hxxp://www[.]qamardesigns[.]se/ramadanmaterial[.]html

Analysis

max time kernel
119s
max time network
134s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
21/03/2023, 07:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://www.qamardesigns.se/ramadanmaterial.html

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2524056082"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.qamardesigns.se\ = "54"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "1818"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "1818"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.qamardesigns.se\ = "1818"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "386153744"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "36"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\TypedURLsTime	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url3 = "https://login.aliexpress.com/"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url6 = "https://twitter.com/"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "18"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "36"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.qamardesigns.se\ = "36"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url5 = 0000000000000000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{C182288C-C7C5-11ED-9EF6-5A0CB913B9C1} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "18"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "1751"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31022034"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url2 = 0000000000000000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url1 = "https://www.qamardesigns.se/"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url1 = 71a11893d25bd901	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url3 = 0000000000000000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\IESettingSync	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "54"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe30000000002000000000010660000000100002000000029557a60cc99cdd8b447d76a3c1cf92074202c8c1efd0194427a662b21d4fc4f000000000e8000000002000020000000956deff242eb1cb16c9ec7155edffa04bb2dc46f134e919d5b705192481417fc20000000ee721a30d8da6efbf26178897e326f0bca94b94f04c9c2b76f7b35250eb3b15140000000622daeb25bda59e354170e89206daff3f4fda2ae99099076da71897b585249657ef72b5176d6dead0dfac39a7ca1ede15b23af8f5a0c909c3e9411b40f338a22	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2533576237"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\qamardesigns.se\Total = "54"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url4 = 0000000000000000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.qamardesigns.se\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "6"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe3000000000200000000001066000000010000200000005345c345dd48a7dde041503f0494caf70d834bb24adc854ed26a551a215d093e000000000e800000000200002000000044d73eb928efe4b38ac5843a2e4786052067bbf60d90426eb909bafa12d7c64e200000002a434c9657b5ff0d67ab179b4245562895436ceac80b94337b902681d43a0bdb400000003fb8e15eeb63f30fd12ed951439aad314103faccc16c62c554b039b499b9601640f96400e859cc83b8ad6de3c4cb3bcc4707f5a4f1e6941fbfbc082709d61357	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url4 = "https://signin.ebay.com/ws/ebayisapi.dll"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50280097d25bd901	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 904814a5d25bd901	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url2 = "https://www.facebook.com/"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url6 = 0000000000000000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "6"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4028	iexplore.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
4028	iexplore.exe
4028	iexplore.exe
608	IEXPLORE.EXE
608	IEXPLORE.EXE
608	IEXPLORE.EXE
608	IEXPLORE.EXE
4028	iexplore.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4028 wrote to memory of 608	4028	iexplore.exe	86
PID 4028 wrote to memory of 608	4028	iexplore.exe	86
PID 4028 wrote to memory of 608	4028	iexplore.exe	86

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.qamardesigns.se/ramadanmaterial.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4028
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4028 CREDAT:17410 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:608

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\5ZKIOBVF\www.qamardesigns[1].xml

Filesize
2KB

MD5
95e76c62dc9933acb7d744d1fb870eb2

SHA1
78dc3c280827de1d4a11a48a0499fc14ba5ae045

SHA256
9bddbfca8169d6aac3d71b99c66e93894d4f049100c1ccdff934da701e1364be

SHA512
5d1c69b848c2618f92667c9c3b43c70f630498f2f3877f9eaa0840a60bf653fc17ceab54f859bbcdef05d434426916f3cfaa867c3b6b7d632f70c2c6455dbfce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat

Filesize
4KB

MD5
5e195db9d97e2d160dd028817e75763b

SHA1
92a3d701102755f4387799205ff3591b4c8f458b

SHA256
b23aebe3e980f93cbf7c0f8683d123bdc06a7adfa7d1f28028f8bbfa25230398

SHA512
abbf8d34a34341de855d106b3910fced29ee15433a05011c92e73e36080416c703ca9d53f83bf3d51c7736fa05fb392397fa064a0902c2d3fdd3ac9434670925

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\commerce-core[1].js

Filesize
61KB

MD5
aaf1f633c5e7db46df41f9cc3492cf49

SHA1
d6388250e390b10f330c539d7e695605c906a82e

SHA256
c92cb0522b1d208dc559aa35f8a3c3ce7b922ab57a5475691ef9b13e453d912a

SHA512
b56cb7a3e6e51cd3d9e0a7dc604976b71cbbe0d6c605e39281767481979f2b13fa2c0a6160a69ff66b8360d17872e19184c4cc0e1b9b9be398f84401337e4dd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\fancybox[1].css

