IPS Threat Content Update Release Notes 103.0.0.336
IPS Threat Content Update Release Notes 103.0.0.336
Refer to the following summary of signatures deployed on 25 thApril, 2023 with the IPS content release:
- Signatures added: 104
- Signatures modified: 01
- Signatures removed: 1049
Signatures Added
| SID | Description | Reference |
|---|---|---|
| 150584 | MALWARE-CNC HTML.js.generic malware traffic detected | No Reference |
| 150585 | MALWARE-CNC HTML.js.generic malware traffic detected | No Reference |
| 150586 | MALWARE-CNC APT.PENCILDOWN.Check-in traffic detected | No Reference |
| 150587 | MALWARE-CNC APT.Hangmanv2.beacon traffic detected | No Reference |
| 150588 | MALWARE-CNC APT.Hangmanv2.beacon traffic detected | No Reference |
| 160106 | FILE-PDF Adobe Acrobat out-of-bound write attempt | CVE-2023-26395 |
| 160107 | FILE-PDF Adobe Acrobat out-of-bound read attempt | CVE-2023-26397 |
| 160108 | FILE-PDF Adobe Acrobat improper input validation attempt | CVE-2023-26405 |
| 160109 | FILE-PDF Adobe Acrobat improper access attempt | CVE-2023-26408 |
| 160110 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26417 |
| 160111 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26418 |
| 160112 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26419 |
| 160113 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26420 |
| 160114 | FILE-PDF Adobe Acrobat Integer underflow attempt | CVE-2023-26421 |
| 160115 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26422 |
| 160116 | FILE-PDF Adobe Acrobat Use-After-free attempt | CVE-2023-26423 |
| 160117 | FILE-PDF Adobe Acrobat out-of-bound read attempt | CVE-2023-26425 |
| 61276 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61278 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | CVE-2017-0143 |
| 61280 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | CVE-2016-0099 |
| 61282 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | CVE-2016-7255 |
| 61284 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Zerologon download attempt | CVE-2020-1472 |
| 61286 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61288 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PrintNightmare download attempt | CVE-2021-1675 |
| 61290 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit JuicyPotato download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61294 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61296 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61298 | MALWARE-TOOLS Win.Tool.WinPWN Disk Cleanup UAC bypass module download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61300 | MALWARE-TOOLS Win.Tool.WinPWN amsi module download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61302 | MALWARE-TOOLS Win.Tool.WinPWN adpass module download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61319 | MALWARE-TOOLS Win.Tool.WinPWN toolkit download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61323 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit TeamViewerDecrypt download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61325 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit SpoolerScan download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61327 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PowerUpSQL download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61329 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-Vulmap download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61331 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SMBNegotiate download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61333 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpPrinter download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61335 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpLdapRelayScan download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61337 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-PowerDump