demonware | 0b53edab42806eef4da3e3a0276ee9c296fc67cc4797ff806ce371e78270c401

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2023 04:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

wiperpayload.exe
Size

22.7MB
MD5

61118d3cf190d53b95f36272b7512f65
SHA1

5b166d9e5027668ab1f707fe142320292a815523
SHA256

0b53edab42806eef4da3e3a0276ee9c296fc67cc4797ff806ce371e78270c401
SHA512

ecf60cf6aad81cae27427f67019f795c467e2f9dd152a3424f5b98a179e29f089c7a7032b2742454e6ab52a0031a4732a48e667890e090b3e30dc9dc155aa55c
SSDEEP

393216:VvUWv/HL2Vmo2WtYjUaNRDHvcrwhvr+bUn2KekLTH6mp/WViHW0Gzajaq3+d9Xg:RUYyVmVfjrRj0r6+bUno0fcElOd9XgWU

Score

10^/10

demonware ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Pictures\README.txt

Family

demonware

Ransom Note

Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: https://keys.zeznzo.nl and search for your IP/hostname to get your key. Kind regards, Zeznzo

URLs

https://keys.zeznzo.nl

Signatures

DemonWare
Ransomware first seen in mid-2020.
ransomware demonware

Loads dropped DLL 17 IoCs

Processes:

wiperpayload.exe

pid	Process
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe
3884	wiperpayload.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

wiperpayload.exewiperpayload.exe

description	pid	Process	procid_target
PID 3704 wrote to memory of 3884	3704	wiperpayload.exe	95
PID 3704 wrote to memory of 3884	3704	wiperpayload.exe	95
PID 3884 wrote to memory of 4624	3884	wiperpayload.exe	97
PID 3884 wrote to memory of 4624	3884	wiperpayload.exe	97

C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe
"C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3704
- C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe
  "C:\Users\Admin\AppData\Local\Temp\wiperpayload.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:3884
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "ver"
    3⤵
    PID:4624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI37042\MSVCP140.dll

Filesize
292KB

MD5
ed1c2ad4d77bc4e3760aa26fb0d8f67a

SHA1
9bf895313016ac45e71aa71d17ec0dc9ca704aab

SHA256
5e777d4b34e5138e3d63b36aa4eb04b56cedaee0bb84cb06c5d5355400f33335

SHA512
79bd98a49867a9f68062190b71560a7a2b2dbc3e78b832f1f90d33a093ed60ab276c74b2a1327488af1a560a0707e0eeadf894c43c4d16108d15a4d1017d421a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\MSVCP140.dll

Filesize
208KB

MD5
a1ef94c165d9e6cb19c22f870cb96969

SHA1
020374cd332544c8e9c5cdb06479dbff73b635cb

SHA256
f6d97407ce42cf7d1ab19feebf1adbd0c90a7cacb384131f4d839866cf5318b7

SHA512
36cdb06eaeb5deab3288b97b86e4eabe591912ab7d86ae349fbb539a8a35227b62dbc1241c808df6549bd97809a25256a7c878b68e43690225d5e71244097e78

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\PIL\_imaging.cp39-win_amd64.pyd

Filesize
224KB

MD5
f09db076ba0ce465ffe3446f762cb857

SHA1
df3503f602f2788a9fd463a41ac42c221918263b

SHA256
33fd11a502624dda88f6c60c99eaab5ccd1b3a92415e3a0089d192f647b92201

SHA512
b0cabad0da273559b4b63348f9597c91ed0819c0ca03035d9342fb3a64ff3c1a7065fa1fab9a04ef82194980fb754acd28416b602e385b4ac81ddf8eeaf73fc6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\PIL\_imaging.cp39-win_amd64.pyd