Filesize
3KB

MD5
1dcebbb5a1eb8b028310ceeb72a339b3

SHA1
e254b7a35ac189fd1ce9cf8bd78593bebfe27d7d

SHA256
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

SHA512
1fe84409ec4feaf49c31208668d29f215ea8136ea49134171f4a930963745031520068c0e17783ee557fae24590b4079e8eceeb010766466d7c8097ae97f1e53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\footerSignup[1].js

Filesize
3KB

MD5
40b81b2d52ba9d2e2c64c31ff6a24cd7

SHA1
6b5689250661646ecbb841f2475f1556a113373c

SHA256
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

SHA512
5657ee166a1eff5deea7a0125edd6178541396dccb035785f5790bc1c57dee6b0e1c9d063d00333e95667f699d99172796ce301edd1df2c4bff02d25536f0d0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\free-footer-v3[1].css

Filesize
2KB

MD5
b09e83d2aeac55c0d3b67186cd5009ff

SHA1
fa87cec84cc36fc2e70804867da24578ea331999

SHA256
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

SHA512
3e98fc9895eaa5b9965329a428a9d5eda04c442c984d1d6f18c8e608d1dd3c740e71ca38f108671ccc828981cf20dec0ff9ed97e2890744b5c409688962d679a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery-1.8.3.min[1].js

Filesize
91KB

MD5
3576a6e73c9dccdbbc4a2cf8ff544ad7

SHA1
06e872300088b9ba8a08427d28ed0efcdf9c6ff5

SHA256
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

SHA512
27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\light[1].eot

Filesize
23KB

MD5
bdec44c063b6dc69b9fefbe8db57cf8f

SHA1
c96a963681893fdc2fdd215d212349d602ef6ce5

SHA256
767523a5e94968bcb2bafbd11da645808ec92a466d69861c53682fbf3e9dbdab

SHA512
03667892dd5737f02a9d00be4ea3013810439187694101dd4fbab16af515fff11649a7ca8f0e6af9712d424f0113c0a1c3cfa8421a0d6063297ea1344cafebd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\main-commerce-browse[1].js

Filesize
62KB

MD5
1dfbf458dfeaa80bddb4dc29e7b350d4

SHA1
ec9c77a6e5c1609146e69766f52911b0e17d0ec9

SHA256
fe2b9a42e36fe5420e0a17f652786d974d1bb1fcc2a57b9d3467b2b524fbdcad

SHA512
911f7dea21e29cf6aa1ac465f37c3233a2673883968e3c80d5ac67263109695be3b58821048e3a229dc1740662ff375b7a4dfa2152e19559f3a719698777f63d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\main-customer-accounts-site[1].js

Filesize
521KB

MD5
b5fb4da542152b830c75a7f005e61929

SHA1
436c894dac3fed58385c7b83b49dfd2b8c8c7df0

SHA256
158b177f4dd49d0a3cecf1e26ca311c72356af85505ee6ed366a4413b7362977

SHA512
84bf459ca0067e676a66edae82948f01726a74adf46830dfc5bd889f40eac05983d58f361fc3148366985bb07b0240a56b57243aec89380f8f8362388f81f973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\main[1].js

Filesize
466KB

MD5
f88ad9fb085a6c0dc219e8aa282ce47b

SHA1
28d40d567859f99251bdc3337bafa088224da780

SHA256
ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8

SHA512
4d8bb69e749b6e3247df1d4135a1ffcc73447fc8bc466e0f58f1071b4ba2d03e13399521600d678918e828452387bc35d7fe150c15c4f3de92c23caa0210a7db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\regular[1].eot

Filesize
14KB

MD5
9ca1ae7d5968cdbbd2f71598965435a8

SHA1
04f955229e6c7416451b38b21424407c7e631e65

SHA256
4994de75b364c19f5329031f632ab4dcc62989e554708d6ec04e1fa0bd493386

SHA512
9fa3e8699b0746f5441a544a51c7a3398601e4cefaa648870e39a472f976a65789b325588c93ae8beb3adbf364f9c36f906b00a008b49d4f9b1d5a501d7c3987

