Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 20:32

General

  • Target

    2024-06-08_3f58d79a56cc78375dd4fa32cbfce423_bkransomware_karagany.exe

  • Size

    1.5MB

  • MD5

    3f58d79a56cc78375dd4fa32cbfce423

  • SHA1

    3e9e09b02fc0232d9a4166ad0741b41101792884

  • SHA256

    e8ced69bce1b7e9cca754686947abea0d1559d6968fc7de0d5b6bcb2754d0030

  • SHA512

    cf4ac1db9ad94f984fa3e45b954ca3ce3240042538cee7f782c911c10711a4ac40676d612853c9d23e865ff7652c4df9b75d9dfab51f3fbea312c48c97f40d7b

  • SSDEEP

    12288:VvXk1g6FggLbrQXbR7jqkf1Hm7tJc0FS3jicGWVSI7dMua43Ek0cIHAN4:Fk1g6LaRFdGJm0Q3WKVSwdr13Ek0VA

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 6 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Drops file in System32 directory 9 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: LoadsDriver 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-08_3f58d79a56cc78375dd4fa32cbfce423_bkransomware_karagany.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-08_3f58d79a56cc78375dd4fa32cbfce423_bkransomware_karagany.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:1616
  • C:\Windows\System32\alg.exe
    C:\Windows\System32\alg.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    PID:1476
  • C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
    C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2280
  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
    1⤵
    • Executes dropped EXE
    PID:4788
  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe"
    1⤵
    • Executes dropped EXE
    PID:2184
  • C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
    1⤵
    • Executes dropped EXE
    PID:2372
  • \??\c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    "c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
    1⤵
    • Executes dropped EXE
    PID:1740

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe

          Filesize

          2.1MB

          MD5

          75b9816b040f278807b9ef9745263c88

          SHA1

          c742f9573edb6fca0d3d87acc06e18a84ab08136

          SHA256

          a88693606271c2da9f5c411f1f2fdc04eb7669b1392664efca7a62de49238c20

          SHA512

          d70439415f782b2cd1e3ef43952c202ceffb551424412bba57d8e836325005b1457463d79eb6a77538c1f17854860e7bf3eb9b1a500640210f206b445390fcf1

        • C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

          Filesize

          1.7MB

          MD5

          96f382e30540298f9ffe8d66f09d0d84

          SHA1

          d662c4024a82b5e281613334ddd89e4714d6e02f

          SHA256

          c13c585ecef1e94de1b15ac3de1f256d17ac0007d8a9fc258aae4b89902ab0ee

          SHA512

          72da8ca3444eee23c310a1377e67a04d765653646e9f53b37ecf7e32c44eb5a2bf1be14aacd2d5c8aa93800d67056ce860c097596c69613d14ccace5499c01a5

        • C:\Program Files\7-Zip\7z.exe

          Filesize

          2.0MB

          MD5

          339e85954c0f6f82aecffd704506b3e6

          SHA1

          60819c4fe7491ba38ede1a9a3fe6d9566a2ddcd7

          SHA256

          67dbeb7cf31ed56eac5199e1f865542d055e925e0d8c17501806e4d2c2bf471e

          SHA512

          86cfb651c9ac5969affb56b4455e04548c90e38b9a846713b97eb7e57d41593825f4c1fc6cd0a6520fbc12b25076ade23ba4f1416a007f82f42ecbb0d9633457

        • C:\Program Files\7-Zip\7zFM.exe

          Filesize

          1.5MB

          MD5

          95f0b6f7bf5e5e94ba0883f88f40bc32

          SHA1

          92742dd475104e98068d43b327458b6c81fd261f

          SHA256

          65558029eeccdef8eb8932453d94a5943c204c04301066344289b6dc4c58634d

          SHA512

          7f514b5028d0b776ca26eec3ff4c43158f103bc26f34761369c129d1b4dae13eca66da08d7dae995ad2d9dcbcb6972d3bfaad7785f1d2feee71acd9a3fe5f7c4

        • C:\Program Files\7-Zip\7zG.exe

          Filesize

          1.2MB

          MD5

          487de235f51a60355e8b7de3cbfd086b

          SHA1

          4dd9d9ad92bbb8ba9b2c9edb4277818ebb144378

          SHA256

          dc351a717fd27066b105679f5ee19c873551b36f928cce45d980360c46b7f589

          SHA512

          e7d6d693a17ba54cef50be9b886168928324f365f2a17b28eaa9ab6c361f8a6ee271b00f770d06e4151d8b4a3b98b4dfde04d25696564615b562b514f0368764

        • C:\Program Files\7-Zip\Uninstall.exe

          Filesize

          1.5MB

          MD5

          b16211c6db92b5266d9affa4a4974350

          SHA1

          ce5e6a9ad650de4039a587c3686cca39b1fd705c

          SHA256

          3f408e5905097d9f52d38a66626f3ff17ed4826ef9d4169c93a0366b44d73c8d

          SHA512

          8e7b670f5bcf081c7094565dcc5f909b4d19b1ef40f3df88bcbec45b6d9c1f24c60531a5e3d9841257abad2929f49fc3458c42e4d74061a408d8d1b8de8c08d8

