azov | 650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e

Analysis

max time kernel
140s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
10-04-2024 11:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
Size

32KB
MD5

7129291fc3d97377200f8a24ad06930a
SHA1

3f858d2837529e6c973ffa7c26c643e9748e7282
SHA256

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e
SHA512

6bd4537a79f839c2964a814eed2fd5c217a969632e267afbe028b04a91a410abd594fb45bf1cba954f8be71e6041a923e932994754fcd46cc71a0bbaf4a932a1
SSDEEP

384:s+ImkKRjvD/XlXPRPNTEUZytgSisYuaDhcWNDkSIvrfPxLCk9Hf/z:WKRjvTXlXPRNTRZ6hisYugcXjfNCkl

Score

10^/10

azov persistence ransomware spyware stealer wiper

Malware Config

Signatures

Azov
A wiper seeking only damage, first seen in 2022.
ransomware wiper azov
Renames multiple (8129) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops startup file 1 IoCs

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bandera = "C:\\ProgramData\\rdpclient.exe"	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File opened (read-only)	\??\U:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\W:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Z:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\B:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\I:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\L:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\O:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\N:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\P:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\R:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\V:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\A:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\J:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\K:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\M:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\X:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Y:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\G:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\H:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Q:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\S:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\E:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\T:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Drops file in Program Files directory 64 IoCs

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\library.js	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\css\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrome.7z	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\lua\http\js\common.js	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Windows NT\Accessories\en-US\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\POST98SP.POC	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\Ole DB\fr-FR\sqlxmlx.rll.mui	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Internet Explorer\images\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\gadget.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\CALSO11.POC	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\js\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Document Themes 14\Thatch.thmx	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\MSO.ACL	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\America\Regina	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\GREET11.POC	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\js\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\Issues.accdt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\FORMS\1033\DOCS.ICO	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\mset7jp.kic	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pl.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

C:\Users\Admin\AppData\Local\Temp\650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
"C:\Users\Admin\AppData\Local\Temp\650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe"
1⤵
- Drops startup file
- Adds Run key to start application
- Enumerates connected drives
- Drops file in Program Files directory
PID:1684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe

Filesize
454KB

MD5
ce15938b7541a334c526c0d7f0efedf1

SHA1
2e70ec337e2c7315af01e2e8c98190d2081c01af

SHA256
e35c1de3c6f7751618fff0e27456f79a0ac42567d560cbefad20d13f0a382737

SHA512
e0cb3e95dbd36c7799e71f51c17ab8737c512e7ae4eff8cf5d8586a17df627c2840292785baaf4e3b70201918b369ab80077a7bc38f9a5005a77150d669f8819

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF

Filesize
666B

MD5
053ec2c45e3568450aca0c6880001935

SHA1
e87e1137ce1afafb71ef9ad00424f7ce9b9daa20

SHA256
80e85c80f06313477fe855f26582309a2aaed77ba1ea12ba578df472f54bcbd2

SHA512
c903404828c327118afeec0ca278f48e1a54d1696d868a5546db8e742ec3de07ab48a6db55af7e70921c739376c49d9362c00904f145bf57fb3739e98dc4b841

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF

Filesize
666B

MD5
820b8ab9af6bf1eb20d400880e5a8c80

SHA1
8d354474eaebf5fef2e07d5db1f6fbd2a318f9db

SHA256
5b9aaf17c5ae0fb21b8418f72413405381f9c88525a7da6d5a478aced371cac2

SHA512
b75bb6e44087a912c1ace993127e3f19ac44cdcf5b9b1adc49cac9035e6a376e850f81560c8a83d570799fa9c6c47de365093cf1ac87a0abc848359162864f6b

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF

Filesize
666B

MD5
705366c6b24f3837c97b189b515def78

SHA1
ed8a8edf0f756c8697eb1073bc123b8e7dad3766

SHA256
173839969545c9e226908fe34bc2ad9b30299af2407e715f6c0946f32113c3d5

SHA512
15d9cd7c35efe892663c0f0ef2f7609c05767a809c6a5036e367472191137e118be55e6776f2a02e79e9568744e8e55a7c8207ec6fff3bef89d557d99ef1274a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF

Filesize
666B

MD5
f324bb00ab4c94186f20b0ea07e0a72e

SHA1
04401ce924f8c2710fad78950acbddae2cd76c37

SHA256
9bfbb88b3544dafb54c57d80d0d6ae2b5454de8952456cfbdb387713fcbea2f1

SHA512
fad64f7ac170f351f4936f147b5525c6a9bb40882ed79b41207a9e54fad93ca2f18a60db2291ae2fefe261da88aa192954563c0f2f9000df159066d819f75f6a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF

Filesize
666B

MD5
f7d170c80fd42162e9024ebb0e8adf63

SHA1
0df0c18825bce78dae941de50c0fe16fa1bf160f

SHA256
e64a24f44cc0e2543428485768a133c23dd3a75c5cc05f029988921116db4baa

SHA512
0c8ef93f00abaa2c55da1c687d8581dd24292cc7c6a9465566d6524180e2bbe1250aa2263990258c86dee52d12bfb08b0aad0fd1c9df94389b1d956269a6bda9

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF

Filesize
666B

MD5
e2eb2b654d5bbb2ecc3fe8d2ff5652a6

SHA1
d752d45890ae893e6a4e70ca17e2a6382d4cd016

SHA256
33cac5e9da35d039af0274bfb0fac9db849b659795cf7522686e6f7250638417

SHA512
acdb4deef9c9ad47df83fe3ab8d040252a0c241c067214af041a1f7a6d4e53a011342967deec94140d91f785ea16a4ec1e978e84d23664ed5c722f1732a9796c

