Analysis
-
max time kernel
150s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20230221-en -
resource tags
-
submitted
24-03-2023 15:52
General
-
Target
a8d746ad75f60881430ff0fd0f8f51e8e013953113811a0ed4cd944fdbd09330.exe
-
Size
1.4MB
-
MD5
ad71842100670b6f880e326f2ab71c30
-
SHA1
f81bd8a7e66d5a76a36d44e37db0b28a8660a040
-
SHA256
a8d746ad75f60881430ff0fd0f8f51e8e013953113811a0ed4cd944fdbd09330
-
SHA512
48b0000bd1567dfbc7aadee7c1ad0ea81d475b9e69f176703a0bac3f3bcfaf2f2265c4adf6dc7015a1e6b5effab044b95405e5172c7aa1806e621a730bc58364
-
SSDEEP
24576:sbq0Msre2kKCzeUl9ReKie1DJ33wIynyTn1hdrKM3xyDSqqw5V+82Y+vRn7DkwSp:W7re2kKlUlqKieDHwIynyTdJ3OSSK82c
Malware Config
Signatures
-
Drops file in Drivers directory 1 IoCs
-
Checks BIOS information in registry 2 TTPs 3 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 5 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled 1 TTPs 2 IoCs
-
Writes to the Master Boot Record (MBR) 1 TTPs 4 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 6 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Checks processor information in registry 2 TTPs 4 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 12 IoCs
-
Modifies Internet Explorer settings 1 TTPs 1 IoCs
-
Modifies registry class 54 IoCs
-
Modifies system certificate store 2 TTPs 10 IoCs
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 3 IoCs
-
Suspicious use of SetWindowsHookEx 49 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a8d746ad75f60881430ff0fd0f8f51e8e013953113811a0ed4cd944fdbd09330.exe"C:\Users\Admin\AppData\Local\Temp\a8d746ad75f60881430ff0fd0f8f51e8e013953113811a0ed4cd944fdbd09330.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\CathayFutures_FX\CathayFXConfig.exe"C:\Program Files (x86)\CathayFutures_FX\CathayFXConfig.exe"2⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files (x86)\CathayFutures_FX\cathayfutures5setup.exe"C:\Program Files (x86)\CathayFutures_FX\cathayfutures5setup.exe"2⤵
- Checks BIOS information in registry
- Checks computer location settings
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies system certificate store
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://content.mql5.com/go?v=1&link=https%3A//www.mql5.com/en/auth_register&id=ykuizkyahdaqpjsdhdpvmsmoqpfaqjhdcb&a=ccgidfqshcoacujujprnhtfkqctiqgnc&s=fa340bacde3ca2bbaab1856a37465d0a3823b161d1ae476a2ecd3c7b1ba349a1&uid=amqgrvhuyfktdxchdzawcfsrvcnqwhfh&scr_res=1280x720&ref=install.metatrader5.com&ac=167967677031137&utm_codepage=1033&utm_uniq=5000600603034470242&utm_link=A80CB678C59F814BE7DF336C74C3EB4A&ref=www.cathayfut.com.tw3⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffbf46446f8,0x7ffbf4644708,0x7ffbf46447184⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:34⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:24⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:84⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:84⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings4⤵
- Drops file in Program Files directory
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ff79f495460,0x7ff79f495470,0x7ff79f4954805⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:84⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,16849936749109049005,10625914830107086154,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:14⤵
-
C:\Program Files\Cathay Futures\terminal64.exe"C:\Program Files\Cathay Futures\terminal64.exe" /install3⤵
- Checks BIOS information in registry
- Executes dropped EXE
- Checks whether UAC is enabled
- Writes to the Master Boot Record (MBR)
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Enumerates system info in registry
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe" "C:\Program Files\Cathay Futures\terminal64.exe"3⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding1⤵
-
C:\Program Files\Cathay Futures\terminal64.exe"C:\Program Files\Cathay Futures\terminal64.exe"2⤵
- Checks BIOS information in registry
- Executes dropped EXE
- Checks whether UAC is enabled
- Writes to the Master Boot Record (MBR)
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies system certificate store
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Cathay Futures\metaeditor64.exe"C:\Program Files\Cathay Futures\metaeditor64.exe" /portable /compile:"C:\Program Files\Cathay Futures\MQL5" /inc:"C:\Program Files\Cathay Futures\MQL5" /time:0 /flg:0 /stop:se5404_2406620003⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files (x86)\CathayFutures_FX\CathayFXConfig.exeFilesize
13KB
MD53cc551c34d632e97a738654da88b6a6f
SHA1002fbcc1431d19373bc5e374fa0b4faae4d635e8
SHA256f513bcd0af5ea53dd6b5261fb7d0b1e5680093a852a8ffad724ac2c42b8852a2