Filesize
141KB

MD5
158879306f03fac839193dd1e2a27ea4

SHA1
d9d95e721365d4716f3c7a88c00f34c1efa141a9

SHA256
3503e6a809db0482254eb3292a1aa3ec508ffb5126d34d6043f84d77baa38b62

SHA512
c51db2afa93e1fdc1df37ce9fe840d24824c2b93d8649f6b5fd09a8befd984ac2d8fce81c3508ce1a901d7173cf17a002653e2b4639fe29768c2007bbf39ae93

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\VCRUNTIME140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_bz2.pyd

Filesize
85KB

MD5
b024a6f227eafa8d43edfc1a560fe651

SHA1
92451be6a2a6bfc4a8de8ad3559ba4a25d409f2e

SHA256
c0dd9496b19ba9536a78a43a97704e7d4bef3c901d196ed385e771366682819d

SHA512
b9edb6d0f1472dd01969e6f160b41c1e7e935d4eebcaf08554195eb85d91c19ff1bfbc150773f197462e582c6d31f12bd0304f636eb4f189ed3ed976824b283e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_ctypes.pyd

Filesize
125KB

MD5
a1e9b3cc6b942251568e59fd3c342205

SHA1
3c5aaa6d011b04250f16986b3422f87a60326834

SHA256
a8703f949c9520b76cb1875d1176a23a2b3ef1d652d6dfac6e1de46dc08b2aa3

SHA512
2015b2ae1b17afc0f28c4af9cedf7d0b6219c4c257dd0c89328e5bd3eee35e2df63ef4fccb3ee38e7e65f01233d7b97fc363c0eae0cfa7754612c80564360d6f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_hashlib.pyd

Filesize
64KB

MD5
69dc506cf2fa3da9d0caba05fca6a35d

SHA1
33b24abb7b1d68d3b0315be7f8f49de50c9bdcb6

SHA256
c5b8c4582e201fef2d8cb2c8672d07b86dec31afb4a17b758dbfb2cff163b12f

SHA512
0009ec88134e25325a47b8b358da0fed8bb34fe80602e08a60686f6029b80f4287d33adb66ef41435d11d6edff86a88916f776eeaf2d1cb72035783f109ca1ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_lzma.pyd

Filesize
160KB

MD5
77b78b43d58fe7ce9eb2fbb1420889fa

SHA1
de55ce88854e314697fa54703a2cd6cc970f3111

SHA256
6e571d93ce55d09583ec91c607883a43c1da3d4d36794d68c6ecd6bea4ab466a

SHA512
7b03b7d3f2fd9b51391de08e69ca9156a0232b56f210878a488b9d5a19492ab5880f45d9407331360fbe543a52c03d68f68da4387bf6a13b20ec903a7b081846

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_socket.pyd

Filesize
79KB

MD5
cd56f508e7c305d4bfdeb820ecf3a323

SHA1
711c499bcf780611a815afa7374358bbfd22fcc9

SHA256
9e97b782b55400e5a914171817714bbbc713c0a396e30496c645fc82835e4b34

SHA512
e937c322c78e40947c70413404beba52d3425945b75255590dedf84ee429f685e0e5bc86ad468044925fbc59cf7ec8698a5472dd4f05b4363da30de04f9609a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\_tkinter.pyd

Filesize
65KB

MD5
77cf63868cae43963b69b4561114cd19

SHA1
6975afa15fde28279ede93c78d78847ed58d6221

SHA256
313fb33e72028fcc893ec7874e0c825c035cdcebe1b5b7c7d8d11ef3ad1b354f

SHA512
fcf92377b07a2979b87cce7f545dd5f34df8739e2634d889077a10bb4441853b24a9427fa92ed5cb4694e71ef6421f89e1106bd689f94d11d839e29f576af514

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\base_library.zip

Filesize
368KB

MD5
29f6d6ef77f2e73e5c3e278510f47a28

SHA1
50732c83d9c0a82569d635d92af4c3d4e4f849a1

SHA256
198c0b0678d740b5f40aaa81432acf0d91f2168406b2b02102773215af2c9d2c

SHA512
fcd587f888b2d4ea07f9c23c5f3c767a42bdf521ad868c859a859834f74d3315a35f52607fcc83debbba1afc4f0039b3933ca1594f2e7d9f6ca3a65ee0eab9b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\libcrypto-1_1.dll

