Analysis
-
max time kernel
143s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 13:17
Static task
static1
Behavioral task
behavioral1
Sample
91ec3d99a84a6b51da5d439b819dbd1b_JaffaCakes118.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
91ec3d99a84a6b51da5d439b819dbd1b_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
91ec3d99a84a6b51da5d439b819dbd1b_JaffaCakes118.html
-
Size
71KB
-
MD5
91ec3d99a84a6b51da5d439b819dbd1b
-
SHA1
24670b81192bfcfc90dbebbcf3fbb7b38b5ddcb2
-
SHA256
38e051091e455b1c35e025a8a01cc30f066ea6c38d0ca7882b677a54e3292482
-
SHA512
ced8fe4f13c9ece824041b006bd400942ab36d5d0dea182f911039c7bd761f743618e2fc90d62d9b77c1a06e3f4c0c57c0b85618a1e368b88997055e58e831f1
-
SSDEEP
1536:QvQNaBUtftQrpQLg56sWvE2fS/FkcvN45z:QvQwB5rpz56hmFkcvN45z
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{ADEDFC91-21AB-11EF-AFF6-E61A8C993A67} = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "18" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "18" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000050601990868bd446880a5754f8b1782a0000000002000000000010660000000100002000000039c072eb39a0e327877423c066fbcb5a33316dae969bb03dbd33063b87cb0cfd000000000e80000000020000200000002b45661f65cbb1cde3d4add117ee95967703c6d21e98fa9cce5fea5df5f2c08220000000e89fd542ae50b6de89b9998b3e9dc6fffceec23a232bc46a83ca37d7110b38ee40000000fcc52654e9103e531f54450288ca33d6f5c834c3946040b4b68fa09a0fdbf743d5b951209f27026394cf068eb0747632f72e456828e3104dda3a2ad097362688 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423582541" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000050601990868bd446880a5754f8b1782a000000000200000000001066000000010000200000009fdf82f005a36f53b062508a16f277f96024b35cdbd147ef02fe509f2e4191f1000000000e8000000002000020000000aee86c4218c2d0aa2cf72dcbcbe45a3520cc3e43e7d40130a891b9136aa1fee8900000008733cff1c01751b8458eb13154d4975921c250ae408ac45de46defd83508a4eb3529a6b16add832719ed2cb577b8f5bb1a88bdbc8a95bab3f44a1ceb35d042b88349d8cfb4cd03f3a989c22674f791b3406859d99f12fa517c7cfb3afb36d1689e4375b4d5237db22e5a6c3e90080b9cc2aee5de5e17e3157c603ade5ebeef7a194e06b55b0d93e228a870e7a36a6a9240000000b5e9589d851806238bfa4a84416cc87a628d124139e9bc0e50ef8433fcab286b306f3de914f0bffdae377e880386113899efc3520c5a164757752af3db9bf5b0 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20183e85b8b5da01 iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2240 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2240 iexplore.exe 2240 iexplore.exe 1404 IEXPLORE.EXE 1404 IEXPLORE.EXE 1404 IEXPLORE.EXE 1404 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2240 wrote to memory of 1404 2240 iexplore.exe 28 PID 2240 wrote to memory of 1404 2240 iexplore.exe 28 PID 2240 wrote to memory of 1404 2240 iexplore.exe 28 PID 2240 wrote to memory of 1404 2240 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ec3d99a84a6b51da5d439b819dbd1b_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2240 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1404
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD555540a230bdab55187a841cfe1aa1545
SHA1363e4734f757bdeb89868efe94907774a327695e
SHA256d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize1KB
MD513ed5e0369cedc64c8437eb9a493a981
SHA1880053c91809fef7b2a3d688143f554d5a05c0bd
SHA2563560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454
