Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

npp.8.6.5....64.exe

windows11-21h2-x64

4

Analysis

  • max time kernel
    388s
  • max time network
    336s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19/04/2024, 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    npp.8.6.5.Installer.x64.exe

  • Size

    4.6MB

  • MD5

    7c4ec7186e0f2a854518bf3cb4f99254

  • SHA1

    a0bf3fb15015bc1fbcb819d9a9c61f4762f4a10f

  • SHA256

    eedf45e0803ce36c4b745e54fc7a7136d9b364c2a795e646548a4350cf88a366

  • SHA512

    12c9eee9f1bb68e689cb58a2e4d90f75443fa0d444c15b487f3d61dbfdddb7abc805b77e1c1ebe8e4f1a8b573f6dd9aa99103f4a85df1f460a273097a2d38109

  • SSDEEP

    98304:jtvxutyXqO0CybZB+vbE+JRQ0BNh3JBqbw60AKfpCON5inBF1K:jt5gUE+vbLJRBhJoeAKRCYQBFk

Score
4/10
discoverypersistence

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 64 IoCs
  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 26 IoCs
  • Registers COM server for autorun 1 TTPs 3 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of SetWindowsHookEx 29 IoCs
  • Suspicious use of WriteProcessMemory 13 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\npp.8.6.5.Installer.x64.exe
    "C:\Users\Admin\AppData\Local\Temp\npp.8.6.5.Installer.x64.exe"
    1⤵
    • Drops file in Program Files directory
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:4844
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
      2⤵
      • Loads dropped DLL
      • Suspicious use of WriteProcessMemory
      PID:4064
      • C:\Windows\system32\regsvr32.exe
        /s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
        3⤵
        • Loads dropped DLL
        • Registers COM server for autorun
        • Modifies registry class
        PID:5092
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:3000
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {c82192ee-6cb5-4bc0-9ef0-fb818773790a} -Embedding
      1⤵
        PID:3368
      • C:\Program Files\Notepad++\notepad++.exe
        "C:\Program Files\Notepad++\notepad++.exe"
        1⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1776
        • C:\Program Files\Notepad++\updater\gup.exe
          "C:\Program Files\Notepad++\updater\gup.exe" -v8.65 -px64
          2⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of SetWindowsHookEx
          PID:664
        • C:\Program Files\Notepad++\updater\gup.exe
          "C:\Program Files\Notepad++\updater\gup.exe" -unzipTo "C:\Program Files\Notepad++\notepad++.exe" "C:\Program Files\Notepad++\plugins" "ComparePlus https://github.com/pnedev/comparePlus/releases/download/cp_1.2.0/ComparePlus_cp_1.2.0_x64.zip ff4a7c9b32c8cbbda4144f82e0f30d567fb12f8fd3401b4005f7a170a198ac23"
          2⤵
          • Drops file in Program Files directory
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:252
          • C:\Windows\explorer.exe
            "C:\Windows\explorer.exe" C:\Program Files\Notepad++\notepad++.exe
            3⤵
              PID:4292
        • C:\Windows\explorer.exe
          C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
          1⤵
          • Suspicious use of WriteProcessMemory
          PID:784
          • C:\Program Files\Notepad++\notepad++.exe
            "C:\Program Files\Notepad++\notepad++.exe"
            2⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Modifies registry class
            • Suspicious behavior: GetForegroundWindowSpam
            • Suspicious use of SetWindowsHookEx
            PID:4520

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Notepad++\contextMenu\NppShell.dll
          Filesize

          375KB

          MD5

          85c77d1248055e4601fab752eb3e91fd

          SHA1

          8dd40dfd40cd20c0f37ece13342fe6935b678733

          SHA256

          710fc1698f023cc9eb35e55755c8208f81e89c52b625d00c166f83e6dd1fb20a

          SHA512

          dd41d6ac250ae5dfbda4f90881c285e30d519602c1bb6e3bd97221afd853fe4064c9410c1ff048a3fff316cbaf7e7cb27c5b6bd13c3ec83d84642dc5596a001d

          Download Submit

        • C:\Program Files\Notepad++\langs.model.xml
          Filesize

          451KB

          MD5

          399402b2e3df3af5285bc91f5af2178b

          SHA1

          ab297a9b946aed96dff276eec9a24d7c3eece2c6

          SHA256

          321be8c6023eb897e9ff2bc7487830d0740c17db900fcc243256c79e07835275

          SHA512

          405c01737754980cb6b7fe432ec71b7eb9370ceccf33ff5446bd15de231c50232258bdf54519dad370ee7d7db99584aa3068bbb6c926b830213ce9af0fae01e1

