Mirrors
/
ioc-collection
mirror of https://github.com/avast/ioc
6
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added IoCs for Magnitude EK

This commit is contained in:
Jan Vojtěšek 2021-07-29 16:28:37 +02:00
parent 05517a132f
commit 094ab53e4c
8 changed files with 4082 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
Magnitude/README.md Normal file
View File

@ -0,0 +1,73 @@
# IoC for Magnitude Exploit Kit
Malware analysis and more technical information at <https://decoded.avast.io/janvojtesek/magnitude-exploit-kit-still-alive-and-kicking/>
### Table of Contents
* [Samples (SHA-256)](#samples-sha-256)
* [Network indicators](#network-indicators)
## Samples (SHA-256)
#### Redirection page
```
2cc3ece1163db8b467915f76b187c07e1eb0ca687c8f1efb9d278b8daadbe590
3da50b3752560932d9d123ef813a3b67f5d840fee38a18cc14d18d5dc369bce4
91dbcaa7833aef48fa67c55c26c9c142cb76c5530c0b2a3823c8f74cf52b73cc
db8cf1f5651a44b443a23bc239b4215dcfd0a935458f9d17cb511b2c33e0c3b9
ef15ee0511c2f9e29ecaf907f3ca0bb603f7ec57d320ba61b718c4078b864824
```
#### CVE-2021-26411
```
0306b0b79a85711605bbbfac62ac7d040a556aa7ac9fe58d22ea2e00d51b521a
419da91566a7b1e5720792409301fa772d9abf24dfc3ddde582888112f12937a
6a348a5b13335e453ac34b0ed87e37a153c76a5be528a4ef4b67e988aaf03533
4e80fa124865445719e66d917defd9c8ed3bd436162e3fbc180a12584d372442
217f21bd9d5e92263e3a903cfcea0e6a1d4c3643eed223007a4deb630c4aee26
```
#### Shellcode
```
5d0e45febd711f7564725ac84439b74d97b3f2bc27dbe5add5194f5cdbdbf623 (Win10 WoW64 variant)
351a2e8a4dc2e60d17208c9efb6ac87983853c83dae5543e22674a8fc5c05234 (^ unpacked)
4044008da4fc1d0eb4a0242b9632463a114b2129cedf9728d2d552e379c08037 (Win7 WoW64 variant)
1ea23d7456195e8674baa9bed2a2d94c7235d26a574adf7009c66d6ec9c994b3 (^ unpacked)
3de9d91962a043406b542523e11e58acb34363f2ebb1142d09adbab7861c8a63 (Win7 native variant)
dfa093364bf809f3146c2b8a5925f937cc41a99552ea3ca077dac0f389caa0da (^ unpacked)
e05a4b7b889cba453f02f2496cb7f3233099b385fe156cae9e89bc66d3c80a7f (newer Win7 WoW64 variant)
ae930317faf12307d3fb9a534fe977a5ef3256e62e58921cd4bf70e0c05bf88a (latest Win7 WoW64 variant)
```
#### CVE-2020-0986
```
440be2c75d55939c90fc3ef2d49ceeb66e2c762fd4133c935667b3b2c6fb8551 (pingback payload)
a5edae721568cdbd8d4818584ddc5a192e78c86345b4cdfb4dc2880b9634acab (pingback payload)
1505368c8f4b7bf718ebd9a44395cfa15657db97a0c13dcf47eb8cfb94e7528b (Magniber payload)
63525e19aad0aae1b95c3a357e96c93775d541e9db7d4635af5363d4e858a345 (Magniber payload)
31e99c8f68d340fd046a9f6c8984904331dc6a5aa4151608058ee3aabc7cc905 (Magniber payload)
```
#### Pointer scanner/loader 64-bit module
```
f8472b1385ed22897c99f413e7b87a05df8be05b270fd57a9b7dd27bed9a79a6
19f57a213e7828e5e32adf169e51e0d165ddf25a6851a726268e10273a8df8b8
b0b709a620509154bc6d7b4e66d0a7daa7fd8ce23d1e104d80128ea3d0bb54e7
d22d616255b3cceff0fbcaba98083f5fda8be951287fb1d1c207fd1887889b2f
7c1fc5dfb970f856abf48cc65bda4f102452216ad8b9f1fe9c7a66650d91959d
```
#### Magniber
```
a2448b93d7c50801056052fb429d04bcf94a478a0a012191d60e595fed63eec4
525f9dbf9a74390fd22779a68f191b099ee9b4d2e8095c57ac1c932629a8af56
3ae5cd106e3130748ef61d317022d7b6ab98a0811088cfc478d49375c352bf04
daf17fbf2bfcfaa2dafb6470a5da0054eb61ab5b44cd8cbbf22f8819f3c432db
fcd8f8647a1d5e08446a392cc6c69090c00714d681c4fa258656e12cd4f80c2e
```
## Network indicators
#### [C&Cs](cncs.txt)
#### [Decoy ad domains](decoys.txt)