SHA51218b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
Filesize724B
MD5ac89a852c2aaa3d389b2d2dd312ad367
SHA18f421dd6493c61dbda6b839e2debb7b50a20c930
SHA2560b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_1DE53A40D87952CFC53E36A93B17FF42
Filesize472B
MD57492d35ad49dfbe46f01dc01c7af70a3
SHA1cb20561751b1b306c8cd3d8fb9ddb66efba6c8d6
SHA25668e1f6d45ebac9608a34dd41a0c53fc731905d21fe953608cf858d0f6c5897e6
SHA512b7b271a54867b0a1133bce09e7166cc19287877f8180759057c220f6a462a3e79a7a239ea1e727006f184a696c476b79dd9589f1a610f4d63418c7b88ce3be8b
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
Filesize230B
MD57324c7e1d67e4e2e0a35506109685c3c
SHA14ce4f7c3979f8f9bbe486ec9a0702ca99a66cf90
SHA256cce3bc6abee56a4e4c28349a1ddf535f8f4536280214639b8346ae52d8717c9f
SHA5120b3690d2c17360715c7e48d95963b80ac15912fd102ff594149df692883ddc52aa8670d4aaed3d185ba4a970c5efec2057c2ecf7225b8cab4596cd1615402b9c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize410B
MD5c9328c7c31416f4345a31ab29273d5d3
SHA1a11e3c7150520417962011a29726faff33307618
SHA25627b6c81a36ab7b8a82f9a7d5116554d79f363efbe62487a780cc43dcc939f868
SHA512024a81934125174a5917b5a96a445c471df6dae85a4c367d2010c1940a89dab5eb3a3141d2b771fa6385e3b261434382b5ea3709e4bfac3b404cd351883b623a
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize410B
MD5a96dce32e587817a7bbf9270237df506
SHA1b7501eeb27eb8cf5a6c0a0a843db9b800e873d0a
SHA2564ecaf8527d4ce1af0c9b5c0a833e7f5f2d441b36beba5e70999527ebd9b575c7
SHA51279389812d89eefc211e9e0352d496752e87d78b8964731e086ddfa54afa80caee12a26e7f8c48d79aaf343c3d8a57233188c0aa427e122fde43f788fc85cbf50
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize410B
MD5219a0f7de1969f401a6f850ecfdb5d5f
SHA145abaefc1f4e8aff976197ef04d3f0f359ff36bb
SHA256c6526adcedaca88973482f5c0cdbcb0eb1b8f315856da33b734ada72bb7f1c93
SHA51246731c5e7739dd4dab7ad2dc95017e170d447274e51840e5905923231c91adc673abca13b7062982476d376ad694c29c29f0d7d37d7fce20626859260b914e9d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize252B
MD54a68db41418b6202b7b21b1bf946455d
SHA122b987d3e498425f136d86121b38f65ed5f69908
SHA256fa353bd3550593d4d1af48e706f13e46d0b3ed5cb07937a497978ba36e5b9631
SHA51208afb19d43d3dfc20b387ed907c9df342d74182d6a1737f4a63c6b768cfd8c6367d7a0a4f55d96bb4ab772f4778c4dfe496be09d445633b0492b23d800e11ee3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f2e517afdfe61a2572543ed7ad28137d
SHA105d6d503c7ff7eaf97d4385fd1729067028ca98c
SHA2562c545f6f8fed2d4cd29d4d1aa5b32a618e072646a942351c1752f96fa4318a45
SHA512fca5d948c547f0df29eb1cbf3530896811e2ec1c19ed530ef14dbbb540503ad044b5c15b1f4bd1352a92c402e1ae1959ecd6b128dbf3b47ef0e05417d084f7ba
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD594071828c62d971686cdbc63f65b7eab
SHA1536f3bbb95d81fcf4b5518e636c1db31a9d43bfe
SHA256324029741f15f3ad7df604cc496dfe0a9c020ac8c9c19f7e4e71e392631fb504
SHA512838dfa8590a004dfd59df9f4b53b1faa305a1720c8e5a6eb24de72e3c55584bcd5e796b4af6d4dfdd3ff482080b2bb9577613a402c2da765713020d481f2c445
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5484e400a242459b072b83c809c415435
SHA135e3a06a43f741de7008bcca184c6c89cae3cf84
SHA256824eb0dc9af043f10eea0b4d8915f41dc1e16303be339743cbbc9c2ffa642e1a
SHA512ca81e2bce60f27e1bc10ffa6ebb02742976436c656a693c227e382e43a0df7f3582de5f6b081457c825ea8ff853c5b4c73eac092829c270d7fae0b29116b23c5
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c2c6464d3a210f5a3ef46d15a79cf3c0