download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61339 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-LdapSignCheck download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61341 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-HandleKatz download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61343 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-EventLogParser download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61345 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-DotNetServices download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61347 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-ChromeDump download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61349 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Find-Fruit download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61351 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit BlueKeep scanner download attempt | CVE-2019-0708 |
| 61353 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit ADRecon download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61355 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt | github.com/s3cur3th1ssh1t/winpwn |
| 61389 | MALWARE-OTHER Win.Malware.Agent malicious PowerShell script download attempt | No Reference |
| 61431 | OS-WINDOWS Microsoft Windows Scripting Language remote code execution attempt | CVE-2022-41128 |
| 61436 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt | No Reference |
| 61438 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt | No Reference |
| 61440 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt | No Reference |
| 61442 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt | No Reference |
| 61472 | SERVER-WEBAPP Apache OFBiz XMLRPC unsafe deserialization attempt | CVE-2021-26295 |
| 61473 | MALWARE-CNC Win.Trojan.BlackLotus variant outbound connection | www.virustotal.com/gui/file/1f43703d2171ab90e98357b6dfdf824417baa191a59419c27fce42cbafdb7ecf |
| 61479 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt | CVE-2023-23397 |
| 61482 | MALWARE-OTHER Win.Backdoor.MQsTTang variant download attempt | www.virustotal.com/gui/file/2139e3df912887b34b4d59fca098a8d511ea10530d7168b280acca844513ffad |
| 61485 | SERVER-WEBAPP FLIR AX8 Camera command injection attempt | CVE-2022-37061 |
| 61486 | SERVER-WEBAPP FLIR AX8 Camera command injection attempt | CVE-2022-37061 |
| 61488 | OS-WINDOWS Microsoft Windows Secure Boot bypass attempt | CVE-2022-21894 |
| 61489 | MALWARE-CNC Win.Ransomware.Mallox variant outbound connection | www.virustotal.com/gui/file/6c743c890151d0719150246382b5e0158e8abc4a29dd4b2f049ce7d313b1a330 |
| 61492 | MALWARE-OTHER Win.Ransomware.Mallox variant binary download attempt | www.virustotal.com/gui/file/6c743c890151d0719150246382b5e0158e8abc4a29dd4b2f049ce7d313b1a330 |
| 61493 | MALWARE-CNC Php.Webshell.Agent outbound connection | www.virustotal.com/gui/file/4c76d625291385bb266a382b6d1e6dfeb902b8253d58d238d1f5852d8d8e7f62/detection |
| 61494 | MALWARE-CNC Php.Webshell.Agent outbound connection | www.virustotal.com/gui/file/4c76d625291385bb266a382b6d1e6dfeb902b8253d58d238d1f5852d8d8e7f62/detection |
| 61495 | MALWARE-OTHER Ps1.Malware.Powercat shell download attempt | No Reference |
| 61497 | MALWARE-OTHER Ps1.Malware.Powercat shell download attempt | No Reference |
| 61506 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt | CVE-2023-23397 |
| 61507 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/07714027ad574f7c2bc667b85d514fe5cac90e64a3690c21d565e86ab0c56ff5 |
| 61508 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/304d569374625857323cae7ce6a1a4bb56b32a3a0d5fdb7d4a9e7392c3f56fb3 |
| 61509 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/304d569374625857323cae7ce6a1a4bb56b32a3a0d5fdb7d4a9e7392c3f56fb3 |
| 61510 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/e9e13dd4434e2a2392228712f73c98ef |