3051
Magnitude/cncs.txt Normal file
View File

File diff suppressed because it is too large Load Diff

85
Magnitude/decoys.txt Normal file
View File

@ -0,0 +1,85 @@
This file contains a list of domains that Magnitude recently used for decoy ads. These decoys show fake ads for Binance, Vulkan, SkinMedica, and more.
walloh[.]site
hellcs[.]fun
agorule[.]fun
coreany[.]space
fartrys[.]cam
hoskin[.]live
juskin[.]info
peskin[.]men
skinta[.]bid
skinla[.]info
koskin[.]info
poskin[.]live
skindo[.]date
skinpo[.]life
geskin[.]vip
skinje[.]date
hopski[.]info
perski[.]date
loskin[.]win
opskin[.]info
haiskin[.]vip
paskin[.]run
reskin[.]email
bskin[.]vip
eskin[.]info
cskin[.]email
dskin[.]art
fskin[.]info
sking[.]info
skinh[.]info
skiner[.]vip
skino[.]wtf
skinje[.]email
skinpe[.]wtf
skinre[.]info
loveask[.]xyz
sitweek[.]club
ohafter[.]club
takefor[.]monster
wantsee[.]monster
tinends[.]xyz
sugarso[.]fun
lowerhe[.]monster
metsad[.]uno
norwash[.]monster
pullwon[.]monster
lotbear[.]monster
marklay[.]fun
useteam[.]cam
worklog[.]cam
youbox[.]uno
minejob[.]fun
sonruns[.]fun
usfails[.]club
onsizes[.]space
ridgas[.]top
skiner[.]win
skinje[.]info
skinfo[.]win
gunkey[.]fun
gasfail[.]uno
binke[.]wtf
vobin[.]wtf
lobin[.]info
skinre[.]wtf
werepi[.]site
filmmy[.]sbs
amwarn[.]club
dielast[.]top
wonsam[.]fun
wishsgo[.]uno
easysum[.]xyz
sibin[.]golf
pibin[.]golf
orbin[.]info
qibin[.]wtf
ohbin[.]date
hbino[.]email
fbino[.]wtf
binlo[.]info
prbin[.]win
binof[.]wtf
binok[.]win

20
Magnitude/excluded_folders.txt Normal file
View File

@ -0,0 +1,20 @@
If the folder name contains one of the following strings as a substring (case-insensitively) Magniber avoids encrypting it (and any subfolders).
documents and settings
appdata
local settings
sample music
sample pictures
sample videos
tor browser
recycle
windows
boot
intel
msocache
perflogs
program files
programdata
recovery
system volume information
winnt

