0d9fcb8894240750cb5e4222ea78572aba6618eb5297c2069588ceb979d52d8b

Resubmissions

13-07-2024 09:54

240713-lxcvgawdmn 10

13-07-2024 09:52

240713-lv46yawdkj 10

13-07-2024 09:46

240713-lrz3tayajc 10

Analysis

max time kernel
1200s
max time network
842s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
13-07-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
Size

1.9MB
MD5

93d4eb996675019ed856d0b8c5c46515
SHA1

a9f67e260a098a55252f0eba7b9333c1cf5b8374
SHA256

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde
SHA512

518d24574201e262fc31c1ec6ea07af1285ba4f93805e34f9e8cee472376a7cc5f597020dc702ea165c159c5abc6ae91209dce8250f90766ffc3410615cc1e91
SSDEEP

24576:tnxLSUXY7WSIGgjlvYaxKMiZA+yH6uw1ECvGX6H7O3YpPNaG:txOUpSIZZv1xim+y6HLOO3

Score

9^/10

discovery exploit persistence ransomware spyware stealer

Malware Config

Signatures

Renames multiple (8440) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Possible privilege escalation attempt 4 IoCs
exploit

Processes:

icacls.exetakeown.exeicacls.exetakeown.exe

pid process

2104 icacls.exe
2348 takeown.exe
2716 icacls.exe
2692 takeown.exe
Deletes itself 1 IoCs

Processes:

Termite.exe

pid process

2536 Termite.exe
Executes dropped EXE 2 IoCs

Processes:

Termite.exePayment.exe

pid process

2536 Termite.exe
1564 Payment.exe
Loads dropped DLL 2 IoCs

Processes:

Termite.exe

pid process

2536 Termite.exe
2536 Termite.exe
Modifies file permissions 1 TTPs 4 IoCs
discovery

File and Directory Permissions Modification
T1222

Processes:

takeown.exeicacls.exetakeown.exeicacls.exe

pid process

2692 takeown.exe
2104 icacls.exe
2348 takeown.exe
2716 icacls.exe
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

pid	process
2104	icacls.exe
2348	takeown.exe
2716	icacls.exe
2692	takeown.exe

pid	process
2692	takeown.exe
2104	icacls.exe
2348	takeown.exe
2716	icacls.exe

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

Termite.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Windows\CurrentVersion\Run\Payment.exe = "C:\\Users\\Admin\\Desktop\\Payment.exe"	Termite.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Software\Microsoft\Windows\CurrentVersion\Run\Termite.exe = "C:\\Windows\\Termite.exe"	Termite.exe

Drops file in System32 directory 2 IoCs

Processes:

Termite.exe

description ioc process

File created C:\Windows\system32\mswsock.dll Termite.exe
File created C:\Windows\SysWOW64\mswsock.dll Termite.exe

description	ioc	process
File created	C:\Windows\system32\mswsock.dll	Termite.exe
File created	C:\Windows\SysWOW64\mswsock.dll	Termite.exe

Drops file in Program Files directory 64 IoCs

Processes:

Termite.exe

description	ioc	process
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png.fukc	Termite.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png.fukc	Termite.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho.fukc	Termite.exe
File created	C:\Program Files\Microsoft Games\Mahjong\ja-JP\Mahjong.exe.mui.fukc	Termite.exe
File created	C:\Program Files\VideoLAN\VLC\skins\winamp2.xml.fukc	Termite.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\THEMES14\BREEZE\BREEZE.ELM.fukc	Termite.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG.fukc	Termite.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png.fukc	Termite.exe
File created	C:\Program Files\Microsoft Games\Hearts\de-DE\Hearts.exe.mui.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd.fukc	Termite.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP.fukc	Termite.exe
File created	C:\Program Files (x86)\Windows Media Player\fr-FR\WMPDMC.exe.mui.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css.fukc	Termite.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\main.css.fukc	Termite.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png.fukc	Termite.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden.fukc	Termite.exe
File created	C:\Program Files\Java\jre7\lib\zi\WET.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\OIS_COL.HXC.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd.fukc	Termite.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\RSSFeeds.css.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML.fukc	Termite.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML.fukc	Termite.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.fukc	Termite.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4.fukc	Termite.exe
File created	C:\Program Files\Microsoft Games\Solitaire\de-DE\Solitaire.exe.mui.fukc	Termite.exe
File created	C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui.fukc	Termite.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mip.exe.mui.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\PUBWIZ\LABELHM.POC.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF.fukc	Termite.exe
File created	C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\settings.html.fukc	Termite.exe
File created	C:\Program Files\7-Zip\Lang\lt.txt.fukc	Termite.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.fukc	Termite.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png.fukc	Termite.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\ink\ja-JP\TipBand.dll.mui.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF.fukc	Termite.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.fukc	Termite.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\highDpiImageSwap.js.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP.fukc	Termite.exe
File created	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF.fukc	Termite.exe

Drops file in Windows directory 2 IoCs

Processes:

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exeTermite.exe

description	ioc	process
File created	C:\Windows\Termite.exe	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
File opened for modification	C:\Windows\Termite.exe	Termite.exe

Modifies registry class 11 IoCs

Processes:

Payment.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.fukc	Payment.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.fukc\ = "fukc"	Payment.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\	Payment.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\EditFlags = "2"	Payment.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\Shell\Open\Command	Payment.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\Shell\Open\Command\ = "\"C:\\Users\\Admin\\Desktop\\Payment.exe\" \"%1\""	Payment.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\DefaultIcon\ = "C:\\Users\\Admin\\Desktop\\Payment.exe,0"	Payment.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc	Payment.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\Shell	Payment.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\Shell\Open	Payment.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\fukc\DefaultIcon	Payment.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

Termite.exePayment.exe

pid	process
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe
2536	Termite.exe
1564	Payment.exe

Suspicious behavior: RenamesItself 1 IoCs

Processes:

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe

pid process

2696 daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

takeown.exetakeown.exe

description pid process

Token: SeTakeOwnershipPrivilege 2692 takeown.exe
Token: SeTakeOwnershipPrivilege 2348 takeown.exe

description	pid	process
Token: SeTakeOwnershipPrivilege	2692	takeown.exe
Token: SeTakeOwnershipPrivilege	2348	takeown.exe

Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exeTermite.exePayment.exe

pid	process
2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
2536	Termite.exe
2536	Termite.exe
1564	Payment.exe
1564	Payment.exe

Suspicious use of WriteProcessMemory 24 IoCs

Processes:

