e5ecc27e6bdc5c2f5a48c470ae4df306ce19f639f078256330792da7fd4ab6a6

Analysis

max time kernel
142s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22/05/2024, 04:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Size

8.2MB
MD5

65f9ef001c21bfb95c4717657512caa1
SHA1

ec2c158cc14b592c141f9af8e228c5f00eec5768
SHA256

e5ecc27e6bdc5c2f5a48c470ae4df306ce19f639f078256330792da7fd4ab6a6
SHA512

248d37c72576b9eebdce06a4e424639191cec924d71a7ae4e3a8b05a3ced92325641dd899974d2d750a32b324a7a0ad3af86fc0b84f84fa0cb67d45a43088ece
SSDEEP

196608:ldWW0fIFV/wc12edHL320Yg92L0fh3hDWjRd1SEAfzOxEM:DwfI7wc12eZLm0GAJOPgE6

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 10 IoCs

pid	Process
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 25 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}"	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f44471a0359723fa74489c55595fe6b30ee0000	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 7e0074001c00434653461600310000000000a8588181122041707044617461000000741a595e96dfd3488d671733bcee28bac5cdfadf9f6756418947c5c76bc0b67f3c0008000400efbea8588181a85881812a000000eb0100000000020000000000000000000000000000004100700070004400610074006100000042000000	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = 00000000ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic"	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_Classes\Local Settings	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = 00000000ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 = 4c00310000000000a858d38210204c6f63616c00380008000400efbea8588181a858d3822a000000fe0100000000020000000000000000000000000000004c006f00630061006c00000014000000	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\MRUListEx = ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 = 4a00310000000000b6587122102054656d700000360008000400efbea8588181b65871222a000000ff010000000002000000000000000000000000000000540065006d007000000014000000	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\NodeSlot = "1"	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: 35	2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2268	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2420 wrote to memory of 2268	2420	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe	29
PID 2420 wrote to memory of 2268	2420	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe	29
PID 2420 wrote to memory of 2268	2420	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe	29
PID 2420 wrote to memory of 2268	2420	65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe	29

C:\Users\Admin\AppData\Local\Temp\65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2420
- C:\Users\Admin\AppData\Local\Temp\65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\65f9ef001c21bfb95c4717657512caa1_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:2268

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI24202\MSVCR100.dll

Filesize
755KB

MD5
bf38660a9125935658cfa3e53fdc7d65

SHA1
0b51fb415ec89848f339f8989d323bea722bfd70

SHA256
60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

SHA512
25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\RecodeCertificate.exe.manifest

Filesize
709B

MD5
c46d214400fba5802cf356ea6d739452

SHA1
e55e27c5eb8d557ecadbcd04463343b23d249a36

SHA256
34a692cecb1ab34c3b96bd695903cb85d22d60081ca04e7d8e6487937f39950c

SHA512
ab836be488d11647ed3e82c33e7b70feb2e8c9ee04c2841d07c886c42d18978c25e11d61bdd603c4f7ab7c47f758086792aab5fb47433c2eeaae595e0ef73550

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\_bz2.pyd

Filesize
52KB

MD5
b881f1cf85e9b1df15be43e697e057af

SHA1
f30a1fd03b14d133cbf62a1aada93b684c7ae71a

SHA256
3226c701d419f42ff9b392836c4306813e26ac17a25ce7e606c465b889312fa4

SHA512
dc61dac267390664d98613be21f88a32530571a0a4fdd55db6898205ebd93b3e53c0e600d68664bb60d2e821c1b5588fff6eeb46535d65b19bc2f5a7a1812239

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\_cffi_backend.pyd

Filesize
62KB

MD5
c75cbc40c54d3c1235b6b191f40cda99

SHA1
655dcf9b92e8d605ccee81ac80200e0269a5be14

SHA256
1f11d9f65421ee7a48aad99f7d6007aeb823a731ebe4d8a4fbf21851ca14655c

SHA512
95d5e1b2b0b35e4356c7e8eb9afc3a38b6efda77898ea95cb53eed3a98fbd0889222d91223c5f110d1f9b20915ab5742b6ef817d3739a13bcef44eed5b747a58