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF

Filesize
666B

MD5
d527ec0edc83b6c3b85c15676d986884

SHA1
ff737a0a184ea210023f4ea3ae56edc5f0bc6a73

SHA256
c65d3d9089cf6f721f2818336181b7e1b074490c863b4da3594b91aa7771c896

SHA512
b30013c6711efd4c37075b9b7c8fbb6c0582ac1eef7b45cffbe5ecb77c9d2a472f59eee0b5acae1392d2667dad502f85d61586069f93295d0341557b786e4178

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF

Filesize
666B

MD5
4635586f713afd0180a06b77f3f5231f

SHA1
f07fdfc05108d09feb5343b2ba64a6e2ddd7c160

SHA256
ad87dfff7d4222bcb15f6a18c51a9a48f1540844c2a2ffee658aa95622f6b463

SHA512
4061dbbc3c457f99b5d00f26f90c4547cf365d13fb5a648500f6ba4781825107debd0b80b9c4a6944fbe0c686c7768153c57af442f7ea7674a3a5d77a1236e40

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF

Filesize
666B

MD5
6331cca4a46e79641176e534212459c6

SHA1
198674f1379a7a139f33c901899bd27f0e48ed19

SHA256
3142c1d7158725626d865a7812995d49921a4754dd3853e460a9629ab0bb9b57

SHA512
117b95884a48fd4502a61b39a5c2ce778181bd94e394a9f412f3ebb99b2a0ff9bed2dc856eb4b702ea5bd6bef11cfc93374be8348f24264936b74adcf2e86e4f

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF

Filesize
666B

MD5
d1489376cb84c9a4b61cf9d273f3ff25

SHA1
ebef1cb6c8151a0116d1ad821a6bc0d34036dd56

SHA256
ae95a7385970d6e41024d02c73e21a353aa59cd2e39adbeb82777892559e4c3d

SHA512
e9a33f2127c925011d1ac844ebe5751439bc69daf73d87ed68e2191184782ea963abff6be7ed1994fbdb4fad89d56d94ce1d042098ea40f2d6a0c5ba4e4ca162

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF

Filesize
666B

MD5
ddb5117bcd86b3026c356a909c0f842b

SHA1
83fadfd58526352b747b8b29767f419beef7bad7

SHA256
5aa376fc58492a1e6f53df342e26c079346d039333e35e9ed99cbef961349cdb

SHA512
d5c540ed344030cdb631495be46437d22fc28c90c04feb11c5f9d2239c09a21b78c4a73b76090f0326ac9d09c876b68ae0b5dbce6b0228df777b61a1d4a1afe2

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF

Filesize
666B

MD5
450cd367aeb30a67d6615f241528ed64

SHA1
61a5f562de4b0926dc4487c275b5f19f84b7fd26

SHA256
67435728485ea64a0c15b9e44de21603086cb9232d1d0f28177aac8d742a0e6d

SHA512
c3916b9ead9ae416819359b1438ffc4a3027368af73c2b5a45bafe6e03875e3338e3263612df7faab171a78a5428a35253adc03ecab7aa2e4a65a4ccdd21b814

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF

Filesize
666B

MD5
bcfd631da99443fbd5a6ea5f7c9fc1f1

SHA1
ab01075ef8c89193c3185b0905c6e89efa6fbbd2

SHA256
fdbf5818539733e790e7345666121619926a9da950f4587998b6fc99bf69a7f9

SHA512
a03815d1e65d42e9f4fa05ce1d4313d4b8d25b2e84703735dd7315cfd87bb09baf59438bcdf37f4a0365a54b6be2a985026b60cf64eb231746a965e3329d60a2

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF

Filesize
666B

MD5
6a172309a363e05e728a77fe5e7c7f65

SHA1
a9414f7658b764f33d0c4ac0d1681207463d87a4

SHA256
ec13d3a4b0383a18d7316348143cc7e9e830c03fc7c4149ceb0f5c5800ee7961

SHA512
35dd34d780179431e80eed050c50b83c22ef390dbe56f408b967a086c45805ac129f4c11a667caa322ae3bf728823181946673d0f2f07eed5552fbc178a00a34

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF

Filesize
666B

MD5
9845f8e3f127a676d4f67448fb2234c3

SHA1
0399e8b1557fcefaf2b0e21b6f319173e3e8c4df

SHA256
ac67638e526fd66e7987f567df79d8e838b5be8d3bdac5c32888cb550d3d8d97

SHA512
92f47a453f3213c7186d34942f6233db42581bc7c8408f276c524a0d0931e89d46c40dafd282302f0d64894875f50f744060a66af57612914636e87d620d354a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF

Filesize
666B

MD5
24467eff3624392edb7449fab21241c3

SHA1
6ec8a2b8a69a8e9359bf25b5e657ebaf6027620d

SHA256
b3bc14d69ab563a39f29cc2b16257822b4094fdf4b72e3abef2feef5ad072365

SHA512
b20a7ff60435a3bb4b3d722a16ebfdfb7c9a6136ce2f47d8065c2860e1ab983eb140539c17f07f2a6b3f42012130780ce0f349205c3e588eba37415fe703c427

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF

Filesize
666B

MD5
22011c86d90d57167687a965c1b97b74

SHA1
05a781ad4f86520f2ec06f12e56df5b80ebf9824

SHA256
af791d38148d399f97bdb07c798e294dbdabdeca98a0d37f64fc26b3c4dca98c

SHA512
6c7159c10e139a7be0b4cb45001efed92d7c722ee21ce1401c1fbb47b9e9c97891012cdf5a289647d9cfc1212717d19f9b3b2f37623ef32ea82d9ebd1bf2e0d2