Filesize
223KB

MD5
93793dc8a6d2f274c71a1520dd2b7a4e

SHA1
a091b88144200348d4a3a6a3c8ec8e08da1779b5

SHA256
c80eb0206dc67430b9ed7d911619f673ee536ff2efb08fc94d13ba92f6982597

SHA512
e62c8a9ad3a516fef91d7e51bb71728d5d366d8cd702c8245dab42063f0fc741c72f5729461b3a27241f6fde7ae86a4f429bba63fe104af5d0e9164080e78035

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\libcrypto-1_1.dll

Filesize
201KB

MD5
b64b91506df79e5da9b877f88271c373

SHA1
9bb7bfea64578eebc6e9791d581ad639bd5ad76f

SHA256
d10ecce820b0451572142d3d1f6f174fdb5ccd8856454e8f4cf206e74b7da71f

SHA512
a0d86ca46863b5aa73696e9e4387b36cc9f796dde6290070c401d58f38540c7be139f7b6947873dc9f008b0a689bbc5508d77deac7969b2a320acf40fd02b6cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\libffi-7.dll

Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\python39.dll

Filesize
1.6MB

MD5
e8529ced20379df07471338bf9db7a67

SHA1
6e89645cddbcf87694578f6e015e6289f8172b20

SHA256
299f127a65ff2db09d0501d9207c1c15e7345752d53a7830eba2a97f62d03af3

SHA512
ca3feb0fe969da33d1f7ea5ee1459c6542b9cf422bab43722f86574e17ede0e1c6c3115c337d5e9d711596a8b5660f2b70657779170ac4d698c90cbb1c209ee6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\python39.dll

Filesize
276KB

MD5
ea15fd130d0328feb35b4f146a259055

SHA1
57e34c3691166d0fb3e5c371066faccb86fc5666

SHA256
bb7a9f34dcc11d683289a3656bdcc449eed38796c56e38b1ddd7de5c4092e443

SHA512
012c4dda0b92b4003ac463f84bc9220aee78e807e5f063ae24aa22b0f1bf3c1ca39f8782fe1f1f57b1e0a1ab9e24639832f2bc7ab35bd0e88728cab994b557cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\select.pyd

Filesize
29KB

MD5
35bb285678b249770dda3f8a15724593

SHA1
a91031d56097a4cbf800a6960e229e689ba63099

SHA256
71ed480da28968a7fd07934e222ae87d943677468936fd419803280d0cad07f3

SHA512
956759742b4b47609a57273b1ea7489ce39e29ebced702245a9665bb0479ba7d42c053e40c6dc446d5b0f95f8cc3f2267af56ccaaaf06e6875c94d4e3f3b6094

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl86t.dll

Filesize
277KB

MD5
9be62153b99503b39de75dbd175d3392

SHA1
0c5d9d8bbcc7eb81164491db07d3417239aeb8c3

SHA256
6b744f4eba4602cbdaf73ccae6024a364c1cff19a86f56055976dcb6b5d7befc

SHA512
b3dfa44bcdeb26851e9ab32fbc4827b86ad3408e10ee905dad6d7e7b07e0e913301ab3d678c29f387d1f2627587f548e81eb1474d0df81b1f8d6d8ac702447ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl86t.dll

Filesize
250KB

MD5
425b895bb8f2279bf72160a71992b265

SHA1
b8dc9bd3508cf39daab6caa3230097f20ed23152

SHA256
474fc47084dac8558fc49dc9e9ff0b78b045db9cf2e6799baed0f6d56699408d

SHA512
efe7cb12eca19626dd66c82f3bb48a38c6f29a8b9c29a02d2803269661c8a9043027cbfc9588ebaf390e8f179ab753988849b24ab79a0c52a1a227d3be884120

