play | 952fec5f9e7137951700d7e4239728f903e360b3fdb0332deb9448bdc31c2f3f

Analysis

max time kernel
150s
max time network
34s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
28/06/2023, 14:27

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

952fec5f9e7137951700d7e42.exe
Size

673KB
MD5

2e8897ef38d4abe4861360a4b6e895d5
SHA1

f668b1110d8a6b1a3f638fd8a6276a7a1efe18db
SHA256

952fec5f9e7137951700d7e4239728f903e360b3fdb0332deb9448bdc31c2f3f
SHA512

02d7fe9141b25c74fb4721fa5cba6030cae671ec159987e1e0c95eee65fd5185586b0101af63e36f788cf8b7fc7044018e059301b17e5e63e68564d31f3610b8
SSDEEP

12288:fjVr5+jJNj0H5zPYXADL1vpQ/ywpll/nh:fjB5WJOH5DYXAlvMyUJn

Score

10^/10

play ransomware spyware stealer

Malware Config

Signatures

PLAY Ransomware, PlayCrypt
Ransomware family first seen in mid 2022.
ransomware play
Renames multiple (8472) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Modifies extensions of user files 10 IoCs

Ransomware generally changes the extension on encrypted files.

ransomware

description	ioc	Process
File renamed	C:\Users\Admin\Pictures\ExitRequest.png => C:\Users\Admin\Pictures\ExitRequest.png.PLAY	952fec5f9e7137951700d7e42.exe
File renamed	C:\Users\Admin\Pictures\SubmitDisconnect.tiff => C:\Users\Admin\Pictures\SubmitDisconnect.tiff.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\DebugAssert.raw.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\SubmitDisconnect.tiff.PLAY	952fec5f9e7137951700d7e42.exe
File renamed	C:\Users\Admin\Pictures\DisableLock.tiff => C:\Users\Admin\Pictures\DisableLock.tiff.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\DisableLock.tiff	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\SubmitDisconnect.tiff	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\DisableLock.tiff.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\ExitRequest.png.PLAY	952fec5f9e7137951700d7e42.exe
File renamed	C:\Users\Admin\Pictures\DebugAssert.raw => C:\Users\Admin\Pictures\DebugAssert.raw.PLAY	952fec5f9e7137951700d7e42.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Drops desktop.ini file(s) 39 IoCs

description	ioc	Process
File opened for modification	C:\$Recycle.Bin\S-1-5-21-3419557010-3639509551-242374962-1000\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\FreeCell\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Downloads\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Recorded TV\Sample Media\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Music\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Chess\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Hearts\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Favorites\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Favorites\Links\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Music\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Libraries\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Music\Sample Music\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Purble Place\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Contacts\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Favorites\Links for United States\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Desktop\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Mahjong\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Pictures\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Downloads\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Pictures\Sample Pictures\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Links\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Saved Games\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Videos\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Recorded TV\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Solitaire\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Searches\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Admin\Desktop\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Pictures\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Videos\desktop.ini	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Users\Public\Videos\Sample Videos\desktop.ini	952fec5f9e7137951700d7e42.exe

Enumerates connected drives 3 TTPs 24 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\H:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\I:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\Q:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\V:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\W:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\X:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\A:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\G:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\Y:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\Z:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\T:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\K:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\S:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\M:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\N:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\O:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\P:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\U:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\F:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\J:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\L:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\R:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\B:	952fec5f9e7137951700d7e42.exe
File opened (read-only)	\??\E:	952fec5f9e7137951700d7e42.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\ChkrRes.dll.mui.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jre7\lib\security\US_export_policy.jar	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\Africa\Tunis.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\PROG98.POC.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\CDLMSO.DLL	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\America\Whitehorse.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\SATIN\THMBNAIL.PNG.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Document Themes 14\Newsprint.thmx.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\calendar.html	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Templates\1033\BlackTieResume.dotx.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREETING.XML	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\List.accdt	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF.PLAY	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF	952fec5f9e7137951700d7e42.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties.PLAY	952fec5f9e7137951700d7e42.exe

C:\Users\Admin\AppData\Local\Temp\952fec5f9e7137951700d7e42.exe
"C:\Users\Admin\AppData\Local\Temp\952fec5f9e7137951700d7e42.exe"
1⤵
- Modifies extensions of user files
- Drops desktop.ini file(s)
- Enumerates connected drives
- Drops file in Program Files directory
PID:1040

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3419557010-3639509551-242374962-1000\desktop.ini

Filesize
1KB

MD5
92c30dae67e517279947b93fbeda1d08

SHA1
a6fa53a3f9cf2d6db71509031e559d5018124563

SHA256
4bdb926d2c3be2f3eeffa62e2e409feab914265fc28ab208ea19c1393292e872

SHA512
902ca307e9e4766df4142c11293671ceaaf99e1c661f8554232680e146c7d6132e43870217486b8fde874556b35b524a86c3c6e00b4eb65ecfa96903561aaff4

Download Submit
C:\ProgramData\Adobe\Acrobat\9.0\Replicate\Security\directories.acrodata.PLAY

Filesize
1KB

MD5
53d0dfcbafe02e0b43172a3b3fbd7cb6

SHA1
7ed762d5005abd81848b7871a01d870cd3632900

SHA256
4065d8a23d1bc34d4e61ea9b443298ed67882659e7e93e9a8df15a19feceb5b1

SHA512
ac284fd4a88829c2a45cc8020a29ea726ead027694e9652c009e4c572dd6430fbb6ade68274eef0a411c490c386e17b68b04aebc9e18069ceb0ece0386e0ef50

Download Submit
C:\ProgramData\Adobe\Updater6\AdobeESDGlobalApps.xml.PLAY

Filesize
1KB

MD5
8325e3adc9bf90a86de300653777bd3b

SHA1
9d97d9096a886a09f4c66b294d13831ef4024d14

SHA256
b178cb12be24e0724d1bd3208c167bd7a6d4edef32a4d6bf0e411a71aadb4bd9

SHA512
695ea18c7af50d2c1292f35687c9ae3bce542d100ea274ffced24200afb0717f5cd4253ff6cd8706248cd68ec2c7500a1b50a7cb43b5ad7e826d5de5359b10a9

Download Submit
C:\ProgramData\Microsoft Help\Hx.hxn.PLAY

Filesize
1KB

MD5
e5100862314f7199219e12c680a85a40

SHA1
49dc40dc64c6c9ea9cc391a364fcd3a6afccd6fa

SHA256
b163f8c29b5806403bf0730523d04d3ce7948365c5f534fda722830803b3960b

SHA512
acbf5001e9f535788ad412a0459a037300347cd2db052b2fe994eaa304cb9d3e6070f022ddc3631d517be8bc00e1fb1e6166cb3c01ff8debe33ee1056a6c0d9a

Download Submit
C:\ProgramData\Microsoft Help\Hx_1033_MKWD_K.HxW.PLAY

Filesize
14KB

MD5
da51354ae0d9ee58721225140b835b47

SHA1
711ee44f34335f2995d313c6aacd4671e45871b3

SHA256
b36b2f8064593b4bbfd78992e3e46d22e20999d1df030f77a61a88cd83cdf2e9

SHA512
dd34a5284bfc50b48c336abdc292411dfed6eb21723a0f6969bd37d52f6ea2ed1d50cf402a4e64e9004a54ed20baba02be0018dde10d681a20097ebdf4e0ed50

Download Submit
C:\ProgramData\Microsoft Help\Hx_1033_MKWD_NamedURL.HxW.PLAY

Filesize
14KB

MD5
c6a25d40360253a3bb3306e8e482941a

SHA1
f7526cc16c909f967e2bc3c421a59809c374f33e

SHA256
cbf4b64a09548341979113335d5007ac0a591f325dc1683f47ffaec3a7fa6b3a

SHA512
4127837a0c17fa901e5aa312206587ec6740fde510887eeb5deca0a73da2a8f7c7af3d910df098bb88aafd4333bbc19ad21727e672e1eeb128bfecc9d0795674

Download Submit
C:\ProgramData\Microsoft Help\Hx_1033_MTOC_Hx.HxH.PLAY

Filesize
10KB

MD5
054b1d0d1c97a4611baaf13c788689f4

SHA1
ae8f03ab7b64f21e69abc3bc10a1892213077769

SHA256
94ee11a87fa7fecdd7cd80d6452740a5ebd3b58d624d6a7107fc06227d914bec

SHA512
3868dbf00d74cd65ab092b33e99157bd1e3402f9a6a972e267ea22a974352f429c69788943321da1fb8d3377bddadcecdd937f9158b04e02e1867c73b2ca789c