754
Magnitude/extensions.txt Normal file
View File

@ -0,0 +1,754 @@
Magniber encrypts only files with the following extensions:
Higher-priority extension set (subset without any extra obfuscation):
.doc (0xcfc)
.docx (0x15eac)
.xls (0x45af)
.xlsx (0x7598d)
.ppt (0x2f54)
.pptx (0x4fdf4)
.pst (0x2fa5)
.ost (0x2ccc)
.msg (0x270d)
.em (0x94)
.vsd (0x40ab)
.vsdx (0x6d221)
.csv (0xaa2)
.rtf (0x3564)
.wks (0x42bb)
.pdf (0x2e02)
.dwg (0xdd8)
.snt (0x37a9)
.docb (0x15e96)
.docm (0x15ea1)
.dot (0xd0d)
.dotm (0x1606c)
.dotx (0x16077)
.xlsm (0x75982)
.xlsb (0x75977)
.xlw (0x45b3)
.xlt (0x45b0)
.xlm (0x45a9)
.xlc (0x459f)
.xltx (0x759a8)
.xltm (0x7599d)
.pptm (0x4fde9)
.pot (0x2f39)
.pps (0x2f53)
.ppsm (0x4fdce)
.ppsx (0x4fdd9)
.ppam (0x4fbe8)
.potx (0x4fb1b)
.potm (0x4fb10)
.edb (0xeab)
.hwp (0x1945)
.sxi (0x38ac)
.sti (0x3840)
.sldx (0x5d789)
.sldm (0x5d77e)
.vdi (0x3f1b)
.vmx (0x401d)
.gpg (0x15a6)
.aes (0x373)
.raw (0x3374)
.cgm (0x955)
.nef (0x286b)
.psd (0x2f95)
.ai (0x24)
.svg (0x3874)
.djvu (0x1526d)
.sh (0x209)
.class (0x1bf364)
.jar (0x1ca7)
.java (0x3060a)
.rb (0x1e8)
.asp (0x4ea)
.php (0x2e78)
.jsp (0x1e8b)
.brd (0x79c)
.sch (0x3674)
.dch (0xbbd)
.dip (0xc67)
.p (0x10)
.vb (0x254)
.vbs (0x3eef)
.js (0x121)
.asm (0x4e7)
.h (0x8)
.pas (0x2dbe)
.cpp (0xa4b)
.c (0x3)
.cs (0x64)
.suo (0x3861)
.sln (0x376d)
.ldf (0x229e)
.mdf (0x2577)
.ibd (0x19db)
.myi (0x27b1)
.myd (0x27ac)
.frm (0x1309)
.odb (0x2b25)
.dbf (0xba0)
.db (0x6e)
.mdb (0x2573)
.accdb (0x90b93)
.sq (0x212)
.asc (0x4dd)
.lay (0x2260)
.mm (0x16c)
.sxm (0x38b0)
.otg (0x2cda)
.odg (0x2b2a)
.uop (0x3d72)
.std (0x383b)
.sxd (0x38a7)
.otp (0x2ce3)
.odp (0x2b33)
.slk (0x376a)
.dif (0xc5d)
.stc (0x383a)
.sxc (0x38a6)
.ots (0x2ce6)
.ods (0x2b36)
.max (0x2538)
.uot (0x3d76)
.stw (0x384e)
.sxw (0x38ba)
.ott (0x2ce7)
.odt (0x2b37)
.pem (0x2e24)
.csr (0xa9e)
.crt (0xa85)
.key (0x1ff3)
.pfx (0x2e4a)
.der (0xbfd)
.cd (0x55)
.arw (0x4d6)
.jpe (0x1e2f)
.eq (0x98)
.adp (0x355)
.odm (0x2b30)
.dbc (0xb9d)
.frx (0x1314)
.dbs (0xbad)
.pds (0x2e0f)
.pdt (0x2e10)
.dt (0x80)
.cf (0x57)
.cfu (0x942)
.mx (0x177)
.epf (0xff3)
.kdbx (0x35973)
.erf (0x1029)
.vrp (0x409c)
.grs (0x15e8)
.geo (0x1485)
.st (0x215)
.pff (0x2e38)
.mft (0x25bb)
.efd (0xee3)
.rib (0x3437)
.ma (0x160)
.lwo (0x24a8)
.lws (0x24ac)
.mb (0x161)
.obj (0x2af7)
.x (0x18)
.fbx (0x1164)
.dgn (0xc2f)
.abs (0x322)
.adn (0x353)
.aft (0x38f)
.ahd (0x3b5)
.alf (0x423)
.ask (0x4e5)
.awdb (0x8ed0)
.azz (0x5b1)
.bdb (0x620)
.bib (0x6a7)
.bnd (0x730)
.bok (0x752)
.btr (0x7e0)
.cdb (0x8f9)
.ckp (0x9c4)
.clkw (0x10a15)
.cma (0x9eb)
.crd (0xa75)
.dad (0xb83)
.daf (0xb85)
.dbk (0xba5)
.dbt (0xbae)
.dbv (0xbb0)
.dbx (0xbb2)
