Overview

overview

7

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-04-2023 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.mediafire.com/file/2njukeowjshwi6z/Florante_at_Laura.zip/file

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops desktop.ini file(s) 2 IoCs
  • Drops autorun.inf file 1 TTPs 2 IoCs

    Malware can abuse Windows Autorun to spread further via attached volumes.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.mediafire.com/file/2njukeowjshwi6z/Florante_at_Laura.zip/file
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3888 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3148
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:3792
    • C:\Program Files\7-Zip\7zG.exe
      "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\" -an -ai#7zMap5317:184:7zEvent29400
      1⤵
      • Drops desktop.ini file(s)
      • Drops autorun.inf file
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      PID:1172
    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Florante.exe
      "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Florante.exe"
      1⤵
      • Executes dropped EXE
      • Checks processor information in registry
      PID:1484
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x4d0 0x150
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:5028

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      173a79e136330a70b71832e4563d1b42

      SHA1

      28b14a7bbe8a20fb082b36a9d2651e13fd1d14fe

      SHA256

      b3a892deb1113445e59cd3ef9ac10f02a8792652c30a2effe4cdc060bd71a03e

      SHA512

      b50efc28fb0d1731a9e337b531660c20c0d4046f2ed81e8085f5a9ca1c44b9960577fa558d729b48c8d3328f2599d1e27a19c4e59ed97125deee6a638fa2e880

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      a5d1888c4baae83127ea7815faeba232

      SHA1

      ad1daaa2ac7638803b60e7787510ecdf3e10d31c

      SHA256

      ce7164dd4ba255ad4cebcd3c15e6bfc46590af0fc57bad0b5b31c914fbb02a07

      SHA512

      b1117763b00b15190e1a92050065b2872f0008b1e4caa5cd87c03527a710469097ce0d450e69768e455438653f2e1afee05916817275a668c5528c74b992ea45

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HNRGBZSN\www.mediafire[1].xml
      Filesize

      1KB

      MD5

      95bec4c3c4a56c614239bb4e17327488

      SHA1

      ed9652cb30722d3867e3f62c7b7579a1d73208c0

      SHA256

      c15311c683f0ba307c35790adf6200f06bef86a298843b11b80f253ef37971a2

      SHA512

      ec727e08a67f680f746e9c5355316d0e80d53812658ba86f54b555daf8a43dcc1216624cc76979488ad14dfeb00d08c67189a14a694e8790488a7cb33c79ad60

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HNRGBZSN\www.mediafire[1].xml
      Filesize

      246B

      MD5

      327da1186c4b030ab9c4d3fe8a215247

      SHA1

      48c27fe43f5301b1d5debac05e93650c10f3fcb6

      SHA256

      7a4482d746bd1d85b52ae31d86e51cb49d282a50004191e3cbce3360e773003b

      SHA512

      317a784e267d63ef3a05b8ea42a776d62d4e9f49db8e771fe137123bb2f67009ef79b009fec2e743641009245a3002e086cf095b2be4678563039a8e0ee1aeb8

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura.zip.eakp5ia.partial
      Filesize

      57.8MB

      MD5

      1f318921aeea7db63328dd4835e79610

      SHA1

      f60ec0732c3c7e422f9b7ea2f122d20bbc895c99

      SHA256

      2a92dd0012f56ea6333bab44d05332003f2bf1e0a3c5325d4ad194fda3fe097a

      SHA512

      e1afc9242257d489905d90ccb67ae676aafce773ee5fe449647dce564c0acc056872c62c7a4a42ded580e3159b6c4a8bfe2e484ae5ef31363284686afe624a64

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Data\background.jpg
      Filesize

      1.1MB

      MD5

      da842829b15bd3b83db610bbfb2a275e

      SHA1

      5209ae409aa2f95d593d15cc0ab6286fcd20b913

      SHA256

      7e955d80c54b6babf628727dabafafab5182fa60cb1e7c59a38bdc32ebca55c1

      SHA512

      67d9d8e7642f21692f69b057a46859302e4b409c2e04b069abc4bc3d1b47265939f9b44e02e773b222fd751971f0cdb0845245fc9437fbd390dd0e52f590f24d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Data\background.mp3
      Filesize