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF

Filesize
666B

MD5
a11b500b65943dee3a248fca96420a3c

SHA1
31bdbd8341dde87a57c79c7193089b9ffc188147

SHA256
74706217daf87086cd62ec6dc18187c35993bd8e9e205c70e8daa76db4c0867f

SHA512
e5b573f2ece8989efa4c2cd9deec05f3ccb47ca719b70a221e03fa87032ff15000fb1889250ad1f531fe1add0befa16fcde3fb3d147c94fab13a5fb7e8864bf0

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF

Filesize
666B

MD5
d165bc8ea7c45459e7e88c49d71180e1

SHA1
197d6ae39d349b7d2eab509ed1beb5bc4fe9ea6c

SHA256
125e3e1902e0ff4c4029f9d85d47fa6cf3729b9d77457e25fd7aa3a61bd22321

SHA512
d379fc74e2f1a4ed634f107e1fc00364f1b4e0cea14ab3e20aa399efb6620982108074e7141905400da176d34c6380baf425d2a7dc539516b6c1971ab6a8e388

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF

Filesize
666B

MD5
f70bc08d0004259bef38b8140432c89f

SHA1
9220f23c57b23ec0c95e21c359927fe97b9cf075

SHA256
0f9c31c88264a1560cfce10b96dd2e83c411f50cf3aa244306eea5e0b95883e5

SHA512
f332e404dfe0d1525a85538e80e539eb1f9ea29e93710a075a9dc7047cc99971bee590c1129a8688b3e79a1cf4652cf778f4e2fe8dfb5c39ab88c7e44dba98d6

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF

Filesize
666B

MD5
c25de0c398c511ecd6214117b3d2484b

SHA1
840fa16901c28cdfb35b8e8ffb83a8ddb0cfaa59

SHA256
29bca1834bbb5e9c97014b885c7c8f0a3e7c47682f8c8ab949d52de2074d0eee

SHA512
a44bdeed77344b0549cc95b148696ba661dc9c4057a1c531466cc8cbfee2af9b20a95ec0a685c9c202381fc03c7878eb72d2896b190e9e32a71837603c703055

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF

Filesize
666B

MD5
0ed698b84f7782eb9e59d9b035f1e0bb

SHA1
a763772d061ff4a8679800361bb6b07b20801603

SHA256
1788506a89eca0e07dbdca4d92eaaed94f752a260629a3df510b61da50407553

SHA512
cd977de8566b013fc6ca270e0790ab55382d55fc8fa4506dd76e678c9970128918bfa83323e724f6d2ccab439cc47840a3cd40f4d71a2330978d356872452304

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF

Filesize
666B

MD5
3dbf92c07614aec15c831c27faea1fd5

SHA1
f519bca5895d5a512bb3bdacca87f2571f2faee4

SHA256
ee15bf0e271bd002598337bc58fb6f172e57d591cf3d0fe4a2a31e669da5cb9f

SHA512
7ef056402970ebe807608fe88333ef0406b7ac798cf112d3f1d99c9edb0278f40a3c9ea2424a8b8e0aa76dcf0bf756c507d273520c4f9ab9f0f1443452bc6afb

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF

Filesize
666B

MD5
4370597ac41743d2b7cbfd60a0e877cd

SHA1
90dd81bed6aa17a673c4df4ec38684f78028c9c9

SHA256
61b4f50e4d9cdecc055bb6ab7c3702af3c0cf8280300472face78a1028adc3f9

SHA512
d937dee1e9d8a56dbe2ed83137f9604fffb83a4a9e80bf263f08b8025b808ffcc31e672d9e0edd18fdfd6010217418b250036dec3424c68733c3a60cf6d844bb

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF

Filesize
666B

MD5
aef9180b3b464cecfe27064be3a4043d

SHA1
318fafd62d6b9f08e0c06700ba561c5e246c6362

SHA256
a464739d469e5fbac6e08ec4081cff582c924e40076f91b4caf05ad68207646c

SHA512
c83d7d074148981f396d47908120f0971efab05d1ecfbae138a481b75f3c2a10c256edb748b29e6a58abc0a7bd033e4c65af25833aed56efe9537b4919febdb1

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF

Filesize
666B

MD5
857d41307eabe7806de1d5c3615e097f

SHA1
34f2d8aea3c3f06a9ec830e18a1f44c3f70dce66

SHA256
83e020e0f70f522717b8efb053874d674b2ce0a5a2d7513d2ac730f78782f68d

SHA512
006b46112b52b39b9e4c6e0ff54216a02ce96354a13d89977f1e61001e255105e9084ddb501d62dec04c2faa52d773e05937cd6fe31978dcc96fbae644f91efa

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF

Filesize
666B

MD5
4aae69226739c014cb057c05cd77b480

SHA1
9e708d7680dfdca067c7cf69d3c0ee2db9d81e61

SHA256
31159d8ac8c6302d4df57ef68f1464e3cd17f3fdce6472dc63589229016d9eab

SHA512
cdc949fa70efe4420d4c6072f0d6398e0dc815f9241a2bb63b667169454f07e79d649f01a26b0d344de1522b72b548886139e573ec9fd9357a57bb1b59d64796

