abaaf81a4519d27ad0d9083df40da994555f262c0b89a45193c5f94c7d534dd4

Analysis

max time kernel
67s
max time network
50s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
27-04-2024 03:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
Size

276KB
MD5

025cd026448c2959e6d9d6df9abb01c5
SHA1

fdce4cf20b4b56ec9813a2e6deb6bd42398fe6ef
SHA256

abaaf81a4519d27ad0d9083df40da994555f262c0b89a45193c5f94c7d534dd4
SHA512

5fd08f32ecc01cf7fd99a6d6f264f063e06ec89b36e3024b84910a77069c81f3409a25a23064378e92197e2ede5fda6c6777305b74de93982fc7a91fae540ba0
SSDEEP

3072:aPP3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBPL:WIlKgzelZNQSBQGH/CSpWqTx

Score

6^/10

ransomware

Malware Config

Signatures

Enumerates connected drives 3 TTPs 10 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

description	ioc	process
File opened (read-only)	\??\E:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\G:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\J:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\K:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\L:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\N:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\O:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\H:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\I:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened (read-only)	\??\M:	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

Sets desktop wallpaper using registry 2 TTPs 1 IoCs

ransomware

Defacement

T1491

Modify Registry

T1112

Processes:

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Control Panel\Desktop\Wallpaper = "C:\\windows\\WallPapers.jpg"	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

Processes:

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\RCX4A8F.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\jabswitch.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\RCX4921.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\RCX497A.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\RCX4A28.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\RCX4A6D.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\iexplore.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49CB.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49DF.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\7zFM.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\dotnet.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Java\jre-1.8\bin\java-rmi.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4AE8.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\uninstall\helper.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49CA.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49DE.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\chrome_pwa_launcher.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Internet Explorer\iediagcmd.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\RCX4910.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\RCX4945.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX4A05.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\RCX4A6E.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\appletviewer.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Mozilla Firefox\default-browser-agent.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\default-browser-agent.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Mozilla Firefox\uninstall\helper.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\7zFM.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\RCX4932.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX4A03.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\uninstall\RCX4B0B.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\extcheck.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\uninstall\RCX4B0A.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\dotnet\dotnet.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Mozilla Firefox\default-browser-agent.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\createdump.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49CC.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Mozilla Firefox\crashreporter.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Java\jre-1.8\bin\java-rmi.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4AF9.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\7z.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4AF8.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\RCX49F2.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\RCX4A5D.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\RCX4AE7.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\RCX4A4A.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\RCX4AC4.tmp	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Mozilla Firefox\uninstall\helper.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\dotnet.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\7z.cab	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

Drops file in Windows directory 2 IoCs

Processes:

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

description	ioc	process
File created	C:\windows\readme.1xt	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
File created	C:\windows\WallPapers.jpg	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

Processes:

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\WallpaperSource = "C:\\windows\\WallPapers.jpg"	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-2818691465-3043947619-2475182763-1000\Software\Microsoft\Internet Explorer\Desktop\General	025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118.exe"
1⤵
- Enumerates connected drives
- Sets desktop wallpaper using registry
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies Internet Explorer settings
PID:4508

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

T1491

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7z.cab
Filesize
544KB

MD5
9a1dd1d96481d61934dcc2d568971d06

SHA1
f136ef9bf8bd2fc753292fb5b7cf173a22675fb3

SHA256
8cebb25e240db3b6986fcaed6bc0b900fa09dad763a56fb71273529266c5c525

SHA512
7ac1581f8a29e778ba1a1220670796c47fa5b838417f8f635e2cb1998a01515cff3ee57045dacb78a8ec70d43754b970743aba600379fe6d9481958d32d8a5aa

Download Submit
C:\Program Files\7-Zip\7z.exe
Filesize
312KB

MD5
71e8860e26ab15f704ded12a4e5a63fb

SHA1
4c999e24b5f1951cd6fb44f388e42f3a513a1f74

SHA256
15f4fdf8720959b07c32ba44117d8a318fa64de8ea37fb81603fe3a23395822f

SHA512
2d6d5fd5e25fb8ff3845877a69b5043d6748fd656b5ed85af2672de10050da036ab0da7c71a8f072443f4f24308d660eb79b3a0a2525c1f416c6c310822b9b13

Download Submit
C:\Program Files\7-Zip\7zFM.cab
Filesize
930KB

MD5
30ac0b832d75598fb3ec37b6f2a8c86a

SHA1
6f47dbfd6ff36df7ba581a4cef024da527dc3046

SHA256
1ea0839c8dc95ad2c060af7d042c40c0daed58ce8e4524c0fba12fd73e4afb74

SHA512
505870601a4389b7ed2c8fecf85835adfd2944cbc10801f74bc4e08f5a0d6ecc9a52052fc37e216304cd1655129021862294a698ed36b3b43d428698f7263057

Download Submit
C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.cab
Filesize
281KB

MD5
3dc3594fb3b25c55081fe4b3226abbc2

SHA1
7eaddfd597fc76244f71f98877f7149c9e85dc9e

SHA256
6d54694077faf07473196da7b7f1c6981c8ad6a462fcea4777a80cfc6bc5769e

SHA512
8f268673c86e2c38d1713696ed25b75a565d8beb5b05ea755c9cbb12f625b8d4abfc1bb3f9f54c297ba4bd7dd9e465737c30f492aaef0034b0e1568ce13d2445

Download Submit
C:\Program Files\Common Files\microsoft shared\ClickToRun\RCX4944.tmp
Filesize
212KB

MD5
70beb19af16a3cba4f0e82d472d99ae1

SHA1
8c2815db7b6a81dfb2019b18c1ed2b154e12a752

SHA256
4572d4f6695acae53d1b3372d72355e0176545fd5ca42f2b628ad5941d9257e8

SHA512
7928a1c61fdc9662b978ce85223fecbb0371e7579280d5a63aae937bc064b97877d5d005dd3f65498e203103796f467f6cce64fca29ff3b477e215a32c0e6b27

Download Submit
C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.cab
Filesize
2.1MB

MD5
b8d69fa2755c3ab1f12f8866a8e2a4f7

SHA1
8e3cdfb20e158c2906323ba0094a18c7dd2aaf2d

SHA256
7e0976036431640ae1d9f1c0b52bcea5dd37ef86cd3f5304dc8a96459d9483cd

SHA512
5acac46068b331216978500f67a7fa5257bc5b05133fab6d88280b670ae4885ef2d5d1f531169b66bf1952e082f56b1ad2bc3901479b740f96c53ea405adda18

Download Submit
C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.cab
Filesize
4.0MB

MD5
4000ac26cc2e8e051ce6dc97e6cf8f52

SHA1
ef0db6e513e66dd5b31a8630e40742b5548bb3ef

SHA256
662b4e23440de33edfb384572f7d3fc0caf9997f1b61b4e5900b329ed28f8fe0

SHA512
207af36ced03fbf8a816c0651b2bfc71b371cfb448c77a1cf31e0770c0cc1e41be1f062f75e0062be9c667f1aebb7b8f7a97ebbf0f250a943d8c0bf2b533f3fb

Download Submit
C:\Program Files\Google\Chrome\Application\123.0.6312.106\chrome_pwa_launcher.cab
Filesize
1.3MB

MD5
6a6c1d6485aa2e9b293bffee8d9736f4

SHA1
68ab4ad79ccb7cf6686cc740370da78e6ca22486

SHA256
c930ccdc34a78a30dc33d39105bc98b3c6f0cfb0cea83bff898745e3167cb57e

SHA512
64bbc0fbda9f7b6e90495e51340b9af9c88b01316d1d47cb8bda860db46e0be0108b882eb8a5b7614ae3c43c8a55f98ce4bbdf8421c8624eaf98342ba0ba1968

Download Submit
C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.cab
Filesize
1.6MB

MD5
2c99645742665024db8e389c2870bcb9

SHA1
6e556ee19a2a1731ac56b69d0e83257e439a818f

SHA256
ab708ef464fa5e8222459d786512279840efa919b05e66b0f2c473d8db4becee

SHA512
25a7f8434e83341d9f8d68e2f8c7f088f2e84a707fc6db3f18bc1c098a2511380f92d8efde768f5113bc52734f640a08ba356f9a31d551da6ddf58d4884170a5

Download Submit
C:\Program Files\Google\Chrome\Application\RCX49DD.tmp
Filesize
212KB

MD5
1f9de3d9858c5ea6c73ffd48c03788f8

SHA1
9cf02fe4a36c6dc0fda3996d2d224da7ea68b0a7

SHA256
c93b08fe0adeab6233c2041d6660f39a64009deffca08664743ae76414c7fa04

SHA512
fe7944418ad2df0458ba02e6a3b565e8feaaaa4eb3711b1de59d8f9920aaf7c9a7bae49796d681a1070830f5e5fbd21e6ab8d97bdfa40679fae93cce4637286f

Download Submit
C:\Program Files\Google\Chrome\Application\chrome.cab
Filesize
2.6MB

MD5
c0e615c4c4f31cc9d9c8e1f7db1fd19e

SHA1
e561a25b4d70209d6f9a98fc6755b7bcbebbfad1

SHA256
bcbb6c63044144a41ced7051ddcd55e60439c72d2de9a230a4c5d5696ba5601d

SHA512
f345c22444c7e3e67fcf4d604b750a44a849881f173e1912ffc5526fc21c3ed9c03aa68a7f3f0c01f6793588fd183319824871fc9d118e4af03ee77a87ca2ae3

Download Submit
C:\Program Files\Google\Chrome\Application\chrome_proxy.cab
Filesize
1.0MB

MD5
7643d66f90df316989df9cd2a1aa08ed

SHA1
6e22393cb0a8f4e42c7da828b6d338361c1183bd

SHA256
29f9a076fc31d5f2439bde031884af8a5283c9ce70570432dd7c8e9469873b50

SHA512
680ca5e17375a0c3a9dd07b17c5b7b77b1ca2d44ae97a56ee381d6fc9822e2b6446aad57d171e0019acb7fe5bbb254bc675aaadfe7facdab2c9b3c3938953b0b

Download Submit
C:\Program Files\Java\jdk-1.8\bin\appletviewer.cab
Filesize
23KB

MD5
f63d14c000dfcadf2394c737edaeaec9

SHA1
1c9d16d93f58d2c0a4708ffeaddf9d2c26ef33e8

SHA256
ea8543b0eab31dece2b50ef45a2585f4de09af35c68d9a63152944f8a831ac29

SHA512
4cffa0d1c4c1a1ddb91ade23e17a76dac807174d022115592caec2d0927af8188455e0c7b8273972de4e27e4bb816e83deed70551075b6effd4f32aecf994053

Download Submit
C:\Program Files\Java\jdk-1.8\bin\extcheck.cab
Filesize
23KB

MD5
952fc862806f000e37d22897243c2bc4

SHA1
2da507ba99d86deee0fed3238e5e9fb170a562d2

SHA256
955f386e3af5d87a46dcb2064967e34eb25a44ca3d2436e54bd5b84f4a2ab2ee

SHA512
c74263c02d2066c0ff8a236c9fc620e2e088b3c1d3b54852de45f7b7dfbea799ffef41787919a196ff4e7ff03d1c7dc1bb2b876f1c7f829e04aa577ff728ef05

Download Submit
C:\Program Files\Java\jre-1.8\bin\jabswitch.cab
Filesize
44KB

MD5
e454822cfbf86d36ab2a407d0b1a251a

SHA1
85cc1915eee60880841f169b424a23d6a5125e50

SHA256
b90ebecad390a9243a1aced541a32a7d9ad14ebf80314c87b1f9fbf56714b623

SHA512
ed26334cefb09861028928d4cea2b3198709aa1c56d3459c3f08ef16a9fde7ab83042f7cc2a98668e46f84948222a501e0f68f9edcbbd20133316bb1f4666033

Download Submit
C:\Program Files\Java\jre-1.8\bin\java-rmi.cab
Filesize
23KB

MD5
12fb68f82c2293453b01833c43bbfa2a

SHA1
4fb52f60a5e9f7f817e6c58f5d3a130da32cae5e

SHA256
ee25146e9c0f1b938ceea4851006483e1aaab6d896cbe5f6b94955ecbe9c5c8d

SHA512
f03bdf76e493e5b649ba12cd6064265e9b809f17ad519040acfc2e2a128374018a1c516bb1f290269e1605525875ad573a9d7903812bb0c75ea404c61a227c3a

Download Submit
C:\Program Files\Microsoft Office\Office16\OSPPREARM.cab
Filesize
238KB

MD5
3f1c773a2e54f4d27b29c3fc1edd7d43

SHA1
ef9a5cefd1f3c76b0fa5c8ea4a261dc46e59d185

SHA256
ac66bafa0e7196b9f7b4a83b9625b32e83db7731418ecd0f4a8de474f7355254

SHA512
d6636ba0c800757d361212169f770d3799cc46583c79e0b9cc7cc49c565b86849e8965fe0783100bfb8039f12b717db88f95062e7b6b6f67a7f8bd38144a4297

Download Submit
C:\Program Files\Mozilla Firefox\crashreporter.cab
Filesize
250KB

MD5
aa9c1de3041eb75aeee90b85ff66c9dd

SHA1
83cba1e082732d95f278434fd25374104e25c668

SHA256
57b8145816b5d189842e350fc030e5a4def3a8990e489aa68dafec2b34e50171

SHA512
fa75c0de232e497540cce6f27dc0b0457860255a0822a6db297942ae91159dffaf4d35367aabcf9b2e235766a204210afee13e2e00cd0016403956a8a63a78a2

Download Submit
C:\Program Files\Mozilla Firefox\default-browser-agent.cab
Filesize
33KB

MD5
4c6887f8c8c66f0b2db5a8b347931b70

SHA1
1a71320873155f84de67bc16324c8ca0e503be04

SHA256
a080df509685780d81ee32d86eac7ab15b5831090678f63b5741b57fd8a9969c

SHA512
3e1cc423bcde71a24457b5f9756241c0bc0f9b1f434eafc84ec733f124bbcf6f9a1e104caf402ef2d60a96b895842a8e6b18cffc59936e6c4873a3be92cace8f

Download Submit
C:\Program Files\Mozilla Firefox\uninstall\helper.cab
Filesize
1.2MB

MD5
cbb81a903dc88f69ff9107f11bded306

SHA1
4466021a5d98b59b61c7d45a8f5dd695226b9056

SHA256
5719bb2ab3c985570662a12789a2dfd37acd6aa3bb743eb75fa271256455956f

SHA512
93e8e2e62b27686a2ca2dd4db7ae59349730e233f88ce83fd55969df1b16b9c382751987a76ba6b451bdda2dc080f7cf93a915e2517a783d16018813e3b27d13

Download Submit
C:\Program Files\dotnet\dotnet.cab
Filesize
143KB

MD5
33b4c87f18b4c49114d7a8980241657a

SHA1
254c67b915e45ad8584434a4af5e06ca730baa3b

SHA256
587296f3ff624295079471e529104385e5c30ddc46462096d343c76515e1d662

SHA512
42b48b4dcd76a8b2200cfafddc064c053a9d1a4b91b81dee9153322c0b2269e4d75f340c1bf7e7750351fb656445efaf1e1fe0f7e543497b247dd3f83f0c86f9

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\createdump.cab
Filesize
56KB

MD5
8e4a401d4862a3ab07d4e7e17cbdfc78

SHA1
8ff6d2c100a2ba9b8159b9f733da011c8e448534

SHA256
6e25f414dd65440cd0c285990f4eef789a831fff640dadb4afdf79a5dfd95bc2

SHA512
74477239112082429db839be011cbe3d7d8fa66c9b8089dc93b18c1392ae57c935f39446227049e6f7f29e86122d191fa4f2f8d59b87f1f7b6eba3ae4d61a579

Download Submit