33882ab5b94b2359562825a4afa71c38eea6b02e4b67e41b83213060620da0d4

Analysis

max time kernel
134s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 23:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe
Size

4.9MB
MD5

17fb9816b54943259b5a8ddd68519c44
SHA1

661a74f066816354191c4df8e4e4b4c93455ee54
SHA256

33882ab5b94b2359562825a4afa71c38eea6b02e4b67e41b83213060620da0d4
SHA512

0441ce11eea6f620585f501aae763157a84178680cb3451d87a0f97d2cd4e8779e7b2d3edebf037fa955cbefc927400726198555a45eb3178c6d62de10d45017
SSDEEP

98304:HukqbKfz4+NPWNwY2Z0rIAl2MYWk+PXlkBJlV54hQrCjNNLxpeF2:OkqefhNPHYyAlvTP/la4urCrW2

Score

7^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation	17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 39 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426296987"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1540626960"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000aa9cad4c9673b74c9a378d3b281cdc3700000000020000000000106600000001000020000000aeb2c2d6773a118488a69d900156c38ac17fdd26b6dc78043e3d6c0d1c6b0217000000000e80000000020000200000002ed43645cc2d4efa2a111dec017734e0a2c3c3f26181db7842fdd4a244369a632000000051c1b2c989a9729d5281a6ad43e3148d16ca6fa789b93b1551070dfd18a0d6c2400000001ec0480b95f012be81f30907e63deab83397ce7d03f80b294e188bd7cf65345150f5415c238074f92f963548f02e1c1e00d6ceb1efdf939ad1c7e2fb0f4885e1	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115500"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000aa9cad4c9673b74c9a378d3b281cdc3700000000020000000000106600000001000020000000d686730bf7950fedcea557a46ba4abb4bca29acb3218c92d7b2e9392c00e4bce000000000e80000000020000200000004b37bc111041c45738ec133a3789fabeec57ce7ac05db14543b2f8bf33e3009c20000000e7ab0d6f27a0e4117c2b71650430a2ad75546a78bef702c5c08f75c0280350aa4000000078e16e0eda5b7d42549ac42283f09d5ad136555db8cde9b4efc23fb0403e2ae5f6aae8eeeba2a24ba09aabbde17806044aa1232adc49e23e7a2bb0e4bdf609dc	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0389c5cecc8da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{87682A50-34DF-11EF-90FA-F671300AD8E0} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1543126499"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31115500"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31115500"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1543126499"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a046a85cecc8da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1540626960"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4644	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
4644	iexplore.exe
4644	iexplore.exe
1644	IEXPLORE.EXE
1644	IEXPLORE.EXE
1644	IEXPLORE.EXE
1644	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 1464 wrote to memory of 4644	1464	17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe	99
PID 1464 wrote to memory of 4644	1464	17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe	99
PID 4644 wrote to memory of 1644	4644	iexplore.exe	100
PID 4644 wrote to memory of 1644	4644	iexplore.exe	100
PID 4644 wrote to memory of 1644	4644	iexplore.exe	100

C:\Users\Admin\AppData\Local\Temp\17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\17fb9816b54943259b5a8ddd68519c44_JaffaCakes118.exe"
1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:1464
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" http://software.msgpluslive.net/getlive.php?src=setup
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4644
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4644 CREDAT:17410 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:1644

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3928,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=4184 /prefetch:8
1⤵
PID:3368

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver89AD.tmp

Filesize
15KB

MD5
1a545d0052b581fbb2ab4c52133846bc

SHA1
62f3266a9b9925cd6d98658b92adec673cbe3dd3

SHA256
557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

SHA512
bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\SYNNS6ZU\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Arabic.ini

Filesize
188KB

MD5
acf637ec04eb96f2e676751bf9105d77

SHA1
2ff4a30f9bc2569ed235aaafce280ebf7c5d48a6

SHA256
283f60ddb564cd6a9f43771f992704704fa6f3863d476b0a5b57a74c773050b4

SHA512
1c4fc558a32f985ce7f7552f4c7afa13e6358b3150b70dc7a17bc2c9b2f5b715377379c2af792b530b1bbc97f1cc30e7ad28d65fd9c364aba83859f2e521fcdb

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_ChineseSimplified.ini

Filesize
126KB

MD5
4906cb6a67b1a1eba6a3913e217b2c48

SHA1
f50689320b968d96dadadca1da90aa3486ea8360

SHA256
e129b553c043c7c40ad9e33162b535c3cb96f516ca7955d036ab868221315c07

SHA512
f1e608759b0a0bb3391bd018fc4300df98a9c20a5527a7c46e69b7974506186e06403f5094e38af864b7f5d6ef0b0c26362dcff1bf5fd699b6d4e7676aabb3a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_ChineseTraditional.ini