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\_ctypes.pyd

Filesize
83KB

MD5
90a9f0f7cba5e3b2e5a52c1ec303ea15

SHA1
8269c34e6be3a4c5292323147ccb5c46b4035998

SHA256
a9a2715d90b4fea7e8813bb9f70bb2ae9b2ac40b48db77f9772c3df6d8594648

SHA512
1a04271b5a9e429e1a371da5cac3c3c9fc5e2aa52a7497f2f29b875e69ba54576b5f9c4ab0e1d6f6743dd9cdd2a9c90c468be382171fa2c512f2e6d9caedeb30

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\_hashlib.pyd

Filesize
765KB

MD5
2f2e91e4227e9292963bfdcbb13de07c

SHA1
7a00493ccc4a977bfbd5331b195f5d52d35baab3

SHA256
c4bdb3470ec748d4f379a0fce02e0213370f596af166790081fba10d18bf1b80

SHA512
f4cea3b3866bbc1ebc48614e13141426415e6eb24bdd8fc18249d30d9a9569a4b6d03a795e3c912309d29bff3a7f4c4c8c7fd004ff6bf27351e4bef04646a88f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\_tkinter.pyd

Filesize
34KB

MD5
5298ea114abfbf4867fbb76476d078a7

SHA1
e6e7c9253bd9fcf1f99ed556ddf7076dd6dee8fe

SHA256
670341e744b776e98fc4405c80183f08c7856bd2eb5c96dc9deaaf9f49b7f0a4

SHA512
fc24abbee04e2c3f5973ebd4bee484db7f368c4b06b2e0c10103903a3b31d1bc215ff130d065a883bd50a2b4597c23b702dabfef5b84ef7a847282e558c07f9f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\base_library.zip

Filesize
457KB

MD5
7ebf7c9002ad21bbbd4760f445641d04

SHA1
e1737faa061fbb90cea450fc4533ddaebf3d4c43

SHA256
550dfe53bb93766a58ab7364eafe50149ea6bd15866349ee72c656a702eee2b9

SHA512
ed7bd1a9a6f1154d676ed94b256397cf14f423eab16af2433f3d8a0d70bbe302fb6acd9d29e2c40ee9a6898d4b1f424fa38e6133fefebdff0e2d977947f934c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\cryptography\_Cryptography_cffi_e9178e86x399b1113.pyd

Filesize
1.7MB

MD5
e5a8420d84a8e340615bab4dc2b87d4b

SHA1
143df560e4707f6987312037de74c98cb26eb579

SHA256
272000086af6c42c99bec15e61ae14c39dd1c3e8586ea55244b2ac0931f2ffa3

SHA512
c0ff8a49b506a2d596025ef1f47c8751ba833c47df3bd1418aa252da16a9012db04284802b94efff06b998327b75bff3a60cd5ab94d12b5324de17620e411b31

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\python34.dll

Filesize
2.6MB

MD5
daac98eff3cc9f81a3329adf4a0a114e

SHA1
f41c312affe4a69a6171d629b6ee1ecba03bc867

SHA256
dccedf5c8bc1df490e9a6e7c67e856b0aeb4dc34f1117a6986bd5877226e8a60

SHA512
f444c5539fceaa0e1c39610d22be90582fe4f1d7fcecf36a89e82edd264c637586ad019ca7bc7805056a50bc2b246929ab8fe53d9e5ab70c5346c02cc40b54c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl86t.dll

Filesize
1.2MB

MD5
2738cb123399e87d08cedf8afaa11e1c

SHA1
58fc1dd450a946109c9afe43c1318574f9708750

SHA256
aa78997768d31687b809c950e7119a51b2513027871cdd61601ba63100fc0ae2

SHA512
8661eb91749bf67de80475ff86d54692ebafb0b129edb417c7a44c2e01f9ae0ab9a62eadbcc9bb7491c9514710c0fb779feb464e729eb764e2d7b276bb15bfc4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\auto.tcl

Filesize
20KB

MD5
089c0fd2791281c125e5358f6e6a9ed2

SHA1
87760e9173a441ad0c4b77cb9e64355b50f1afcc

SHA256
4b69936a56e34c66d3c7fbe2f78d12ac4290e41e7fe8a50e9e481e05ba1f5a68

SHA512
a3663595710ab9818d3e6fc3efd05b2a9c88b2dd10d91efb5575b298c2f70272b8f5c2cc5bb97a1b9a39e399ba3ab01604a48526769c7e41f626c2e10d203e6a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\encoding\cp1252.enc

Filesize
1KB

MD5
5900f51fd8b5ff75e65594eb7dd50533

SHA1
2e21300e0bc8a847d0423671b08d3c65761ee172

SHA256
14df3ae30e81e7620be6bbb7a9e42083af1ae04d94cf1203565f8a3c0542ace0

SHA512
ea0455ff4cd5c0d4afb5e79b671565c2aede2857d534e1371f0c10c299c74cb4ad113d56025f58b8ae9e88e2862f0864a4836fed236f5730360b2223fde479dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\http1.0\pkgIndex.tcl

Filesize
735B

MD5
10ec7cd64ca949099c818646b6fae31c

SHA1
6001a58a0701dff225e2510a4aaee6489a537657

SHA256
420c4b3088c9dacd21bc348011cac61d7cb283b9bee78ae72eed764ab094651c

SHA512
34a0acb689e430ed2903d8a903d531a3d734cb37733ef13c5d243cb9f59c020a3856aad98726e10ad7f4d67619a3af1018f6c3e53a6e073e39bd31d088efd4af

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\init.tcl

Filesize
23KB

MD5
1017dc8f4ff0e4ee38ee5c15b589ba8a

SHA1
57ac4b5aaf3136c4376bf3cfd73c0f6b49909854

SHA256
1db1580e7f9cac9533f831553036ba6acecbf5584e422f7f58d7a25ae9ea78f3

SHA512
06eab30670dd892cca27f587c937a0977ba3732c791cbd818d52d9db0a8080b385e22d2cd0004d2754ab3c3c1de590ed01c7a754d8f3a7ad43c032b449417f6e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\opt0.4\pkgIndex.tcl

Filesize
607B

MD5
92ff1e42cfc5fecce95068fc38d995b3

SHA1
b2e71842f14d5422a9093115d52f19bcca1bf881

SHA256
eb9925a8f0fcc7c2a1113968ab0537180e10c9187b139c8371adf821c7b56718

SHA512
608d436395d055c5449a53208f3869b8793df267b8476ad31bcdd9659a222797814832720c495d938e34bf7d253ffc3f01a73cc0399c0dfb9c85d2789c7f11c0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\package.tcl

Filesize
22KB

MD5
c04c438c6e7c9db959cdf952074484ce

SHA1
d14ffc498ec76c1fe3d923403003206fc9894ed5

SHA256
34654f5851ec90fef41721f0636975e5801c1bdcaf8d14cdcad50904d335e509

SHA512
9e8806be87428ca1a5948232dcd4b6426ff1719379bc03bc2f3b10447b6688f31df7777241d691ddf2ca95393d9940ad0e3d001849fcdd9cb946f0023582d339

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\tclindex

Filesize
5KB

MD5
e127196e9174b429cc09c040158f6aab

SHA1
ff850f5d1bd8efc1a8cb765fe8221330f0c6c699

SHA256
abf7d9d1e86de931096c21820bfa4fd70db1f55005d2db4aa674d86200867806

SHA512
c4b98ebc65e25df41e6b9a93e16e608cf309fa0ae712578ee4974d84f7f33bcf2a6ed7626e88a343350e13da0c5c1a88e24a87fcbd44f7da5983bb3ef036a162