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl8\8.5\msgcat-1.6.1.tm

Filesize
34KB

MD5
bd4ff2a1f742d9e6e699eeee5e678ad1

SHA1
811ad83aff80131ba73abc546c6bd78453bf3eb9

SHA256
6774519f179872ec5292523f2788b77b2b839e15665037e097a0d4edddd1c6fb

SHA512
b77e4a68017ba57c06876b21b8110c636f9ba1dd0ba9d7a0c50096f3f6391508cf3562dd94aceaf673113dbd336109da958044aefac0afb0f833a652e4438f43

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\auto.tcl

Filesize
21KB

MD5
08edf746b4a088cb4185c165177bd604

SHA1
395cda114f23e513eef4618da39bb86d034124bf

SHA256
517204ee436d08efc287abc97433c3bffcaf42ec6592a3009b9fd3b985ad772c

SHA512
c1727e265a6b0b54773c886a1bce73512e799ba81a4fceeeb84cdc33f5505a5e0984e96326a78c46bf142bc4652a80e213886f60eb54adf92e4dffe953c87f6b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\encoding\cp1252.enc

Filesize
1KB

MD5
e9117326c06fee02c478027cb625c7d8

SHA1
2ed4092d573289925a5b71625cf43cc82b901daf

SHA256
741859cf238c3a63bbb20ec6ed51e46451372bb221cfff438297d261d0561c2e

SHA512
d0a39bc41adc32f2f20b1a0ebad33bf48dfa6ed5cc1d8f92700cdd431db6c794c09d9f08bb5709b394acf54116c3a1e060e2abcc6b503e1501f8364d3eebcd52

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\http1.0\pkgIndex.tcl

Filesize
746B

MD5
a387908e2fe9d84704c2e47a7f6e9bc5

SHA1
f3c08b3540033a54a59cb3b207e351303c9e29c6

SHA256
77265723959c092897c2449c5b7768ca72d0efcd8c505bddbb7a84f6aa401339

SHA512
7ac804d23e72e40e7b5532332b4a8d8446c6447bb79b4fe32402b13836079d348998ea0659802ab0065896d4f3c06f5866c6b0d90bf448f53e803d8c243bbc63

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\init.tcl

Filesize
25KB

MD5
982eae7a49263817d83f744ffcd00c0e

SHA1
81723dfea5576a0916abeff639debe04ce1d2c83

SHA256
331bcf0f9f635bd57c3384f2237260d074708b0975c700cfcbdb285f5f59ab1f

SHA512
31370d8390c4608e7a727eed9ee7f4c568ecb913ae50184b6f105da9c030f3b9f4b5f17968d8975b2f60df1b0c5e278512e74267c935fe4ec28f689ac6a97129

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\opt0.4\pkgIndex.tcl

Filesize
620B

MD5
07532085501876dcc6882567e014944c

SHA1
6bc7a122429373eb8f039b413ad81c408a96cb80

SHA256
6a4abd2c519a745325c26fb23be7bbf95252d653a24806eb37fd4aa6a6479afe

SHA512
0d604e862f3a1a19833ead99aaf15a9f142178029ab64c71d193cee4901a0196c1eeddc2bce715b7fa958ac45c194e63c77a71e4be4f9aedfd5b44cf2a726e76

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\package.tcl

Filesize
23KB

MD5
ddb0ab9842b64114138a8c83c4322027

SHA1
eccacdc2ccd86a452b21f3cf0933fd41125de790

SHA256
f46ab61cdebe3aa45fa7e61a48930d64a0d0e7e94d04d6bf244f48c36cafe948

SHA512
c0cf718258b4d59675c088551060b34ce2bc8638958722583ac2313dc354223bfef793b02f1316e522a14c7ba9bed219531d505de94dc3c417fc99d216a01463

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\tclIndex

Filesize
5KB

MD5
c62fb22f4c9a3eff286c18421397aaf4

SHA1
4a49b8768cff68f2effaf21264343b7c632a51b2

SHA256
ddf7e42def37888ad0a564aa4f8ca95f4eec942cebebfca851d35515104d5c89

SHA512
558d401cb6af8ce3641af55caebc9c5005ab843ee84f60c6d55afbbc7f7129da9c58c2f55c887c3159107546fa6bc13ffc4cca63ea8841d7160b8aa99161a185

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tcl\tm.tcl

Filesize
11KB

MD5
215262a286e7f0a14f22db1aa7875f05

SHA1
66b942ba6d3120ef8d5840fcdeb06242a47491ff

SHA256
4b7ed9fd2363d6876092db3f720cbddf97e72b86b519403539ba96e1c815ed8f

SHA512
6ecd745d7da9d826240c0ab59023c703c94b158ae48c1410faa961a8edb512976a4f15ae8def099b58719adf0d2a9c37e6f29f54d39c1ab7ee81fa333a60f39b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk86t.dll

Filesize
298KB

MD5
1292cb96a0bc5cd6d8f9cb9634a65042

SHA1
2f246c70db3625416fb062fe92f0dd944313fbf3

SHA256
f7ba7d54e443bb634c5254a718d0680b8661590a643baa96216a6c932a484b66

SHA512
c03143c7c50befd385036e43912b9a44b26f6b6d09ed9b3f16fe6662c818b9792d9f08df0465e82e985479584caf083f8e5e38a1bdf4d181daf8878fb46873f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk86t.dll

Filesize
213KB

MD5
e920c1af75cad7541be7b411e53959c6

SHA1
586a904ab7561a85ad7422145ab33fdbce854f4c

SHA256
37a70a1abf98d873f5a30547d865015b16a113966e58872101320ec5422a788a

SHA512
ceb8718a8fc2cddde08c8f2e7c90bb56c8d1d8ff92687ab205dd43089f51b4cdba5d14df231b9785f27d9eecea8141f929df8b08c59c1d077447611af5c6058d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\button.tcl

Filesize
21KB

MD5
aeb53f7f1506cdfdfe557f54a76060ce

SHA1
ebb3666ee444b91a0d335da19c8333f73b71933b

SHA256
1f5dd8d81b26f16e772e92fd2a22accb785004d0ed3447e54f87005d9c6a07a5

SHA512
acdad4df988df6b2290fc9622e8eaccc31787fecdc98dcca38519cb762339d4d3fb344ae504b8c7918d6f414f4ad05d15e828df7f7f68f363bec54b11c9b7c43

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\entry.tcl

Filesize
17KB

MD5
f109865c52d1fd602e2d53e559e56c22

SHA1
5884a3bb701c27ba1bf35c6add7852e84d73d81f

SHA256
af1de90270693273b52fc735da6b5cd5ca794f5afd4cf03ffd95147161098048

SHA512
b2f92b0ac03351cdb785d3f7ef107b61252398540b5f05f0cc9802b4d28b882ba6795601a68e88d3abc53f216b38f07fcc03660ab6404cf6685f6d80cc4357fc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\icons.tcl

Filesize
10KB

MD5
995a0a8f7d0861c268aead5fc95a42ea

SHA1
21e121cf85e1c4984454237a646e58ec3c725a72

SHA256
1264940e62b9a37967925418e9d0dc0befd369e8c181b9bab3d1607e3cc14b85

SHA512
db7f5e0bc7d5c5f750e396e645f50a3e0cde61c9e687add0a40d0c1aa304ddfbceeb9f33ad201560c6e2b051f2eded07b41c43d00f14ee435cdeee73b56b93c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\listbox.tcl

Filesize
14KB

MD5
804e6dce549b2e541986c0ce9e75e2d1

SHA1
c44ee09421f127cf7f4070a9508f22709d06d043

SHA256
47c75f9f8348bf8f2c086c57b97b73741218100ca38d10b8abdf2051c95b9801

SHA512
029426c4f659848772e6bb1d8182eb03d2b43adf68fcfcc1ea1c2cc7c883685deda3fffda7e071912b9bda616ad7af2e1cb48ce359700c1a22e1e53e81cae34b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\menu.tcl