SHA12ef6d0467380116c306e53227ad9e93fb4882696
SHA256809257bc12adddc7df59fe35a1132388368014cfc3d429492934b951c8f80cfa
SHA512743ed4fd942b9c1e1fcff14d3846c7a4a25497e2dca97e02be394112b284eac869138c98ed353342af269917ebefd9c0a8bf389bf561c27e9bb2cf069f1df1a9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD564f1c96d202c9f13b4732c7bae4ebc75
SHA1398e445180ffcbb12ee4c7a8ad285fa63f4da41c
SHA256cc21181b4ccb1be267494eb95a372b7ee0273e2a610669a383f6c0570f7d9a8b
SHA5125483c988dfded446d7aa426d7a791f5b5bec71098042b1a7856307eaec1d506d4d372b5f94b9fd440a776dd0e19f6669782623cac62207d5deac9db57cc8eab0
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5aaa12a510a6ba58b9ae8b393be3639b1
SHA17e23611375df8e4aedca6fc0d55e2f3553b0131e
SHA256118172a8e28db429ec475e6d1d0b37b8faf8375a2c76a78ed4d860814a1178af
SHA5123753e5eb025d1df183d98958f0487b8806b817da7ddf7cea29bf1603f09d40c181b642ebbed8fb76db3a2bf11d343eb75c624d8a778050646fbd97c47f83eeee
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD592a9f29363d06d5db3bd557a23cf6c6a
SHA168442bcce4461abf05ba714d309aaf37814e0683
SHA2569722680eefd7b2249d561db0123a482e1e2ad5640dca5eca7cafdc3e18e6b6a7
SHA512b82287350ab717208b6fff4f911d2b1c7bef9f5370d0844f9166fc483e50c9e1e31c7c5e8736bb5908f4ab8963deafefa3340979c9540c7d8f20cc5a2de296d6
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5a77b8adc9aaa1ff0d0712929d81880c8
SHA1c0880026df478fc0f339392f74106ff5c00ab225
SHA256cf4eb74e2d85f74bf30eeb9ac943dc7ebe38ddfd6f43d6790ebf88289e241b49
SHA512b30c46e0e73aee2e84bc2dcc78a7213ff81388c7d549721b6ccc6c38837dce45ff32a35cf13a281567f5c5f94f9d18db61ca17ba5f39e2cc104f007838752cce
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD508584a0fe9eea8012863726d8641a8bc
SHA1edc8538fcc513e4b07380d548d0fae51b73716fe
SHA25692a457420c363527737a667ef4fc8a4f2b5545b805ad8a77d737d1a101fa34d9
SHA512dd4e3b686c16dc70d51b9c3b39bea883fa910c920e56a650d8f358c778b2620bb1790286ec353177f4f4c37446fb927192c564677a76e4af2c7c61b109c1f891
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD50493e5e6f5ae76e7814acdfcfb391c9d
SHA16d5ea423c1ed4b2eb01e89b2c6e4f3287639e399
SHA2569550110cfe89a86dbda2be8e21ce93989096c1b85d603daee62f1fda63ecfc3a
SHA512753623170ecbab9893b644ba79d8c8a4f99711c41f7f9553062b453512d68a316d509756171dace17e485e1be616e86e9a7295fdc7e46e6330f1ab0f63f1aa7d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53c1c4a6a541aa41ff018a2157011b885
SHA1e0064d0e38a6042e415e7c4b95e1cde1167e2c18
SHA256a1ea2b575f992f33b843052360c1073e2160d084335d9b111a864b0915c0bb7c
SHA5126ca0a74c1ad322e32a2a3fcfa7793a43b40c61ad8c50679e1e23119d2f0dc2d5320dc627f3be5aefae650545cc92906265542b626bdbdaa68f81d258776dcad8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5329333d8d3acccb68766e73961a9db31
SHA188b411bcda61cf432afff0bba34e1b87d81938e2
SHA2567676f4bf3ff736657a83d2fc5ee3e8c4b83edea3f6d09a1febc120ac52cfdb7e
SHA512b8b584f1a20f0c2e8f695db06898a12f2d3f0999b2e51d22b48c2afbe99c9e83ad80405ef5ab1cb1cb0da8fcc6b698021a7c57ba634050f8f280520d6ad720c7
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5696b35b5ef7d44d6dc6bc4d8c01762a4
SHA13cd2c58a5406df6658b8519aef63972e3899910c
SHA256c402faeb3e3fc53a84dd504efc7dae56304cf710316c62d2ea88900368c2fe46
SHA512104e83298f4991fc668aa6e16b9c7eba9580f0d1569cc86c4eee14a5e201f802a3d1dad22039d65bb63222ded1abbe87f0b351f8c76b9dd3fbf482accbc3970b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD517ab5106b60334bc51862a0108cec488