SHA5125feed9524313982a04f412444e830d40a649d1755622a30218f4f9fb072b69e3bcc88b0e42716031f027ba205d35ab14665143864595ae1e93f82d9459413c21
-
C:\Program Files (x86)\CathayFutures_FX\CathayFXConfig.exeFilesize
13KB
MD53cc551c34d632e97a738654da88b6a6f
SHA1002fbcc1431d19373bc5e374fa0b4faae4d635e8
SHA256f513bcd0af5ea53dd6b5261fb7d0b1e5680093a852a8ffad724ac2c42b8852a2
SHA5125feed9524313982a04f412444e830d40a649d1755622a30218f4f9fb072b69e3bcc88b0e42716031f027ba205d35ab14665143864595ae1e93f82d9459413c21
-
C:\Program Files (x86)\CathayFutures_FX\cathayfutures5setup.exeFilesize
3.2MB
MD5040ea631816d4e633dcd474234166afc
SHA168fa6b03207d1c309227d1c6ee3a139110dd0f67
SHA2569aeed6e78d292d03eb09c8ade57ef76043281782c2862b063116b2aecf3b1b3b
SHA512b1cf28e2ebdfa4ab84d914bb17a5548287193af192ce7d1be4f23126ba86c6e465cd6773788dbf3e6496ed0d37b208a843facfa68ecc1d1454116c1c6099759f
-
C:\Program Files (x86)\CathayFutures_FX\cathayfutures5setup.exeFilesize
3.2MB
MD5040ea631816d4e633dcd474234166afc
SHA168fa6b03207d1c309227d1c6ee3a139110dd0f67
SHA2569aeed6e78d292d03eb09c8ade57ef76043281782c2862b063116b2aecf3b1b3b
SHA512b1cf28e2ebdfa4ab84d914bb17a5548287193af192ce7d1be4f23126ba86c6e465cd6773788dbf3e6496ed0d37b208a843facfa68ecc1d1454116c1c6099759f
-
C:\Program Files\Cathay Futures\Bases\Default\Mail\mail-0.datFilesize
22KB
MD5318f7a699108ecfbe93000fbc048bf66
SHA10c2e53c23f8a4f3cbad0baff8db8a11c406f87a7
SHA25658fdf1e434bdeaf6a7616def3f76c5d722c69cce145c2e51d36afd94a4337e75
SHA512ef49cdb6f6c9017d21299fcf8ec4e5e551b0fc144a74d39e537b67eeaebcaff183f7e7c7b5646e46e155655bc0ca0f50c367b21fd63ffdf434dc2e9df46147bc
-
C:\Program Files\Cathay Futures\Bases\Default\mail\1.welcome.english.welcomeFilesize
10KB
MD50e91b8022d0831e85836f7e0a037ffd8
SHA1684fe5d6dccabd0845929137aab92d8d4dbc9bd1
SHA256f37218b1a6c40fdbbf5dae0d3fac2aa8476ef693550c1f977880cdc5e7e99e2b
SHA512355e87ff9fdfd3b71bf37e2722a1421fd8352d8726856a2d5579c4c77aff95111bb7cd34a40dd43f007440bd834c53fdcdabcafea0f771458f764497d232288b
-
C:\Program Files\Cathay Futures\Bases\Default\mail\2.signals.english.welcomeFilesize
8KB
MD534fa0ab9072cf6ab1fafe19899a5b537
SHA14367430bac684dfe5bf542ca0d5a403dba759eec
SHA256606facecb2d62b921e69e3ca0e6f078b086162bbe5f2f84062aff44de22f1c9c
SHA5122c6dd2b9460f4abc405f4476d5bed8e67cf8d59d21075deaceac5df4c61fffeb7f90dcaf350ef054fcc75c28dc130f1189ff43c065d3fa66b640fc6332e324ee
-
C:\Program Files\Cathay Futures\Bases\Default\mail\3.market.english.welcomeFilesize
8KB
MD5e127a5f0fc6f6075239024a2331bdb9c
SHA1ca5da0d65e15aa080bf97870b3e0ef3b8b16eb37
SHA256d4f18c75a42bb37af1c048a6917ed2d407bf30f5693c5ddff76193b8256a846b
SHA512802b33f8663dfaa8bddec7c4c2be0ca75bc309e2bef5f2984af8885ecd20392d52fcf4add32ddc9c97614fa63b2cc5d2f08f23969f9e2abbd52ae995952c10b4
-
C:\Program Files\Cathay Futures\Bases\Default\mail\4.mobile.english.welcomeFilesize
8KB
MD5ac4df097a953b04a6070fcf5e373dd46
SHA1f8f868e6b765350a4faea6991e046a10fb0ccfe2
SHA256a78107df49d95e8727fc8482711d217cd4930533571c2f9777b866c60f631ea4
SHA5128174b483c61690eb0ae623bdfb94f1431c693675effc662ca83e1f047d03fa3b6738175793b1981011d30d47770a17e6d401a1d6a591d51eddcc93c3e9acd2d9
-
C:\Program Files\Cathay Futures\Bases\Default\mail\5.freelance.english.welcomeFilesize
8KB
MD57f3cd66e5646b6ca3a953291d95e2829
SHA1b5dc498474b0fb06568b0bba7b73012a40368056
SHA256ecba047f70b7e741e1b6e8d95894953f1f9676f3eef45c76b0db2850d4dae19d
SHA51215b9b2686ae5d33027cf4e0fd54514a2e146248b7c2b7f956bba328b7f91c13c1131087be370b5e6ed5a4736283bbb0217f7176d2b830e0bd8a4996390e40233
-
C:\Program Files\Cathay Futures\Bases\Default\mail\6.virtualhosting.english.welcomeFilesize
9KB
MD5710186c29dc07cea41f274fb2ac296de
SHA19f98ebe4f05847f1d38f5e3e68eb3555401e2325
SHA256cbb50ea59ec71285dab14d71392b3ed807a13660e21496627cc6da0878b5d2be
SHA512accfdd68e63b723693192709743e8694f1a9c19006598b6dbe482c4a8cd3ea36d531c2fe84a2f8f6b56cba5a51e4c1876ca02e34244e2783bfeed9f556e7e6bf
-
C:\Program Files\Cathay Futures\Bases\Default\mail\7.risk-warning.english.welcomeFilesize
9KB
MD559f014c5c4de767f5ee2ebca8f38c105
SHA1cff6228b59c398c2c728e16904fbba413917a5cb
SHA2564e7f56e2e8e3862859d6cece476130f8b517caa98098960f3abe96ef75e07afe
SHA51217e3f8bdfc953ffa99bb006c5b76a5e2da24743fcaff2d50b186d32c2d2edaf1693793d1a08b05e0c603d9ff2cedf524cb58bf58a06abbba232166a811ab9fbc
-
C:\Program Files\Cathay Futures\Config\common.iniFilesize
141B
MD5ec42755e1e830a284b14454fd9047b46
SHA1941f47481f0735322353c26ef91d41f2b2efe87a
SHA2560f9e14d88457d1fa551637fc411d53c74533dc8f32eda9d08a019182ddc4361a
SHA5126ecdcf64cdf4e59bab657d24989bf680dad075d3b418636214c5266f695701656055ecc23ba7c71c41062c6840419038fda76a60d5a3512c1830d171062a14af
-
C:\Program Files\Cathay Futures\Config\common.iniFilesize
