hxxps://mds[.]multivista[.]com/index[.]cfm?fuseaction=aNotifications[.]emailRedirect&fa=aClientPhotoViewer[.]view&ProjectUID=C3CE07A5-0138-4409-9723-9E271A2EE6D0&PhotoGroupType=S&ShootUID=6992F342-B740-4BA5-ABB8-BFD2F7DFF3DC&SelectedPhotoID=231913160

Analysis

max time kernel
59s
max time network
50s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09/05/2024, 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mds.multivista.com/index.cfm?fuseaction=aNotifications.emailRedirect&fa=aClientPhotoViewer.view&ProjectUID=C3CE07A5-0138-4409-9723-9E271A2EE6D0&PhotoGroupType=S&ShootUID=6992F342-B740-4BA5-ABB8-BFD2F7DFF3DC&SelectedPhotoID=231913160

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133597483001798785"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
236	chrome.exe
236	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe
Token: SeShutdownPrivilege	236	chrome.exe
Token: SeCreatePagefilePrivilege	236	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe
236	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 236 wrote to memory of 2208	236	chrome.exe	83
PID 236 wrote to memory of 2208	236	chrome.exe	83
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 3676	236	chrome.exe	85
PID 236 wrote to memory of 2104	236	chrome.exe	86
PID 236 wrote to memory of 2104	236	chrome.exe	86
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87
PID 236 wrote to memory of 3744	236	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mds.multivista.com/index.cfm?fuseaction=aNotifications.emailRedirect&fa=aClientPhotoViewer.view&ProjectUID=C3CE07A5-0138-4409-9723-9E271A2EE6D0&PhotoGroupType=S&ShootUID=6992F342-B740-4BA5-ABB8-BFD2F7DFF3DC&SelectedPhotoID=231913160
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7e66ab58,0x7ffd7e66ab68,0x7ffd7e66ab78
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:2
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:8
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2204 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:8
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:1
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:1
  2⤵
  PID:2668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4100 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:8
  2⤵
  PID:3096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:8
  2⤵
  PID:4744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4872 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5020 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4832 --field-trial-handle=1904,i,12667900729025205127,1104379677041153638,131072 /prefetch:1
  2⤵
  PID:5052

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2200

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x440 0x4ec
1⤵
PID:408

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\1038b21c-f6d2-4e16-b4f3-bd61f9d3977a.tmp

Filesize
130KB

MD5
f967ac1d42a4bc9bede9cf8be50632e8

SHA1
5aef120c2a7db3d49a2f554f7c28207883d78a43

SHA256
768ee7b8a3d21dbde3a049a79a2bf7e3c79ee0ab56ecd8f271f9ddb0164db44a

SHA512
962c200bc5c90e93b3c7371e1e8b54848cabfbeab1389852674728c5c967129e2d5b9b46ec736d604b89d3b5ab1d990c643b3ef1cbc3d24c8c52201732beb2f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
512KB

MD5
0f14cd4f50961908b6b162914017484c

SHA1
5b7e0273fc0c9f88516211642ea637dce9965468

SHA256
8a1eb92cf4176e29463d9915f1fc837ef2003f756d1cc7d0933d1f6f7a4ad1fd

SHA512
7b96c54c490e900d9898fe8244d71521cac17e84cacb65a34db0bc0df69bc61ecc56a241a403496c442242ea2c12e290c7593cd3f15fa02e62621e6a4b227f97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
c08a385ba4a4ed2927dd90d33e505525

SHA1
3089675bd12f16139e51085afa4e0571bbcbe30a

SHA256
3dd0d5f59267d8f9e189fda7722fa2c509e8415ecd99b177ac3b71b2e8784354

SHA512
726427755315bb131df712867d396947d4e626416adb2ba6671f9c79b68de8512fa0a51a0100abe911118b1e54ea0045a180e5ebe3c2c5adb77cc944a913c755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
27cb9e9e1317c4a2c7f547b724a1b95a

SHA1
8d4353fda27068485bc79bfc40d50c1ade812f4a

SHA256
c2e8beeb6dfd92826911a724163ba8fa26da14b92f92e513cd0244887bcbaa70

SHA512
1fc90377b11dd10979ca947f6adccabd8b3ac989054c7b42f478d64c0bdee1bfff62093a254474b86b280ff59836a8702b8f621ace2922406adbcec0ee317e5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a5d59b2e064e16a493c3e22526c8775f

SHA1
a7216e1d4b94d8c57c5c7812f0d10956257c2eee

SHA256
1e26322f7960edae15bf28de1db746c3907b590966c2d1e56d26f3004b73ec0f

SHA512
e73b9fe13733da60c287fa8593497a0f87362e86809ca3545e605a06a86a6dfcf12bfaa33a021beecbaa3be4fab605faf0167e5d6f29b6ba31bb5ad115781edd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
481efb77c726beb14d5e33b1a4676bf9

SHA1
f18431a92244010d90b06acaa19265729cb4e8ff

SHA256
0a6d7fcdf83dd9a986bd453b4c9f16b3af9337d7699a0d50f10996549ce2399f

SHA512
7eee490b4168e8aa3e0b8fa21d7a377551e11c51f4b042cfe6b226486518333334930f1394ecb093cea5d9d9dcb4eba027169ad7601b17c2c8266222a358588b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
c502e8d83f5a6ea4677900c51b5d1512

SHA1
2d1fd36ad618a845784ceef35b05f3575f1b34d6

SHA256
7694a2f2cc99981ebe93c5ce7899b7fced83754e6825059fcf0718f0eb0903dd

SHA512
867d1bbd14274ec476d3cce1fdc7a2ae9c629cc83b067873b5905f8f5112072195db4986133529096d945f23766462cbbab950d100ed72f7e53b703ce190d11e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
779e9b56e2a3d6f0a62acdaae1b8c649

SHA1
7fc44a98e98afbb51541f018c87bbca7d617774c

SHA256
a3cbea57583228bde8d9fb67b9464f20c4cbec8ef2834b4ffa15e3de8e6e53e2

SHA512
3ad3ee95433c24fd77d0bd1a1e8d06cbf69eea02655f42f4ace7e0944b3cf00011b048a1598e82c36fe61e5e5fdb12fceb30ded4b2bf0892599df8f12c79ba08

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit