dc2ac488793069f2f775d1cf43b1500d09bfccd7c827f759b3d3e0bb6e3fb24a

Analysis

max time kernel
123s
max time network
128s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 15:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63b5934f1e1bfaddbba93982db53c3d6_JaffaCakes118.html
Size

175KB
MD5

63b5934f1e1bfaddbba93982db53c3d6
SHA1

376aab1e622dc9bc07b996467a883f70e32c25db
SHA256

dc2ac488793069f2f775d1cf43b1500d09bfccd7c827f759b3d3e0bb6e3fb24a
SHA512

5eb8d6e13770b34edeef39cfd76c47f6f3d46a785946f77a90ed00b3cb71cbbac4af3994297e117a3b466d83a88881ffaee7a48f0c20b84833838037661cb33e
SSDEEP

1536:Sqtd8hd8Wu8pI8Cd8hd8dQg0H//3oS3RGNkFNYfBCJisg+aeTH+WK/Lf1/hmnVSV:S4oT3R/FIBCJi6m

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8227"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17112"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17655"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "27267"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8227"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8017"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "25699"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27267"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "25699"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17655"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "27185"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CBB4F4A1-1782-11EF-852B-6265250A2D3F} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8129"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17751"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8221"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17737"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17743"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8221"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "35215"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8011"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000aac4e1f734e4f44b9eed6bab8b6612c3000000000200000000001066000000010000200000003fdf791d6bc4df842567cd3cf2a461e12b1e093a62f62b77adaada73666e554a000000000e8000000002000020000000f8ad65a5bbe4a0562848bb3683372f8dae52a86578bf9762807df782626966df20000000fcfa2800232833745f0ac27cde0039f54c5f7cdb6dbb0b0a89cadf740cb1b7364000000052d20f06779f233ed605be283cd88b224cdfcdc3786cd58a8aa1779f43f74eecc43b56dba31a1d9f4ae57d7f164094ddb74966f9bc0a9ae8119d4fba2d72a94b	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8139"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422465471"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000aac4e1f734e4f44b9eed6bab8b6612c3000000000200000000001066000000010000200000002fea92e9c068a2ea13ae3d97187f5e4486c0f604577ea4fa3b3fa24cc87104a7000000000e800000000200002000000058e50e2a1a9150cf5ead5f07cf4da96f3b1c4e4fdd4a862e5b62c02feb3a39d890000000ec84b74eb8a0af135a9a1f2bf8c38750c1366a58918417e55667cbfda021cd61fa63f5949247d3c42a0263d10d33f6ed915a7718b3a46a08041ddc582a7d2fcad1c57c8d84d7c6c3ccc81c2d159e67dce06256fffe7ba12f5eec4f85db2f5d52a04f40b45917bdc94f7c707c6bc3beb22b3d6e53b7089909b6a3b6477214a819f14fb203783acf88b2448655f6b941d6400000001aedaa98ba8bbd3ec0a39bfe9cf8c2b66d359268240569d6691cd905a78ce8e94c715c7de909e0b503f85773628bd4a22663b3d023f23446ea678d98289b422d	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17112"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17743"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17751"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8139"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17737"	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2260 iexplore.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid process

2260 iexplore.exe
2260 iexplore.exe
2740 IEXPLORE.EXE
2740 IEXPLORE.EXE
2740 IEXPLORE.EXE
2740 IEXPLORE.EXE

pid	process
2260	iexplore.exe

pid	process
2260	iexplore.exe
2260	iexplore.exe
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2260 wrote to memory of 2740	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2740	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2740	2260	iexplore.exe	IEXPLORE.EXE
PID 2260 wrote to memory of 2740	2260	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63b5934f1e1bfaddbba93982db53c3d6_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2260
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
71523a83788451ba4cb0e38fc697b45f

