demonware | 0b53edab42806eef4da3e3a0276ee9c296fc67cc4797ff806ce371e78270c401

Analysis

max time kernel
92s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2023 04:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

wiperpayload.exe
Size

22.7MB
MD5

61118d3cf190d53b95f36272b7512f65
SHA1

5b166d9e5027668ab1f707fe142320292a815523
SHA256

0b53edab42806eef4da3e3a0276ee9c296fc67cc4797ff806ce371e78270c401
SHA512

ecf60cf6aad81cae27427f67019f795c467e2f9dd152a3424f5b98a179e29f089c7a7032b2742454e6ab52a0031a4732a48e667890e090b3e30dc9dc155aa55c
SSDEEP

393216:VvUWv/HL2Vmo2WtYjUaNRDHvcrwhvr+bUn2KekLTH6mp/WViHW0Gzajaq3+d9Xg:RUYyVmVfjrRj0r6+bUno0fcElOd9XgWU

Score

10^/10

demonware ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Pictures\README.txt

Family

demonware

Ransom Note

Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: https://keys.zeznzo.nl and search for your IP/hostname to get your key. Kind regards, Zeznzo

URLs

https://keys.zeznzo.nl

Signatures

DemonWare
Ransomware first seen in mid-2020.
ransomware demonware

Loads dropped DLL 17 IoCs

Processes:

wiperpayload.exe

pid	Process
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe
4880	wiperpayload.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

wiperpayload.exewiperpayload.exe

description	pid	Process	procid_target
PID 4328 wrote to memory of 4880	4328	wiperpayload.exe	91
PID 4328 wrote to memory of 4880	4328	wiperpayload.exe	91
PID 4880 wrote to memory of 1236	4880	wiperpayload.exe	93
PID 4880 wrote to memory of 1236	4880	wiperpayload.exe	93

C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe
"C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4328
- C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe
  "C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:4880
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "ver"
    3⤵
    PID:1236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI43282\MSVCP140.dll

Filesize
55KB

MD5
45859521e5b69689a0f7bcb0ec228578

SHA1
91e7512fc1abdf89261998e6876f825365888584

SHA256
871fd1afb86729ad87d7ff74a9660cd0005cd4c71c548d424a56af78786423df

SHA512
52077b62d0f03e4aad29b6969e393e9413fef64ecad1a8a2ef7276b3c3d8a4914b29f449ea90d53eaf0541d64362b27a896a50de646996f3acd0f780a540b597

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\MSVCP140.dll

Filesize
78KB

MD5
e02f4d5f379ee658da19c5083c2f913f

SHA1
22b70d33febdc0875a539c990aafdf64e24d7321

SHA256
a159a729b2e3cc7895b935208bebe547a716d7a9088e2174e814b1836f28f107

SHA512
996b0d89c2258c2205253c15b13f4e133123f069f849746e9aeefcd3083c52020a64f6b442782ff1b3236d1dcddcaf27346571c815490949612cb2dd277f006a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\PIL\_imaging.cp39-win_amd64.pyd

Filesize
51KB

MD5
cd0528be04b603c713ec6754b2824f77

SHA1
67ed5f323c29892886b0c8d4e358c50885d77b5f

SHA256
ffcbc5782de154b0c224090f0cf30f3a5c8106f8406816575107596728ae3613

SHA512
b9a90a53c0beba9841ac4ff2bbe88762be1c3b4e2e4273e54c1c7741cb0e5f6070533742fb1fd4888459721f47c4b674a3533dae9661a95bbbad98a974df6cd9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\PIL\_imaging.cp39-win_amd64.pyd

Filesize
39KB

MD5
7a72c5276bc1b0c3ab4f522a434053c5

SHA1
d73d65af91a41fa8a19a21b7a126b3f9b5b38718

SHA256
615cec5ceeccf123f2a8cb4ac09b6d29966edb51249b46d651a5b17b2bc29c8d

SHA512
c85a3bf1e901f42a1229a29c27230ce681cb8df3bb525685d52d7897f9b0a248ba3e79965848f03bc84e052576e16dc0aa6836455fecd6ae91f65f97e78b2ee1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\VCRUNTIME140.dll

Filesize
56KB

MD5
21a681c5a1bb473f598439c103b4529a

SHA1
91e75e3a1fb7b15115613db87e63f264fb90ecb4

SHA256
60e9732f45a86809be315931cf6e5077db6de2aa14cc5a3515cc909dda2c301e

SHA512
44f0939ccd00fa3609feaa9df3db44a08990bd205d3d7678fc5d58381ec2e62f89782687554940bdd8c0a52d4cabd9929a55fca27fd5e97084bd52e46d036107

