Analysis Overview
SHA256
eea25d83bb1089442af529edec66f01a221eb3b869fa3834e62185f2ea41a45f
Threat Level: No (potentially) malicious behavior was detected
The file 91e10f3c1f26899bb18f5c176820b6ec_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:01
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:01
Reported
2024-06-03 13:04
Platform
win10v2004-20240226-en
Max time kernel
145s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91e10f3c1f26899bb18f5c176820b6ec_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4840 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4932 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4936 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5436 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5952 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 104.91.71.140:443 | bzib.nelreports.net | tcp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 96.16.110.114:80 | tcp | |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.73.29:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| NL | 23.62.61.163:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 163.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 216.58.204.74:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.229.138.52.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:01
Reported
2024-06-03 13:04
Platform
win7-20240221-en
Max time kernel
117s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 404edb39b6b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423581558" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003373e6f5aa53454183fca5dbe973a65800000000020000000000106600000001000020000000b1f606c45992e62b1bac7be81f00a649a04b48b60762675690af3d64ef54b28d000000000e8000000002000020000000ea5d079901ad704acd8e6fa77adb0b38cec4b24927ead5842ff1a4837bde888e20000000353f18269a0d094420f8ea0f28cf8eeea8555d415516fbd846d5abf6046d7a9e40000000fc9a0a4c6fceb5f1be57edf7cc072cdd82e968fae70c2eb4bca62470da9e7f4358dfd4efabd69e3e96c4e3fe4b11e9d737a0c76c2210ba8604673c2c50401c43 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000003373e6f5aa53454183fca5dbe973a658000000000200000000001066000000010000200000007de8399cf08ba959f0bd55c9b0175538bbf660efdc477b0ea0266a6dfa7d923f000000000e8000000002000020000000a5aa8f216aeea956876537bc030fcd2ad6c697ec44d656f3a0c498c935ceabaf900000009f6d872d57412940862edeed629b81ece66e5eea582eaa45f970fbbe9dd07b330bfe278899ff5fbbdd5945caf39963cb51d482202e30c64869a3f6cfafda9b905449bcea25a6727b35fb86542d59a67941f2594acf16d23e42d9106c8202777dad4264b65daabe7d1d012f0155ce60056174578986abbc3fbde8ff129e109c6debc391cead02fc6deebbb508d3c258ce4000000065d5d1c73af53d79c08641506704dd1bd29dc293c1d703caefa5ecc53380e89cbdbd858c4e75abb6f4e264f0370eda44ae5fc91e173a5149c610a0fd0feb30cb | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{653D8941-21A9-11EF-A01B-4AADDC6219DF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2276 wrote to memory of 2984 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2276 wrote to memory of 2984 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2276 wrote to memory of 2984 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2276 wrote to memory of 2984 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e10f3c1f26899bb18f5c176820b6ec_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab21A7.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2288.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bcfeaa5bca36dece99949e5c539b882a |