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\social-icons[1].woff

Filesize
3KB

MD5
ff5fdef5d1c599ea79d8c05d91976a75

SHA1
e7bafbe3f99efae3004782fbdddd51fcf3ebcb6a

SHA256
6a537c5e16ad4ce484477744757dfe6c6f4f359e0a61a29e79344f6b3f3ad7e1

SHA512
5d17cb5b8f1d731015b5d7c21b9bd5e420aa0f924c1e447272d44188b76d2b145efa59b557f1485264bd350f99fd58fe02b70bff5e26ae6e3e79c0932ae7fa18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\bold[1].eot

Filesize
24KB

MD5
4ff540d40c5f01cd86ec1fafeabfb2fa

SHA1
0917336053492f3d25163008bb4aec29e567cffb

SHA256
51891ef008c91ba96d522927b5ef4805efbeb9d70b900c0754a018398b7cc3d3

SHA512
1f45d08ea0d3a6d6e312a63f8277e2e15382fb64c56bd7a61adbaaa36283f8a7ef5fbd0591ca88002fe1b77a043ac6def2d191575ac5bdeca0950b99ab84b910

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].ico

Filesize
4KB

MD5
4d27526198ac873ccec96935198e0fb9

SHA1
b98d8b73ad6a0f7477c3397561b4aab37bf262aa

SHA256
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

SHA512
1ee4b73f4da9c2b237cd0b820ffad8e192d9125ce7d75d8a45a8b9642ce5fe85736646caf12d246a77364c576751c47919997d066587f17575442a9b9f7cc97f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].ico

Filesize
4KB

MD5
4d27526198ac873ccec96935198e0fb9

SHA1
b98d8b73ad6a0f7477c3397561b4aab37bf262aa

SHA256
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

SHA512
1ee4b73f4da9c2b237cd0b820ffad8e192d9125ce7d75d8a45a8b9642ce5fe85736646caf12d246a77364c576751c47919997d066587f17575442a9b9f7cc97f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\font[1].css

Filesize
2KB

MD5
8748eec74f3e1353ff5d59c4fc793928

SHA1
5c585058ebe43354156e0c7f1c40937128804fa7

SHA256
cb2642e037c6e74eace100541b7e6776ecaf14371b49e4decf7831bfb0a7147b

SHA512
360bb4e82191143e02a51fee5d7e0853c088f52f2de251f8c532dd7c75ab9def60b669d11d06e222715cad122e5b8b1a80b4449ca4a0e803b088b0550ffb848b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\italic[1].eot

Filesize
27KB

MD5
b8a6761dd3a5a779dec9c4d36003043f

SHA1
2134d707375b4a1f16a40bb460f2c581064938e5

SHA256
ccc68dc3d54964a2ddb5bad8aa8934912be2ccb2bf1c6a844eaccfe55ce67bd1

SHA512
048a19f96395462b2c2c2f9dacf14438d8419ee9e6de325221f55e751b10c1cd63dee2e95fd709c82adc6059339163dbfbd9843a8be94fab1e01971a95b72f71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\lightitalic[1].woff

Filesize
21KB

MD5
9441301bf8ac156b05f047e123249b04

SHA1
28accfc1c4789f51f09cb7a4aa0e1c11adc20181

SHA256
63c15adeeaf1d408a012a486ae19da21a82bb1ff623657fe47f5ce34fbe53a34

SHA512
20e9739b6724e6280929048ecb1e9f53897463edf6070d366be4aa3dc67ce0febb8d03dfb70e47a40ea274fa0790112c83865747c42060808972cab6d9d4b126

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\main_style[2].css

Filesize
32KB

MD5
08c41d487db00b5a44401dd0c1816e5a

SHA1
f396be8bda79a61dcd79ebaba320e215904693cb

SHA256
71d642fc8102b3b5dcd5ad2a5c66b06a698d6cd9cac8ebfd253dc507c9b3f12a

SHA512
fd5ffbbe63e6757908cd81e8e8bd931e76676260322db9ebf4366f6df2d41eabbae9a198ffc6e924a792ee37b4a59cdc9fe10835c383f8857d299202b309b486

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\medium[1].eot

Filesize
23KB

MD5
6717b3e8653baeb4f7c8c613331a7218

SHA1
7f01128f858510a43b201b36492525530161b75d

SHA256
832ab295aa376b26952fb2ba939a772559447342a02d6318a222630ec260f1f6

SHA512
8ad418494797a9686a776adc5dcba3ca07f98e709e059378e3fabd8db768c86dd5e72f8527a7f30006fb6a12193a42af18a35da027088c2d01a4d8afbb03143b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\mobile[1].js