Download Submit
C:\ProgramData\Microsoft Help\Hx_1033_MValidator.HxD.PLAY

Filesize
10KB

MD5
712527dbe5ad24177f68dea10c97fd15

SHA1
a218a3b49e8346083b08f68614d51021299cafe5

SHA256
b698a3660277ffb087cd814f12085a0949d54f4eed72419fa2c8474327438b80

SHA512
3f33d08f88754f91768de8f1491d9bcf3893a813b86f78d8942161e90ef06ad4ad1d408d3ca6e67d146df087ceb1b9ac3ab6474b81a0f9bc29dfff122d437daa

Download Submit
C:\ProgramData\Microsoft Help\MS.EXCEL.14.1033.hxn.PLAY

Filesize
1KB

MD5
d26563f9c523c27ac078fb33cb0c8c85

SHA1
3d0d24be7436205dea6d00afcf144d8ab123215e

SHA256
0cad4083645422908bffc56664bde67781f551e4cd488ff6a31f239cff33a668

SHA512
de3e9f34b579e80ab35ac0c53c5323dbd596aa37b8f0c0fb1c4195123e7581fa0ac2409001f0ae0876e6fb9e99f0e21afc3f138ab5e42a2fdf689ed38b1174d4

Download Submit
C:\ProgramData\Microsoft Help\MS.EXCEL.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
72ea6e211a2b1aa7a4e4e28983bb1cd3

SHA1
2e60c37afa890fa053392c535f1cc656fa567cfa

SHA256
d45ec0ba5dbc807865d9c4fb252ad3b698aa1b9fbc159a468f2eb7ef584e2985

SHA512
cc8cc9b8f1612e7758fa86cffe8f48dca3d0223a3c0eac435dcfc123fe20d675eedc906f542e4c0d651448e62a4f8c7d067a1e100e303e4e54db889b30e1e96e

Download Submit
C:\ProgramData\Microsoft Help\MS.GRAPH.14.1033.hxn.PLAY

Filesize
1KB

MD5
47e2ec915a99e0e565eb75028577b143

SHA1
5850c4d58cd519c3624c80b4eae9951bb1a8699f

SHA256
b0cd80594a7b8a4c764e5a38e76279696d005322e96805b329196085c01fa4f5

SHA512
7e624f30bd7ef328ae3a62b9b41d93568f1a6c24fb666e3ff0c8c4208ffbc71e10c4adc29ce60a53209629a55305eac2b00b2b599be5d4656f172df82f54dcea

Download Submit
C:\ProgramData\Microsoft Help\MS.GROOVE.14.1033.hxn.PLAY

Filesize
1KB

MD5
35d9c2bdcba2544fae921d0ea6717746

SHA1
02af1d4e053bbefe3f7f2270e159f30c3bc3ef11

SHA256
ea74ed77e3b65c75d0726b1714121eded89fd0b4f1cff0d03bd6cfde3d3e7cc9

SHA512
3d33680b078bd8f6f309db9908c3dd41919605b6411f5e396e1de4b92d162b55b6399922eda09df13f7736f96ffc3b7ccd2261eb8f6c8633bc6cca76230f4d67

Download Submit
C:\ProgramData\Microsoft Help\MS.INFOPATH.14.1033.hxn.PLAY

Filesize
1KB

MD5
cc9dff8f5f4a3e3a2a1b51c3c9930002

SHA1
5663f57538fa3c4a584e8f68ba11000c2dcdd421

SHA256
91f43deaa86f39d10889fa607b7830527b4b98a163f09d788c71d4d7e215afb4

SHA512
1045b1e55c05c224f88c1cfb18ddda75010c0a8436b60b1c959663d2dcf187e10c3076ecb0f564561997e7ca213f25e2162aa9e6c121dbec26e151580b208ecc

Download Submit
C:\ProgramData\Microsoft Help\MS.INFOPATHEDITOR.14.1033.hxn.PLAY

Filesize
1KB

MD5
ca3774b21e751686246e1a99bee37d52

SHA1
20abf7e2388edc75efc6471ccee9796fbe34b629

SHA256
cf11f9e52431f631dd5b4f404c603f5e0db1bb075e9dc55ed4c02de7bf22a9b0

SHA512
a0cf7eb4e00906637438f28ca60d0af9e0eb1f3985845ef43ecec5e64af39bc588f9311249b10eab977d4452a6eaf5d6176736c261d98c865fd876ab93d092d4

