Overview

overview

10

Static

static

3

void.exe

windows7-x64

7

void.exe

windows10-2004-x64

10

Stub.pyc

windows7-x64

3

Stub.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-06-2024 23:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stub.pyc

  • Size

    198KB

  • MD5

    eeea1c512f652c61804649401b70fa33

  • SHA1

    d0925b2730e88dfe8858570d43e6defc144a95ba

  • SHA256

    cee659c255bb5aa19b73a78e4d0c4b57ab7f46124e0d07ee287d1442c513dc83

  • SHA512

    aceea99e959a5992124452368726bf16bf65fef9f86c751e05cef3133ccc0e762b5f329c0228bf70df2d71c09e51a09ed5fdad0e0cd89b8a97528ec724c93c96

  • SSDEEP

    6144:PeYPhrY7CTpZNhKYhYYYYY9YYUqbGSTgPm:yspLSbGSkm

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 63 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 19 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Stub.pyc
    1⤵
    • Modifies registry class
    PID:4404
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4200
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Stub.pyc
      2⤵
      • Modifies registry class
      • Opens file in notepad (likely ransom note)
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:3328
  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3888
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      2⤵
      • Checks processor information in registry
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4052
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.0.611271994\1554403820" -parentBuildID 20230214051806 -prefsHandle 1804 -prefMapHandle 1796 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c255e7e6-0589-4eef-9ed6-82e7cfb8ac42} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 1884 2c6ca423e58 gpu
        3⤵
          PID:2636
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.1.1523352069\1327919320" -parentBuildID 20230214051806 -prefsHandle 2432 -prefMapHandle 2428 -prefsLen 22112 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {41bcf9cf-9e51-4000-8184-55c7449e5559} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 2452 2c6bd58a258 socket
          3⤵
            PID:5016
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.2.464719895\1297126906" -childID 1 -isForBrowser -prefsHandle 3040 -prefMapHandle 2724 -prefsLen 22215 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {391387c1-d9b6-41b5-a81c-70f7a18cc2dc} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 2720 2c6cd00a858 tab
            3⤵
              PID:404
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.3.154816362\1373018379" -childID 2 -isForBrowser -prefsHandle 3604 -prefMapHandle 3612 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {861fe753-3556-48d7-a5e7-660b73e4fad2} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 3692 2c6bd57ab58 tab
              3⤵
                PID:2144
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.4.1793668656\580135102" -childID 3 -isForBrowser -prefsHandle 5244 -prefMapHandle 5252 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bab28449-f503-4eb2-9c0b-3c234d41f7a0} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 5168 2c6d1987f58 tab
                3⤵
                  PID:2128
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.5.1646494723\1926269859" -childID 4 -isForBrowser -prefsHandle 5404 -prefMapHandle 5408 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68661e0a-2c30-46fc-8d20-da86396741c9} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 5396 2c6d1986158 tab
                  3⤵
                    PID:1404
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.6.104196513\1287905253" -childID 5 -isForBrowser -prefsHandle 5688 -prefMapHandle 5684 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0392be02-ea25-4342-a368-795e6ef14caf} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 5696 2c6d1987358 tab
                    3⤵
                      PID:4240
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.7.1967119608\340566626" -childID 6 -isForBrowser -prefsHandle 5956 -prefMapHandle 5972 -prefsLen 27697 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a654d76-fa02-44e0-a3e3-566f551f3a0b} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 5968 2c6d2dba658 tab
                      3⤵
                        PID:3972
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4052.8.122597846\512684576" -childID 7 -isForBrowser -prefsHandle 4124 -prefMapHandle 3992 -prefsLen 27776 -prefMapSize 235121 -jsInitHandle 1268 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f5c2faf-ec07-4799-8024-07a7a98c7509} 4052 "\\.\pipe\gecko-crash-server-pipe.4052" 4136 2c6cd00b758 tab
                        3⤵
                          PID:5704

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0gx8chzo.default-release\activity-stream.discovery_stream.json.tmp
                      Filesize

                      28KB

                      MD5

                      7487adb9c3d514b575c3c36ff1d96491

                      SHA1

                      b623f7106f4a5307f9cc7ad5126bf95a681ef493

                      SHA256

                      005c3c535354ebfca3bbbad718bca17205f6b6ac40c4b9f038a8d009d9700319

                      SHA512

                      21bce3ce399bb04e98f98842fff7471627c280689d2c207048d6f3d06db63eed7b4fc20998fb98a956e30c1235a30558b3a9f115488ae33add8544489148480d

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\0gx8chzo.default-release\cache2\entries\5CD1EBDF6B57F13C7E783CE5E6D8E9C44014FE1A
                      Filesize

                      13KB

                      MD5

                      e712b550e0d1efcefa4b2ba811d2118f

                      SHA1

                      3c40ca60eacdb54ceb5c4e6ae6e4dc1b36377f00

                      SHA256

                      d14f36caece07142cdcb98624836672372e3efcd33d1684313b8b609f657a251

                      SHA512

                      26021908cdd5b6d5f28c3e5850d24909f733d83100555312c970a1d6639d7af47f9c537fa2921f25df1ef9325704689db3b63cddc31506032e2af54a2a9b56ff

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon
                      Filesize

                      442KB

                      MD5

                      85430baed3398695717b0263807cf97c

                      SHA1

                      fffbee923cea216f50fce5d54219a188a5100f41

                      SHA256

                      a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                      SHA512

                      06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
                      Filesize

                      8.0MB

                      MD5

                      a01c5ecd6108350ae23d2cddf0e77c17

                      SHA1

                      c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                      SHA256

                      345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                      SHA512

                      b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
                      Filesize

                      997KB

                      MD5

                      fe3355639648c417e8307c6d051e3e37

                      SHA1

                      f54602d4b4778da21bc97c7238fc66aa68c8ee34

                      SHA256

                      1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                      SHA512

                      8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
                      Filesize

                      116B

                      MD5

                      3d33cdc0b3d281e67dd52e14435dd04f

                      SHA1

                      4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                      SHA256

                      f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                      SHA512

                      a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
                      Filesize

                      479B

                      MD5

                      49ddb419d96dceb9069018535fb2e2fc

                      SHA1

                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                      SHA256

                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                      SHA512

                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
                      Filesize

                      372B

                      MD5

                      8be33af717bb1b67fbd61c3f4b807e9e

                      SHA1

                      7cf17656d174d951957ff36810e874a134dd49e0

                      SHA256

                      e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                      SHA512

                      6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
                      Filesize

                      11.8MB

                      MD5

                      33bf7b0439480effb9fb212efce87b13

                      SHA1

                      cee50f2745edc6dc291887b6075ca64d716f495a

                      SHA256

                      8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                      SHA512

                      d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
                      Filesize

                      1KB

                      MD5

                      688bed3676d2104e7f17ae1cd2c59404

                      SHA1

                      952b2cdf783ac72fcb98338723e9afd38d47ad8e

                      SHA256

                      33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                      SHA512

                      7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
                      Filesize

                      1KB

                      MD5

                      937326fead5fd401f6cca9118bd9ade9

                      SHA1

                      4526a57d4ae14ed29b37632c72aef3c408189d91

                      SHA256

                      68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                      SHA512

                      b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\prefs-1.js
                      Filesize

                      7KB

                      MD5

                      56281c49f318ae8357f8c0fc46b8ca3a

                      SHA1

                      5883646a43918ec7f02fb6449ea1428379cbb2e2

                      SHA256

                      abf15ea017692694e2291902fb3d49af29a8224c59ceaf10907426a85d435812

                      SHA512

                      e0e8cc3057309ed3ed9f528cfc498e90dde44370f4947056359d48a6ea0afbc5c89186aafd63f69379af6cd14e6eb5fa445f598193fa89609ddaaee0a06fb412

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\prefs-1.js
                      Filesize

                      6KB

                      MD5

                      009c3579fc73d8b23e5dc96dc46831ad

                      SHA1

                      c1169cc70b25a4227af661cbb392c134c2cb0909

                      SHA256

                      8138f9a50338cd9d42967a3b2ca29267e1b2e2b0d7723cf124a600ed3b4c6a7b

                      SHA512

                      3b203b52033dc72fad139c5607e4fc54fe524f8d83b90579bba601aebc4651a916f912ba29b6a5e727cfd4c2f3416450977ed9c35153798adb4723a571b00267

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\prefs-1.js
                      Filesize

                      7KB

                      MD5

                      2b2ee427529ce34260721dc7fd616b1b

                      SHA1

                      f28c3d6377ce67741a61fe83ba62fe7dc5312699

                      SHA256

                      d58d628605bcbb268c18e1afccff8e540463b28076d34c464183fa556e2b790c

                      SHA512

                      345a66f7b65522e0a9f567496024033e55474264f47e9ba13bb77c76627741360886dc4670a4c745f089bd152b1cb58d55f99538539ea63eafeca5dbe749d51f

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      4KB

                      MD5

                      4ca6d3f314ecba8482a3d2319a76c31b

                      SHA1

                      e3260eac90af38df89075231770d3539f9d33bca

                      SHA256

                      a653754f44d135c1037762602f850c828afe54fb49f195c1da8a8714d38a29b8

                      SHA512

                      604f789dab63978709e4c3d3f86a925a0ac762f91a311f6cc9c86842d5e0b5bb92f05fcb018c34941cd3bb1cf4cd5afdc3e46a278a4744431afb7c0089cc8902

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      8KB

                      MD5

                      ce89a1b890a28ecaee487c0c4758e199

                      SHA1

                      a14d545968a3ec4108015b7d3d8b47a18501f2dc

                      SHA256

                      1699fe51735ce6eb2cf23ba11c686bf73d7b90e1a6cccb238fb00afcb1963e0d

                      SHA512

                      f4c0fc563d94eb7ea36d5728601fd4561aa6bd251c678b004f4fcba2c39a97338ab0348b0af37ec07b0c7eadc46c377d4052f2c29f044ae9cacb1fa077fe6b92

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      8KB

                      MD5

                      6d0591117f68b8c395962435674bbbad

                      SHA1

                      2b752f3c4c0a8bbeb2440cc1ca7ac92a6fb7aa12

                      SHA256

                      699b34657f8a721d56226be3f0fe6c2495958d35e4b5879fb7d82064adc10f78

                      SHA512

                      6b119d1cf30eca0ff9074fbc8b0b103ced3cb83a470bcefe98b9c765338e3a9abe07cf80f7cbc6a7e30c895897bd9dd0c5795a19d026544e338737c409d52bbb

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      5KB

                      MD5

                      d3214511dff6299ef4999b14093da007

                      SHA1

                      e45a90f1262c06bc692edca123d353a23cd3232d

                      SHA256

                      920ea9794dc2335b72d2346f6257ac5556a6bdbcc7a10e1e843191f62242eb16

                      SHA512

                      77b3fe1f52b41de9ad05b07922f91e5222d938c79237797abf99643aee316e6a56796516ecb36e0becb6c9852a5f2486f7f93a2a46c1bdc95e83388f6ca0abb3

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      8KB

                      MD5

                      d14133f072e660679828140810625961

                      SHA1

                      c25ead81dcc43c5260f264a365ef82da35247073

                      SHA256

                      651c2a9e73c0c9b27fad4c2d433cec5e27dad20df3c3c11828967d250c7c04fb

                      SHA512

                      f123ca88d137a5c381d223fc9bb9559331fe2960d30a3f809f67d3fa95839f1d31724540af3530f2c88dead1ab7215172ee9df1e923bb86b6b2854a6bc0d27d0

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gx8chzo.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      8KB

                      MD5

                      30c511b81f5ce537e7aa82653cdad4e7

                      SHA1

                      9788f52e66853745738e4a899b1b4305db07d0c8

                      SHA256

                      ee715ef8c312465461e0ecd7b9d64f857bb1f8ad48637dc5cce5b939275abee6

                      SHA512

                      5bde97eb0b47e41fcfcecdb863742a1220a896d70b4c43719dcc60b138382ce342d0fa52bfbf329a1fae0e446307024aaeb696ee7612778dbba33628db382795

                      Download Submit

                    • C:\Users\Admin\Desktop\Stub.txt
                      Filesize

                      198KB

                      MD5

                      3c5ee85ea2ba76301098b6375a36b97c

                      SHA1

                      70726158d3baf6fc836b017497bb46f834f9f58f

                      SHA256

                      5f074f4abb544b9561b9d20169fcf3d0777ba508185d55d6a115f12f36c82800

                      SHA512

                      004a7234d14041fb81c278b11bddd2a2b98589557c158b8bb571ec79a9e7dd5e12325fa0c507a35b6468660790318d34a9381081f792972cd623f5873195e270

                      Download Submit