azov | c80fed268a0c461e382fe561fb0e94f41f4d1c4d611858bc56ea6118293e3de1

Analysis

max time kernel
1793s
max time network
1562s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
15-04-2024 12:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
Size

32KB
MD5

7129291fc3d97377200f8a24ad06930a
SHA1

3f858d2837529e6c973ffa7c26c643e9748e7282
SHA256

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e
SHA512

6bd4537a79f839c2964a814eed2fd5c217a969632e267afbe028b04a91a410abd594fb45bf1cba954f8be71e6041a923e932994754fcd46cc71a0bbaf4a932a1
SSDEEP

384:s+ImkKRjvD/XlXPRPNTEUZytgSisYuaDhcWNDkSIvrfPxLCk9Hf/z:WKRjvTXlXPRNTRZ6hisYugcXjfNCkl

Score

10^/10

azov persistence ransomware spyware stealer wiper

Malware Config

Signatures

Azov
A wiper seeking only damage, first seen in 2022.
ransomware wiper azov
Renames multiple (8146) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops startup file 1 IoCs

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bandera = "C:\\ProgramData\\rdpclient.exe"	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File opened (read-only)	\??\B:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\L:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\P:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\S:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Z:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\A:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\M:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Q:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\T:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\U:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\I:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\W:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\Y:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\H:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\G:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\J:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\K:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\N:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\O:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\R:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\V:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\E:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened (read-only)	\??\X:	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Drops file in Program Files directory 64 IoCs

Processes:

650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

description	ioc	process
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\fr-FR\css\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\STSLIST.CHM	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\NEWS.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\DEEPBLUE\PREVIEW.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Microsoft Games\More Games\it-IT\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\js\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Templates\Presentation Designs\Maple.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\picturePuzzle.css	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\RESTORE_FILES.txt	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\Europe\London	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\deploy.jar	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\css\RSSFeeds.css	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\MEDIA\ARROW.WAV	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\fr-FR\gadget.xml	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\js\picturePuzzle.js	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\Pacific\Wake	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
File opened for modification	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png	650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

2828 NOTEPAD.EXE

pid	process
2828	NOTEPAD.EXE

C:\Users\Admin\AppData\Local\Temp\650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe
"C:\Users\Admin\AppData\Local\Temp\650f0d694c0928d88aeeed649cf629fc8a7bec604563bca716b1688227e0cc7e.exe"
1⤵
- Drops startup file
- Adds Run key to start application
- Enumerates connected drives
- Drops file in Program Files directory
PID:2972

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Public\Desktop\RESTORE_FILES.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:2828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe

Filesize
454KB

MD5
5af7ee091e2658d9805b66f60b8a9667

SHA1
b219ecd96ba9609bf8f40bfe6307205c4c82291e

SHA256
8b2c77b6832710f95bf03e60e83daa6287e81dc055830d91f7bd21a9805c90c1

SHA512
865afe34df12232313fef58c0b0721a45f002c43bd224f52667be049922e6936fd07f22b1ef1b0239fec39960acf37f3fa4b14e5577ab102731a71d843a11fc0

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF

Filesize
666B

MD5
5b7959600078f1a6b199bc3e1f565f91

SHA1
4a3b4406cf74f4668d9d62558c82303e9f5cb76b

SHA256
a303ef44711fc9e093279d21a83b5bd2c7abeb9a05d2a907e04a9dfebb30c316

SHA512
280b7ddc5c56e7b7de67c4a96c1d91aaefb1359b4e3f31821682092464d4dc52d4b88b4b1fe57b93775eeb63d3decc2cff5c7dfdc08a588a039ade03af3090cb

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF

Filesize
666B

MD5
5ddbc87de4b5b98a31e648733f8bf5f7

SHA1
cdcd12b833f84df225db53e7eab5ee76b556b628

SHA256
3a4232772d54c9ccdb58deb63ce45963e156a00676a899d3415476bf5d1b2714

SHA512
6d20b2406c8b4c102b18826388f9589ae906312ada82cc6c2cfe48bda9858a3ff0939d4cdddc061fe40e6ded5beaaf925dc1ee39db9840d16cbd41f946019adb

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF

Filesize
666B

MD5
1327266f04ca479e8e2142f66ab7659d

SHA1
320348a2fed7607cd6b52fe72dd20b440ebf1b6f

SHA256
0b001532bac655f79256af266a9d8628f8272042b2f7742ef32ffd77a4ef8187

SHA512
2750c41af322093ff1fe7eb57d59b48e649c6eb8dd0d8c8b30d6fb00f31bbe7f4ab9210b8b513e9b1258028bc315b508a5b43c6e616d92a57003dd8fd444c410

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF

Filesize
666B

MD5
599fca24e0c681673823d673afcceb08

SHA1
40a5ac4d7802eb5bc6cfb2dda7578438e8e25636

SHA256
a9363c2bed7a22e56adcaee4e581a42fda1eb8cee3785ccacd3bca98327b8a0b

SHA512
49da36c2359654e93e551f2806a2e8f03a64f7e1d5ef3fc7805466abb125a9c3f8aff71e74a4cdf5caf4d964fe11de039cef7b2a5c507fbeaea8bd6c88a8ec51

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF

Filesize
666B

MD5
0137878dfdbb8a8a26bd45013b09539c

SHA1
60c3d339e962569f3cab439e7504c63b74508097

SHA256
695db027598a72f008e05134353eb2a2c1c4134a3e3db318da553c161be3b318

SHA512
e4598884eb387337fa3a128ed7b9e2e307f5194f941c4d09eff747368e0c75f5498d305df0db2b8328289ed518f5b4d9ce8438afe156161a28eb72bfceee86ef