SHA1
ba09ff7c32acf15331db1d9b17cb23c2706c9cc9

SHA256
4138c192f58b224aba65cc7fbcc3ca9ce7f4d80b2babd63583545009a25ce4d4

SHA512
d8f1d0a7cf8f8372df8b12febf201539a1fc5a5351b7899ab92749cd2475e1f24a86ff96231fa7426a9ea32d8fb2a55eaded8e1524d6070c1a0e513f683f2fd6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e0d42835a7558ffd2050e3d52a418f84

SHA1
3101c6f50c3a344d93bf4ec704b3a729cc45d7e6

SHA256
82f8cccac79744743758aedfa3ab10bd413e791e685049191b762e8c025b01b3

SHA512
e2f6325449ab7b21c74292501fd13a6974943ab61c83c7e5f0f17f7282c872491e1c741d030cc03892690fd4af41e6b1fc012826649530c0a5aeb407b479a19e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e3d47b311498a989f1a82f3e6339fd0c

SHA1
14c68dd9be6eb7bea8e608b444529feca1283a16

SHA256
31b1fe3a40029f61cb1eb57eeca15a6fbf25251aad4d103cfd62bfcfcf874882

SHA512
3ba40b0486f1c8167730ffcb3caca25fa463b4bfcb013c03ac2f6f60478da9af7f492a7eb25568df6cf4448d87d7474f8459886642c100dc9cf8fb9a6c65f185

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
955864bdbdc7fb0f0be2d55660180f80

SHA1
3f947050fcbf4db3efeb5c12a1ee749b681d89a5

SHA256
54c9ad7acce625d049419c4a4216e9f9a8bc319d8f527066c45aebdfcf01008a

SHA512
01b7bec0390576ccc4143eea28349b4d77b5b009d115cf62c0feb172fe2969ab3d34499ea4ccc47682bf6f02ca26449d02ef7f970c69335fac08bf321dd7f9c0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f00f08a32a566f1458194c4528c0eb23

SHA1
04edc5d3ba4d52fda0681d5c997bd4448ab46005

SHA256
1b25d21008ae402296d868b1fdf11d0956632d05819127fd50bcb60863a8ada5

SHA512
b6ad42d194368566527a04844f6be4e4383ddd94626502f3c8fc4d90887de7d72a2a6c735b0bb7ea09fc0fbd4e24cafbf3fb9330947e7128fd699d61120400b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a065440451474caeeeeb7a13548cee73

SHA1
2d28b8d4a200d7a6a575524c38b9e0f2cc490dc2

SHA256
c535e99ccce255dc37203b0d57b61fb3f85803ac2ee81eb1c818d11bd2fed9f4

SHA512
849a7e6bb71f941c89ef5a284e01db21d3705220fde69f5212c5a5052f371501e9ef41b2922194c9d13cdbcebaecc6044db72ea4294d323ff8868f58f77caf13

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
573b952aba3dd4f9a00ab8994cfa7f3c

SHA1
39f75ebc4c5f19efe2e9b8dab489f67371d02c48

SHA256
c7199d0a6c549583951916249d6c2e74d2aaf26c53e1e1a62b8bad64c3903423

SHA512
29e292ce7b697fd9df79f3278b622e45fbeb90b30e4bd86d6aef0ac42826cc507915465603056b20e7a16462c09e27bc4bf60d61acabfaf5efcfd5b5929f64cc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c8fb3865f2101a6314df2a32c2168cf5

SHA1
25476aaf70d064ce845ef123e26f66aa0f2efb19

SHA256
a2417509584dc5452e1ee921b74989b80308541e43214efe9d5eed9ef0917452

SHA512
4c40ffa1c1b13d0c422d23e9d7349dd431fc3efb77ff24f2aa592f7cf23731ccfd38f8db65bce2c6f997677f0010aa57645e3477b1f529b9da0005adcac464be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8832541e7efe49dd423a1cb57271d13a