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tcl\tm.tcl

Filesize
11KB

MD5
03c19d0e1648ae030beec16b897c31f6

SHA1
dfb0699cb4520e4704ef625854ec11ceeae764d5

SHA256
8247559e6c5aa3ad02716f3f3431fac713de563467f249901c854877953b8eb9

SHA512
8109d80183999008b04a227d8dc7c9d14f9cd1a5a17ee222aad45c9f07e6c3db7b95493624d3f3b604133926b8df11844e33ab72e9686371373a44af9f3ea6e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk86t.dll

Filesize
1.4MB

MD5
a505d0007280d4afb86cf009be2dc2e1

SHA1
ee2ff7bfc66797ee90026f08c0fabcd29800f64b

SHA256
6efccb887567a162d4b9304170ae4655ea4bac50d6a73182e5b72aecf2bcb899

SHA512
761dc875e43b5ccc9ab6342367fefd4dd9ecc8e8f2e06b322fe20ae40fc2148ebcdb99826ce2688a6e21633c1b901eec9adff0d6c5976c60e99c11bfe9c032b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\button.tcl

Filesize
19KB

MD5
f4e86150f27b0c8556966eea2bcfa790

SHA1
1dbb8e13aff4232ff5f1a4ee1c881c12e28a61cd

SHA256
3e35e90ebe12829fc5766aeda07beaa230647da592cfeb3f5fd018c2e1892e78

SHA512
929e304e3afdd8f2258860e71bf6f205322f29a58550d025a491a569c01db8776c099e6c340991c93a361853bbe72b408277684fe7659baeb274293617848635

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\entry.tcl

Filesize
16KB

MD5
d3b086be7499626fcb421edfb4074045

SHA1
82aa1b6b106669c1a9277bb752aeecc6ef116cb0

SHA256
3cf4bd444368f938db9337f9f2156425976dba7b4a9eebeffdeffa9c025d76ac

SHA512
27a058f0fe7a100788a14393a79f63dc162adffbd04f9c8034c99ff00bf129415c9381d43ace2c21671533006c7c50bd646f13ce70ca530785499ae9adf39e7f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\icons.tcl

Filesize
10KB

MD5
2652aad862e8fe06a4eedfb521e42b75

SHA1
ed22459ad3d192ab05a01a25af07247b89dc6440

SHA256
a78388d68600331d06bb14a4289bc1a46295f48cec31ceff5ae783846ea4d161

SHA512
6ecfbb8d136444a5c0dbbce2d8a4206f1558bdd95f111d3587b095904769ac10782a9ea125d85033ad6532edf3190e86e255ac0c0c81dc314e02d95cca86b596

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\listbox.tcl

Filesize
14KB

MD5
80e807dc61f9ca29d96db7f5e9f0c153

SHA1
1ce8bc890a8695108d1dcd926bdbf6b7be24d908

SHA256
6510a18f07daa43c3d2739114d19f159b4be07dd953207149e115b9aa795dc7b

SHA512
1c694ff97f6e9d44aaf9156b970aa315d5583db0e55093ecc93df3612fb3098614626db0652431ea74aa2f332b95335b3d6a4b0b7340c2808394b2e5ee583cce

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\menu.tcl

Filesize
37KB

MD5
9fdb3d03c7aa00ce5e0292e44ed4bf8b

SHA1
3660d532a1b1b5c6e08bdbb55bf3cffd3c14465f

SHA256
20c7cbe9ca72be4b3572b3a51e50badcbffc3735c14e50e82ad2c8034f1bc43b

SHA512
4e7e8c46f4d3fc386402b5f243ddae4c254830cc0b83a38b769b9c0f87d426273529364d547b7bfcec785b0ef134367a061135eb9e52b0c55faf1d94d00e368d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\panedwindow.tcl