Download Submit
C:\ProgramData\Microsoft Help\MS.MSACCESS.14.1033.hxn.PLAY

Filesize
1KB

MD5
c627772843f6e9b0deb369ec00c44d30

SHA1
aa9bfc9ba545693123bf5dd8393596d05b808c34

SHA256
54d4a1bdb3208cc6a7edc806aa5f7b113498902cf2ea74a5c7beba9507a407dd

SHA512
2299a12d1c5a43a6e2ab293aa1b04679774729ab5280dcff3cb50a21e46cd93e7b7707b689fe162cfbf50ebefbaca041c50eef5cb1c840a0d88a7996fc0dcea5

Download Submit
C:\ProgramData\Microsoft Help\MS.MSACCESS.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
3e5898ee95a86e8532bc5be002c750ea

SHA1
ac2a58811ffd20887e033d7f94f62305fb569c29

SHA256
5ee59055e6dc67d6557aedb3b575553b1267e0d836c14b7754f6d79cb18c0074

SHA512
80f624294dbd37aa411e99b93a9f3913353afb7839390d53f55fed9a52b0a402be89731c6ed17a6ffcde95de14ba36c3dd083f0f32380c05d8fb39ad68be4ca2

Download Submit
C:\ProgramData\Microsoft Help\MS.MSOUC.14.1033.hxn.PLAY

Filesize
1KB

MD5
56b3bfe451d81249353845576193f96f

SHA1
c19bc004a5176a8ad264e77b64b8f4c9ca20e797

SHA256
bddaceaaa216d53af6b596e2bdafb2f51fc54a843d693247fc2cf725fc86ac3c

SHA512
157191c8dcdb26639d820356227a3fd830c75c7a242609fd2983011ee6c659bd63bb0ec3cdc5f80e4e11f3c995ba94493054dc4f52dee5ee42dc9d5fa7ce49cc

Download Submit
C:\ProgramData\Microsoft Help\MS.MSPUB.14.1033.hxn.PLAY

Filesize
1KB

MD5
9d5f06a0f74ed20d64883973ccab9d79

SHA1
40061b1c1a7e435b4c640384fd6f5f418c72dd3b

SHA256
621bf81e25d62c857f1dca9f1144d4b5797b8d3a7d0714dbecc83c938f03e26c

SHA512
affa9bf445d4e1cf0708908dc1d25cb1e3065cec3cc9187f98e5645722b6594651708ed9a7fa8676386806198f9ad0827ba93e78ccef004e97d8b282b997e71f

Download Submit
C:\ProgramData\Microsoft Help\MS.MSPUB.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
fe488f4ca4f47098eece4d70f8abea6a

SHA1
c5dc797503bc8875592bd6fdeaa2af8032134850

SHA256
aa81505eafe86b022e5ad5f4a2f0e95db5103b2260afc0df279694b17774906e

SHA512
d4b586f3427b89466fea0e99538c5cf6316fc0d6644f9ff34e313c2fa4bc6417fc0a1eda2dc3e248e42942c3f164169ca61d30c6a4a28846d2c7a05ba7db5184

Download Submit
C:\ProgramData\Microsoft Help\MS.MSTORE.14.1033.hxn.PLAY

Filesize
1KB

MD5
99e9eca5879ea28f69e2650d27a3b81c

SHA1
4e7fee36103849c80f55120dffeb97e7743b0874

SHA256
2f6832e23e60933930b785e2d99e29dd2e1fe1e2ab759966a241f5f1b6cc1bae

SHA512
3094db74fd59240c1fdcbb84ec6dc82734c1afd80287bb3e250caa32c048885b1c3689d26c184e8c8a843ff51c0941ba61535d668dd703d67a56047deae9545b

Download Submit
C:\ProgramData\Microsoft Help\MS.OIS.14.1033.hxn.PLAY

Filesize
1KB

MD5
83dc401572d77bc00079daeedd728f7e

SHA1
a3e32553d2954516c298d5945317af417e24050a

SHA256
9056ac155baa7c71315195223429f1b5e611ad600d424a14186c5e537e1bd6b0

SHA512
463f52e69af80fea2487854819cd35a935ffa2e680348c0001ff5d869040c144fd57c7f9ef2d93ac466bc2f943782ee270580a8e2ae505897cb6d1a75d7df54f

Download Submit
C:\ProgramData\Microsoft Help\MS.ONENOTE.14.1033.hxn.PLAY

Filesize
1KB

MD5
5acb4c2259d0d8fb34a9360d4a89d082

SHA1
729aa304922ea2f3443ba6a97f68f4e6b5fce694

SHA256
378bd86b19f9a559758e5791870f42b62ea785ee0bb0821c9e34b360f38d6886

SHA512
4d1c9ab376621cfa2cdfc1d45ca0699f5f5140351c7bc81f882c4e7ee7288c08934f6c73cdb90b91fc6eea757d69d46befa3688f19bb1ff0f23641f362b8a8b7

