hxxps://clck[.]ru/32a8Um

Analysis

max time kernel
101s
max time network
104s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04/11/2022, 19:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://clck.ru/32a8Um

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 58 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Toolbar	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000975fab978604b14697eb522259e91a1000000000020000000000106600000001000020000000e87c049194756cb293cfb84992369c5066ef75e0236ee97827afe9af7c475a87000000000e80000000020000200000000aa4a6f0e115bbab50b95d655e3979cdcc77291c8d081b0bb6067c90d8756baa200000006bd6e734615486cd99c604c6d0f72f6464d9e8c09ba4340299b32c4fbfdff26840000000c35550a39304920f9cf3712821b27af3bfa6d3c10c9c1f7dded19d40e794195e8a9f01f0402fcf345a26bb2a45693b58cad6a9fd8410bca89bb5bd6107210d8c	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\DOMStorage\dicsord-nn.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1854880794"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "30994576"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 701cb08f90f0d801	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000975fab978604b14697eb522259e91a1000000000020000000000106600000001000020000000a690b65fabb4c178e3cc302040f330d7db7f705d806685c4d7ea052b6dcc8955000000000e8000000002000020000000208e3f0431c9ccb8f274bf7859b111628415e71505012409a5e29d39fd7c643b2000000093a00ed6779681177bdc0e2bf10673e6e1155c938b78687ff966c0a67610ef3440000000174ff6a09c5e72efdbc5600f3aa93ed4b6ea6d218c169065b46f5d42f361aff5378fb1d2698de02a5ca7dd93007ea122d76212b272aa2111cee95f3fc2e6ca9c	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 5005ac6190f0d801	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{99FBDB1A-5C83-11ED-89AC-520B3B914C01} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1854880794"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "30994576"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\DOMStorage\steamcommunity.com	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\dicsord-nn.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\IntelliForms	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\dicsord-nn.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff3e0000003e000000c4040000a3020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "30994576"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\steamcommunity.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1865193332"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "374360559"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Internet Explorer\IntelliForms\AskUser = "1"	IEXPLORE.EXE

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3700	iexplore.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
3700	iexplore.exe
3700	iexplore.exe

Suspicious use of SetWindowsHookEx 12 IoCs

pid	Process
3700	iexplore.exe
3700	iexplore.exe
4508	IEXPLORE.EXE
4508	IEXPLORE.EXE
3700	iexplore.exe
3700	iexplore.exe
3204	IEXPLORE.EXE
3204	IEXPLORE.EXE
4508	IEXPLORE.EXE
4508	IEXPLORE.EXE
2284	IEXPLORE.EXE
2284	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 3700 wrote to memory of 4508	3700	iexplore.exe	80
PID 3700 wrote to memory of 4508	3700	iexplore.exe	80
PID 3700 wrote to memory of 4508	3700	iexplore.exe	80
PID 3700 wrote to memory of 3204	3700	iexplore.exe	87
PID 3700 wrote to memory of 3204	3700	iexplore.exe	87
PID 3700 wrote to memory of 3204	3700	iexplore.exe	87
PID 3700 wrote to memory of 2284	3700	iexplore.exe	92
PID 3700 wrote to memory of 2284	3700	iexplore.exe	92
PID 3700 wrote to memory of 2284	3700	iexplore.exe	92

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://clck.ru/32a8Um
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3700
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3700 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:4508
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3700 CREDAT:82954 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3204
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3700 CREDAT:17422 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2284

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

Filesize
717B

MD5
ec8ff3b1ded0246437b1472c69dd1811

SHA1
d813e874c2524e3a7da6c466c67854ad16800326

SHA256
e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

SHA512
e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
471B

MD5
109f1fdc227b792d5a67df7a8d515986

SHA1
9db59dd3995952ec922aa5115d4461e3b2243204

SHA256
7d3f8061950f138c5bb30b865b93662cb133b4b1fdaeb347794ac14ebab14149

SHA512
ea5e4428f59d186d6929712918baa8d643d912633f01679e30e7089de51c5362dbc8f87e8cdb1f04d2176156c4ff2cf2583db95b9aa19073d3cb144f5caed4b4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619

Filesize
471B

MD5
fda75a465ab22afc9d720aa5fce6bcc4

SHA1
64d21e993c646d740f7249fd3879bf8bf453b956

SHA256
0eb0a314a283b4c0d975b51d73f0b5e12bd8724d7ac35c7c6ea8ec97f7acbc9d

SHA512
c4fd20a921e81ae748e97624340e44233b954f770f3a5f94e017670ce9bca309435dcbe762700a27771eb9e516a7f1cbd019f4c5a133688c0a738dcacb298ebf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