SHA1
4e0ee2c62fb5180d0d4ff2033e45668e9e9208e5

SHA256
7c122f62dbbcbc7e79a27b63cbdf0372b909fc7e1566ef72ec15025f345c846d

SHA512
d16cfe460cc61adc85bb03b678fea3ffd1076093787e47d02004e2d232f10aa154fd7c4edf665ffb061e63c87a9e1db3db269c0c3eab34075a6a93df1cf9fdb1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
563336e7fd837974ef2f713ac093d8f7

SHA1
a4077739ac0a3238ff5833aef275642526dd459a

SHA256
67eb5b9316a51fe927b5b10f65a9697d68ddbef98b69347fcfdd4e2f99dea48f

SHA512
5cc89d744a17ce0d7711d837126e626088e49396517e94a216e20b4729807dfe910f033905d0f4eb7755ce006aabc4b973456158907019bde7182139ca8cb88b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54b3d6718e5c53e04d8fc0121d583c9a

SHA1
6491f4ae51ade6cb52cbf6254746f2045564cd39

SHA256
b1872fef069171b6d887d15a02cf6f69c0f6b2bfbfab84040dc260676d25a1f0

SHA512
653c1c6b438c40678d9cf3e5d1d27446d965be2b646ea2dfc9e1647f1c26571d1890ebf9aa46855b60a273a11f66ec99a9e3f70198a53d0e426f3628ed939d3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a894895e6bc94f9536ae570c9e58e9a9

SHA1
ad0fcb3ee411cb9cd82729d64e25d6024d82e36f

SHA256
c37ffa34e6fe848524c20fbe93e4bb47cbc9cba01cffbde902dd7dc8a3007f74

SHA512
edb361a419c816b0a1c320f7090c0bc9e2c34676bd0bf38547228e3821ce08a0b49eb5e4003c381360d0cebf9b340b510786262f621f5ebbbe2cf039063097ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c7dda5860566c80b96fb678cfd0523b7

SHA1
2ddb0cf66018dcb13a62ccecf2664b24eebf9d2c

SHA256
237094267e712d5ab8402b45b09f54f78ad565529e72d0c82cc74c3d7f6e6067

SHA512
e6a36082a4d23b3dff850333868a42a5c8b4f1c7835d0890383ea2b937dd6fceb359ff769386ab794ba7f8be635bb3d03b82a9b0d56b0aa6de3555d70cb89587

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9947ca723d800438beafa8de63d9eca2

SHA1
a18e589279745b7f83b2e3cabf5ca93dbd49b564

SHA256
06cd3d8ff51107e0e8f0802b41c214c02bc041a419d316c9c16ee416e3be795a

SHA512
8e4ab67ce600ce3c9f6e749cd288818cd5911317789c9aa6c9de07c45ef6eb8c5f3a404901d6e2ebe89277127fb46c692b4424b2592c6c544a9de96edc266294

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1547dd4f17c710c245f175018de0722d

SHA1
c27ac16d9550ab62c21d61d77a15ce5cf4f357ef

SHA256
bfb679ef6df41fa155b444267547e0b8fb5aa59d8c64babf33b4333b65891e9e

SHA512
358c7d2d65d22cf17f366400fdedd1769700b642a3c771e6ea3112324e1da59773ba7bdc560c05d87351662b1317c86b888b6f2eb6e9e4dab0425c8fd8fabaf5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b7624e6f0b9d510d82647f2c2542e3c3

SHA1
931f3d8a36ab0ca83d02f6dd9b7fe9c907a5d88b

SHA256
5b8802fb93eb0ecf911902ac12d6f337a8f22b05f07d9fe32c3d753ecde9d379

SHA512
54aa96227bede288f9da0223ce450a2e09c6ee18024d9f893b2b0d67ad2b8e7e2a7ac3f2f893b6e83987cb88f836bfdb81f80aef5e67df44bb36bcbca6d32c94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0ca58de2fb95ecfa88df8182696deeda