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exeTermite.exe

description	pid	process	target process
PID 2696 wrote to memory of 2536	2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe	Termite.exe
PID 2696 wrote to memory of 2536	2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe	Termite.exe
PID 2696 wrote to memory of 2536	2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe	Termite.exe
PID 2696 wrote to memory of 2536	2696	daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe	Termite.exe
PID 2536 wrote to memory of 2692	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2692	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2692	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2692	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2104	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2104	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2104	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2104	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2348	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2348	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2348	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2348	2536	Termite.exe	takeown.exe
PID 2536 wrote to memory of 2716	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2716	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2716	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 2716	2536	Termite.exe	icacls.exe
PID 2536 wrote to memory of 1564	2536	Termite.exe	Payment.exe
PID 2536 wrote to memory of 1564	2536	Termite.exe	Payment.exe
PID 2536 wrote to memory of 1564	2536	Termite.exe	Payment.exe
PID 2536 wrote to memory of 1564	2536	Termite.exe	Payment.exe

C:\Users\Admin\AppData\Local\Temp\daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe
"C:\Users\Admin\AppData\Local\Temp\daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe"
1⤵
- Drops file in Windows directory
- Suspicious behavior: RenamesItself
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2696

C:\Windows\Termite.exe
C:\Windows\Termite.exe
2⤵
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2536

C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\SysNative\mswsock.dll"
3⤵
- Possible privilege escalation attempt
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:2692

C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\SysNative\mswsock.dll" /grant administrators:F
3⤵
- Possible privilege escalation attempt
- Modifies file permissions
PID:2104

C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\SysWOW64\mswsock.dll"
3⤵
- Possible privilege escalation attempt
- Modifies file permissions
- Suspicious use of AdjustPrivilegeToken
PID:2348

C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\SysWOW64\mswsock.dll" /grant administrators:F
3⤵
- Possible privilege escalation attempt
- Modifies file permissions
PID:2716

C:\Users\Admin\Desktop\Payment.exe
C:\Users\Admin\Desktop\Payment.exe
3⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:1564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

File and Directory Permissions Modification

T1222

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.fukc

Filesize
27KB

MD5
5b357fc9b2e6b984729af6cbe7329cf3

SHA1
86b6e524021e27e0409bdf5e0a3a31226000cbd9

SHA256
fb24bd667f16229e86eacbf49a2ff737a8f02c463faf22d4fb2a82596415ba37

SHA512
acdb9f65b0f36831d218a10c012f5ac5891b81962f599ed66187b43e7f7bc8f3b2c02b6979211f4a1bce40ed724e295934715d7f474c3015832e159a74c59db8

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF.fukc

Filesize
357B

MD5
de1a01501117d16a98097c37741f9492

SHA1
1d2f034e1c96450419fbc0d8cfd1554dbbc4fdf7

SHA256
0ef3080fcd723dd06fc84c9a15e716123aa1bde5b502e97c072ee29d9bc36aeb

SHA512
b191d12eff0073d35d04ee7a6ede0ec3e91361d288cf15638e718dc30d2232539b617d3dbf1f768ccab09975cadec03f89d9e7242a988af608b664e375f646e6

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF.fukc

Filesize
237B

MD5
93b0d62b7c60a0a3c34ccffa8c22589b

SHA1
e9abd024407e31b22b5d2bf18753aa179e22be53

SHA256
f5e694bde8d2b23508ec6ed2e650c2544eb1416bd153142f2191fcfe98fa4566

SHA512
99f88aad17ffed0bb96a1ea74f426944995f4ca03ff8bc0696958281413f6b05031b217af813164d6a3d2b761a0ff44404cb0b974944efb033dc4c869fd61bbb

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK.fukc

Filesize
125B

MD5
550c5ed1ecce4c2f820ca9116c0e616f

SHA1
2a1470033b25e2ba68d990b73bf5d6cc3acecc6f

SHA256
89e7f57ab1b76c84dfc8f200e6bfa8eed00041c3b71a1d8eb0fc18db7e306bd1

SHA512
42f251d87ff1cfd0bde1ad69fb6816ee9032cff3b07d83a0dd14fb22e14c3515322a5743e82a30663ddfcfb48acb3736b86d3c568c5c6fa3590e9a5346294749

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK.fukc

Filesize
125B

MD5
3b2da1e257151c37c808a1a1e0c48420

SHA1
02f47d290d6896fed5896ae09b886426708f2079

SHA256
450a2da783e13d4c837ecacc5fdaf37acc2099b719d7f4a6f183fe89d3b533c8

SHA512
e181ab63bd7deffe9dd644a668a0b1f72f004342b28d4436880bf396e775ab06ab353243d7c09ca1c4459e736a01411e86126e84bcb2361ee8d354d003df907a

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF.fukc

Filesize
197B

MD5
7255b45b672bb5cfc427ec115ee2faec

SHA1
f739221ec7cfc4bd133641e56a09a4e2e36ce73e

SHA256
9e280a690f28950f1c96a5c764b59d12a4ba10e9120607fa0fc4fd69bc3ee41d

SHA512
3fbe66def8e71dae47cf7872cc3ccfb041645c3359cb107841789fa0b784dd847c2b1348d8beee9858fc99c011794e94de4843426ce981de85fca17652ba0fcd

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF.fukc

Filesize
509B

MD5
1a1eb44fed698a36c01fa8b8ef9dbfd0

SHA1
39d348103bbe8810c4d618aecbd11214b9e58f95

SHA256
99b208a1e088670b3c1d4d511eec8d37ecdb271e57bdb2e3b051130f285f9ed4

SHA512
188062868ec789c11a081734ffa3fc30b420883891540d4340b27d306e8180a9ec903648dace452ca064e983e2239098724b4748382abf034b76890606c0b7cc

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF.fukc

Filesize
1KB

MD5
fe9bf27b648a391c3b33b8d640b95a07

SHA1
242cc8980353ff93921b5e1aeb77f54468d018a5

SHA256
d50a542cc4a84941e7d7b26219698d2b3b4b54a868d96bc19c59fd2da6665ef1

SHA512
8fd7a3730a99bfd7aefff5467527dff12f43cc7f05ec7973b8c8ddc76f3bda205afc5badf313b6259dfaeea23579600d155189b2d830d06b485695abbaece86a

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML.fukc

Filesize
821B

MD5
701088c5753e88f53133117f92c3f2f3

SHA1
0826c0c0190b0d951e63dc4d781f47bff11d6660

SHA256
e0218bcadbe66b8fe436c112fd738c525292d01347a178ed965b102165d2d587

SHA512
5ca435b1a014e9a3f45ff658da16ef4c847e23a9cff45b62567a1ddbba5019aa11b27737cded6aa044c6c312f0a6006845bb7ae45a1ff1e891d551190fb67658

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\de-DE\css\currency.css.fukc