      1.0MB

      MD5

      ca1610d9f049c1d15000be68ad185ed9

      SHA1

      6dfafa73edc8a331e62b2a21e22265a261a20f1b

      SHA256

      f7f48221ea1266c4607574849fb6f80651db7b5d0f8c08907a62c704e639a2ee

      SHA512

      103b777ccce334b0eaa5116800e07ea17b7bbf1eea81198a4ba0ee6d6109e0f2aea1e4172aa0d9193f46ec50b26e312370cee5a6ace664ebd5b49ce8d45956de

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Data\logo.swf
      Filesize

      6KB

      MD5

      294d5b263f2de4c64aa7bb6abed71387

      SHA1

      9784c9ec7150485064bac96cb982b25d9dbd63fc

      SHA256

      8d9c6b604a2fd84d7530bda0779f50ec3849b011e5b03082b9d14d45a028e840

      SHA512

      2d45d5ef47f92246b8036a3669716046a5b754272e1051d4aca6b08fa2928d67362613fd6a976daba10de0ba9f27d1dbdb714babbf6351b60f32a2a77d2f9aaf

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Data\tauhan.swf
      Filesize

      155KB

      MD5

      d9a07d2a640ef58bd4fae9d56c814f7b

      SHA1

      bdb3a5a500f60a9a8b64a10b1c265a7e3a8fd652

      SHA256

      39189f156ab0c5a939c79cbc278da056035e7f249dd579a97ec7a1a4574d1b4a

      SHA512

      1b2d0394b318ddd43aa25db4c9a0ba427ae1b3af0456bbf1c7ab9417c951dcefa58d2c225c44ba2eb83365dbfcada02951fae4e505c2ac443cfc07f53bf4de06

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Florante.exe
      Filesize

      5.3MB

      MD5

      a0786c73fa3b91facd6246491fd67cb5

      SHA1

      b072bf5b70cacb91fc0b8230f2ede4333b92758b

      SHA256

      930a0925c11bd585f1747f0ed7a196ecda9055aef8d114df3298e250e45b42d1

      SHA512

      55cd4d5f624b7d9c447127ec8610cafac3a3f2ce0f8f9ee9d67393ee15131ec375fa7b14980626731c0d51cc04a87116004e2c1d7e6ba76401955dcf43c7745d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Florante.exe
      Filesize

      5.3MB

      MD5

      a0786c73fa3b91facd6246491fd67cb5

      SHA1

      b072bf5b70cacb91fc0b8230f2ede4333b92758b

      SHA256

      930a0925c11bd585f1747f0ed7a196ecda9055aef8d114df3298e250e45b42d1

      SHA512

      55cd4d5f624b7d9c447127ec8610cafac3a3f2ce0f8f9ee9d67393ee15131ec375fa7b14980626731c0d51cc04a87116004e2c1d7e6ba76401955dcf43c7745d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Tauhan\Movies\menandro.swf
      Filesize

      62KB

      MD5

      a11d673786feaf738dad9a97d9e3cf4d

      SHA1

      222808458c9f2597974232f147fecfa8654702a6

      SHA256

      7df46b142c13d96f38a5138bcc0af9bdc07877f9ae30c64a2da44ce0b55f0735

      SHA512

      5d36d36723883a0108c62ae3b4c2fa639a6990ed282d0030a935e4438a9456b5bfb519da3648c0a80cda3edf3e386143b19a439f25e0f12bc4684e13aa72653b

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\Tauhan\Sounds\menandro.mp3
      Filesize

      114KB

      MD5

      1b8a4899137ca058aa89e1778bb0b59d

      SHA1

      b244387d07cf7163c82aed0e35d8d64eaf7081b1

      SHA256

      780fc4f836c7e5445725c53a84b63d1cdbee5691182923976d9c126766e14919

      SHA512

      d9a78ba39c2028c0395a944a3a712fa18c93f46e28a6716a7abf2eeed66d32c51cc4465f1373059ba8fa46c053390ed86d5e80e228b2343c00b1301f1e18f5bf

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\extra.swf
      Filesize

      657B

      MD5

      2dad8d6b25bdbc16b7708cf92a75bdc2

      SHA1

      1e1780ea3603c6d1058461f2428034630108b2fe

      SHA256

      f342584d9da658901a8a4bf854d7684644f374c6d32e99aeaaef00e2302ea35c

      SHA512

      36634f5af783540f0086112f6fb01e9e79627d681c733031f338d8500438ef3ca8b87b0f92d6dd2650f4d1233c6c16f85d0cfc421d0eaf1d50a75a4ae4119828