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF

Filesize
666B

MD5
a91993ba6d59838c09a6da7f8f001216

SHA1
1c9ffb173d09ba5c94f9ae4e3223922cec55f926

SHA256
e71cd5e0b12bc2f39ee8558b18bb721fddf1c7e26482c449ed608ae1b6ba9749

SHA512
5bb95202b3b844982bf45798b18a2c4c2fb811348ee7379f3df136505f1dbb4b07466edf49c566f53480b2cb2f73a1dfd80effddd8667d05a2a95b1e314fde86

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF

Filesize
666B

MD5
0e7b9610ba915e21f1e3537e92c5b161

SHA1
a5348ef12a71e93c3aff918f0bdb42c69001963e

SHA256
631b1096a2a4bc6bbf7404c8e3a7cfabfe1e066b7213bbe847ece1cad01dee73

SHA512
8934ab58aae3c34bb6d0759cb9639a0983cf50e038ab869a402a85cc88b6507aba6d564a03079ea7e434a16b99bbfae6912dee4acef0695be6371154dfa01d2a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF

Filesize
666B

MD5
0f6dd8b9daef71df4f44fe3d3e77dc3c

SHA1
661dc226297d8086b6bef7390fc6e7f8f5085111

SHA256
d15efbaff4dc663ce42edb8a97744cb0d7d1deedcedc5221764516764c78764e

SHA512
aac3f6c32776927b88b3c1650de99e4dea5aa70647f6f23d5ae650faea5d842f20592c0fb7e95aa266864fe2276fee961e1113d808780cdaea902de5a100a529

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF

Filesize
666B

MD5
19b2bacc7a8945cfd70b4fee4ff1f593

SHA1
62eeb30df48f8eb9c643b6840870051b25952c1a

SHA256
bbc36315e0eb9abbcc9b255c8e3bbb1bf2a121c38b555d596a2d822b0fd84c22

SHA512
0ccf4103a31d9552fbecd168cc2b8dd96c4bd6416251dc101285c1d26c999916495779b5b27cbc9d30cf3c2e15c0e17f9d2acc33d55298cfdff8c61d701200f8

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF

Filesize
666B

MD5
ddfc9f24b9c3dac2c5d8006c01e2c076

SHA1
7c2297e58db6568404fe10b6b097cd11e177b11b

SHA256
d11020712fcf99646cd843699ebaed97361e4efbaf61ec53f35335cba679f827

SHA512
6ef57ae933913ca3da4b5bf7b51642c82ed38a279e92fa6ce7794e9e1eaa70a8336350cf4404128fbdb5194e682559be54618c13a9fc547ec615a2099a44ba45

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF

Filesize
666B

MD5
b2a85d1801c323c5f9620afff5e97e43

SHA1
d1afad8d3a29b1a3d212e4d815e1c37fc6bda77d

SHA256
be967ed5c6eb44d318fce2ebbca8f123f7d2fcf9c67d5000feb611a86996923f

SHA512
f137dce3bc196500b3078d5f185e076cb119673e503ad8c860fd343e69803d98dce9ac011210fc2ee79fcfc4b9f6084766a63c411ac521204e993ebaca9a8d62

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF

Filesize
666B

MD5
cf3f6d83bc4fbcea5a3ada30a3f39f1b

SHA1
50b30b1549daa9b78aa2ba5de6f25bb8f46431d9

SHA256
8e2c8c418736756a569d85e5a64c67556b2b6126c0a4a924600c20df76740aed

SHA512
bcef7922d66cf92a254edc2ecc2396a76d1c276ec0031a0a93d3ceb13337f97fad5380b0515a998ff41d3c5bc948a5ed17e9374c3d3e6277ba623942fea57d95

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF

Filesize
666B

MD5
9f7e15eace6f8aae9d9a0dd96697e92c

SHA1
c09bd55ca0051c9a8205710ca93bc4e00c2d37fa

SHA256
64fc092a2a38a5f32b9d5602aed2c0224f064ff4ab7bcfe214062b84de0bc571

SHA512
88b5073f9e2f24c130a6052228491906bfad4371c35806ddd0bd1cf20d6e43798d7467f72f3668850b9e69ea6308abfbe4c138c5ffc35762a59a9d9c7a62af54

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF

Filesize
666B

MD5
a94ef844bc5f964317a525f4573432a1

SHA1
ff78a9a9f6f6ac4c8169d16ae9813cfe0de10bc1

SHA256
36225541915439c68efe248cf2cf74a69d44be066980fb43868021598eab1f28

SHA512
0989bce6e2d0804164665fecbc075877f8574ef5014d0f0d9205f3f38e281b8a9234fc6d287ff0bee3285eaf36c71bb1f35d22e04bcffa952f7f463a1b0e84ac

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF

Filesize
666B

MD5
615a04a7d2f775b9cd62cee9d4e509d0

SHA1
8c5fe704e953281441a9da2da7b211903bdb4cba

SHA256
735a3cbda2eed6ed55ef997f4bee10ffc66cfc16946056188c97f1cbefabf590

SHA512
593bb05e83e55cec7d9b41933c5135b6ded7dbc8cb2f1671b9f14991f0eb807d189526b15ebd0d8885db0469f42f34d763840d7c9da9ed5128121f1c23dc0be1

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF

Filesize
666B

MD5
93d8cfde8e7422238afe410c631e6df9

SHA1
7565fd3314c475b2256f842691f7bed199a17fa3

SHA256
4476a868791b9caedeb1ae742e09ad9826bf7bc9319f9dd13d0d37bcc08bfbc9

SHA512
8131bb8c5e4e58df4ede543691e7e9b60522a3e52cfba6b148829314172d4fcae388bba47218ab3a9c83e1eb618f2915563cf98f0730c2850dc05a3f56856e23