          Download Submit

        • C:\Program Files\Notepad++\notepad++.exe
          Filesize

          6.9MB

          MD5

          408f8c0474d0fc0b6f6ddf3e45fc2350

          SHA1

          4a490be6c9a768efe10e7a5da2509b711b0908c5

          SHA256

          a41ecbdc16f1e893c5f40bae38174e14e3d969408b219f3f87fec2460d9fea40

          SHA512

          8a58fd0e8bbe6fb2b83c9ffc8aa223a412f0ff022db77eb0ab81d48b152ef57f5fb46ceff2dae8f58b3c6d1657b978bfe81a33b5bd112e7ec3c4dbc759eac13d

          Download Submit

        • C:\Program Files\Notepad++\plugins\ComparePlus\ComparePlus.dll
          Filesize

          632KB

          MD5

          9a2f71a343a9e0b894b342ebcd4191cc

          SHA1

          a262d2a2c1c05d486a757c6d16971057a752dafb

          SHA256

          3d37cb219dde488c87250758acb114ed71dd615a46d8228336c74e1eb17ae848

          SHA512

          0ef6cd1953ccbb502fef8636fd081fe5aba83be366b9c0989a53a447e25001dc6a3dab106ebdab761ac2bd7cdacbbfd2b7d01a877fab1bf1749b460daf31312f

          Download Submit

        • C:\Program Files\Notepad++\plugins\ComparePlus\libs\git2.dll
          Filesize

          1.3MB

          MD5

          1e1a8f25970c23d06384048c99133ac8

          SHA1

          1f2eab15708e82974ead5ce01f1f13d1cbf991eb

          SHA256

          2259679aba1be830e3420a01cb3b97d8f1baa00270f7106bc60b6cb2b94178c0

          SHA512

          76abd2fd65f9c9c4f366021d4f542396839a0801851565cd917a6ef5979298a6c86601ca358312ced7b8fbcfd76f0b2348e8985cda52cc309196711983bc7756

          Download Submit

        • C:\Program Files\Notepad++\plugins\Config\nppPluginList.dll
          Filesize

          208KB

          MD5

          ba89568a2eb296659405503ef470fefb

          SHA1

          ec030b4919c1ba1a84eca732433e8c891bca353a

          SHA256

          0d48413e605aa2773b0795729cfd2585c085578570b57ad60eb1cd0ecbf077b9

          SHA512

          be6f3e36fb16d7cafb6313de2fe9e88ba7a84c9460941d3ef11bbbd2892f1fd7f61ad9b98509305e50810dd6335e3e607ab2193dd970feae3bfeeeb22e7156de

          Download Submit

        • C:\Program Files\Notepad++\plugins\NppConverter\NppConverter.dll
          Filesize

          198KB

          MD5

          c98af1cd13ca8f3ab42bf8771a25feb0

          SHA1

          c0b224b6b3cf9991941d9d5da14bd02133082bfd

          SHA256

          62a28ac30acefa3e197c8c87ff6efbd19a879678286510cf39f8d69c36469292

          SHA512

          4307c779647ed8518289583bbe5b9efb143a903ff64933a737354484fcc311ac59d2031bf7f47622ae5be05bb9481ebd5dd954193e9c35edc91445d0ddc35262

          Download Submit

        • C:\Program Files\Notepad++\plugins\NppExport\NppExport.dll
          Filesize

          153KB

          MD5

          75cc64b1fffb7ab95ce2a73eb050d72b

          SHA1

          1e8ef609079714b9b7f31976ee0a85c5c8cfb135

          SHA256

          59cdf2564ea4b1e7b8f2758828c16f0f8f19e15bedf31b293268b39df6a5e6ec

          SHA512

          d5f505c1e78e60e105428c62417dca9c32cc801b5a7fd3d8fb8b3fd60d2ed92eb6bd3e13ff2235673421d07d93d04ceb856370928734186ca107f4d8a49ffacc

          Download Submit

        • C:\Program Files\Notepad++\plugins\mimeTools\mimeTools.dll
          Filesize

          145KB

          MD5

          e2723a2c3f046975bc8f0f46934998f8

          SHA1

          a1af6486d5c088c80b8cf9f06227f7dcad4943b8

          SHA256

          01215cbc07d7750f95e55db9c44d885ae377741de75c519c8b4050393933deb0

          SHA512

          3f3d2bd6694215e916926c01d248c37b9f0b3ad7f52507205b0f43d2f4e8a01d002001c65ae734636bd3548eb41db589ca730af9644be3a03cff9f65b1640e25