.dcb (0xbb7)
.dct (0xbc9)
.dcx (0xbcd)
.dd (0x70)
.dmo (0xcd2)
.dnc (0xce1)
.dqy (0xd48)
.dsk (0xd70)
.dsn (0xd73)
.dta (0xd81)
.dtsx (0x16e99)
.dx (0x84)
.eco (0xe9d)
.ecx (0xea6)
.emd (0xfa0)
.fcd (0x116b)
.fic (0x120c)
.fid (0x120d)
.fi (0xab)
.fo (0xb1)
.fpt (0x12da)
.fzb (0x13d6)
.fzv (0x13ea)
.gdb (0x145d)
.gwi (0x1665)
.hdb (0x1736)
.his (0x17ce)
.ib (0xf5)
.itdb (0x2ed5d)
.itw (0x1bd4)
.jtx (0x1eae)
.kdb (0x1fc1)
.lgc (0x22ec)
.maq (0x2531)
.mdn (0x257f)
.mdt (0x2585)
.mrg (0x26f2)
.mud (0x2740)
.mwb (0x2774)
.ndf (0x2850)
.nsf (0x29e5)
.nyf (0x2a87)
.oce (0x2b0d)
.oqy (0x2c9b)
.ora (0x2c9e)
.orx (0x2cb5)
.owc (0x2d27)
.owg (0x2d2b)
.oyx (0x2d72)
.pan (0x2db9)
.pdb (0x2dfe)
.pdm (0x2e09)
.phm (0x2e75)
.pnz (0x2f24)
.pth (0x2fb4)
.pwa (0x2ffe)
.qpx (0x3231)
.qry (0x3268)
.qvd (0x32bf)
.rctd (0x572a1)
.rdb (0x33b0)
.rpd (0x34f6)
.rsd (0x3547)
.sbf (0x3657)
.sdb (0x3689)
.sdf (0x368d)
.spq (0x37dc)
.sqb (0x37e8)
.stp (0x3847)
.str (0x3849)
.tcx (0x395d)
.tdt (0x3974)
.te (0x221)
.tmd (0x3a57)
.trm (0x3ae7)
.udb (0x3c3b)
.usr (0x3de0)
.vdb (0x3f14)
.vpd (0x405a)
.wdb (0x41ed)
.wmdb (0x70dd8)
.xdb (0x44c6)
.xld (0x45a0)
.xlgc (0x75834)
.zdb (0x4a78)
.zdc (0x4a79)
.cdr (0x909)
.abw (0x326)
.act (0x33e)
.aim (0x3d9)
.ans (0x466)
.apt (0x49d)
.ase (0x4df)
.aty (0x50e)
.awp (0x556)
.awt (0x55a)
.aww (0x55d)
.bad (0x5d1)
.bbs (0x5fb)
.bdp (0x62e)
.bdr (0x630)
.bean (0xa82c)
.bna (0x72d)
.boc (0x74a)
.btd (0x7d2)
.cnm (0xa12)
.crw (0xa88)
.cyi (0xb37)
.dca (0xbb6)
.dgs (0xc34)
.diz (0xc71)
.dne (0xce3)
.docz (0x15eae)
.dsv (0xd7b)
.dvi (0xdbf)
.dx (0x84)
.eio (0xf3f)
.eit (0xf44)
.emlx (0x1a6d0)
.epp (0xffd)
.err (0x1035)
.etf (0x105f)
.etx (0x1071)
.euc (0x1077)
.faq (0x1142)
.fb (0xa4)
.fcf (0x116d)
.fdf (0x1188)
.fdr (0x1194)
.fds (0x1195)
.fdt (0x1196)
.fdx (0x119a)
.fdxt (0x1db52)
.fes (0x11b0)
.fft (0x11cc)
.flr (0x126c)
.fodt (0x1f889)
.gtp (0x161b)
.frt (0x1310)
.fwdn (0x20f4b)
.fxc (0x13a1)
.gdoc (0x22731)
.gio (0x14f1)
.gpn (0x15ad)
.gsd (0x15f4)
.gthr (0x25413)
.gv (0xd3)
.hbk (0x1709)
.hht (0x17b4)
.hs (0xeb)
.htc (0x18e7)
.hz (0xf2)
.ii (0xfc)
.ipf (0x1b57)
.jis (0x1d80)
.joe (0x1e14)
.jrtf (0x33642)
.kes (0x1fed)
.klg (0x209e)
.knt (0x20e1)
.kon (0x20f6)
.kwd (0x21c4)
.lbt (0x2276)
.lis (0x2332)
.lit (0x2333)
.lnt (0x23ba)
.lrc (0x2415)
.lst (0x2441)
.ltr (0x245a)
.ltx (0x2460)
.lue (0x2468)
.luf (0x2469)
.lwp (0x24a9)
.lyt (0x24e3)
.lyx (0x24e7)
.man (0x252e)
.map (0x2530)
.mbox (0x3eee6)
.me (0x164)
.mel (0x2598)
.min (0x2606)
.mnt (0x2693)
.mwp (0x2782)
.nfo (0x288f)
.njx (0x2904)
.now (0x298a)
.nzb (0x2a9e)
.odo (0x2b32)
.of (0x19b)
.oft (0x2b6d)
.ort (0x2cb1)
.pfs (0x2e45)
.pjt (0x2eb2)
.prt (0x2f8a)
.psw (0x2fa8)
.pu (0x1c5)
.pvj (0x2fec)
.pvm (0x2fef)
.pwi (0x3006)
.pwr (0x300f)
.qd (0x1cf)
.rad (0x3361)
.rft (0x33f8)
.ris (0x3448)
.rng (0x34c3)
.rpt (0x3506)
.rst (0x3557)
.rt (0x1fa)
.rtd (0x3562)
.rtx (0x3576)
.run (0x3587)
.rzk (0x360b)
.rzn (0x360e)
.saf (0x363c)
.sam (0x3643)
.scc (0x366f)
.scm (0x3679)
.sct (0x3680)
.scw (0x3683)
.sdm (0x3694)
.sdoc (0x5c1d5)
.sdw (0x369e)
.sgm (0x36e5)
.sig (0x3715)
.sla (0x3760)
.sls (0x3772)
.smf (0x3780)
.sms (0x378d)
.ssa (0x381d)
.sty (0x3850)
.sub (0x3854)
.sxg (0x38aa)
.tab (0x3911)
.tdf (0x3966)
.tex (0x3993)
.text (0x61295)
.thp (0x39dc)
.tlb (0x3a3a)
.tm (0x229)
.tmv (0x3a69)
.tmx (0x3a6b)
.tpc (0x3aa7)
.tvj (0x3b50)
.unx (0x3d5f)
.uof (0x3d68)
.upd (0x3d81)
.utxt (0x68a2f)
.vct (0x3f0b)
.vnt (0x4034)
.vw (0x269)
.wbk (0x41c0)
.wcf (0x41d6)
.wgz (0x4256)
.wn (0x27b)
.wp (0x27d)
.wpa (0x4330)
.wpd (0x4333)
.wp (0x27d)
.wps (0x4342)
.wpt (0x4343)
.wpw (0x4346)
.wri (0x436e)
.wsc (0x4383)
.wsd (0x4384)
.wsh (0x4388)
.wtx (0x43b3)
.xd (0x28c)
.xlf (0x45a2)
.xps (0x461b)
.xwp (0x46d5)
.xyp (0x470b)
.xyw (0x4712)
.ybk (0x4772)
.ym (0x2b0)
.zabw (0x7d234)
.zw (0x2d5)
.abm (0x31c)
.afx (0x393)
.agif (0x61cb)
.agp (0x3a6)
.aic (0x3cf)
.albm (0x6f52)
.apd (0x48d)
.apm (0x496)
.apng (0x7bf4)
.aps (0x49c)
.apx (0x4a1)
.art (0x4d3)
.asw (0x4f1)
.bay (0x5e6)
.bmx (0x729)
.brk (0x7a3)
.brn (0x7a6)
.brt (0x7ac)
.bss (0x7c6)
.bti (0x7d7)
.ca (0x52)
.cals (0xead9)
.can (0x8b4)
.cdc (0x8fa)
.cdg (0x8fe)
.cimg (0x101b0)
.cin (0x98c)
.cit (0x992)
.colz (0x112be)
.cpc (0xa3e)
.cpd (0xa3f)
.cpg (0xa42)
.cps (0xa4e)
.cpx (0xa53)
.ct (0x65)
.dcr (0xbc7)
.dds (0xbe3)
.dgt (0xc35)
.dib (0xc59)
.djv (0xc88)
.dmi (0xccc)
.vue (0x40e2)
.dpx (0xd2c)
.wire (0x703f1)
.drz (0xd64)
.dtw (0xd97)
.dv (0x82)
.ecw (0xea5)
.eip (0xf40)
.exr (0x10d7)
.fa (0xa3)
.fax (0x1149)
.fpos (0x1fc8a)
.fpx (0x12de)
.gcdp (0x2233c)
.gfb (0x1493)
.gfie (0x22c43)
.ggr (0x14be)
.gih (0x14ea)
.gim (0x14ef)
.spr (0x37dd)
.scad (0x5bd83)
.gpd (0x15a3)
.gro (0x15e4)
.grob (0x24f0e)
.hdp (0x1744)
.hdr (0x1746)
.icon (0x2be29)
.icpr (0x2be48)
.info (0x2dc8a)
.ipx (0x1b69)
.iwi (0x1c17)
.j (0xa)
.jas (0x1ca8)
.jbig (0x3078a)
.jbmp (0x307ff)
.jbr (0x1cc2)
.jfif (0x312ed)
.jia (0x1d6e)
.jng (0x1dfb)
.jps (0x1e3d)
.jpx (0x1e42)
.jtf (0x1e9c)
.jw (0x125)
.jxr (0x1f14)
.kdc (0x1fc2)
.kdi (0x1fc8)
.kdk (0x1fca)
.kic (0x2049)
.kpg (0x210a)
.lbm (0x226f)
.ljp (0x234a)
.mac (0x2523)
.mbm (0x2548)
.mef (0x2592)
.mnr (0x2691)
.mos (0x26ad)
.mpf (0x26bb)
.mpo (0x26c4)
.mrxs (0x41d64)
.my (0x178)
.ncr (0x2841)
.nct (0x2843)
.nlm (0x292f)
.nrw (0x29db)
.oci (0x2b11)
.omf (0x2c1c)
.oplc (0x4b024)
.asy (0x4f3)