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\VCRUNTIME140.dll

Filesize
76KB

MD5
6062c61df4c12be0df1a62516b537b76

SHA1
af9424ef114d63b724622db7ce8e451fb103a176

SHA256
f924eff8dbecbbef2cb9e3881de8721e4d68e3786337403d4b5e30719ae97729

SHA512
47775310724178dcfba2944e6a8e2e71de0fe5d9e6f1f4ba4ec35d56b7e4ffd80f8d7984a39f5e1bf9e2e6bb8a0b858b056d08f1f52734b21e85b456185553c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_bz2.pyd

Filesize
20KB

MD5
29d5fb676ae3626e1ce7a98b07d16731

SHA1
48705f189a059bc4ab4094ae212b50ff86581b12

SHA256
6dcf4f90d61e45445dc617ee81306bf63b4249cbb88b72d233a94106b910d478

SHA512
ed58d1db19d9188ee9646dbc7458fe5c79d87ae12094fa0e8d8dba0d0a443b5dbb338cef556c8ab1ef48caf5ff0724a63f680cd59b5ddb111e7a1090e1760e43

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_bz2.pyd

Filesize
64KB

MD5
8b246423caa5cc62622bb9e8fc278267

SHA1
7ca3ece6c763bd3bd5ae1b75ce00046002a3233c

SHA256
eb26a9a1d0ab28ae71d263e4c15b7949d49d1e82d20c6c0d32b198f9fb21d09b

SHA512
c674938907f7d19b8dd2e679dbab382a2432f4f56e09c47d38e9b822b658e07e9964c45bd7bd4d69dde871e3d4ef5a56b5f0d6e5fb206b36736fac6adf2ceed5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_ctypes.pyd

Filesize
46KB

MD5
a745e293fb22e2a59b35830f85a49495

SHA1
185c9c30b6f3646cefedeacf05c77303ea76dc69

SHA256
9aa8b660862ed1bf69c7138fa41bd710d27725300bac93ac5514a78636b7efff

SHA512
820329a1ff5465b64c98d773a4193d36de0c8bd51ee4bfd01093b7070236f73a91dbaeb9fb5af52524482fd1926a77202adbd055b93a71ae710474bf22440235

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_ctypes.pyd

Filesize
62KB

MD5
7300f2f01cdc6e4a47b4e90170fe6839

SHA1
a0511ceb802a60ef5078b3a870ecd295a6c75fb9

SHA256
33c97fa0f09df03076adc38626ed84e96e7d80c57bcf0fccf34369e1cca4c2b3

SHA512
337a8a220109526a5c9f85a643790e196990912aaacf7be1d8ce3df2c8b4de598ffacf2aa3221c7a31e0b0752207a89e5ea630759b703f5afcdc76f75357d26b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_hashlib.pyd

Filesize
37KB

MD5
95e9352c279a7ba2c12cccd5758497dd

SHA1
e6696bcace283fe4b4089aec2a812c8ddd371e8f

SHA256
e8ec2d3a1938809d1bef1a791de670bc6d9c0fbec62ea590219e39a452e46f37

SHA512
83b6b43b57d5a083f816eec1fa4cddb0a2fa47b1a61acc5ac985e10726ffcc93873964810d4b0e29d5ca49a34c12092f515532cbdb110ca1226f08f40b462225

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_hashlib.pyd

Filesize
37KB

MD5
cd0a4f19caaeb72837658efc5a58a613

SHA1
36dbb7f0b04b2d403be314c5f8d5aa34532a569e

SHA256
6d7cc229cb5cb77d57f9ea592322ba2fa999f873c9cb77a3c3ed380715a469e6

SHA512
b742f0c0813e2c619f6b302b785a8d75bf45b75bec26ae43168aa297d4ab86030d1f4523d534452d76672efa13c7e8f9bca8419a13ed76f986796703bcf32a09

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_lzma.pyd

Filesize
26KB

MD5
64159c8bcba2a06b5989efe910300fad

SHA1
d49b641877ea09f0d51432cc4d0a452d3c9de2b6

SHA256
2ca9e23ec0c41eb2e3e4b3948a97048daa7e9abb3750809d3deaffe203d7456d

SHA512
28cea91a38ea68ee0248e35df3e8e02d04a2b8e4e642db2d95406a0501c10e9a700ca58f954a20121f0519c0503135e5fe339b1d826e9e7b785e313eca472a58