        • C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe

          Filesize

          1.7MB

          MD5

          673d0f69ff97c3bcad5f5355f3d3f96e

          SHA1

          28fa87f922cc59e73ae9fea9c6a030ecfc863283

          SHA256

          96cc9da85a3943b03628bc2423fbb71f36efb9d23cd2aff9cd23cc22e430febc

          SHA512

          91bc63ea4a578a19ed11d624710a4c428d4d2f69bcc433cc47a0c6b442f1a9e16e2524e391b40946d0169dc39537a73cf5cea7752164c65ea98cf7bf04857acf

        • C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe

          Filesize

          4.6MB

          MD5

          99be1028fb4ae32da62a55c5b14c398d

          SHA1

          61233fe4dd341e888f7033ea3614fcdcffb3d1de

          SHA256

          290257028b36e5b5c3502a498eb9b9eb103bd44d0ba2fdec2e6d8abbfe5bec20

          SHA512

          667526a983ed33bf59eeafb2f11e665991b766cff2dda51b16a9a7cd4f6080e5c5494deeae206c0c0439620ccd2c16da2783f6b9b5e8d7c75e55c2429f43226b

        • C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe

          Filesize

          1.8MB

          MD5

          ee52535098eeb68015a2a73058e0c3e7

          SHA1

          c1619fc3be3f6dfda9ecde739ee726163fb44bc8

          SHA256

          3d0dcbeb7bfc08420e698c2f5f221b1cecd78980d5ed57436e41a90792d9ed12

          SHA512

          2fa80409eae246ffeaf8da1a74f5ce17a725f0bf142987b5a192bed0395d77baf63fda4ac2f4f11e7887688c86292c75b70718181be565c3968928e505477c10

        • C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe

          Filesize

          24.0MB

          MD5

          fd321505cae4d3744b436c947b4c6596

          SHA1

          2a365bc1cb3b7130c3e31c2405934aa7cd675b57

          SHA256

          cc04e23ac96bf99a0f64d7161f27dcfdf4216109cd216fa24cc4c28281f62797

          SHA512

          430af88147a6d250ed244085d53b753fe24d6360e43653b80d2ec410ca087a303d909936165dec41291be2a9c8f5c487e0c31e8bad5ed66fce99532540e87f18

        • C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe

          Filesize

          2.7MB

          MD5

          29d9dd616d02dec08e5be803f345ddc1

          SHA1

          215bf4b982df07e83fcdbe58832fa0250f96b022

          SHA256

          49f7daace923d812185a8724f69d914b9bc2b081b7d9858ab9d5364d9395461b

          SHA512

          d25186231c508e6fe48100eb651398d8657fb57561c534c6ea3691366efbbdcce8b88f2ffea4744a3bc661de7d89557a1a4a8e6d44b070677cd7abc6e1f0f86a

        • C:\Program Files\Common Files\microsoft shared\OFFICE16\LICLUA.EXE

          Filesize

          1.1MB

          MD5

          3cd5ee1bff994c73ad933acc130543a4

          SHA1

          c757425de169a94e8e389a819940a60537fd8d00

          SHA256

          0f941113cb831a6cdc2896e2235b0e9c19efdc722cc067196558f9dc29dec655

          SHA512

          b6217f41518271b50ab603c2959b1b62215d03d34ae33d8911525085f06e5ce5ff75c31e538647dd5595d391ffe8067e0e772890f5900002a3c8542b7ebff3b9

        • C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE

          Filesize

          1.7MB

          MD5

          a67218dce2596b0a4382fb4189fae945

          SHA1

          9c652321d7b9c13f3ff6b86cb03ebee0c2b90c85

          SHA256

          17c8e1191ad0df9a178c8c394dc1aaadc3ea00b90bbadff1608d283b10db7036

          SHA512

          b7064faf07de9b070f0840d94a07fb5225fa96376f368fd20c294ef0e70fda1562ac9493c469c851dce52fd06c78c6812891c6fc6fb3043d1d0cdb8939a38b7e

        • C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe

          Filesize

          1.5MB

          MD5

          e7390cb7dea5d1f102db9d458bd7a54a

          SHA1

          174cc2bf4c94ed04e6f8c350d8801f3bb4f98f82

          SHA256

          a183175712f48500abb5e72000053c8c8459f99e43c53daf60cacd1e5fb31547

          SHA512

          6ca8b33057b71a18ef828c2a7afd61e2e1e59b8129eaafcabafeb9f26b8fa888f7a8b8dbe9a56efb800fc07813a996e03479b61d2fcbbee5926d34fb01653a50

        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\chrmstp.exe

          Filesize

          5.4MB

          MD5

          b3c6a9eaa51f8d0fdb45c355fb6ff5c9

          SHA1

          786b85b7a92c388c1e2d3674acc807d906555ae2

          SHA256

          e4106c8e3b9c10795439bd1efe456e7f7ba31b90436bc77504d9ada4a97058e0

          SHA512

          c41cfeccde474cd3fa8f5f8d2662f5bc29ae6af8ff1fb3fb8efa9fcc40717318beb117045c0ff23362956d163a81cc62a43658a375e2c6f4a978036b5cadcf29

        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

          Filesize

          5.4MB

          MD5

          7e19773b6fd4302493593959b18fac11

          SHA1

          2badc587ea7ef10eb25b6180e1e931a14c6e16c3

          SHA256

          fc86c38d7f5b16a34300a109886229f6cfd3571e2999774b7b8e94b2fa261090

          SHA512

          46a2c33f0660ec49dcc0dcf0f43d54625be30eaea4268ed4b99cefbd3aaf3923f3f4c0a9d2adbc230234d80841063a3fa04076371014a7f3b90add58965359a0

