Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows11-21h2_x64 -
resource
win11-20250410-en -
resource tags
-
submitted
18/04/2025, 04:43
General
-
Target
JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe
-
Size
209KB
-
MD5
bca126cc681c07440b291fe71f5ab863
-
SHA1
f3caf966a3290b4ca7952a8a6dc023ef417ff897
-
SHA256
9afadba0006723439d704c1bf3af6cb9e3b3e0d4796dd2fe89d8fbcc7d25c7af
-
SHA512
5192b23d110f68197747f420e3fe32c37fb853f177820ca6d40b33f2aaf989eb847ecff1a6ef5d799499807d286f3611cf653fad46c1062364351b44f0b04ca6
-
SSDEEP
6144:dQJQEgZAppJtRWH7YumzfX4k6/Bpfs/scDI8T:duppBDumzfX85Rs/sDo
Malware Config
Signatures
-
Ardamax
A keylogger first seen in 2013.
-
Ardamax family
-
Ardamax main executable 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 20 IoCs
-
Drops file in Windows directory 14 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_bca126cc681c07440b291fe71f5ab863.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Ardamax Keylogger\akl.exe"C:\Program Files (x86)\Ardamax Keylogger\akl.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Program Files (x86)\Ardamax Keylogger\qs.html2⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x2f8,0x7ffb7c13f208,0x7ffb7c13f214,0x7ffb7c13f2203⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1820,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=2224 /prefetch:113⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2188,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=2184 /prefetch:23⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2500,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=2512 /prefetch:133⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3456,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=3532 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3464,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=3540 /prefetch:13⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4652,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=4880 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4672,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=4916 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5452,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5696,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5704 /prefetch:143⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.execookie_exporter.exe --cookie-json=11284⤵
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5724 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5724 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=732,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5876 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6092,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5844 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5484,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5560 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4940,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5188 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4972,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5000 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5984,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5104 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5008,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:143⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6172,i,11703714772678664430,14753198961151106145,262144 --variations-seed-version --mojo-platform-channel-handle=5004 /prefetch:103⤵
- Suspicious behavior: EnumeratesProcesses
-
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Program Files (x86)\Ardamax Keylogger\akl.exe1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start2⤵
-
Network
MITRE ATT&CK Enterprise v16
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
228KB
