Resubmissions

06-05-2024 16:37

240506-t4859ade64 10

06-05-2024 16:27

240506-tx48qaaa7y 10

06-05-2024 16:12

240506-tnp3fach28 10

06-05-2024 16:06

240506-tkk93scf68 5

06-05-2024 15:16

240506-snj1rafh9s 10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06-05-2024 16:06

General

  • Target

    https://pub-fc61daefbed942ec8e3e08ef1ac790ea.r2.dev/www.outlook.office365.cozct_esource_t_esource_0848932-100rce_0cpa0002-0000-0ff1-.html

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pub-fc61daefbed942ec8e3e08ef1ac790ea.r2.dev/www.outlook.office365.cozct_esource_t_esource_0848932-100rce_0cpa0002-0000-0ff1-.html
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3632
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc2c3cc40,0x7ffbc2c3cc4c,0x7ffbc2c3cc58
      2⤵
        PID:3796
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1796 /prefetch:2
        2⤵
          PID:860
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2064,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2088 /prefetch:3
          2⤵
            PID:2872
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2168 /prefetch:8
            2⤵
              PID:1896
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3088 /prefetch:1
              2⤵
                PID:768
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3120 /prefetch:1
                2⤵
                  PID:3464
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4480,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4540 /prefetch:8
                  2⤵
                    PID:1196
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4760,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4768 /prefetch:1
                    2⤵
                      PID:4484
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3472,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4764 /prefetch:1
                      2⤵
                        PID:636
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4444,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5100 /prefetch:1
                        2⤵
                          PID:4880
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3168,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3152 /prefetch:1
                          2⤵
                            PID:1188
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4604,i,10544665217710656749,5494769203001870701,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3136 /prefetch:8
                            2⤵
                            • Drops file in System32 directory
                            • Suspicious behavior: EnumeratesProcesses
                            PID:768
                        • C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
                          "C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
                          1⤵
                            PID:5044
                          • C:\Windows\system32\svchost.exe
                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                            1⤵
                              PID:1932

                            Network

                            MITRE ATT&CK Enterprise v15

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                              Filesize

                              64KB

                              MD5

                              b5ad5caaaee00cb8cf445427975ae66c

                              SHA1

                              dcde6527290a326e048f9c3a85280d3fa71e1e22

                              SHA256

                              b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                              SHA512

                              92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                              Filesize

                              4B

                              MD5

                              f49655f856acb8884cc0ace29216f511

                              SHA1

                              cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                              SHA256

                              7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                              SHA512

                              599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                            • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                              Filesize

                              1008B

                              MD5

                              d222b77a61527f2c177b0869e7babc24

                              SHA1

                              3f23acb984307a4aeba41ebbb70439c97ad1f268

                              SHA256

                              80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                              SHA512

                              d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                              Filesize

                              649B

                              MD5

                              7fee3c01d3aa62d676f2bece8e6bd6f8

                              SHA1

                              0e6f4c75f11db90613a45f512cb8c25eff674738

                              SHA256

                              419904aab3333e9be294eb93ee7177ae935bc653bb32cb878b6e766ad8055852

                              SHA512

                              19f4dfe85d387e9eb2b7f5d46b0bb7eb6ceecad1b534abfed335132368025695e135ab81614af6f4c5b0f18b9fed54f519f0e7b28b2c49de4d7543a773c09f22

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                              Filesize

                              216B

                              MD5

                              11712b286181b39d0fc09c7cbceb4a7a

                              SHA1

                              a71a3ab19b6dca06c55be2de57846a0703e00f80

                              SHA256

                              715fdf648f570b00f0f5c7e5da28216cfc7a0f14f5eb5702c9f01542559e0885

                              SHA512

                              313f7154f9a8432dc622d68651c3b067a670e98f15102280f42fe4ab61d43a2369a41362c6466b44d1ae932d315a5f2608d7a6d1e5e522cbd9eae1383f057343

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              3KB

                              MD5

                              5dc535944832f4955a92b78a9c301d51

                              SHA1

                              99c23bab60ecaf986ce7bc02d0048b8252cfe736

                              SHA256

                              82304e2e8f628fa477e61a27d327b6370a3b20691c1a06bfee28c0d4be7b7c89

                              SHA512

                              decfca8f39ed9b780756e1d2a76fb4f42859f2c92d3cfb30232acaadb0bfe6c4e910d55b357f493fb360c2d2e97abde9b5b2d5f1ad455991bc9a2fed3bf3db5d

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                              Filesize

                              2B

                              MD5

                              d751713988987e9331980363e24189ce

                              SHA1

                              97d170e1550eee4afc0af065b78cda302a97674c

                              SHA256

                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                              SHA512

                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              692B

                              MD5

                              20613371cc4b8bdff5c9a661f785cd1a

                              SHA1

                              b84dab20e74c894e6efb0958e7c8211394734326

                              SHA256

                              a61151eb3886846634fa9c7d561f01fd23ea578f639fee962476813d1004d6e9

                              SHA512

                              d478d5fec0960418c652ad3cc11f7c7c0a07cb6564be15680ca7e813ce6ffef36e555d1066bfe06677a91742b2cff11cd820f5d00045cf9c62489b5e36610cc5

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              690B

                              MD5

                              75c481734b239240894ebb5eac1ec471

                              SHA1

                              a2013220c9470f28c7c853f2552f53934b779daa

                              SHA256

                              94329d072606747175d1451e580d7affa25f59b1c2806d65e38ef72b389bf030

                              SHA512

                              b22423d5c115718ecae5237122bed87d8e9e557852f352343cb1ae41c521f758c73b9545c10390a4847b5085e13b4d9e0e14b4f0c9220c37661a4552e0985447

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              690B

                              MD5

                              5cd9b4b64a980f83dad9345cd01ca7a8

                              SHA1

                              d112029a5bf16f75b66819ae199ca5bee29bd3ed

                              SHA256

                              9ed1b69f0e6160678c3714ebe6ef58fb035f4f3f462327aea64c7b0f09ca1b0c

                              SHA512

                              be4c75edbff70557b2503b6cc0bbaddf2bfa3cb8aba94c9c4a774f3a9e520915966cb81a3e2291caaea2b8b9fc40bf0dbe42023373120cb2483ae18d7639231e

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              692B

                              MD5

                              dfcecbaad0aef5a94384e554018c339d

                              SHA1

                              260b2f1f393f13d819215c1a39c33814a1cb1f19

                              SHA256

                              a28636168dd6425b37fb2170add197da0d26bd60922ee333f912e39843348d36

                              SHA512

                              3410ed1f968fb65b8e80913b6d6666117176adecf4dc2bf5b7f0f13bb642b67cc087639c77ec5950332046844b41e08fa6fad4b941a9cd4e49ce0a0f8065dfdd

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              38cf6573aa8441ef0d4d5c9a9884973c

                              SHA1

                              645ed4a199a42c6e23dfccb8ee7246657641c7e8

                              SHA256

                              61f28e136c957cb6be4b4f0261fc0fb3241101b57ee84da9160a3fb5c9695b50

                              SHA512

                              1d9978c752ce5e3f30cdaacbd14079594c04eae6722567affe7637201d0a11155edbf446d9501d5547b98e45c9d71f272d009c51a4634cf841016d7adc331cae

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              787ce81d153fbd81bd697640248d13b6

                              SHA1

                              57164941822f22c0971d9b0c4e481732f4f9bc21

                              SHA256

                              8a95c1679302e86ce734d50d8dc187a51d2dad807c4fdbd3d4183b440067cc56

                              SHA512

                              34d3128ceca99b83e696081c18ce66f3f2655b670359b800cfd02af0a11088d13c72a30000d4a3dea86346adaf4a2ba8ed412f9dd0f90a0ecf07147e6436f8e7

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              7bd12a0e2bd8bc235949042acdb7a850

                              SHA1

                              3d65936d19d7b452220ecc8b80d5cd7754596e46

                              SHA256

                              d886b8f989dea9d01e99e9b9fb9e5a7c7523be215d871fdb834aaaefde954b02

                              SHA512

                              ba1c065c6a88cf098713c30298157a5840091ed9424e47ae3eeb1c137af2d859aff0e275a0cddcca46c4c1904b434cc5a60fdb2428f1a2ffed8cd67660daa38a

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              12KB

                              MD5

                              8e74d9cda047a5017b6eba8f96bc0fb1

                              SHA1

                              802faeb128f85aae1d47e663fbf25ceb13a2bbca

                              SHA256

                              bb4a6828d6124cf2c88206b29b02f35c5ed417d501e8da11a0aa28464d776676

                              SHA512

                              070a1d1701623d05d254f163dff7acfdf0dcb50fb600ead1c9aa8115c3bc52a2f713f3c06e55aad19fb4226b12e063b9b9a5e96c4e795a262408aa06d59331f5

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              13KB

                              MD5

                              8254daefe0b49b8ca315c11afd866759

                              SHA1

                              92cadd1b5f4b74442a05ac7c6ecaf106a447df1b

                              SHA256

                              e6f391ba4d8e052eb4fc17d21a221086a536bc601855ee47ddd14be0d03e9116

                              SHA512

                              a343071f8c4c44183f7e13512bf747b9354238cb27d0faf77d56fe686da6da097411fb3b8477a2b59ea0ed84cd2d7747fbc5da7212a6843a946f3524add966e2

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              13KB

                              MD5

                              72bdbc73f5cb8390aec6b55c024d8f26

                              SHA1

                              130b620bcdb6852a701fe8686986d10a8f9e1457

                              SHA256

                              881ba4cf6178c6833c782868d6dfe46bb47bc43a6350e68ab63ba1f9127ba952

                              SHA512

                              957619cf8db829ab0539e8f9c0149f54517ab6991483578b928bda159b3cbee5e2cd5aba70d1b2e51ed12e487aa161429103a8acdef4e8794edb202f467ad597

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              962fb40e2fcbfcb0c990772b0dbc9bcb

                              SHA1

                              10ce1214a09ef8ca00406fd5421c60cd621c7ed2

                              SHA256

                              3b727729e18319d5721e12ccdb5d4eabe0aebca0171aec8d24cc66443194f339

                              SHA512

                              82dbee915239e008531d40c5c33bb9425120126bb32df8dd8078046006431ca657c20edee579d72cd49e11230456fde8c34b77d3ddfe13e4cad8c3ce032f8c0f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              13KB

                              MD5

                              0ba237f5ed2d559a43c704ad38b759be

                              SHA1

                              14d07cf656c4c6e95b93f1aee7f6728925c5db66

                              SHA256

                              05e619aace128e3dd35017bb1342e5382f64a0dfcc8454e7f29b6b67fdc8fc29

                              SHA512

                              af2169fa28879ff80d939b6fe984efad7a86451741d9e7f179463f60e107634d52e550e45a4aa3015d79c343b8b89245c33f761c930c3cb72951389b80b4df06

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              77KB

                              MD5

                              95095f2b81f6349bcd2915b04d3220f7

                              SHA1

                              8d08746d2c6c2537acd3e0f53772f94dd8fc7388

                              SHA256

                              13ac224c96716fe1f9b422767473812742307b6d005e632ae0cea3de18b77f12

                              SHA512

                              cafb1d859e045a5c346b3512a9016bce285d322cfeac7d6531d3f7b5fa0673bf5675fc0cff30f5253aa397fae18bd5417807590cdd0faf8290ce123a1076ec8e

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              77KB

                              MD5

                              c9078cff9ec58be450e1ca124f8514d9

                              SHA1

                              37a8ff38be3c3bb9c610b82c38389fcf3a928922

                              SHA256

                              327774a6d9e7752a9c64dd107fdb42c62a438e41635916879680b519a875eb89

                              SHA512

                              0bf28237706bc5aae64b4011d7d52ac9a8848b88ae3f196c93045526b7e57a8821d85e129eb6abf02c040430794c7454be5e76b1c8b617642dd34fbab8fcdd4c

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\bf5a3a8e-7591-4ff0-abca-4af0d56fdbb9.tmp

                              Filesize

                              77KB

                              MD5

                              14ca7fbcc0064482111c1532dc5e35e5

                              SHA1

                              269190ca908d99640b10decb4c7c1da5015f9887

                              SHA256

                              5c544e0bb92f2ced3107738322516b0fd433b22bfa34d440c1bf925ad9efe2ea

                              SHA512

                              deca4865ce3e8ae86d693467743a899b792f5a0eba9f1f3ef766c3938749b6b811a0d88beb9654245d69da74e7c7b3017c3a760b17c456e02fe137d4a58dd2e1

                            • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                              Filesize

                              2B

                              MD5

                              f3b25701fe362ec84616a93a45ce9998

                              SHA1

                              d62636d8caec13f04e28442a0a6fa1afeb024bbb

                              SHA256

                              b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                              SHA512

                              98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84