          Download Submit

        • C:\Program Files\Notepad++\shortcuts.xml
          Filesize

          3KB

          MD5

          fb573784b83033dd4361f52006d02cb8

          SHA1

          0a2923a44ec1bd5e7e8bc7cace15857ae03bf63c

          SHA256

          37a24662cd55b627807bc2bb7cbba5bbf2abaf6da4dd7bbb949bfaa7903eae9c

          SHA512

          753b44b5e8bea858cf5cc5ddfdc38098a2f3f921949cf98706ead95bdfa1de7ab0c115e9d69237623a03c422969480204c69d3ba277141527458c68230d0c67c

          Download Submit

        • C:\Program Files\Notepad++\stylers.model.xml
          Filesize

          182KB

          MD5

          fcaa4458825cfef7e7b4566063dc823a

          SHA1

          9193f2c465d9d93f0fed2d969ba2cb582eea65eb

          SHA256

          8c9f6f2016aee39c9a7208f4122c4d011ccfbf49b6e931db1d80f225bcb37448

          SHA512

          9f396b40d975ee91628a4f558396b7dfec40c2fa6e728d9106f40647d9661203f4563e215d30b8d919be2811affe9290dd5069ed21384b1ed9a312bae1a88504

          Download Submit

        • C:\Program Files\Notepad++\updater\gup.exe
          Filesize

          789KB

          MD5

          8915ca8f839096861bb282714f46d39f

          SHA1

          3a04b524456b99946d5b7666a96f119f07987fff

          SHA256

          901da2980ed18d66fee971dbc5b2886f03abf4dbed212e8882e4beb9d12f456d

          SHA512

          8d2aff003d9b0130acee93fd3ab6bf18ac3419742a1f618783ca196d809518aaee4458cf60f349f8b89ac25ace0680ba48f510a8a20e6a0c753b8fdd73680463

          Download Submit

        • C:\Program Files\Notepad++\updater\gup.xml
          Filesize

          4KB

          MD5

          abde55a0b1cb4a904e622c02f559dcd1

          SHA1

          1662f8445a000bbf7c61c40e39266658f169bf13

          SHA256

          92717951aae89e960b142cef3d273f104051896a3d527a78ca4a88c22b5216a5

          SHA512

          8fe75fb468f87be1153a6a0d70c0583a355f355bfe988027c88d154b500e97f2c5241d9557ebb981067205e2f23ad07b6a49c669cd3e94eaa728201173b235a0

          Download Submit

        • C:\Program Files\Notepad++\updater\libcurl.dll
          Filesize

          732KB

          MD5

          d553035a7905706e174743d199d27874

          SHA1

          1523ebcfc787fef70efbc32cc1004ef7124c4b9f

          SHA256

          68896042ba79fcab99d665599cfaf68ff800e631d4d65a5ede0340fc77a8162d

          SHA512

          65565d259fff60999036a26b44f92a119c63c38cb267287ab53103431b915c29cddd31ef6376b0f3e68bd3c9a74d47a36faae1dbbf759311adca4163b013d347

          Download Submit

        • C:\Program Files\Notepad++\updater\updater.ico
          Filesize

          130KB

          MD5

          4550bd860351f6a78c739db8a37384dc

          SHA1

          b09e179b906d8477beee211724921e05d0126b41

          SHA256

          fb40c912b218a71bd7bc1aeef5530165df60d0b4f896929f989b8ff37a98d459

          SHA512

          29729d0244192370d6fb6d8b7243e4610cbdcea52ff69805b16f019b9e0b570ea71a0f1773bcc0b13ba39252cb201f2a12b473c2c1fe17b16f475261b723e032

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\InstallOptions.dll
          Filesize

          15KB

          MD5

          d095b082b7c5ba4665d40d9c5042af6d

          SHA1

          2220277304af105ca6c56219f56f04e894b28d27

          SHA256

          b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c

          SHA512

          61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\LangDLL.dll
          Filesize

          5KB

          MD5

          50016010fb0d8db2bc4cd258ceb43be5

          SHA1

          44ba95ee12e69da72478cf358c93533a9c7a01dc

          SHA256

          32230128c18574c1e860dfe4b17fe0334f685740e27bc182e0d525a8948c9c2e

          SHA512

          ed4cf49f756fbf673449dca20e63dce6d3a612b61f294efc9c3ccebeffa6a1372667932468816d3a7afdb7e5a652760689d8c6d3f331cedee7247404c879a233