        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\chrome_pwa_launcher.exe

          Filesize

          2.0MB

          MD5

          9a0c339b80abf482ec691087f6bfd551

          SHA1

          8f66fb632b74a20519b314e4dc6b07a120a9a13e

          SHA256

          8158a5c2f206e84eb2899970cd341a1464735134be3801c56345a62f68ccb947

          SHA512

          1fce0a159860b291592feb532385597ef96a01553308e5a93b2b98df880c3921fa68551b9a8ebdda9d8ebaf5e5a3425f447ba3dfb8b4990893386eee0041cca3

        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

          Filesize

          2.2MB

          MD5

          def98a9825e135a9bd9a2682891120f1

          SHA1

          cc2fa4733516992bba607eec908c839e2ded870b

          SHA256

          d63cae649fcad34d6b149ef5dd03eb8c7dcbbd8f487e036f959bce4eb16dffdc

          SHA512

          ce5f5b83227aaae99603b208ca2d5ca255d4b675a8b9cba77832ac874688ce1be257f952f776a9b81b4efa3bbe0ca01a2c30c4fc0154355848a630a748692a10

        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\notification_helper.exe

          Filesize

          1.8MB

          MD5

          e9749f2a8d054860df6edfdfc68b1691

          SHA1

          081c9cd74b7d62a3200c42ca6458fc88e47000ac

          SHA256

          0eb00d738376c84b15436d167de80b52070b106af4f7c34611472f7643ee1c90

          SHA512

          5315e14b27ad83bdc5b675fa454db9a346206efeb3fab0db43ee539937b35a8e1a20153edc5fdabc783f9edfbbfe21b920f0b408635c5bd30eeecfb3259f17f3

        • C:\Program Files\Google\Chrome\Application\chrome_proxy.exe

          Filesize

          1.7MB

          MD5

          2fb21b4fe440c8eb699c35b699a3ad7f

          SHA1

          e81803f6e43adad6644cd7ff6b01ba45a06f245d

          SHA256

          dd280cf297742aad76ae091dbc778334b1fd541aa8ddec809b389cbdb7da4349

          SHA512

          a92cf0f41c47b17cca02da96ea07694b64ff781613fa04646faace699cfdfe46ad31155a67078841c0bff45eb349af3781d6c7cfa151ff357ac7b7d852e5491f

        • C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe

          Filesize

          1.5MB

          MD5

          a6804435dba6e8d452f1d27d6e06414f

          SHA1

          9640998ac40f2d6c55c442fa0bf24fa64e6e4603

          SHA256

          a93926917141b9777bbcff297d94b4d7b0b2bb85adb4e8df937881b2157fc50c

          SHA512

          0f31e0c13844dc2752597000f3416639f241e6366f0dfcab3095680a7288d0c8a6369a2a139788ba6a1169a821eeeea7c1422fee0921a1ae13164c14ff777dd2

        • C:\Program Files\Java\jdk-1.8\bin\extcheck.exe

          Filesize

          1.5MB

          MD5

          085fbfd48b2d96f60b83f81d8f4cb329

          SHA1

          6a9aba6a0f7d84c547d4f15e1a222b4342ca0cef

          SHA256

          a837ded70ccf49a52ce0bca1f30110e6559f2e50070d6fb3d5bc414e44ccc04f

          SHA512

          e1d0cbf4e332d5eff6e0e07029ae7fd90c5e13807672f1cc48b8399d887b94c45000897916e14b51c436f6b9bbdadaa3a2ab2487cde3d9f21d61195cd6adb955

        • C:\Program Files\Java\jdk-1.8\bin\idlj.exe

          Filesize

          1.5MB

          MD5

          d66a2e96462fcb83943b0e847ea9f326

          SHA1

          9551a1bf018acc64ef568f0f73a0213e4227efbe

          SHA256

          60d5cfa792eed086f395ac9cbed2ff422f3e87eb6f47dc9a6359bc6ce599e6d8

          SHA512

          246c99812be7a12bc3ab5a62abad5006836b108a835f608f684fc33e56d97aaf231b1bda6ff16266ff24f98010412c51f917feb7a71cc7b2f43dbaada8fd81d1

        • C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe

          Filesize

          1.5MB

          MD5

          d8e8fcd05f5c5a605353f66b9b4c596c

          SHA1

          d9609c4da00b3db35a39d7575dff0c9902d87613

          SHA256

          bb2642f8867f2b4b69b7f9fe7050a6896a0d17e8d85145c4471984d067394f81

          SHA512

          791a92ea9fb17c46d3b71f1245e12a0cd3369619a36296da895dcb4662a32b7e787d3f9ac25842eabd7da00d9cf4fdf5cb54de9a09db0888a1652412d7f31b7d

        • C:\Program Files\Java\jdk-1.8\bin\jar.exe

          Filesize

          1.5MB

          MD5

          ef60a3f69699a391fa9e0ac410faadf1

          SHA1

          fa3ab341adf87b14b7ef82976f41a18efa97f20e

          SHA256

          eace7fab4d18c8253fa328dd9e67c99c2dd91857eb7fae5707256b380c3978fe

          SHA512

          ff20b29dbd5db882095a45531379e515975b0fff33f1283787bb920cfc239ee87e787404ed3eb374f9162cba91ca501ef03d6de99fd87edc9384a64423315cf8