.cdmm (0xf379)
.cdmt (0xf380)
.cdmz (0xf386)
.cdt (0x90b)
.cmx (0xa02)
.cnv (0xa1b)
.csy (0xaa5)
.cvg (0xae4)
.cvi (0xae6)
.cvs (0xaf0)
.cvx (0xaf5)
.cwt (0xb0c)
.cxf (0xb19)
.dcs (0xbc8)
.ded (0xbef)
.dhs (0xc4f)
.dpp (0xd24)
.drw (0xd61)
.dxb (0xdee)
.dxf (0xdf2)
.egc (0xefd)
.emf (0xfa2)
.ep (0x97)
.eps (0x1000)
.epsf (0x1b006)
.fif (0x120f)
.fig (0x1210)
.fmv (0x128b)
.ftn (0x1340)
.fxg (0x13a5)
.gem (0x1483)
.glox (0x23e0e)
.hp (0xe8)
.idea (0x2bfe7)
.hpg (0x187f)
.imd (0x1b04)
.ink (0x1b26)
.lmk (0x2396)
.mgcb (0x3fbc9)
.mgmf (0x3fcdb)
.mgmt (0x3fce9)
.mgmx (0x3fced)
.mgtx (0x3fdaa)
.mmat (0x40cbb)
.mat (0x2534)
.ovp (0x2d19)
.ovr (0x2d1b)
.pcs (0x2df4)
.pfv (0x2e48)
.plt (0x2ee8)
.vrm (0x4099)
.pobj (0x4f927)
.psid (0x50542)
.rd (0x1ea)
.scv (0x3682)
.ssk (0x3827)
.stn (0x3845)
.svf (0x3873)
.svgz (0x5f456)
.tlc (0x3a3b)
.tne (0x3a73)
.ufr (0x3c81)
.vbr (0x3eee)
.vec (0x3f30)
.vm (0x25f)
.vsdm (0x6d216)
.vstm (0x6d3c6)
.stm (0x3844)
.vstx (0x6d3d1)
.wpg (0x4336)
.vsm (0x40b4)
.xar (0x4485)
.ya (0x2a4)
.orf (0x2ca3)
.ota (0x2cd4)
.oti (0x2cdc)
.ozb (0x2d77)
.ozj (0x2d7f)
.ozt (0x2d89)
.pa (0x1b1)
.pano (0x4d292)
.pap (0x2dbb)
.pbm (0x2dd3)
.pcd (0x2de5)
.pdd (0x2e00)
.pef (0x2e1d)
.pfi (0x2e3b)
.pgf (0x2e53)
.pgm (0x2e5a)
.pic (0x2e86)
.pict (0x4e836)
.pix (0x2e9b)
.pjpg (0x4ec61)
.pm (0x1bd)
.pmg (0x2ef6)
.pni (0x2f13)
.pnm (0x2f17)
.pntg (0x4f831)
.pop (0x2f35)
.ppm (0x2f4d)
.prw (0x2f8d)
.psdx (0x504cf)
.pse (0x2f96)
.psp (0x2fa1)
.ptg (0x2fb3)
.ptx (0x2fc4)
.pvr (0x2ff4)
.px (0x1c8)
.pxr (0x302a)
.pza (0x304f)
.pzp (0x305e)
.pzs (0x3061)
.qmg (0x31cf)
.ras (0x3370)
.rcu (0x33a8)
.rgb (0x3401)
.rgf (0x3405)
.ric (0x3438)
.riff (0x5823f)
.rix (0x344d)
.rle (0x348b)
.rli (0x348f)
.rpf (0x34f8)
.rri (0x3531)
.rs (0x1f9)
.rsb (0x3545)
.rsr (0x3555)
.rw (0x1fd)
.sci (0x3675)
.sep (0x36b2)
.sfc (0x36c0)
.sfw (0x36d4)
.skm (0x3751)
.sld (0x3763)
.sob (0x37b2)
.spa (0x37cc)
.spe (0x37d0)
.sph (0x37d3)
.spj (0x37d5)
.spp (0x37db)
.srw (0x3818)
Higher-priority extension set (subset with extra obfuscation):
.idc (0x24f0)
.ihx (0x2571)
.idx (0x2505)
.ocr (0x35fa)
.hpi (0x2361)
.icn (0x24e0)
.iiq (0x2585)
.igt (0x2552)
.igx (0x2556)
Lower-priority extension set
.jpeg (0x32efc)
.jpg (0x1e31)
.vmdk (0x6c0fe)
.arc (0x4c2)
.paq (0x2dbc)
.tbk (0x3935)
.bak (0x5d8)
.tar (0x3921)
.tgz (0x39cb)
.gz (0xd7)
.rar (0x336f)
.zip (0x4b0d)
.iso (0x1bb1)
.vcd (0x3efb)
.bmp (0x721)
.png (0x2f11)
.gif (0x14e8)
.tif (0x39ed)
.tiff (0x61c05)
.mid (0x25fc)
.wma (0x42df)
.flv (0x1270)
.mkv (0x2644)
.mov (0x26b0)
.avi (0x534)
.asf (0x4e0)
.mpeg (0x415a5)
.vob (0x403d)
.mpg (0x26bc)
.wmv (0x42f4)
.fla (0x125b)
.swf (0x388e)
.wav (0x41b0)