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\System.dll
          Filesize

          12KB

          MD5

          4add245d4ba34b04f213409bfe504c07

          SHA1

          ef756d6581d70e87d58cc4982e3f4d18e0ea5b09

          SHA256

          9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706

          SHA512

          1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\UserInfo.dll
          Filesize

          4KB

          MD5

          d458b8251443536e4a334147e0170e95

          SHA1

          ba8d4d580f1bc0bb2eaa8b9b02ee9e91b8b50fc3

          SHA256

          4913d4cccf84cd0534069107cff3e8e2f427160cad841547db9019310ac86cc7

          SHA512

          6ff523a74c3670b8b5cd92f62dcc6ea50b65a5d0d6e67ee1079bdb8a623b27dd10b9036a41aa8ec928200c85323c1a1f3b5c0948b59c0671de183617b65a96b1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\ioSpecial.ini
          Filesize

          1KB

          MD5

          2865f7249a299427280e494b3eeb1d92

          SHA1

          9363c7e1f4ea5222e8c81d213ff9759484bc263c

          SHA256

          0627819fa59b1ca6fb19d4dc7a4b3a272f46209fe01ec66a944691e38c501da3

          SHA512

          e08397e013422bf2f25e1e2612c6a1b51847945f6edf599ee87912fbc070d219d777df202655fc4009e924cbcc5a0043d006bb7d76402623f2f2d53fa648df92

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\ioSpecial.ini
          Filesize

          1KB

          MD5

          9682a69b319e5b352545626911480843

          SHA1

          3add24dfe21fc6db118d2770eac877c9a3fa160e

          SHA256

          8839327c41865683800f6a508c709019cfe7ca19252b62cca6b6588693feccec

          SHA512

          e50e6c00582a458e1f4e2a94812ca6ec3a442bb65ac98096008020e03d0006d8c446600143088f1a70e75850c46a9c16a0eac54d677e99d4fd56d21db915bf26

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\ioSpecial.ini
          Filesize

          1KB

          MD5

          083a33d104ddbbe1232005b4424d2d31

          SHA1

          e9bb77f5e4664a1965e7f52d5b61872d407201e4

          SHA256

          98ed72436106facbbb7fa83a04fe11002c366434e694cb74223b13fe5f13bd8d

          SHA512

          6efae7d7d42591ea1091e67e4dd7d81f20a9dcbad458541cb13b9f5a5729b4ae7114ee780522dcf6cd824753573e4cbe1d015d21418d8ea243af41fa0438ac34

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\ioSpecial.ini
          Filesize

          1KB

          MD5

          d7511c8ab1af72ba436bbcff62cd9c0a

          SHA1

          0449531aaf8f02ec69b8bd8b7b90ad4f2e78baeb

          SHA256

          8d271c241908c70ac2272be7b95138b6c2c1129535ce479f8b53d9757ee7a8c5

          SHA512

          3830014db61d58acd0c9ed95640a4154dba4d23f3cee0f4e5779460837fc137fa07120aa79df256e3a5bca3e7d8b60f36ec1e255d83ec6b43331b287748c294d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsc8B5A.tmp\nsDialogs.dll
          Filesize

          9KB

          MD5

          1d8f01a83ddd259bc339902c1d33c8f1

          SHA1

          9f7806af462c94c39e2ec6cc9c7ad05c44eba04e

          SHA256

          4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed

          SHA512

          28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\config.xml
          Filesize

          7KB

          MD5

          1e3ef6fb82409b74dc176393f725bb86

          SHA1

          02750f20c5b9290971a2ee29b4f1919e9170f415

          SHA256

          53209d14dadc4a6d349f7941066555d1a405801a4440cf07262e8d9fa5ea2484

          SHA512

          6dced4796ceedcbd32ee632b385409b44fc6e83860074c4b66d9e100209ec594c4a9611496affcc5c4b777215f3fddc245ed0a5f4d635abe16f8e4a5466847d7

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\contextMenu.xml
          Filesize

          4KB

          MD5

          fde4cc09d1c18c6cd7c1a4878e89d27e

          SHA1

          22fba21b254fed1a60da5de2b8af3cf6e132b647

          SHA256

          43ac0b7ba9b1f91fd8d4841b8119344e6212b307a1decccf61658f31d38bb425

          SHA512

          fcc87b93cb4dd0949e82edb7d2788d7abd317f9f4c5f046ceba1cd85a64b12b29c6baba3e8646265db02a48a2dc20c3b5e893a1334d9b1e91d26692b4e9c2d29