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF

Filesize
666B

MD5
c5ea53489e9a83326a859734a66caaac

SHA1
cc82ef12bf36c176c7fd38433228f02839f5b144

SHA256
066e561ac46c206ee13d669dc0d55aade03fac3162717c5a46b80d189f2adccb

SHA512
5e7a401ea6656007fdfd212884e56d414c0f700ecb234498480b6ec24ae0bd49c5f2761fc21dd864bc70aad541959080eac7a9d63532d0ae365ef42ce270f387

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF

Filesize
666B

MD5
579d2fcf3296f8f76ee040761fffefa5

SHA1
e9732c9037a1176586343ca679b1faccbbefd0da

SHA256
d54b84b621749c2218d16aa2480cb1639fb4a425c7155e67eb50c1e40d3bcd1f

SHA512
8118d6f0db605cfe77f0a5d3ccc8b59b4dae9eadf2b4728392624a7a842cfe128b35febe76945b892973d994c0939a6581a32288fd3d831b1f19e16e0a94c871

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF

Filesize
666B

MD5
e44b4fa8febe50c90addf3f4b9e96ef3

SHA1
94b94d451deae3e96142f4d484175321bbff9780

SHA256
ae5e55e5ddf586d500b36d5a57be575f15d2dcea123c232b97ec696cdda538df

SHA512
df2684dec2d8b656514e7f20a9e898f1fde5ba12ddeeca92cedf5ca7c902f0f78f8c5be43b8703a1157919d66bdb270b14ad5111753fc8bdbe218e00482d80b7

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF

Filesize
666B

MD5
fbf68c6f358ab281feb26e3045e5a430

SHA1
e1d513fcdebb7958882eac13340b2d64f6d6b680

SHA256
346b3d9c88e07f7616879aced7918da7d1e5b977e9e106388458e04619a2bfa1

SHA512
427069b18f50f89888593c550b87b3e3ff308ea1f2fa13f799ff04bb59aade53c6967801264f1161e4ed1de418b36a120ceeb522a71dcccd496023ef0dcfeea2

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF

Filesize
666B

MD5
d2a63dc2e50775fa82e21b7090135ae7

SHA1
4afbf282f683a22b6301f9e0c6cec03eb78255be

SHA256
7afda968c6ad6aae68a6477e4f08a9a8d2c81ac1d40d89415832f62806e3c844

SHA512
9a4f2bfc176043cdea11a1424340dc7ba3fd97713969fc9f08994787d7a2afa8f86c42f55f7892c0b05fa5d81888b7081e785d11bab378bf8a624d838239df7a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF

Filesize
666B

MD5
cb2f80e646f1a300609b6b5990da41c4

SHA1
9309b028e84fe97586da5205f4d1bc5cf2c38001

SHA256
aa5aa09e76e1a815693fd791fdb294bde85500d3dabf70feaaf88c9c7bb15b7d

SHA512
7bdb6429726ad3f35eec64fe086437b610e345918fc50de20125ce625898a911267f0b9d16a8f644c3cb8f95dbf5bdeff57e3188e8f2b7ca762c11887907b643

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF

Filesize
666B

MD5
be2165ab8f18257c530b1f611b94a7f8

SHA1
4e2ad68fb3571a5e68289e9d5e49213a1779c4c3

SHA256
14e60d9708f990ed36d07ba8ad434959ee0a4b91c8e77531ae27402ba6c701e0

SHA512
23e364e15298a0847148804a0d3c1b7e56a7894ac441262f75ddad8b9199b2d451c0b8432515698a970e0fc154698e00862fa4ed2b26bcbd41221dd2d6658a91

Download Submit
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

Filesize
284KB

MD5
23e4b6fc24402b957bfdee0a21bf22ad

SHA1
fb6e64d8b12423e8913f2c7d4bee0b1250bd272f

SHA256
6bce742ca028e4524af1f2f37e7761e2526bf4b3791a14ed95293ee9b53eb97d

SHA512
e84c2d52721c8eee22132def3e7661240c23232f14244e47284242c6d628d8756491a88b62888043afcf0b99df2befdb8b3b44228c53b902d6d094b2dad462f5

Download Submit
C:\Program Files\7-Zip\7z.exe

Filesize
567KB

MD5
4218c28deda9b09781b8bcd99c055e4a

SHA1
192b58331d42581d9a87b75263b4632f77d44eff

SHA256
a26d05323018e5690251f2456dc7fa89a13a2020634268176acead7d2ccf334b

SHA512
9003240ba8ccb0f19ef58ebef5c8952a60ae4e974a3e9759d818c039cf34105bf098c7ef7c241e18fa995c02048e9fac86778ab1fcc68fc1c43d2d54c8c3e456

Download Submit
C:\Program Files\7-Zip\7zFM.exe

Filesize
1007KB

MD5
d6df7ee34b3972e29112e9ece932254f

SHA1
9fb14138d2be00f7f43b7a98be28ab4afd4668ea

SHA256
b35e8499b30721170f605bd65b0c98d8c54897728e2bbd945942494004f49d6f

SHA512
03d898f9d46d3f03233d88e775efb3b6837bfc9172edb435141df0fb3acb641c4945625fb2f3b32a65c1ca2a3012fe4bba326de0054aaf67d5f97d6a44b980af

Download Submit
C:\Program Files\7-Zip\7zG.exe

Filesize
698KB

MD5
6cc48b71ed7da938751e6e1947a0191d

SHA1
6f3cef571e17a86f8f9be212fc1e84197cb1e331

SHA256
2521447a32557037146cf958dfc570a6d6fac22124cf5232ca2675e9fa922a66

SHA512
017c51295ac3dfb1705141f181da69e18a4472b0b221319b386bf8e7f2cfed7c17d66d74c0e595d79cb2d310b6217191f66307abfbf94a1671279bbb29afe108