| 61511 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/2a7595263ad22157a8b507a275508b9d28b7293b6606386859920c4207a40b00 |
| 61512 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/a373f33b4e80d47bb622302b1792b97a20b94df0563b54143efb4f00e07bd78e |
| 61513 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection | www.virustotal.com/gui/file/3b45e5bdc2ede079fa4f271e70325c63fd86eef044f3de1ed4d09f16b1692d3d |
| 61518 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt | www.virustotal.com/gui/file/c607c4fb9d2620497936172d93a5180e6fb77be5311169e2c3003909c30a0542 |
| 61520 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt | www.virustotal.com/gui/file/02c809c3dd49ccbecc9cf4689b29b1e485ea6c9bfe08b237c0e9dca17b840715 |
| 61522 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt | www.virustotal.com/gui/file/02c809c3dd49ccbecc9cf4689b29b1e485ea6c9bfe08b237c0e9dca17b840715 |
| 61525 | SERVER-OTHER FortiOS SSLVPNd Content-Length memory corruption attempt | CVE-2022-42475 |
| 61528 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt | www.virustotal.com/gui/file/e14ee6302076a2bb9e5634407500757319d5de9c45305ec6269120b7283b24cf |
| 61530 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt | www.virustotal.com/gui/file/caaea7ec83956a823420a78dec430fddb5db65d9fa4bc6555659b9b0c05c817a |
| 61531 | SERVER-WEBAPP Sophos Firewall remote code execution attempt | CVE-2022-3236 |
| 61533 | MALWARE-OTHER Win.Trojan.Typhon variant download attempt | www.virustotal.com/gui/file/2d72877dc9c873a127599090b11b2fffaa74adc0cc268fec48d802307715c500 |
| 61539 | MALWARE-OTHER Win.Trojan.Rhadamanthys variant payload download attempt | www.malware-traffic-analysis.net/2023/01/03/index.html |
| 61551 | MALWARE-BACKDOOR Win.Backdoor.Chollima shellcode runner download attempt | www.virustotal.com/gui/file/c485674ee63ec8d4e8fde9800788175a8b02d3f9416d0e763360fff7f8eb4e02 |
| 61553 | MALWARE-BACKDOOR Win.Backdoor.Chollima obfuscated .ico download attempt | www.virustotal.com/gui/file/c485674ee63ec8d4e8fde9800788175a8b02d3f9416d0e763360fff7f8eb4e02 |
| 61555 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt | CVE-2023-21768 |
| 61557 | MALWARE-OTHER Win.Trojan.Agent variant download attempt | www.virustotal.com/gui/file/261435b9b2425b8ac2524dd38cf138a951873da88dc573528a7ddcdc5f24088c |
| 61559 | MALWARE-OTHER Win.Trojan.Emotet variant download attempt | www.virustotal.com/gui/file/1044db55e15ce9e106a5bbf4d22597de9851b8bb3b8a5d26b956efed106762a6 |
| 61561 | MALWARE-OTHER Win.Trojan.Agent variant download attempt | www.virustotal.com/gui/file/158bf7fd3e9d628c84022af880a013704cdba6e5ac4756f6a1326246b83d0b9b |
| 61563 | MALWARE-OTHER Win.Trojan.Agent variant download attempt | www.virustotal.com/gui/file/07e20aae3c59310b82e356739bd267cc8378a19e2fb9f7c76072bb74a043be88 |
| 61569 | MALWARE-OTHER Win.Trojan.XLoader variant download attempt | www.virustotal.com/gui/file/79823e47436e129def4fba8ee225347a05b7bb27477fb1cc8be6dc9e9ce75696 |
| 61571 | MALWARE-OTHER Win.Trojan.AgentTesla variant download attempt | www.blackberry.com/us/en/solutions/endpoint-security/ransomware-protection/agent-tesla |
| 61583 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt | www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a |
| 61585 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt | www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a |
| 61587 | MALWARE-OTHER Win.Ransomware.Royal variant download attempt | www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a |
| 61588 | MALWARE-CNC Win.Ransomware.Royal variant outbound connection attempt | www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a |
| 61590 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt | www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a |
| 61605 | FILE-OTHER Node.js vm2 prepareStackTrace sandbox escape attempt | CVE-2023-29017 |
| 61606 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt | CVE-2023-28274 |