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF

Filesize
666B

MD5
dde7c22c7ca11062a50f014d941dcf65

SHA1
4db993b6284a0abe1053a137fbb62368d1575e43

SHA256
40ca2e78f6b6815f88acebc7908159bee442581aa7839105bedbb26b77927558

SHA512
b618688dc92b3c9a801b9685478e520df7e0abdcda1fed4aad86b9aa6de88076d67b89437e5f2ea6599562514503acedb6d87b1c3c865f9c3d6cc1b31ec99ec0

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF

Filesize
666B

MD5
44a7540bdc8560d326789689f7aad62b

SHA1
74ad72c667a10a6b0e4bc25f0cab6b07cce1028e

SHA256
d076aab7ba5c030dfcee91b8622954102da2a70d1ad0cb4b5dd143250b6e14d8

SHA512
8aaac17dc37d17c291ff32b97ab1b1b242ffe5bb54b3db9d26067d342f8d693f3f7784102b2e74ef63661cb28d0c01f07d38fb7224da5e544b7359be88804181

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF

Filesize
666B

MD5
a3db35488a88d0d3a8fa9cfdb6c8c652

SHA1
286b238dd35bc50227e36c4bdbd47f232c0e603c

SHA256
40a9e6ca81e9b6af631eb73af00e2dcc32bf0774d408ab0e18c50e38e78dd99b

SHA512
b95e4cb7ee9d25eb49a75ce858a37100959f057861911dd68a19c32c14704217d2ba691bf521399461b4c61b829702feb767237987ac5e6f40e9cdb40894f7be

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF

Filesize
666B

MD5
3a9ede3fe40f2785579ae5df23f16880

SHA1
ac51ecc59b2e3756559ac73f4d97f862a8a060a2

SHA256
5276420dffd45a02857e37cb1b38908b03985ab79b448b47d5e6830fc9d46627

SHA512
36bcc518dfd78a2e58252ca316cd228414471e77f12469119139685a6e974574d390de83a9e519c3c7016b8e1d08df20a8bdfffb650dfa1cf345ae3a587538a7

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF

Filesize
666B

MD5
59e5b91d2d9a18bd9dc2e4c19cc8c739

SHA1
c6ddc1ccebdc2e95003a9a6d2607d64843d84a25

SHA256
8a5f22af774badaf65bc720ff995c77e20ed7ce7ef70aa692e04561345b79941

SHA512
5e61935d53b9a8522d7bb883ea8c5b89a71db428516caf8a4d937b6c00bf055c3322aab2096e3112a73d02133d214bd9cbd000f8eef566a801954005c37d6cb9

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF

Filesize
666B

MD5
80f363845ef5eec557f9f60281641814

SHA1
9af491ad08e89c9b5da942cce1d3af0ab0859d98

SHA256
cfedbbcfbc79fc1cb087d511c33f848ed77f331ae5c22b46509633421e9217ff

SHA512
3ea3587b039c8d851e07ca841f9c207d988a887359253ec69fcb72d910ce48eaa795aa6d0c7348ed72c9d134c44191511e0c6ab118201b25ff5ea7b0b3544722

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF

Filesize
666B

MD5
3a7c400a65278208833ca4ca02917e39

SHA1
bfb53a8a9fe8f4e08ed3b201cebb3091312b7598

SHA256
e605537816c1687f12d4a5d3ef46c77ca03e2da43318a589ccd3df6f212ad9e9

SHA512
eb0f1f62ae48f0910251511670ef33f59149c7b9986510ce6a73f033216292552af77e1a5afdea606387167d96c549aca2794210b0fc293a7bb7ae04d012dc4a

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF

Filesize
666B

MD5
b77f85417d108677a51c16e5c0acaa3f

SHA1
05e418724111c9f3261cf3b29de6c16c1c89799f

SHA256
f8ad6235cc6af916c064689e59c5bd95c1d4e6eb94b88c0edff327f1a7a533a6

SHA512
db20a8d212fb02bb5ed585850956ad38f1e2a4ab8cef405b48d95923fbb30f57d66803d714bb3b53255da529c824d29e1a4024b6f53edf3e455100484b3df81f

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF

Filesize
666B

MD5
821c565d89eda8d3844dc48eb3980e37

SHA1
2717d4eeab5bf665398f5fe86965b51e897739c4

SHA256
197a06d54f40892f599b9df65b20d9a4ca63ccb0139c88f947cc1ab4ac6108d1

SHA512
47f5e18b0e6835995d9b55d107b64e7c13c100ba6a0a9baa1c374ee531f1bff5e794180cc31637a08804a001373cbe2f61d33fc905fb09776181d5f4e5e60dbd

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF

Filesize
666B

MD5
f7a96ff53c8e6f5d7edf73be8b1e1589

SHA1
c3b2f36823da76cf1d12af7033f1227fc7c04077

SHA256
5d8de31fb6e50594cdf50f7c1fa28cc9af8d85578293ef70bec4d52f45c6af0f

SHA512
9aa5d6909cdbaeb0f3b9b566a7156ffb8543c24ac9a6dcf9d97f99cdb3b3e236ad82a2718c887c17cf7f840ad1591715d1dca4eb5a474677be146482870d2d95

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF

Filesize
666B

MD5
cdf2bd2d9e55d3eb4f17f08d05c9299a

SHA1
8db1dc55b138b11a96df44bd7e38a53cd4c927b6

SHA256
d52655a80200066e72cf6e3b643428e762e7c7876b66e73f2831be383aecc136

SHA512
329ebd92a7f72a12297a94e4d0b701d698f401e5aa9889a529dea9f1fda8bc9b1249a6311e6ca69532d7b7563872f65a29bba457fe679c0950ee946daac7e37e

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF

Filesize
666B

MD5
81e0e6426656d1b996fd2ab3bc3daea0

SHA1
8f47cfacbaed68555554516e873a2337220bac30

SHA256
34941132efa498f9fa6502bbaddfd416ce9d21f6704a9b2c3776974150131864

SHA512
23dd8ce224eb56d096b121c76d0e6b016777cced2e04f49896ff6906e441164aebab52424087383558062d0833e9b2f248fdeefb0c4b0fa76c4e6ac6e2fc0b30

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF

Filesize
666B

MD5
c2102784aa416980e039eba3c07c35b0

SHA1
cfc80b3eafee4abe2dfb25644693ffc89494d1c7

SHA256
052222edc569599a1a0ffddc05d8ce832414aef0ee8e1e77427833f9eabb27cc

SHA512
7a0a6fb06ef3015e03fc64532cd0de132232a38821b580fbdf0754aae487b259a6b30860888ca0a02ea822bb508bbebc4c4bc752192d101dc90aa469cb7461e6

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF

Filesize
666B

MD5
e7e21d32a013d0c9fdba7d1372601b8c

SHA1
4167ed5bf11f4103d8ecb5d4c3d1ca81c5bbf550

SHA256
761f11fcabf107c5a7909cddac851d15a6f08f32eefa580d12ee113ff84bed0b

SHA512
9bc6941bdd0c7a07ddefb971ebd383a26417fefc2bbd43f37a6ff15294050a02aef22e40954bd9a8be2dd775a111cd275601e5ac2eb14137a4ad143dc5103680

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF

Filesize
666B

MD5
c311375455a15a25f59c39d670081d75

SHA1
853722c7f570a4297c5fcbea31c34ca94f181510

SHA256
adc4284ef619041d90806a6e9eb9d67b3d8f8b3f3d9742263c7e47f24d8286af

SHA512
486299fc675ea9f362548cdcfa8efb9494aa30b0931bc34aa6afe8707e7ca1ed42c0496fcdb077b45c460b5a853bb6c9874f3665215b931ccf72f3a00a8930e6

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF

Filesize
666B

MD5
b7e32f704c0e23727d074ce088855607

SHA1
373a01ddb30892dbbe93fda9d9b845278f5a9222

SHA256
ffe035632e3ff14d3cd60ae72bad09242c54b7a2dd358e997b5fb218458631ea

SHA512
9aa7cb2a7e9a29b1777769e57378e8ef3518760785d4592069b524752ecab1f2ec0322ee229cb1f5b05d236e0353ad462616cc38fcd40fe776ffac5217fcc545

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF

Filesize
666B

MD5
14e967a302a4f1c87923e2bf50ac2e37

SHA1
90e4594b14d7c64cd8377e305acc0f85e3800b15

SHA256
9a73ea78469c380d636c82c8fe30c18a9d64dba874ab6a487e09051aa6fa0fbe

SHA512
61fdbf5b9569552d7e104308158170858bdeed614ac8fd0ec3a89f48ab3cdc6806dac17b1883bb2204362a70be6a02bf048190b24d309ace4634d7ee81b640e9

Download Submit
C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF

Filesize
666B

MD5
5388869e08889f1838e2b9893e044fc7

SHA1
df0aa53a72476e310a136c4e7ea66b9e5a6fa44d

SHA256
f692f98cf237ea90bab8a2d0d295f726a58f61188d76f4190481f062a31acac7

SHA512
8ea9f3912bfb9dabd0b9967a75be464fd968673e2e85110340d85b81c4fa381904fd581e7a909aeddcfc4ae2b1ef5d3af4b93210e218d71046dc117780a7326e

Download Submit
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

Filesize
284KB

MD5
2f5f92a139cd258725a15a4d51d340f0

SHA1
73c8024645da59de762017433cea7e915f12e513

SHA256
0b3e805426a70314afded46d55064dd23b4a0dc63fc0b8fa02f54cb835215545

SHA512
7f8f12bc40ca6e06d6f248be75b29f4a6271996eb7d699f9dc8c31957b0a7150d95fd0346a9b2da2ea2d843a56e3415d7f2c8f6848f10897e8d1ac8e57f45f1f

Download Submit
C:\Program Files\7-Zip\7z.exe

Filesize
666KB

MD5
07f60ae2f7e9246d7922d3edfc512cc6

SHA1
9f253da20ca8a17a2432d63b8a43a9da97f33ab0

SHA256
e4ef2caea102857f3d9eabd29bf992208f83aff37db2c6f37e76741e810e710e

SHA512
b90b50f01e96bad498e81be6a32aa7447aa54c406995b1189455fee2ea295ef4b87c44f164660f898a7ffec25db0aa9574f3505385e51bfeccd51fb9e65c0dfb

Download Submit
C:\Program Files\7-Zip\7zFM.exe

Filesize
1.1MB

MD5
ed5843faf24627eaf98f2bf71cbe00e4

SHA1
2c991d1affbb46c7ef3631f66b68c6d39cb23612

SHA256
b0950790b9dbe83b4a72aae9d78aca281913ccec7507c5f7dfb797db71823410

SHA512
dc9e8ddfbf89295663d63034b851246e064d518daa35e0400a72c9d6d195ef2b1854178765e325ca299f1c9dd9fcbefd7b4b1f6e4b6ee0eb478acfa549434bfa