Filesize
5KB

MD5
2da0a23cc9d6fd970fe00915ea39d8a2

SHA1
dfe3dc663c19e9a50526a513043d2393869d8f90

SHA256
4adf738b17691489c71c4b9d9a64b12961ada8667b81856f7adbc61dffeadf29

SHA512
b458f3d391df9522d4e7eae8640af308b4209ce0d64fd490bfc0177fde970192295c1ea7229ce36d14fc3e582c7649460b8b7b0214e0ff5629b2b430a99307d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\pkgIndex.tcl

Filesize
370B

MD5
0247ef2c621a6b9c2b0a44f424f72c2e

SHA1
2f2f5c122e0ba8d08d8867de9a48eaf1ed031600

SHA256
ec8c5c7aa30023554124caec8be87d8ea0ff27de63a729182c00a51dea2247b3

SHA512
843deca657e4bb8d75046ef54ef6321c5edefbd65f8f2a824b96991285326acdbe9b6c29c859afdc20b68d9cb55de4d2ccf81703c2f49ded2667a6f7396782f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\scale.tcl

Filesize
7KB

MD5
ce2221a1b9dc6393c5abbda4826e2fd3

SHA1
e7986224059c79fc8eb3ec22588394a368a39de0

SHA256
090c31cded1e846bb81d1f04d18e3400d0eaf0f4323e8497ff0feb80e7d73900

SHA512
4aab1a9515f12fd1387d3cfc9aa411b5e130725b159644ee8c8b6ef94b8fae19146f69551358d3753c71920d02af57788727f7c766a2389a8a0447b1d0a2c9d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\scrlbar.tcl

Filesize
12KB

MD5
9b2fa186839011d0aacaa6148feb5230

SHA1
3ae0dc3381ef55b950bb69f0a5e365d675b5dc80

SHA256
1b9633b649b95a05641d5a86d197612f1752466f90bef1d3d13338e330891a44

SHA512
81cb41f9945ee93b47a6fe4dfa042323c75b1293228cfce9634406f9e462ce021b99c158c47e0dc2b04d9cbc97de32aecf821bf361f4c186bb8bb80e86a122af

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\spinbox.tcl

Filesize
14KB

MD5
9c350da2115f3220dd1e1c33685b3f83

SHA1
bcac55cbfb4c37084bca11e04fbfc9b146d4ae05

SHA256
78dc6f17d3fb3a6112aea69f448f59b3b339add6a24ae94d6f4873b43da56f40

SHA512
cb7106857b0539b7226b6c32983c36f6b5b9bebdc01af1629784d7c995a462816459c5c19b76b9c02335b199abd0c11f9a8486f43413f204bcc92b2d2a7fc524

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\text.tcl

Filesize
30KB

MD5
2f3ae20eadb35d5e92192b7366abc9a1

SHA1
a6c9901d31544b64e62db8c581ce3eff92a5a0f8

SHA256
4c65254a8b0b5e656c6537ac159046dbfe0305d3d4b171e38d4da56e2b11f5b6

SHA512
c2cbee19a95a87c678101528e57060daa3c7e72e72591ff1a6abc8005ac19725e973241a50bf18db99a28dfffe358aa9be9eba04a53238c7234187c2fb540dd1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\tk.tcl

Filesize
22KB

MD5
89722a6039bc3115077b5a13daa1cfcd

SHA1
e835bd1098ead86f2feb380dddaa555f08725908

SHA256
cbc1654273f59c00ea6c723b4c00357638b0935940f937841be1e2e58725c3bd

SHA512
5dd3946b59edf32df32e5e93cad269bff7e1fabc649781b8548d919bf60ddef57f85eda116bc70a58acf81ba3087ae77c3f398ec6caf16d6495f8513ef2ef57c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\alttheme.tcl