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\plugins\config\converter.ini
          Filesize

          646B

          MD5

          f07150054a6afff4d8e9d58899167722

          SHA1

          e092cd960ab728667d91b37d64a02d7f6821518b

          SHA256

          5b0a08439e8e93817772f84e1098f14152d9da36c2601a0600ddaae6f61359d0

          SHA512

          8c86aa4c058a8ab5fd26f21cacc8ddaffa8ce6012bb329d3c5b817da00b4b43018a575c768d1921c6eeab7537f172c7cb3de658b014365ea52fb3c87547182b9

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\session.xml
          Filesize

          193B

          MD5

          5d261612f9233dc1754c83fee2c5a854

          SHA1

          16f3543dcc6ed0bb3f111e6bca845fe1cd1a20ec

          SHA256

          52226d6d91ffe76d8aa3ce42982da9bb4881f04eb0d8d4ebb34a6e3204845901

          SHA512

          875bbffd4772964ada70a4cf3aab6e9f6193757dc653d2cf58642156b4b15d6a806b86b6252f6bfec503065d3f7384b248b669064327fe74a948d9c273084bba

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\session.xml
          Filesize

          864B

          MD5

          48794b5b7aa4f9d401dd2fd4e8923a5b

          SHA1

          2449825f9a30ffc68b01589bfb1f2767a3a846a9

          SHA256

          04750e3aae4a9d6674d15edd1157f647a92940a3d5978d73c8325a9c418b1cdb

          SHA512

          bbbc37af9a537a9a0ba458a9813f53c6e65528295b4aaa88c36eb779b83f6a44812ddf0ea3f286eda41f8ba964d74fd174934aa811a4ef4b1cada996557f9954

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\session.xml
          Filesize

          1KB

          MD5

          f087326e37a0bffdf31f8d588612a488

          SHA1

          8179db99440203ff3d8660b60f8e1ecde87cf4f2

          SHA256

          01f64d33afa7660dc24b7b5e0a5796ae25e25e1b8b92440f15f5867f22dfeaab

          SHA512

          c39def2e667ec1ebcbf239e802112f507de525250ec0cfbce9411cd08220a6746d70350a881b92e8f2a122f5ce0e23ca2b283b7075f0b4b84b33afad11cc5385

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\toolbarIcons.xml
          Filesize

          2KB

          MD5

          bc4b775a277672fc7edf956120576ecb

          SHA1

          fe7c2db5b4d4c5a3f5603cf56c4d71cc9ee2d71d

          SHA256

          4ec98de37193f41242c1a47507bcc4c1af555e71154f7354272bc3e664e19877

          SHA512

          f87dc3ce52831ee308fbfa2b1b94c07e2811e7028360f046e012f8ea5a8f0ebcd362de7a663dee810c3da0791474c1485b1a2626c7867e76236156b125ff39b2

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\userDefineLangs\markdown._preinstalled.udl.xml
          Filesize

          6KB

          MD5

          672e6d5f89887666ec94711e442644e0

          SHA1

          8d069ae93347316eff0dcf7aff4d22da18a62af2

          SHA256

          b34fe6811dacfe49d77d434123867e866daf6e0e27387a0446887dabe8943f04

          SHA512

          8fc5e9bbe027826304fa6f329fb16e4c9e4e7a597d87e9c691ed6a9f505b7bc1967339b43c6426105432a030260b0654468ab8fcbb4312b2fb6ed6c6aa537edc

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Notepad++\userDefineLangs\markdown._preinstalled_DM.udl.xml
          Filesize

          6KB

          MD5

          3690cef1865e32fe6be1b2ec7656539a

          SHA1

          bc043bec63c310a60d9e242810036460c467945d

          SHA256

          e45e49f0895249d951df2c07e0f06ca1242e05c961dd921e5aa2781ae2e7ff25

          SHA512

          c2be869d96baec2018e13dcf5934dd9cf74146541e852cc2eedb4d83a8af23e2577cde7a0158fefaa11056416ff039df3a7725e320620193e9bfe72c8067c051

          Download Submit

        • C:\Users\Admin\Desktop\new 1.txt
          Filesize

          4B

          MD5

          098f6bcd4621d373cade4e832627b4f6

          SHA1

          a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

          SHA256

          9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

          SHA512

          ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

          Download Submit