c74b7e4cea0cc29d2ea08bd5cebf4e11c448c80da916c1855498f326a3a724df

Analysis

max time kernel
151s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
04-08-2023 19:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Install_p4b2.exe
Size

6.8MB
MD5

178d817b53f8e4dbe59c76c82faafd12
SHA1

10240887def568edecb6b24e335db5303566fd0e
SHA256

96dc7f3b2153ce6ca2edd3994c9f1982fdb9dd5346cc5ea16dd1ba69c6053018
SHA512

17c697ef26b105a0d3d504a8d4340e265c46e0a93c56da38ed9146f31571a97be09c464a128d56d3628aba1bad18e1d4d2d11571d8cbfdc9697167248363ab28
SSDEEP

196608:ySELnHuunzub8oMC1SGwdYz0F2s5wrxnmb7QQ9YyOOoZ3p:y7jHybz6yWerxnSEyOOoZ3p

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
2332	Install_p4b2.exe
2332	Install_p4b2.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_a_cv_f075D.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_a_cv_f078C.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\declineAgreement.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\blackPixel.gif	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item361.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item387.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\p4b2_a_np_f005.gif	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_a_cv_f001.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item38.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item457.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item61.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_b_he_f003.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item177.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item349.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item69.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item115.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item510.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item518.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\p4b2_a_cv_f078b.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item238.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item32.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item442.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_b_he_f001.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item221.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item362.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item386.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item107.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item450.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item389.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\figure27.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\one.gif	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item4.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\p4b2_b_pc_f040.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\three.gif	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item175.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item306.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item50.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\acrobat_redirect.js	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item501.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item503.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item56.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item454.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item511.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\figure15.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\p4b2_b_pc_f0227B.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item109.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item201.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item156.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item166.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item68.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\p4b2_c_pm_f057.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\figures\images\p4b2_c_rm_f026.jpg	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\print.gif	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item121.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item178.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item198.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item386.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item210.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item250.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item312.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\q\item333.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item172.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item337.html	Install_p4b2.exe
File created	C:\Program Files (x86)\ACP\Prep for Boards 2\content\assessment\a\item75.html	Install_p4b2.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
668	msedge.exe
668	msedge.exe
848	msedge.exe
848	msedge.exe
4824	identity_helper.exe
4824	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe
848	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2332 wrote to memory of 848	2332	Install_p4b2.exe	96
PID 2332 wrote to memory of 848	2332	Install_p4b2.exe	96
PID 848 wrote to memory of 3016	848	msedge.exe	97
PID 848 wrote to memory of 3016	848	msedge.exe	97
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 5092	848	msedge.exe	98
PID 848 wrote to memory of 668	848	msedge.exe	99
PID 848 wrote to memory of 668	848	msedge.exe	99
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100
PID 848 wrote to memory of 4716	848	msedge.exe	100

C:\Users\Admin\AppData\Local\Temp\Install_p4b2.exe
"C:\Users\Admin\AppData\Local\Temp\Install_p4b2.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Program Files (x86)\ACP\Prep for Boards 2\index.html
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:848
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe125e46f8,0x7ffe125e4708,0x7ffe125e4718
    3⤵
    PID:3016
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
    3⤵
    PID:5092
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:668
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
    3⤵
    PID:4716
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
    3⤵
    PID:1540
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
    3⤵
    PID:3316
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 /prefetch:8
    3⤵
    PID:4700
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4824
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4540 /prefetch:1
    3⤵
    PID:4024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
    3⤵
    PID:4996
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
    3⤵
    PID:2112
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7594653185764048389,699692928666200200,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
    3⤵
    PID:4892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1692

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2772

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\ACP\Prep for Boards 2\bookTree.html

Filesize
988B

MD5
64660f5f85dd825105159d8b9ec96311

SHA1
442c956392eb6a0e7833b63c7e17356bb6a965f9

SHA256
589bcdcfb0e199e4b593006cb4c537bb7088e29ac10b718eb405317f26ba7227

SHA512
04d4fc648833cb32414104af1caf668f0614cb0ce15ac102e91254795ad08504b9e08e613a0a84742db20e7e104857cba7f128915f3edc9b56bf111d8318b805

