demonware | 9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14-06-2024 10:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
Size

25.7MB
MD5

a95111407437bd851ae651f847b53e90
SHA1

1b45a51068c128fb97883a671c68cf17b02d2e29
SHA256

9211217318a47e3e7fb79f3edf426088a8029c9d44fc9c77ca9dcf4fb1a67e06
SHA512

18474827161b6e722db1b561171d96bc7d47e3e3f8a0e2bd416b540bdd8d8a3fe772ba7c24f3ad83a0aa3e45008d937a03ce0e0fb6786833da0397396b19cce7
SSDEEP

393216:FcjRh0jlscHVAD5wjcTy5AwJ5ShR4uwcI5Hq3CFDDAQWp15O8626Q7RhJzxeT:sh0jlT1AD5RTAvQ2BHKDdLcBQ7b1g

Score

10^/10

demonware ransomware

Malware Config

Signatures

DemonWare
Ransomware first seen in mid-2020.
ransomware demonware

Loads dropped DLL 38 IoCs

Processes:

a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

pid	process
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

description pid process

Token: 35 1520 a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

description	pid	process
Token: 35	1520	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

description	pid	process	target process
PID 2424 wrote to memory of 1520	2424	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
PID 2424 wrote to memory of 1520	2424	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
PID 2424 wrote to memory of 1520	2424	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe	a95111407437bd851ae651f847b53e90_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\a95111407437bd851ae651f847b53e90_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2424
- C:\Users\Admin\AppData\Local\Temp\a95111407437bd851ae651f847b53e90_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\a95111407437bd851ae651f847b53e90_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of AdjustPrivilegeToken
  PID:1520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI24242\VCRUNTIME140.dll

Filesize
85KB

MD5
edf9d5c18111d82cf10ec99f6afa6b47

SHA1
d247f5b9d4d3061e3d421e0e623595aa40d9493c

SHA256
d89c7b863fc1ac3a179d45d5fe1b9fd35fb6fbd45171ca68d0d68ab1c1ad04fb

SHA512
bf017aa8275c5b6d064984a606c5d40852aa70047759468395fe520f7f68b5452befc3145efaa7c51f8ec3bf71d9e32dbd5633637f040d58ff9a4b6953bf1cbf

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\_bz2.pyd

Filesize
92KB

MD5
c9bfb31afe7cce0b57e5bfbbfda5ae7a

SHA1
37a930d22a9651f7ae940f61a23467deaa1f59d0

SHA256
58563fb8798c878bbb19221d8c6c9a3cc243d6dbc9bf5d7f73ba62834c5e4614

SHA512
3775adb2750a8a7927f56b1bad853e405b21c678d2708ae1d0e7ddfb68e2228971636ccd88055a9d04e49f009d8ec1fb4e0f7cb6ad9b012b666e132d989668e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\_ctypes.pyd

Filesize
122KB

MD5
3e3785757daea4e4e05a1b24461a60e1

SHA1
6b114125c9f086602cbc1e0ce0723374c90884cb

SHA256
72b7108ab9167f4cf780bac0c074c9be62ebaa43a9f5327f803c2c20a5f33d14

SHA512
a686def1331d31d779e308a6621d838495687176592f7ff0b41682f07473498d4782308a172a59fd7ef40f2c81042e851f607821c378acc9ab16da01a1ad3a3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\_hashlib.pyd

Filesize
1.4MB

MD5
86db282b25244f420a5d7abd44abb098

SHA1
992445028220ac07b39e939824a4c6b1fda811dc

SHA256
ab3d09c879b395631d8a4f89f6855d98d315675e9607248eed7bc07317260168

SHA512
62e2919c4ba74fa69f25209db89f0652c5f8624867b3221aa3865e4dc2bab07e70880c63e4853051f1cc7464ff6478106ac4d6c9fc096172d85e523d8cbd069a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\_lzma.pyd