        • C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe

          Filesize

          1.5MB

          MD5

          1cd3e9f29b7c88b3c5a635374a3c5500

          SHA1

          cf11f0865a88743279b64fd15982a8897131646b

          SHA256

          3dd9b86049044b6a18866df677f465b2da665b8a766ec311fc6b7a7cf453da6c

          SHA512

          37786ef8628c22ae4545f90462b03f5e6048f4640e433aa3d1ea649e26b5490fdda68cfbaef700a6c55dd04944f5e9e6b87d073e390fb06327c5d86fbe29588e

        • C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe

          Filesize

          1.5MB

          MD5

          652b4c232bf186da7e52b897217e4810

          SHA1

          dd9cb2324a43ed9df38c6fb3bb0128c1fca1994e

          SHA256

          c015b28d441cb9d18e376cd5fca2da83e4d93c2f9e407c80dec075d1726c4462

          SHA512

          6e2a387bd24542cc99dead9ae4351aa3b19a98180dce9bfea84b8025cdd9b2d1bc4f073a5d19eab9fea714fbd3e1c9f78b5529f03925ba4bfcdb46a3b3297355

        • C:\Program Files\Java\jdk-1.8\bin\java.exe

          Filesize

          1.7MB

          MD5

          91fff5d70ed6c5e00741176f128fcaf0

          SHA1

          c4cf3a9a032e25a0e0190569f732c2cc06c20d13

          SHA256

          df4fa61e9316518504afe376bda55b70df8a7f352f006fe138fa2d9259e6081e

          SHA512

          37b3c33507de8e82c60665a8adfb22387d1a9873ec4ccf1c11e5620b7d595c2030ed0236e827e7d8460a4bbd95d52e131fec08d0e28401ae56f340b41ec42d7b

        • C:\Program Files\Java\jdk-1.8\bin\javac.exe

          Filesize

          1.5MB

          MD5

          fd695cb7c52aca68870edb16ad451e02

          SHA1

          2df4e2671afe7c1a19235fc2bbd13fe1c694645c

          SHA256

          e58324f3e19b0e8052d42e67427a14b82c82dee82b77fce99d8685b2ce7f43d8

          SHA512

          a3bf550bee2fc3e2a80a7c62c292920c1195e34b0c4b311f66a8003f8333c5ec25451112b53124a46287e2650916d15636de0efdc392c887c7923d77c45fbabe

        • C:\Program Files\Java\jdk-1.8\bin\javadoc.exe

          Filesize

          1.5MB

          MD5

          c51a369cb2d500ffdd483c99313ffe90

          SHA1

          91f3a7fca51fa362c785e87d1f388a68918f4f12

          SHA256

          9b27840a420e62699d602e13708650f7d5cf0d71781e4b867f102643f1b284cc

          SHA512

          2fb9430e184016a88ce44662051bad1074cf9fdad7bc1fff62af3a3854a82676dc221a83da2ce1805cf12f2be679e84da824010c47dafb1ab369733710af346f

        • C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe

          Filesize

          1.6MB

          MD5

          d4c39f43e2062a5674a5309d3763722a

          SHA1

          c50c98248117aabc40647e0d08d5b0e62fd18ca7

          SHA256

          ce781047eb9d1208d72eab67933cfb6a6aa77b620033fab76e47504c2b69d37f

          SHA512

          ce38f6857edcae5321567270d314fb4e8f099ce6838e24a8e35665ebf6d8b15e67d465000cbece3b12ab0ebd9d045abe091e65968da704dacada9cff70117c60

        • C:\Program Files\Java\jdk-1.8\bin\javah.exe

          Filesize

          1.5MB

          MD5

          a384986749b28a0464b2dcad657fd7b4

          SHA1

          0d5cc324831c5489159c401de605f4ee164bcbbd

          SHA256

          30ba99e499a85127814ee1fe1a2aa99849feeda4197ce18afd479f38e69f4986

          SHA512

          cd4f7cee1b45cc48704a3fb95720d226ba8b6843a77c7d6e16033bae9798d0dc31c3b7045b90593edff4251b2871a44e1333b6fb879e8d8d67cd6cfa799dfe73

        • C:\Program Files\Java\jdk-1.8\bin\javap.exe

          Filesize

          1.5MB

          MD5

          6b01660f2593ad70ef015f77276be9eb

          SHA1

          1b0c089a530286117bb208571fd45fa730609944

          SHA256

          d5a9872f50f75724f55e7746a0a938af49b5e42bcc11de53ec1ff407facee5f3

          SHA512

          5162ab81e01186ad943c3a6b68189cbabc075b4b22b23e5ce20c5aab2ff844f3f53c5c2bddb57bddecfc8fc28ddad4496c919814ce883182097060bf81bbb70c

        • C:\Program Files\Java\jdk-1.8\bin\javapackager.exe

          Filesize

          1.6MB

          MD5

          f112c734da293750d5a008e423249926

          SHA1

          1aac678fe7e4d0dee82bcf44dbba49c27ec35a8a

          SHA256

          f3d9e387e2ac2cebc2e22b1a4c86502f004b7e8a9472fc33509b905322d10232

          SHA512

          0f65488ffeed5ab7b98ca41ad43988f565e87a038513d9ef6d4c17fd5abbce6975755912f6a2e065d79bf6fa500f9230edf0a55eb9a1f6ca3c8bdd1f8f06fe77

