810895f5aec20559c76e1139d91f964235234539
SHA256ebac4c23d288b3714702b907be613c94a8611fcac6cec78c2b1bfc9833c3c051
SHA512cfd86c5561dbb695bdd934c39b298d12269a6571799dd8b2c1eb3ce8904c5c4afc0958a505882d2b38c7d973703042585fa8eb9ff928f143335d3f808aece4ab
-
Filesize
5KB
MD50ef0d1b48f660aed3ab882c57c07c9e8
SHA14ad368b47a4ffce1c230d9dd3e2811d627be9e45
SHA256a001314e9773e57930d18c8644e18ed1bc7a5629253f71c9b03c3ba27c866d52
SHA5121ac18accd811970effdf9573e5ff4267e11382809d063daf0acf47690605fbf25b1e992be58e5236a6f73d1e0ba9025f481a4aa3e8a0fe5e884b383fd061b588
-
Filesize
1KB
MD5da9de559f7a4f35fe72c9b6d115e017c
SHA134a2fd2290a6bdaaf08495f9c89ca66489828510
SHA256c40c04a36754e564213ba5f0fc09379806de17d45dca95038876ecc144695a5e
SHA51291259ac8fca0c115b5193892d097098ca74684dc29943ee38cbe4ac79e3a917a524b8fe54723080ef21938f3730b812b33645b6da385a5b1ad9a74a0117a5ba0
-
Filesize
547B
MD5f8042de6eac16488d35b374ee4ae0e9a
SHA150ca327d1d992d725abe0d4d805687e0e20bf2cd
SHA2566c11ad24defbbb47ca85662764f925476d36c89e24e0cadb9fbff003e0ba6376
SHA51200e5e5372520a9aa827a7026d890e3fa5363b668be0a91cc41a4a3109acbac9674cc088aecdb742f8cef84d650aef5fab0014fa14a53fca555eeed35a2e3cd6c
-
Filesize
134B
MD5049c307f30407da557545d34db8ced16
SHA1f10b86ebfe8d30d0dc36210939ca7fa7a819d494
SHA256c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54
SHA51214f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780
-
Filesize
160B
MD5c3911ceb35539db42e5654bdd60ac956
SHA171be0751e5fc583b119730dbceb2c723f2389f6c
SHA25631952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d
SHA512d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331
-
Filesize
43B
MD5af3a9104ca46f35bb5f6123d89c25966
SHA11ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8
SHA25681bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea
SHA5126a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1
-
Filesize
160B
MD5a24a1941bbb8d90784f5ef76712002f5
SHA15c2b6323c7ed8913b5d0d65a4d21062c96df24eb
SHA2562a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747
SHA512fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2
-
Filesize
3KB
MD5f9fd82b572ef4ce41a3d1075acc52d22
SHA1fdded5eef95391be440cc15f84ded0480c0141e3
SHA2565f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6
SHA51217084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339
-
Filesize
280B
MD508db5d4969ced98b35efaad8df68671f
SHA13ea299fb7dd34691afa783c2547ab5f0dfcd60a5
SHA25637e306e690e7d905450872ea5b0a25a3992d8ede385b7cfc7abe2734e24386ab
SHA51272d1b1a6e26b0bf240831c2737a353445f37fad283b74b6fffc698f62fc5dc8f5808cc717225e2eb8a2c067dd5a90e44ff9281f93eb29db180d155388720d7d4
-
Filesize
280B
MD5aaf83b637d655e56700e952fdc1addba
SHA15b359e8810c6fce1a45e981e5a8f3a8bd0f847c2
SHA2568358981741cfec6e5216e2f10199b21ddc4d7ffc65124215a9c297629651ef43
SHA5126b2cb7a399f302ee64c76774bf7d872db6bc34d727b5d092e09f87cac2ef51c8a7bf0d8bb5dc0ea32e97b4399c783334519a9d51cefecf9700d2a9f4062b3d1b
-
Filesize
4KB
MD56d03c2b6a399dc0cdd38022571bd1166
SHA1472553193dc116ae295335379f06dbb1bbf208a5
SHA256c26c00b132656559c17016249f1bdd9ba5b64f421647e1cb06fb65ba48617a47
SHA5123bd36c5f91c36fc635139eeffc384f7693b608aef5de20924b6d55e82790aca6c0b241d98a6b254ac6d5cc1b0c6d7dcd33987627185dadb225949caa7b56e16a
-
Filesize
4KB
MD5a59705685ae96156f76eb1361f37656b
SHA1d4638bd68b79478bee63e9b2388ee6a442d7864c
SHA256a89da1f4fc28473848bd81f1d6d58102477d56c988b48d245809a7161bbd0991
SHA512ec1b737e473241fb77d8fc222494fe79b2f49ede3ec29454428f541bdbb17b1a46a2d9c473c47a70759faaf7ff7c7e4c2b4ba3d7bc8f98f836a9a9bff592f5c3
