Analysis Overview
SHA256
b560162e7cf0d3ece3b26804affb0357bf4c1d264200cf998093c66c9c3caa76
Threat Level: No (potentially) malicious behavior was detected
The file a504b32fa45f67864fd316949e0cd5a4_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 10:10
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 10:10
Reported
2024-06-13 10:13
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
143s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a504b32fa45f67864fd316949e0cd5a4_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4008,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=4276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4520,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5300,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5452,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5480,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5948,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6696,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5512 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 10:10
Reported
2024-06-13 10:13
Platform
win7-20240611-en
Max time kernel
120s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2FE789A1-296D-11EF-8875-5E4DB530A215} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a0390500000000020000000000106600000001000020000000985bee44a1e4b2245b689765407aadce7efc9a43dac59814a5640e7e3a94c24e000000000e80000000020000200000008fbf3c072b880fd64fd8238f66cfdcec52452ff1005615341f7b2e9594b58fb9200000002006ac7c5658b515cc7afe32f03561de8e665992b4bce472cc4c35274a6a654a400000001d705f1002132645570a9dc0e2240a8c96a32228b0c2fbdcc46ad59056b202ba5cb87294a0451f49a8c4ca1783d13dda3bbb63637c5e50925d6653932e74c3c5 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a0390500000000020000000000106600000001000020000000d4695a4f630e2086e55091e07f88194e2a501591b24755b3962c43803893a40e000000000e80000000020000200000000de2bca6ab02cc14993f9e7a71145082d160e48911d506051c9ac9241fc8ed2790000000e7be17002b98c6331f9ad5e28d6f010a0fb16ed8d1a0e4628cec9b7470c9c569d7e0ccc6b720a4a085dde00620d17ef2cb898efeffc0cda61116dfd6085af606e0106dfe197eedb66f0fb7a601cb97f1c45f85e050eff358c3edcb51a729100f7483afb045120f765ec9def1d42179aa74b907dc487eb4a8d24d5da1c0440b2589d49ad4b53364363ff29f77780e5300400000000f7b2267ea9f2dc282b1b0d648783912c62f1aa9abc2ef5d4351d7bbbf99c8313fad69a33fccc07c68143f89a059a0d77a2a0d3eaa9bc607002c93df45ec1e35 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10d273047abdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\International\CpMRU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424435308" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2016 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2016 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2016 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2016 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a504b32fa45f67864fd316949e0cd5a4_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2F1F.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2FAE.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8b7db54ea8860eddc7cfc56028b0292 |
| SHA1 | 6a511705fd2f3e913201b8188c60912575c9022a |
| SHA256 | 7184b56328c673287bc1528c91d76bfd92be0de200bc4e550724fff70e91a93e |
| SHA512 | c82a1de29c891d22566f24797cc0eac24eabb9d4ed59beb7b37db493962a6df7f6eec63abd21c9734c4792ffb7147c2aeb968250acedcf2a3ce0d6db185510e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0ba0e8b32c2866109d3e70b7583da8bd |
| SHA1 | ec18665483f41029b75370ee6329e0ad33b4fe4b |
| SHA256 | b4c333b3fe480543fe569a891f2c1b08287d9b79578f7779101ce27d51e54be3 |
| SHA512 | 867e948c713c91a9d9d9d19022133db8630165d01e8f1d51ffbb3a1ba9f0a56304823893a004e2dff05bbb5c20e7956e132485bb6ff1e27a98612570b7dcb786 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 033240160cd546ff4d5aa87274f0139c |
| SHA1 | 346a461e38869942115354721ae2d68eff94fed0 |
| SHA256 | 2792da825c3170a29f2fc1ca8386a8bff6fb2217b902d606531916361883ade8 |
| SHA512 | cf3c0749306912d5860297e37c6119c414140474af2351c98aab246981141f18756f6ce709425f3afa64f8e3720af66dbc4bff77cbcf84d075bea5f18cb643c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b98976ba3f2769d79cf70b84db1b458b |
| SHA1 | 13efe68a3e35359da80193208fec81191bab3d46 |
| SHA256 | 70f7c769f6e7b1c5e0c88f8a8640b58d476131970b6c00a934a20e27ae66125a |
| SHA512 | 03053fbe7e33841001fb08e491fa96a22c1113c57d2e1d1067f811298ddd3a6de9cb9d896a9e2ef8bb0d2ae501d1c5fe9af75fd9e3eb75ce6b2074256db99421 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac2de67cd0557fb0113e2994820d1baf |
| SHA1 | d01347cf2db9c5f045f1187159ff6dddcf8a44c6 |
| SHA256 | 4ee1f5d57696184d99a26a8d8b3b5c0d68f2aa8392ddcce93deb0481a1e719cf |
| SHA512 | 0ad97de43c8fd72a505bc4b56316015f8fdb4a3f68822d13940139ac53cffcdddc8173722caf0499fde97e09a84b2f4db15e11c5db31978f9fc857d614a32abd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6d909fa617e0ebc2323f447c10f18a2 |
| SHA1 | 4fefcfff95c0eb4aa07e3b09d85a83bf49dc8637 |
| SHA256 | 493d13071d22e8cc1be862377ca61b0d1b462d075dceac8b2965fbeda9b82d09 |
| SHA512 | 41f47629a25f6f7a77009caf1b5007b90d408e4f3eaff385c3dbba59f6713d875b69dddf3938ba07629e66b1df658f9e40734f5b6bc8d0535505d908394bd93c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ae41f8e5049d6e797c79249edeb5879a |
| SHA1 | cbfec51030f852d744d02d96bafde796dc98e407 |
| SHA256 | 93c479624bb0bc602d36b9d453e710d8d4be8b7c3251bc21a2ed5adf3d00bac4 |
| SHA512 | 586140450a4b2d7426a3a0a1f8081a461ba318eacaf2216385e55d259456cc719b9a970c0e08b74b324260398221e6c8f49b27dc701ecb5f4f639bab7f32d032 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b0c8fbb4f67fde502db34fba5d8c0a70 |
| SHA1 | 67d62d2812bfb8b241fc2f1cf17b19e51d4cf51c |
| SHA256 | c2021a5750c3f39376c85a137502d93a38b1cdbdefce9d1649ba489b9b35f30e |
| SHA512 | 074e7761cd1a8d1a4ba2643b649abf3f58295722e537b30d47b55502234d95f4915886e6fac592cb57a591e50cf0955a1e42e2710d0446f34c76b87a53ec5bed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a1c1ac005d9faec6ae813a2494bb7187 |
| SHA1 | 19f7db4f076c099305725e8bbf319aae68eeb8d0 |
| SHA256 | 94988784ca585b02a0e6f379118cef1e423a324929e3f355b712faa34defe7dd |
| SHA512 | 51384606788d12faaae185eaa9002a73de922026cb6149c43e60afe21f07d20890fa248031b42106f0b02edcaedcb640bd57703502a4eb7b18e42548551dc0d9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c68cdef4c0efc5fb8cc012285087304 |
| SHA1 | b6f28c58cbef341a17f4fc6ce5288cd08e4807fa |
| SHA256 | 0e59e50b4a3eafc47fbcfe72184c11caffd169c35d682e94562d3c6ea21ead19 |
| SHA512 | 2c6839eeea588a459383b932ed4dc4b06e1a6fb03fd564618e2c97f0dc918dd421df8ffc1117a6936ecbf394bbe9f9f83ef0aaeab6c194e126d9c1b399856bfe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a2856f6ada48b52725bae6cc2ebd0742 |
| SHA1 | badcb6f08dbc17f28412bb93ca6d16935d96fd79 |
| SHA256 | a3f9b2f12c89f299c04e53c04e9cce2a1e21ad58f6bca85ad667b6a9e985fc02 |
| SHA512 | 702ad3d4431bc18b37446353075be8a9bec6c8bc3abb73e7413e6011c6d8191d4955ef054bb0372c7b09d8c295e050857eaa1acc0c1880d5d16a2a744450126d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee48bb9805671cae0af34bf89a90ff6b |
| SHA1 | 3fb9b83ff5c61d420589150379445ad5fccf53fa |
| SHA256 | 2d3e798a91a0456f6f13016ebf7a026d4be44f2aeffba5fd7ec7d64f0389396b |
| SHA512 | 62945a83afa179361108ae9d17cddc11122dcd3858d440e471d74f59c1ee23ccb35cf998e9d6df664159839cb087130e656dbc1bf21220e3866f39212196728a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7cb021d14037605388eaa88b3fdabec6 |
| SHA1 | b3c8fb43a391141ef1084a2a09341557b2b16e5a |
| SHA256 | 66aba52f928aa1f7489eae90e1a05fdd5afafaf579c3e30924f02f4fb96f1bde |
| SHA512 | 7db8a0481cd2826d623e3356d012024b4c60dba43aae80c034cf9b96d36040dc35ae74b5aa33f9310a73b4b6e7527a4472a11069360f26da677a6d104599ff36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 885fc367283c4be75553d9fe421e360e |
| SHA1 | 06648e512c2fbad9d4885f94dc76be1761a76644 |
| SHA256 | 6086f859f2efbe1363e5741d8912b658c3d396cc0ecf0899dea36a7bb16986c8 |
| SHA512 | 715e785a44174215578dbbeb8c740b6a9ec2962b2d0486be623ffecca847c778374ee4f3547fd0afc1a7d876a4f7834d53e1c4a8850e5a07c7c02dbeb3cc0965 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f2a2d4d24aef363c59c529c310faa884 |
| SHA1 | a361587e682265e2cfc9c38267865cf8c4e5b6d2 |
| SHA256 | f4228ee9f91a5531a39e2eeb8a333867caf065dc81b5613e668ba295824e538a |
| SHA512 | f6d7d542549b62410497133df311840c2beb538cf1c9129cb9506f873a987215736a93d56929648bffc998ee280728f8db804dcae9ea0d74a4e1dd97571ec4c1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 097a60998a76fe85d481784a57b7a2c0 |
| SHA1 | d1cb6629d0089b7078e4346b2ad55785e3ad8780 |
| SHA256 | 9fce4d47693793ffa524a97253661f5355ceeb1d40231169e40c4f60000cab10 |
| SHA512 | 5d9349bc3e278af840c8bee1a71551ae56144f8ce3681c2ae5d698798d1a9d6bc7552bac97b4f98e1613ae3114aba4d6ae42bc3eb76e2f7d80251543ba70e2db |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d709a4d255a551bb2945222f3efaf8e1 |
| SHA1 | 3615199fb9338f1f1f138eda8a9b7b71b2784001 |
| SHA256 | b42a637e4ee0b9cb265432b0cdbdd563d1195b74d8cfe8947d0e987e2de006ef |
| SHA512 | 0582f1e7f9a0db042d9c1dd75eb00cfdbaaef988719e7e50250ea19aa340a7e7ad3a52512f08203e2e4bdca37af9c65facfe01d1249466d6f073a0a20e1d7cda |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cdd13ef5377950571c1cdbebf30b1ebf |
| SHA1 | 1063c0d4ffec9f7ba68305c67edf126a067fd5a3 |
| SHA256 | 72f2f270a92aeb7d4131d974d12f53d8f28c4ab22b41346d77d6d09f9a028e5d |
| SHA512 | c2bd7ffe8344ce21c755e40352e2c7a112c78bbe6a41fb897ef43589db11757ad0f34f6c91eaa1bd2e020c942156b80fef8a069b5a435a483c3f9a55d5aa01e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 710cb726a67ddca83ae1b10f662bb91b |
| SHA1 | 6a95ee5087268ebbba1e41b767323d478d5d3f0d |
| SHA256 | 9b245a8bc9b2e32e8ad89f377aa3677decef3838ff0c8d4b966dea39fc6ef678 |
| SHA512 | c759d340cfa72192f4eca8ff49508c5024d1200e5b0cb136ffac1f00d995d7f583b5e3cda0aea27734883ecd82141b1cd1b572fc48a3c9de60513f880bf5507d |