MD54f0592beb14e55d9295afbc005faef07
SHA1dd0533f0d0d8eae441cba614a40d896fb7398930
SHA256239e59fc07c7cd95f8f95f9356d916aedf75b844f08d8e500a5143275c50e49d
SHA5129235efb1072e887ef92761a6d8c579d004583f00ad2743343f2fccace95bc3a75b16fb3220274ab372d7185f8203c5ae7a15f8a070ed86ee8d6804d4b3c261eb
-
Filesize
4KB
MD5c0aec89e4dc32fb0455b5ba72ab60bcf
SHA1810895f5aec20559c76e1139d91f964235234539
SHA256ebac4c23d288b3714702b907be613c94a8611fcac6cec78c2b1bfc9833c3c051
SHA512cfd86c5561dbb695bdd934c39b298d12269a6571799dd8b2c1eb3ce8904c5c4afc0958a505882d2b38c7d973703042585fa8eb9ff928f143335d3f808aece4ab
-
Filesize
5KB
MD50ef0d1b48f660aed3ab882c57c07c9e8
SHA14ad368b47a4ffce1c230d9dd3e2811d627be9e45
SHA256a001314e9773e57930d18c8644e18ed1bc7a5629253f71c9b03c3ba27c866d52
SHA5121ac18accd811970effdf9573e5ff4267e11382809d063daf0acf47690605fbf25b1e992be58e5236a6f73d1e0ba9025f481a4aa3e8a0fe5e884b383fd061b588
-
Filesize
1KB
MD5da9de559f7a4f35fe72c9b6d115e017c
SHA134a2fd2290a6bdaaf08495f9c89ca66489828510
SHA256c40c04a36754e564213ba5f0fc09379806de17d45dca95038876ecc144695a5e
SHA51291259ac8fca0c115b5193892d097098ca74684dc29943ee38cbe4ac79e3a917a524b8fe54723080ef21938f3730b812b33645b6da385a5b1ad9a74a0117a5ba0
-
Filesize
547B
MD5f8042de6eac16488d35b374ee4ae0e9a
SHA150ca327d1d992d725abe0d4d805687e0e20bf2cd
SHA2566c11ad24defbbb47ca85662764f925476d36c89e24e0cadb9fbff003e0ba6376
SHA51200e5e5372520a9aa827a7026d890e3fa5363b668be0a91cc41a4a3109acbac9674cc088aecdb742f8cef84d650aef5fab0014fa14a53fca555eeed35a2e3cd6c
-
Filesize
280B
MD534d09b852bf4a5ef1d936591501926ca
SHA188ff0b1c2a5664765e11e47843a5ac8e1782ed0c
SHA25652bd897dfdfca849d627b36a49b976eef861b1a7af075527c8f247adb862dc20
SHA512dc63eebf94384dc9580f5e3c9291047e8d410f8fc1f746d180673f445a9bbe746608c01cbf10a38f2f935cfa5c8bb89864f87cabd8fece809dcaa1fa137f71d3
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
107KB
MD52b66d93c82a06797cdfd9df96a09e74a
SHA15f7eb526ee8a0c519b5d86c845fea8afd15b0c28
SHA256d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954
SHA51295e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5
-
Filesize
2KB
MD59ed50f6ebea1c1ad42cb4c82c0762bab
SHA152feba397cd01d496269a6f12197fa0ceb913e86
SHA256d4960130558602eea257363d6b05d98600aa4128c82ff4cdfcc50e50a1647415
SHA512ea7d227adf49159dbbc39be4325fba580e65c93dd7989ae13e06dedc810cab84733f1212f80914116c04b5d1e2c723e391b7688bd67a7d0ab300c63bac3ab2d1
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
15KB
MD582cd37732917f73c80e951e41120d082
SHA15ea74bbefa1f3ac695f44e9495468314ce781b6e
SHA2565c410aec3565e2026a6d2a696cb4d7d5201141d6ef4f7d88504d761562bfd0c6
SHA512f7973b09ddcc1b03a656771ba559fae995062819f701b6d738a8e7d64b0874d8dce2a808a0c8880350f192f24938c443ce44a7aaf6b019192272558c0c17618e
-
Filesize
37KB
MD5ecac1b67191c633b6681cec7f8ba443a
SHA1cde6a5c57eaad9e44a596b9608942c489b5c1ba7
SHA2564d841f64577f5e9a0bc344be76e8d03c7710bf2058de82d7d8ca690adfdf66f7
SHA5122b6edb5e159d19c86e299605da1e7f5d270a3b4d343e764972ea4f9f5c074db452b7beddfcea8425e393b191dc0c2e7b580cf2586b7ed30ce337a58b9f9ca921
-
Filesize
22KB
MD595968578dbf6e8541da5156c9ed1a5b7
SHA1c700d43068c8c90647140dfd6c8a89f1cb243219
SHA25678c838146ea87b5b92691f5934bbf0bd96d1ef9722e4a5584f7c102d1a6a6e1a
SHA512bb1746e12424d37e884a4d1f5a65587bd20c0f2eed9c830ba9c6cfb46cc2693c54a7f5620613c4a8b82cbe06f4e352b5064242d310dec1e0ab5b91015eebdd30
-
Filesize
900B
MD5b2c6453ff402eb4c3539b533fc7a9193
SHA1de312e0132f4072b7adf44f492d697e0e222ec69
SHA25696b5a332669fedca7f65265b43ea6597ae4d703e3102d79a3f9a445e3f6a98a0
SHA5125147c5499d4baa49105c991273a6a0d2f0e764be8ed33fbb8af40ba411ea5a807fc826c4416deb7d923a1a6daa29bd1cd25d1a90416944834dc6bca214553cdb
-
Filesize
467B
MD53b1695dd05895ae4fa41d8c6dc3dbf9c
SHA17128e4bae98633a85ddf9c71ab86288acc9f2788
SHA25699d0a1e37a09474fae2bfc2a2a757277e5487f04d32df8c23c7a8d7a475f2311