        • C:\Program Files\Java\jdk-1.8\bin\javaw.exe

          Filesize

          1.7MB

          MD5

          de728a6976c8c46c1c3afe674bd0eee1

          SHA1

          623c895857d4e14a255f051a5098e1a035a96f3e

          SHA256

          a4961f882d5f10cdde2ee8509efde1b2a68d5f78ab04dc953d72f906dbb7e396

          SHA512

          14aafca868f4f964a843b7848a15cce1c538ee95353cc7b720c4d74d57809a0fe5848b9e5dd47e8a5923d1082df76ce8ddfa7a81c9f8605675dfa36f1f996e81

        • C:\Program Files\Java\jdk-1.8\bin\javaws.exe

          Filesize

          1.9MB

          MD5

          857f7cb32daae5f3d139e96d12a493ee

          SHA1

          c0b969c8fff95c81dc04cdb283541f5ab37b94bd

          SHA256

          05287a5413fff62afd06769c064a8f93e514340ac40fc110c6495e642dab9562

          SHA512

          6f8fc029f3aa6ebd5e1939d34836788c99fa29d97698ae5a14b127655a8dda63ae9b571e8e4aae33b2a67a5ba446783d6949c0ac244dd57e80b740af11801eda

        • C:\Program Files\Java\jdk-1.8\bin\jcmd.exe

          Filesize

          1.5MB

          MD5

          c21d6aeab557e3ccf173b6531f76e331

          SHA1

          1fc68797a0bc99990233a31ba2d9eb17b6704944

          SHA256

          c3a5678ada2278e54278170841499c60f7de96c4c6f57c9fef984a7b8a6b9920

          SHA512

          cc26aee36ce3788585abdeb9fd1d8fe2b35da22baec3ffd61e3d596d4450d72f742105b4ebaa273029c06fd3ce7ca020cdcd0b5b384bfb12f85579d73471e0cf

        • C:\Program Files\Java\jdk-1.8\bin\jconsole.exe

          Filesize

          1.5MB

          MD5

          c47d1d8793a191edd9bb7e57dcacd306

          SHA1

          92c7185e59ddbe57149b3b82863cf5ef49dc591e

          SHA256

          47fadc9895fa4b96f5671ef5220d04bd4a85a08073bc1ec35455a0e35a331774

          SHA512

          03bfc8c7d2625d3035f4ab22c9de2543c66794f626c953c4a3997b32865326804e19f8a204dcda3fade02c445fbb7c2d939ef9514f96d86d0274d788a61322ac

        • C:\Program Files\Java\jdk-1.8\bin\jdb.exe

          Filesize

          1.5MB

          MD5

          6b621292171a68e2fa3001ab0446d27e

          SHA1

          256f85b93c0da77698eb328f105f62ef16671101

          SHA256

          4ba92a70b7d666f270744eb39adf47743966ac87ab4e2aaa61ae034b031a8d96

          SHA512

          166545fd229013ef595cd40ce6fdfa27bb465dfee3d4073c23e6e0c4d36daabf891ddcaf01f22fdcaed7bf12719252ffc89ed297aee7b97e752977e6eb7e3e7d

        • C:\Program Files\Java\jdk-1.8\bin\jdeps.exe

          Filesize

          1.5MB

          MD5

          7bbb72df3f8c9fa45cbdaac6b8f9deee

          SHA1

          1429cca23b316c54a334ab2cfd14f84cf8410e1a

          SHA256

          15b299794209d846c8df54062a3490bedd9a6e28ab1d2d476b9bb8cafe4086f3

          SHA512

          374e3f4bead0165f55c11ceb76f42d0f2bba5377a3c21836ad6d6f68b80951c5d4e107f4c8dbac3fdf0cd91b10f0287ecf09b2fbeb518bae50d5d389a35ccbe8

        • C:\Program Files\Java\jdk-1.8\bin\jhat.exe

          Filesize

          1.5MB

          MD5

          691102aa8aee405ecb0eed4e4822f312

          SHA1

          e185c5962bb394dbe502f319075b09724e594707

          SHA256

          8e3a46f82587d8944eb5d682610dffcf101b1d3965bbfd4856ee608f1fba027a

          SHA512

          8c0ec763da0f8d2bb2b80c8eacbcb00313bd278a4d5efc1f898a9de008ee83f962b409474b8124d7cfe760d5efb8ee71510148c700c11c8056396cad82f0e306

        • C:\Program Files\Java\jdk-1.8\bin\jinfo.exe

          Filesize

          1.5MB

          MD5

          cfa81e93e857d90559d76a7af85fba0b

          SHA1

          02cff5dab58a2af77fff3a02e18c3facddbed1c9

          SHA256

          8122b59006d473ac578041767ecf30ea93d0cf5a3981b6ffed42f55bfbae0ffa

          SHA512

          551a443916433cf73ffb2385dd24c05c297ecacb2467d2b079176dc559f9ba0f230335d4667ddd1e805855546519a41d10bfe8daf54e678f3a7e21026ab4f468

        • C:\Program Files\Java\jdk-1.8\bin\jjs.exe

          Filesize

          1.5MB

          MD5

          a4d46154c74eba3ed93224dd7656695b

          SHA1

          eff13880165c5e1538a73fc40472ebf43fb488bc

          SHA256

          9f996ef8c2cc4e9fc873491f3074103ecfd8bc7c2f6633826740bd0dbdb99e7c

          SHA512

          f2f898de4aff13cd11b8b09825baff32f2cc5c092bff714927842e8b2f02abd502ccd09be2561059ee8ed4f1d9160f6132c18e901110b9592d9a6672f65abb46

        • C:\Program Files\Java\jdk-1.8\bin\jmap.exe

          Filesize

          1.5MB

          MD5

          e278cb87c0477d8df9b4623dd4ab315e

          SHA1

          d3018c3bdd0fa9a3fc8c53cf4b69a4c16574b05c

          SHA256

          306d6a154a0e8f58cd1438761448ee86671070e8b5f7841bf3838c497609194b

          SHA512

          ad16d4fede6dae2e1e3716dec26a20b1fd7bace725afa69fa2984f3dfb990af1acff5ed4fea7435e3af295ced453648048ddf7d9fb6a8a2dddd1ca0e40ba2392

        • C:\Program Files\Java\jdk-1.8\bin\jps.exe

          Filesize

          1.5MB

          MD5

          2bca347feda1adda3cb6060dea0c43bb

          SHA1

          e2f0a13a2cb8b7047e7b6effa478045b622253cf

          SHA256

          ffc78a2b3da27385fb5cbfd5c3f9a7c52857fe75d7641f59b63d8b26097036b6

          SHA512

          87af01532206ac0c5afdeb6b0b55c853aa2f2556376dc77412d446f910bd4fa77f5bf1b3cb95e5287708ef8166cb09ec1f9d260794c756099f873665a5ea83ee

        • C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe

          Filesize

          1.5MB

          MD5

          ddcc025fd29ae6e90c851d39df4fb1a6

          SHA1

          b359637c3f2695baad7b85e35c242d67bc584f5d

          SHA256

          71c997987fe95e9ebf0f714d737be3e56af284653877e23542473ddf172276ff

          SHA512

          f843d921bfc5898af753de75a9bee59ad80ac8a4adbbd4779ecaf463b9c1e41d99228e89039de610f07f5b3e13527660e16f0cec01ead494cb58359dca4426f3

        • C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe

          Filesize

          1.5MB

          MD5

          55685327a4fdacc68a7147c22f4a228f

          SHA1

          52542f0783906a69dc3d1cdfc622b880af0585a8

          SHA256

          63baada4f99ce7178444499d62bc76cfe01815b66d8a390d9d64e7df895beb88

          SHA512

          04c34264a56e2d1ec666b5041082acaacd26946858dabfa849d2cc476e170d15d9ef4ec4d4f3d9cfb3a736bddb751ccd233036ed3026d0011e2e0cdc68e3c879

        • C:\Program Files\Java\jdk-1.8\bin\jstack.exe

          Filesize

          1.5MB

          MD5

          0f36fcbbd388d1c58d0dccc64e3a798b

          SHA1

          6ebf94fe9551354c9e0b2941e364fa2fbdbf8430

          SHA256

          e3726ba38e050d3b3394083203742d562673971559d573c1be464b1bd29f9369

          SHA512

          b6fdbd299cc658224d83ce779960e64f9420a5180dcf73af4d915707675f2c39ceab021d51837eefe4729235455bfe7005ee88616bc96bf5aa6610b8ff25f9f3

        • C:\Program Files\Java\jdk-1.8\bin\jstat.exe

          Filesize

          1.5MB

          MD5

          6a64567bc2ac7e0b7c88a24e8acf574c

          SHA1

          3cc326848b77dfb75d28efd7d9404254201038d7

          SHA256

          d572837dada17db30ec3c85347e6ee527337ccaad0fac31265b53c95d26d950b

          SHA512

          964c6dc11a6c1d745afebeb5ba48f113a51493337fa6a6e18386cf1e729e6f973e30931b07e2037008a8c1d4b7dd61f47abfabc9396ec7cfc5ceb87e6d1d449e

        • C:\Program Files\Java\jdk-1.8\bin\jstatd.exe

          Filesize

          1.5MB

          MD5

          6d97807622ca4a633c061638a8b45355

          SHA1

          c24e951116ccff30c8f3d9ac91a0842a0d090fa8

          SHA256

          e45b4b290aa7dd6cebbe2e0354c3023fd98a414b1903bc4ac49e0ce306b6b7c9

          SHA512

          64fba7290102b92a11830c99c421c4d139bf00bca9154a26d2df9986db4c1c8ed012e0c26a51c1b97a597f322768000041303c3e9e60d5c2e10c35d098b1ad07

        • C:\Program Files\Java\jdk-1.8\bin\keytool.exe

          Filesize

          1.5MB

          MD5

          36eee14247767c4c5e8423c0016f2457

          SHA1

          763d6602092c29dd10f33ca2b25666fe8be1e2a8

          SHA256

          3f0f5aa7e19f5a8b58b273a3790e8bf2e55bca5a52b2ef3e7ba8cbc3f2f6793d

          SHA512

          ff21ed013384b5ede553ff3bb6028fedab71595fe2651668c42a7024c7573fe9a6c2fd41ab1fb6c2e51fc70c0e903de40683c9077e1584d9d52fbc239487ff95

