Analysis Overview
SHA256
78f265adc8f3c2decf88987749c1f1cc3c1f4d0cbf0d126c79a2457d7f4a0e50
Threat Level: No (potentially) malicious behavior was detected
The file 91f3158d1cea2edcc49e7c69f5ca36df_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:27
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:27
Reported
2024-06-03 13:30
Platform
win10v2004-20240226-en
Max time kernel
139s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f3158d1cea2edcc49e7c69f5ca36df_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4144 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4500 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5336 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5372 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5684 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3592 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | ag8aq.cn | udp |
| US | 8.8.8.8:53 | ag8aq.cn | udp |
| US | 8.8.8.8:53 | ag8aq.cn | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 2.17.251.21:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 52.168.117.173:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 173.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 216.58.213.10:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.107.17.2.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.143.182.52.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:27
Reported
2024-06-03 13:30
Platform
win7-20240508-en
Max time kernel
117s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423583141" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000072ac917e23a4727e11514e93820efcc6b583a7ce12d0150ecc7f592b84c8837000000000e8000000002000020000000d3d267c7261d7566c8afecd8de46c36cace52edd31c29062aa756f2945b08fe390000000b8cc1b9e77a0ba8baa70ff1d96cfa19231a7d9ffbabcff352cf21cf0158e10eef7f0dd8aa17ecb42fbe8aa89472f8aff7d651fc8c11dd17f931ef5595130948c6d65aebc86ef70f5b7918d2480a18e28e9eb34c006de7ce7469a4e828bc38792bdea8db4835b3acf86c1b08005524b3b10d55c015e17848800c22251ced39bc2de998204f10e5f5f39bb0fcd5eac999c4000000062c84de9f4960d9dc2c43a4d26ca4129d11dcba384b0ee510fda1a07161385ca668777ce353fdb53e5a52e18cd1c2c30411e215af6f38d4e7d26fe0840562451 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a0d400eeb9b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{155AE541-21AD-11EF-91D8-D6B84878A518} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000fa1f9a97662fd5c729f055ef43784398b6922d303ce8a04b6f14b62aef1c41b3000000000e800000000200002000000039101f98e900557fb0f1dcc39a9aa77a4915621ad632973b58c9148b014555f920000000f8c562cf92c75f4ef51ae6ce76e2b4d36fe9231b26da6fadb2f87190151ba79a400000003e80bf143400b30e4dd31424bca739279d220a88d352b6746dafe40c622ecc1d9ef97e64ece368eee3ef8e925b5b67feb137bc71a4566b9ea0a9a23509e0ec06 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1704 wrote to memory of 1228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1704 wrote to memory of 1228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1704 wrote to memory of 1228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1704 wrote to memory of 1228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f3158d1cea2edcc49e7c69f5ca36df_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1704 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ag8aq.cn | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab4683.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Cab4713.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar4738.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f06a0f7770364a93c17bf94752e03737 |