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\leftscene.swf
      Filesize

      40KB

      MD5

      e87882b0e728f47761f42cbf91845b9f

      SHA1

      3802e2f7e749005765f696b3ef44283833c9a10c

      SHA256

      a741afb9f220b5dce11373c2ca9fb1f3d2940d018293230001b4e9106ba58c03

      SHA512

      89418c4adda1a72410793916e1eefc23896a9b41676052aa281aad24d891aa933943d71f1e778d7ee6b7726367985ae5d4c7a2428234cce878c58bca70bd61ae

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\nilalaman.swf
      Filesize

      53KB

      MD5

      f8a1726166982b334e86b21a78d4b44f

      SHA1

      b3aea652122a4ac022b0f2651a33239e1ce8940c

      SHA256

      b1e647fdeae8b2033618df22fc553f337242ab74b65f2581d1fca7f937693a1d

      SHA512

      711c7c3a4dbdd06c1d3bc821f22cebe57a74255789d373eac78ae43aa6c0750b2512f5ac9ede4dce948227e3ed5a8db6fdf1cdeed297a82c15b7ed01e6db8e64

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\page1.swf
      Filesize

      109KB

      MD5

      a54183dfb6fbbf046634fe797217b123

      SHA1

      b42f25415bc264e237a58fa13707ba097314101d

      SHA256

      bc73009a81c73add1b5435c7b2505d6cb06c9ca369cf99678dadcfa6ea5e9415

      SHA512

      ee8de0e654b9b21f832d0057def531c00b3e3e957d3bb67f2a243d99ae50220264415b55044abda0c45d67d70954587eb02d8742159b5d1de17a8eebc41207d9

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\page2.swf
      Filesize

      30KB

      MD5

      de6dd50dde058c19b6959bf6b55c03ab

      SHA1

      4ebbf14b6e92b3d2ebeb8ecaf89865ae0978ecd8

      SHA256

      49cd3c4b2f0405ee38e39ccececacbc5d5be58396e3d8f6f37662c68b0a6f8ca

      SHA512

      851b4c2e23c606f74c4589fe518b2456ba8abb0f23f7b3953edd83c1319a3f248d660f54084779a59c488a1926ea6420de5008adfe38cb7ead15feb7c72d2fd3

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\pagelast_1.swf
      Filesize

      34KB

      MD5

      d240d9eaf7297529d2b1ee253c42063c

      SHA1

      fed42179f4f0c5da5aa1fec03c5a74c8388574d3

      SHA256

      3ce79877a1b2ccc8d1b3e96515e7e26fd3b90fe5c7f12f8b965df5dc412464ae

      SHA512

      a319df4e288d3c2f2f36f3f49acf38c93a8bacf3985e301dc09174f6d723613280bfd2180da04759e5aa7b73a3a04bcf692940c46a66b5195e0a5f582bbec2ca

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\pagelast_2.swf
      Filesize

      34KB

      MD5

      3f130cbafeae40b6383fa4d4bdeb1351

      SHA1

      050dd87b12c43d903fe422e9c7156615d3b9a9f6

      SHA256

      015dd8a2cf389c0bcebc071b75cb84d468fa2c31c1c691b13e4e98e77aa99fe9

      SHA512

      91d10394db956965198f58eecdb6ffcb9dca3c6626a9f68da43ebbcb5b0fe8c26c737ddc5f0c253fef46420452260b80d64c88b6c0c422dbd06cd88e71233f9a

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\rightscene.swf
      Filesize

      40KB

      MD5

      3c052a6522fcaa4c914321eba60b59ac

      SHA1

      48812adbdab751dd7cd402ecf8f3aa8f89f956b3

      SHA256

      83a9ab95b4355c980de028114929f353e21a1980aa52514522d7a3c71bcfa77d

      SHA512

      a85e4249c0f96b4480c1a9aea0de4202ccc8fe28bc7a490aa0736f2ed93baab2d68588036a44182a685bc1aabb95aa8789b18b0292a27559b282a49587be0b9a