Download Submit
C:\Program Files\7-Zip\Lang\RESTORE_FILES.txt

Filesize
2KB

MD5
78ede93114e65f9160fd03d3357c56e6

SHA1
88d531b101e57655f1d0d26c6b3257aa2468d460

SHA256
c97412fbf88da8f91099a52888dea4c3f222cd95af3e681e3271cbca8b6b7bb5

SHA512
074a4c741273902ccacb6f573b96d8accedb2ee405dbd04350cdbf54d180c1fd577a4e90c2aae26bf72f3782403f4494db6e3501a04cfd9d7d81a6bc14884b9d

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe

Filesize
4.5MB

MD5
3819d3ed95a181609c8cbd58d4f729a0

SHA1
2bad7a5f0eb8698f3e5a269063a5221ab909d787

SHA256
d8372cb889744ddec7174cf44e7f8a68afb2fa63c724d272f578170fc50847d8

SHA512
518d0d60d2552e5c8666477b92386cfabdd6e01d0968d95e65566f6bce53bf7652a0d48982031534d3e58ec452824bd2b15640eee9d74287b38d145fed4ebbd9

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe

Filesize
1.8MB

MD5
38aafa847fce21c1ab3901e6b972e169

SHA1
891c7e45e055f1e89385ba61a758ef1c84e35c6e

SHA256
cbbdbcf7c336c264bb3253be78f2c50e3d97d62a97a1ffb935fbf7bedd76fcfe

SHA512
9a5f889d052d5cce900fe8ce0e77d4624c5ffa7317ef2fb44360ff1f72482320c5e07b96933fe0bfb100f5cc7691acf125c2f34304b09a5c4d4b195b8559757e

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

Filesize
1.8MB

MD5
d06ca2eb46362f5b9cc7528e97e8723a

SHA1
2efe139c105767a8957919d83e4ef1221297263b

SHA256
a6c28f077f9d167a54c4b597747dba458f66ee45aeaf40ea490bf98bdf2e25c0

SHA512
3e0b09140c54f02a9784faa5191a43ac2ce69af53945ddd1e467287bfd452546c9d409ffc9f005bb21a6bf5368e259800166c50410f947b4709c1a18e3587524

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe

Filesize
1.4MB

MD5
e599ec962b12fdc7acc8c5ffefb2b7d4

SHA1
b81bc947ac4ebae961d29fc67d331b531a02de64

SHA256
dd347cec992613c9218e9ce68d41e959aa6956c48da008284dc5edba4654daaa

SHA512
d2cc30acab9e68dc4bf7ca43a18ee2a839b2f0c7c41ef9612c05d143dd23cd72164c16e25f642e826b6476c45f08451fe7a09ef297796fdc0a6b3b8e50825496

Download Submit
C:\Program Files\Google\Chrome\Application\chrome.exe

Filesize
2.9MB

MD5
b493f84a19cf3dc4ebe1de283aebe85d

SHA1
189ba408a24de79e65ed7018e997286171ff9b2e

SHA256
2fa539c1a6a052b1c67452e7af8ef249469bdbccc5d2c4ca1c470f9713e979df

SHA512
a6906a3f29412c941839dd20efd70b0a0f6c2a7659794dbf24cc86e2bccbd00979b56d113db0f6519fae5b404f2421eac747794c4f791f09ef044cf572c1a863

Download Submit
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe

Filesize
1.2MB

MD5
ddd3687d902de15623e7e2a29c14d369

SHA1
faf659a8e58a84c41813e5bec4da04bc19ff775b

SHA256
c8ffa2edf33287b3e164ce1392ed16bdce255e8eb61bba7535832158831f84ee

SHA512
4e792aca59d92fa733bc2e2908477cb304e175e5e9dbccd2dcd96d95285528a69bf7ca1bd55fad90d7c0f342526ac43100bcdc50917a0d2e9980d8b0106e68ec

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\java.exe

Filesize
226KB

MD5
870c50942bd0053e749245822436c4e4

SHA1
ed674a9e03276fbc85df4f4640d5c6aafd4a1102

SHA256
d0c9a5d455400049b502d8a9dccef4bfc4667880d84d1de422e4917a0e7f3248

SHA512
d37ca833ef1757784cd8bef4d282450f4b47007b2d60b20fda8c1e4c1e5db37814097d967ad8d20a869ae14a2a3b3b5036f829bef2d1d224ca67df9ada4b5f75

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe

Filesize
226KB

MD5
067b1e48bdd08a6307fc063e05434f3c

SHA1
467e0efb53387a1edb6732f38c184d825d0ecc6b

SHA256
778c30c60d36d2ceb81fe7d2798ee0f1c09ff9fbaf32e47712a1d200ec96581a

SHA512
a87fe7d34ce9b4cb69a113bca565d9dd970d1c802b51a27bbf83929a9903a556b8b8487b34cd631540f4900f84c8624e5347660e28148137f0a50700783ef7ca

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe

Filesize
390KB

MD5
9b1407a8fb676205f0f4ff8094f7217b

SHA1
959fd4cd08c6b81d625a4f3cdac2ee33cb3521c7

SHA256
e9c8f5a564ce13a03343bfa7b7621aaf596cc48badf3690441b9c4d3834c50a8

SHA512
cf08e2bb4f14a25589805ccdea41fc30cc7e55c5d9015727957d8371c5fc8c724930c4f847779b79c776d71e8928b554fb45b244e0786c5fdd6a1e82e7401d1a