313B
MD580243eab8e1b0def3ce7e32252926f6f
SHA1602eeb5ebd2f2ce05bfed6d1d6af14626e49f6b5
SHA2568bb0600dd4aedeb7a4ad4912d6c62a3ffe0c26be07569d1465da7734ba28e819
SHA5120a99270d62d2b114df81940612ca10c15b536ec8448de32bb43cfc070c9f2a97ee665ec58b76832b369a789363791555f878f2cf9b03f1a17cb50d10ca5351f6
-
C:\Program Files\Cathay Futures\Config\common.iniFilesize
31B
MD5a07c893edfc444988c21c4e8f5e653ab
SHA17d87a9c768c456b58e3e1575aabd6ea1007cc714
SHA256f3463f5d061c04205d9db6a058cef55500a21ad20cfeff463509edfef16109e9
SHA512d50f1d6d5212a64c8a498b3773910ff091cc74e8a42da92ee67bf13c2c69d14c118d4cff5ab6bf4de22e82085b74b386ec56f42acff79e0bf83b7b947779d598
-
C:\Program Files\Cathay Futures\Config\terminal.iniFilesize
8KB
MD575d367e07a251b6b7b0a202819c5567e
SHA10ea6ed7b8d449d075249e6fd61332dcd89ca9b8c
SHA25681d2525ae96a02d66f77f742fac188f161bb6f595eb06621b2b44032ae49127c
SHA5123da3a00e66f528865ee799eb5838aff103255a7e8595c0536347c8a3958dd9e241b9c1f324b79f05bb75e5aca7839bb822a790d460581ebbf924e31c9903c3c9
-
C:\Program Files\Cathay Futures\Config\terminal.iniFilesize
8KB
MD59f0b5eccd5d1d05c51c9d760bb58d0e2
SHA147abf00671a066a77e233be0ce2ff2fe0b9e56d3
SHA256114086abda7f0f38ba3d5280e7b3446a8b4a1bb678f176832da9726fa6795d05
SHA5129fd53918b302bf72b23be97a9c9abcd15fb49e5cad9e12aa10b0a059170dd29cbc08c09bcb90650c90969a077be13eac810a857a640867ced9f84b8760795921
-
C:\Program Files\Cathay Futures\MetaEditor64.exeFilesize
49.2MB
MD573dc6f7e5e2a8b01971566274b9b432a
SHA156128b7c3268f6430b0b9b5699c9c8eaade17d50
SHA2561e3ab1d8ecc1f53c0003a9e424fdd26cd956963a782daefc7c2ca969e403d196
SHA512c27b229eeadbfbbcfc3803897da3b02378f90f346b9da9b0b6df930df644a013242a072e8ce4ef5e7013abfe4107eb1a72a7e39f7bd4e632719abd146fe2c559
-
C:\Program Files\Cathay Futures\MetaEditor64.exeFilesize
49.2MB
MD573dc6f7e5e2a8b01971566274b9b432a
SHA156128b7c3268f6430b0b9b5699c9c8eaade17d50
SHA2561e3ab1d8ecc1f53c0003a9e424fdd26cd956963a782daefc7c2ca969e403d196
SHA512c27b229eeadbfbbcfc3803897da3b02378f90f346b9da9b0b6df930df644a013242a072e8ce4ef5e7013abfe4107eb1a72a7e39f7bd4e632719abd146fe2c559
-
C:\Program Files\Cathay Futures\bases\Default\symbols\selected-0.datFilesize
11KB
MD56d74ab180772ab01acef226aa2a63de0
SHA1bf2c86e38e4897b88d54185394ca68f6525ae8cc
SHA256445de0cfefb1376ea7e7dea0dc7f7d2473214b177159ddd5de8aa3230e9d73fb
SHA51256b7bc75ef4f978df0a25f3bcbb8fe1965d85c00ecf0753ff7828cc7468ce55f5a5acba5dd2441843e78ba4ce1542903389e60884c25f4f26a96504f3a9ed7d9
-
C:\Program Files\Cathay Futures\bases\Default\symbols\symbols-0.datFilesize
24KB
MD5c9688f0b21a99019600ed62a855d0516
SHA1096b1a329f6bf6ed63027af974827e749e5aa564
SHA256cbfdb00cb0793b2c54efa316cea61b0b2bb12adaf3875ee0cfdba8e56c7d3003
SHA5124c2f57e5ca1921906484757ad4c7d9e95d11937b1159bb3cb2e251164980ecef28d7338c70ff86a4d12adfe264a482ebde625a7152b33682874d500c1c43b527
-
C:\Program Files\Cathay Futures\config\common.iniFilesize
141B
MD5ec42755e1e830a284b14454fd9047b46
SHA1941f47481f0735322353c26ef91d41f2b2efe87a
SHA2560f9e14d88457d1fa551637fc411d53c74533dc8f32eda9d08a019182ddc4361a
SHA5126ecdcf64cdf4e59bab657d24989bf680dad075d3b418636214c5266f695701656055ecc23ba7c71c41062c6840419038fda76a60d5a3512c1830d171062a14af
-
C:\Program Files\Cathay Futures\config\common.iniFilesize
313B
MD580243eab8e1b0def3ce7e32252926f6f
SHA1602eeb5ebd2f2ce05bfed6d1d6af14626e49f6b5
SHA2568bb0600dd4aedeb7a4ad4912d6c62a3ffe0c26be07569d1465da7734ba28e819
SHA5120a99270d62d2b114df81940612ca10c15b536ec8448de32bb43cfc070c9f2a97ee665ec58b76832b369a789363791555f878f2cf9b03f1a17cb50d10ca5351f6
-
C:\Program Files\Cathay Futures\config\servers.datFilesize
2KB
MD59da5adad35cc87188b21e26f22ba1ae9
SHA1dea5c8796ccc46bafa55958c1cf031dc5baf823e
SHA25621883b264184a46a6d61d7dcda535607ad88a394d31891143b825698d88e768a
SHA51200fc7bb17dbc0862c657cefcabc2594b387e0bcf28fb2d084c78bf1823d0a3378c5e1767481caf782e745fe94f60731def761bd6cebf6a65fbab1409dace180c
-
C:\Program Files\Cathay Futures\config\settings.iniFilesize
5KB
MD5056e7f8b1392ca0e73918e11595e1d0c
SHA106ff8658ab85e2bcd182ab3403a2c867bdb528e9
SHA256dad286ab46f69414fda4c42487625f926be7055ff2bb77002f4ad8191f9d747f
SHA512374b19647b463eec499ad80240a814b14238292faf069842d002726b8ee5ebe9988587175ce24cfebfcb82507d86f2d53b0da6fc03a3496ecc21df572696b40a
-
C:\Program Files\Cathay Futures\config\terminal.licFilesize
21KB
MD5c1181d52fc235d76a22a9d472d5aa921
SHA19d644074c371dc3a91287309a58339d97cb1b518
SHA2565adc64dc11352c494c4198a3766481d9867584e4cd78279cb06d6d9e5eeb7c7b
SHA512e6e926c14b3248a32ab78efaa5ffaccd5ae60a73e8b61d5744b2b11d8ab681b6c0315d8cd870184fe4324175c9d3396bb86102d71eeabd7e5ca1cf27b1daeca8
-
C:\Program Files\Cathay Futures\logs\20230324.logFilesize
440B
MD5bc3549f0c644f2c6656b34e5067c51ec