Filesize
19KB

MD5
8f9b070034b51c632c5b53efa4cfb12c

SHA1
eab2906c4d17f0631442c88baa9fd8f93ad47e79

SHA256
b15c377d49e591dfbe14db65903013a3e96a4f949424b5c4cd2d45fda6a4bf9d

SHA512
5039888e54cf23cbd7a42bda61608d075867f115a312bfe633403d34965a61ea7b7e0f6574c3405789fef855ec0a80f52d4881a9515ff41012e53ff34d323bff

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png.fukc

Filesize
5KB

MD5
a9d591cbfc46d0d91676f04702e1cdcb

SHA1
a03e23434e00fefabc275e8a30e05ca53c8d1195

SHA256
cc66ce4b734286a0242dde2157a3a44ddc776b414c64f3c9ff201c593f8e68b9

SHA512
d5ba7f17129cf0c9da8590722cf5ca7c0f703c0977458e19cafbec3755bba5dee067bbfa497308c18a10a17eadebfd5232606c9a1c095d2c5566c12063d09d91

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png.fukc

Filesize
5KB

MD5
ab726574734fcdccfb7d3699e4fb7662

SHA1
0c31643d6fb5ab7d7fcab440d41c0e6be5db4d61

SHA256
a7019ef70d8b8728e1b1a59aa2104b9390c7584c2b745f02284ce28ed25d5c5e

SHA512
62079b2e52d7c78914d50126f6c37759cc44ebbae2e44520970220e9884569ee96a2a5a27d833cba529c2134c3844f867487482724f45bce2e0db367148cd313

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png.fukc

Filesize
4KB

MD5
6be019eb77640db22e3126530d3da6f2

SHA1
a8a71c4852f85216a3b16ff5d26d459f526eab2b

SHA256
f4743ff9dd70bb7ded6b963040bcf7324b96867135803456d397f92bb701549a

SHA512
acf96d6955c2de0f22d773a5f478591632d766142a6fc65f261a5b4d826110c8ea941f7600e4312bfb72dfddac0ed6bd577cace7c91f4f3d254c8162859e5bda

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png.fukc

Filesize
4KB

MD5
ce82cf7906380011436c3a14dcc6431e

SHA1
5bb1e156ad5d72fb763ee62484a642ad7ef567e9

SHA256
0bf04822290f06d989ff834fd6c9914359b6fbd3181d566ed8498eb776a3ecd2

SHA512
333ced9cb5d6374fcb9f76bf080367096c33ea541efe1893b153823bac41d8d9cd328387053e6929da2aa846535ab515eac8a5faef6aae1360cf919a2f323e7a

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png.fukc

Filesize
5KB

MD5
bf872007daf47c27768d8232a4164372

SHA1
85989350138e5059fa2c58639fad9a7c70e0ee05

SHA256
1ebce89dcb60c537ef6452a49f0bdcde1ffb82df31a981ec964489c33b964ea8

SHA512
1943ed8d099e939592467d17df1d9aa9ae29c3db0bff2e3d8fe7ab7ea5064c4be24294dc11f9b16c88f14db80158763abf8534badc1dc4012319e316a034618c

Download Submit
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png.fukc

Filesize
5KB

MD5
5865221785613db72eb495aebc80071d

SHA1
7c920d7be68b24e617268c78ffd9cbc8afc1f8aa

SHA256
9af658f1673be7bb02a8cf52960c235f1ac6f7f78a0b690a9e0ec946e2adf430

SHA512
431baacdd7af0bb7d1ee270edd4763ff5432c76fcb9e64c3088c614ca6d3ad6bbbd535e20bc1f3f0c8bd1dc32f0fc11d98d641c8cdbb4fd752a08bce78d02f1c

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.fukc

Filesize
4KB

MD5
ff78f454e98b65935a5ef8b3385b8b44

SHA1
06228e4767b372994fea6f56f20fe7306a24f0ea

SHA256
a8f01c9543e97ce33d2070a725a9893fbfd7ea88536a8617588dbd6a8addc751

SHA512
17001fc7c37aba89bf63c24d950a0c2367966f1a166d612fd78634b9b299883ee6bc63e253c3a748dfc978cb479c678b411bde82e097ad129fff48eadf500763

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png.fukc

Filesize
3KB

MD5
24955e785d9430b43d5e935c59732e51

SHA1
80475a7d1d8779ad14ae685c83a7f3196ace74cc

SHA256
d0dbb99564043b39372e1d47b75e5b76211bef23bf63a75250830ed6a2a61e38

SHA512
9b134c7fb939d00bbda6d21a170f7c99d67fa6ae3b7ef368202142e540415f6ca74c2654f9442b34bf3033eafae562f00354cbf09d08df7977b6c2c564f90393

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.fukc

Filesize
4KB

MD5
d23f3fcac424ba82ce643bd0ec316941

SHA1
fdc8af1692e01723a7503d90ec50b7aa5c3f6d72

SHA256
264d1ff6cd8f7b0a9a5eb7cace7118bfa8374a3d364c070d9c8058c57a176290

SHA512
21a01320cb3b29e94dbbe954bca56916bd70e5d05f326d8cf6d581980604de638a2d215a5f54e54f290f9ce0a4ef42aa21e2643589f7517feb126b23c50518d9

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.fukc

Filesize
3KB

MD5
bf2bbaad94b62c3fbc767844cffe91f7

SHA1
f5b8c327f8d86df753b71b424c1c66f3ab8485db

SHA256
6eb3a306faa9d96a02dd5cc8c307caa05b3d0cfe5693e4d9a818ca9c903a4cb2

SHA512
98b7d4ddeac1061bd1042ec2eea2e346d1c84291bff1b22fe0fea3adf3edcc0602a7a07abc0f23af069592c345be913a0bdfb661cb07c683ee0b4bdd5d798c97

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.fukc

Filesize
4KB

MD5
0c843940270ac709c3de7d7fe2d12963

SHA1
e058f190b6b497d4e8c1f687da5afc1431ae86cd

SHA256
049aa631c5ae5377d04ba3ef993016cf9cf8f07ccf18cd8b294490e4f96ae1ff

SHA512
4d9a0a1aa2206116cf50943cbee283c17773ccd5dbb9eae468645c2435e560d712eff972402e37f4fb48831c3fac8999fc0af9cd0a4144ab514656daa511dd12

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.fukc

Filesize
3KB

MD5
5e473be03bb7f86eaad7126d9e0677b2

SHA1
3d0e0a5008b254d55ade469e1f40df1c721b0ff9

SHA256
592623519419640f2ebc1d0428bf3fb48ec0b8f29e3b6c419ad0892c8d0c3853

SHA512
55fe334467d41a41a7232005cf14673311f2505e0751f0fb04227597253b0d3e21faa995c1c44472812f45f42b48e140c4f2cceb1353c68ad3e876cc87a97dce