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\footer.html

Filesize
708B

MD5
f4889300ca2484ee3d16bbd198ad9f74

SHA1
e54d326ac7f7590c86f406ad63bb4ebea8fec484

SHA256
54ea74302c0401eaddf38cb465d4382433798c260a932049135fefd7f600a48a

SHA512
b8c2b1da66a8c3dae69f7f83d241694bc3f8fae5e61907948f39bd97e6fd34d5b101e34ed49353be834d390eae99400d974ca73d75fe0ae15016dd0ed02c37ac

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\arrowBullet.gif

Filesize
100B

MD5
065332f911cc8fec23ec67db291db476

SHA1
21c1cc75b8ca19c585172862e04d8f063f756752

SHA256
a1d4ae48cec88f9fe873e53346d376418c63c1094c658464eb394cba41d22500

SHA512
daaf31ceed8b413578775f5122a2f402a8b0b7965cbe700aba387b2cf2e36b235525898b69abb847a09534f2720381a14553ad25d731dddc633fb2e9ab02b3c9

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\filler.gif

Filesize
85B

MD5
42faab4e7f599fb90a37b73ae9e373d1

SHA1
0166094c9527bc7429b908d7f25aa15fca55d06e

SHA256
79f9c4bdb9245cf07fcc81a00afd66f87b58514e17aad59d2c52543e8c501319

SHA512
20cde132d007e6ad1ee4ee42935e7456c559a069e37f038903138b07c8e3f19b70a08a7163c7fef167c8d644adf5215a5293ca6cf8aeb4f2b0a227b5e1463390

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\gettingStarted.gif

Filesize
459B

MD5
d0fa59bc5e74fe4b827992c72e5b6094

SHA1
7bccdc896a1cf8792e273223ae58b2d78c13f565

SHA256
089fe46c32225df7163c8c02811f6d9efe419d4f33feb05703f266efdef202b6

SHA512
34b5037436958132d25c4a996841a1c9b122c30eb8eb8d4a6dc89ec905a408db64b580bd891aa3c0bf2c5c344554a16122a3f70e9e67a67833f1cea082be042e

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\greenspacer.gif

Filesize
62B

MD5
911218a44d90658b2a657eb6ce220a06

SHA1
6ed12db1c0398e2d6131912ee3b93865f207cd69

SHA256
700e46d900a31b71c96d67b431f95e0e3b79081af6dd1bb362021b774bd5f27c

SHA512
79d84adae4aba948db89c87431cc4c4ca115c0e163c35aabc604b10d1ffbb1fa60fd9ebd00db7bf2281856f5a382c98189b6ab51ade930b4e0f3b6f5d56987ef

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\helpIcon.gif

Filesize
62B

MD5
a0b61441dd56bc50b1102fe1e9476d81

SHA1
0ea33c0c48c5555f62ae819b95a32db8a1d22ec1

SHA256
a38e6546e430d2355e53f783bfd6be9f880113a05b396bcc83b9f06c1007f618

SHA512
eb6f51e3b5e848d9cb80fef72504237c12f1ee00a0def73b09a3d4b44b567f8d8b12dd7721234c8ad78e988b9daf4593f1d83f868368c1f8a73205fe0f50752b

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\menu_folder_closed.gif

Filesize
138B

MD5
089b9dd2f1d03628edbb736dc1c969aa

SHA1
1202418c9c9a72a89e8491e42046ed849f25a28d

SHA256
b2514c6e55a51e4af7137ffae7af8068ec0e3d2de999330e9370f8255c1abfc6

SHA512
ee1addf1181e7a235d997d85c8a2859530f6c562f210833186ed89df7963311ff11653cd610f43e6e0a0dfc61e7e4134d99880ed5c5b04acd871fee74f174c01

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\p4b2BookCover3.jpg

Filesize
1KB

MD5
5267f3f271e272130804cc93120c7507

SHA1
10268d21796e84ab832d5052fecdb5c87e918a48

SHA256
a40b9d477afa28789c076abdc798c1df42bb7739f62a65195e42c8b5dee09d2f

SHA512
182e67bb751c2547eaa4f2feb0f33b34417f7f15ebae642046963af405816bcc9b2b2023996d25a4a3adbf33cc3e4ac5363a91d897a5246dfb714329cc02689a