| 61609 | BROWSER-CHROME Google Chrome URLLoader NotifyCompleted use-after-free attempt | CVE-2022-3038 |
| 61611 | OS-WINDOWS Microsoft Windows CD-ROM file system driver remote code execution attempt | CVE-2022-38044 |
| 61616 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt | CVE-2023-23218 |
| 61617 | OS-WINDOWS Microsoft Windows graphics component elevation of privilege attempt | CVE-2023-24912 |
Signatures Removed
Removed the following signatures as they were more than ten years old:
| SID |
|---|
| 12014, 52469, 26021, 26025, 37799, 27618, 27615, 27613, 26629, 26569, 40459, 24702, 25393, 20736, 25540, 36308, 36307, 21937,10390, 10393, 10395, 24864, 37293, 28429, 28424, 50884, 19103, 25043, 25044, 24888, 44031, 23836, 23834, 17398, 28873, 21292, 14643, 14645, 18546, 33525, 15118, 24637, 29128, 26600, 21661, 26540, 26541, 24769, 19257, 43337, 43335, 25387, 25386, 25383 |
| 25389, 25388, 25563, 27061, 25569, 25568, 7942, 19156, 26834, 21438, 18706, 26806, 21875, 21874, 21876, 26066, 26068, 37507, 33548, 23059, 21539, 18282, 26668, 26664, 26526, 26294, 26295, 26296, 26297, 10147, 25366, 20843, 26851, 38015, 31538, 31535, 20072, 34857, 28286, 23225, 16452, 19262, 24860, 23278, 25772, 25773, 25771, 25776, 25777, 25775, 43765, 43767, 43763, 27822 |
| 43642, 27842, 27843, 27841, 27845, 30037, 26508, 26509, 23612, 15540, 43377, 43375, 27889, 27885, 27883, 27271, 42422, 52306, 29640, 20820, 19444, 21801, 24125, 33623, 26878, 33622, 26871, 26876, 30217, 29061, 28911, 27040, 27041, 20880, 27154, 18244, 43298, 43742, 43746, 44044, 26036, 13321, 26033, 26495, 24649, 26687, 29183, 33588, 33584, 28589, 28581, 28585, 45183, 29526, 29524, 16566, 13903, 33982, 43362, 22092, 22093, 22090, 22091, 28356, 22094, 15703, 15707, 26125, 26129, 21070, 30240, 41718 |
| 41719, 15693, 29049, 29512, 27545, 26339, 26338, 26337, 27548, 13905, 27882, 27880, 27881, 21764, 28428, 28358, 28354, 25302, 25301, 21159, 27886, 26100, 36501, 45177, 41730, 29535, 21524, 29538, 29023, 40281, 29024, 29025, 20031, 26351, 26350, 26355, 26357, 26356, 26359, 26358, 24054, 25466, 25462, 25461, 24840, 24212, 13960, 13961, 13967, 13964, 13965, 23181, 25676, 26882, 7502, 16601, 21291, 21293, 26163, 21353, 24188, 36527, 29551, 27691, 28973, 28972, 28202, 26377, 23842, 23840, 25449, 7864 |
| 10142, 10145, 10148, 26973, 20593, 24231, 24232, 24233, 28568, 19008, 30528, 27766, 46912, 16668, 25611, 43519, 43516, 43515, 24970, 21069, 24904, 18097, 23288, 23289, 23285, 23286, 28339, 28338, 25136, 25138, 25139, 6681, 6684, 6686, 28335, 16347, 28337, 21259, 44131, 24546, 24547, 24544, 14033, 28502, 28506, 28504, 28505, 14262, 33627, 30503, 30505, 30504, 28341, 27702, 28430, 27706, 31104, 31103, 15094, 15460, 9423, 9422, 20444, 30990, 28866, 28862, 24841, 27132, 27133, 27131, 27136, 27135 |
| 21896, 21099, 24761, 28791, 21272, 45246, 28523, 18188, 18187, 23125, 23124, 23127, 23121, 23123, 23122, 25988, 25984, 16001, 24638, 26185, 43550, 43551, 25385, 17578, 24964, 24965, 24966, 24967, 24960, 24961, 24962, 24963, 24968, 24969, 45181, 18405, 24037, 24353, 24351, 24357, 28843, 28845, 21935, 21078, 21071, 7944, 25293, 28544, 18216, 28902, 26884, 26883, 26888, 8416, 36813, 15462, 24658, 24653, 28108, 17557, 27908, 25234, 18957, 20600, 8369, 7009, 53459, 21044, 30155, 30157, 30150, 30153 |
| 30159, 16044, 26221, 16543, 26343, 26223, 26222, 26225, 26224, 26227, 26226, 27067, 16024, 26419, 24673, 24675, 25784, 25788, 45491, 21549, 24063, 23294, 25808, 25805, 25806, 15238, 24187, 22041, 22040, 22042, 20780, 20781, 17075, 36661, 29453, 29450, 33634, 33630, 15531, 9849, 44046, 23146, 28496, 28490, 28492, 26430, 26434, 25392, 25275, 25270, 17260, 17220, 27220, 24057, 15191, 20999, 14611, 14613, 21658, 22038, 22039, 51393, 16506, 44305, 12614, 12612, 23302, 26599, 21902, 43674, 20767, 17166 |