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png.fukc

Filesize
4KB

MD5
5600b8e7399ded91b2a018a5a572af74

SHA1
3e3eddecfb9cf6f0a9d4cc8780c4e42dd2489625

SHA256
7e5ee5fbb5f1b851564064282a81e23a71a4bb20dff1dfa395ecf2441320a735

SHA512
3ee013f83a3c8ed5822d5376fc5140496c3bcf1aecf52e4a36152b6347996734b180b57bb43bb5fec853161a88b4e9f327fe0d01e464dafce1b74ee87e8cc6fb

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png.fukc

Filesize
2KB

MD5
af5475c08528a62300989fcd27d12e63

SHA1
fc07a721a5ce9a572403de82ef1fb2db8ffff28d

SHA256
190be62558516feed878e4048ba8a1c135d227ba0b14781b7c6a98e96aa9f5d5

SHA512
4e8e4df001dd8a9925585f1664d651a8d2210842aee198d93a8df7e9c9419c16120841f7cd4ec6552de97feee0e77d83b24ebdbb1ac502f64d2b308e6e1386c2

Download Submit
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.fukc

Filesize
2KB

MD5
36d080b4028c29a4f678b362472d17d5

SHA1
5fc50909146daf5332fdc42d5f707f07a9a345ea

SHA256
b8131631b99b13031131280bcf4e34f85674881b6a7b6c41e59811a155eabab0

SHA512
e97a765fbd0d1be4f4795e125ce989ca6c3d468db367e342b73e958879053285314c9426ea2ccdfe5f8ae647193832a05cb059a67bd1e07693cd8cbbbfa205e2

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html.fukc

Filesize
12KB

MD5
98bbf40262e63ecb39a4b41ba1b50b5d

SHA1
dd02f32d2629df1e5863b41cfe0c65b4e72a0803

SHA256
d9389ebe22cac6791f184fe00ac8503fa27fb3fcd4c5f3d8d0a43aaee787a709

SHA512
184e12e5de092e3e84547efac1180cbf4e3745315707e46546295f72cc7c83001f998185ae10727734d198379a517a312e13dea6748fe120fed8b47080e6346d

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html.fukc

Filesize
8KB

MD5
768c6cc4804662fc4d43c097715f4678

SHA1
b9b8ee40e3cd7c4d5b11943f9c364f359a8bd52c

SHA256
6b7f6a131478b6187b8c1335e328c3c00382797f39f48149a70dd76fd8da2fcf

SHA512
43d0f52aec19aad596e677f33d8a04e57c7329fcafdae8b60d178e04f8500c10db14574433882942327a390f1695cb6c97fe6a2589a9169beaadfba95129d3eb

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf.fukc

Filesize
69B

MD5
ff18dbd99755ff090ab8ab600eec5779

SHA1
9010e6453ce4e68be5d5005d9f2bbb5c1f2d0953

SHA256
8e7228761f4330585de46533f39a30ebf3d636f2697586f50a3f11173ea0e6b4

SHA512
a48801a449c3406fbec61fbceca7493183d67f7b2b00aaa9411af845722120a88fa51c4ec5a36844760a20b1a8325fc15f8e34cbc6da5c93ff6f33297c5cb0ae

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA.fukc

Filesize
7KB

MD5
aad04b23017c1933a37de87e21c11bb7

SHA1
0c35a4d7737deb8db93fc5521997dd2f9b6d0108

SHA256
8d76c03b084e5a60e4153984abc37ab86b0edcea0dedb9e02a38ca1d03554a9c

SHA512
58a0ff0f9aab18a1bdbf78bce8f8769cbb95754187d334f548fe8edca6cf2b8d30a4f2c5086ec1728ee15b07d9a29d5db2d0f96ff191a7c32a8238c5b356a7a8

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified.fukc

Filesize
5B

MD5
4c41f4e01f6db13dc769cae667b053b3

SHA1
f56156c545865f52cb19dd20f050979b0b87967e

SHA256
9c33b19efe224ff2eb5d391584254aef535893cd3e077d86726fb7585b5c1914

SHA512
1ffbd4e008bb0099dbc17036d03e6a4ff6f9f90f3c8b0ba7bdd451e367f583febf3c543b824558865211c121a871279a8949661b52e052825b16012ef5febcb5

Download Submit
C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif.fukc

Filesize
165B

MD5
1ccddcf854c5c393f4c67a4efa6603f7

SHA1
f582deef652fa2565cc1b632a111fda7914cc9b6

SHA256
6a2f49cdaea2adae9bdb97b01badc5125174372df6e55330b4875f5d4079236a

SHA512
99183f82d4058e28e4b58d2f8d64f2d57dfa8a6bac52a1de7d84482df9708bbd3201f59864eb746508d383125d5378d3e4eb59e269aa141981c8b4a39913fef5

Download Submit
C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10.fukc

Filesize
37B

MD5
fa660e12bce01344cc17a211b9b17ead

SHA1
c7786708a1e8305b4bf0d0a8972ecc5857ef4a02

SHA256
64f313bda6f7d5c8ef273ecc269baf1db8e99bc02be66447bf84976cc166446e

SHA512
df51c5c8af7b83f92d91bff7480dbf28515787938231ea96618cf88f89c7c1cd69fdea8f6d915ac397142d85c44cf1ef545b3bf72aa91c06c4dd17c35947b1a1

Download Submit
C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5.fukc

Filesize
37B

MD5
60d6e2d1fffdefb349dd928e4a4cc889

SHA1
66dfb7aec1268e823a85878b7789703ce7381ac9

SHA256
34b76b7cfd5550e9dd7737ba0b0baa8f6fcdc5a818316cb20c88ebd82edaac22

SHA512
3b057bffe546dfaadbd37636e6d3b337b715b4ffc61790c0c74390f575989d94ce533aead5743f8e48d1350fd7541d9bf4614de9869376ad741c673f5da699e0

Download Submit
C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7.fukc

Filesize
37B

MD5
2a1f70468cd8fda818ffd880ec0df694

SHA1
8de5c4a36d3acc3c16fe1a1eca9540a8df2030f2

SHA256
b1e856c0d338a44b6c28459988afbd5c574cc0b8e05c2d56750fd4f92e226df6

SHA512
189572c5e802489877169ef86fc3100c5280b163d6cb56a123cceb38bee058d9acd19c87be6ec79b2eb63d2c2f7e71c7393a3c809f249749cc29ee04d19c1f75

Download Submit
C:\Program Files\Java\jre7\lib\zi\GMT.fukc

Filesize
37B

MD5
8fa30042fbfa2fc20ad1ae86e82404c3

SHA1
152fdb4204e4b85812613a721c027576809a2ce3

SHA256
a82c67afdade286cbf78d6c83db88a15f21e3cd7494208a0b992a7eec703e418

SHA512
7769271b73b06fe753fc3395e275b951b295d0d8a13e95ec9dfcfdb78c1b341e25d185af98c6ede5fe2b0506a8083cac1a8646f6018d444a551248e90b5e97ee