| SHA1 | 164004efb8f461e629fe5985dc568f1f9d990822 |
| SHA256 | cb9b45ba505ebfb917273eb5f8ba7257a74150ca37ebc385ac8411cc96078d22 |
| SHA512 | cc3ea80a60a66f842991c5a1c4d081f4abea6a7e95fb71b3dd65cd8321a086d7ad996eb6868ba0ee353cd90f872d132401a5131fd1c65db6b60ce167be733242 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1fad015221563355b9cf20204c3df3c7 |
| SHA1 | 6f4fffa7db28281ab7f96c06cadebd4a09185dab |
| SHA256 | 7308371e6abdd90de9faae907cfcd468748e65e93653dab9011fc7a5537126ef |
| SHA512 | 909af30c780574260f514ce59bdc92a85ea808e7673233eeabe4271655b15be77c06544e1598a3e5cf292a6983ad8d592d28a06486c8ca2e653f5fe6333c8777 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | beb61df868ad4e6fbedc0d40524bc2e4 |
| SHA1 | 936e9a6d02f324b7a8ffdada6e763afc68f5d686 |
| SHA256 | c86042c22dcd11389c99e9e35319c26d76c96795696a41997270f787a4277387 |
| SHA512 | 4f9fdc0b382f0fc902dd92fa4fda07b6684cd2d11380958698f1c5d5daba01087ddf12314d481f64fc66c30f8dda69b60ddddec1b2ec84135f2cff2d2b9f585a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 827850d67b04a6d30bff4d4d8f6b86ff |
| SHA1 | b1d3c07151f006084cafc4da1d328a91508c58a7 |
| SHA256 | 9706bc4073bd6af47551e109afdbfd19256dd1e1d44f3a80c3c43cc4482baaed |
| SHA512 | 3e8708a313126859a5dfe1bb51df4547b4376876a2d39409f512b5323b36e897a5e1b4624dedcf6e59c24ef01c46115691b8df902ad2575b6fef3bb262666022 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90673e04173a6dac43397461d58880fd |
| SHA1 | e0ea4d7e48a3acfbe9eac7a3c4038b2cc8349797 |
| SHA256 | 92d2b93087e00fda307fc037a76c2308af5d985eb1136b730c2e4670ca2eaf0c |
| SHA512 | 9d3af543793481f48ac1ffa84a43abe3b456e14fe41e22d5b915b57cac80b6cef23955dabc8c38b3b8c694aeb0fda424961ad2ca5706c782b051a7afcc1ec34c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb7d6bb05ea054919b5e9ab1dc1fd332 |
| SHA1 | 2e9be0dbe7c1368e64b8fb1cfb7e639aac3a64dd |
| SHA256 | be9c1bdc238205485e6fb7e60a45f62dd8d9958167d97678f846983c74a47be5 |
| SHA512 | b45458cca7eb575701321e8cd8a5dfd711e7cc08c6527148e62890784d589a40d23cec24861a7874e914b30e2d9870215a478cab2bc437d9475d3da990c57030 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 423d6f472617db8acad655f440a33443 |
| SHA1 | 2ed537ad57078400d732cc814e543382fc174f64 |
| SHA256 | 73910fffb1fb32492a8e323feaba6c0c62351a58fc0236e27f38bfb2f80ecdb4 |
| SHA512 | 7889d56a2d1c1e2519a6f8e27131c178d48e5771080fa5084794b1b70da9f9f295da5dee33748a653c6a25fc27260a38b5c1f19997ac85e6d798249b325f1531 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 16ed829f532a435cdcde5c94e8e0726e |
| SHA1 | c8770a20ae8f6c7fa1d7fe48f4c5ed5a0df77998 |
| SHA256 | 267c723975e74b328e88e200bc4cbce99e9ef6d08081b6f711abb6a7ef3fbcea |
| SHA512 | ff9b733789bf087ece4f14a05d6468ce8e8c2384fd935b8d987be3945e66b65730d285b5279684cff4e2b6363f8788cb06998a1001c3fdea0d286e460b97a305 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c4ec0a705c5a9bfb31b89b5b59d87eb9 |
| SHA1 | a3a82e5e0ea9afa88eb13ec1646219a8a3f136cb |
| SHA256 | a98b6a0a34de32a26b9d43f8743c7544c0bc516a2bcdfc2d796ac9f5ba71eb07 |
| SHA512 | 9deb759b7ded7701649096c9c1a145ba3fea9b8ca461b2afe5b7bd4be844d4fc55757c9262c58433ce35653251e86eacace5b54f52eb0e34afa9c3229e257d29 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a211b8aa354375e0272af5770cafe3b |
| SHA1 | 49ea2e998913cf18874f89498613dc36a65c1a5b |