Download Submit
C:\Program Files\7-Zip\7zG.exe

Filesize
832KB

MD5
7ceec4ba7149242d665f7c7e32f4e60f

SHA1
05ed7683f08235fbf47470156a99ee9ec0439056

SHA256
031d387820bcc386407adfd1ab6a23e8a972025fd45dcb58e18e80badc4dd105

SHA512
b030aaf0ae65056b3e10ee4676bab9268ee429139528c43da2521b40ce88d3cccf32903a8a22fa02f3acc6096db659826b596da95308c3cc3ff0aae52181fca0

Download Submit
C:\Program Files\7-Zip\Lang\RESTORE_FILES.txt

Filesize
2KB

MD5
78ede93114e65f9160fd03d3357c56e6

SHA1
88d531b101e57655f1d0d26c6b3257aa2468d460

SHA256
c97412fbf88da8f91099a52888dea4c3f222cd95af3e681e3271cbca8b6b7bb5

SHA512
074a4c741273902ccacb6f573b96d8accedb2ee405dbd04350cdbf54d180c1fd577a4e90c2aae26bf72f3782403f4494db6e3501a04cfd9d7d81a6bc14884b9d

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe

Filesize
4.5MB

MD5
b4680373b88eb83e16026ff61e3e98bf

SHA1
fba032beb16ab67d3bdf5ee83d0149c8df31b2be

SHA256
d807bc2443ac999ff9075d14dee72675a4edaa16bfa65ac169f006e75979a675

SHA512
c1538ee883b3285935f7307d9810a681f357290449eae7a8598f3c32030131e4b8fa3bbad4631f1ea38ab42a9093ce1627ea8f309ee3b52591c5c87694999a00

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe

Filesize
1.8MB

MD5
1b66f057e939a43ac114d007c81842ac

SHA1
0fcf266d806b68b8814b1b79b13927796beceebe

SHA256
aa9a7147c9d768febefb01e7adf64687adc83d1d96e02927b9e91614a0dfde9a

SHA512
38a9d7b29cbe61d21a0a11ab64fecd9a49b8b1219de0fb12df1dc02c1670b5bf7d90a11f1c7478e343a2df49badadeb22ea245926a6024ad992f8e1c518b7e02

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

Filesize
1.8MB

MD5
486906f6d4619b3474cf5c5d32ba27f9

SHA1
fe9d4db7ff5356f52e82001f43c34a1a0998c550

SHA256
9dcdc77e0851e81be9d2a77a50ca9f5922800027378b89f743f06f70e5119c0d

SHA512
9dd5659f774946049d8a5dc0689a08aef5170290a27ce5a75873a41319bc7c4522e73a9eca4693d8c117b55e7b968810bbe1595dd44b230026e31de7c7c2c78e

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe

Filesize
1.4MB

MD5
5503eb65ed394e839304b469181bd710

SHA1
b5d50b11deeac0d243612ce330fbdf2858f4fa5f

SHA256
af296ad0c773cc4bdc203a5e9b61399e547a72ceb9ef810452902bb5bf9083ec

SHA512
cd8bffbde753101f20776d83e9b532188d511c3ac7ab1e352a79da3f6d770714657e113b84ae57b48192275844325df53c2c69693dd234bec2f189b0858829be

Download Submit
C:\Program Files\Google\Chrome\Application\chrome.exe

Filesize
2.9MB

MD5
76f487ed7462bb643bf19a4580e92773

SHA1
87f2b5a70826c82eccdb0c21ed1529fbacd4f7b9

SHA256
caa96f92745f9a04b72177a84cdcfcd832dbbec244566c2a68480636ef5af309

SHA512
4ad5e9f267b365a32b456530fba53535e3fb5231946340556efc630d38dafb6eca2295965b4b10b90b79650cadee42e76778132e9bc6f575427e8a9d52a02daa

Download Submit
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe

Filesize
1.2MB

MD5
e1b837af1ef849b7ea4de19ea0e458ac

SHA1
b9b047f93928c5a6548bb400df9a208765e11480

SHA256
89e5dd994f559bdb4fbdab8f4321540ad39d67c96590b7322444500a4d00eb40

SHA512
2ff05ce5a1e08532485bec741db73e6e00f35a06b9d67dd895d819c155cc77eb2498d5ee7efce50c20e31546e8c8be66d6573377a33294c5ffacdb8e34bf5ed5

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\java.exe

Filesize
226KB

MD5
e8bb7cdc19609e6ef995435c65045f8a

SHA1
f185aed40c020c3527bfe141f04ed964eaa4dbae

SHA256
db65358b51913a4dca30d2fe715e1e08ca39c964e56931c4bfbb1b5f233e654e

SHA512
db347e8431fffeb75b1c4a3f7bb5f31bafd22a554e6001f8606b6b25c13fd91f7c03a6aea326b816a7ff9b9127e512051164a7e8718ad82af5ffac823fe362da

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe

Filesize
226KB

MD5
d07a9a6923ed311aef4b1e4c50bab256

SHA1
cb651fdd2af43f6948ed868d2ad13cc0bd5a5b43

SHA256
78586ba5e2691504bf7d3f203194fbf48e0ae1cab1ed7595afb9589a21d02dcc

SHA512
a32be115d0fd8d141ab5215f8216c264ac0a625c99358e5f37aedfff8f8490327b646aa67b45b1675e7427359aa27a0f354f04be86541ae4e77bcb0b281a3f07

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe

Filesize
390KB

MD5
7af8349830befaab39bfd89f17c1fcbb

SHA1
09b9492d3115d89607fd51a5540cd49163f9b2ea

SHA256
45d130135ce780a9a385c252971447f3ab26e38bfe117ca367b2d428c060e0e0

SHA512
5dbff0742205f7f815d80fa2623c661e1af7f20f336d40a42ab5d7d0f072a36c50076c2faeb6a637b3cdc5505e5efdedbd2249ea86696c18c1694cc4508af590

Download Submit
C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe

Filesize
338KB

MD5
23cc21a1ef64494a6ad3fae065337ed5

SHA1
48f3520d07ffd037ccb5c878193dae5b74105606

SHA256
9d87d57bdbb693254abc12c893a687f77011eb4ddcfabbb887f5bc0736d50475

SHA512
d51f5d4f1ce621643e081d66e7b4bafc5358a758d83c525897fea6d1710dd26873f9b8e0cafb1ffa9f0936135962300d9b2a6ba0a220d94443369fa4cd5290c8

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe

Filesize
226KB

MD5
e97c00f2ded7f11cbe57203c67f6782d

SHA1
ef26b4fc8c1fe9beafc234af355678b32061b3f8

SHA256
e318d7b54cb030fde683219f38f8f59462f555ec1991980bb67132d7147210dc

SHA512
a1e282fd4ee1421ba1d93473a832cd177f1069f26b17c204f2c4eddc56bc547abb485729ae83c352e3cb194860aa24a38d86cf2567874798c29ee5a3556e708c

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe

Filesize
226KB

MD5
500802b39e221c2c1912b0c26e46d12a

SHA1
c02e847e6eef15b2c27ea288c321e205290fbe98

SHA256
5f020279a1054c9bf6a3d9e43c176995e0e26a08aff290b06725d0ec41d1c9f3

SHA512
0c52adfa105eeeb29a0d4c27ae14768b85163a0334f8d87769f8aa7cba9fe2911b126465db5f122fafba81b8a26bf820a152b7ff761c9ce109b78ee25b2a6e5e

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe

Filesize
390KB

MD5
c2d8b1b98e443763a1e992650d0d36e9

SHA1
ea998c6d714451fb3cf9fb0fa2cea1bf2bb54adc

SHA256
8353c1368be4c3685ce902c9bb014d237bb94224201c4f15fb0349d548caa776

SHA512
8e1a3a0e1be7b184cfc09e76de36b3ded1aeb5e8d450ff5f1f0df8561778aba2cca9f00ebb3105558283108b2a503672573897fd181c4c88a6c687a2d4ce0ec6

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe

Filesize
147KB

MD5
b92533fc3f273425638fae149dc0c5e7

SHA1
19f4c8c0e1db2fc6eb42220acebc553ff6e673bd

SHA256
ed63f19119a594443b3c3cb0b04a10dcc21dd8d724f09e33f7789a3afe6a5656

SHA512
3fa32550447605b60d0bab38b02881f49af1ca57b6585876e7cd2e482a588cb27d19249e7be4d9c79cc7475cc504cc6ae99f93065207d4097493b0a0b202e024

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe

Filesize
104KB

MD5
ddd88e61b4999ed955b687a4c7585413

SHA1
f9f50d134bc084f6717b5e278a7b74fb9a87fe02

SHA256
d7f7e93515ba96d7d044f5821bf8ce4047aa629d03b4c22a64fd7e88022fe730

SHA512
cb73a1ea381416c3607aacbddfc140eb5f875b9f4ae80875eee9f2fb77d10848eb2e934dc23977da05bb3014e76526cf0266db234cea894684853817deddd912

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe

Filesize
338KB

MD5
580241219b653fb048fc0ad0e2ff02bb

SHA1
ef6f91fa2b318a39c3c2006f79586ffe813b8f18

SHA256
0e2784baed3fd24568aaa45cde94edff156c3ceed3d3c832f0694f78bbeac9af

SHA512
60fcea6ee7edc15a3d055e9fe6745c88d315d05be85cb0db24f9b3dbf5389304f0f08b978b2424ec1c1b86710018f322c3a68a7d6975885b18a47216d9043e7b

Download Submit
C:\Program Files\Java\jre7\bin\java.exe

Filesize
226KB

MD5
32d2b5550a5dc2864a5760c8586fd6a6

SHA1
121f24435513540f912d3e560cc123778272d366

SHA256
35d9fcb99be7c91d5eb843cff98d957f59cbcbfe942c0f1ce47045de74f91c34

SHA512
8cd3b7a293a00b3c21212dbe3fed1a681ae8da5f7f7a178aaadf9a72199eb02185ce94daeee4c83acd9214c379bf4fabcf71754de146a179e88612830a619583

Download Submit
C:\Program Files\Java\jre7\bin\javaw.exe

Filesize
226KB

MD5
7f9b392252cef270b480856906870bd9

SHA1
56aadfa48193037f36f9f0ad66128a69e538884f

SHA256
e19bb5f1105db6c3b6633fa04332526c4d3e61590c90df62c4dfbca5654e79e0

SHA512
287fa21e9ca5c9d4f81605bd50f5a4d861346ea3c63b7253881a543bb9e5cb904d315117ce072d50e9a4a96c7573553453bd5bbe46d9563f0b1388b0f688e3a6

Download Submit
C:\Program Files\Java\jre7\bin\javaws.exe

Filesize
391KB

MD5
57eb2fb7478dc7bcd00e53d97ae2f314

SHA1
43b051d597a711be584d4d49906ad1de404388cc

SHA256
866c19a7349fad0b6c762d20ff14591009dee5adafe84ad6751d079e0ef84a2c

SHA512
f7b86f33e514912c08bbbf788edfc4d0c9805b45150dc37acf88c75e822136a07d5564390c95f751f41b29733bdc8172b9fa7a10d2315335397d65c191646b2c

Download Submit
C:\Program Files\Java\jre7\bin\jp2launcher.exe

Filesize
147KB

MD5
454e7d2e3bfa4dd27325579199193152

SHA1
72a62fed342377c353b48209d75d0240393e404a

SHA256
5eb6c489c4a02d9e19848794814b096a7e0bd841e82280972189d36a1a43115c

SHA512
c28fade51d7e8c87836dc152051f4f961603d74d5ab218fe15de0e09ee08eea4c7fce21f0bc2a73d46666de0e7488e7e54971d96627ffa39ca1a21249f633dd2

Download Submit
C:\Program Files\Java\jre7\bin\ssvagent.exe

Filesize
104KB

MD5
a22614eb7f4b6a28168b32cdf0d04339

SHA1
572621cfd67366de7678df773da20ec669c26b24

SHA256
b895e976303713c9cde4fd9b10fae18a60455eabffdc9e6a7eb8e266f09188e8

SHA512
52a62c705a7ca20acb2b8a9d617cd93a8ec8728d5b4c94169fe1fb7d5a66529db883b4c0ee08a1014a01b0cabba287b3a31d89dd168874c2a69055147b77d9de

Download Submit
C:\Program Files\Java\jre7\bin\unpack200.exe

Filesize
339KB

MD5
a90c5703a123c74bbbdf3f9f4d8321b7

SHA1
0dd1628cae935bf1f470aa9ae9949c060ab16eab

SHA256
323c2bd3530948af3676794e3810012c4d73cbb601a2ffd67c3426f1351d6577

SHA512
bc91faa0666ffc8a8a8b73061419436d1fe12f760661f9fbc9132e69fc2c524f2e7c57785fb0a5733ae973dd6da7dfc8f882021d0ab45957c44cdb5b6af5cc3d

Download Submit
C:\Program Files\Microsoft Games\Chess\Chess.exe

Filesize
3.2MB

MD5
f48e039abe6d506f308b6c0ddae4a928

SHA1
50f47c9e1a120f8784d551b7e75e929bc05bd93f

SHA256
7087e78b6dfeaa7e23ebdddba530dabca91865aefd0613a2b8f54057c0738dd0

SHA512
034e95860af726a50cd87a02e62afd78eabc269a9bed1d50b70ae2664be90c19592280e150e2571628da4c81b12db642075f9b6a81bffa7dd445310c8542d135

Download Submit
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe

Filesize
969KB

MD5
209e128a9521534043306bbf5cbe3db5

SHA1
8512fa1b9a75f71293e859f9e0670f33ecc2b119

SHA256
dbdf2e22599790fc8306301109bc4520b3496f74126edcad0ba018c690862e97

SHA512
6826cb03f8469a2a40e86c6b48dd72a98ff83fd7465941aae97d4b7aaa3fec9760b0b8539610f1d8befc4194474abd3aa64a4d424bc43c12ae761dc4dfd92494

Download Submit
C:\Program Files\Microsoft Games\Hearts\Hearts.exe

Filesize
788KB

MD5
41565f9332b8a3c95ff62bd8ff11be5a

SHA1
3da1075b9f5bf734f86c93e95c112cadea5ddbdf

SHA256
9aa30364b76b5f33377b237d84f41451a8b4ebdafe2653241d316acf90f41c8e

SHA512
fbcd03920a4358c53f86d64657b42cded4c1a908acccefa58512c44e528db25a7372cbeca1a25d68ca05988130bf99023cab6c950153faa152c9ef5c54b7cb05

Download Submit
C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe

Filesize
951KB

MD5
6686987472e68d0283dbd20355246c12

SHA1
cbe0bbb3cae773165de89dc9794069221ef2cd5b

SHA256
5e021c3819f2679a52e908f1182178166d4db8e43ca2e59fda605719d7995fc3

SHA512
c7e1e81e6fcb68b3ee0de369ffc60f8cfc4c9659fb5eb4661dd155fe359eea9e24f1a5f7cb2f20ba6d28a87e723375d832f6b95c8ba5b7ede090725feaaa5ecf

Download Submit
C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe

Filesize
1000KB

MD5
66c73e8b6c65e974788db95bc8a590f8

SHA1
9efa3af71b43c78c1272ea4a42f9b5e61a0ce613

SHA256
45e3e7693d51cba5f78c59162b25115bb7562f28ab9744d07205f613e1197cdb

SHA512
d695c953d06437b472b5d8ff10f8f03639e8b754d9312e6d918760045568a5ba353b6d48ad7e876597ac83d265791720a4b057279b264684f81bd2726b2040b3

Download Submit
C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe

Filesize
1.4MB

MD5
80d665e16e014f103bbe0d763cc98831

SHA1
3c547a4117265a5a5fb08f5c1682d60a287c3170

SHA256
7cb9b2b9f023cf6f1bab9861e1c43d566c032d241a1dce902f93ba8ca1a7d40f

SHA512
109dfa3c1edfc34bda5879e4dae433cc0184193da1abc4b94f81db618c967339ac119b8a594b7a35989298e7f2e2bdcfcdc770ac90cc1064d19d1f3de69265b9

Download Submit
C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe

Filesize
990KB

MD5
e8e19cc511a6df592394bbef1fde7079

SHA1
3ba5d82a32d96ceb6f318981c2f515c921ba043c

SHA256
c812233b62a564a5806e4679d1208288365da78860c05702d4503ada8e63e0ce

SHA512
bf04bfaacae5913583b99f9e0a9f6954163101e5759db1fd055be6abadfbc28bb8ba4bb72b8e7aa23d7095f84a47b683c05094b8e27190914fdb6068fd05e8a5

Download Submit
C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe

Filesize
991KB

MD5
c1cf1e19e9bd9196cd3ef5400dadc10b

SHA1
25db663ec5da64421feea0e64941d8ecc4aaf794

SHA256
a20cefa3643cd4db55b3f75083c9bdc377d5a6d1cfc5e486f8f9c4a4c548aac8

SHA512
6a696beca172b2023e5029f67ea9ccceb985b28047fe37a8770e49cea0d37e5e1aa40d29f90117f1d22bf870f2b976296dda5153d5995a95192b77c8071e6d3b

Download Submit
C:\Program Files\Mozilla Firefox\crashreporter.exe

Filesize
328KB

MD5
fa23bb08af0e5130ce1c0691ec8c5853

SHA1
6c9b28287056e4e43062f9fc0dca2aa7f7d67117

SHA256
6b47c46d2f4202d88327296536615e6c065b6b7f7125ec18e07b3922b10fa345

SHA512
9d05c9f302a09b28f1202be8ca145e9b05c37b77cd74a34dfff43e2d8c1333b609a0e676a5e2d6c8f0d9e1cf7b418e2c1ee3f4da1c15931f65bf68dd8506c5f3

Download Submit
C:\Program Files\Mozilla Firefox\default-browser-agent.exe

Filesize
805KB

MD5
811994ce61e3e1c0a1e795d9d004a64c

SHA1
5db1333a11e6d2564fce48a9da4bc09a5ac2a705

SHA256
3abfcbcaa850bd3e2d86fb754ef7bc9bebd13512a0dd68a712d2c03760ce642d

SHA512
8bf57d821e43b3e327e900acb96f820a678319f98b5c29be5a590287da407bd2502c303aa3968a60c24059698341195a52148ffc29f5095dbe81fb3e323f0eda

Download Submit
C:\Program Files\Mozilla Firefox\firefox.exe

Filesize
774KB

MD5
5efcd1b89c33861ab8025c504f84dc57

SHA1
7ecdded653a188df8ba8842c537201c13696b93a

SHA256
429df6fd097149f544bb2d36b1e2ede9836512a1e845276aaa7e8186123a5413

SHA512
bdddbb446e0c68cb97f19fe1c1898e86b9b2857482c000cfe5e1ee4ef603a49196289eb4a4277c0c6103c88d36360a57b3723bef0cce3fa5a4a37d6183d3c79c

Download Submit
C:\Program Files\Mozilla Firefox\maintenanceservice.exe

Filesize
284KB

MD5
9c8b7339ad715db0c8931cc4a7815a10

SHA1
e78e83eb17601b23ca7a43efb5c842485417d6e8

SHA256
fe8c8952a6d600851a1558e5af730e11280ccf501920948fe751872b68ee572f

SHA512
cbf8e49ce04bb36a55c259907ae932bdd820d7a9d29ae56c02f8f3a402af09fb8442f9110a6d5184e2d6b04e9a130518a05d912a35fdb2f9f1765492df3c928d

Download Submit
C:\Program Files\Mozilla Firefox\minidump-analyzer.exe

Filesize
840KB

MD5
8ca36acca13a07bcc38e6e2ad1da5c1b

SHA1
86b3c8863534d3ff400d0c47fd5a6bfbefd492c0

SHA256
a6028b29542362c366c1f344d6561eb7bc9f84293e2b0ceb95476345f23d7964

SHA512
f636d85066fb256048c5195bf25f49a61b1f7990470ceba707cb75acdf67e86ca1ea008cced2e8be20c3ef2f4e75ae1b8392adf4f4a0b196517941af26073051

Download Submit
C:\Program Files\Mozilla Firefox\pingsender.exe

Filesize
123KB

MD5
51f5ea4da268e6e401abf47bffe2eaef

SHA1
faad8d863ae4061d88f7c5daad1cc59a52709818

SHA256
f019e3bad997499fa5a2206dac94c74ee809f7935b0fe482d43e228b111c912e

SHA512
19cb914705be145cf19e95860c9c978b91e913ecd7745caf9fa2fdad441db9bcb194004d5e907b3457ceb7c449a38c2bc9b53b2a2ba39c95fc6b12f2e125fe9c

Download Submit
C:\Program Files\Mozilla Firefox\plugin-container.exe

Filesize
401KB

MD5
15017c9c619a55d11d3cf28249513b4c

SHA1
a41e4b54b80eea74026ef3a225ca13c7ab8b2e0c

SHA256
852b81c9d711075f97e828bc9286d4904ee2ccc0b5d9337c3d0c864612800064

SHA512
707765d25a6aff1d5bbf051f190d82cb9591644b54c1fdb9ff6cb872a51f4a9dfb7880230f092ac4fb30144957fe6cbe0fbadf22c06c82947bb3fb0dd2603a57

Download Submit
C:\Program Files\Mozilla Firefox\updater.exe

Filesize
455KB

MD5
620dbef1a098db05e3db3c9f2c41c93e

SHA1
0bf20fe4306fa2a1580b131f8010011dd5ef7ff5

SHA256
de1d636d9e598028ef078e8629234214c864539266f5733d3287c0b81a2b8d84

SHA512
d73f533d680757909bb525691ab85c8a0e093915d0f754019f14f413ca3031c1a62c31ef76a3079c36c98f145103b4df9976418a2ef1f4e54a5bccbf64ee6075

Download Submit
memory/2972-1-0x0000000000110000-0x0000000000115000-memory.dmp

Filesize
20KB

Download
memory/2972-5-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2972-0-0x0000000000020000-0x0000000000027000-memory.dmp

Filesize
28KB

Download
memory/2972-3-0x0000000000110000-0x0000000000115000-memory.dmp

Filesize
20KB

Download