e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef

Analysis

max time kernel
42s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
22/09/2022, 05:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
Size

5.8MB
MD5

31d6acd296ad54208527e195a1c2db0a
SHA1

c92ee848960eef08708859f8fa8dd4fe431dc742
SHA256

e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef
SHA512

0f35a784b61669cda8bdd9ced33356cacb178c2b31bfb522ef7bdea6ef71adea7ffa3a21f20e19d141dd6a14a5412b6cd9347312fce73d9a7529ce8c0a30c5d9
SSDEEP

98304:XpJEc6GEXXNMhivux9airoiAnIB1C8bYwJwzN/SFUqGMtuDbJ6:XuGEnNMhxrQtn01C8raN6FPGQuDbJ6

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 8 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\Temp\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\PlugIns\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\PlugIns\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\conn\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\conn\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\Temp\Desktop.ini	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-6-1.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\雪花.swf	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\Temp\Xxjs_SetDrive.BAT	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\conn\Xxjs_Global_Value.FC	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-2.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image043.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image057.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image066.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\__tmp_rar_sfx_access_check_7078342	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-5.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-6.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-2-6.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-5-6.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image027.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image056.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\BotBG01.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\iZoomOut.png	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-2-2.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-5-1.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\pj2.gif	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image023.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image047.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\Xxjs_Choice.ICO	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-4.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.CFG	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-12.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-8.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-3-2.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image064.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\ExerReset.png	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-3.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\灯笼.swf	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image044.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.BAT	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-8.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image046.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\pj1.gif	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\iZoomIn.png	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\conn	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-4-4.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.TK	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\第五章	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\PlugIns	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\image\iZoomOut.png	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-6.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image064.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\第五章\第1节\第一节交通运输方式和布局.doc	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\第五章\第2节\第2节交通运输布局变化的影响.ppt	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\第五章\第2节\第2节交通运输布局变化的影响.ppt	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\ExerSubmit.png	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\user.gif	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-5-5.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\第五章\第1节\第1节交通运输方式和布局.ppt	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\conn\Xxjs_Page_Student.FC	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-5-2.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-5-6.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image048.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-1-2.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\2-3-3.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File opened for modification	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image022.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\img\image033.jpg	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\blue.JPG	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
File created	C:\Program Files\XxjsChoice\信息技术与学科整合\image\green.JPG	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Kills process with taskkill 1 IoCs

evasion

pid	Process
1400	taskkill.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3845472200-3839195424-595303356-1000\Software\Microsoft\Internet Explorer\Main	mshta.exe
Key created	\REGISTRY\USER\S-1-5-21-3845472200-3839195424-595303356-1000\Software\Microsoft\Internet Explorer\Main	mshta.exe

Runs net.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1400	taskkill.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 1212 wrote to memory of 956	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	27
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 956 wrote to memory of 1400	956	mshta.exe	28
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 1212 wrote to memory of 708	1212	e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe	32
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 708 wrote to memory of 1824	708	mshta.exe	33
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 1824 wrote to memory of 316	1824	cmd.exe	35
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 776	316	cmd.exe	36
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 316 wrote to memory of 1428	316	cmd.exe	37
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1824 wrote to memory of 1988	1824	cmd.exe	38
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1620	1988	cmd.exe	39
PID 1988 wrote to memory of 1612	1988	cmd.exe	40

C:\Users\Admin\AppData\Local\Temp\e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe
"C:\Users\Admin\AppData\Local\Temp\e92fee641601183e526559797cf6db409215d2421522da4542f1fbe04cef2cef.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:1212
- C:\Windows\SysWOW64\mshta.exe
  "C:\Windows\System32\mshta.exe" vbscript:createobject("wscript.shell").run("C:\Windows\System32\taskkill.exe /f /im OneLoupe_uc.exe /im POWERPNT.EXE",0)(window.close)
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of WriteProcessMemory
  PID:956
- - C:\Windows\SysWOW64\taskkill.exe
    "C:\Windows\System32\taskkill.exe" /f /im OneLoupe_uc.exe /im POWERPNT.EXE
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:1400
- C:\Windows\SysWOW64\mshta.exe
  "C:\Windows\System32\mshta.exe" vbscript:createobject("wscript.shell").run("""C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.BAT""",0)(window.close)
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of WriteProcessMemory
  PID:708
- - C:\Windows\SysWOW64\cmd.exe
    cmd /c ""C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.BAT" "
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1824
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c subst|find "\:"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:316
    - - C:\Windows\SysWOW64\subst.exe
        
        subst
        5⤵
        
        PID:776
    - - C:\Windows\SysWOW64\find.exe
        
        find "\:"
        5⤵
        
        PID:1428
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c net use|find ""
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1988
    - - C:\Windows\SysWOW64\net.exe
        
        net use
        5⤵
        
        PID:1620
    - - C:\Windows\SysWOW64\find.exe
        
        find ""
        5⤵
        
        PID:1612

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\XxjsChoice\信息技术与学科整合\Xxjs_Choice.BAT

Filesize
1KB

MD5
5480c4985a8dadb6505caa61d662dc10

SHA1
1c7ecdc9269644b62350cc45736e46ebbd1a2b16

SHA256
5a92926cd685e21a57be43432eff26050cac8dd5440b30978191191089a9e9a4

SHA512
e56d3577199eff1e55d481a910a136794da56b4b72f104809751176f9865ac6a91d36bf445e187cf76f63ba1066d89a7f254b834ae68b710ee90e70208fa9540

Download Submit
memory/1212-54-0x0000000075E11000-0x0000000075E13000-memory.dmp

Filesize
8KB

Download