Filesize
10KB

MD5
6f81cbd9f6b4376c27c4cf99f685da19

SHA1
85886012347a6a3e95bb4a6632b47b55992a4f11

SHA256
3a01a626ae8f90c3e5ccc1ff570a42f7431c0a636c21751f5bd99d54151e66c3

SHA512
8406e9dac99232a792a44edb7ac9496bbcf6c9a8ba56ef542c17e6574e9afa635ac6a7afc24fdfb85ad09b4083a6f63476ffa161b27c723ba38c9dd5e642e11e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\regular[1].eot

Filesize
26KB

MD5
f0aa40ea96d1920a1a96329b4a35eded

SHA1
31e6a2eaf78903f0487f2db6319d7a8e5186c218

SHA256
e745a8d2c87907fee0267896b226bcad1a2634a8c6826bc284f06875b14f0e60

SHA512
b22522660f8c966675003e592de0a7338bb08e68456bbdf661ffaec3cb9b33d71c63c870c30a0177a32aa2e1ef5014df27f57d67ab21690d36fb0ff360722680

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\regular[2].eot

Filesize
24KB

MD5
d45b2c9df934efb49975692c510dd4aa

SHA1
e0dd23824e94fd406692890150c1a7d7e2784a65

SHA256
7314db7378a358ebd9d8236220d6593224df5bb375f08df39e189c249225c914

SHA512
db4ec20eb487edfc3e5b787bab402487f83b9e03801e2748d88514e87c7089965b9a82825299a195e082b0f72235624a90bbaa033f7ceb02a351128185eae092

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\semibold[1].eot

Filesize
24KB

MD5
49bd3cc0a7a4864429fb2e3836d95e0c

SHA1
6ae719a3194dbcdf6f71594d1b438cfa4122fb02

SHA256
4dc87b734fdad3995f23a683be2622d59c3d43629baecd38f988c667c36e707c

SHA512
1366110e97e26fdfe2eda99f8b55520f000b273a695d6028a0c44a62d8aee5eb1bca624568baa2849394925f1111b1411c41e41d536f6fe7700e706717e1422b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\snowday262[1].js

Filesize
73KB

MD5
99bbe560926e583b8e99036251deb783

SHA1
8d81b73ae06f664f9d9e53dd5829a799bf434491

SHA256
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

SHA512
ee24915aa5c1c7c1dd571c07efe46dfc173cb69d2dadc4c32891ce320eef4fe1cfb614d9c212f16bfe2c83b29c6eeab6c5a43f8e32d475da8081b1e2d33869b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\social-icons[1].css

Filesize
12KB

MD5
a9c59038f6b327382b167c78c375a3be

SHA1
4cd360906080baf1b81b1a42f243c18af92a4745

SHA256
b021daa2d06c7b650b1fefb12d53c4a6d1cdf250b859c44ef7967af173fe8119

SHA512
27762aa291c869a21e4113fd952541396a2e21d2ca0b95ba71b28ed7db1b4888a60415e1a3315831843954036958b9a7544509edb2ff4872c0e18c719cd19b1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\templateArtifacts[1].js

Filesize
6KB

MD5
ae81ab7069097a055829fb9919258138

SHA1
7dc529f16fb595bbbfc5937adfe1d0a5cf563f8a

SHA256
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

SHA512
923f0e92ed682f638eca768065630ad26195f03cfd54ba235531c50d587321e45d0e0000e811f943557ba08d9c8a21a3f4b430433370c28c456acd6b094c63de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\bold[1].eot

Filesize
14KB

MD5
cbb4859569b98553fd6e5b79f0f1fb55

SHA1
bd72257fbe146c5c3a0de6272cb0e1afdbe459cd

SHA256
d5f4283db5dade507d8bdeb3a7fcaa103d9e6b40a31e643ba38e8841aeb51627

SHA512
fbad3b88ec3a5c20136a4699687a2e81de96d8c897ef34e093873dee59cd23c36bba154c5a1e8ed90ad396781b68c9d02bfa13f61f1161921f5a8b53648796e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\custom[1].js

Filesize
3KB

MD5
c4f42d70ba60fd9c54a3c69cc67a0e09

SHA1
586c4e2713a4d1f492e82590fd84be06cddff523

SHA256
7a0e8e02cc5e369756ad45a31321144e9dc707796476d32616caf6c5f76e35dc

SHA512
0e37288fa943561894991eb3e7b3d09a71be64a8df812aae888b068073c09862d6ce58d8b43d71142203b4cab76076f44037af235bee7094deb4a787d6faca7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\font[1].css

Filesize
2KB

MD5
418811a280009065492fcad7569d9a9d

SHA1
b0f8f8153bcf58c00ca2f6eca5117944cacc20e6

SHA256
7e95fc140480ef50a60f97de91912908430f7199a662fb7d2e08132132ed2bb9

SHA512
455aa663afe2042847d5f229127530de7bbea45a88d968342edcf6f7707c218fe14d8fcdce55b84c7d1b011da13580e2fe1d840a5b0187c3a722bb4559334206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\ga[1].js

Filesize
45KB

MD5
e9372f0ebbcf71f851e3d321ef2a8e5a

SHA1
2c7d19d1af7d97085c977d1b69dcb8b84483d87c

SHA256
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

SHA512
c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\light[1].woff

Filesize
29KB

MD5
bbaaef9849fe96db519e64a227f46152

SHA1
52877902373d5b92a378ce57d9166cd5340a83ed

SHA256
082389bc34a7f02e9c578c085a24d561eb2ae49f7e269fd81dd8a49f05656acc

SHA512
b11cfdb44c5b420f077be5f36c202f241b750b68aaafb99c521568b84b40e933d32c1af3374e610e2bf4d56181524d212049b78e8ac240e6ff7f32efa51565b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\plugins[1].js

Filesize
82KB

MD5
4cf5477130f7311a5f0af1ecaf425ee4

SHA1
14aa67219073d67c2c04db1d2e2acd706cfb6bda

SHA256
b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3

SHA512
3671588d573e57f4d851e1fc62ab194519926ba37dba02e7e7f9e6ee71d8455c187a71c4a241f6b3984e369eb20c72e7b4fadd8191aa3d13a9e0d19064797902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\regular[1].eot

Filesize
15KB

MD5
54bfe1d28f8d50b85ac32530af13c33f

SHA1
7fad18aca8eae65d0e86544515d7c45fc46739bc

SHA256
2f43096d36255dfb03b26d3f45c453e76fa2e6430297322e4a408d696375872b

SHA512
6c7a3c3d713c86889df115e1d5765f88716e4d53d95421469cab170208a921cea58839e3cd32c839b0c870589372ac4feb7b39d4bbc7e902aebe7526d1f857eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\sites[1].css

Filesize
209KB

MD5
9b0cea89efe53d91d78d11ffd47932d9

SHA1
4923ab33295645e85508386f7b6b884ba671c25a

SHA256
004224d90390c7cd683c2b1911c8ff02da3c2f1dd84db133333f3d704adb7355

SHA512
7c4a77d774d905f15bb3cbb1211849ced2f33992a77a246e20f7bc82aea7b0cba8aac41c6d4f6ba67f0c38814404b227769f3bc637f6ba721598f72d6701a8d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\sqmarket-medium[1].woff

Filesize
40KB

MD5
ade801c572e692ed6abe4213896eccc8

SHA1
82a61609a657857d3a2b2a4e12d7db9546221f22

SHA256
f321df4af5ea5d9ad9d0840c3f6b332567584620efedd1fade186123abc7479e

SHA512
c909842fb4005ec6374563c0f96e39ed77dc4fa20d50a8bbae08106dfe7b8da9e9e50d28899a16e7f01f01b924b4e6b3b5139a6013908bc35d1d075e73bc3fdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\stl[1].js

Filesize
177KB

MD5
6582c2aade33621450a6e3a66cb31e9c

SHA1
c75cfa7f8043793d88ffd5db3858f4fc1adc4db9

SHA256
3456d0f6931cc1d0a50ccb7fa01916ac2b398b80aaa249f8b3dd89c5d1666ef8

SHA512
19c1b33899369c7180d7122668e59e16fc7c3ad3a283cdbc47d17c1dba6baedb5e72ce3e15e27a7a4e286384a3f8f637eda19c99276016a623519cc41668749c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\ultralight[1].eot

Filesize
23KB

MD5
0972f3d2f229916b621d0acafaab00f5

SHA1
639ea99bfc3289464725043b32c76b28d7318214

SHA256
ad5588b1503e023af3a37c4aa431f451d21e137145dd2842aade5b46508cf41d

SHA512
2efd77d60d3cd51d655a9af50632972fd5b743fc16421d104acef737abe8e20ead393eac3173d70b06b399e1a25567477588a56cd52cd16b94eedb270f7883eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\bold[1].eot