33
Magnitude/samples.md5 Normal file
View File

@ -0,0 +1,33 @@
045f2afb870638e8499eba556830b662
0b27ab5563ec17f82a7653852cffd571
1155c3bfe824045723a6951efb7ffb20
14a22c88f9e69fc5ec27fbd546dcf915
1988044f910d1243e908024ed1ccd294
1d18acffbf4686de9575f89b5cb7e72b
20799749be3dab9ee73c90410dd650b4
257409d8c45bd697f697f9e8359e7d4a
2c05fe0581ec2419f49702dcbd05fe85
2e8f1caf9e2ee4fbccfb242a8011d2a6
35ec731aa1bf0f67a4ca232fdf47acbb
43e2075c20ff571f55611df0488ebd83
509ec2732a29fe553ccc36f25f173bdd
50ed9ba54e910fdd1343423e5aed9015
51456b4a0470805472e30dfde891006e
5bd4fe96cc88fde0538f0d28c366cd5a
5e8a822df0b18db77ff03aa613973144
719e00e2b3465d8466fc340b74a51844
76425c0b9b56ea8cb2fd5ee8563169a2
7650dc571e6eaaf229c7b85de818c483
7b7c50258aa5670a0d8bf0ef5f15661f
8859c4e6190e7ec08daefac82dda8558
8d9dfc109470219a744aeeb62926e3c6
8f6dff9b6f273167e2824dac6c78af0c
908432695023c01712f6afaba7912809
9d949572ced0988540fc999f7fe32a96
a0e9b7c63d11c7f04c3cdcdf74c58e63
c532f90c3e75052a59459d7769b8f7fa
cf83e8f2876cf55999f69600d5479d28
d72ce8aeead19edce969d1af6850f6c5
e0c9555e278aef72da383859252e7fb8
eba84149995c4da8be2a056cf989efe2
ee99a0630693059a88b96ea7534a87fa

33
Magnitude/samples.sha1 Normal file
View File

@ -0,0 +1,33 @@
001a456e448645c7b51ee9d74d9f9f48cb515ee5
011875514d0498a4335b48ff469ad23d64ca54b7
02eff5f7765f28e976c68fbcbcf36f2f5b73ea17
08bf1d10d41b71145e786784d58608933f53a28f
0aeb6ba69e103fa5d98b38f3c29d022cf72f13b2
0e7df02c6f3faa4b299b9fedf236bbec4c6b89f5
10e4a3edcb6673af793ff0ba1ebb0ce5725be3cd
1ff24c3f112117d9ff5b20bfd11ddb94c5506d82
2075dc96b0c6678d41f8868e36750d6059755115
25abc7de3b3a767de61cd50d5095094e416a8caa
3e5781eb7e1652732483cb88872e57619b28ce05
48f0c9e9f369c14991f51dbcd346abc467b3352e
517fc0ac38d055b02e501f5bcc97e8121c6e3ddf
532177b2a372b5be497289a44e4178e2c1aeb45a
75815356d7aac57f0093be48ff843a8fd811a3af
76bf3afc3bf579f17284bdc0c48f71e03c591e84
8f2933d9d1cb2b1ea9d7971e26eec89317a756ac
8ff0c38f3b791d20287299bed9d01f067ce24173
922d183da5b391bb866152fcb193d3b38a946e85
94756918fa3e844ac084b4b3c7c54ff3ea77db4c
955fda90ced3f2e1bf46aa8a06dd003b53aad4b3
95b545f373ed0cd2098d8984db5523364a23809e
979ea26757d83283e6f5204bd88a92136afbdafc
aa647d3500db2049bd160007f1b2d83a3413e08e
af73ac95779e217e3d8ac4b00d0b363ece86335a
bb12de0830c8cf769785acadbc08bdae7a44c63c
c460ec34deb72db271a5680cf01b5a6c69a9e6ea
d37c2ae20712c01b55373a936a12146fab4ea925
d5c9a76fefcfb68b53b42483896c33cbc0950c4f
d70d785c9e780c6815bf0a128299819b4728dcc4
e10da0e8d3e24e4cbc375a5be0a2244a8145554d
effe68a7d1e94945a0accccda998f6a2d099c552
f6bfe69bef5b414325a67dd8efd23c1aa4b85623