SHA1ad7bca04f0df7dd1b8764c9e00c6c0dda66fde48
SHA256cf0798dffbc7385c19522c466e9b0e86333cbedf7c1f711a95bd955ccd6e36a9
SHA512abd73a1041e7249e2792cfaf1a43f7cb9f8f45524b2628d1c665a04ca40f091e694e2d313f641e55e30a7eeb4c661f609184939d99f34c7b76e28b842ebda993
-
C:\Program Files\Cathay Futures\metaeditor64.exeFilesize
49.2MB
MD573dc6f7e5e2a8b01971566274b9b432a
SHA156128b7c3268f6430b0b9b5699c9c8eaade17d50
SHA2561e3ab1d8ecc1f53c0003a9e424fdd26cd956963a782daefc7c2ca969e403d196
SHA512c27b229eeadbfbbcfc3803897da3b02378f90f346b9da9b0b6df930df644a013242a072e8ce4ef5e7013abfe4107eb1a72a7e39f7bd4e632719abd146fe2c559
-
C:\Program Files\Cathay Futures\metatester64.exeFilesize
25.2MB
MD5ca2d94e858b1bd70d2779f05e05ee7f2
SHA1031e371f2cb453fcc19b8a5c4fe7c8d94b613562
SHA256f11017b14a4f384e91bec1afa35b9273cc7b7e6b519c483f4ae6c034fd843af7
SHA5120edd3773edc3a48ba841a451bfeb05b9b309664cc93de552b7e4fd2a35c8da327af068a4f957d5975ec642f95b530f43e7b5a15f2677c7b188100022184b5dae
-
C:\Program Files\Cathay Futures\profiles\Charts\British Pound\chart01.chrFilesize
4KB
MD5b2cfa6007c87e8d2a840ca0f0e77ac33
SHA148e343fa5924c1561390ba8f79ac46371f53c3f5
SHA256074c0cdb0d67bb4f343ba87e605124cc097016f77afc3e208f5765bcb8788906
SHA5127d6536d329e91ca58347885a5244d408deb2ce604cbc09a9c691ab35f02cbc49923e7cd1a5122bbe78d5bd8d8261428a9eee5ad1e3743f1ad8a9e3bcb7ec2b30
-
C:\Program Files\Cathay Futures\profiles\Charts\British Pound\chart02.chrFilesize
4KB
MD531c047d58884c871c2e1252fa927532d
SHA18dcd59b06b0488f9d4e7d056e82180b619f75f8d
SHA25662f347bfa85e9d8974a5bf0c8feb81f7cf8a5757be3fef5190c4ced757256aff
SHA512e281466a544b4c6415f501249d18142cd35936339f475bd64b10275d94824c8fa6f7def82487ca0f2d570b4efc9d01bf3b1e6fa963419df65fc3bced29de7ae4
-
C:\Program Files\Cathay Futures\profiles\Charts\British Pound\chart03.chrFilesize
4KB
MD5112922787ad3fa848865605831b81884
SHA1e445f0bdbb629ebf34499a516c43562cc12c857f
SHA25691ef37d31e90242d34c5844b42c6d50214efa91f402268be5462028f52d356b2
SHA512e28db5da3b6c1e0a4880795a61cff8efee568e96d609e1e118d361deadc4169001767d9167abdb649a5cbaa7e7c277460e8a8df7017506dd0ec97429c58e1c44
-
C:\Program Files\Cathay Futures\profiles\Charts\British Pound\chart04.chrFilesize
4KB
MD511ee1f515055e93f0e810f5228050b36
SHA1ec151685a379dfe8531a230beeeb679f2f9a9920
SHA256c86795c22143cb9bf82790233cceba70ae966c2a9ca0f679634ac4cdb847d32c
SHA5122a36ae76c37dda43339a43dd951d7df6580a2bf369531518cf69a48fcfce3ba59005e3d0921b4e6e65cd09ea3854ec223d66a5dffeb10761764dbcc6aa62d2a7
-
C:\Program Files\Cathay Futures\profiles\Charts\British Pound\order.wndFilesize
106B
MD5e6b06f612a351deaa8cda0836b25a4ce
SHA14739f8cecd1d075689730cfbc9140b13681832ff
SHA256bb2aae933928e009b82803d3ce2a3aa464861cf5c51e9a9af1cb25fc5923ee11
SHA5121f7a5c137fea0cd56b2c5676b6a038c15795f09fdff5efd50d9ed11ea102517fd4d5df5d7f1aedf2ecdd3e2a92e459b640f57eecaa5150ee759026aff273ab39
-
C:\Program Files\Cathay Futures\profiles\Charts\Default\chart01.chrFilesize
2KB
MD5cbcb207b4eca61983c2bc6be8fa2cb6b
SHA1a7c6fda5154230e176b2efd94078dc8e4b2c97f5
SHA256ecd135cab470d4a90979027d44b73ad512039187fd19ed69ff7372a52b27b766
SHA51200db4573d986f7ffacc792ea28d5c548a14c9eff85b33722c144b6dba1b41af50e7cbbd33b25bb8536ed40716c70421112d4a0b9c394f7759e6aaf9287d769a2
-
C:\Program Files\Cathay Futures\profiles\Charts\Default\chart02.chrFilesize
2KB
MD5c6dbfbb29c324c008696d1f044042bd4
SHA1d9e2f67944be3a6b904c6a66599eb13ba34199a0
SHA256dae31e1135021dfb18e71fa94dd42c7c4a231a302238db84e36afeb8d1eec08b
SHA512449cc241f5f480b38e89a6e84b9611f338d279952195a3a7805ed0eb30e922eabdfa1ea7b4466680e88f173a808d45b50d1e99e076267cde1a0471533ab5c0fd
-
C:\Program Files\Cathay Futures\profiles\Charts\Default\chart03.chrFilesize
3KB
MD5c83dff4b48cd69721ae542f1deb6bef3
SHA1edc884426ebdc9f7cab0d046b0547b80ebfbba63
SHA2567b341556d2e6d41c34583479d01bc6142c97b740fd205409f88c9a7eeca12e4f
SHA512448df704047cb145d3b91e8cb5a2cc4f6f65f26cd943ee23c28e489435b781f6c1c37ebbe53f75a97129a808cd1ed0332e788e38d646852b2c682006ac589d7c
-
C:\Program Files\Cathay Futures\profiles\Charts\Default\chart04.chrFilesize
2KB
MD510b587d941321e1ca2b37027d96adbdd
SHA1284e2b33c5d953d9449ad380969e09d7a42ec08b
SHA2565b99490c026f03727d529803079d5457bfbf02573f880e334fb8191e45c7a8b0
SHA512f774d21cde508076a53d28b3357ff9ae622b3171b08b85e918a83c87e29b18d3b2f4ff6f092bbc351f9132d0fa4d3ccff2ed2a61b6ff0640c7a80d94d82433e4
-
C:\Program Files\Cathay Futures\profiles\Charts\Default\order.wndFilesize
106B
MD571cf7ef63820a018a5fe3eeb974a64b4
SHA17bb5057c3d259da7f59d3cce99ac5bd44fde097d
SHA25651b82b4d0db003a43f32b8719e50a0412b55efe52887b7df76d7a27a0703244d
SHA5120452e3659fd9f1cc557ed9c4633c7cace04ea3dbeac098def8a97db38a91a1e858327fd009245e10e8ed25baa65885c03636f29a085a605c2d44da1fc201a507