Filesize
123KB

MD5
876aa24cd3149e3ddf7cfaa32c2772d0

SHA1
4622d97f73dfd1ae043f75436ae257a784ff2f85

SHA256
1b8ccb3a2380cd28a7c597c583d8bf67e6530b92f01e238c0023812d0bb405b4

SHA512
05767d2d84e6431a940c37a6dd70845517d913a80420d3abbe7cb45ffd40a200445e651619bffd8d58a8f4ff26274f8232920481a05f06a6585004a3ad093c5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Danish.ini

Filesize
216KB

MD5
537a0ceb20fe234fcbc5ee72eb29e0a6

SHA1
1dacb741e11793b5427cbda085bd4e1ff228fd85

SHA256
b62f65e6696def202a8bc209ef4390c1abe2cdbb3606487bf8d9b0606e462674

SHA512
5f01062cdd714314a1871d759400f527c6a8a0d261f2ed7fdc87643a9605a2d85849a286907e981873dd89da7babe9f6d4a5569233f0f34686d61129c7121798

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Default.ini

Filesize
219KB

MD5
dfb87f3a1e394b1f72fd07cc914c21ae

SHA1
7af03c96ad87b32688ffe65e02812ccf0ca57f80

SHA256
850b09ec0f71026969e7d3e048cdb0b799031665221017e3f32eeede9ddaafae

SHA512
102839ebc714fd0c71201318f539baef3ee1f2d3df34e4caf80ee307700c323366d7790cfd78832822f062d93925f807c43905e6feeb3c6c78dcce9bc639b6be

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Dutch.ini

Filesize
240KB

MD5
ae2cff9b32b4f90b8b4eeb74c56bbc8e

SHA1
227b7da1c57713986cf103b6c0ebe1b8905e2b4a

SHA256
f6ded23e8999b4a0ed42d3b0f1668ee845d20ab52002e4e01cecabdf8fe34569

SHA512
b54d47c66748447c7ad4c97b62f451287bfb3919990d68f1e7c578d6f8798f1276ced3c150ac56ea3ffaad518fae31f64b1da15ba9173be75477d4f7a82b811c

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Estonian.ini

Filesize
209KB

MD5
ef82eb9b2c8319d66e699dc91cc8a03b

SHA1
2d87ce57602d2171bc450a23d45b1dfce62c7f17

SHA256
95a5d338c517108a60796ef13c920d657e639df766b93224001242d3df916375

SHA512
c386a5d0a0c39be9753e2400efed334316bc1a01df2450e4fc756ecc481c49bec5f2eb50f9a24238c6cf8f822913dd3b04a80283297e56b1e5d1184848b71eff

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Finnish.ini

Filesize
212KB

MD5
664b3535cedce91b601efe51e90ffaeb

SHA1
90172586d7474328f1233bd7972f2c3ab5d7b839

SHA256
b5b015726a24043f2c578eaa0fe47ebf07d9d7743359b1c4dfa5c93524caf3fa

SHA512
e8d9aac0c0d286d7a13c4b8d021453df0a383c4bd5981da2964e79ecd5452d03e27e92468c331d98e36de9b2c21ef11cc4af4deef68a61187ae3b6e8ba8f97a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_French.ini

Filesize
239KB

MD5
d1d57b8593bad4520bf6c5af0f524b66

SHA1
8251a1a50206f1b9bdef4817fd99ed25ed920e73

SHA256
6c94d9509515b93e120300b6985b039ce68c2415b00118709198304f115e23eb

SHA512
3e4c7e2e2bb550a0ea99bc340daae6ccbf11b8e4b43f478573e30eed82dce4385956413a113c6b6e7ad906326dcbf651d779c12707a5a4b9bd7187d74b7f21ce

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_German.ini

Filesize
231KB

MD5
b8160235db220c83d1cc187b1c694d7d

SHA1
2145262a0026d0beae2570c7c1af3ed30447088e

SHA256
922c1d3fff675ac46dc4fb57761317c830cca9a9165a828a1325b9637239a0a8

SHA512
62c32a6034d496013cc210381b396cafed81ed6070fa51130ab4fd54dd2254ef71cd875c65b9125066da6fd659ed9a34c639dc60bf8e74ce583767c78f7eb96f

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Greek.ini

Filesize
222KB

MD5
0d15e3e11bd39028e5cb7dda0d5f2bd4

SHA1
5b22dcaa9a611775038e134a538879e7f54bf560

SHA256
cbf129c29224f01df29327f9a816ae1bed4dab90f866bfd35aa16ac78ae5e647

SHA512
f365f6e874b956c3c4dbc4cd768b305cfe84fa2242ad917fb00ccbfd475f9801e8692ad04d47c8320629990a4331b5fd00c6d3aea6908271db0804dff8d38d7d

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Hebrew.ini

Filesize
182KB

MD5
7a29775163571951e6875aa55376f066

SHA1
ad3dfdaf6cfb7f9584d012b3ef6bb9e64297df3f

SHA256
e137fb8a8253f09b01184627a248d31b6a5fff33b7573f1bd66a7c4e925edc77

SHA512
0af8a4ec11c3ced19649a45bcfd9a211bd39ff7cc4b5548ce3daa1077b4a69241bffb674862f34b38b3b7841302316e39a69a1fe334ec9ef8ea8604b5ffe861d