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\css\cpu.css.fukc

Filesize
1KB

MD5
a8fbcae1f97f318340ff8c83c7afb770

SHA1
9d84d356fa6cb9afdecdaab46ac86289fcbfd6e9

SHA256
8f19997a85b4453a330c351696cf2b39f437c185adf3e3f490888bde2445b557

SHA512
ae7bb4389e6a5639289ac4d09d472ad33df6b202be7507c58fa55e20330c2d68265685a5dcda93da7d33cdd46e31e70fab8ea16e70783ddbb16eaef2215e0543

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\cpu.html.fukc

Filesize
4KB

MD5
1596045af22ab91df6a8f5a6d69f5de9

SHA1
af24d9e68d153e6870a0fdfa1054d1cd4c8967ee

SHA256
4c6c084256231cbdf0bd986ccb1ba355ac7947c081a6d9e0acc3160c2c46be48

SHA512
c072fbce12a703611a2d6111ab7fda400876660801ce853870df5ce74aa64cc62143aeb2439c867f0c7dfa5bef485869566c228083c4ecfced5e067ef9b7b058

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\calendar.css.fukc

Filesize
4KB

MD5
4e4bc4b602d3a666c0d7f1bb84d5f0cd

SHA1
d2cf487291b31aae5cb5ac5da6008916b01389a7

SHA256
ff63e9c64588b1672e7d7101894b8613436c803f4285b2e98b43e42c2fde57c7

SHA512
aea90ff1f733585794958411f018531f7aeb0fbe715b1cd44da9a55329fbd2b4c97111d4ca5b7bd91cf9b15c0fb95c1b459dcabfe0424084d8216f76756cefab

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\clock.css.fukc

Filesize
685B

MD5
2d63d264f881081db2fe7c74853415c6

SHA1
225f3005a65732986d803c39abc25bbab076b34a

SHA256
8f52990bdf213627b361ddca27cd3deefd1f593c11a26f6ebf2ef9c2003196ac

SHA512
8880484cd8cf608efde2da7eb3b088d442ce34ee7b9eb96bbfff87af4210ef3c11e2eb8594152cd54fdcdba6a7f4a0ab28f87bbf05f17dc13fadd8a1943e9abc

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\settings.css.fukc

Filesize
1KB

MD5
c3f43cbe2093198714c6ff65df40a842

SHA1
50413f2e9794266a6887255b3ca4a03ec84545f7

SHA256
603d2389a44716f7abe51537929f92ced8a9601c3cc39d40c524064cf39c683c

SHA512
c1cdd9ef8b2254eac2c3a58451ef4c7bd0c436ce6c7d07e0d7ee53a472599859d0b1a2176f63c2a1c7d9bceea306c7cd2a3d23118512862100bfc363828df645

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\js\clock.js.fukc

Filesize
17KB

MD5
dcc0f1a399cd4d58f6aedc4d967d3d80

SHA1
fe4a9194b4a2186451347b0a181d74a00af8f9b0

SHA256
6eca457362ef21dc339d3a55c32ce292e124cd3fb1db4694c586e01158f69db7

SHA512
fb124b8d0560503b1e0cb391763b024ae26c9199f581a471c43b095c87007cbba63cd8776da969ff9115fd8afc6387e2662a9ca47c4ec47278ae27e6bdcb0177

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\js\timeZones.js.fukc

Filesize
9KB

MD5
f604c2ab4493eca0a074256edb5f70db

SHA1
5f9bbd3e39af2037dd5cb1633ddb93c1556a1c5e

SHA256
bdd362e34c79cf468eee65ddf224183437534fd1996ae0229605de4c0f23d4aa

SHA512
515bde97ed6311b6c411a581436bb64916909a473417338d1a5c42a95078d2e905834c441856d88845be45b674d6ddf9252f50011428fd27dc84586329a016f2

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\currency.html.fukc

Filesize
5KB

MD5
c2e2bbf12141a4857f2028d55ee87561

SHA1
26c9c0bb705f01751fbdd67af4b826f0b03b1d37

SHA256
36e2dbcd2a660861330b82ddab3f48117fab1c566a00bae6191d8416d0be7594

SHA512
60479e27fafbfe03eecd5fc1c7e1c2008a43aad8466e93b3261b972bca585771ea558acb1ae2c1cd14826463c03a8a5ab3f6edc2b7006ea05367318b478171cb

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\js\currency.js.fukc

Filesize
65KB

MD5
c2945b870b584705718e8341f0c55259

SHA1
cb6580b25e5b42273474e4c10bb5b5c4862d5e13

SHA256
a5365e5eae0447114946a0712a7877da4239ca5c2a1b82bf09488948dabc2e5c

SHA512
34cf1691be0f8d5bdc644fd5d09e24654877acd80c69b10ae375c075166b996db3008af4b16ffc7cc979a873ddaedb07058226a9b23022cdba9942fbdec70faa

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\js\init.js.fukc

Filesize
733B

MD5
646664869167985bfc5102f21d1218b9

SHA1
ea33b435743d3f63bc4f96fdd5ad3b5f74c43a53

SHA256
0ee8389bb5e5f87cf8d9ac12386f598c79471adb8b42f192602cf1381c017cc3

SHA512
e1a4783fa2fa378b704349b3e087ba93074a6abac18b757b3c183b9e2cc3fb3339da36110ee33cadf72cd88696ce04817f1b843d1a6eb34656b0357dc6ec35ea

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\js\library.js.fukc

Filesize
5KB

MD5
6f5bfd548cd191fdff74a9fb69265b3e

SHA1
4413497806784e0fc2082aeeaa836cc8dcd29338

SHA256
a37dbe884048a79f3330cf1f24380391b4b7f9c59f7f4320201b12730028fd68

SHA512
166c0e652f3cdba4c3fcc0ea5f1f89311dd76cfddcdfada44738700029b7e18f38f3b929b8505ce5d4306771e58f8da6b996ae0dc34edd7ebc78f55082895eaa

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\js\service.js.fukc

Filesize
7KB

MD5
076731f59ab865f1e7baeec545cb8581

SHA1
b517e7d1748805161938aade6ca5b18a6b16351a

SHA256
c9e9b976acbaaffb7cfc23329d946cd7bad3cdf06c05c464d96f5c505cd72b30

SHA512
3e5066bd0054a5ffae493e3c3134015b7c3317389b671541a111c6625ea9aa228aa51448539311b49bf7f081127c333f7155a4d5c7be068b6a72ffb4b5907c33