Filesize
38KB

MD5
078782cd05209012a84817ac6ef11450

SHA1
dba04f7a6cf34c54a961f25e024b6a772c2b751d

SHA256
d1283f67e435aab0bdbe9fdaa540a162043f8d652c02fe79f3843a451f123d89

SHA512
79a031f7732aee6e284cd41991049f1bb715233e011562061cd3405e5988197f6a7fb5c2bbddd1fb9b7024047f6003a2bf161fc0ec04876eff5335c3710d9562

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\panedwindow.tcl

Filesize
5KB

MD5
286c01a1b12261bc47f5659fd1627abd

SHA1
4ca36795cab6dfe0bbba30bb88a2ab71a0896642

SHA256
aa4f87e41ac8297f51150f2a9f787607690d01793456b93f0939c54d394731f9

SHA512
d54d5a89b7408a9724a1ca1387f6473bdad33885194b2ec5a524c7853a297fd65ce2a57f571c51db718f6a00dce845de8cf5f51698f926e54ed72cdc81bcfe54

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\pkgIndex.tcl

Filesize
376B

MD5
3367ce12a4ba9baaf7c5127d7412aa6a

SHA1
865c775bb8f56c3c5dfc8c71bfaf9ef58386161d

SHA256
3f2539e85e2a9017913e61fe2600b499315e1a6f249a4ff90e0b530a1eeb8898

SHA512
f5d858f17fe358762e8fdbbf3d78108dba49be5c5ed84b964143c0adce76c140d904cd353646ec0831ff57cd0a0af864d1833f3946a235725fff7a45c96872eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\scale.tcl

Filesize
7KB

MD5
857add6060a986063b0ed594f6b0cd26

SHA1
b1981d33ddea81cfffa838e5ac80e592d9062e43

SHA256
0da2dc955ffd71062a21c3b747d9d59d66a5b09a907b9ed220be1b2342205a05

SHA512
7d9829565efc8cdbf9249913da95b02d8dadfdb3f455fd3c10c5952b5454fe6e54d95c07c94c1e0d7568c9742caa56182b3656e234452aec555f0fcb76a59fb1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\scrlbar.tcl

Filesize
12KB

MD5
5249cd1e97e48e3d6dec15e70b9d7792

SHA1
612e021ba25b5e512a0dfd48b6e77fc72894a6b9

SHA256
eec90404f702d3cfbfaec0f13bf5ed1ebeb736bee12d7e69770181a25401c61f

SHA512
e4e0ab15eb9b3118c30cd2ff8e5af87c549eaa9b640ffd809a928d96b4addefb9d25efdd1090fbd0019129cdf355bb2f277bc7194001ba1d2ed4a581110ceafc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\spinbox.tcl

Filesize
16KB

MD5
77dfe1baccd165a0c7b35cdeaa2d1a8c

SHA1
426ba77fc568d4d3a6e928532e5beb95388f36a0

SHA256
2ff791a44406dc8339c7da6116e6ec92289bee5fc1367d378f48094f4abea277

SHA512
e56db85296c8661ab2ea0a56d9810f1a4631a9f9b41337560cbe38ccdf7dd590a3e65c22b435ce315eff55ee5b8e49317d4e1b7577e25fc3619558015dd758eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\text.tcl

Filesize
34KB

MD5
7c2ac370de0b941ae13572152419c642

SHA1
7598cc20952fa590e32da063bf5c0f46b0e89b15

SHA256
4a42ad370e0cd93d4133b49788c0b0e1c7cd78383e88bacb51cb751e8bfda15e

SHA512
8325a33bfd99f0fce4f14ed5dc6e03302f6ffabce9d1abfefc24d16a09ab3439a4b753cbf06b28d8c95e4ddabfb9082c9b030619e8955a7e656bd6c61b9256c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\tk.tcl