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Hungarian.ini

Filesize
212KB

MD5
f2408274cc959ab978bb80b6b8b18f8a

SHA1
927eb2a1b955e6522f90428f485265655322c42d

SHA256
840e0156f92a53db6846a020c34e68c9b9e1958b48329c565f71435ece61bbb0

SHA512
1809e4496abdcdb01e1be8343c20b5698c6cd54a405b144cf0ab58186648d39471c5dd014cc37f1c7141c106d8633f736d36505f92935392ea83243cac956f05

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Italian.ini

Filesize
225KB

MD5
a8f7a0a79707bb2101f90e3b7c0d0ada

SHA1
70de86ba3b909f858cea9f529e681e71d90e3833

SHA256
37da5bf8eed7658c2d250df2aa97568f9de540f35d762c3b452f302287906354

SHA512
58c055e234654a22270ce2360174c61b62594db9a5261e4ccf363a841994ff1f50b92b3884948baec1ca422eb52406dc5f69f05b9b57403ddcaa7b07f15d31d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Japanese.ini

Filesize
152KB

MD5
f116a59852501cfa793c2383e96f7426

SHA1
724f8bb479a5bc1b0d8ad07d925b0d08a2a4a765

SHA256
aef240d6bc20026520ab7dbe216dc605f759ab9d092b2ef882cdf5a2ff019909

SHA512
7d41dd96592743bd9a8f03ecc08b269f66b92f53132e2c28591ec8e7f750ff81cd468295fb4bfc15987cfb0ccef4bd47a25a62059c2b4b681def92623240ee48

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Norwegian.ini

Filesize
212KB

MD5
d013f4277a3d5aed236f4d5ae34f7044

SHA1
dcd6ede19061874f5b923a826b82078874f802e2

SHA256
0e8101053de36687dd24937758521d69dbea782831d3dabe840b553cc587fa5c

SHA512
185ed6dbb4478671427708be3e085b52d6e8505300ec617693f4a9371e31d56af657dbcbd6ee425652d227f44d0dd34192d88a70e457977cbb71edf3fa714f28

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Portuguese.ini

Filesize
234KB

MD5
098355a98135817ab4283a6d4af38d3c

SHA1
d0195ea96f1311004cfedf66df30afa0c712b187

SHA256
78654f541b08979645c0d089e5d3e5a3aeeb52ea7bd7f54320d9dc8a0efa573c

SHA512
4ddf47c2d0398812cd5078b9f9c3c8116caae2aced9f7183d107cd62f643efe300d86d11ffe67493bbba48a89770703a45a56dbaff1a90c9642dcd791a8e4153

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Spanish.ini

Filesize
228KB

MD5
7610264aa712a449aba3897f307b92d6

SHA1
fbc1036c27f958352ee59b2f94b1c35833ad6f94

SHA256
eb4cb24dd1b8a5936a33fb91d38ac07924404e7f0c0b1da4c270bda3ad073fdc

SHA512
e1ea7ca303db3f3f8fc910cb7ac203494596193b36c1cf4e340e3aa64bb8197224891682efc570641d9202634c74fa5603ebc7c35510f552c5bb9d72066ae142

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Swedish.ini

Filesize
213KB

MD5
b89f34d6e17b84ebe607a3f99e51b31d

SHA1
7f9fa072bab6b373fb2c9002c3517f33c1c27e39

SHA256
b13a75df06ff8235a64ae7cdc1ab098e28ede2ef65cf09420ee06c52ac78fff2

SHA512
c7745b60bf909c6428dcf401371d37df7ca492ed5dff44f3e4873dbd86733dcba1ce238607934bdac8bb8b8fe2d66a5977fa4d1e8c5d5760b5f5c355ea7c93c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Thai.ini

Filesize
203KB

MD5
2c7d330639affed8baffcb97d1224a71

SHA1
67132448456e55dbfe076d6fe800c4b17a8a8a72

SHA256
22fd14c68e631eaf23c6e8f68a6c166ef0143f567dbcb5bf9e647347dbbeb083

SHA512
b5eb9a6ab0d62bb08b9522363706b33a58a2d36a4bfd3c1f391c880d8cf5d2d45cfe09e347cc50b813dd3ad39f554331c65dc35eca269476a8ea4fb35c04a0eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\msgpl_5a72.tmp\Lng_Turkish.ini

Filesize
219KB

MD5
241aa8cc39b4366273fea6f1e4ac0529

SHA1
fcb5629375ff4112e86bdf506a1b7ec37c719f45

SHA256
7372f8af6768a32e7ec8186572b5801bad9f204a6d308b8a822817f1f1c4ae7b

SHA512
0371de482f87ccce7f3a7d82efb11edff41a95bd591351c304857d273bc0f219e3feb8151c8da79a4454b718875e621b5e4b58c8ccad421a90d2d770c6633d8a

Download Submit