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\css\picturePuzzle.css.fukc

Filesize
4KB

MD5
58dd90a26ed112e479ab85d091dac84f

SHA1
915cb9b1374a3e3e409539667e05f3db1cac2e9d

SHA256
8461a2164e021365c6ee2c1ce075c6c148617adc50a6ebe4275c15a0b8acfbb7

SHA512
90826ead2425386ad3c3da4803a733dfab752d497f2cae4bb6fc913e03ac3878d293bd4f2a0c955cfdd04630026c3c6812c51a616a08b7f8a2e0084860204150

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\settings.css.fukc

Filesize
5KB

MD5
6de08eecf7f01d97c788611eed8bd1c5

SHA1
962b8fe157277a30de6499d1642145dcfe7afbba

SHA256
32e4c9723794b78a3bef6c6e16c30309506ba16fa1b35b3cd33e5fc647a78f58

SHA512
e567ecc003102fd47add369597723af8dcd14b1c7510c1be8f4746ffacece2865ae0d62f472ae33fdeab8b3c0cff6406f28b68ec7912ebd8f1da8df45fc15b74

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\RSSFeeds.css.fukc

Filesize
2KB

MD5
47a6d6309a143344de857f9db04da467

SHA1
a862190d4e27013aca333b967796394a2dcd1150

SHA256
368f1c8a02002d04a350aa58c4ff8180e29e8b1a3bf10d84fdd3b30030b8cf5c

SHA512
00dd81fececd4eef249998851460be9020c4c417effe9077ca4e2721175199e02dc0122d255274532278d582bce6b9fe8c6a2324bed7b91d3041f095bb41018c

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\flyout.css.fukc

Filesize
2KB

MD5
c2a11175d6289f31f11af04c10a61c37

SHA1
0829b29cdc4474ae66b1d24c9702ff9566362230

SHA256
306ce75a52a848dbf44f17dca6d8c7de4a2a53126e809a9dca2c82662a4f69cb

SHA512
50888a076cbb8c175de2acb4b79328832f6a5c8a5cdba1db9834c426e97473471881b7208403524b69dc2803bddacb4c3866707b526fe4998cd4fd0f003515f7

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\settings.css.fukc

Filesize
1KB

MD5
db0823f6b99a98ee7392ef650e89eac6

SHA1
1d3f96ba98ffde3a8ff6d8de345743dbbdbd4ca5

SHA256
d7017024031c372a488fd2a0d885144941b710f2c7ddb707cd810eb526e0584e

SHA512
3e711afc63bd7d7055687ec9b3d3d7c19ea402c055d9aeacf854109912234ec2debc37a9ca97c5b38fe3cc8ed06ce4db6c020b1ae4fd907889827f192aa734ee

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\settings.js.fukc

Filesize
5KB

MD5
37ce295706fbbc3d5daef89b0d6860f2

SHA1
8f01692855eb05638ca63467f41521140b452ac1

SHA256
ebad52dacb65f5fe9442ebd31e534aaec5c2635f2e0a726eb4613cfd0e1c7bdd

SHA512
7a1db92430388db50284a343807fa4c8d51cbd7b50641d84e837a3fccfab94236ca83198aa7ba14b134fbd9481c024cba80187b3e161224319fd0e7e02f9a196

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png.fukc

Filesize
6KB

MD5
1c0c14fde024e8aec0875d81747628a3

SHA1
4cd88d267432584fc84bd21d45beef58454f052d

SHA256
e3a5452c9e63642216ef63b2d642cc6f63f7062e6e76a3b520ea725f7ce2d97c

SHA512
9eaa609e8ab8cf26058a8d54aea3839b551816c1058b4b6af25116e376787d3d167558f910deca2a857dc56ce19ef24241f90e0c733e299b648283d7abb3de8a

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\css\settings.css.fukc

Filesize
1KB

MD5
a45b193d4713926e88b18359b35e44ea

SHA1
0f62e0fd4e1e1d85f80458c4fcc28ced60addc0c

SHA256
6e0713b186710c866135db59536452ee77815f1df466bf1fe9d84a3aefc1b7ce

SHA512
20a2910be3e315a9ad2110d9d66a8eb5220c9fb576a7ddc5fe9ea142f85700c1e4b3974861ff8d73957171bc939b1678ae16d28b1b9001fcadd527059fa0406a

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\css\slideShow.css.fukc

Filesize
4KB

MD5
7172289ed86cfdcce3bf18cb79099b23

SHA1
c0547af86d3dcba7044bb6b248af73449e898fb5

SHA256
6154744e6dbd45356ba151e743a07a54bbb805eb1ad7e59619a1f039fec02712

SHA512
a4d89a5b2ea29a2e671cfe53dbb970cd893b70607c149296c5c9aa6a2ffbf31dcc44aa9f3c81e2c4c062bd7d10c1212499aacdcbe5a2557034110fbe014b2484

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png.fukc

Filesize
5KB

MD5
73cd69d5fe545a6174fd6eed88d41d6c

SHA1
182614b1c0443c686598906b13b0127c6d746017

SHA256
d32e67622a866cf1dec4a23f1c2618127b50e59c2c6a732bdcdf285578b66add

SHA512
c5eef4eb5b214d5f56d9216390e71a80f13852e527abc4f29aad1d3780a2f02429f5f2e1f0b19ef312934d480781d220d0b755e2f9074474446aa35e13694fe9

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png.fukc

Filesize
5KB

MD5
8889ccaeb11c571a281da63ea5572da2

SHA1
c561add8d2c249255090d1311730647ff1449bf6

SHA256
d2acbe74da3d1da95f1aac59ea05f9cbef23b7465777053976eca4f77dfcce5a

SHA512
986cbcd8f77776f42060c886c8e461e6977e779bfe32656d28d1288dd08b0fe8f97c95f1532e54189577b18cc86d32a23474dc03595631150b6f4a97c6c59120

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png.fukc

Filesize
3KB

MD5
5d06d798e48b9006d6bc9117c35393ff

SHA1
5c57fd9aa566fbacf268435eae497bf48b510539

SHA256
4c6ee9df1593b53ebbf37d5ab0a9bfca085fae87525596235e2eb6e160fcf2b6

SHA512
7a4a323bfb5ca3c9ffc31c607a54087b6acc2f863b8383fac56946be0bcbf8e340b353f0a50fe2afca9f1e08e22288e926560807e9b5cb1321e3c13149c388f7

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\css\localizedSettings.css.fukc

Filesize
989B

MD5
3aacd1f22dfe0142b2d2718b07cdf096

SHA1
7142ab5b19444cdfa59b778cb14d97b5045a25cc

SHA256
4522b9dbd37ade9f5491c437276aa457b12aa438baee617c5b5460c34652e68e

SHA512
b800cb75480d35a57dedbc1120cd78d6b1bf41dff25336dfddc1643b11a5f1a6061f7ec64ce0119212226bedcb5c44d5b4a08eeb2c5f3a49ddb21fa7246459d0