Download Submit
C:\ProgramData\Microsoft Help\MS.OUTLOOK.14.1033.hxn.PLAY

Filesize
1KB

MD5
265cb8ac97efd1dba89d33761f125188

SHA1
6fd60fc9b44e4801ee40bd53212c437d49cc7dfb

SHA256
69a8d5b7b1c7916225dc91597fb20036f86b06cb0defc41b1fd88797190e45b7

SHA512
3b9cc7245c936148210094a8d985a5a1b467b4dc95a2e62057aabcd2773825ad2643bc97b2bcdddd6e5ed61ec8dd3cfb984accfde8a456cffafa8a047842dcd8

Download Submit
C:\ProgramData\Microsoft Help\MS.OUTLOOK.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
4c62a88189cc5013f600e5693240d5fb

SHA1
4f7f2b0a0da05226d715bda0d76537b3db0b3bdd

SHA256
cfc72a689ef440fc44aa27a501ef02dd65fbe61206287fdff4d377df2f81be58

SHA512
a1cd4500097b78b13e2867b8357f7cf4d4776eebd5a7311a11865e9a41fab8524be6fdf66a222c5e62eaf0c4c8b8c4ad5ad3a1c631d5207556bf058e07daa04c

Download Submit
C:\ProgramData\Microsoft Help\MS.POWERPNT.14.1033.hxn.PLAY

Filesize
1KB

MD5
5c6692aa02c79c365d6be0283a23423c

SHA1
908e4d584c27907c8f11ad266f0279c682726742

SHA256
f2a881b3d8b99555482e1d72d4ff8888f0636dcdda7fc6bb1638ba29b132d70f

SHA512
3fc1ab6c4386c7651db783fb72df154314f5a554942028d59960c61b875f645af46cb2b6cdfc477191dc07a96ffaf288b1916220d7a99407bb645ea561c9cfde

Download Submit
C:\ProgramData\Microsoft Help\MS.POWERPNT.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
f3903d3be848878fc0c4a3d2e1c11387

SHA1
564237b462c0b96a8f469887d81db62a435320dc

SHA256
152358f3f5419b0d203b84097057abda29c0aa908cfede0bdd74e386ebd105b3

SHA512
5e34d018e29af5ec73685ac0e3f9cae1d97a114f65fd80e3177a14858b1259bc600085a0818c5b9f675c4a7903da6efcdd800211010eb47bb062927a9753f2fa

Download Submit
C:\ProgramData\Microsoft Help\MS.SETLANG.14.1033.hxn.PLAY

Filesize
1KB

MD5
cf97b42d21cec87b094ad007c5ac4b9b

SHA1
1c0bf866b62d8ebc6206b916abfff7d26b5869b5

SHA256
965d9e27b1f30259aa6c61a2dcb414d5e56cedc2374551c63d4c9136b69c7923

SHA512
76b5e8f806ef2e70c5063badff490492bb9e901280b59f1869faeba1681907ef9eb89e9a8a0ededa65a986b03b6eb612e77dc0a0244fccfa72d6033cf8871c70

Download Submit
C:\ProgramData\Microsoft Help\MS.WINWORD.14.1033.hxn.PLAY

Filesize
1KB

MD5
05ca3ad556745281b5c9b719859cd1f9

SHA1
796939627de7267711a50dc29d733f015e1c2d51

SHA256
3bde68da8f0f93f321d58f40107790e912c06928388c26b95bb4b91927425d6c

SHA512
712967d02421178a0f3951977c8855ab58f5836d951beee126525a3cd4fbccd68427962fcfcb6d6ca623a8bbb59e46bdb3015fbaa5efe41d75ac9b11d1c9c889

Download Submit
C:\ProgramData\Microsoft Help\MS.WINWORD.DEV.14.1033.hxn.PLAY

Filesize
1KB

MD5
15c2b466f0e860d929ce207612603c89

SHA1
cd9e3a2c2ef89b98a73e29f799e93c91fa7dcacb

SHA256
c604703b050686a7fa7fee5f30f98d9f4e51c4c29fd6c0d41497450dead0e49d

SHA512
19a935c8945e18b8711c16d86fec9dc20773fc37889d63eb13f836c6afe059d8565f524a6bc1fffcddcfbe9ebd6ae7f77955adb127fb61a266d42ef1b9d43fdf