-
C:\Program Files\Cathay Futures\profiles\Charts\Euro\chart01.chrFilesize
4KB
MD56336e04febd73bd5260a2d974817a9cd
SHA1774e1beed401346784f4a63e8d30adffc697bf77
SHA2565b67146285c97192c6ce453a84e0cafadc3d2a8bd1c0fd5e7800db24aa2a0185
SHA51234b7bce124e872d20b529e3675e0a32fdf0528d28be1d1a78c0c1bb724166f640ade32e713f8c3d138409baa505a7b41cfc4a2c3152a9cd39d8f62f122e5f12b
-
C:\Program Files\Cathay Futures\profiles\Charts\Euro\chart02.chrFilesize
4KB
MD5e4ee631b69c84953eb70b5be19e80178
SHA1ffad8ebe062e6e484365d7f9761642303217175b
SHA2564811b15a515522d3fece37b4a9089112011bd62d62652b295e14bb74aa63fa6e
SHA512e98cfe41b726000a8c629ce418dc0944cb53c738af67b1d60a2abcff6b3f629c46b755b364320a03ddfd8ffa11049124b12cf4c657373abc891182a24909726d
-
C:\Program Files\Cathay Futures\profiles\Charts\Euro\chart03.chrFilesize
4KB
MD51d317dea4589acf40cc4396102c0c963
SHA11972cd214e9e9940b84dfd97bc6ebc2b908589f8
SHA2563fd62a7084445a99b60b8dceb28c85d4533fadcc5bc90934dcdd6e8e7025f866
SHA5125447b13a0e1fbbee4f080d0fe2512759f21fe5261e3c11099bcd4db42db69a891d526e363fe2e749bbf858a167d95471c842a050ed1fca3ae92593d93c583e31
-
C:\Program Files\Cathay Futures\profiles\Charts\Euro\chart04.chrFilesize
4KB
MD5dda95b8c2f418bffd481d4ba463526a8
SHA1c4b72025363e869e181d74d212dd54b2b751502c
SHA2564c41121051b008ccc758ec19c0250db78cb98c563283d8747dea9a11956564ce
SHA512bba961dc748661843d0e0ae4a329b7c5fc041ceac58ca97e98bf173234dc0ddf86370f477aed68f81951b414caabcbcd7187db21873fca638f39b5d6708092c2
-
C:\Program Files\Cathay Futures\profiles\Charts\Euro\order.wndFilesize
106B
MD5e6b06f612a351deaa8cda0836b25a4ce
SHA14739f8cecd1d075689730cfbc9140b13681832ff
SHA256bb2aae933928e009b82803d3ce2a3aa464861cf5c51e9a9af1cb25fc5923ee11
SHA5121f7a5c137fea0cd56b2c5676b6a038c15795f09fdff5efd50d9ed11ea102517fd4d5df5d7f1aedf2ecdd3e2a92e459b640f57eecaa5150ee759026aff273ab39
-
C:\Program Files\Cathay Futures\profiles\Charts\Market Overview\chart01.chrFilesize
5KB
MD50415270ec850a613df4e9c96e0f3d0c2
SHA15a22493dbbf2207e0fac23217f1b87574a5624d2
SHA2567b0d5a4ae505f98dcd667da733541501c4bf49b8139076156868c8f37573a071
SHA512dcf5026493e54aae6b4ca5823ef52793fb590ed03b26a584534d26dc0c82fe008cda43ce78c4f30f06469e8caf89093cce70f7d7e022a9b842cb97071b1195f8
-
C:\Program Files\Cathay Futures\profiles\Charts\Market Overview\chart02.chrFilesize
3KB
MD5a10290e8f40a09abd794779fdfe3b53a
SHA16755e2f6ccba07b57cd0421c93f8cd59d80f993a
SHA256193cc0eb1a419a84422d7e55a51dd81e38cc691cf3b89020868f6ee4ac8156b3
SHA512e42ee9a631439a0c13f54ee530cc55485a892cdb9e23e91bb95b1c5c63389d534916210e612f887c8f2040bf06d17f881f6de35fde55d82ce297cbf2087fd37b
-
C:\Program Files\Cathay Futures\profiles\Charts\Market Overview\chart03.chrFilesize
2KB
MD50059904b9856356a2a9cf9fc7b29e473
SHA12d2957fcb64c1853b4291986c181ee729db464e7
SHA25606c5bb507d83bfb9e853e8e660daa09192428cb59007ac23a9bafc97f329967e
SHA51211f8e14e5f6c398259aff9b9484ab7893502a1d2bfed035bf081c614aae6a54a73f36a4eda25e00049bc42f438a407218a2fd6c12a3e4b06871c02c3df4933d0
-
C:\Program Files\Cathay Futures\profiles\Charts\Market Overview\chart04.chrFilesize
3KB
MD5811c149ea405e13325467dceafae0c74
SHA18810462e3e23d9c9aabc241092ea59d835ae9198
SHA256fe5a8378274ae12a008942ae8d568b88ebc42354214c5c2082be2f85a7232c68
SHA512d10cac190c92690e0cf919f1c08932d5950ca706ccb443af4bb82e1a5fef46175a2b4f99d7ddcc19e5422a45c52946c6dc35227037f2553a392075020712f42b
-
C:\Program Files\Cathay Futures\profiles\Charts\Market Overview\order.wndFilesize
106B
MD506ff51fc2a91c09cf9bb43e654a17ad8
SHA1cc27a22873d1f2a53521ba0644b8ff9b0bd37ab7
SHA25692d54f3324fa315c03360a09ad4021b5f54da068397caf3966d4d73066d7839a
SHA512c88c0305dc577a2b74828f0048812cff7ef269f4efd2f0290afe27168e7d3eebee02ce59de9fd89eb3af85579f1c64ead61f11489995987a2d4fdd1a981e83bf
-
C:\Program Files\Cathay Futures\profiles\SymbolSets\forex.all.setFilesize
288B
MD5207307971b3cdd0a2cdd503759f7b527
SHA14984f6c2476e0018447804ee99b5781b0416d511
SHA256960e8672ba9df5a8d5325bdee8976703c3fc263ab7881c6772efc3433055a28a
SHA5125285844469287df619032dfbf46861448c277bfca06b3a363c11f9ade787afb7efc7dfa7b4503b719161f3d8bbbd557e6777c0b4faf20ffd7de088656ffe4709
-
C:\Program Files\Cathay Futures\profiles\SymbolSets\forex.crosses.setFilesize
218B
MD5a8c0ac3e5be4a1011a09f316c1bfabd3
SHA1a0a52c5c9780405917c5a402cc928cc10cfc4b48
SHA256c95a2b57f4de8504d8cafd99de6049d49df31e0a86466c0fae55008bec9e1736
SHA512124f8bef314415e390a5906f9b98bc3c9619df6302e9a15881d82928d8a9fd00606e895ff1a3909e3a51354c2aa915b2aca91081d5de5320748c1754bb4aa112
-
C:\Program Files\Cathay Futures\profiles\SymbolSets\forex.major.setFilesize
64B
MD582aef6cfea3aeea241c6240f2ac9a779
SHA19e2a01aeed78c853915bd1d3a0df8a6188bd079e