SHA142c6a268315f19e20aab6fa32935eee9b71652e9
SHA2560579d1eaf370f2e0c3b0bd6fd6a97ab8bedfca2bf7c6afcd89ac0bf3b825c7fd
SHA512be52642fbf2fb8ff520ad7c2c0b90021626ef864fa29320b25f1fe302f841d66ec89b48ca15a1afb51be8322e2d42563497ae5be6a0e2b0747307be3b2f06b3b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD50678101c77be93661780535348414d6b
SHA1880d6718c1a2f5d39054601dc97ffc28b0940fde
SHA25661dc826c27fbcfebdb7c7f2bb9398aae5c695d36de535730d40d0160c6e066ef
SHA5129d8d4e598abaf24fa377ee76768141167bce0955a98ee535a4fe82ced1f1db46c81e7d54072ef36d4eea48662deafb5693cd4550f7d94980163afcc6474f3959
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD57fc6508c7aa55f0e1dba140b81455087
SHA19114f0415458060a54c9fa415952ccee933e95a4
SHA256c4c969b409d82a1e752df67245ac2401bdb293e114c6c638b23c91202b1c542e
SHA51275d221e11f578aa632d7ea384a164f441b2d7dd11d7448d66fd5963bc87a4f834d97650d0f0c46980ad6c7b6b88c7ccfea386e14f39f3945783abed4b51e94c3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD54c460b2b6615d328c824f1fd419286f5
SHA189d8297c1ad2323b229dbd3d7b953ad7d928fed5
SHA25679ce848925fedb60e4a9c3f7181e3ab2f49d2d554c8116fab68dfb69c5802d88
SHA512fb64091c22dc1037a9b0db43d95c1f8280c45ad93af2873984512217503f4e6fce4d51f4d5437a8d69cc87fdc661eaf293f69f689ff671e317b3f320846b3ca3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5efbd1311e38082d873dc4d5b777c5ef3
SHA1c2cc14a3d159fd8489b89e4ef69e92b82c4c5094
SHA256196ae1369c5f0c8381b06369abcc3efa9bc7217a82d763d7be3a498491f23b57
SHA5123e62be553f82fbb8a97b333d3e55b7ca86478af973e3e258753f45983d727fb8a43950b9c545098366e8359d01c2bbb82b7701c73ce6aba427985877a5f1948f
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d93fcba72870f4455bc0a31a4f95c9c9
SHA146232212333a59c7c3088f178ebae7eadb4c51dc
SHA256c7f74aa31fe09b15ac7f67d553ecbc1d29d94b5c48f3a651026a4440c1fa3e78
SHA5127986adffb752f9712b7877eebace580fa22b412d5a86473afd7fe825a697a3273fc284fd4e8fdf946110097a1fed421ad3aa5b88e735e62a4058903b670b3478
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53c917921e9dd68bacc4090166c644e18
SHA1b3b6870b0f4d99a120bd2ae2ad662bbf31ec4048
SHA256d3e84fed1a5fb6ab63106ebcb942e658a1da66a4cbe40e2b114b203cf2a1321e
SHA51274cfddc351ee75d254cdc3c423c616e41575c11bbc7d1bafcb13cfebeb708db87c2427da9c79b6fa438a2b921147d9d068185281137e4def9ecc02f4436e6370
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD58442e23d6b0435b83d64417fe2da7c75
SHA15391917afd31d0478e96f23a59869ad0721e2f45
SHA256e090767794f1b09d80de5a1cccff305c3dbdc1978d19d396e455c46a26991604
SHA5128539b49cbef0a72de4272d1b6fa7a07955a5181b1139a8377706ff5cb5803efe377ca107d4e95f41ce94ba7ba908d7b478f847c390103efed116c80de01c4aa3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD596130eda9e15e6f1de7e44849e4ee830
SHA1f8cd81080a90f2db3cdab1a5d30579f2a8ff2c35
SHA2560db4af242444b5c477241055c2aa51cec3f7ad869f475e48d02bce934bcea693
SHA512a9f30b750fc6d75f9afa4814743121ca8e8bfbc28be7b770988dde083e4eda92df506554933c86054b8d83f803b7cde7bc513a6340ccd730eae56023795e44d3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59b92fd1494575740c46eb86a05cf2812
SHA163cfe8ce7f9cc21d74a31c5fa0df309469f2c503
SHA256577a011a6f769ef112cad5d5eff92825926abde617e26c09e839f4ad69aca530
SHA5123881368cdbb87e920b6e9e3c299b8a248459b7c515722ec5eaa42eb2528534dfd17cbae9375b63df632dfe30ab5119a92235bc07626e2186a909279ca679065c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ce3dab16bc0b2afcfb7af9b0d5de85e8