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
69KB
MD5164a788f50529fc93a6077e50675c617
SHA1c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48
SHA256b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17
SHA512ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4
-
Filesize
9KB
MD53d20584f7f6c8eac79e17cca4207fb79
SHA13c16dcc27ae52431c8cdd92fbaab0341524d3092
SHA2560d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643
SHA512315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59
-
Filesize
107KB
MD52b66d93c82a06797cdfd9df96a09e74a
SHA15f7eb526ee8a0c519b5d86c845fea8afd15b0c28
SHA256d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954
SHA51295e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
1KB
MD586d16ab883ff6ac146089db729ad4fa5
SHA1811a802f2b5ae3f947a9c322a93b4a3d0d8f73c7
SHA256a2777103a8e6fc962fe216f1b31a971b64ba5c84dc9d7113a319523c5db02a14
SHA51264ad417185d5bbd108503c47e56c445ed42cb40fafee5c98d2a4f9c9970daeb7ea69a9b2d598f67a55b54a653adeacc86ef03680d7ed912d6e76dec8a9c87128
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
13KB
MD50ecbd9c54d36244551bd140369464439
SHA139fb71f93891f06c699b29e3a954921c662eb87e
SHA256fafb9723ac01103983b33cbcbf4059543e7049f444f49d7ed572d4fcd3e2fceb
SHA51271d1a5a36f1525da383f98a1a55a8286981da7076c6ebec8035385c527ca62545d42e9a8389becdff8a46fd8892a9121ebebaabc3e7ddb4e208de27cccc21a28
-
Filesize
36KB
MD5c2f7849fe7ff2091327f6b6f9feef203
SHA1b083ff4e0f7e3bfb3d28cee17ad521b1b3f35611
SHA256c3cc0e83c335af8ed6d0f5d08ff52470b1bd20c90a072e7a3fbf8a9e4c27e1d3
SHA51250255caaf62644b35b805f2a0791326cb7db2c9d2526d7190777c19734bd795b577187422253a5a6e89afacde3bbd392485b7ddd8ce354f4b828ca7a87cab8fe
-
Filesize
4KB
MD56e4864f4cb14047b54f19003195425cf
SHA1ce2bbc340a5c5612868292cefbd4e8872add7dc6
SHA256918a1937e9326ae8c3f02b56efec9b58a87a72bf9a84321b9ba08acce325abba
SHA51285fbd30313d154dc7e772d96988b0bd01919c8ca6e295649d2a762170838560a7bf084255170a02ee2b9f149b349864203e55f2cb388484f4e63c3b781075aa8
-
Filesize
23KB
MD59281764192c0b5f94a7666d9a3028cd1
SHA10722d6631ee24055201cdd7047a53b407066132e
SHA256a1ee08d5e71c1b07f8aa9065bad2d36898970c4bba0b6160038b0abece1c1614
SHA51203dc0febf9eec6ff42c1f536150e41320525c0f3298d1ac0cf94597bd45b993594a1bb7c08f205f6e69545aad157301ed985a08ac24ed6eab624bfd41ac0e724
-
Filesize
876B
MD50995cb3a82587b8c44d37160e761d782
SHA191898eb84affbb13b00cf2ed0a3e0008b57dc1b9
SHA256fc4621d2d2241c18ab7093b388944c28e97ac67a24fdef2889ce4f6778c539af
SHA512e0075090754c789e50a6a96c353a2edf44803ab775b6c14275e5b59f6be33b5fadebab12035a12f30b6d894590eda2d612e231f259629e2a3e50be8edd05b89e
-
Filesize
467B
MD5f1c14976b5d2444c7a36d5554e6e68e4
SHA13df8b82698b7977d975400faa7b0823e3cc7b86f
SHA25667b305d7b5711e94d4721b699d3a23042cdc4681b9e341a0a0f90c3bc5710340
SHA5120fe5a4cd5b1fe5b34c2912715069e43a29642f440124d558263a790eea7ba87371498ac09f6738f85c4cc3624938943056aff42ffcd2c158c72b2c8eb8381d96
-
Filesize
22KB
MD58feda7bf9d3555a3a24d06d1ce478e32
SHA17247511320dcdc7797aff543dad1281b5bc74608
SHA256a063c6efaa309d2ef5969ba431b69c77a3a430a5bd20e02070bec30851f4905f
SHA5123c3baff7e0cc967a6968868f6bc0680d11e8d1e7dab0fdb58d6f92ee0770ffd2bf8c2bec7866b0c24121e1172d7e2a79c8210871014cc796f75c8b012b88acfc
-
Filesize
3KB
MD594406cdd51b55c0f006cfea05745effb
SHA1a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9
SHA2568480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e
SHA512d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3
-
Filesize
6KB
MD5bc73bcdd3f0da99a28f2bab6669b0714
SHA1be7fd1616aca99072617d0f8081adf28fd831aa2