Filesize
192B

MD5
bdad0158ab6f23632ea90f583da186c5

SHA1
52cab9230e229df349386e5fb57af3443adf67ef

SHA256
e96af7db9d89a3652c12e9c18ad8e25f199fb817ba0fcc6ddcd5957f63808cb7

SHA512
894ee4eebbb005db8a637040b2d8b59ccb393d2be49d8f2785ce7b7733f466031f1fee740a85905d82d4ebc5bf8f02765f48d0710486eea9b2ebc18ba99eb42f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

Filesize
434B

MD5
a9072c1b9fb7a8fdaa10859a0f91b520

SHA1
c955b331f1bebb587d8c4ae85a5112f5c207593e

SHA256
495985b696b1cdd347ae1d95fa9e96d89c1e360b9665dbe9673d6c394f2c64e7

SHA512
9253ca6d42246e28499e0a28390185be650f2158682384f996ab287b0bc3c413d12790a76509c4b6f8ef31a1a6c921445999795153e7795ebbbadf0b2dfc83db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619

Filesize
430B

MD5
aacac4725610e9a4cf0740449f195a16

SHA1
7a420bb6a93dc41a3538425259371066ca211c84

SHA256
f292f74c76d1367f3734d78b73776b682c4405744bf7a016f02012ba8ab0bbb4

SHA512
8d9584c4282860d13b42295fad761e2481054ed8495a3ee8a58fd3b77fdd1d65f2d247693ce8e557aa23c7a760d50cdf2c6c3f72d2252f6c5f41bd19000e5fe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ru1r3yf\imagestore.dat

Filesize
21KB

MD5
b9b96987d991a2f5c8ab6db7f6493c7c

SHA1
7a79d90e1aff691f63bc831d787e009a22dfe09e

SHA256
a860115f0ec74af0d30ebf67571572c1d2fee7006387f03b27e4829c80d5d709

SHA512
3a92e183c3973e731a0ef7a3d286764cc25c22223f663d59865b13189ad61c8f898fec435847077003b6b00841a09e101aef0fadd53dbead551f0130ee206b54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ru1r3yf\imagestore.dat

Filesize
23KB

MD5
22fc0599a5deab8fd294661cafb9ccbf

SHA1
a0dc68d6a1d108cf0b4d1e9549a3ba95c2382741

SHA256
218cde74daa17c2d475ab8c0e7a527a9c605d7a17220ec700cf050abb38d2d9e

SHA512
fa3a66a59680afbb9eabd9a7262b05103f828ad6d933a9f8a93a5cc6b60061c51a27f4377f90f76f1bbc2d40c3fc0a0f021cabd44f7193f8cbf9378e5778a0dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ru1r3yf\imagestore.dat

Filesize
61KB

MD5
4961b0d04b9a600502e5c68fc0e39eda

SHA1
9b3c2a7a702c24760e3ba0caa096f0ea4fa798c9

SHA256
6d17c5773da9799dcad97ac558711d1b249f14788963f2b4c2cdfab71453878d

SHA512
82b4f500f2d8b1885ab4ad6876d18fa4bf9099e77b9df13f373e8cb1628301a9b31724426aaca93e05f4e73fcf4842df42b346afaf3bf8701487ea16ff7b89de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ru1r3yf\imagestore.dat

Filesize
99KB

MD5
51baf76ddc4af3d0206d30b7df17ecb3

SHA1
f4f302d2d5abc0b0f6065e99bd3ae665631ce305

SHA256
bed452a9b70f80290a32cec3d328488288236f64fe4e02cfed3424d7e2233e3e

SHA512
03f75a3f7c345da1786fd601fe763e9d2c1e6ad3fc405e4576b960658c70ec4ab1403980ce0d9410ebe5ca6da144a9d91082999b067d35a7019894b7b87be8e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DU2BEY67\code_box[1].png

Filesize
3KB

MD5
9b35da8d0e756c8fe966477376a96112

SHA1
f4981f73f708d549525ca38af1d840515021f8aa

SHA256
a24e4e2eb63ba954b29ceef24b0275c146bb401038970b7ed1a84740347a2017

SHA512
8cbdc696d1bb0aa8406970ab1fe26aff38c5b50418e08059ec1f8d43440cd26e77dcb66b872ecda2f536d1bd1b1178a627d3c00dc77c1f14b9e9893faa797cbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DU2BEY67\friendlyname_box[1].png

Filesize
3KB

MD5
3fa20fede81cc82c0a408c535a811e73

SHA1
5c622f19b5575db2a727871fd56a05982207483e

SHA256
f94aaaf710c8d482506cea727c5e55b161576367e9890bfb2a8acc45ac7178ee

SHA512
e727d6abb8a6efca4ff5a73ac41df5b1d926a435779fc74743b83ee5bdffdcf9a8d3b3b16eb5fcd21086351521cd0f1c9ef7f6b3a26bd457697d4844849bc53c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DU2BEY67\header_logo[1].png

Filesize
10KB

MD5
a4e79c73ee13cb25b60fc4b0ba1f690c

SHA1
b690c31b2eb1b0eb085e91aaae7e79f03debe7c1

SHA256
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

SHA512
aad423119f410a655f0aa475d2fe692087d7262c3986ce71347981c5b60f6a10031d7050bf9b9aee4e7d84d814f0b8883c964028fcbe14ed3464602f3ba6cec3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DU2BEY67\header_menu_hamburger[1].png

Filesize
3KB

MD5
eabc76eb57feae44add7faead028521e

SHA1
4e3e53938fad15661d2d046a868338841a95db19

SHA256
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

SHA512
5c6da6eeefddf321c2bc7e39a134e0a3140a9f93ad1560b2e102ef60ec218c29aae14ed344c79e25cc5493cd15551040d8c909de28dcab02034d787563104e07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\DU2BEY67\logo_steam[1].svg

Filesize
3KB

MD5
b7a7e43284e2ffe806ac1bc27c1f6a87

SHA1
e8196489e2ae99ec6eb33995b5a3e108d6e44de0

SHA256
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

SHA512
757e4f382a864cac9f975220c28586f5ea415b2e2215375c1a47e011a9190fcd15313d399007539f150a6df0378b8f2022ac88e995693ab03a9f5656bfe40832

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-Bold[1].ttf

Filesize
120KB

MD5
6168553bef8c73ba623d6fe16b25e3e9

SHA1
4a31273b6f37f1f39b855edd0b764ec1b7b051e0

SHA256
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

SHA512
0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-Light[1].ttf

Filesize
119KB

MD5
d45f521dba72b19a4096691a165b1990

SHA1
2a08728fbb9229acccbf907efdf4091f9b9a232f

SHA256
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

SHA512
9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-Medium[1].ttf

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-RegularItalic[1].ttf

Filesize
132KB

MD5
7bc1837717cdc49c511ebdd0e75122a2

SHA1
d31e0df252328b946984c6bde94f7b2f7c72d964

SHA256
97c39175b9c8c46a5f2be987c00be2ef556421fcdada1ed3b327c50cc36cc78b

SHA512
53b31bdecde75e8f50f82db69728f6f831d6a3452062ac6e419f9369ffe88f0ea6ace3a501d89501ff86fe47e05900ed5b482221d215898e28a0a4bb1f1b6a85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-Regular[1].ttf

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\MotivaSans-Thin[1].ttf

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G9LDH5FK\footerLogo_valve[1].png

Filesize
3KB

MD5
1626f52addb7c56fe3679d82108c62e9

SHA1
2b414092d66ecff528950093a655f755c3c7f3b5

SHA256
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1

SHA512
05548831477cc421556c404f3411f581e98a84ff2e699882cb4f5dca17d1c5f77b55ed2b8211eec32d0a4317be1c4ebc636277f840262491b753415f6f198276

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GMQ6XNBF\MotivaSans-Black[1].ttf

Filesize
117KB

MD5
4f7c668ae0988bf759b831769bfd0335

SHA1
280a11e29d10bb78d6a5b4a1f512bf3c05836e34

SHA256
32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1

SHA512
af959fe2a7d5f186bd79a6b1d02c69f058ecd52e60ebd0effa7f23b665a41500732ffa50a6e468a5253bb58644251586ae38ec53e21eab9140f1cf5fd291f6a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GMQ6XNBF\MotivaSans-BoldItalic[1].ttf

Filesize
131KB

MD5
e77ef961fe37dd8e6de30d4f7fa9a4de

SHA1
567327935ae2bb3de45e7f612f2d05273a999584

SHA256
6f93f21bc1ecc2d1c24fa2268aafad7f9e76836bb95aa76adda9307caad51c64

SHA512
2b432cf2d448026ff12634d605d9eb52ab6d285ea3cb437031b0427bb933b0aba40c416c0f102a39ec4a267ae2396b4da414048adc360780508281fc454462de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GMQ6XNBF\MotivaSans-LightItalic[1].ttf

Filesize
130KB

MD5
07247cbd12d4e4160efd413823d0def8

SHA1
517a80968aa295d0a700a338c22ba41e3a8b78a7

SHA256
41464efd9a32a5967b30addc21fe16cd0a35870fda56658b531a9a2434b4d829

SHA512
27e0e7505d41891e70bd06733f96e82e45061d621a1d20bbc524fc89c5406a799cf53d98c0fa256cb4ebfc19750c9a05531a8d273cebc260d48948edffdf6244

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\S58XVZL8\logo_valve_footer[1].png

Filesize
1KB

MD5
574c350c7b23ae794d5276f8580e0838

SHA1
235c7b35c3468f8915eca01f7abdb43d34079609

SHA256
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

SHA512
f1f2d7b6fa49e9241f2b88560127eb2871f66123c2f9de45b257750cf13e6ebb32a9d85d87aada6a99838a2f3c5412540065cbab398760a50f15aae3a759f9f7

Download Submit