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_lzma.pyd

Filesize
50KB

MD5
fe0f990f2544fc3f59455bfa056f8975

SHA1
ab9ae7f52b9ef735963cecf61dac54fa792328bc

SHA256
20f4e98826ae3f2559899a694269d4b3205634ec2740685e89917ef87e29088e

SHA512
86d2fb04d09e42243d6d68e83d300b8529f8da3f824dd114490b52829f4babe710aedd09729a8e046adef845df7d5453792ae6bdd04429e3e0c9290e0d2cf054

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_socket.pyd

Filesize
37KB

MD5
e1d1098f481f9dde7aa7725897c18db0

SHA1
a6e8a3a696a0b3fc06b6a1309dbd4f99b6727315

SHA256
2a710479329cffaab207495e019b7d2f9632c679e477a20f313b9035dca99306

SHA512
11aa7c5c690f14a8ba908d6566261bd3c0cef21f5240bf4f2dae43487dd7d0c46e115e88f49e8eee6dfe8b277fd641dfa3de8c50f48c560594464bae64031417

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_socket.pyd

Filesize
57KB

MD5
fc1ab362d5587909c5738233791ad069

SHA1
e0a718da6be83f92933ae10a0496c689504fa5db

SHA256
78d100c1bb082e4806401b010005caafdbf6ca6d806a679e6860ebc3dc0267a6

SHA512
54a0116d7ae9f83d542e219ca325e590a7b8d6ebaca4cc446baf1c00e462a66f5b7639874b19085837b53f46da009bf66fde25273695b60de9663eb94255a7ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_tkinter.pyd

Filesize
16KB

MD5
ee7d6509b244b8ab888cedcf70af5924

SHA1
2c9572d252cd4d93904b1c211617a5223fe61206

SHA256
4c01172e035c1962f0d68f84c7ddaabf410e81645b8895d1a8e78821adc500d7

SHA512
8c71e5a8dab6e7c10c9b4c84c31670f162c883e4a515d3d0bf4988dba91a5d3247d3340e17c69a1c10dc76672a410f11c8012bcda31d07f4d33b8be0b1bea1ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\_tkinter.pyd

Filesize
51KB

MD5
432b448efb956f2124e729c9f8fbb81f

SHA1
b5cf142ea6e68f3935b41023a2e2cd44ec63e2a8

SHA256
6ee7dc4f923b7dfd4aff633165cccd60030e7106cf225768f9e59afb550643b7

SHA512
a71d84349232f7e5ed36f772d742edee09d38897e8a5c5a7efcc1f782de59dbf0202ee780c8b6387218cf47cfaed36da211c19fff2af5d767288c8e3c1b0b4a0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\base_library.zip

Filesize
26KB

MD5
8d58a16de4319ff2effd86af59d48720

SHA1
e8cf998b5a9dfa00bcbd27cef465391d1d4db80b

SHA256
a822a554eaa5c832f2454fc679ca0bba41073dc26272a91d8c79afe5dfe8404a

SHA512
eee2c4ca448619c6d85ec799921dbf1b35c815d86a2256587589d0c80a329442637f0c4a3618b8d8a4a3c31dda0aad42eebf1f4e74907b2b4c66cf49c4e044df

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\libcrypto-1_1.dll

Filesize
26KB

MD5
fd4d8ba26b83dfe368c1361395fd88c7

SHA1
b26694dd06fa1173b81bb518607704f809958ce7

SHA256
3e59950bacdceb8559db4287027d4a5388ce814a613e3ab54dabd3e5a8b7b914

SHA512
8b570809f5489439a45f1b7647363667d9299759411568c62643962ee5da0e564f23b7e70c1099a48074922aaa56eb67084e07a0d120c0a793864f0dd23451b3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\libcrypto-1_1.dll

Filesize
24KB

MD5
5ff29a3c30f5a0ab505bd7c83fa8a339

SHA1
40efaa7d9bd03bab88d2f102d6c1fa17f9388248

SHA256
00b67e9fcfe80f749dfc43db625a3f48b98140e2042f3c9bf8ca8620a1d1e38b

SHA512
406441d39d734bef584f40388d577463f98edfd681cfbbac3bea190dc7c23ee3a6893423636ddab6c069bd606ad8b769db42c024aa3f4a0f9ed5059f8cb73c33

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\libffi-7.dll

Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\python39.dll

Filesize
73KB

MD5
579967c3272824ec0cccb1c33217d921

SHA1
d349554dc198c8ca0a229e64d5ca17ac911fe9f5

SHA256
c5e7248ece76d8c62009247d0104b2276b79fa1855a03d7cb25185e68ad768e3

SHA512
9633ad87ac1472d7970c0374c79a947bdc1b5bb311f4aee1fcd255dbf66f3b1cc74eab6f6cf351f13fbcb9d9ddfc86cd047554f0520a0947ec2bcb0433609af1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\python39.dll

Filesize
43KB

MD5
19e30d45d14d5b36260ccc0921e5c46d

SHA1
d41131e775a8c5966e6138db4e11f0da79209b2c

SHA256
2dfcc99269c6655d050c9311bf80e0193dbfc3d753179957b757aff0360f0967

SHA512
64472e63bc564d42e436cc809a39aafcfebf29737ba07c02d4a07ccfc6036060ad3d3d5b55626cf1df6b66fbe695238bf5349d975357d497956d832b9a7620f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\select.pyd

Filesize
29KB

MD5
35bb285678b249770dda3f8a15724593

SHA1
a91031d56097a4cbf800a6960e229e689ba63099

SHA256
71ed480da28968a7fd07934e222ae87d943677468936fd419803280d0cad07f3

SHA512
956759742b4b47609a57273b1ea7489ce39e29ebced702245a9665bb0479ba7d42c053e40c6dc446d5b0f95f8cc3f2267af56ccaaaf06e6875c94d4e3f3b6094

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl86t.dll

Filesize
35KB

MD5
d02301fb2dfec82197240930d28ca94b

SHA1
11963d0d76242e0fdb12e11399ac606086628256

SHA256
0dcb4b48bfd2cfc94c930333df1ff42d878d680d7f9b203e5491fe090f74ef74

SHA512
5caf17c22f6412c6aa05b5be0632b1cdfa5653ca28a41c32a4f5a6bab47f19de2945c85ee61d1a36337fdefcaf57f71b14e64fb1c0b95d3a9b441b03912cc9d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl86t.dll

Filesize
45KB

MD5
9cfa23c55759b875539a3f2066dff409

SHA1
d3584f6a23e04038c4374cb8fc697d2f1cf6bbe9

SHA256
37bb7763e580a8a5f7799bb68cc4eb2cdc46db1053c4d5071b180202316d411f

SHA512
2bca10a9b44f1e1837ffeb12c37d67401bf0ec9a5c8f88e7fc1a9cfdb6ddb219f92172ff2ce8b70ca8fb106e829201d438ef17b01857f0914c8d67850e47dca0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl8\8.5\msgcat-1.6.1.tm

Filesize
34KB

MD5
bd4ff2a1f742d9e6e699eeee5e678ad1

SHA1
811ad83aff80131ba73abc546c6bd78453bf3eb9

SHA256
6774519f179872ec5292523f2788b77b2b839e15665037e097a0d4edddd1c6fb

SHA512
b77e4a68017ba57c06876b21b8110c636f9ba1dd0ba9d7a0c50096f3f6391508cf3562dd94aceaf673113dbd336109da958044aefac0afb0f833a652e4438f43

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\auto.tcl

Filesize
21KB

MD5
08edf746b4a088cb4185c165177bd604

SHA1
395cda114f23e513eef4618da39bb86d034124bf

SHA256
517204ee436d08efc287abc97433c3bffcaf42ec6592a3009b9fd3b985ad772c

SHA512
c1727e265a6b0b54773c886a1bce73512e799ba81a4fceeeb84cdc33f5505a5e0984e96326a78c46bf142bc4652a80e213886f60eb54adf92e4dffe953c87f6b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\encoding\cp1252.enc

Filesize
1KB

MD5
e9117326c06fee02c478027cb625c7d8

SHA1
2ed4092d573289925a5b71625cf43cc82b901daf

SHA256
741859cf238c3a63bbb20ec6ed51e46451372bb221cfff438297d261d0561c2e

SHA512
d0a39bc41adc32f2f20b1a0ebad33bf48dfa6ed5cc1d8f92700cdd431db6c794c09d9f08bb5709b394acf54116c3a1e060e2abcc6b503e1501f8364d3eebcd52

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\http1.0\pkgIndex.tcl

Filesize
746B

MD5
a387908e2fe9d84704c2e47a7f6e9bc5

SHA1
f3c08b3540033a54a59cb3b207e351303c9e29c6

SHA256
77265723959c092897c2449c5b7768ca72d0efcd8c505bddbb7a84f6aa401339

SHA512
7ac804d23e72e40e7b5532332b4a8d8446c6447bb79b4fe32402b13836079d348998ea0659802ab0065896d4f3c06f5866c6b0d90bf448f53e803d8c243bbc63

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\init.tcl

Filesize
25KB

MD5
982eae7a49263817d83f744ffcd00c0e

SHA1
81723dfea5576a0916abeff639debe04ce1d2c83

SHA256
331bcf0f9f635bd57c3384f2237260d074708b0975c700cfcbdb285f5f59ab1f

SHA512
31370d8390c4608e7a727eed9ee7f4c568ecb913ae50184b6f105da9c030f3b9f4b5f17968d8975b2f60df1b0c5e278512e74267c935fe4ec28f689ac6a97129

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\opt0.4\pkgIndex.tcl

Filesize
620B

MD5
07532085501876dcc6882567e014944c

SHA1
6bc7a122429373eb8f039b413ad81c408a96cb80

SHA256
6a4abd2c519a745325c26fb23be7bbf95252d653a24806eb37fd4aa6a6479afe

SHA512
0d604e862f3a1a19833ead99aaf15a9f142178029ab64c71d193cee4901a0196c1eeddc2bce715b7fa958ac45c194e63c77a71e4be4f9aedfd5b44cf2a726e76

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\package.tcl

Filesize
23KB

MD5
ddb0ab9842b64114138a8c83c4322027

SHA1
eccacdc2ccd86a452b21f3cf0933fd41125de790

SHA256
f46ab61cdebe3aa45fa7e61a48930d64a0d0e7e94d04d6bf244f48c36cafe948

SHA512
c0cf718258b4d59675c088551060b34ce2bc8638958722583ac2313dc354223bfef793b02f1316e522a14c7ba9bed219531d505de94dc3c417fc99d216a01463

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\tclIndex

Filesize
5KB

MD5
c62fb22f4c9a3eff286c18421397aaf4

SHA1
4a49b8768cff68f2effaf21264343b7c632a51b2

SHA256
ddf7e42def37888ad0a564aa4f8ca95f4eec942cebebfca851d35515104d5c89

SHA512
558d401cb6af8ce3641af55caebc9c5005ab843ee84f60c6d55afbbc7f7129da9c58c2f55c887c3159107546fa6bc13ffc4cca63ea8841d7160b8aa99161a185

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tcl\tm.tcl

Filesize
11KB

MD5
215262a286e7f0a14f22db1aa7875f05

SHA1
66b942ba6d3120ef8d5840fcdeb06242a47491ff

SHA256
4b7ed9fd2363d6876092db3f720cbddf97e72b86b519403539ba96e1c815ed8f

SHA512
6ecd745d7da9d826240c0ab59023c703c94b158ae48c1410faa961a8edb512976a4f15ae8def099b58719adf0d2a9c37e6f29f54d39c1ab7ee81fa333a60f39b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk86t.dll

Filesize
43KB

MD5
18a4a1477920f02a28fd75807bf5600b

SHA1
175035b52abc5a511bf116c0ed35c4db5ff76c6f

SHA256
fadb50d3ad8d078526cda23a14ab1c1463ec5092fe8529566318c1a69e49762d

SHA512
794a48aee1948955a83f0dd8a3f08d5b3e26a94bfeace3f48fc2ea42bdef05d4afbe2c72a5398540bbdad27ba15456c27b192eb03598a3a416a42a5252c1c470

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk86t.dll

Filesize
26KB

MD5
418dadc140334ecacfa37f89436bf36c

SHA1
7813888ac91aa1b08e2617df8e55df9ba061bf7f

SHA256
7cc0acf947141081bfc85f703f12027b1a1cdef39e29d914f1666847d5d26eee

SHA512
7f343f26569895404d329edafdda51d791568b1f1ac408572987ee418089f69adde3cf4e5dd9b0b22fecd6a713b8c2d3099ab099a625c737c45930a391f93ce6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\button.tcl

Filesize
21KB

MD5
aeb53f7f1506cdfdfe557f54a76060ce

SHA1
ebb3666ee444b91a0d335da19c8333f73b71933b

SHA256
1f5dd8d81b26f16e772e92fd2a22accb785004d0ed3447e54f87005d9c6a07a5

SHA512
acdad4df988df6b2290fc9622e8eaccc31787fecdc98dcca38519cb762339d4d3fb344ae504b8c7918d6f414f4ad05d15e828df7f7f68f363bec54b11c9b7c43

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\entry.tcl

Filesize
17KB

MD5
f109865c52d1fd602e2d53e559e56c22

SHA1
5884a3bb701c27ba1bf35c6add7852e84d73d81f

SHA256
af1de90270693273b52fc735da6b5cd5ca794f5afd4cf03ffd95147161098048

SHA512
b2f92b0ac03351cdb785d3f7ef107b61252398540b5f05f0cc9802b4d28b882ba6795601a68e88d3abc53f216b38f07fcc03660ab6404cf6685f6d80cc4357fc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\icons.tcl

Filesize
10KB

MD5
995a0a8f7d0861c268aead5fc95a42ea

SHA1
21e121cf85e1c4984454237a646e58ec3c725a72

SHA256
1264940e62b9a37967925418e9d0dc0befd369e8c181b9bab3d1607e3cc14b85

SHA512
db7f5e0bc7d5c5f750e396e645f50a3e0cde61c9e687add0a40d0c1aa304ddfbceeb9f33ad201560c6e2b051f2eded07b41c43d00f14ee435cdeee73b56b93c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\listbox.tcl

Filesize
14KB

MD5
804e6dce549b2e541986c0ce9e75e2d1

SHA1
c44ee09421f127cf7f4070a9508f22709d06d043

SHA256
47c75f9f8348bf8f2c086c57b97b73741218100ca38d10b8abdf2051c95b9801

SHA512
029426c4f659848772e6bb1d8182eb03d2b43adf68fcfcc1ea1c2cc7c883685deda3fffda7e071912b9bda616ad7af2e1cb48ce359700c1a22e1e53e81cae34b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\menu.tcl

Filesize
38KB

MD5
078782cd05209012a84817ac6ef11450

SHA1
dba04f7a6cf34c54a961f25e024b6a772c2b751d

SHA256
d1283f67e435aab0bdbe9fdaa540a162043f8d652c02fe79f3843a451f123d89

SHA512
79a031f7732aee6e284cd41991049f1bb715233e011562061cd3405e5988197f6a7fb5c2bbddd1fb9b7024047f6003a2bf161fc0ec04876eff5335c3710d9562

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\panedwindow.tcl

Filesize
5KB

MD5
286c01a1b12261bc47f5659fd1627abd

SHA1
4ca36795cab6dfe0bbba30bb88a2ab71a0896642

SHA256
aa4f87e41ac8297f51150f2a9f787607690d01793456b93f0939c54d394731f9

SHA512
d54d5a89b7408a9724a1ca1387f6473bdad33885194b2ec5a524c7853a297fd65ce2a57f571c51db718f6a00dce845de8cf5f51698f926e54ed72cdc81bcfe54

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\pkgIndex.tcl

Filesize
376B

MD5
3367ce12a4ba9baaf7c5127d7412aa6a

SHA1
865c775bb8f56c3c5dfc8c71bfaf9ef58386161d

SHA256
3f2539e85e2a9017913e61fe2600b499315e1a6f249a4ff90e0b530a1eeb8898

SHA512
f5d858f17fe358762e8fdbbf3d78108dba49be5c5ed84b964143c0adce76c140d904cd353646ec0831ff57cd0a0af864d1833f3946a235725fff7a45c96872eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\scale.tcl

Filesize
7KB

MD5
857add6060a986063b0ed594f6b0cd26

SHA1
b1981d33ddea81cfffa838e5ac80e592d9062e43

SHA256
0da2dc955ffd71062a21c3b747d9d59d66a5b09a907b9ed220be1b2342205a05

SHA512
7d9829565efc8cdbf9249913da95b02d8dadfdb3f455fd3c10c5952b5454fe6e54d95c07c94c1e0d7568c9742caa56182b3656e234452aec555f0fcb76a59fb1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\scrlbar.tcl

Filesize
12KB

MD5
5249cd1e97e48e3d6dec15e70b9d7792

SHA1
612e021ba25b5e512a0dfd48b6e77fc72894a6b9

SHA256
eec90404f702d3cfbfaec0f13bf5ed1ebeb736bee12d7e69770181a25401c61f

SHA512
e4e0ab15eb9b3118c30cd2ff8e5af87c549eaa9b640ffd809a928d96b4addefb9d25efdd1090fbd0019129cdf355bb2f277bc7194001ba1d2ed4a581110ceafc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\spinbox.tcl

Filesize
16KB

MD5
77dfe1baccd165a0c7b35cdeaa2d1a8c

SHA1
426ba77fc568d4d3a6e928532e5beb95388f36a0

SHA256
2ff791a44406dc8339c7da6116e6ec92289bee5fc1367d378f48094f4abea277

SHA512
e56db85296c8661ab2ea0a56d9810f1a4631a9f9b41337560cbe38ccdf7dd590a3e65c22b435ce315eff55ee5b8e49317d4e1b7577e25fc3619558015dd758eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\text.tcl

Filesize
34KB

MD5
7c2ac370de0b941ae13572152419c642

SHA1
7598cc20952fa590e32da063bf5c0f46b0e89b15

SHA256
4a42ad370e0cd93d4133b49788c0b0e1c7cd78383e88bacb51cb751e8bfda15e

SHA512
8325a33bfd99f0fce4f14ed5dc6e03302f6ffabce9d1abfefc24d16a09ab3439a4b753cbf06b28d8c95e4ddabfb9082c9b030619e8955a7e656bd6c61b9256c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\tk.tcl

Filesize
23KB

MD5
338184e46bd23e508daedbb11a4f0950

SHA1
437db31d487c352472212e8791c8252a1412cb0e

SHA256
0f617d96cbf213296d7a5f7fcffbb4ae1149840d7d045211ef932e8dd66683e9

SHA512
8fb8a353eecd0d19638943f0a9068dccebf3fb66d495ea845a99a89229d61a77c85b530f597fd214411202055c1faa9229b6571c591c9f4630490e1eb30b9cd3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\button.tcl

Filesize
2KB

MD5
d4bf1af5dcdd85e3bd11dbf52eb2c146

SHA1
b1691578041319e671d31473a1dd404855d2038b

SHA256
e38a9d1f437981aa6bf0bdd074d57b769a4140c0f7d9aff51743fe4ecc6dfddf

SHA512
25834b4b231f4ff1a88eef67e1a102d1d0546ec3b0d46856258a6be6bbc4b381389c28e2eb60a01ff895df24d6450cd16ca449c71f82ba53ba438a4867a47dcd

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\cursors.tcl

Filesize
4KB

MD5
18ec3e60b8dd199697a41887be6ce8c2

SHA1
13ff8ce95289b802a5247b1fd9dea90d2875cb5d

SHA256
7a2ed9d78fabcafff16694f2f4a2e36ff5aa313f912d6e93484f3bcd0466ad91

SHA512
4848044442efe75bcf1f89d8450c8ecbd441f38a83949a3cd2a56d9000cacaa2ea440ca1b32c856ab79358ace9c7e3f70ddf0ec54aa93866223d8fef76930b19

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\entry.tcl

Filesize
17KB

MD5
89089172393c551cd1668b9c19b88290

SHA1
0b8667217a4a14289e9f6c1b384def5479bca089

SHA256
830cc3009a735e92db70d53210c4928dd35caab5051ed14dec67e06ae25cbe28

SHA512
abbbe6aa937aab392bc7dcb8bbfbbec9ee5ed2c9f10ed982d77258bd98f27ee95ac47fd7cb6761b814885ef0878e1f1557d034c9f4163d9d85b388f2b837683f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\fonts.tcl

Filesize
5KB

MD5
80331fcbe4c049ff1a0d0b879cb208de

SHA1
4eb3efdfe3731bd1ae9fd52ce32b1359241f13cf

SHA256
b94c319e5a557a5665b1676d602b6495c0887c5bacf7fa5b776200112978bb7b

SHA512
a4bd2d91801c121a880225f1f3d0c4e30bf127190cf375f6f7a49eb4239a35c49c44f453d6d3610df0d6a7b3cb15f4e79bd9c129025cc496ceb856fcc4b6de87

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\menubutton.tcl

Filesize
6KB

MD5
4c8d90257d073f263b258f00b2a518c2

SHA1
7b58859e9b70fb37f53809cd3ffd7cf69ab310d8

SHA256
972b13854d0e9b84de338d6753f0f11f3a8534e7d0e51838796dae5a1e2e3085

SHA512
ed67f41578ee834ee8db1fded8aa069c0045e7058e338c451fa8e1ade52907bed0c95631c21b8e88461571903b3da2698a29e47f990b7a0f0dd3073e7a1bcadc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\notebook.tcl

Filesize
5KB

MD5
f811f3e46a4efa73292f40d1cddd265d

SHA1
7fc70a1984555672653a0840499954b854f27920

SHA256
22264d8d138e2c0e9a950305b4f08557c5a73f054f8215c0d8ce03854042be76

SHA512
4424b7c687eb9b1804ed3b1c685f19d4d349753b374d9046240f937785c9713e8a760ada46cb628c15f9c7983ce4a7987691c968330478c9c1a9b74e953e40ac

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\panedwindow.tcl

Filesize
2KB

MD5
619d8f54ee73ad8a373ab272fbdb94a6

SHA1
973626b5396b7e786dedd8159d10e66b4465f9e0

SHA256
4d08a7e29eef731876951ef01dfa51654b6275fa3daadb1f48ff4bbeac238eb5

SHA512
0d913c7dc9daee2b4a2a46663a07b3139d6b8f30d2f942642817504535e85616835eaa7d468851a83723a3dd711b65761376f3df96a59a933a74ef096e13ace9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\progress.tcl

Filesize
1KB

MD5
dbf3bf0e8f04e9435e9561f740dfc700

SHA1
c7619a05a834efb901c57dcfec2c9e625f42428f

SHA256
697cc0a75ae31fe9c2d85fb25dca0afa5d0df9c523a2dfad2e4a36893be75fba

SHA512
d3b323dfb3eac4a78da2381405925c131a99c6806af6fd8041102162a44e48bf166982a4ae4aa142a14601736716f1a628d9587e292fa8e4842be984374cc192

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\scale.tcl

Filesize
2KB

MD5
f1c33cc2d47115bbecd2e7c2fcb631a7

SHA1
0123a961242ed8049b37c77c726db8dbd94c1023

SHA256
b909add0b87fa8ee08fd731041907212a8a0939d37d2ff9b2f600cd67dabd4bb

SHA512
96587a8c3555da1d810010c10c516ce5ccab071557a3c8d9bd65c647c7d4ad0e35cbed0788f1d72bafac8c84c7e2703fc747f70d9c95f720745a1fc4a701c544

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\scrollbar.tcl

Filesize
3KB

MD5
3fb31a225cec64b720b8e579582f2749

SHA1
9c0151d9e2543c217cf8699ff5d4299a72e8f13c

SHA256
6eaa336b13815a7fc18bcd6b9adf722e794da2888d053c229044784c8c8e9de8

SHA512
e6865655585e3d2d6839b56811f3fd86b454e8cd44e258bb1ac576ad245ff8a4d49fbb7f43458ba8a6c9daac8dfa923a176f0dd8a9976a11bea09e6e2d17bf45

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\ttk.tcl

Filesize
4KB

MD5
af45b2c8b43596d1bdeca5233126bd14

SHA1
a99e75d299c4579e10fcdd59389b98c662281a26

SHA256
2c48343b1a47f472d1a6b9ee8d670ce7fb428db0db7244dc323ff4c7a8b4f64b

SHA512
c8a8d01c61774321778ab149f6ca8dda68db69133cb5ba7c91938e4fd564160ecdcec473222affb241304a9acc73a36b134b3a602fd3587c711f2adbb64afa80

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI43282\tk\ttk\utils.tcl

Filesize
8KB

MD5
d98edc491da631510f124cd3934f535f

SHA1
33037a966067c9f5c9074ae5532ff3b51b4082d4

SHA256
d58610a34301bb6e61a60bec69a7cecf4c45c6a034a9fc123977174b586278be

SHA512
23faed8298e561f490997fe44ab61cd8ccb9f1f63d48bb4cf51fc9e591e463ff9297973622180d6a599cabb541c82b8fe33bf38a82c5d5905bbfa52ca0341399

Download Submit
C:\Users\Admin\Downloads\ExitReset.mp4

Filesize
1B

MD5
7215ee9c7d9dc229d2921a40e899ec5f

SHA1
b858cb282617fb0956d960215c8e84d1ccf909c6

SHA256
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

SHA512
f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Download Submit
C:\Users\Admin\Pictures\README.txt

Filesize
575B

MD5
efd54055b28e173ea64831fc59a0aca8

SHA1
cdf18b0692a53cbeed66ee14fa0f54666cf04013

SHA256
e3cf65e96fcf774320e0ae4a42d6544f1aef476cd67184432465b2c595180a99

SHA512
5ecf69dbdf824a6e0221e7f953ed58889bbd76ee563e9fc7e5d95b68245d0f4af0e0ec5f13f002975b65bacf0cd29027964b9f8c4174134ed08358e41b58f4d5

Download Submit