Filesize
23KB

MD5
338184e46bd23e508daedbb11a4f0950

SHA1
437db31d487c352472212e8791c8252a1412cb0e

SHA256
0f617d96cbf213296d7a5f7fcffbb4ae1149840d7d045211ef932e8dd66683e9

SHA512
8fb8a353eecd0d19638943f0a9068dccebf3fb66d495ea845a99a89229d61a77c85b530f597fd214411202055c1faa9229b6571c591c9f4630490e1eb30b9cd3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\button.tcl

Filesize
2KB

MD5
d4bf1af5dcdd85e3bd11dbf52eb2c146

SHA1
b1691578041319e671d31473a1dd404855d2038b

SHA256
e38a9d1f437981aa6bf0bdd074d57b769a4140c0f7d9aff51743fe4ecc6dfddf

SHA512
25834b4b231f4ff1a88eef67e1a102d1d0546ec3b0d46856258a6be6bbc4b381389c28e2eb60a01ff895df24d6450cd16ca449c71f82ba53ba438a4867a47dcd

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\cursors.tcl

Filesize
4KB

MD5
18ec3e60b8dd199697a41887be6ce8c2

SHA1
13ff8ce95289b802a5247b1fd9dea90d2875cb5d

SHA256
7a2ed9d78fabcafff16694f2f4a2e36ff5aa313f912d6e93484f3bcd0466ad91

SHA512
4848044442efe75bcf1f89d8450c8ecbd441f38a83949a3cd2a56d9000cacaa2ea440ca1b32c856ab79358ace9c7e3f70ddf0ec54aa93866223d8fef76930b19

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\entry.tcl

Filesize
17KB

MD5
89089172393c551cd1668b9c19b88290

SHA1
0b8667217a4a14289e9f6c1b384def5479bca089

SHA256
830cc3009a735e92db70d53210c4928dd35caab5051ed14dec67e06ae25cbe28

SHA512
abbbe6aa937aab392bc7dcb8bbfbbec9ee5ed2c9f10ed982d77258bd98f27ee95ac47fd7cb6761b814885ef0878e1f1557d034c9f4163d9d85b388f2b837683f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\fonts.tcl

Filesize
5KB

MD5
80331fcbe4c049ff1a0d0b879cb208de

SHA1
4eb3efdfe3731bd1ae9fd52ce32b1359241f13cf

SHA256
b94c319e5a557a5665b1676d602b6495c0887c5bacf7fa5b776200112978bb7b

SHA512
a4bd2d91801c121a880225f1f3d0c4e30bf127190cf375f6f7a49eb4239a35c49c44f453d6d3610df0d6a7b3cb15f4e79bd9c129025cc496ceb856fcc4b6de87

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\menubutton.tcl

Filesize
6KB

MD5
4c8d90257d073f263b258f00b2a518c2

SHA1
7b58859e9b70fb37f53809cd3ffd7cf69ab310d8

SHA256
972b13854d0e9b84de338d6753f0f11f3a8534e7d0e51838796dae5a1e2e3085

SHA512
ed67f41578ee834ee8db1fded8aa069c0045e7058e338c451fa8e1ade52907bed0c95631c21b8e88461571903b3da2698a29e47f990b7a0f0dd3073e7a1bcadc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\notebook.tcl

Filesize
5KB

MD5
f811f3e46a4efa73292f40d1cddd265d

SHA1
7fc70a1984555672653a0840499954b854f27920

SHA256
22264d8d138e2c0e9a950305b4f08557c5a73f054f8215c0d8ce03854042be76

SHA512
4424b7c687eb9b1804ed3b1c685f19d4d349753b374d9046240f937785c9713e8a760ada46cb628c15f9c7983ce4a7987691c968330478c9c1a9b74e953e40ac

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\panedwindow.tcl

Filesize
2KB

MD5
619d8f54ee73ad8a373ab272fbdb94a6

SHA1
973626b5396b7e786dedd8159d10e66b4465f9e0

SHA256
4d08a7e29eef731876951ef01dfa51654b6275fa3daadb1f48ff4bbeac238eb5

SHA512
0d913c7dc9daee2b4a2a46663a07b3139d6b8f30d2f942642817504535e85616835eaa7d468851a83723a3dd711b65761376f3df96a59a933a74ef096e13ace9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\progress.tcl

Filesize
1KB

MD5
dbf3bf0e8f04e9435e9561f740dfc700

SHA1
c7619a05a834efb901c57dcfec2c9e625f42428f

SHA256
697cc0a75ae31fe9c2d85fb25dca0afa5d0df9c523a2dfad2e4a36893be75fba

SHA512
d3b323dfb3eac4a78da2381405925c131a99c6806af6fd8041102162a44e48bf166982a4ae4aa142a14601736716f1a628d9587e292fa8e4842be984374cc192

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\scale.tcl

Filesize
2KB

MD5
f1c33cc2d47115bbecd2e7c2fcb631a7

SHA1
0123a961242ed8049b37c77c726db8dbd94c1023

SHA256
b909add0b87fa8ee08fd731041907212a8a0939d37d2ff9b2f600cd67dabd4bb

SHA512
96587a8c3555da1d810010c10c516ce5ccab071557a3c8d9bd65c647c7d4ad0e35cbed0788f1d72bafac8c84c7e2703fc747f70d9c95f720745a1fc4a701c544

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\scrollbar.tcl

Filesize
3KB

MD5
3fb31a225cec64b720b8e579582f2749

SHA1
9c0151d9e2543c217cf8699ff5d4299a72e8f13c

SHA256
6eaa336b13815a7fc18bcd6b9adf722e794da2888d053c229044784c8c8e9de8

SHA512
e6865655585e3d2d6839b56811f3fd86b454e8cd44e258bb1ac576ad245ff8a4d49fbb7f43458ba8a6c9daac8dfa923a176f0dd8a9976a11bea09e6e2d17bf45

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\ttk.tcl

Filesize
4KB

MD5
af45b2c8b43596d1bdeca5233126bd14

SHA1
a99e75d299c4579e10fcdd59389b98c662281a26

SHA256
2c48343b1a47f472d1a6b9ee8d670ce7fb428db0db7244dc323ff4c7a8b4f64b

SHA512
c8a8d01c61774321778ab149f6ca8dda68db69133cb5ba7c91938e4fd564160ecdcec473222affb241304a9acc73a36b134b3a602fd3587c711f2adbb64afa80

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI37042\tk\ttk\utils.tcl

Filesize
8KB

MD5
d98edc491da631510f124cd3934f535f

SHA1
33037a966067c9f5c9074ae5532ff3b51b4082d4

SHA256
d58610a34301bb6e61a60bec69a7cecf4c45c6a034a9fc123977174b586278be

SHA512
23faed8298e561f490997fe44ab61cd8ccb9f1f63d48bb4cf51fc9e591e463ff9297973622180d6a599cabb541c82b8fe33bf38a82c5d5905bbfa52ca0341399

Download Submit
C:\Users\Admin\Downloads\DismountStart.txt

Filesize
1B

MD5
7215ee9c7d9dc229d2921a40e899ec5f

SHA1
b858cb282617fb0956d960215c8e84d1ccf909c6

SHA256
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

SHA512
f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Download Submit
C:\Users\Admin\Pictures\README.txt

Filesize
575B

MD5
efd54055b28e173ea64831fc59a0aca8

SHA1
cdf18b0692a53cbeed66ee14fa0f54666cf04013

SHA256
e3cf65e96fcf774320e0ae4a42d6544f1aef476cd67184432465b2c595180a99

SHA512
5ecf69dbdf824a6e0221e7f953ed58889bbd76ee563e9fc7e5d95b68245d0f4af0e0ec5f13f002975b65bacf0cd29027964b9f8c4174134ed08358e41b58f4d5

Download Submit