SHA5124ed62531c8160a975972a8d5551ebf23750534466a0b1a281c712637e1beed568c1962d4b453c96b3b33dfb6ed0a003a4eb2072769e1ac86e2113f850d543f64
-
Filesize
20KB
MD55009866ce6630b6db17631ab0722d6c8
SHA1e47200490fb117cb60e287390e81acf373c01ff2
SHA256e13841108129174f95008d3c9731afa81909698c11a63f897ccf08e41af0358d
SHA51221018c7318511ef02060aa019dfb1339c54777450efba9745783bb3d494ccab85c169fee9281756705b68cc0bc53df422869551ae6f2903e835de2ddf7d438d9
-
Filesize
22KB
MD53f8927c365639daa9b2c270898e3cf9d
SHA1c8da31c97c56671c910d28010f754319f1d90fa6
SHA256fc80d48a732def35ab6168d8fd957a6f13f3c912d7f9baf960c17249e4a9a1f2
SHA512d75b93f30989428883cb5e76f6125b09f565414cf45d59053527db48c6cf2ac7f54ed9e8f6a713c855cd5d89531145592ef27048cf1c0f63d7434cfb669dbd72
-
Filesize
54KB
MD5ba464da43c99d5aa0b9ced53be4a3904
SHA14e5fca85dd567c9ac072710502eb7a33fa835505
SHA25600ad6c18f86d71c083a8ade51bddb533e45825db5428a9cd9916c4174e6ba2ac
SHA5127addeff80be1a6e577e47a3dc6908214dfd1b021dd92cf15b356db654b77f178ae92bc3ca24c4fb4067231319a122fda74858901a114737652b847e1818d7a63
-
Filesize
40KB
MD5dcdf07b7fce12e39d467e283c40fd882
SHA1e601217e11226995725f3b35d66b353c53f7aa27
SHA2563dddc3cab4a53447a0314ad116a48d23966eea456a114a6112831caf0b370965
SHA51296d4445944c2dd0878f57a3926281b175845ee86c35413e2602cc81af8c76d5ecc09fe8d4bfc4fdb1695fe8fae47183e221b6616e81fe549b22bb3bc7220d332
-
Filesize
40KB
MD56c062def3d9ebb893d626d0c2fe97987
SHA100b2c30da5e34db1c7d04e69703ec797d1083bbd
SHA25618795b0bc2ce2adef32082c7151c7dd57952abba5e82311adb2a10f6d3d89187
SHA51253bc250d0b36c12b94efd7d1d18d48385f82a0a69d6998e00aa9aae57bb13abc684e311eced53cc83d135b0c9961a0ae32238ea37180d8e2f249bd4d6978c0dc
-
Filesize
49KB
MD566dcc260eabfe951e50f0fddd91bc3fe
SHA1bf48c95578b8e95a807e5ed8a6143786fe920a76
SHA2566a2ba78a10cc0894139a71b4cbcf4e6fb6b764af2ca13e32d8f693edbebaef12
SHA51225ec408e2514ac1d6a7333d430303c26d1d86547f2cd252fa20fceeff71af601bf27db62189e6ae209c6917ef5c25bdab77dd4e8522e6dca5b5ae09388cd0555
-
Filesize
623KB
MD55ab9b7f0cc325613a81d9ebcd04aaf2f
SHA1c7599611befa76f7897067fe24dabb823762d1e8
SHA256578117941516ab6624486eec10922aa8fa56526e45fab4422c722784654eb8d0
SHA512fd20a7a9a4f83211edba010a3dd4c372b0d74e5e9a7c62978fa471e3dfa671beab8c379b6f74a13c2d38b40b4ac95c68544e4128f6b2a50bd383c1a5f1d97ebd
-
Filesize
12KB
MD54c7d97d0786ff08b20d0e8315b5fc3cb
SHA1bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
SHA25675e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
SHA512f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
-
Filesize
745B
MD5fe21adde499d565415b1f64655256ccb
SHA12846d996c6761b97acf4aaaf179d626170a2f346
SHA256f96218f6f5ba35a350699cfb791e7def6cfe58869ff4a94ebe12ea1f4eb51b75
SHA512102fa119cf6e6f915102ea9cece78378fe57a6a75b9e721ac4cb00c460708797cba5592e602454b1a3190e987a29c8904e432bc675e75ea590da01caa0f47778
-
Filesize
736B
MD5c9f312d95c6d06e5d2af5ba35cb1635d
SHA1d0bca694b6f99ec6adf7818afc159292d2fadd4b
SHA256de745b59c7cb696f869638d309ac6b4495196c4c38eaa1030a58d6e7fe3f2bd3
SHA512807e0cf48da44b6d7813ce5287c8353c8ae6bd1d29b75692404cc0b2bf5f9e192324ea23211cabc999089c2d60d30f36393c9fae57330bb26183574275b463da
-
Filesize
118B
MD5b6c3a53fb568b72d31dec81b067c9ff0
SHA177728097bac348a4717aa95d4e8009d225482293
SHA256602e1e0e0c8d630ec9f04f3f70b54ab0281942f4107e77047774fbdfa2d1acab
SHA512b4d2204d7d30f7e09dd41bfcfe1ed4bfbee28357b49caf26d2a58f3c8346196f153616758eb86b1f03eabf02180506cbc36b23156fc47ce1c0b6922a7a4f718a
-
Filesize
12B
MD5085a334bdb7c8e27b7d925a596bfc19a
SHA11e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2
SHA256f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85
SHA512c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34
-
Filesize
176B
MD56607494855f7b5c0348eecd49ef7ce46
SHA12c844dd9ea648efec08776757bc376b5a6f9eb71
SHA25637c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd
SHA5128cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a