SHA1
0a8539a0bb2cfc59e06ed386a51b6ed2a6ad3f7a

SHA256
dd4b6d80ab59616d7ccdd20404a75075181b3ed8887ba8ac85e9eabee2eda2be

SHA512
1a5d90d65774f19f19c32b5d471c7a05f9e9a92e7cc056dc987af844204fd1c4d500c1c4ead5a55803fb388c6e6e1a147b22ebec513a0c65878c176148aefa8a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a12757dc05ad0f28a3289bc53c872eda

SHA1
d6cb08a5b91210058ad195093b398eee266568a0

SHA256
cddb422d176bea58c1bbe2d04bfd74312a89f6b0e308f8b58ad9552bbb41794b

SHA512
9c3f9033e72713d7451ab149db902fda1adb54936f356cd744aad5c70dda0018a9964e12db9ddf68ab8a11ed066b5f8e77cb4ae544058586f9ba3b2aa3b66cba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0b5d1e71a4b5a7e70727b0deb0727136

SHA1
7065a8acacd10b6b9d349f04488b45fe2dbdb15a

SHA256
cafa068607e8adfbb173804e35771b11fff55db5fd8cd08bd9913f3f4354fc4a

SHA512
293ba295260487e6545cac50b69fe5dc0c2306df0c628ed685327b1bceedd490054dd0751874ec23b389eb164d5eb90c959b3955ed7e42c370f07954a077ad4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
886d29d4b84660a5e30a07b7785f427b

SHA1
ed1eb4c9b834d2b454749c31391e75148644262a

SHA256
baf51e08f19004d8dfebbb2f919568746f53e67bf44ea4d701950caaa5279bd4

SHA512
7c7546d8d17dfff5904054a4f7d2d2b0c80e4bb2720445ac8340fe7bd3399509f6f7dc8870aef4bdcd9ba7a3cf7521282316adc7dcc80e7a64b65f69eed889be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cab6b34c3c40d182acc1fda530a6545b

SHA1
dea024fa8b1130d285ab55357744131be3f87566

SHA256
ac0c0199384db973575fb015aac369ed796260f6329be685c4b872cac1ac28de

SHA512
9f17339d5b34bef1bb615380fbfb76302b639b5c930fc61efba3f8d36e63733c69b181cd9ead0a26e8439366b2483dd3270d9658322ac43dbc7bcc82f8565b86

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
bacdd1fdcc4fa6c6ec14db461a368efb

SHA1
7fa7e34a2c4fd3cdd900ad9e2b531c9891221545

SHA256
bebba9c0682e0791be82fd1e4bbbfb4c42176348cd92140eb32b3d19a5518345

SHA512
05d7a96c6be3793850cbcec690082c8308ec61085e179a2350daeb6eedcf495f465d31c1654e47a44794ccd85769e97436a13b8c518c3960928bef12dbc72ad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
814B

MD5
98fed9a1e8187d52343e022c9862b40e

SHA1
6f9e7682d0619756dae836c509c73d9a302a74aa

SHA256
56c79c711f72f284213c432b4a55153a4cab8c33281cda712fc055ef8dd0f2c7

SHA512
22fc6740c9f88edae8e6e01d7364bc8b89de3f626d66cba95e05bccc35f043afc2db08e7d19bdb786a7ea3dcb28000ad479e9229d5d8951d0243447ad822b6b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
229B

MD5
5c20ee8ffb70f9a69e640dc55c1677ae

SHA1
1cfec8d73b9a80e58679c1493059e31bf52ecc77

SHA256
35e23de7dd8ff3e8d5e169491e5a8fe2b5e3bec8f6a3cc0350e0c3e9ad93b53d

SHA512
820ddc455f35e73c5d06bedb839ce9344b2e2424c1a86a956fd9d034516dfaf87b35902d062199e98564fb1d8ffd7afe73f88623515ea5eb50f1f69715970936