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\css\settings.css.fukc

Filesize
9KB

MD5
7af5ad7eec415c6c13ca22bc7a082d06

SHA1
3859d6ac47edadfb9571db779aa745710067f87d

SHA256
02eb3aeecdfbbdeebc87244e258538a13ccad9ac9875d05ce7e9d1394eddb83a

SHA512
13de3ece054f8af43e3fd24d7e62f4bd1180d30c7e86deff6b2ca15c374d3454ea7bcc498addecac692fb5bdc0fcd302222cf9b582b48c30726ea5c612811e5f

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\css\weather.css.fukc

Filesize
24KB

MD5
33a8c8b4704acd8d75c38d2c3a73dce6

SHA1
bf63068db8f152f0f8feab215daacb255d9821ce

SHA256
ad75ff962771f18bfcd751ed22ba916b77c60aadff1512eb53c15c18de306ad3

SHA512
5c2cb888ba87ba2acc2f11d03f1c6daaedeb4f6e24017d00a3654234350618a9e9a7b0745af67566a1b3a021686f500ea52297039db9d4a00fef7a686a26bffa

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\highDpiImageSwap.js.fukc

Filesize
1KB

MD5
a930cc07db07f16e984da73286d500d6

SHA1
6a9a6d65d6276a5fcf3ae1416709d4a630f4cb9d

SHA256
c2fcdffc2c295cdd3cb03739b82e85c8cc2ef49a7a2812d662b9cd80872d3c17

SHA512
aed02aadd5bdafc74414f2647c76039a6661ecb9dbb7779a76ed7e81f3849ebcfd9e3fc1bfabf478a7010ad2fa7b4521173e91d7356329f2b11e2acd6e296a26

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\library.js.fukc

Filesize
42KB

MD5
4237bbf8bbf9d5b455ce2ff7d5f09775

SHA1
a4e1a3746b0a455361ca90296a64c613eb2ef807

SHA256
164e3fda83fb771952578d4946f9301399293fcfc51cd57253c7e0fb49ca4970

SHA512
b112df9e33f09ad2e7e325af2947a3015bcf151d63c7a5919dbb6a90e684f4faca64e1001aa07e7b92adf9136abb48f8e22b2ecb806041470433f5b413ff15bc

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\settings.js.fukc

Filesize
56KB

MD5
24aee377028a993b4d1942eb4940be88

SHA1
00451abad052315941138e329b575068c6c7257f

SHA256
1c9524d4c9604eebda943a8948898ba4ba0d68197a7eeadbe95cf9a7f6e09524

SHA512
8efd0863d64f7ef2b245aa23d6f27216b5aa0802c5479c849fb8f123349dbdc3f1550cdcb1f8295357b105dfb4a0c3b726f5a085cf8a48632a78e01919f24eb4

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\weather.js.fukc

Filesize
132KB

MD5
e7aecba4621f24425a325d3594f4c668

SHA1
03b61640f2f0da891d990e267940c68e1daadeba

SHA256
d8352a04dc1d05d0ceb1a50d35839915f64142e06bd87fcac0e4c0e4b419c265

SHA512
800e099bebf452fb2528e534db0c989f151bc6b5ee1e3d7b1412feaa88543542557285e7f2da2c5752e543ec4decf8ce5972ddf88959524c15d3be4c8ecb755b

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\settings.html.fukc

Filesize
8KB

MD5
61c3f2aa52d2e264af204d0401d951af

SHA1
ffc194ab976ec628cad357f1370b5d01d8af7949

SHA256
4e8115d7d8b76260d60c2b2170e32ced2fcf78c76060234485ccec09a2992e45

SHA512
93fc40ed419d5258ad60b516406fcdf7bfa54aebf13dbecf0968bc59401d23041f9eb159abbeecfa104689dd4a970f74ede201d19e45a67e3a6747bd8be77016

Download Submit
C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\weather.html.fukc

Filesize
15KB

MD5
a0bfbb33054283d44bcc91135dd6b06d

SHA1
d83368a1db959fc705b0ead0bb224a5f191302e8

SHA256
a2e7d12a2a3bc1a769501311d543b673e57f7ca862c384e6dbab7b7f64c1c6e5

SHA512
b4909b399af26a408598eb7523463407fb70a21c2715f37a90785c63c633640dbd9c64283d92d98176755f71cf7091ae3fd2c2ab42d416882b4682e6bea29c3a

Download Submit
C:\ProgramData\Microsoft\Assistance\Client\1.0\it-IT\Help_MValidator.Lck.fukc

Filesize
13B

MD5
177d58b9e19f1824a02f9f4c4c0d8036

SHA1
8a52cedf4b75d546c23071541c3c7f6f6afdd4d6

SHA256
f29d3039246d1b640af85cce0382b3abcf3e383bbbf449833a5988ceffbe80c6

SHA512
63486e0d8c51fd59b07bd7122d52cceeea2b5c8112ccb5f521bb7f704c022de6274679aa881445a13b15a1ad41500f72b77c79599a55a854c70265d790801944

Download Submit
C:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\background.png.fukc

Filesize
126KB

MD5
7f6ecad2bd5760774f44ef7a61c5dccc

SHA1
bebb90f4a7747e2a07436ba70c021f39c8d7437c

SHA256
9a3cb6de4a639e1cdd75cf13397325cffa19e80a8c8fe39782b7290628713cd4

SHA512
2b64f39f6b2a4b6b47375efdbd9370b34c449b851ac8443858a27b760792e527476c27e3c2f6e4637eff6b155d1ae58e8a3c0e08e50a400953de2310e947dc15

Download Submit
C:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\watermark.png.fukc

Filesize
28KB

MD5
73882b7b8c4fa9a5a877aee290d48ca5

SHA1
3a7e0546a6aa8c7177a71c1dd9a465b1fa9a2cd1

SHA256
3275bfbe1a6391ea5dbeb328999b08cbabcbdba8ef931b2c401f2773c195f059

SHA512
b8f913d2064d80267b84e11f526f09eaea49d74701797c59d18e30898a3c8a67be8999994f066f4885eb751e709f3991ea0e950c39aa7b0d5bec7b7eefbb04e6

Download Submit
C:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\en-US\resource.xml.fukc

Filesize
1KB

MD5
1fd63a74b015e64ebfa9858c4dcc56eb

SHA1
ba42261fe02345af8de2052ececc73c75baf9bd2

SHA256
c3d326a3a45a9bc1efb8f2c75b95e5350b8f46666350c2f2a2fc610253c5a430

SHA512
4f49659e4885f9d1e19459f64609fff9ca4c0f3eaefc9fe449fdaa3475f61ec7c00f59cf97c7d0baa31d5e464e5a9e5d653511e114a05e72a10d696dd311efbc

Download Submit
C:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\folder.ico.fukc

Filesize
52KB

MD5
203d1a6c4329683274f859fca37b7a8e

SHA1
93f21868372451abcaa0a0fb5ff361761ff477d4

SHA256
c3841c193211811a99dd47eddbb1ec83d078311ba99e288df86e27fcdec1ee64

SHA512
ae471c1845e2385466b221b2dd9e5d5ae9d7939224e919ab9fae4b4bd05ba80b4623b8fbb3a7bf565dd05ccff6d62758ab9d093cea30d117049106149c862525

Download Submit
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAB0002.000.fukc

Filesize
253B

MD5
1a84f9c64ef58c6a9731864df23410b9

SHA1
7106358b0ca426780413c71206b64820fd6615c7

SHA256
a2842754a6d3f9016b3bd41f781b861f3470aa8adfe89d43a074bd486991f26d

SHA512
aef690047286e8426c8e106c9963bb3c96f3b6e8e0dd838df2e7de84a12c8bde298307acf6fbb2327c18af52ff7925b7868e15dc0a9c79afa0dbb716b4cbb993

Download Submit
C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.fukc

Filesize
148KB

MD5
8d50f8b323242322a453d0b8cca89ffa

SHA1
528540fee770605345422d4488eec14930a9e005

SHA256
f6641fcf1731756d7004aa4c4cadf3fe6b7f9d2c1fea0c9628dba00ad7928f11

SHA512
99b5cc34f761e46f5a6684056352da31593b6c608496800756b0de9ba45bf3d6c05f3c10e037f6a4f622850abf38373a76f4f2137e125d345ab0677e91e488a8

Download Submit
C:\ProgramData\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.fukc

Filesize
140KB

MD5
a2d19f50847e8a8994a261fe87d50245

SHA1
ef1bd86eb00b7f39f668479251be3f6059f8e258

SHA256
a30ee40e884d90396342343e56035ed8a39235f8ded4a7291c09f48c92818c2b

SHA512
f61e745c4dde8e25f9e57c1a78f94033c345ce30e56e6598acb28c76ae7ee6169d71cebceae9c32489828f9ca80d4969af7410760f2c251ffaf6b203fc7c3cb9

Download Submit
C:\ProgramData\Package Cache\{662A0088-6FCD-45DD-9EA7-68674058AED5}v14.30.30704\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.fukc

Filesize
180KB

MD5
9a8bc674c5fda69d731f5aaef6d919a4

SHA1
3f98be347b5c1ef1c76987c4604d529e856d9cf3

SHA256
b030910ce6ff8f95d7de7d8f99a322ec213b3dcd68b27960b3345413d814cd3a

SHA512
30c20bb1d8b2cf9dc2d1ebfcd294330bbd7dc093558dd2cda4a99b3721e45ca2eabb292569c8f8980e6994be4600874145b95cc2c2bd3e3d49a36bd4a44b6062

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\CURRENT.fukc

Filesize
29B

MD5
29f778b5785b775e70634ba8aa27818e

SHA1
b6a2b0969ff442edde72f2bb734197ed5cad0328

SHA256
1a41426e312f6c49420dd2378a6653827acef7eacabb347fee85dd779d820f22

SHA512
ce32ce6628d8605adde84c6a601ffc8b9e80448f09833ceb7000898a8de4791b63792fde024ee247d931308415798ee1ecbb862cf5a8c9c79ba19b02b45a78fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_2.fukc

Filesize
8KB

MD5
77924cb5deac090dd74c803716aac570

SHA1
8a31626460641eefd7bbfc929e6cb52ef0115acb

SHA256
2f654f5822029aa9c29b30d49bada39c6f1c4b8fbb6178a49eeb2e0c2398bcb4

SHA512
2c0e15b3d7a4d359cd974d91556839a36b7781b1514bd4c1f419ebe850edf9793b959a62682115f24c1dcf13859748e60c6aca8fafc654a0ffab68001bf6b9a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Feeds\Microsoft Feeds~\MSNBC News~.feed-ms.fukc

Filesize
28KB

MD5
30c824e52e6a690d5df00da4eb9686b3

SHA1
65c7d92f02a402140a1fc3f967fd9c6e9268ff81

SHA256
86b6ae6a631ba0c9e8a1eb69b07c64096b024b22efd314d165cb7c3bb1bcb44e

SHA512
697a8702444d0ff6a5d84c9d0323e6c6d18d15faa552ff65009357f0e4a369f6ff4a415738fdca9dc7f26a441780b1c26d0555dd469ace16334a86fc5e68825a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Pretty_Peacock.jpg.fukc

Filesize
5KB

MD5
a80d6b6164a81f35857275c64406b603

SHA1
45077ae29483b47b5f76d4ba7c11e0da442b6c1a

SHA256
0bb5d42e33099091438aae0ee033af35c77e741837da34904a2ae704d49be4f4

SHA512
ec347bacb0f0b3776732f463e025c88e3a21bb3f656849dcfa33f6f42eaba91a3d2cc6b690074e752ff6acd17325e82e1549843a4474f2c6c7c58b39d07a5851

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bz1ih2a5.default-release\storage\permanent\chrome\idb\3561288849sdhlie.sqlite.fukc

Filesize
48KB

MD5
792a7655802bc180ab00502139331af3

SHA1
3b245a53579861a3232f97547ea3715fa35d0cd8

SHA256
5384c2b7d666101a14192eb438e2c26a81c07e3be6dba7dcd0d27d0f731320d0

SHA512
2efd39a1a3f03e0c5eb15b4151238cb70f76513c08993711adb47f893fcb82589c1dbf9cfae3e0a87d68f13c1685bedb158d6e611c904aa09737741a7d57bcf6

Download Submit
C:\Windows\Termite.exe

Filesize
1.9MB

MD5
93d4eb996675019ed856d0b8c5c46515

SHA1
a9f67e260a098a55252f0eba7b9333c1cf5b8374

SHA256
daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde

SHA512
518d24574201e262fc31c1ec6ea07af1285ba4f93805e34f9e8cee472376a7cc5f597020dc702ea165c159c5abc6ae91209dce8250f90766ffc3410615cc1e91

Download Submit
\Users\Admin\Desktop\Payment.exe

Filesize
1.1MB

MD5
9f9bb9ee4952cb514089910e19eac5c4

SHA1
c57f604e8eca50df40df93a6b0c3d65ab8d3b198

SHA256
0c9844f11b7b57547891b3cec86bd3468734a990768dd9f7a9a72cf6a908b17a

SHA512
8661c46618d0f8454a278d6a4e1b85fd9c9656c2e59feb6851087bfcdb53bba5015ce023cf6d0504dc899ae6fbbd4f413b45228eb2c8eb6965912cb32482d14f

Download Submit
memory/2696-55-0x0000000000400000-0x0000000000601000-memory.dmp

Filesize
2.0MB

Download