| SHA1 | ac1cf0e0701539323d9ef8a53ca5c311e9faf100 |
| SHA256 | ff1cdbbd8cd33b173bd24a6301dffbf2a3e29c8734c1d7ffb6ac69233c51b231 |
| SHA512 | b2a09b56443f1d1d8426a5ff91933f027599c405e50a0200785442d202cb9b0a0b06bff5809d5022a6116654de734f4dd62b3e187954b81fe0af407fc2785519 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b3ef50667c1b8c513f31bd1ddd95e052 |
| SHA1 | aa4a3d2d4d7da5ff55261a5ff7aa5841459f2966 |
| SHA256 | d3d5ec0b777547f69a73a320c712b47ce069c27ebaf384f9864ec594a259e2fd |
| SHA512 | 0203df619c6beaca1c8f084ae1791c2241572ce9935eacc6eec9e97dfa9942fdd0ee3d96e15013226a2dce4f375f8bf84a0470da12442330096046f74c1215c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ad92e657846cc7635088b7c3ca967223 |
| SHA1 | 12a4ef9dbe8ce6a56d7edf8736548b244830ad8f |
| SHA256 | a62f57ced572ddf90bce82fdb88f4da17e6e2cc3522f7dcf4732bf74028e9661 |
| SHA512 | 65a18d28d086e91372c33051cf05247f4efb676aeeb73ec16811c8f1f96aff96f5c31243210eee32dc1575f6a697a643a6828610ab7849c2724b3b790dba105b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2363998a382dc8b320914fe47507f6b8 |
| SHA1 | afb8779a7996f9bb38f583fd58ccf72b06d4423e |
| SHA256 | 677faee88b447f63266482a651d0be39f62e0c02ef9679ec73355267d62a94d6 |
| SHA512 | d8b8d450fefb60c51fdc1bdd984ef0dc8fe25b007bec6a18db7c92d216cf7c675924a4fec0fba983a64fae69da78451ca366d0453cd177ba59446d49a98f7063 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c36c2cbe35becb3ea98ca7c79b74335b |
| SHA1 | f84f9fb330c23afaead972af86beeddaa6c8e1d9 |
| SHA256 | 3ff58115d1a15057c5c5d245a91f7d2166cb0ada887d4f27963ae236f2936d5d |
| SHA512 | 9de7801b66814bf95bde6823875d72110972ea571579d3bf13364e834525813fd23666b93b0e5ec66213884ceca3689cdc9303f2a16fe3392a284e8740e04a19 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f2c9b8bcea520ccd3adc9b68f8dfcc1d |
| SHA1 | bdebb2dd40a028801ee89efbdefbdcb21d49d03e |
| SHA256 | d02eb384e104fc517735eb36a09a38e4eff4273327415072216fd0d7a79e9199 |
| SHA512 | 5713b0c7afdeff69dffe2588ca236647f854b77b762a0c6b7fba96d03669dfc88e787baa87032151f06f9714e5a7b008316815c597c60681969959d64f655c45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a50edd91c2b75faa15deee1b6776c2f9 |
| SHA1 | 85f4a411308b0e5cbe46a4103d3c54c18d88f86b |
| SHA256 | 108a4427098534341d01674a8d1c7c18ee6a9ca9b007382e86518156319ee955 |
| SHA512 | f1a325009ca500756491aa6a49eb0f523f8e68cc0ab353d2d45f9d414fe1e7ac5765b8e2c19390e9171dee7d7e46f77d6f6d47863c4cb0969cd76e910e32cb44 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b03f7b33713fc824009597ccb62ef5d |
| SHA1 | e801da4275d6902ad281ab1c79ab754c31ccdb88 |
| SHA256 | bb1612117b453da6ca33cdedc3d40eafa60cf7382b1b2b8231a78a7c617206fb |
| SHA512 | ce6b54b7c2b8e0177c385fda09edba3d47d033cdf3dc8a0b01d10ebfb63a7e58abef2956537ad34daeaf6464e0bc40fe3f1689fe0ddf823f1cb83699d955bcae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0b144121adb901d6925c7b727f4f85f |
| SHA1 | 79b41b845cb17750f7e1ed5685519331846b0d28 |
| SHA256 | 2b94dbb0e391e915520b358b0a93cfa2809eb9ec23e588f0f59767e01de14621 |