Filesize
248KB

MD5
857ba2d859502a76789b0cd090ef231a

SHA1
352378e0f9536154d698ecbb4c694aae8d416787

SHA256
42aafcd7e1050b3307c06874fa1e72eecfb5554bd631097e7af0506a3a200144

SHA512
ab70e4fde01bf0d1a2f4dbfe0b556ce3d83e57edf84c62262f0500b6b0295101a36e279f843cef6a08a4d4d3cde150ff76195ff417123eed64b661310fa759a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\_socket.pyd

Filesize
70KB

MD5
7e080d04a56cd48cf24219774ab0abe2

SHA1
b3caf5603ce8da3da728577aa6b06daa32118b57

SHA256
77b3597eef6eb044fbec7b2229772495cd632033bec03badad4e4d268748b760

SHA512
8bb475b62cb025823ef3eb54db58017b9fc394fe4a8a6d84aee13a4aaf9dd426e59860d3f15abcc218bd7cf4aefeee37d8fdf24dc272b6196b089b65cb584aae

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
b5060343583e6be3b3de33ccd40398e0

SHA1
5b33b8db5d6cfb0e8a5bb7f209df2c6191b02edb

SHA256
27878021c6d48fb669f1822821b5934f5a2904740bebb340b6849e7635490cb7

SHA512
86610edc05aa1b756c87160f9eefe9365e3f712c5bed18c8feca3cae12aef07ccc44c45c4be19dc8f9d337a6f6709b260c89019a5efcfe9fa0847d85ab64d282

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
2e8995e2320e313545c3ddb5c71dc232

SHA1
45d079a704bec060a15f8eba3eab22ac5cf756c6

SHA256
c55eb043454ac2d460f86ea26f934ecb16bdb1d05294c168193a05090bf1c56c

SHA512
19adcc5dd98f30b4eebefe344e1939c93c284c802043ea3ac22654cf2e23692f868a00a482c9be1b1e88089a5031fa81a3f1165175224309828bd28ee12f2d49

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-core-localization-l1-2-0.dll

Filesize
22KB

MD5
54d2f426bc91ecf321908d133b069b20

SHA1
78892ea2873091f016daa87d2c0070b6c917131f

SHA256
646b28a20208be68439d73efa21be59e12ed0a5fe9e63e5d3057ca7b84bc6641

SHA512
6b1b095d5e3cc3d5909ebda4846568234b9bc43784919731dd906b6fa62aa1fdf723ac0d18bca75d74616e2c54c82d1402cc8529d75cb1d7744f91622ac4ec06

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
d1b3cc23127884d9eff1940f5b98e7aa

SHA1
d1b108e9fce8fba1c648afaad458050165502878

SHA256
51a73fbfa2afe5e45962031618ec347aaa0857b11f3cf273f4c218354bfe70cb

SHA512
ee5e0d546190e8ba9884ab887d11bb18fc71d3878983b544cd9ab80b6dd18ad65e66fe49fe0f4b92cbc51992fb1c39de091cf789159625341a03f4911b968fa2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
36165a5050672b7b0e04cb1f3d7b1b8f

SHA1
ef17c4622f41ef217a16078e8135acd4e2cf9443

SHA256
d7ab47157bff1b2347e7ae945517b4fc256425939ba7b6288ff85a51931568a7

SHA512
da360ff716bb66dd1adb5d86866b4b81b08a6fe86362fded05430f833a96934ccdada1b3081b55766a4a30c16d0d62aa1715b8839ea5c405a40d9911715dae68

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-conio-l1-1-0.dll

Filesize
21KB

MD5
75e626c3ebf160ebe75c59d3d6ac3739

SHA1
02a99199f160020b1086cec6c6a2983908641b65

SHA256
762ca8dd14f8ff603d06811ba904c973a684022202476bca45e9dc1345151ac4

SHA512
5ad205b90ac1658c5b07f6f212a82be8792999b68f9c9617a1298b04d83e7fcb9887ed307a9d31517bcba703b3ee6699ea93f67b06629355ea6519fed0a6d29a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-convert-l1-1-0.dll

Filesize
24KB

MD5
0485c463cd8d2ae1cbd42df6f0591246

SHA1
ea634140905078e8f687a031ae919cff23c27e6f

SHA256
983f4d4c7b7330e7f5f091080c1e81905575ebccd97e11dff8a064979ec8d9b8

SHA512
ddf947a1b86c3826859570a3e1d59e4ec4564cfcf25c84841383a4b5f5ad6c2fe618078416aed201fb744d5fbd6c39dab7c1e964dd5e148da018a825fcc0044a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
22KB

MD5
1193f810519fbc07beb3ffbad3247fc4

SHA1
db099628a19b2d34e89028c2e16bc89df28ed78f

SHA256
ab2158fe6b354fb429f57f374ca25105b44e97edcbdc1b752650d895dadd6fd1

SHA512
3222a10c3be5098aca0211015efe75cfbcd408fd28315acedd016d8f77513f81e207536b072001525965635da39c4aae8ef9f6ad367f5d695de67b1614179353

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-heap-l1-1-0.dll

Filesize
21KB

MD5
a22f9a4cbd701209842b204895fedf37

SHA1
72fa50160baf1f2ea2adcff58f3f90a77a59d949

SHA256
2ee3d52640d84ac4f7f7ddfe748f51baa6fd0d492286c781251222420e85ca97

SHA512
903755d4fa6651669295a10e66be8ea223cd8d5ad60ebe06188d8b779fef7e964d0aa26dc5479f14aab655562d3c1ef76b86790fb97f991eaf52da0f70e40529

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-locale-l1-1-0.dll

Filesize
20KB

MD5
ba17b278fff2c18e34e47562ddde8166

SHA1
bed762d11b98737fcf1d1713d77345ec4780a8c2

SHA256
c36f5c0ac5d91a8417866dd4d8c670c2192ba83364693e7438282fb8678c3d1e

SHA512
72516b81606ccf836549c053325368e93264fdebc7092e42e3df849a16ccefa81b7156ae5609e227faa7c9c1bf9d68b2ac349791a839f4575728f350dd048f27

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-process-l1-1-0.dll

Filesize
21KB

MD5
d8a5c1960281ec59fd4164c983516d7c

SHA1
29e6feff9fb16b9d8271b7da6925baf3c6339d06

SHA256
12bb3f480ec115d5f9447414525c5dcd236ed48356d5a70650541c9499bc4d19

SHA512
c97aa4029bcd8ffc490547dd78582ac81049dded2288102b800287a7fb623d9fde327702f8a24dfe2d2d67b2c9aaf97050756474faa4914ca4cb6038449c64bf

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
24KB

MD5
dbd23405e7baa8e1ac763fa506021122

SHA1
c50ae9cc82c842d50c4317034792d034ac7eb5be

SHA256
57fe2bab2acb1184a468e45cebe7609a2986d5220bb2d82592b9ca6e22384f89

SHA512
dafea32e44224b40dcc9ca96fd977a7c14128ca1dd0a6144844537d52ba25bcec83c2fa94a665a7497be9e079e7fc71298b950e3a8a0c03c4a5c8172f11063b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
26KB

MD5
5df2410c0afd30c9a11de50de4798089

SHA1
4112c5493009a1d01090ccae810500c765dc6d54

SHA256
e6a1ef1f7c1957c50a3d9c1d70c0f7b0d8badc7f279cd056eb179dc256bfefda

SHA512
8ecb79078d05d5b2a432f511953985b3253d5d43d87709a5795709ee8dbca63c5f1166ed94d8984c13f2ea06adfa7d6b82c6735c23c6e64f2f37a257066864e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-string-l1-1-0.dll

Filesize
26KB

MD5
aacade02d7aaf6b5eff26a0e3a11c42d

SHA1
93b8077b535b38fdb0b7c020d24ba280adbe80c3

SHA256
e71d517e6b7039437e3fc449d8ad12eeeca0d5c8ed1c500555344fd90ddc3207

SHA512
e02fcbcb70100f67e65903d8b1a7e6314cabfb0b14797bd6e1c92b7bcb3994a54133e35d16da0a29576145b2783221330591526f856b79a25c0575fc923985a6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-time-l1-1-0.dll

Filesize
22KB

MD5
0d9afb006f46478008c180b9da5465ac

SHA1
3be2f543bbc8d9f1639d0ed798c5856359a9f29b

SHA256
c3a70153e1d0ecd1cbf95de033bfef5cfecabe7a8274cafe272cc2c14865cd8c

SHA512
4bd76efcb2432994d10884c302aee6cadbc2d594bbbd4e654c1e8547a1efd76fd92e4879b8120dfacb5e8a77826009f72faa5727b1aa559ed3fc86d0ce3ed029

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-utility-l1-1-0.dll

Filesize
20KB

MD5
9b622ca5388b6400705c8f21550bae8e

SHA1
eb599555448bf98cdeabc2f8b10cfe9bd2181d9f

SHA256
af1e1b84f066ba05da20847bffd874d80a810b5407f8c6647b3ff9e8f7d37863

SHA512
9872f54ac744cf537826277f1c0a3fd00c5aa51f353692c1929be7bc2e3836e1a52cab2c467ba675d4052ac3116f5622755c3db8be389c179f7d460391105545

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\base_library.zip

Filesize
756KB

MD5
4ab4145ff7786c5fba96e9026b3dd953

SHA1
5e232c9c90e910b72037673ccdbfe4d787300d14

SHA256
2197f145fcdf5a13360ff3294050e3cae7c0ce828ae045252bee697987ef1241

SHA512
385e97e853ae051f75f99be2fb6bd33dd3682e98f0f587d2086133357ea645ee5db15df0a2570ea440b505e048bbdee99c4136bee03d3b9c59aefca688e33b99

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\payload.exe.manifest

Filesize
1KB

MD5
22a0ccba48fe09df9b1a9dc4d03348c8

SHA1
b83b7b140333e5fcb70bf361e717453982f8be1d

SHA256
d4dc6e1c6191a54fd372aa0bb6c8db946d4be94b70142d0d9c3aab4d6b11d28f

SHA512
633abf3a33f13e21566d7e0ea1d1fccd52fca5d5237202e0266ed46f539a8354b877487f422b29e2082b62f4adc8acf1487620f6b60e417f4d91663e826eef7b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\pyexpat.pyd

Filesize
183KB

MD5
39d84649515d95284f2f7297bc84fcec

SHA1
465069ac60032b2377d9827c9ad0c416e23081c2

SHA256
72f3d5932ba5387cae504ddd30bee963628df8ef13d6d99e4497b1531a736dfb

SHA512
2903e41c40b8483f2941a429f126b8e443e7d2633b6cf76eaa9f269de2bbf5b72074c1835609c52e6488ab784048014a42aa37f2e13b7bcda6a8052d9e55ac73

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\python36.dll

Filesize
3.4MB

MD5
7e5ad98ee1fef48d50c2cb641f464181

SHA1
ba424106c46ab11be33f4954195d10382791677d

SHA256
dd4bba32bf57165371822f5966617f475198764a91f39dc6ef86552457ac795d

SHA512
7633730cc9672bc558f8f3391534f9a0f3627a98c5c9f5acefbfc2356eeb14cd10581dceceec2e2d20ed666bc121b28d2af63bd61ead48d34cbcec5861f8ef82

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\pythoncom36.dll

Filesize
541KB

MD5
83f8c8ce5311c78cccaee21461016769

SHA1
cdffe77d09a805774a445cbdf48363f46063975a

SHA256
7d5af1fe982297041ce51b490fdd10852b6f1f0e2b8eb247c55badd9a9b09cc1

SHA512
6f6e28dfbfaa37459ceb34ac13536e004cf7b2462cafced6f00a0481d1d4bbdb3227d865a7932e74d4511c7e8024367536811ea45c71d8bff27753bbdf3295b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\select.pyd

Filesize
26KB

MD5
290242633745524a3fb673798faabbe1

SHA1
7a5df2949b75469242c9287ae529045d7a85fd4c

SHA256
df8acaf83e5c861f1d0ad694b087ff0a451f01191602617307a93c9dec893ecd

SHA512
a3aec08265e2ea4549df14f6c2683b7b53c553b45304e80ed27ca5b5df70f0e1a3b139608557230e2acbaad4f302b5e20631a9d82de75222a9cc4b2177ce2020

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\ucrtbase.dll

Filesize
1002KB

MD5
298e85be72551d0cdd9ed650587cfdc6

SHA1
5a82bcc324fb28a5147b4e879b937fb8a56b760c

SHA256
eb89af5911a60d892a685181c397d32b72c61dc2ad77dd45b8cac0fbb7602b84

SHA512
3fafea5ff0d0b4e07f6354c37b367ada4da1b607186690c732364518a93c3fd2f5004014c9c3d23dde28db87d1cb9ae1259cda68b9ba757db59a59d387ac4e02

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24242\win32api.pyd

Filesize
129KB

MD5
ed2a30ab838d76dbd5ccbb272798af31

SHA1
d0d07e64c09993cee447b9b6e4cdfd48653b156a

SHA256
68b4fc8226000e6b270badf0f5e2a79b4f8d515ce4447be68d4eee7c5b3ae4d2

SHA512
f4de6ac3ad50ca0f978413ada0f2d5a587d86668f900d7c9cb55822927f9d81ac695db581f385c1185da63ff3912ac3e7f17306b70aeeba7aee59abc4e10724b

Download Submit
C:\Users\Admin\Desktop\README.txt

Filesize
657B

MD5
8970031ac72b814f5be89715c105e2d7

SHA1
569ff284092d4a104e6360ac1f49732531b6c17d

SHA256
43dc8899b77f0145f29e29b63edca0e56ea805075d1df9572b9fa3a5d6d63e28

SHA512
687950c19f6bce8a6a204cb8f6185c81f0a83c70dc74c48465e734ebf7cac9f5f3e98571565978db370f014a894d15d29a0b17a48ad76243d5212231a681483f

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-environment-l1-1-0.dll

Filesize
20KB

MD5
e48a1860000fd2bd61566e76093984f5

SHA1
aa3f233fb19c9e7c88d4307bade2a6eef6518a8a

SHA256
67bbb287b2e9057bf8b412ad2faa266321ac28c6e6ba5f22169e2517a3ead248

SHA512
46b384c45d2fe2b70a5ac8ee087ba55828a62ccab876a21a3abd531d4de5ec7be21ff34b2284e0231b6cf0869eba09599c3b403db84448f20bd0fff88c1956d5

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI24242\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
c4cac2d609bb5e0da9017ebb535634ce

SHA1
51a264ce4545a2f0d9f2908771e01e001b4e763e

SHA256
7c3336c3a50bf3b4c5492c0d085519c040878243e9f7d3ea9f6a2e35c8f1f374

SHA512
3b55bdbc5132d05ab53852605afe6ed49f4b3decdde8b11f19a621a78a37d98c7aeaaa8c10bf4565b9b50162816305fa5192ee31950a96dc08ae46bfc6af4ffe

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI24242\pywintypes36.dll

Filesize
136KB

MD5
8eadc90326166b11dfab03975c0a747c

SHA1
6d3cf5c98ab72e1bf97436355619b576a36e4e16

SHA256
71bf0a66de1ea95b4a61a9a4b4e752fc792e389f39d6cdcf529c35a3706ea99e

SHA512
2df996a0136364ffaead291f5b6017dfd5df103e033dbdcc78f464c315fe85a55099f8e313e77e85065634d342628ad165f409e5eeb8535371da545eaeca5173

Download Submit