        • C:\Program Files\Java\jdk-1.8\bin\kinit.exe

          Filesize

          1.5MB

          MD5

          b593a163c7f5ed4827a173866f8f67df

          SHA1

          3a69f5f840f50d4cf5cd25fc47e54d0f0d7dbede

          SHA256

          6692420e059332bff07b46d5617ec9db798a7b559eb72faeab725374fff09aba

          SHA512

          633784ee9c824bd77fcf796f1f7fb435eb4e98d602bbec5ef7c56b3fa706711d83ac35f8004757af4d41f6c492c3c240a0a447a8eb0d262f6188e64e16a7c474

        • C:\Program Files\Java\jdk-1.8\bin\klist.exe

          Filesize

          1.5MB

          MD5

          aba16ea08e0de0b94350f7c043709e92

          SHA1

          be11f8816ea9f087e54b985a922a7ec714d14276

          SHA256

          139d737e67bd0d95be773b2741a3ae4d4329377c478b7cb03caced7143795e1f

          SHA512

          b7ceee0a594941dbd1b5e6eef9869113a19246631cd7231aa54fcc7ea8a41e09bbd9da45aa78d34848c6f877f29ed0c6897e866cedf3f69a272a58d31c431cff

        • C:\Program Files\Java\jdk-1.8\bin\ktab.exe

          Filesize

          1.5MB

          MD5

          b47cd7f727fb5861295eb885534c70cf

          SHA1

          74784727ea464e424c4efecf03b4bcb4b3d272d5

          SHA256

          df5d284badac8257c821528ffcc65b411fbcc87e865680f722315aea6804be9a

          SHA512

          5bdc905b1fbc16411a7910b5d6089d6ff945e05ecea95a84537dce2dd2fcb6649b2ff174ed0a4f9e51c3b6e21037bde4de8b9f66ce7f5b0e2059757544d3cbac

        • C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe

          Filesize

          1.5MB

          MD5

          4cd8ce38ccb9687819716cd5ba6c51e5

          SHA1

          8148fe8f5362c0a8534f70d349c0f30e301a8789

          SHA256

          31272cb8229590332e934a40b4b429d94735debef57153160df86c1f1954e8f2

          SHA512

          d380deb92d0434c95b0c9227c5a2f930e971f4037e9321a950c30ad16a87d607e157f203235d8182092ce919bd3d18589784d3c6adb49d1db90c75ec186f39a8

        • C:\Program Files\Java\jdk-1.8\bin\orbd.exe

          Filesize

          1.5MB

          MD5

          87281e52a62063c82826de1bde28cdf1

          SHA1

          6782543b85190510a6cc5cec8461e9f068ea8315

          SHA256

          1706e68882a83b39dd479cef56b10e52166a94c42db91ed681bbc0c7f0dca54b

          SHA512

          99dcb5432d03c4de165e18fe193f4f2c6715ac969a6fd574713266dbbb0298cefedc88b24b32fcc42e46691dde2280aa8f162ced1446eda394a7cf1ad3174f08

        • C:\Program Files\Java\jdk-1.8\bin\pack200.exe

          Filesize

          1.5MB

          MD5

          281a9fb93a44f3a45c78211fb2cc4156

          SHA1

          3234c1e9bee00d7b4928f7a0d8fefd0964126230

          SHA256

          d529c597f2087eaab089401c4631a891aaf3ea43ac053e1650c719e59a8060a5

          SHA512

          d845550c05a697c45be38e06a6333157d0f69a26449aead1305ebe3ac2609f7296144f0a08a635960393086a465e9ee4f71f11a293339de17665eb92cb0bf16f

        • C:\Program Files\Java\jdk-1.8\bin\policytool.exe

          Filesize

          1.5MB

          MD5

          84061f52b287df335362a26e0d11f9ae

          SHA1

          c2b680cff77beab314cb76229ff8b8c1aa79973d

          SHA256

          68606c89579abfc936310b55259bbaf7fc930104c07e4ce437b7b2b7117c86f8

          SHA512

          f148e33598d8339c1fccb71836ff8667a47f125faec59e9a9b42c090b5b22bff23b3edb07580a84f1541ac34f0835db8b15842653b1c24a1f6b36ef49313a1a0

        • C:\Program Files\Java\jdk-1.8\bin\rmic.exe

          Filesize

          1.5MB

          MD5

          6dc25d40ce1217b6516264094fd98ae4

          SHA1

          e3921c931b7bf6acdfc7baf4dd6156c69b0f2c11

          SHA256

          d58caee3988517030affb10cb6b5d6941414033e234a165c7e0e0366ee6f0710

          SHA512

          749f68ac11056024c7b6c7bb74bec99a72cb004d04d44773354a6ecbd53525b99ec134d6524de152e21ecd85bc9aaa5e2632e6943f7093609700f6ec824a9d3b

        • C:\Program Files\dotnet\dotnet.exe

          Filesize

          1.6MB

          MD5

          0df63f12fbc4d9205991444de7d19ef8

          SHA1

          b04fc1f32358ac02333bd64e5fa05fec0ca0b274

          SHA256

          c92d79873eb619aabe87614e6a1b1816760a30b6b787a3c167445bb804e838b0

          SHA512

          5b33f67a3c7bc29f7f434ed5128f09c803206cffb31d9386ce5d55ecea3b3e6414c90c77287399f996a28c0ebe915a5e94d8165bf01c7818b59b4b0382f6a6db

        • C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe

          Filesize

          1.5MB

          MD5

          62e40b60fb131817d1ef21cc3d30a053

          SHA1

          2bc2f3b3d05ca63056ba65813d12aca1269e14ed

          SHA256

          ec1aaf41cb0ea334c9161345bc5f465ef2898bd5133f90ed271422a7043b7d3e

          SHA512

          e8442c7c28e144db9e6f576562066528ee16e426acbc0217b6ab35aaa6f852fe8644f6ed05114d627ff54f82b8aa28bf2324cccf1ac26bf273dc0c3cda99b4f5

        • C:\Windows\System32\alg.exe

          Filesize

          1.5MB

          MD5

          3a21a5d65ffa19ea078ed33478826602

          SHA1

          ab6043631325d7c198fce1308881a377627a7592

          SHA256

          57341df9a079c4e54456addfae203f0ad08d82f1aa0cd8bff25d5c9fca773ba6

          SHA512

          f1016df15c2129ee22b8b935284820695cdbb439c0e2cae50b6990bc5420c8869d30bcacb75faa8f170411fe3b0a6691ee6d6c19909021a1f5419830a79553fc

        • C:\Windows\system32\AppVClient.exe

          Filesize

          1.3MB

          MD5

          126db44eb9f4509ce52c24cabedf5741

          SHA1

          ba79c8531531b16a3e17ab864714377ea05be933

          SHA256

          d34f4f44f2fa476c870fcda9737c1d42ce6be89074beb3b074a7d51b555a26f8

          SHA512

          2a06c35288a1117fcd24fb513a9c5418c5596b4a8aab05cab036c27464f8e696bcbc23ecab269f392d72b64b7922bd2d63c2528ee8bcf022275f55478956e7ee

        • memory/1476-87-0x0000000140000000-0x000000014018C000-memory.dmp

          Filesize

          1.5MB

        • memory/1476-12-0x0000000000720000-0x0000000000780000-memory.dmp

          Filesize

          384KB

        • memory/1476-20-0x0000000140000000-0x000000014018C000-memory.dmp

          Filesize

          1.5MB

        • memory/1476-21-0x0000000000720000-0x0000000000780000-memory.dmp

          Filesize

          384KB

        • memory/1616-1-0x0000000002200000-0x0000000002267000-memory.dmp

          Filesize

          412KB

        • memory/1616-8-0x0000000002200000-0x0000000002267000-memory.dmp

          Filesize

          412KB

        • memory/1616-6-0x0000000002200000-0x0000000002267000-memory.dmp

          Filesize

          412KB

        • memory/1616-0-0x0000000000400000-0x0000000000592000-memory.dmp

          Filesize

          1.6MB

        • memory/1616-28-0x0000000000400000-0x0000000000592000-memory.dmp

          Filesize

          1.6MB

        • memory/1740-79-0x0000000000840000-0x00000000008A0000-memory.dmp

          Filesize

          384KB

        • memory/1740-85-0x0000000000840000-0x00000000008A0000-memory.dmp

          Filesize

          384KB

        • memory/1740-88-0x0000000140000000-0x00000001401B1000-memory.dmp

          Filesize

          1.7MB

        • memory/2184-62-0x0000000140000000-0x000000014022B000-memory.dmp

          Filesize

          2.2MB

        • memory/2184-53-0x00000000001A0000-0x0000000000200000-memory.dmp

          Filesize

          384KB

        • memory/2184-59-0x00000000001A0000-0x0000000000200000-memory.dmp

          Filesize

          384KB

        • memory/2184-251-0x0000000140000000-0x000000014022B000-memory.dmp

          Filesize

          2.2MB

        • memory/2280-40-0x00000000006B0000-0x0000000000710000-memory.dmp

          Filesize

          384KB

        • memory/2280-38-0x0000000140000000-0x000000014018B000-memory.dmp

          Filesize

          1.5MB

        • memory/2280-31-0x00000000006B0000-0x0000000000710000-memory.dmp

          Filesize

          384KB

        • memory/2280-247-0x0000000140000000-0x000000014018B000-memory.dmp

          Filesize

          1.5MB

        • memory/2372-70-0x0000000002270000-0x00000000022D0000-memory.dmp

          Filesize

          384KB

        • memory/2372-72-0x0000000140000000-0x00000001401B1000-memory.dmp

          Filesize

          1.7MB

        • memory/2372-77-0x0000000140000000-0x00000001401B1000-memory.dmp

          Filesize

          1.7MB

        • memory/2372-75-0x0000000002270000-0x00000000022D0000-memory.dmp

          Filesize

          384KB

        • memory/2372-64-0x0000000002270000-0x00000000022D0000-memory.dmp

          Filesize

          384KB

        • memory/4788-43-0x00000000008E0000-0x0000000000940000-memory.dmp

          Filesize

          384KB

        • memory/4788-248-0x0000000140000000-0x000000014024B000-memory.dmp

          Filesize

          2.3MB

        • memory/4788-49-0x00000000008E0000-0x0000000000940000-memory.dmp

          Filesize

          384KB

        • memory/4788-42-0x0000000140000000-0x000000014024B000-memory.dmp

          Filesize

          2.3MB