SHA1a4fa5b47b9d92b8ad63bef1e3ecd1ee4329f689e
SHA2565bff6732c7c7b692b676ff8d5d9ed391c26f9dd539423bc91df1e0898d125c4d
SHA5129b5681e07beedf7cb73eb54cd5e16add111b2dab2a8818dc47247ebac82b0c275aaf7407469db390e78e2c0261d150005aa817062959b318a3ab2a0712861f01
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD589c4ba9e615163629c1efc2b2d6750ef
SHA1fc3c75340d35280a377060741012c23736ca106c
SHA256ead3054c983d39130a3eca40a7b6a12fbac3c2e40f2413681fffc6b9dbacdcff
SHA5125a5089fd05d8e8708508c0542afd7764a15ced0c5ab3434452f6e7563163da1df28c9d9c039b2e4e01a486cdf5692b45b2df2014e04dfcf3fca18e950418eae9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d5ff606fe662e810fb4e6660179d9050
SHA15f9e843984ee4e2be254f5053ebb87b111ce20c6
SHA256c4bc712e698f5d694375a09ceb6471344092dcc787ceefd522584ab52862e4f1
SHA5124fea4d5da89faa9804fda9afa82b792439a730d3b888faa41b0be32ed2ecadb69857537f5913a037557f16e97d084d88fc987e2bed1f788aad75eabc5d7b1543
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
Filesize392B
MD50ef056f3ba2d86515ec3966978509407
SHA1215e0fe0d3eb62ef0b06230fe106fefaa04ff795
SHA25617da734828fd0474c93057ebaa01a6c69ac58b26943230f4a05745e3b0a671f8
SHA512cde99983e5680e0fdcb6299a3c97289235d3468d7c9f23ecf2792d5f95488ca46da09902e024d263532c615b141e62f08c092afa759f03ea0cbc707e585498a2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
Filesize392B
MD50f3cdd55f8d1bb896dadbcd6e0e8e32f
SHA1ca87f2938a2c6642d6e3cff5a41994c9a08f6b7d
SHA256d0f604f2ef3907325929c04360f0062caa804cd3be2897d6fea2605e3f6da4b7
SHA512a87cc77c6daf6fce017bc5c7c68e0d4c9df85e82a3bb19e82e7bd2c936e146d44b07ffa91e3816b3361029d80cbd81c3c27a95fce732b512dc45c015bc22bf60
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_1DE53A40D87952CFC53E36A93B17FF42
Filesize402B
MD5c2b06f1eb916ff81cc40db4683e42685
SHA192f8f8244b5f0d1c677a8e853cbdbadace06e949
SHA256e74c480335b4cc15cd1d8f2960431e7d08fb03cdb4c0f7852347bd1850c167ad
SHA51284cd0b90bc3bc2f48c35bd041f125ec94e23cb3f1e677dd4564a181b0eb0df1723d8adf8072036ff0692bff322106f7a3b0386a5f48ecae25ffb6ec9298ddc22
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize242B
MD59491d2ff2ba23c0bf568a8c7b49fcc2a
SHA1bd582c11c7ed8bacc915ad40bd548e71cf21d659
SHA256753551f5828f3612389b7ff23a91e14b34c97153a5827bd295b3a7d27f5d2967
SHA512bd5234ab1e0ba2628fd979ab005b503050548120e51fbb813e0f01cd626b44985a032a3cd2f2e6cdaa0a07379650c50d99121b141288f346313cc0e530779e74
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\analytics[1].js
Filesize51KB
MD5575b5480531da4d14e7453e2016fe0bc
SHA1e5c5f3134fe29e60b591c87ea85951f0aea36ee1
SHA256de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
SHA512174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\f[1].txt
Filesize184KB
MD594804e450d1f5464f3ea74f8e31d068d
SHA1101a69476bf5d31ac29797e4345a00c65a8019f7
SHA256bbd458dafe470e3c50014fb7f73cff4cee77951215126ca3769c454daf04dc7b
SHA512612c1526328ec2b01c6b5f93c126842bb7cf171cdaa6246e3bc166a1003690742d00a4404f1643ca57004f4e5203f4db27d15ab2f0b86feeec5a43bddaf004ad
-
Filesize
65KB
MD5ac05d27423a85adc1622c714f2cb6184
SHA1b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA5126d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
171KB
MD59c0c641c06238516f27941aa1166d427
SHA164cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA2564276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b