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe

Filesize
338KB

MD5
563211b120395912d370d46c6dbdf7c9

SHA1
336c3c30be55f4a87e62b7b03e9a0ce578d8eca5

SHA256
d8836951a4e585df6f0ccc550a4472b1d3ff6af1d88b8396724eecb1d3e0000c

SHA512
a606010ba2db1ebd1dfccd1317f18ce3950b982bf80f2edee78ce3c9779142c90a0bd527c58d475ef6777b1bbe450b772833f8df2e6fb61c110c21868d067914

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe

Filesize
226KB

MD5
7e0eef6985aba209ea37711a2f1cf83c

SHA1
5bcd408c7930e72a2dfdf104ecf05fcdc6af65d2

SHA256
35476cdbb6b6e1a1ab5a14f975b7c105acf8a1e8b9d70ab0cf8f3023e87be912

SHA512
60adfdf9fd098ea5410661d80813a0feb3036d47c0c15b89872eaf856c8de4df60f5cfee1eb84e01c1060309bee30eccb7d919876fd1374f13e7ca28c9a85230

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe

Filesize
226KB

MD5
a6604b04b6bfddef6d65ce7f1153a849

SHA1
230948a18a27bb00c8febc4c2d84ddc548b92f0d

SHA256
2ce0f51cc1bfba4fb6bab85b66dc588e1a3d3597b656632226156479923235b9

SHA512
251e0acd1a2bf95b5e68e2729ee8cb873bb43ccb277db59f928244ed05fd9f1fff088e9fbc18f1bf064606cb3dcbcc6b9f3878cfca9cff90df497287a4c13d42

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe

Filesize
390KB

MD5
51668b4eb0e0df1f7e89cd5b3edda261

SHA1
bef9cd78799fc5b4d537e020f63da15587872d8a

SHA256
9cccdd73ddaf4899cc9e74dee22d18c8c2c359488f6afb2ed38ec02845e43497

SHA512
50c9405ba641608381e297c7ff984cd48a4f4586e27673a1a6d67258e543e232bce5ac4885bc870b9b9d5f1944d6f60e70425fc7139ee229bb2a91a39442eebb

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe

Filesize
147KB

MD5
ec8a1bf0002e33078ddcd3d2f1155e1a

SHA1
2f35e874900065954e7d26e07ef16df78f5ac9d2

SHA256
bbfc408765d2acffb8681cfb42fe5964f6c123152e41a4b64252b4d358e72744

SHA512
926ef9b5edc11215cfcc5a903a2df9ef6c040fc40c863aa42f4c1bf20a087b88ef65559df693814a5e8c8cec1f728ac9307c1adf0f55bdbd2c508ea708504b94

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe

Filesize
104KB

MD5
daf45593d4ce2c48a342002bd72dddd3

SHA1
2ff5754bacf61b002002c83e281e4def17bfb43b

SHA256
80dfac4671495415221069a2549d6cce3461d570fb39153549d6f476266d8e8d

SHA512
da6e67add91309aff66bad6a908c756d7516fd98856639e67bb4d4f3b097615c0da8777b6a4e82391df9872f993ad764e7195357597ce26490c635271592f36f

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe

Filesize
338KB

MD5
cc0f7de33ff1ddc7efe574a1b9b5569a

SHA1
423d539717afd893218d6c9708ce3445b0878f4c

SHA256
0314940c9373ef52982d0cce9f138d25695f361c9eb44c62fe03edc7fe9dc349

SHA512
619d5cac40075cd1e346f4583e54aba6b4f1c01a61f18795edc3a7ddd6ad55bf74ff98a77bf44753e7bad7aa7b5b763ed85fe33b82e02a58b13bf3e8be730fa3

Download Submit
C:\Program Files\Java\jre7\bin\java.exe

Filesize
226KB

MD5
e9b51244e1a671a8083c620b14021c62

SHA1
b0e6bcace57af9344fa2575f74c38f23fdad1608

SHA256
c2267d9af8a2e1f5f236cc1f922b198cdf0f96fe00fe29b2f6ff4910ecbd61ad

SHA512
2df721e3d681712eb4357d01fc06ded056d9253e1f1d90edfdea771f2a7fa889c10cbb1cd1f482511899b1e54ef6a670855c963846cb99ef6f317aea134e07bf

Download Submit
C:\Program Files\Java\jre7\bin\javaw.exe

Filesize
226KB

MD5
38ea8756c85955443b438d776c1d8c64

SHA1
58c7d333a6391f79db9c1840957e515b377c479b

SHA256
7f999d2a0e0c63f5a9ab1d7504311193d0fa31122d27e54baed8148a3fdc2bc9

SHA512
47d1a8d5a802e5cf4ddc6953b92e04678eae97850b41c585e057ec7dccdb3a7bffe60ce41acf93a71c2ad51c9813ec8d86f870be1769f56ca851e90b130ec043

Download Submit
C:\Program Files\Java\jre7\bin\javaws.exe

Filesize
391KB

MD5
4275bd1b2853d1a82655f2308c3b6bd2

SHA1
63dd0c03a2958132a2c90f309600bc2f5bd9918a

SHA256
a1e3c2b2a841981880c06ab1436d8e4f02a7ddafb5bed011dbcba71e56244214

SHA512
d26fd628289e843ac8d2373721e46cdf33aefb4c14f2a140d3853585fd62d526bf0d8eb329e8a8e93b9dd22e4e004e740e4e6890e430d946cb86ec6745ce62dc