33
Magnitude/samples.sha256 Normal file
View File

@ -0,0 +1,33 @@
0306b0b79a85711605bbbfac62ac7d040a556aa7ac9fe58d22ea2e00d51b521a
1505368c8f4b7bf718ebd9a44395cfa15657db97a0c13dcf47eb8cfb94e7528b
19f57a213e7828e5e32adf169e51e0d165ddf25a6851a726268e10273a8df8b8
1ea23d7456195e8674baa9bed2a2d94c7235d26a574adf7009c66d6ec9c994b3
217f21bd9d5e92263e3a903cfcea0e6a1d4c3643eed223007a4deb630c4aee26
2cc3ece1163db8b467915f76b187c07e1eb0ca687c8f1efb9d278b8daadbe590
31e99c8f68d340fd046a9f6c8984904331dc6a5aa4151608058ee3aabc7cc905
351a2e8a4dc2e60d17208c9efb6ac87983853c83dae5543e22674a8fc5c05234
3ae5cd106e3130748ef61d317022d7b6ab98a0811088cfc478d49375c352bf04
3da50b3752560932d9d123ef813a3b67f5d840fee38a18cc14d18d5dc369bce4
3de9d91962a043406b542523e11e58acb34363f2ebb1142d09adbab7861c8a63
4044008da4fc1d0eb4a0242b9632463a114b2129cedf9728d2d552e379c08037
419da91566a7b1e5720792409301fa772d9abf24dfc3ddde582888112f12937a
440be2c75d55939c90fc3ef2d49ceeb66e2c762fd4133c935667b3b2c6fb8551
4e80fa124865445719e66d917defd9c8ed3bd436162e3fbc180a12584d372442
525f9dbf9a74390fd22779a68f191b099ee9b4d2e8095c57ac1c932629a8af56
5d0e45febd711f7564725ac84439b74d97b3f2bc27dbe5add5194f5cdbdbf623
63525e19aad0aae1b95c3a357e96c93775d541e9db7d4635af5363d4e858a345
6a348a5b13335e453ac34b0ed87e37a153c76a5be528a4ef4b67e988aaf03533
7c1fc5dfb970f856abf48cc65bda4f102452216ad8b9f1fe9c7a66650d91959d
91dbcaa7833aef48fa67c55c26c9c142cb76c5530c0b2a3823c8f74cf52b73cc
a2448b93d7c50801056052fb429d04bcf94a478a0a012191d60e595fed63eec4
a5edae721568cdbd8d4818584ddc5a192e78c86345b4cdfb4dc2880b9634acab
ae930317faf12307d3fb9a534fe977a5ef3256e62e58921cd4bf70e0c05bf88a
b0b709a620509154bc6d7b4e66d0a7daa7fd8ce23d1e104d80128ea3d0bb54e7
d22d616255b3cceff0fbcaba98083f5fda8be951287fb1d1c207fd1887889b2f
daf17fbf2bfcfaa2dafb6470a5da0054eb61ab5b44cd8cbbf22f8819f3c432db
db8cf1f5651a44b443a23bc239b4215dcfd0a935458f9d17cb511b2c33e0c3b9
dfa093364bf809f3146c2b8a5925f937cc41a99552ea3ca077dac0f389caa0da
e05a4b7b889cba453f02f2496cb7f3233099b385fe156cae9e89bc66d3c80a7f
ef15ee0511c2f9e29ecaf907f3ca0bb603f7ec57d320ba61b718c4078b864824
f8472b1385ed22897c99f413e7b87a05df8be05b270fd57a9b7dd27bed9a79a6
fcd8f8647a1d5e08446a392cc6c69090c00714d681c4fa258656e12cd4f80c2e