Download Submit
C:\ProgramData\Microsoft Help\nslist.hxl.PLAY

Filesize
7KB

MD5
5427475d7f2e311cea3c084938746494

SHA1
c79f8ef9d7ef7fb76cad8f3cbd4ab14d95a850eb

SHA256
cc2b4e2ec6512cdb8048a38bba938fbb4329d9322084532aa16bc9dd4b0ac74f

SHA512
d3f6edabf292de41fbd4def69bedbc30d8b444bb47946d4d2437f6e45d84c351b4e71ec9810b1a6edf654e78e335deabae7cf0ad35edc7d907ddffa632546c15

Download Submit
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json.PLAY

Filesize
1KB

MD5
03717ca9045bc950104a6d466b0ca5e1

SHA1
8fdf7c0615010a460903afcc840d4642ee1c841c

SHA256
4aa58e9aeee681d14eb44ee8836629756a11de99c4a22e3bf10849448b9ea968

SHA512
05b3abcf088084ef79bcdc84142127cad2de3203a5391dd68269c6bed2bf0e6cd1451a0afce3dc681c24016b97363ce8a30a77c705a6a8fb832b8ccbc39e9e48

Download Submit
C:\ProgramData\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\x64\Windows6.1-KB2999226-x64.msu.PLAY

Filesize
1011KB

MD5
0f5454abc5b4c43dc99142278af0dc11

SHA1
96c7c8ca43e6acdfcd621a4e40265fb8f489aecb

SHA256
56c3c24553fabf70beabd1025514576220ff2e3b50e71f6c7deb01a70bdaaebd

SHA512
f48edf713f70729527cdbf297524c2dcc65b2cf8efd2b948faa108d23afc278154f0824f8dec736281918e1fd8dc98039b6684982e3ba2136548200563a8181b

Download Submit
C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\state.rsm.PLAY

Filesize
1KB

MD5
adac03f3abc13fffe9351ea0ef6cf8b8

SHA1
417bd22e2bd0e4e34957051e17e1862600e2f4ce

SHA256
807dfa01d607b27f0480762879690e6229c40e69ee07f559032e4e0a1b3bf271

SHA512
3def18cd24441eb030c711c4e60049332bff67901fd316c4fcea609ab253a78a354a15754031baae6550b1cc1a7f94e7667cfae16bc141725e91c750db7f7d9e

Download Submit
C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\cab1.cab.PLAY

Filesize
5.5MB

MD5
abdaa7033144302ae032997a10b99c67

SHA1
8e63a83c4d00a16264b73f8ba12598bababfbe22

SHA256
88086a65fc4d155069ef89c9407105e12042cb82cf7e57307d9a03d563c32635

SHA512
47349a72dffd4f2309da13053559d171c5bb45b76237aa754ae6078ac72605db4065d5e7070415bab9cdc2e7b3665aa81075c9b98889e75042bf2b0e9ad47b3b

Download Submit
C:\ProgramData\Package Cache\{4d8dcf8c-a72a-43e1-9833-c12724db736e}\state.rsm.PLAY

Filesize
1KB

MD5
42b0c22cef86b86bea333bad510f834a

SHA1
888846a270a7a8b1f6e3cc5e5581856a0921231a

SHA256
6cf7b2f3eb20940c8830ebbad6a093b02c90b426fca65d798c16521f7a6bc541

SHA512
5e02bdc32c2281dad22d0c5f59abcb34a2a60bfafb005e559123c7248e39267abaaaba7df8e8bf98b7de352b3e2d635587b8e5c9a883ebb3053fcea4af78309c

Download Submit
C:\ProgramData\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\vcRuntimeAdditional_amd64\cab1.cab.PLAY

Filesize
5.3MB

MD5
2fa89766e59873accfccb121723e3dfa

SHA1
7a724920f2b1d6fa8a5cf73c4df38288d0b3305f

SHA256
2a4ff1559e0b2c8f8c63b6af1a7cedd741cf30ebe34652c66ee32cd556ce1f7c

SHA512
ca51f2307eaa3a774d9d71f3a4370ca84d3353a97578333f31648b2d7c28ae1f609c8dcf282ed047c670246d4d541f9331968239a3c60cac2e9806fdb04e5475

Download Submit
C:\ProgramData\Package Cache\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}\state.rsm.PLAY

Filesize
1KB

MD5
ff885bee2ec8b2862e2cb44bc3c01f08

SHA1
e4912943d643ba62763ddca583b01b8a6e0819bc

SHA256
d8b66372e55637f48d45809a9a5ac8e1f23708593e8c17ebe0f47ac6d243fabb

SHA512
9c8289e423cd777ca4a1245c00f3ed191b63b55ad03815a538bc5f5f6a8662a3d14891eeef60e03788a9b4d96bcf81467e693dcfcdfad1a21fc92f87672af58e

Download Submit
C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\state.rsm.PLAY

Filesize
1KB

MD5
92c69fa8c7193ac8d772a21a459dfad5

SHA1
8924e4ab91e51e1f15022b920c8043b0ede78c92

SHA256
836f1e83e6de277e01d3009649647af46093303a47a4a4f1157e58dba01ef7bc

SHA512
d9d6e313401f22e13acbae0c93b303650ddb55d0b67879c6d1212777e81c0c40501cd5f43acb64d01ee385181da64e1b21bc643564428d149b3d4dfdee3593f2

Download Submit
C:\ProgramData\Package Cache\{662A0088-6FCD-45DD-9EA7-68674058AED5}v14.30.30704\packages\vcRuntimeMinimum_amd64\cab1.cab.PLAY

Filesize
870KB

MD5
5539b78089cf233c08ac1e1ac30783bc

SHA1
86679b070d720e6c1865f49d437c6445160bcdbe

SHA256
3c7c36f228236490cfd977bcd57152b48d8f95828224f2aa5d3d45d102af50c4

SHA512
8537039e91e6b5192861dfc880dffc92d45fb2911bd5a082e3ca6cda035bbb455826988be867d2cff7be531db845bec805486074c82edcfad6d6cfe772d2031e

Download Submit
C:\ProgramData\Package Cache\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}v14.30.30704\packages\vcRuntimeAdditional_amd64\cab1.cab.PLAY

Filesize
5.4MB

MD5
ee51b8cdb9a1e67aac5a55de1fb74c6d

SHA1
16d1f1ee3e5fcc54e15dca6fbd0877fff215c12f

SHA256
ae031009fbbbf59489981f5619d52aaa6423f821cb2083b7e99c2a3f8e249a95

SHA512
56b653bbfeb99bc7f9421e28fa50f1df7279818d37c2489a34a93ec2d761536de7f2eeb831432f85d4e293d7d83dbdb5e1529f95e3ae1a419c3fbf20c5d80a62

Download Submit
C:\ProgramData\Package Cache\{7DAD0258-515C-3DD4-8964-BD714199E0F7}v12.0.40660\packages\vcRuntimeAdditional_x86\cab1.cab.PLAY

Filesize
4.7MB

MD5
2e3187f91b25e69d876015e62bbab0e2

SHA1
c72296f56cf8495c745802b531f4ae761fc53651

SHA256
51576cb4b936296d36c6b57c052a8840384c44d6f4a55fca5bf6e6575e3367c1

SHA512
4d7eeff49a0a9161f1a2d8ad7ead7c8cbc83761898a828007cbf6600f3fbee8416f7f292e7bd1ec843f0d22ff0319c35ebdf2ab2950e8524f28f746e03f4b03d

Download Submit
C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\cab1.cab.PLAY

Filesize
4.9MB

MD5
c1745e8600a42bd613299ce6adc4b1e2

SHA1
5da34ee6f77cd697adc311f487533e9b44983e19

SHA256
bd42ae4b70e5d0c7ae58c0e6c12f98c2fac81691d0d740dba3ccb678cabaf4f7

SHA512
63f2ec765a5a2ded8cbd8d7e67e7111e679b2c1fc26a690cfc89e1cfd0cc210e9f1e48e4c4ecb21a975e2910fb32e2d35eabdb8bb359c27c362547a2898faa3b

Download Submit
C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\cab1.cab.PLAY

Filesize
803KB

MD5
d4719b737ca7ceb2f0b7b40e60331f58

SHA1
b3f33f9f3d8402d937466a1d8074510424cc0f9c

SHA256
c79bacc49c46a6b2c756300013de46e2223f268e88dc70497ed4ca1921e4dfbf

SHA512
ed53bc9e73b289ea415ad663bf3d80d39621b3f5cd6e393c6529fca267f7d996c1a8e5fb1868f7eebc2807eda465e7ff4cac8a4905fbea502dde022fb5e0d01d