| 23015, 7958, 18904, 28307, 28308, 28309, 28160, 16151, 21045, 25078, 25786, 26013, 21897, 26844, 23625, 37810, 27829, 28525, 11826, 27824, 27620, 27621, 27820, 28204, 19713, 19714, 50643, 22003, 17654, 21299, 21943, 28231, 26808, 26805, 26807, 29580, 28361, 13830, 50892, 8055, 31540, 23275, 23274, 23277, 23276, 24957, 28989, 24956, 44978, 27171, 26384, 26383, 16654, 26038, 26039, 26030, 26031, 24090, 14657, 27547, 27546, 27544, 27608, 27605, 27606, 27607, 26636, 26634, 26638, 29625, 17631, 13525 |
| 10144, 15506, 15505, 24548, 28439, 28340, 28342, 28343, 36812, 36811, 33088, 20842, 27832, 27831, 27835, 27839, 29754, 28332, 15107, 15100, 29130, 31485, 26617, 23060, 26535, 26537, 26536, 26539, 26538, 23396, 28881, 28880, 10154, 25390, 28158, 24234, 20704, 26875, 26843, 26845, 26847, 26849, 12269, 23797, 28413, 27082, 27083, 27080, 27081, 12474, 43678, 21508, 25769, 21640, 21646, 21869, 25795, 26070, 25790, 16382, 30005, 44217, 30001, 27858, 27852, 27854, 27856, 15126, 15120, 26988, 31716, 26982 |
| 37650, 30006, 30004, 28498, 30008, 30009, 23297, 23292, 23009, 26511, 28600, 28464, 28466, 28468, 26869, 16667, 33571, 28472, 28470, 28474, 28475, 30007, 23219, 31534, 12417, 31038, 31039, 44283, 27837, 27143, 27142, 27147, 27144, 17519, 43778, 24839, 21665, 21666, 26099, 26096, 26094, 26095, 26090, 17422, 25128, 38277, 25127, 25126, 25125, 27870, 27879, 23222, 23220, 33592, 21953, 26653, 28591, 28621, 24793, 43342, 25681, 22080, 22085, 22087, 22086, 27265, 25538, 26220, 26135, 26134, 26132, 21307 |
| 37828, 10151, 58615, 58617, 58616, 25129, 18307, 36498, 18300, 19263, 19264, 29054, 29503, 24862, 27814, 19217, 27208, 27898, 27895, 27897, 27896, 27893, 27892, 23144, 23143, 28491, 15164, 28597, 28029, 13269, 17363, 28494, 23957, 29579, 42412, 52335, 7938, 27084, 21141, 37151, 20814, 46913, 17588, 30754, 15901, 44048, 41720, 29520, 29034, 29036, 21457, 26753, 43731, 43738, 3632, 17462, 21800, 44729, 26867, 29796, 26927, 24201, 24204, 23287, 12762, 3079, 28478, 21340, 20431, 26641, 22101, 26342 |
| 26341, 26346, 26344, 26345, 26348, 27156, 27150, 27151, 25453, 25451, 25454, 21346, 15872, 21344, 18286, 18280, 24226, 28579, 28577, 28575, 31686, 13950, 8058, 29448, 27750, 25384, 23996, 23999, 18245, 26489, 26157, 26159, 26158, 25590, 25591, 18067, 23295, 26360, 26361, 26362, 26363, 26365, 27148, 44130, 25123, 25121, 21668, 10153, 10150, 21664, 21667, 9625, 49864, 14270, 30533, 28205, 17311, 23609, 29605, 29602, 24959, 24958, 21790, 21791, 13459, 30506, 21792, 20659, 19246, 21794, 39763, 21796 |
| 23145, 31580, 31581, 31584, 20131, 28236, 27129, 16359, 49846, 26873, 21901, 21900, 21903, 21905, 21904, 21906, 18170, 27716, 9640, 29624, 23489, 15147, 24593, 31821, 26197, 26196, 26195, 13470, 13472, 21301, 20900, 18671, 30165, 30161, 21505, 24024, 21507, 21506, 24020, 24022, 21509, 24028, 21305, 15489, 28252, 28703, 21308, 19102, 27894, 27127, 27126, 28876, 28875, 27102, 27100, 26666, 16371, 27042, 18197, 18193, 29641, 31623, 21657, 4154, 37801, 15083, 15082, 7016, 7014, 7015, 7013, 27697, 27696 |
| 25831, 28854, 27072, 21068, 26252, 26253, 14035, 18200, 26898, 31609, 31608, 23116, 23117, 23118, 24665, 24662, 24661, 17128, 17548, 37966, 45178, 45171, 16153, 26137, 20831, 20835, 16155, 53460, 16157, 24065, 41450, 21302, 35731, 15192, 25815, 25818, 23300, 23303, 23305, 22077, 16339, 27865, 27869, 26232, 26233, 6509, 17687, 17686, 17685, 17689, 17688, 43622, 49482, 25294, 33629, 33628, 33626, 33625, 33624, 44148, 29623, 44146, 18527, 37802, 18301, 28482, 28334, 28489, 28336, 28331, 28333, 26421 |
| 29182, 16032, 28151, 17236, 28521, 25792, 23142, 17216, 17217, 36884, 27612, 44281, 3552, 29988, 3149, 23126, 27656, 27137, 18296, 28580, 16586, 28587, 35747, 26216, 26217, 26218, 26219, 23211, 21798, 21799, 21793, 24501, 21899, 21898, 13573, 43649, 20779, 20778, 20777, 19809, 15428, 27071, 21097, 31645, 16366, 20279, 23158, 28310, 23157, 18262, 15090, 29445, 26000, 26008, 25320, 29821, 19216, 27888, 27188, 25972, 27887, 21006, 22079, 22075, 22076, 17399, 17642, 19894, 7896, 44670, 15098, 18066, 21504, 21096, 13828, 7928 |