SHA2569a9c55a40af647d6cca5765af5411c6a05309e9ef0010ea7402406ac4ff80be7
SHA512d3cedeacc51b1964f7ee5ff8c2943a06e18ae74a74acba066ed18933119d72e5abdcd7d6114c755c37734090298a1cedf732060dd31dd73b08e67fc812086670
-
Filesize
30KB
MD55cd9188bf9e464fcc88628375bf639bf
SHA1fd9e319cda632b042f88cfaef3691f9df8a83558
SHA2568a716f55a0451e62a6b1a3f3d39e5febbc2ca78e3b480092d2d4d73f3a0666b0
SHA51211cbd59bdff9907022aa5cd711eac45179c91da965cb0f2d906e68c9cc862a32970597efc23933d754b00e48077fdbd2ade0ebd075752bcf7cfced7462f077b2
-
Filesize
7KB
MD55df4cc1b7cf7feca1f46954bea9d576a
SHA1057bac0524409e7ed64618d1ce15db0d620617df
SHA256929fe8b14aae72ffca50ac096e50090bcce6daf1198ff7bd7a4c7f1886adcc4f
SHA512f4b8be496fb6e52a3cef8ae6a467265d4fd8246d12f969a2c5f194a98df2baef09a8bae1b2c6fb5da1450722f9072f35f73d5721de0e11bfba3a02bf4cf8ac94
-
Filesize
19KB
MD581f2d32e6c3058fdb34f2eedb2ee9767
SHA1d44342a38af8a06dae718fe977c1ef833fc470ca
SHA2566f8a9c21349e3feb4831b556cd6af3010da5cd03dc44f11c6d6df7703fa4595e
SHA512ec57894e7dd81c97c223242ddd241ac74e67377a19beeb184aef49db8f35f00b6423cfc3ec864b91f2006a21d2b7aa3a16f81b18e5f4ed34be1edb6e0c57e709
-
Filesize
34KB
MD57008383c9f72542958e01172f253e682
SHA13a8f6c18b8c415f78abcf68a4d3b7f662c8ba9cf
SHA2568919c0eeadc00ca58cf53c65ade1633d26fc74bf6710ec92054b7961632ee9bb
SHA512be8addd9f3d932eaf7d4f329b23908b20acacd134a65cbbc2c8b62395d177fefb349874dfe711d5a634fdfc2d5dbc54f4a4dba239f9352d5b5bdd96d8c9dfeb7
-
Filesize
2KB
MD5499d9e568b96e759959dc69635470211
SHA12462a315342e0c09fd6c5fbd7f1e7ff6914c17e6
SHA25698252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d
SHA5123a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905
-
Filesize
2KB
MD5b75894d41c3b483e0a13db1f84bcf6b4
SHA129f9e0591a55671598ce015597fd7f9814e1cdde
SHA256458b64150ac091022b2a87fde41b71fa3f6dfda7ad79761e8e6a69d2e6cf79e9
SHA512887edbc30ad94f0dbeb87d793857ceb7056bfd971be3a2a07e0502dc3b6c4323a88f13824f39220e4c11814dd7bdf41b90cb6f1b67eb4a6c93ef07c0ded080dd
-
Filesize
1B
MD55058f1af8388633f609cadb75a75dc9d
SHA13a52ce780950d4d969792a2559cd519d7ee8c727
SHA256cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA5120b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21
-
Filesize
153KB
MD5b0917d8e6c5b6be358bff67f84eb8336
SHA1a6e221edcb19a1cc81575b4ddd927fd9a6fbdd6d
SHA256dff2c9d9755f96713c08f4932a9091080808ec34c0823feac2206fa526f91e60
SHA512cd5822bbf91e8f7f5ab2b471a4bf8b464bde95465e2fccc6a57e5a287ca55d5062bdd6d4b3cd76f8529ee7a9081b6a7aad7dc2a7581c344ce4fd2d3256bdf451
-
Filesize
12KB
MD54c7d97d0786ff08b20d0e8315b5fc3cb
SHA1bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
SHA25675e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
SHA512f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
-
Filesize
745B
MD5b79833677508a50c3751cab053195f4c
SHA1790e4ac34d55e7ee7e36ecb1983b73f1e5c365d9
SHA256b8b167e3d4f0341c1e56982d017fcad1cd99c271a134b11aae20f466def67ac5
SHA51244cb7791fec6b98fe239622e5f2ee894df9c5023c5dc560b89d9e2363a709cf033a3fc80429fedc6c99a6bfccf91b15995497d6841cf20b8f344ae4ff1b04f13
-
Filesize
736B
MD5a6c7f576a993b24666e9d2b1d6cba02c
SHA1d573cebb5cf348a3f6df1a8969d92acce4d49e3c
SHA256255c7c8e1029c636f38195f70c4b144d00d158bcb12677325c559e0e9c3f9fb3
SHA512e6ec31e74772b2b8a3cf5968f01d48a4d5b34a206dbf8e6b3521f406b5bbbac120495c9bcdc1cc95c6c5b921ae2cf5154633de755da51339c597692e91cf6f43
-
Filesize
10KB
MD578e47dda17341bed7be45dccfd89ac87
SHA11afde30e46997452d11e4a2adbbf35cce7a1404f
SHA25667d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550
SHA5129574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5