SHA256c5b114b137a44c5c93ad16c4befe696280ca069b4f4dd6ac7db2b66825ea4804
SHA512ed3f38f5152e7f2fb71e479cd07e9a6f1cce0c62ec02ce05cd9bbc2bd67c4a22273d986f846e307261ccf7582ca60de5e65bb84efb24ea5a11ee27b22d6b0278
-
C:\Program Files\Cathay Futures\profiles\Templates\ADX.tplFilesize
3KB
MD504fc692a8433953d5da484a7fce1293a
SHA1664e5683afb88ff8227e1d01207f7ea84195cc64
SHA2562e024d06758c05d7a2900f450e0456a696b4ec62c3684ed9b5983e6866516070
SHA512b6ea72ca5ecd338a77db07a2312ec7725ed06c1be6f098f17edca5751053e27db9b24e58eb2e87767acbbcfdaf6256f9cf3a75c7f71374e07c59161ec9c831fa
-
C:\Program Files\Cathay Futures\profiles\Templates\BollingerBands.tplFilesize
4KB
MD51f89f726613edeebe6201e1395e990ac
SHA1f1d178204fa3ceea0f7efaf62ac54a46a38f6076
SHA25671cecd467b9e7a0fe41723e815ceb00624ba1cee4d07102a0154096a50eb369f
SHA512a3fc403ca0728d6da7ad838f746569eb0df838943d9d95db7dc31753a9bda0d855790803201af98eabd0aaa6de4a35178b846efb2ed1a408e02e06934c6992d1
-
C:\Program Files\Cathay Futures\profiles\Templates\Momentum.tplFilesize
7KB
MD5f35cf96f510f5a2775b0867e9a689934
SHA18272482322dcdfdae839939b8154bb4dbc06f81d
SHA256f0fc8b8e4cb5de6b7b93ba356c4bac4e9b0d52cf589048e30aea39b9c0ea9845
SHA5126f9b9522bdd324e0771152a94294e447adee403567bd4da775eadae865e59be1bade60d71376308df3a7f7009c80dc2e5379190d475f27a570c0e29f26d6fe6c
-
C:\Program Files\Cathay Futures\terminal.icoFilesize
44KB
MD53aec171f22d1ea0958db2529976a17a3
SHA1dfb7f164f92aaeb776c129710b4b577c909d796c
SHA25633b87a8e0013b8ff53ca89bf7b17f3167b372bff131e3d96076c6450f9a39c55
SHA512c3dee0b41d9728239542733251075c331612d6f6ad07a69358068d4aa571e604f89b8357dea2a0bd09f485a65257f128705b79f08156ae00c7c47e1b658fce3b
-
C:\Program Files\Cathay Futures\terminal64.exeFilesize
76.9MB
MD5d0569c2096ade6071ce9ec0b68464d42
SHA1e3bebd772fd4139c219ca3d2fd172a4b928dbfda
SHA256a4eb8b65134fa070e2778c32d34ba21c69f7d778fefdad9ff7a9b46b81fa8d35
SHA51281f6bb3c4ca0ec4ce08856a0357971d33d1ce7524c2eb7f650a0a4fc90f8982809554f633b6a3d97162d599bfc85cec64c4d394d7583b1ab161a01a8a7828f4f
-
C:\Program Files\Cathay Futures\terminal64.exeFilesize
76.9MB
MD5d0569c2096ade6071ce9ec0b68464d42
SHA1e3bebd772fd4139c219ca3d2fd172a4b928dbfda
SHA256a4eb8b65134fa070e2778c32d34ba21c69f7d778fefdad9ff7a9b46b81fa8d35
SHA51281f6bb3c4ca0ec4ce08856a0357971d33d1ce7524c2eb7f650a0a4fc90f8982809554f633b6a3d97162d599bfc85cec64c4d394d7583b1ab161a01a8a7828f4f
-
C:\Program Files\Cathay Futures\terminal64.exeFilesize
76.9MB
MD5d0569c2096ade6071ce9ec0b68464d42
SHA1e3bebd772fd4139c219ca3d2fd172a4b928dbfda
SHA256a4eb8b65134fa070e2778c32d34ba21c69f7d778fefdad9ff7a9b46b81fa8d35
SHA51281f6bb3c4ca0ec4ce08856a0357971d33d1ce7524c2eb7f650a0a4fc90f8982809554f633b6a3d97162d599bfc85cec64c4d394d7583b1ab161a01a8a7828f4f
-
C:\Program Files\Cathay Futures\terminal64.exeFilesize
76.9MB
MD5d0569c2096ade6071ce9ec0b68464d42
SHA1e3bebd772fd4139c219ca3d2fd172a4b928dbfda
SHA256a4eb8b65134fa070e2778c32d34ba21c69f7d778fefdad9ff7a9b46b81fa8d35
SHA51281f6bb3c4ca0ec4ce08856a0357971d33d1ce7524c2eb7f650a0a4fc90f8982809554f633b6a3d97162d599bfc85cec64c4d394d7583b1ab161a01a8a7828f4f
-
C:\Program Files\Cathay Futures\uninstall.exeFilesize
3.2MB
MD5040ea631816d4e633dcd474234166afc
SHA168fa6b03207d1c309227d1c6ee3a139110dd0f67
SHA2569aeed6e78d292d03eb09c8ade57ef76043281782c2862b063116b2aecf3b1b3b
SHA512b1cf28e2ebdfa4ab84d914bb17a5548287193af192ce7d1be4f23126ba86c6e465cd6773788dbf3e6496ed0d37b208a843facfa68ecc1d1454116c1c6099759f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD55a10efe23009825eadc90c37a38d9401
SHA1fd98f2ca011408d4b43ed4dfd5b6906fbc7b87c0
SHA25605e135dee0260b4f601a0486401b64ff8653875d74bf259c2da232550dbfb4f5
SHA51289416a3f5bf50cd4a432ac72cd0a7fb79d5aeb10bdcc468c55bbfa79b9f43fab17141305d44cb1fe980ec76cc6575c27e2bcfcbad5ccd886d45b9de03fb9d6d7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.icoFilesize
70KB
MD5e5e3377341056643b0494b6842c0b544
SHA1d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA51283f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnkFilesize
2KB
MD50367d8727c560ac0c47c1052496add48
SHA1f970647bc4fb5f68c15b8cfc55da716ec2037eca
SHA256058e80bb3d06832c3e5fbdca0851f7f43527b4e7f9a2a9e70aea4372fa1a5002
SHA512ff54f7b0607422d0239bf2a4d1d4300cf6971e393a5dde8fe5b79138c59a826f98e86975af36f0f4bbaa5b0ead3599265bec54257dd6d8aa099b556ec36d7570
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
184B
MD501db84f04a36a38c6e81627bf740f377
SHA1183c1c5098ef0024bbfd0f6f43c8340e892dca69
SHA256f8fcc93722834f4ab081a170d507a185ed0063071c1889fd141bffa0416aa1a7
SHA51291105798c14feb3759606b8156785333ec830a670d378105a38882fbb37bdd3c35931c145d6d0c3f7918002062bc55a8a80a419f170c3803e92f5f2554e65ac8
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
4KB
MD5e2ef549e34af817b124d56aa17920fee
SHA1cbd9f5bdc78bf852378652273d64d4ed1cf5e735
SHA25689970c20c1f5a672223d9a71ddfb1f57df7e8d003a653cce5f992d8c53b329a8
SHA51292f13240dceee06da1aa0a4383855934f195ccf32e22a189adbf7f1e51a19964bbd876a32658c0277be848abe8c5e7a7a10656334e56e97c43c408b8883f4e76
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD5ad7437ff1fdd35898e89d680bd21bca5
SHA1e4f974233b8d3690eed918adfc7157bc9f7054bd
SHA25655b22d32593ffc1d6b6b0bb2565fdb25de85aab31fcc7488305734d7f4dd8cb6
SHA5121c15aaa1653dde151bac1b1c3d830e3458f2655b7d47aba8fe4882a4ec038a87b2f1d19b48132906ba62a867b9308cdd4f7c1ef2e99889f49522c5fdf30711c7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD533a72b881bfe32f53d15ec0b93c3b2e1
SHA1873e41320132393e7c4f7581ae850d19f1c30b22
SHA2567ee1a1cef5f2580c7987da5bc04a8cab3c02ed959398bdcdb6192a6d21314884
SHA512a16572103c3331a20878622ad1d4d5f2dfc4d9e3325b0fd1483961f78a677539e109acb78d9b2164a9c0c658fb5d823d064f2b29e0fd185f20e42d6ffc2e5fec
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
5KB
MD506ec8a5f83bb1bc0560312690130b52e
SHA17cd33cd80882c256b30254ecd16d4df6d9a78ffa
SHA25699f3e60fec8614c6463bf5aaeb6c263dbd9cfeeb51896ff8b708c77bde7de27f
SHA512b7333d2271ef2a6dfa40c946a7c996ba9498300c9a518f0d2cfd5f451e620fb797bf2803a87fe52f55a09cdf1b41827cca0c32685020af926bb1d0303acc3f31
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
24KB
MD55edab6d3ffbeee247ccb4423f929a323
SHA1a4ad201d149d59392a2a3163bd86ee900e20f3d9
SHA256460cddb95ea1d9bc8d95d295dd051b49a1436437a91ddec5f131235b2d516933
SHA512263fa99f03ea1ef381ca19f10fbe0362c1f9c129502dc6b730b076cafcf34b40a70ee8a0ee9446ec9c89c3a2d9855450609ec0f8cf9d0a1b2aebdd12be58d38c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENTFilesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD56c322a020b60801bb0eda7dc33f8c386
SHA178152cb635cbba887ecf4da8fe6d642d69679acf
SHA25601fa70b659c4f479c130dc126ab6e729e08d20a0929cffa3e952765d8d55343f
SHA512c00addd29ca8cb9a042ef3ad831724915e5a59c06e83f8e256aa70908c2baeb22604403dcf6b8cb7d6739fff7fc0a0b1e786f48e23573c73c7bf85b62085c2a4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
9KB
MD518e9bdfcfded451719c40902881fc8f8
SHA1a1c4567c205d10b002c125df56799bfb38c92a91
SHA256487db92e2fc1ac437d1ef0c7ba55637993b68cc254794ffb121f7eaa015a79df
SHA512665c93dd90b52aae142c40ebad2b788302d3a613992e82193b125cb047dd735e3a6560e75a4cb0c019acb6b6dc5a1efd5e866228911c07d677e0fe2e5d96376c
-
C:\Users\Admin\AppData\Roaming\MetaQuotes\Terminal\Community\Labels\3A\3AEC171F22D1EA0958DB2529976A17A3.pngFilesize
1KB
MD5864d377ee80959b24c26d6579e854464
SHA139054057dd452d155a89824ee4e11d81ae35d795
SHA256071bb147b68418a3b853531c05be99cd6bb3c4fcd1bcdfa01b386865be19a361
SHA51242ac9fc3dde7705a5b4a2474feac41e1fa612ebec14e4a3b93d3f44b869893a073d1829b64fdcf3df5cbc7bf2700b9bbb45b306a495077e828c863326328dbdc
-
C:\Users\Admin\AppData\Roaming\MetaQuotes\Terminal\Community\dns.datFilesize
13KB
MD5eb734d96c7b82d00b0577394d2d473e9
SHA1e81ce972ea31c22a669b2204205eacd92d7baf04
SHA2561c0d825cfa406b6e109446bb7a9d8509b9145ddc9c18ec1eaa80d4e497bf5775
SHA512865e6566cd89be6726389bc4a24ff587316b2219e20cbc2ed691ee5bac7b3b29f95335708b5a94e0080484a1f1b24e86f986a8c58e7316aa088611be352d6e80
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-msFilesize
3KB
MD566db4a316c7e34525381e3a2b245dcf4
SHA144eae7b4e176031ff6f3d54a324517009cd086ca
SHA256a5e2f186829524ade75b166f34fa3bbcbb66ed929658f8cb4e9c3995a10afdad
SHA512f33e611bd630809560300a94fdd8c5543fa1b25d660c647ca6e611768d7aa68046eb727e6c8d17831a6a732dcc2f966955aa36ac1fb40108809e81755b15fcdc
-
C:\Windows\system32\drivers\etc\hostsFilesize
1KB
MD58e448dbb512a3b4ba554675998d1a84a
SHA104afc8c4afff46e213878347c23be0dede356302
SHA256745957d4446dd025f8a13eb6b5c52331894d3b7cfaa52fa30243382240683812
SHA5128471413cb795dfd8a7bfc1af148fabc90b91fb7d0eac1fe7c682d23658aa9b25e40f1d6480acd623ae057497d73928aa8cba2113d89c77d352cbe41926006b78
-
\??\pipe\LOCAL\crashpad_2140_EDJFGCDZGWJAKYPWMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
memory/640-180-0x0000000005B10000-0x0000000005B22000-memory.dmpFilesize
72KB
-
memory/640-196-0x0000000007820000-0x0000000007843000-memory.dmpFilesize
140KB
-
memory/640-205-0x000000000CE30000-0x000000000CEDC000-memory.dmpFilesize
688KB
-
memory/640-206-0x000000000CEE0000-0x000000000CFD9000-memory.dmpFilesize
996KB
-
memory/640-203-0x0000000007A80000-0x0000000007AA6000-memory.dmpFilesize
152KB
-
memory/640-202-0x0000000007A50000-0x0000000007A77000-memory.dmpFilesize
156KB
-
memory/640-201-0x0000000007A10000-0x0000000007A4B000-memory.dmpFilesize
236KB
-
memory/640-177-0x0000000004E30000-0x00000000055C0000-memory.dmpFilesize
7.6MB
-
memory/640-208-0x000000000D0E0000-0x000000000D43E000-memory.dmpFilesize