Filesize
25KB

MD5
57425a0bd70abec6f5fd38d3b2507e89

SHA1
6f7576213e3fcc093c38c96db22ec701a1e6eaaa

SHA256
ab98070851f53310219e56128c117b5ba13bc63b822637b1b1103277c1e3010c

SHA512
6ac3f2676a83839dcee79d501abde1ff4f04d818654489a949172800406e5f9034085c861bb4eb734f92478f870c795640c32d087fbcd3f9e25984b30e3a6fe4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\bold[2].eot

Filesize
14KB

MD5
832c7e5e50837bc357da1d51dbaf40bb

SHA1
02fd39a9bcc89ff4421f8a5f1a599faa1ce5d39c

SHA256
268ea6792c9ea86ee1d8956ca8e6cc6e9c8b3a02c40580417116d8c372fc509c

SHA512
afaa4ad0b9f7a40c49bb4617abfcbdc84cef592a7565ad2e1a28ee3d67526e940a195bd2fa786d459fd655be446a57ee9bcefda8baf024c7f543b239791d6991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\bolditalic[1].eot

Filesize
27KB

MD5
05c569b5a8f8814828e3f4dceaaf80c2

SHA1
0a3c2302c098cab6b53a4f5f14e8ad7d0b379879

SHA256
1d8cdd4010892da826d1fb1b95756a1bd4d77d2e2b34a8a03168a0177e3273a9

SHA512
02bfa07637bc614f5e6ad3d5c4241cb503d8e534ad1a98d24968c734d8e083a83208a3e22d762901901e5163efa5208b022674c6741e434dfa7a1b141fa47428

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\font[1].css

Filesize
852B

MD5
91b360ae11a20a31e6a9ca60c6f6c691

SHA1
ec3c5c553a20655c54b0a5577a15abe576efa9b1

SHA256
cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73

SHA512
dd4ef54c19fa63b71ea71137d66665bf07c031983cbb4d1d108d99da9ee82255b8e72a0828aed446818a80d3b284504f77626f8e789506c459cb316fe008caf4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\font[2].css

Filesize
1KB

MD5
0863fbd5586a036bb5e4a15c6970a9a7

SHA1
fc9d60896b5ee157ac25e8dc8994ce760faa318e

SHA256
bd6b11f4c31bd84949c3ec61aae5f4d93cf0354cd8f422506ff7ec7d1be728b3

SHA512
6619bbecccc8a0280c6878744094e417ffd2671f8aec1b316c97883ea7e13f1d194613c56e7e34c49f7517462fa7b921bbcfdf0f7320ee6efb5ba427a8db1289

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\light[1].eot

Filesize
23KB

MD5
d07a3df5eb89a8bbea764021336fc851

SHA1
4168d287ab866cc21f47fc5dcf62b6871dfb210d

SHA256
79ad628a22c9aa1a8d30c9f5920d7f432f51804b9750bfe907c3a10d46cdb445

SHA512
ba7378d7dba3c8bbad610baae431339d121b0fe4b2876a1a1e87d9837053f6ac006490b959798b304ba6a96893d0250510fb077d556d2bca056ee81a2a8970eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\light[2].eot

Filesize
14KB

MD5
3d66e3aa5fe09dc9fe28cf2c735c5b26

SHA1
579be7e154a25125c59910ab74e5663b4dd8b931

SHA256
bd47331da5964d1cf41e84db9eb2c194df7312fc2b4a9c1bf37f8ce42a6ce1da

SHA512
9aa8987a2a609597b05a14adfa033d921e61616d54867dad85a8df1985df851f6659d0805bb27bee54299bdd92e8ee29be5742f201bacf22bd0d89ce03ed2cdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\lightitalic[1].eot

Filesize
19KB

MD5
2c59fa7fe6c783ae6ccfa84bf0fe2d52

SHA1
6a4eebb698051cea1ab8d43e2778497ea0521bdc

SHA256
8d1625b6ba4418ededa87bfa72a712c77247ed70c706a0f45c90480230564a7b

SHA512
d421836d14a77db963fe848b9f17abd6db4c7238f77fe29f4fe0640308ce25846a843960fb241c2144c702b7d5ab07c987ebc4abfe159f53be867c8d3db500bd

Download Submit