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\p4b2banner.gif

Filesize
2KB

MD5
166fc9391fda6ccbb19a58fe76cf6e12

SHA1
db4906400c2449f7c37bc4dbaee63ee29ec0a268

SHA256
bad5d4acde4fe345742691d5ac3fd62ef308322ac9af3a35f3753df6a30f9935

SHA512
e18fb39a648f0fb70b127d4aaa4befa60db0177e7c49d785e2fc9ff0befa8a565503779d09ee1ef2a14a186c4674ce88d098f1b52a02b4fb3625352df06ff021

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\pdaCompanionIcon.gif

Filesize
178B

MD5
d42cbfef98e3eb20bba11b4168e391fa

SHA1
bcbf48006ef83fcf34a1b59cbaba18dbe000ca9a

SHA256
c429956d8259c607f6d7adc22b5ba4817c081b7d25e9784972acf65854da6274

SHA512
65ce0a64648d0d03d68dfce14b34f59f20acc5f5e146c4250883e26448b1bb3665b3cb8071b19e3164c9cc686a2cf96ce710ff8af8a389da21934292a4838584

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\graphics\topBarBackground.gif

Filesize
95B

MD5
dd3850a3ceec2ae7c5eac08cea6db78c

SHA1
fe1eee98ad25f21763c58026d413683036a8c146

SHA256
96bc614b31ad1532fb170753095538b65a193778d4b5df07fbff6801d17daa06

SHA512
737384d7701971d3e82b98bcfb189cdbb622d9ad6b164fba7ce78a2913178ac02bb4e9df9079ba649dcdfe0a109f93d3d21b14c980764580427d6aba73856903

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\index.html

Filesize
1KB

MD5
c11e65cd711d5c861839ad480ee0ad8e

SHA1
9d92b7f11dd89a85098ad5ed3643415c9e2bb8a6

SHA256
937016d1249f82cade8c5c1a9c0a3edf9f9bbfec14e36abfc4b5fffe3c294681

SHA512
8e9987569edc4b51141267cc4a0cbcf07ee4f2572eda0733344094d7ac37238cceca81c7da70dca16d5a10ae267a11280d371b479c32c86deb922a56f9b6ee90

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\index.html

Filesize
1KB

MD5
c11e65cd711d5c861839ad480ee0ad8e

SHA1
9d92b7f11dd89a85098ad5ed3643415c9e2bb8a6

SHA256
937016d1249f82cade8c5c1a9c0a3edf9f9bbfec14e36abfc4b5fffe3c294681

SHA512
8e9987569edc4b51141267cc4a0cbcf07ee4f2572eda0733344094d7ac37238cceca81c7da70dca16d5a10ae267a11280d371b479c32c86deb922a56f9b6ee90

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\jslib.js

Filesize
54KB

MD5
73b549a6461cdc01836ee05f107f1a5e

SHA1
1fa13e4b302c90d475165128274b5cb01eee8a38

SHA256
dd24f94065673576c80e1260edacbcbfdc8edbc2c4aebecd2f2b39a0dbee99e1

SHA512
871004fa2b565a2f5a9ac855b52af0feafb18aec4f87c6bb098e61740de3f502230ee269c171fb24c157fee2b74cf6a729cbcf914abc110bb24378a551dba245

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\logo.html

Filesize
707B

MD5
8c2c5498d0ebbdd6b3bcab38cc3b48ee

SHA1
641e34340e7879e181f967ec971f405bbbc1098d

SHA256
fb6876fb9f9b102e2a38bf4c918f2f48a1ccac4aee4926ea5ecdc05da4770671

SHA512
42764f0e03ca1b82720448b89afbf7220eb19d023cc8cda73556bb6191071f2daa94050d38fa1cf1605e67dd8d97db2e5b001235c60fda5b950346952a2c4b37

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\navbarset.html

Filesize
401B

MD5
937cf8e22319061c21a9b7ca74a7c3b6

SHA1
5e6c5aba579c7f8c839473cca709681c3bd38f86

SHA256
42c8bfe3293f8fa6e72677b3fd891cd165b305946e3df2ae10788723e4724bfe

SHA512
bc2fcd8be285c1d74773388989319f775e3494f1d180bf7b1b4533727204c4bbcb80e9137366370ac2405e6871a168c0232ac8f749ab3d2561e28266041ff7db

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\saMenu.js

Filesize
180KB

MD5
aec8dfe1e02fc043946123de6c16648f

SHA1
cc1e826976727996457d4497d87b17d2d27df41d

SHA256
ca8789b51a37efa895bc6e8a2333c4b5e528f6d6ea5b1a74e4d6a34abd1798a4

SHA512
321ea48bee41366b9efc2f61e87d0f2c5436d125a63638674368332d5c570a1df03983ddf1cf8fded46a8df7100ba96dca34c546ba1b433d90e10654d8970e02

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\sasplash.html

Filesize
5KB

MD5
95ccee67e7344f274f1346a4ca3ccc7a

SHA1
d3ef0132691fe346787f9ff8c4b3c8dd0fa74c8a

SHA256
ed3ecfb97d814694f994f757e58240ffc6f43bce6e90cc1659359d395a8953b9

SHA512
3f653d63582ff94cccaa42aa1e297a3292083e09936b68bf703e1f5b26827cccf68cbbac3cdf19c9bca2bbb818180687c2c86834b17b74b85e084ed2e50d693c

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\satitle.html

Filesize
2KB

MD5
fefe9134e672685ff9aa9c433fd9bf3f

SHA1
94bbe417a987aa7a20dd9424df51310705dc56ce

SHA256
0b85fcab00bb74799f1c8323342075cbac4944d2ab94ed1e058a77f2d53cd3c9

SHA512
72cca6b6cb3b87fe8d0291a0936367bd9f20389d26966e105609e4aa04dcec8f157a727b26a41373f35bba892478e454a241c751b797d2cbcb51bbbee3128f3e

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\styles\content.css

Filesize
4KB

MD5
d21d665178e8a56291d59ace3b30408b

SHA1
f097d192ff83c10825439cd6df919d0daca39339

SHA256
8f4f405d8cddbf09f3bcf6ece149f9a7ea97fcfa5409506fc9a52882dbb22c06

SHA512
0f7d63f8fea15f07af66826a5d433a838e0633f9b73a05a6053c331d2d3cf583563e6564d0d9a68bbf829be162f078410b096943380d9ed21009f50ca69a695d

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\styles\footer.css

Filesize
678B

MD5
545462fa6b9490f5c77602ab6469f9e8

SHA1
bda873ef999fa98b7877c3ac8c1b0a6f4c4e2820

SHA256
c243d6bcbce6b9ae9f659396889a6415691f50f071c07eaf0772e0da3bb01cb1

SHA512
4d4f3762a78d68d1916e2c136e0896e6a9c90288161556b5fe60e73e37d67db18533fb2048a8d8b0cbf6193bab11329c98d97a7df089a37a24c2ce39a5489873

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\styles\navigation.css

Filesize
2KB

MD5
89476c525d9dadef6eeccc46cdea9747

SHA1
cf0fe08257b1821952a1bfccc4d816b45dbf95f4

SHA256
f29a59b102124c8fcb9ec5184d6a4bfcd1b8b8f23a3977fd3e0587180959e1a0

SHA512
5832f8ab3d5697d7296bb3847125632c19008cd7e6bbae70d3123972bf446880cf4a8d5782e46c35d99a22e6f38402411e50d101ae88372627667f7c97374439

Download Submit
C:\Program Files (x86)\ACP\Prep for Boards 2\treeControl.js

Filesize
15KB

MD5
2b51eb4db92ae7c71f8d9f22f01a13aa

SHA1
9b3c30c7f17abbf21e7a216a296b1544fa26de69

SHA256
5c0f013387a04ed55175c1bbc8233a49b9d14056afa27b0966c4765054e15c25

SHA512
4480aecd7ee7f565111a24201b6e9c90fe88fd44d062bccc2c6308cfd4369e5810d27fa3e2eae56533da429db37b11411c84ec343b3fbe12844725f454cdb20e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8411007bafe7b1182af1ad3a1809b4f8

SHA1
4a78ee0762aadd53accae8bb211b8b18dc602070

SHA256
1f274d0d144942d00e43fb94f9c27fc91c68dce50cd374ac6be4472b08215ca3

SHA512
909e2e33b7614cb8bbd14e0dfff1b7f98f4abbf735f88292546ce3bfa665e4cb5ee4418561004e56afc5dd30d21483b05f6358dad5624c0dc3ab1ba9a3be18eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
918e19cb976603379b686823e206b926