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\tauhan.swf
      Filesize

      73KB

      MD5

      73f9c72078e6ba1504e9c02e7fccac4e

      SHA1

      a13503fc25a3debba5cff76aa15ba07dfc61d3b9

      SHA256

      a8d07fcc9aba5818cf1d4b6a88c89bc227da9b663dc34f8fba9802d336c667f3

      SHA512

      5e6e4269764a70963cfb33f021ea329bb82e764432bde417943909d903c1b426eb063aa8f7c3f8be38f2621fd393977ed665cb0a069b361295e0cb4f25d9e717

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\tauhanBG.swf
      Filesize

      29KB

      MD5

      d6a3955aaaab1251da6dff745682c8b4

      SHA1

      51d33fc06915acacd09820f8ad96abd97ba02546

      SHA256

      f649b5974dd78c7ae1c6a3088754d6a9edeab918ec82f9729254c91c1ebbb467

      SHA512

      e9e49a6cc35023c51f1ddff85c0b7a2658e79a3477ae7c31699cf2ec3b4eff56ee4d4ff96d9a6c3c127ad633a748cdd43e348361a8d77e11ae98e995e355e904

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\pages\title.swf
      Filesize

      19KB

      MD5

      579ff57cf895639d70454227ab4e972e

      SHA1

      8372e0425a070e78c62db1bb89a89f0ff1b21e31

      SHA256

      a27950307ebd5ea9e996136d5deb0335e59373c593f58481514f14493b05fe21

      SHA512

      b38933de7f0f85e4279aa950194c72f30c3b9a302d28d5bd398e6b3f019feaf391f8c25d0e4ae88569ff153b5b0da5fb5788ea1becf60739c4ffcf93ce602389

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C1\1.jpg
      Filesize

      23KB

      MD5

      509a757109fbbea9e0fb6a5ba561eb76

      SHA1

      709ede7e1c66a41067331f6b59ebefa054aad58e

      SHA256

      fd797026015e6ba56dd0b04da4cdf642368388688e4404276fc8ed68ed2356b1

      SHA512

      bc866124c7a32befbafa543e7add0b87b73094b0dc3fe13c31d0b83704326b10c6080f04f9a2ea04d17c2d44e2bbe2b1dff76a08924d59f64c9d239a01de46d2

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C2\1.jpg
      Filesize

      30KB

      MD5

      cc52720405efbe4fe45d14116914fff7

      SHA1

      6925efbebf11920f7aeed5ba8f81e22fe2571f62

      SHA256

      988882e1b0ddc0439632501673611554249779de61972a05a4982869c33b5381

      SHA512

      ccc03ce1e00004276bd3b4dc6ecd2ecd0611bc170270a4ddc34b4b38bcd1466652499d6b10f4a1ee2566ea644055618aad2307d68321147c33373172b3f5ef15

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C2\2.jpg
      Filesize

      32KB

      MD5

      64ad53f66e0d181deec5796543ee6898

      SHA1

      9aa140ce785a5352a5abb0fdff6926bf33804ce7

      SHA256

      f7962f5bb4c26d4ed203326c48375d1385e57bc162478a56d8aac0b624a6ab8f

      SHA512

      95ec38180fadf0a0500003215bd884d4e81368135548a2845e693f462db58bfff885da7c01018b4978726c266fd6eb145f2d1afa0a95539a4fca73484d99bf51

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C3\1.jpg
      Filesize

      25KB

      MD5

      75f7d75f4dd51c6140807e499897da6e

      SHA1

      2ef6c149b183ddca9dfcfcdd1821c239cfd518b5

      SHA256

      53db2f0bdfbd847392d86239958078100ea723b7f621f81994d1340a217ed3e5

      SHA512

      c9319eea78bb0670a16003cbe0da78a66fd5bd11b6ef7a9dd61f3452ad49d14084fe330bb197eb7cff643a7bc9fded6daf478c85bba8f8a596c55f3fbc461020

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C3\2.jpg
      Filesize

      23KB

      MD5

      7a1aba73101a178fb0c21c86d4c1c00b

      SHA1

      2f7e5c93fc4aab621b533bb392a93a7ae669ebaa

      SHA256

      3fa7c652fcb12de0c39830ae828ed6e8249b512c9051c7b0c4913d31bc274126

      SHA512

      a4f4ee1f6e5b2e0106580f4f5952a21fe177a498323d68849fa61f8bb5364901c7d66c6353ebe1b076ab1c99baa6736b1b4323388259fb49a67bda838c1189b8