3.4MB
-
memory/640-200-0x00000000079F0000-0x0000000007A05000-memory.dmpFilesize
84KB
-
memory/640-197-0x0000000007850000-0x000000000786F000-memory.dmpFilesize
124KB
-
memory/640-199-0x00000000078B0000-0x0000000007941000-memory.dmpFilesize
580KB
-
memory/640-198-0x0000000007870000-0x00000000078A1000-memory.dmpFilesize
196KB
-
memory/640-176-0x00000000036B0000-0x00000000036C2000-memory.dmpFilesize
72KB
-
memory/640-191-0x00000000060D0000-0x00000000060E8000-memory.dmpFilesize
96KB
-
memory/640-193-0x0000000006880000-0x000000000688C000-memory.dmpFilesize
48KB
-
memory/640-195-0x0000000007B50000-0x0000000007BCF000-memory.dmpFilesize
508KB
-
memory/640-174-0x0000000002EF0000-0x0000000002F1C000-memory.dmpFilesize
176KB
-
memory/640-192-0x0000000006840000-0x0000000006874000-memory.dmpFilesize
208KB
-
memory/640-190-0x00000000066A0000-0x00000000067B5000-memory.dmpFilesize
1.1MB
-
memory/640-189-0x00000000060C0000-0x00000000060CA000-memory.dmpFilesize
40KB
-
memory/640-188-0x0000000002FA0000-0x0000000002FA8000-memory.dmpFilesize
32KB
-
memory/640-187-0x0000000006100000-0x000000000613B000-memory.dmpFilesize
236KB
-
memory/640-186-0x00000000069A0000-0x0000000006A6C000-memory.dmpFilesize
816KB
-
memory/640-185-0x0000000006050000-0x00000000060BA000-memory.dmpFilesize
424KB
-
memory/640-184-0x0000000005C70000-0x0000000005D0E000-memory.dmpFilesize
632KB
-
memory/640-183-0x0000000006180000-0x0000000006199000-memory.dmpFilesize
100KB
-
memory/640-182-0x0000000005BC0000-0x0000000005C69000-memory.dmpFilesize
676KB
-
memory/640-181-0x0000000005B30000-0x0000000005BB3000-memory.dmpFilesize
524KB
-
memory/640-209-0x000000000D440000-0x000000000D473000-memory.dmpFilesize
204KB
-
memory/640-179-0x0000000003700000-0x00000000037AD000-memory.dmpFilesize
692KB
-
memory/640-178-0x00000000036D0000-0x00000000036FC000-memory.dmpFilesize
176KB
-
memory/640-207-0x000000000CFE0000-0x000000000D0D2000-memory.dmpFilesize
968KB
-
memory/640-204-0x000000000B6F0000-0x000000000B6FD000-memory.dmpFilesize
52KB
-
memory/640-194-0x0000000007700000-0x000000000771D000-memory.dmpFilesize
116KB
-
memory/640-175-0x0000000002F30000-0x0000000002F60000-memory.dmpFilesize
192KB
-
memory/640-172-0x0000000003150000-0x00000000034A5000-memory.dmpFilesize
3.3MB
-
memory/640-173-0x0000000002EB0000-0x0000000002EE1000-memory.dmpFilesize
196KB
-
memory/640-171-0x0000000002FB0000-0x000000000304D000-memory.dmpFilesize
628KB
-
memory/640-170-0x0000000003050000-0x0000000003150000-memory.dmpFilesize
1024KB
-
memory/640-169-0x0000000002E10000-0x0000000002EAB000-memory.dmpFilesize
620KB
-
memory/640-168-0x0000000002AB0000-0x0000000002B4E000-memory.dmpFilesize
632KB
-
memory/640-167-0x0000000002D00000-0x0000000002E0B000-memory.dmpFilesize
1.0MB
-
memory/640-166-0x0000000002A80000-0x0000000002AA2000-memory.dmpFilesize
136KB
-
memory/640-165-0x0000000002BD0000-0x0000000002CFA000-memory.dmpFilesize
1.2MB
-
memory/640-164-0x0000000002830000-0x0000000002A14000-memory.dmpFilesize
1.9MB
-
memory/640-163-0x00000000023E0000-0x000000000267A000-memory.dmpFilesize
2.6MB
-
memory/640-162-0x0000000002680000-0x0000000002829000-memory.dmpFilesize
1.7MB
-
memory/640-161-0x00000000022F0000-0x00000000022FA000-memory.dmpFilesize
40KB
-
memory/640-160-0x00000000022E0000-0x00000000022EC000-memory.dmpFilesize
48KB
-
memory/640-159-0x0000000002180000-0x00000000022D6000-memory.dmpFilesize
1.3MB
-
memory/640-158-0x0000000002380000-0x00000000023E0000-memory.dmpFilesize
384KB
-
memory/640-153-0x0000000001750000-0x0000000001E8F000-memory.dmpFilesize
7.2MB
-
memory/640-157-0x0000000002150000-0x0000000002177000-memory.dmpFilesize
156KB
-
memory/640-156-0x00000000020F0000-0x0000000002145000-memory.dmpFilesize
340KB
-
memory/640-155-0x0000000001FC0000-0x000000000208D000-memory.dmpFilesize
820KB
-
memory/640-154-0x0000000001E90000-0x0000000001FBA000-memory.dmpFilesize
1.2MB
-
memory/640-151-0x0000000000B40000-0x0000000000B6B000-memory.dmpFilesize
172KB
-
memory/640-152-0x0000000001460000-0x000000000150C000-memory.dmpFilesize
688KB
-
memory/640-150-0x00000000012B0000-0x0000000001451000-memory.dmpFilesize
1.6MB
-
memory/640-149-0x0000000000AD0000-0x0000000000B3B000-memory.dmpFilesize
428KB
-
memory/640-148-0x0000000000EE0000-0x00000000011A9000-memory.dmpFilesize
2.8MB
-
memory/640-147-0x0000000000800000-0x00000000008BE000-memory.dmpFilesize
760KB
-
memory/1884-146-0x0000015C71550000-0x0000015C7169E000-memory.dmpFilesize
1.3MB
-
memory/1884-143-0x0000015C57420000-0x0000015C57430000-memory.dmpFilesize
64KB
-
memory/1884-211-0x0000015C57420000-0x0000015C57430000-memory.dmpFilesize
64KB
-
memory/1884-139-0x0000015C57020000-0x0000015C57028000-memory.dmpFilesize
32KB