SHA1
889141a3013eeb2060de607026d8bcc903bf8eb3

SHA256
18346dfb54933217ebaca1ac7f6da3930878a428ef125188b3f984787728fad4

SHA512
d9e881d4c19463875ac0405dd6525336472c2c6bd6213258e7fa325b448f76a75029a1f6f996f69e29c21e28d1df8600f84ff5a43f274348c97dd11aa71af2a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9c2671ff3bfeb3973566aaf701f6c4b7

SHA1
afccdf73e5f230af9ae7a298611121665fd10460

SHA256
16b7bda2e6641c6b6165f803b28b98c929ebfd20695e6d0b88492e06f290ebb3

SHA512
1e4e77e7542e874573ddeff52ed58eafbdd0c48d49b625c500a52a8e93fa50366089a4a900cf8f79552287f5926aeeb13a5d20712fe717d30165ec4b894fceb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
8caf4d73cc5a7d5e3fb3f9f1a9d4a0cc

SHA1
83f8586805286b716c70ddd14a2b7ec6a4d9d0fe

SHA256
0e0c905b688340512e84db6cf8af6dbdfe29195fefde15bd02e4917a2c5fda8c

SHA512
084ef25ea21ee1083735c61b758281ba84b607e42d0186c35c3700b24a176ada47bf2e76ed7dadd3846f2b458c977e83835ced01cda47cdd7ab2d00e5a1a294e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e85d88ea48d8da16ee47c0b302a58cbf

SHA1
caf24a5b881824c9d9d8d6706e5685f1d86ae5ee

SHA256
e47dc5b5276fe76e05b63b86741baeec3a473ae8f302c55bc2132d6c794cc7d6

SHA512
a1d40e29f9a49e745899d64540bfff591303c91b7ca1eb849843b544c3cad59c2bf792600323971b1487675fec3254ed2097b119702688fc3393d58e96121e20

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsc16C0.tmp\InstallOptions.dll

Filesize
12KB

MD5
07f3b3445f66e1089567796bf3c8be78

SHA1
851eb574c1067b23a654f8aa47b17ef599b24d1c

SHA256
a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

SHA512
8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsc16C0.tmp\InstallOptions.dll

Filesize
12KB

MD5
07f3b3445f66e1089567796bf3c8be78

SHA1
851eb574c1067b23a654f8aa47b17ef599b24d1c

SHA256
a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

SHA512
8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsc16C0.tmp\InstallOptions.dll

Filesize
12KB

MD5
07f3b3445f66e1089567796bf3c8be78

SHA1
851eb574c1067b23a654f8aa47b17ef599b24d1c

SHA256
a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

SHA512
8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsc16C0.tmp\ioSpecial.ini

Filesize
715B

MD5
cabaa799731226c48bda24d40355ab95

SHA1
7fc1b7bc407b912de9f23544ffb05f694eeb380b

SHA256
32029eac19f710179e94ea3e476e584adb34c4041197afdcc89138abc779144c

SHA512
acb9776c297fa33ea5497da052df4f830468a597bb833d21e2674fcf52bf0bf69551e14946adef3f1b17a1181142ed9de4fab76931578510ab616cbee48da091

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsc16C0.tmp\ioSpecial.ini

Filesize
647B

MD5
d3b9a4224051a58a2ac6537335ee5d20

SHA1
db1ccb8de34ffff0bb548b3a3b576a1a2502db24

SHA256
2782e440cf5807a34cf2f2ec0081fe979ac96dd2985bb341c958cf9f97d756a8

SHA512
eb3a9ae32fd2341c180582655098c16124366191f3495c5666a9c54bd93c5799388cc6d9681404a07b31a066bdf98c5d5f741cdb09795a6ec3c88f7bedac3555

Download Submit
C:\Users\Admin\Desktop\Prep for Boards 2.lnk

Filesize
2KB

MD5
5d2d2303bf040f10333064eeff99c7c4

SHA1
091a6190137dc85da6059cf38b690872b99731a6

SHA256
5868c7f2233187693a683fdce30d2494bd352a01c00b8548d9bc85a0ee716f25

SHA512
21fcb1f195c8229e9df867983ddc069788099291913dfe0a362fbb990dc123a91b70749759354b72998852c50a71d129386ac4064282a2e17f324c45610ae972

Download Submit