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C4\1.jpg
      Filesize

      31KB

      MD5

      368a144fb2875e3c028a8cceb7a29e5d

      SHA1

      fb4ee2830d8796ae51d6374342d73f5709b26435

      SHA256

      ccac727545522d8e9ec2a41570e99285ea4ed892b3e5e3f09fb375383768fb8c

      SHA512

      e12eff76d0c73bdfe97eaa435834781adf60fa230312562a60ef17fa356cbb6cac9bce37e5f393d77291e3409ff7fa93434ecbe60439b787d14cf78f6ac14f30

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\C4\2.jpg
      Filesize

      33KB

      MD5

      1947effbd2bcf3e590e800ad9092613f

      SHA1

      c07fcc8e28cba792535875c5b89ad6bf63347ec8

      SHA256

      58036ec99ba126c6072d3ea2c12ca98b223ca4c78bd0b514a000e4f50a0e2547

      SHA512

      4d9f55f9ac6353c005e72b7f24cb3dc578a9375ecfa28dbf96d4a03c8c5ad525703085cf7fdf30823b96e17a312eb8db8aa8a2e0117872632a1a28bd36c7604e

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\thumbnails\extra.png
      Filesize

      67KB

      MD5

      987520bb35f03611c0f9a580b77ab7b4

      SHA1

      3f4336809041601bb0026214796e40330e288439

      SHA256

      6072cc20cb1f6b8bb1fed6cfdddde7e16ae9faa8af80a96641a7828e23b65607

      SHA512

      639ef984753ab64c1a4ca8f93fcbc9b8489cdcba21367d580a88f2a7e291770d0ef85cf86d301ec852c1caf2acbe1ad23f06c23e1b572e584189f5f7b426e4da

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\xml\nilalaman2.xml
      Filesize

      1KB

      MD5

      65422c7155ccc8ec21baa3a623a0a5e2

      SHA1

      261ae8beab6becdf09495f4e230e2820602a1105

      SHA256

      aa61b3884197b7338607d1a1f09f41b3a56e9f0841ff594436097351b85cc91d

      SHA512

      45d357134974bd34106f0990d7cdd25d18932e5c8acef07fd279442dab19cc75bb9986f92b89e23f81969d2c61496984bd18963788da27ec2b686cba264073d4

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\xml\pages.xml
      Filesize

      658B

      MD5

      e0e0ac13315238dcdc96ce6c793b4742

      SHA1

      b9574ab482d0a4f40c70270c106aff0e3d07fd73

      SHA256

      e1b6fc0d067117475bccb7cdfb0ea9799d6c6e23bc8dc5607b796bead8e3aa6f

      SHA512

      17b34e50bf138cc5f05ab3e7d1850e9d14b9f165b7620457d9a5ba0d57152f00ea64032bb8788bf5a9a634080592c30aea1aa1265d0a5c19ad5faa0c5100c310

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\xml\tauhan2.xml
      Filesize

      2KB

      MD5

      76c009d06366acf566b5ea2f1f34de95

      SHA1

      05dcc201c6d110f73f04c098d9be022aacba34c7

      SHA256

      2e13b87e71adcd0a1ec7be9a96633e3bf7264f80135ea4021718e51ac077d8c5

      SHA512

      84e1571eafb78ee1cb95c2371c07b20a486d338f2678fabb2730ff0878fa426df6aac4d31668ecd86c1632031ee18acaa8b660b691a76fc6a793c63c9e5550bd

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\Florante at Laura\xml\words.xml
      Filesize

      33KB

      MD5

      61b79a9c834135b28f0f8f0a3221c3c2

      SHA1

      c292eb323efe8f746124ad830adcc813e4a01e77

      SHA256

      f5653efc25d3f71c31466cca0bfad56ea6a5a3ff2e7b01cfb38f628ab4c86283

      SHA512

      9edc135d8c2a1f96abfc50f7467c8f2e134def975698c3b1764b7eab248bad6e1dfe702391cfa65d672075d1085c42405c8589db0a5720bfc679fd7191076c53

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit

    • memory/1484-1022-0x00000000035D0000-0x00000000035D1000-memory.dmp

      Filesize

      4KB

      Download