| SHA256 | 0ed23649fd8ad5c8e605904a5538e96a6c1fc9570d5563bd4fec870bc974e88d |
| SHA512 | 04f598e7543d94287ca62a8b1d9c68e16551e0ef3d781739a745b9c0ac72978b91e3435271cca7f7fc37dcb84b63ee29ea228b11f31a92b68879e463c986f36c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93ef66916b04031d63ad7d499f47374a |
| SHA1 | 88a47b90578cd6b558126eee93a9f0f9c47b9e6c |
| SHA256 | d72ba16e05afbc3f1b5d768be4908a13404bc2b4a156e894a0368930790bbbb7 |
| SHA512 | 835a3ec70ab812fb85ad39dca53f552d4db1294fbef5ac19c0ee1a86725c2dabea0fabb78ac1ea37e5f44fe31ed6cdb5a4b805d2fecab8aa8af9cb2d445ad56f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5551bd42679ec2029cefef60e0ba8db0 |
| SHA1 | 635a3e9fddbd34d9d07367c2d4b0bd18ec82cb26 |
| SHA256 | dff507a213f2e632cc1c373aa713b231f3e126bd0907be0d0942b0feccc02746 |
| SHA512 | f8b3601c1c92c7d160e66310aa2ff10cbe2f901acf349b5705a106b9a768cb006760637b9a1309b76124f5e2b264c1fd8f3eccf1b11d3077c562e03b93a6e516 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1ce48e53e1483c0bd1f7af1b2327c83f |
| SHA1 | 1afed59ad0b8681d54e64d2b50e25b65dd09ecd2 |
| SHA256 | ab6b9188c232899cbfb34793ec5157d71fa691bafa5024868ec163561aa61768 |
| SHA512 | 532f6a746f859c731133940a69e6ff3a2faa25c189ad9b4a6c0b30247c176f1e7695eec329913a00ce1c5683b8a75de524115f45753033d196f0c457bdbc710c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 33de6145ecbf1c9ad540797fd070ec9d |
| SHA1 | db8562415638efb29a7994b3ee395d6d006bb509 |
| SHA256 | fa1d09defc83d38db905d94c051891f8b6aa27863ba2a3221678d086da783277 |
| SHA512 | b8c0590fe178cc028ab8ae22d7d81cafb7e16696b7e39179d38db11847890b5530f688ab7e4607fa508cf241ff3e0746b6018c6ddd41c7aea8bf7bcfb8929f15 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2e0bf28d4a4efe31e0404be0d2c4ac61 |
| SHA1 | fda9cc61efa05b0d16f1e5bb2f6f0a121cad5d7c |
| SHA256 | 2de85f574b48a05bdb7713a09bd8ba65e3013b35d2c65c03925026ed3b6887e8 |
| SHA512 | 7e7bfa50e4e1020bb9133718688e125f65875a903edee05c064b96d4721a33a3b846fe94fb7849d17abc83a78e30469bd3a3c92d105d2fd4bdf2f828a142089b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aac646c479708506d647efbbec128243 |
| SHA1 | a98fdab557d290f124d64c628ecbe739ac996679 |
| SHA256 | 797cd18edf780ae9af114a358340fa6dec7b2368ff514eb9000d2ddf5b44fcba |
| SHA512 | d817cd82f29ebd2fd1191cf11fe420c4eb7c723176ab1db5633e991956cfb6dbda785a4ad210a764bbe1d4333d17c741cbfba89709d407d768584c45a9612988 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c6d02f504d0a9314ced33f2add0fa69 |
| SHA1 | 925110bc83e13dc902b09ee077662e549b524d19 |
| SHA256 | 7f691b006458403794812569f068313fc81fe1cd291c0257ebb85a3e78ae227a |
| SHA512 | ad22cf3d4247a254e3cd59733225f20e7fd8c91e3cc2c3a4a6c8d813d174e3a054bdb5744da716b2ecd8c04266d2f056120adf28218e10d86906a0cea936545d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | acc891baffb813220741a35cd083fd20 |
| SHA1 | 3b62a27c8afed9699ffb2aed59867b3aba5d6926 |
| SHA256 | 2379be720380854f391ee50b57761bbbae69364bd33494b42cd463c83ab61b85 |
| SHA512 | 08e102e9bfc6cc12ebdfb7d62ce007a14d293fe4cd847b2ce0a3d197d8fb0c206c245f39a6fb989efa687f5e810153f28400a5fbbc846069592b7d8e3ec1d5c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 21cbfa4ef4f76c5e7a9435a6f0561a71 |
| SHA1 | 90560305ceccf0e5d5bb3ebef6f869b31c15cda5 |
| SHA256 | ab90dc633692b3672aef1f34334234fafb68af9d0f02ec9d2f7ffc2ca1d3483d |
| SHA512 | 812d07246716c5f5b8933c52b018b65b0d90ee794af8ceaa01905f1f8f6fee588fe7c9081eeaa92b0a9bdb7ca23bbfd96ed4e3ccc0a403baecbbc10ae29d378b |