Filesize
3KB

MD5
909f379db70a6072d49d0b48d07a32fd

SHA1
d6e0323eb4549327e5a4722015448a80ac3a99e4

SHA256
83d9a5889205ee8eae23e262f15187eebfe19375bc6c9d464e570cd5fd1f5b2c

SHA512
9ecae6ef7ec784b5104adfa2ebbb1f33116470bd3a0346d04d945a3a20c569ec052c28bcf4e914f4264d0ca80c27ad5fb43078cfe38318203e5698b6b84d13cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\button.tcl

Filesize
2KB

MD5
ea7cf40852afd55ffda9db29a0e11322

SHA1
b7b42fac93e250b54eb76d95048ac3132b10e6d8

SHA256
391b6e333d16497c4b538a7bdb5b16ef11359b6e3b508d470c6e3703488e3b4d

SHA512
123d78d6ac34af4833d05814220757dccf2a9af4761fe67a8fe5f67a0d258b3c8d86ed346176ffb936ab3717cfd75b4fab7373f7853d44fa356be6e3a75e51b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\clamtheme.tcl

Filesize
4KB

MD5
f2eeff6f288437ca0da802f6844a414c

SHA1
61a722ffda5f5fba842f673ac3b95062452567c2

SHA256
4cc2dc26fe379f69ce46a73abfbabeb9dd5509c41616e1d5a8395be94170c62c

SHA512
23da52fa6e8046cf383befd338b96550de253983eeb3f29f183ad4bfcdbda730b93ed9c6f0eae3cee816ff978fd77dbbc8b1c714b18120b718eb017d37bcb0d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\classictheme.tcl

Filesize
3KB

MD5
8071763da22437b3dbba8276dfcb31d9

SHA1
fbc8dc3198f49a6915a8ab6b4a388450b71a998d

SHA256
92f7befad42820e988806601dca49719fa651c88b8767b3347b13706ee3c17f9

SHA512
e49b2ddba1fc6e53baa5b39aaad496b6931562cb135f8eab495661229fad7085cebdea28221f3d1927b96012e3b3ad1ecd41a36e42ad672628f9fd2c755c07d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\combobox.tcl

Filesize
12KB

MD5
cf03b3f5e179f5032afb6355905636a0

SHA1
d4c7eac03b8ecad6a94e7a9eb7bbff562768ed3c

SHA256
30bb473c0471f4d015fcf4b51044a026520d53927f61f3d514ea53b8af0bcf67

SHA512
dae0ddb29d6e1e38ef65c70001bf836f1a12cfa9246658a87dfbbe02f6cb949c00f0a2adbca6c2200d583f2ab71f3e6bab02c754801c0eaeeb2880d2acd91122

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\cursors.tcl

Filesize
3KB

MD5
74596004dfdbf2ecf6af9c851156415d

SHA1
933318c992b705bf9f8511621b4458ecb8772788

SHA256
7bdffa1c2692c5d1cf67b518f9acb32fa4b4d9936ed076f4db835943bc1a00d6

SHA512
0d600b21db67bf9dadbdd49559573078efb41e473e94124ac4d2551bc10ec764846dc1f7674daa79f8d2a8aeb4ca27a5e11c2f30ede47e3ecee77d60d7842262

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\defaults.tcl

Filesize
3KB

MD5
79f1c9d16ec1b66762e82b73113c3a12

SHA1
51544cecbdf72ce799a80373be727a8ab9cca34f

SHA256
436ca9ad206f26df3b4f665ab2eb60a24bb833699172ee91f5a1adaafac9951f

SHA512
7bad8ebff17e18c9bd7f336aeedfae67db25303b6f7948362af5c93f7945337592803a22cf676c25e8879f097a7daef9ea7a8036ff76723e0720ce7eb9ed46b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\entry.tcl

Filesize
15KB

MD5
76aecbad28bca34368013afb12f8297c

SHA1
95a52943b60e085c37f21bcce5a65e0fed62c9a5

SHA256
d3e7babc44688e8539858c17fbe9995e28ea23d065b0c8c0509ac3bccadff766

SHA512
00d79569d56251e230ecd834ab4f598fce066e7631de7200c97bf2032bdb1709889895e4e8c314769ff17de4e835e8799f84a272dcc83f8f56e12bd995d1ab58

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\fonts.tcl

Filesize
5KB

MD5
5ebf9dc98e0a81a75a50b395e42a48bc

SHA1
cfdd5837f3b085f030f0bf79aea7a78a5782ab1e

SHA256
0337eed499ff1d7a421d353b3e8483e523b454a338147b65ab1eefd5e6280a5b

SHA512
2269ec5da654c8b24f789b036c1bbbb74218066df2c407e61b0f92abe8b4b4ec6c52c6b8098da6cf287da7eabeb011905f01fb053f347e18510b72b24a45fcde

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\menubutton.tcl

Filesize
4KB

MD5
06f570587f05fc9e20e2e841a5ddb938

SHA1
0e69c6ab9e03049592107bedd37a9f9d45c7f139

SHA256
8e6958fbc899baeb1942e0e56d3b8cf135409949ff249d9858c777922bafbc58

SHA512
e150c38bde8a5370212d456d125e3b6648dd0047ae3406c735d148e310d4cdeb8732eba0b226c0e221bacf909d4bab8104ccd6fdcaf5148e95ab7f389b14918f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\notebook.tcl

Filesize
5KB

MD5
82c9dfc512e143dda78f91436937d4dd

SHA1
26abc23c1e0c201a217e3cea7a164171418973b0

SHA256
d1e5267cde3d7be408b4c94220f7e1833c9d452bb9ba3e194e12a5eb2f9adb80

SHA512
a9d3c04ad67e0dc3f1c12f9e21ef28a61fa84dbf710313d4ca656bdf35dfbbfba9c268c018004c1f5614db3a1128025d795bc14b4fffaa5603a5313199798d04

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\panedwindow.tcl

Filesize
1KB

MD5
a12915fa5caf93e23518e9011200f5a4

SHA1
a61f665a408c10419fb81001578d99b43d048720

SHA256
ce0053d637b580170938cf552b29ae890559b98eb28038c2f0a23a265ddeb273

SHA512
669e1d66f1223cca6ceb120914d5d876bd3cf401ee4a46f35825361076f19c7341695596a7dbb00d6cff4624666fb4e7a2d8e7108c3c56a12bda7b04e99e6f9a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\progress.tcl

Filesize
1KB

MD5
b0074341a4bda36bcdff3ebcae39eb73

SHA1
d070a01cc5a787249bc6dad184b249c4dd37396a

SHA256
a9c34f595e547ce94ee65e27c415195d2b210653a9ffcfb39559c5e0fa9c06f8

SHA512
af23563602886a648a42b03cc5485d84fcc094ab90b08df5261434631b6c31ce38d83a3a60cc7820890c797f6c778d5b5eff47671ce3ee4710ab14c6110dcc35

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\scale.tcl

Filesize
2KB

MD5
b41a9df31924dea36d69cb62891e8472

SHA1
4c2877fbb210fdbbde52ea8b5617f68ad2df7b93

SHA256
25d0fe2b415292872ef7acdb2dfa12d04c080b7f9b1c61f28c81aa2236180479

SHA512
a50db6da3d40d07610629de45f06a438c6f2846324c3891c54c99074cfb7beed329f27918c8a85badb22c6b64740a2053b891f8e5d129d9b0a1ff103e7137d83

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\scrollbar.tcl

Filesize
3KB

MD5
93181dbe76ef9c39849a09242d6df8c0

SHA1
de3b47afc3e5371bf1cd0541790a9b78a97570ab

SHA256
5932043286a30a3cffb2b6ce68ccdb9172a718f32926e25d3a962ae63cad515c

SHA512
5c85284e063a5de17f6ce432b3ef899d046a78725bd1f930229576bed1116c03a3ee0611b988e9903f47da8f694483e5a76464450c48eb14622f6784004b8f7e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\sizegrip.tcl

Filesize
2KB

MD5
bd1f47ce81c8690462b050ced53a6817

SHA1
318eb1f966a7e04e75f376d5d748e80a68e99a13

SHA256
ed31fa0b0d3438acad3384dde1e562033e0d9a035e5056322da219d6c4cbd912

SHA512
7bdf0438806a2962b553f9062077522bd03eed1088b7d66c652920786a10d19897f263c195aaa6e29023d9bc69c33bbef189ce082a2dcd2611336448e5cbd87d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\spinbox.tcl

Filesize
4KB

MD5
86bca3ab915c2774425b70420e499140

SHA1
fd4798d79eeba9cffabcb2548068591db531a716

SHA256
51f8a6c772648541684b48622ffe41b77871a185a8acd11e9dec9ec41d65d9cd

SHA512
659fb7e1631ed898e3c11670a04b953eb05cecb42a3c5efbdd1bd97a7f99061920fd5db3915476f224bb2c72358623e1b474b0fc3fbb7fd3734487b87a388fd7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\treeview.tcl

Filesize
8KB

MD5
a849bb347443f71bccd36028f08813f6

SHA1
5ce1c5e891f934612af71348f4ce7d6a60c9399c

SHA256
3cadaea517d5cbb1f2ae09f8f5caef7b7d0104e71c07be7263d9af158ce2699d

SHA512
4a8ce4043d221aea26c569a050a21a874779123888a6cf08aacb4beec039d9a17eda17109fd9115e79c1ae05dfd557de774f692a46eff37aecb081743dc53023

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\ttk.tcl

Filesize
4KB

MD5
e38b399865c45e49419c01ff2addce75

SHA1
f8a79cbc97a32622922d4a3a5694bccb3f19decb

SHA256
61baa0268770f127394a006340d99ce831a1c7ad773181c0c13122f7d2c5b7f6

SHA512
285f520b648f5ec70dd79190c3b456f4d6da2053210985f9e2c84139d8d51908296e4962b336894ee30536f09fae84b912bc2abf44a7011620f66cc5d9f71a8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\utils.tcl

Filesize
8KB

MD5
65193fe52d77b8726b75fbf909ee860a

SHA1
991dedd4666462dd9776fdf6c21f24d6cf794c85

SHA256
c7cc9a15cfa999cf3763772729cc59f629e7e060af67b7d783c50530b9b756e1

SHA512
e43989f5f368d2e19c9a3521fb82c6c1dd9eeb91df936a980ffc7674c8b236cb84e113908b8c9899b85430e8fc30315bdec891071822d701c91c5978096341b7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\wintheme.tcl

Filesize
2KB

MD5
a6efe03ac019e723627c064ac74dcbf3

SHA1
9740638a19e6b5360fd69d887a4e01d9818fe43b

SHA256
08ce1484ff82ae2842a986b5a44ea81cc375e34687ef0896c8a45938721aa265

SHA512
8ab802d41522080cfa974b628cff2ba3bfc074bc0c99dcf0e0ab647d54d10c9293c7b79f842bb5e8767972cd55724c3646065a2e988d7581863af4cfd5938eb7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24202\tk\ttk\xptheme.tcl

Filesize
1KB

MD5
176a5dceb7cf7a201b517b859f923f42

SHA1
207d85b0adb45bbcfebcaec9e2633ff353bb6449

SHA256
351ba00b3a02748fce2df2ab79d0c30c445def179005b6d7db739ce3aa8c1658

SHA512
07b4466dbd22067d5e038b09d1ea7f578c817e3b73bcbb1f66533a48b817f8400e01b79f5f5fc2fac46942f5e0df98745a52e08f5de078669d771e3794c01f91

Download Submit
memory/2268-987-0x0000000005C10000-0x0000000005C12000-memory.dmp

Filesize
8KB

Download
memory/2268-989-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download
memory/2420-988-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download