Download Submit
C:\Program Files\Java\jre7\bin\jp2launcher.exe

Filesize
147KB

MD5
815b8647b96515a977111d2fdf345f0f

SHA1
785065944280da28a0e9fa1a9d3f9296e70d9b0b

SHA256
4265003703852d84054057274e2e393c3394b8f578448eeae4a883d650775fb3

SHA512
36549ceb3da421cb86dca6b4fedd83cd0b91664468ef8cd102c8a45e4afe73a0a24e32d844126ab4598c77d1fb939221dfafe5bf8e711d35b547f5c3fe5d116f

Download Submit
C:\Program Files\Java\jre7\bin\ssvagent.exe

Filesize
104KB

MD5
12ce0134b606531453b9a198777968d4

SHA1
6382ab17c2631364269cf4fb07321eefa09a967b

SHA256
c1af1045006f5c563f481a79601bf7322d479fd290efad39f8d65f11d1c0402e

SHA512
774beb4f9dae5b10299e4ee5222d1535ebcf28f37bdeb75d6e60e3d10566ad8818d46dd72337a77c1a19f43482d4d79d51016b48887e513ad5bd6864ec23612f

Download Submit
C:\Program Files\Java\jre7\bin\unpack200.exe

Filesize
339KB

MD5
cc03c7993469982be6607a49b9f6f0a4

SHA1
84ac4bea7e96dc7467a84bddf706ada2764cb846

SHA256
24441bdcb5c7535f2a490227c38fd0125e6821b9e78d3919079717fac05d2987

SHA512
36b90e0b95832b99508699b0142dd725f1a97d8abfce0415d287b2536945613d71e0fa6efddbc4f265b4cd1186b29b8c95603db8c59ec6b3b875e423859e45ec

Download Submit
C:\Program Files\Microsoft Games\Chess\Chess.exe

Filesize
3.2MB

MD5
faaaebfaadb48e9504e3efa00eb252bd

SHA1
bb19e06af5d8b8e31692b14aa03e06a3ab7eeef1

SHA256
711c42cedd319e2e16801e8067b399cf4d901c0c82c6790551b52657d8268925

SHA512
47a8c5418ed8d4d864769a42d2e90cd869ffc793cf55914eababba410b73ad461f93b9f6229056117e10a518bd62a8d824f6050165d2ec86a73c6f97155a6d01

Download Submit
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe

Filesize
969KB

MD5
2773a5fccbd62aa0ef72bceef6925973

SHA1
d8c9e62f97e2a46ba47ca4a56ac108a9f74a9522

SHA256
cd6a0d915a25ab6e06f1c9a657cfba8815fbacd8511fd04f73500d2544e1bcec

SHA512
ecbd7663d5d2907b4bf9bfc523b335355e81133f0f260c1268cb37fa4e5f2e39a543987d8a7a17ffbd390fd3f01c0a4fad1b3e9e8e86fbc0018ec44444cc121c

Download Submit
C:\Program Files\Microsoft Games\Hearts\Hearts.exe

Filesize
788KB

MD5
0db9e6df97f6a8a67dbfb1723ca57de9

SHA1
4e0451602ab18ad7af12fb2cf1308232e7c24b63

SHA256
361708b0a4f504ec27a469946e3cd9f0971886d1bea3ae2e33377b1d6c5717d5

SHA512
e07fabbc7fabbf038e4a708ab06e17a78e4401a9c62c93750e1b670430ff9023c48673b9d53c62bbf411030e6aeb067547dbec8eac26b647e23292e24d91e1ad

Download Submit
C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe

Filesize
951KB

MD5
17a14a458b4322e832dfbc1e57c53807

SHA1
decb4ac455315525c47ba91245bfb1a6d76e97ae

SHA256
05b11dadd38d3697d7a4759e22d72ceadf55c07af61bb51a3c6c268e905ab260

SHA512
c809a1b6df72e8f32385e095971f5af7f90f639db30a1520be1aa3cdabff8cdbe244525e2cdacb164469ae24cef7f4460cc13acf5b5687bda1503f6d65816f20

Download Submit
C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe

Filesize
1000KB

MD5
c811c704248beeb346718a677bc9e0c3

SHA1
0e20554a97d858d4bd47a1d17fb8bb157b45f6e6

SHA256
486bc0cae0603e86c218f4b3b3518404dd10f9e24b3d250bcd9ff5b358632ce5

SHA512
1fd4477352ad73dda9a886b46d3ca8520a13c7d4fe53b0effa0f48f124b70a0bacf40389929bc968371aa115410469cb7b6b0c64735f283e388c064880b05a60

Download Submit
C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe

Filesize
1.4MB

MD5
e2bd22cd7e889c6d093c4aa724815ea0

SHA1
5c160e9393ec572bfc3a32525f7f5b3dba34fa6d

SHA256
4bb6bd79f99ce4182de82ef10db0fc1b6c59365e14cc8dc6eece2b65b130f068

SHA512
e99d313649e171b62d045075bd9b73c935263aadf0a122f4395133c1c8be7df29f83b9ababfb96a1c6a4df7775338e6da7e046287fc449e19d7ec0686218c8a7

Download Submit
C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe

Filesize
990KB

MD5
4b011ef157148dfe633e468d28df5277

SHA1
61e5dccc2c1d040f4a90c873005699754d58bed1

SHA256
6b20af78e3bacadac64801f53f87edfa3aa9e442eca7bc2ff43899155623c63d

SHA512
821d2269fb90a9523416b56f945b977112aeb32904a2f108018d1705569b071b660d9addf70242da4075433d50d9ada61a70eb8dfe0c21c5ff3800dd482899b3

Download Submit
C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe

Filesize
991KB

MD5
e3a20ae0b57367f95099204a779b2381

SHA1
0778ec036ab282c10f3040fccc5dcde66a281940

SHA256
1a061d3bd546e6426c64a423e5ea92566938574d0bcd69b76b02383ec3545183

SHA512
c5ec93b8d88ef32e9d90ca78bc67c535ad86f24e0e2de262a3cab42e68cc275abcd6b9adc1e372e3e78c5e1aa34def26d1c7240d673aff7a3bb36e5ea1536808

Download Submit
C:\Program Files\Mozilla Firefox\crashreporter.exe

Filesize
328KB

MD5
b7c2dc592cea3a86e99ff2a96ebc4020

SHA1
46cfca20424f72c878f7acad6b4f987302bff876

SHA256
9dae47f40a19332858386e8104339114a10457c84b42011a51a0de1ee3192044

SHA512
3bcddc7fbba870543af894b212aaa23f9adb8c01e58d21f80bfa9e9b0a0c6e1778eefdd6eb162c4d3c1e51f9885dfb48128fde4b26eec5066998bf26cf093742

Download Submit
C:\Program Files\Mozilla Firefox\default-browser-agent.exe

Filesize
805KB

MD5
df219b7c499419becc5e5701b1a64c4c

SHA1
24139e88d0f71d2315448921c4b7189c978496dd

SHA256
c9acbe45059efe886d04ff5c6c65693c633e6b2a34d0a1827893c79f67e8c258

SHA512
6ba1123735a784640b3de216ce4382647dd5267fc6332f726d9aae4968cbbec78457789f1cdb119dab17ba26d845605c6f63bc23f2b911f085c94fb1cb786ee4

Download Submit
C:\Program Files\Mozilla Firefox\firefox.exe

Filesize
774KB

MD5
2a8220dff5d0e9c7f7dece9f24a023ec

SHA1
52236d74433db301606f64e93637d0d2d6b72de0

SHA256
ef744eb78993fccf4844a42cd10b9dc24638da6555ab0c0dbfdbb0fe7d726005

SHA512
a44b3022fd089bef749dd8aefcc7e67b7c25107d7971ed104baf12c84372f9fd6b8421f5e0385994c53c87b6c4705dff03b4075e62858f50f43494c54f935a23

Download Submit
C:\Program Files\Mozilla Firefox\maintenanceservice.exe

Filesize
284KB

MD5
219c4d0be94e423bfcf084d426c36a88

SHA1
9cb12ce5697789d740ebd88a2c16e58560784027

SHA256
982e0c82d89260bfd69c524de3b8be4bdee50dea258b651be183cf180fe00172

SHA512
bffc45a7e77c6d49fafd8e883db5d12d70a9087ae6e2f07c4ec5cd65d367e81af8c1d3bf1fe17b960e7049b65070005c1ed3a128b7b612b50f34e8807d82da6b

Download Submit
C:\Program Files\Mozilla Firefox\minidump-analyzer.exe

Filesize
840KB

MD5
9290bf8e28744dfcb0072b264df7f2bc

SHA1
3d8f864f184b8e9479a849f9fc394c6950bae123

SHA256
7dcdeb3858fb78e1c4c6831f97d8ab183ad5ba6c9579f8ba495e19e05035f428

SHA512
4c65c7e037dd5fa0587a3d4cdfc6a2d1db5daeffd76a8d39367eb73be293aa67010d8a25271497161647713ab9d4c27e1811e93433a4be2002a9736e88f2970d

Download Submit
C:\Program Files\Mozilla Firefox\pingsender.exe

Filesize
123KB

MD5
92a029430c40d69edb8845421c731d49

SHA1
ac3b5fd44bdb8de5f023ddd3a1f7d0000a8e72cf

SHA256
cc099155a89d49bb4a51f830fc38566fcfbed9e79c99e3759ff8c06284a8939e

SHA512
5ab6978fec44b81b995e8a5daa1e1e68648d577da34950fc1920f3384c063698c72dc6fda4751fb0d2aaeafde1e7cea8c4f00e5a8065471afc19cccccc1ed425

Download Submit
C:\Program Files\Mozilla Firefox\plugin-container.exe

Filesize
401KB

MD5
61dc1cd9fc59e3c4d10d9b526cb20e47

SHA1
f03c7cec131d3cefbf65bbf91d152826fb2d3f11

SHA256
2dfd76a80f7f40a29933bdced9d102e36cc76bb10b1238a774c94d07e1bdd96d

SHA512
374887657bb67d83cd78b5acdb5cf155fdaa963ec1e8de8804d21de4fe69e2fe4bb92acdaf6af97b85b5698af8edfaa82c1e09b8ffc3a3dc82f18ee1362b99e3

Download Submit
C:\Program Files\Mozilla Firefox\updater.exe

Filesize
455KB

MD5
a7e849d750e350bbc7f9c6e5f96a0c31

SHA1
d7eb98fd6b297c12f6183b895010c2f572f194a1

SHA256
b83cfefc0b362486f55818660e83c8c79c9f7bd321917edfa4dba8442a40b875

SHA512
d7d0cee06e493d7e3a5b822011e8ec44a059d3048f4823111d334dc32c3afdf91ecaa355126d1dae26b152af04567c2bef0d9c2145e397bbf66eefa2ddc6fb74

Download Submit
memory/1684-1-0x0000000000110000-0x0000000000115000-memory.dmp

Filesize
20KB

Download
memory/1684-5-0x0000000000110000-0x0000000000115000-memory.dmp

Filesize
20KB

Download
memory/1684-0-0x0000000000020000-0x0000000000027000-memory.dmp

Filesize
28KB

Download
memory/1684-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download