| SHA512 | fb55eb859bf1287bfddffab3d2cba1af60ed7e3adf3c8cbb5dfb060343d31338e7fa511683fc0bffe3acdf371c115b735d3b1b3779eaa1d8eece3298ebbccac1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 796001a73f342493273e6d178af9fe87 |
| SHA1 | 00d7cd499e792cde7058b2a90904296b99ee1025 |
| SHA256 | b07ec1b7871025828eb0b467cea6a47e165119398a7df599a8ff34e288c2ea0a |
| SHA512 | dfa65e96e8efa05204b5241ec8d59a927ba82b4a2bec78fdd56c7fa268a2fe890a2a6edaa15055a9e8f250c1c054bd85079bdd5c77eec27ff9b619cb433faefa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5656a901c8098c401cd974bfcb51e58c |
| SHA1 | 0ec6bb38c71588521fb3354bf850f3147d5c3908 |
| SHA256 | 33fedd223c8e2953e64947474ec5b02863cf66084868a193df857405212efa94 |
| SHA512 | e0c40d83e50cbd45dadc56b07544b056c3ed94952d67e9d5c3a47423019ba401456292d26fccab56c429aaba0b5a02884f2c2b63e929f210338f9cb0c9e29fb8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 575cd18bb7057b9060c829a4d19598b7 |
| SHA1 | 2f5a28f73fbac634a1141b3c18c63e3b10dd6878 |
| SHA256 | 24e08da5572397214f8f810f526cd6a1815e02019c805ddcd400c799ca9c88a9 |
| SHA512 | 109e476be0aadc07ea320095ac35934956906abcf8267f2c994b3510bd9d379c8ff81850fb5c2ebcf74c4c0ead348f6b508c485e0614b0041a82228385dd845d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3956f1e2d250b09b669c29fe92761d3 |
| SHA1 | 9c3c28328ba223ac7fdf817f4597b22c583c536b |
| SHA256 | 7726cc066d8725f8567a47f34e29c1010cbc0cb7c5f91d21169cb65f1928f8e2 |
| SHA512 | f87f09592c6334a96ab63a07587b631e23509dcdcea1398a1f730baae4b47c22c9ab9f285d5c3bd63261d9b5f606f5fbfd693fcf9b136671dcaeecdd1046c3e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f2385d0b9acea418f48aa6e3c5ab463 |
| SHA1 | 0a763d2ec579efca21bf5d6d8b25e44b2f8b12a5 |
| SHA256 | 5c7a213f11c43493d6dc6892338cffb1ddd8f149e7f9fea9cdac8ff98cde001a |
| SHA512 | 0d30fa85d355b88e59251204ad03206a1b95b74c5da1468562bfaf4578e26ce9433eef18bce20dbcc120cf917de891356f58c61786e9981fc9874a76b26b3f77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cca69284e781b15a75967845541c1f6d |
| SHA1 | bcc2a4e1b7d553e34b476b0b1f5055aa7801dfea |
| SHA256 | 1f320d14e99fe890dc17ad52c87d8b0fa02d68bfb1155efd7a3a997cf3dc42ee |
| SHA512 | 8c76cbb04d6db86471a06538ada3b850c170a3415a0c03fa89207d5438c92b685faca42573428944c2f389ebf40057b611e8a711ab2dc2c85d9afbf04edef18e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 428243e9b96e6a6009112cff66ab370e |
| SHA1 | a2a813bb487124947e0dd723fe1e380d2fad0cd3 |
| SHA256 | 8b2e0efe32925181e83234804941e3772ea931db826d1b9c84578a5387297db6 |
| SHA512 | ce7fe93a2f2984de57ebee141c5b4870638ce58ee863ce6c36707745c077df9c7a915790fb6a1d288d7316d3cbb4d7bebb07717d5e49fbd93a8b651914f28d8a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 26daeab8680d9f07caf9c601d76cb2a7 |
| SHA1 | f549ede7a1848e38860ac94c990b456fac6a35d1 |
| SHA256 | 6caf374f78600615055894df834cbb2d593c0cd2a2d7c9aa5faf7ce04f7db193 |
| SHA512 | f2e71fd6f035888fab28aaf10d37183eefd445558115b0be9de246829d2cba670e9927dce6af70afae34efa3fc78fb6404349b612a1601c33fe9fe83a3dd10a8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1876b82fa4ba2195f132862208e30090 |
| SHA1 | a36c88e64a7fb64eac7ce8d98b6db2089ae97eb7 |
| SHA256 | 54b0c9f201f4f4aac5b943079843cd90f172020060eb8c0e237fc5482572e0d9 |
| SHA512 | 066c33057f20ce5141acd18680176ffc5d1cc2cc5a4b71c9b1bb9cae2999614381cab6e87fee8f6c8fa0e34795c27181b2f89a5ce582d58d4ad29fad8f4ce0cb |