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
990B

MD5
9a3e1f1fda2473eaf3bc9f777d5bba41

SHA1
43df0e938e5fa6d96a1a8d1326653d360ea657e6

SHA256
f3cfb67953fce242e666de01ddea444c5f857480c4379ba5716f634a8a0d357d

SHA512
337bdb10720f14c74bd2668a3b439932fa0c23c0b2e6da22b5011afbd5c45503616e971aacc23503b4e83ab31b1df334cc281e4ee8d2b7462e907017e43e856f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
229B

MD5
b020bf012e164fe8aac84d4bb3174fef

SHA1
34636a24deda8697d5928677454439295004e479

SHA256
b8b87f924070d3a7277b8a66cd7cf557251640d56a29ee67ba6972b88916c7ba

SHA512
b214ccb2b0bfd48bdcfc4cd3a4fa9b9ccc27d11302af0c16cc8062357a694c50813bf3d2c970847e65cd725d65aa7f6525ecef2d4dddd5966e552cb02c2d022e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
229B

MD5
cb5c656218a89ed796f3e4c8f6393226

SHA1
69670068e50a4e77ceff9323657cce49967990c8

SHA256
84d219bef6d45618f4f0610b7aa56e4a0f9c2b590473ced1e30f7cb8a2309c24

SHA512
3beacf392e16bf63b8021c45bf84b13ab26f705e84095339eb5e267880c919e8536758e7032810ac2fa1c6299e04da2f8f0ede5129c8bb665d3428b10342b1c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
229B

MD5
d009f80f58fcd44e271560287eebf858

SHA1
cde1777a6565410986dfd3277b56f388049b314c

SHA256
9afcdbd5ae074c4ccff85709c90b2ea73dd9f408ebf4834993a4aaa0fe0a92f2

SHA512
064801336b49c0a5fe4babc2c34c9500c36bb56a4f0a478c35bb826d2d275a009d862b604cc4a9d56a960a5c50c44a8946789a299f4992786857619a43f84c0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
12KB

MD5
2da9fb1d95a91c8f20a895b7e68c33ac

SHA1
f1a0a6a23bc3197a460dadb45f82ad0ce37bd5d1

SHA256
f473dc73788f7708a5da30b446981c47afb8b7b6e626ebde9260feb56083d9d8

SHA512
cbf1714aa208ab9792520c14f4ae1b46abe5986b8cd14e7522b7d21763f4b17d45c5887a18502c53a3f0a5b7662ed724390335514a3b326bb482912985b46aff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
12KB

MD5
1e4393286e4699f544099ac577beb491

SHA1
97750d235bbefc70aea5644f3a10139fb13cbb35

SHA256
3d9c7ea9de09319f196c307f5a7a75ca3c8794b459c4d9a7ff0bb3627dd5d73c

SHA512
fd4182a5227c17f95e34243c48c8a01cbf1df297ea1f9f7cc835f71d0e2633e453ec2b42cb039b8f0844330a5c082f1ccb3d3299097fdf655f465e07014438cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
814B

MD5
4bce2a8ff65d69debf6ba37a15152ad3

SHA1
fb2fce315adecb9860509b2f825b061f96f06d5a

SHA256
ae288ac4b4c9f278c83019f07837f9ec651302222e6296e2b9bc87aa10611a2b

SHA512
ecae3890bbfbd100e1f28da1860b6a9995f8a8496691bba168558c2aa25e9e9636c35a5294a3ee367366b19ff2b1cd9dd58acce938002346bc06ea5b65adc6ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
26KB

MD5
0f7d792df6a7dc7acedfdf441d876fda

SHA1
9568a90bc5dcf46142caea5dcf764871b06f23da

SHA256
8bb6eba733d7c5a83bc47a65d45a6cc005ee27f2ce21bcf9b4e30ec5f1363b7a

SHA512
76f73211b1f7f910a52a174b4690e2c26a694f8e526f59485af32402f7e87baf95b947dad1f920f466a5ee4b876fc9e9617a60010445e6ee08e3d3963a7746ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
27KB