Download Submit
C:\ProgramData\Package Cache\{BF08E976-B92E-4336-B56F-2171179476C4}v14.30.30704\packages\vcRuntimeAdditional_x86\cab1.cab.PLAY

Filesize
4.9MB

MD5
8bfe01a4b905e9449741c75c2ab8b2ed

SHA1
b00e0754f3c290b1cacc728a1527f3c856ce402c

SHA256
c3d7b2fed78d7537a2ec4ec3759d62863c03bf4272df2e812974f2eadd6bb159

SHA512
1b5d586630901db17331f8f5df0686ac9a930dac673d445f14048e88ed0487af17a954d5a0fbc63ef82aedd1b521126359d0ccc1f65e438ecfe460cfc3752183

Download Submit
C:\ProgramData\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\packages\vcRuntimeMinimum_amd64\cab1.cab.PLAY

Filesize
1011KB

MD5
8105fdc95e36f6f22f2002936b1a947b

SHA1
4653c674ab3d9e0e038c49ea312d2d5af5582e2b

SHA256
ff6288dd2e22727b9972d2dca2dd0ba2b3130710806698cf372c131c0ece6175

SHA512
2d375691c7a32d7e082266fa3e100f909889f1c6d9e0f5e27f1e70adcf7f427dce92e9987fcf357e6204ad96668aba220cdd0316cb62550c9c9c5ffadda5f495

Download Submit
C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\cab1.cab.PLAY

Filesize
791KB

MD5
adf49eb840be346a2d9eeaf6edcdee29

SHA1
8e237311e374d59190a9b60e6d43832bbe2e8b70

SHA256
286b06b27abf4a3905ed6293f0e12877f2f5100e1232a56740b03b5c578bb691

SHA512
4c14bbcd965f7bf33efc7f4b5fa37511e266d8bc0ce17529c5a83de9a9ffe043cfad9828cbec1cabbc5624485225a12436a0e9cf8695fa9148486e34d4c2b22d

Download Submit
C:\ProgramData\Package Cache\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}v12.0.40660\packages\vcRuntimeMinimum_x86\cab1.cab.PLAY

Filesize
974KB

MD5
375a705e684d95db19fae888a61b1ab2

SHA1
be6257cd74135ebe207e9978f6eb5ddba4a4f8f6

SHA256
1a91d47c74a7eceb1b7973c6667f956cd6d0e6bf78e8e080b9b9df830a3b5a29

SHA512
c96812a4ac438aa47c8ce7c73b026536187946240cca48e2d619b68361404d9fa3d9b96185857b6f6f96ebb8e72d1aff4861ac6516c94348de12b107a58856b6

Download Submit
C:\ProgramData\Package Cache\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}v14.30.30704\packages\vcRuntimeMinimum_x86\cab1.cab.PLAY

Filesize
742KB

MD5
8c5e6e690d39f61885fe15cb850f7a21

SHA1
73f3a8dc82e260887bf07fecca5a69e5c2e0a10d

SHA256
48566a925aa7f1a5fb77c9f082e540fe206628b66633d1662bc02157bc73e06f

SHA512
f8e35fc41a51bd7a3fd731770d80f2976fccbd63ec18abe5e89d58ff4490a10278b5460f67879739fff05cc0f38615f8cb9332dc2e3d6d48ffded90a1767f953

Download Submit
C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\state.rsm.PLAY

Filesize
1KB

MD5
7513f8a050c3883dd7451357327b7eed

SHA1
6caf4c04df300480e71811d48e9b5fdf6a479bea

SHA256
9491b36b02b766e2000cf73d8622c226514b97636d66ba880b79130ffecae6c5

SHA512
2d495e6a15ec0aa308521fa01264a27d45f485ea2bdc22b2442730ed26974e5e2355a6fc02e6711db1bd40d43da3501683f91f3564aa27d62b65977eed5714e7

Download Submit
C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\state.rsm.PLAY

Filesize
1KB

MD5
2849266b7bbba1f82c2e899b1606d17b

SHA1
3b23284749c333921e95546da964096a6bb6710e

SHA256
51b3b2d56b9b88c8e3d75aef05f6e0e94b4fad369c9d00cf6577d5544a1c3500

SHA512
0535c7209f2cc3c3b67f911246aca135526f5fb4aa8985469b9a3c878cd04c1475f0e756e7d39a5413775a758f7914c9bae39fff0bf1c0a9ada25d802397dcd8

Download Submit
memory/1040-54-0x0000000000120000-0x000000000014C000-memory.dmp

Filesize
176KB

Download