MD5
60b380f84df9539eac93ee997c4108cb

SHA1
c06d745e2b8981ed5ba907f1e37fe6af70177ae3

SHA256
eadef69b2ab13183b120476fbe8cadb5f588d23eb35bdcd63f530be09d193aee

SHA512
1247f2818f0d926fe6868bded013996a927f6eeb823810859e078b257bcd201fc8de7efdbb018c7ed3556b39c41e27640b533fb6c00355bb8d116af99df04359

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\B9RA9DTQ\www.youtube[1].xml

Filesize
53KB

MD5
38660523aff515628d077f0aa7b74fb7

SHA1
a06db6e52732a9be22602a6778dad6e04b5ae87c

SHA256
d8b91900e5f5a0ba5fb69ebcd467995cbb6d955e39b7d0f9f10274923be4ddfa

SHA512
0828921afb8671275f4810dc68c843c9a4c6f161963047028af40f29798f3678dcb0a666450251e022b9c8d93f615ca6bcfd603fcc3bd8d0efa1bc07a8d9fd05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\KFOmCnqEu92Fr1Mu4mxM[1].woff

Filesize
19KB

MD5
bafb105baeb22d965c70fe52ba6b49d9

SHA1
934014cc9bbe5883542be756b3146c05844b254f

SHA256
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

SHA512
85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\ad_status[1].js

Filesize
29B

MD5
1fa71744db23d0f8df9cce6719defcb7

SHA1
e4be9b7136697942a036f97cf26ebaf703ad2067

SHA256
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

SHA512
17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

Filesize
19KB

MD5
de8b7431b74642e830af4d4f4b513ec9

SHA1
f549f1fe8a0b86ef3fbdcb8d508440aff84c385c

SHA256
3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a

SHA512
57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\base[1].js

Filesize
2.5MB

MD5
6cf442f4a82a9913636982556d933730

SHA1
21908019a262b61d71d3d7e538504e3f156e2b57

SHA256
e6efa8c619a242d6daf3a5917bc2e71fb1c7f1030256b5b0c5ec65a0515806bc

SHA512
f3f88139cddb8104086538ba2cf6187de120278571b018f85d47547f2b81a102d762b0ed74799b043d58cb8c151065f6bbc95db684c1497f011e6512977cdde4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\www-embed-player[1].js

Filesize
323KB

MD5
f99dc6ac4e05f583a5b1965461a75a03

SHA1
0df654cfe1090db9b4c3c4af952061b266fd897a

SHA256
aef62e7698d0579b63dd8063914436208d5b6db402c79dc6411e64a7ce3d83d9

SHA512
248f1c48e6824e850c2874094c147289b87a0dcc200819ccf507a16f6a8b7b20ed4495d5db6775471ab0a01f58609aa1e9b6bf29994a18daf48b65c58b4daf2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\www-player[1].css

Filesize
367KB

MD5
a9911a47a877d2736a20d97ea9030fda

SHA1
47f796faf3af4f64953cc6db639d16630a783fff

SHA256
a23b23fdcfb6b7aa426716b112dae01903b1224310b7b68ad118e507ca1d9dcf

SHA512
bc045bec918bb0bcc585afcb9af7913276d5c5e10ede5cb1a38f2d86b020c9dca23b8f134414d6a4652c76fd5c6172f3c88dcf8360ee1a2114b3261b62b01a25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\embed[2].js

Filesize
62KB

MD5
94c1eee642d70f483959c70f8ca93c2a

SHA1
a726196aff571e7edebecb708f46ce2e4ec6c020

SHA256
24ab8180b359a5e3970b5889722208bbbacf2d705225fc4e2718d2c6ad58615e

SHA512
046a50eb76bed138846effac7257d06ab869f7f0c44f9772325189763e466c81a1386a5d054a89b5de4ef78394160ff28802070ed1a76b6e2c5a9fb6ce2a58db

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarF983.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit