Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    141s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2024, 07:14 UTC

General

  • Target

    5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe

  • Size

    1.0MB

  • MD5

    5f85321c8661ffdb24548d212c45ea96

  • SHA1

    4518ef792cd991ed81fec16c5798f0ac63229b23

  • SHA256

    f175911db11d011ab055dd2f48de8d4d016e0bed602c89c55f316572db3d9ce8

  • SHA512

    07c2024831aa9fba6cdf0b9086a1d8847101134a07b703c4adf5a6d45f0d85ea45d10ada577ef695b239de628d96acac6f33bb53d5a907cd902075f0359af085

  • SSDEEP

    12288:LXXQkfkBc+hnwYNudJ05wBtzDPQd5T7PhlN/Y5G+MYAoDyCJrlYESTsICiInR6:TAkfkN9wYq73P25nplNLFuydfTyR6

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1584

Network

  • flag-us
    DNS
    os.kitaracdn.com
    5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    os.kitaracdn.com
    IN A
    Response
  • flag-us
    DNS
    os.kitaracdn.com
    5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    os.kitaracdn.com
    IN A
  • flag-us
    DNS
    228.249.119.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    228.249.119.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    140.32.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    140.32.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    73.144.22.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    73.144.22.2.in-addr.arpa
    IN PTR
    Response
    73.144.22.2.in-addr.arpa
    IN PTR
    a2-22-144-73deploystaticakamaitechnologiescom
  • flag-us
    DNS
    26.35.223.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.35.223.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    232.168.11.51.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    232.168.11.51.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    103.169.127.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    103.169.127.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    206.23.85.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    206.23.85.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    192.142.123.92.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    192.142.123.92.in-addr.arpa
    IN PTR
    Response
    192.142.123.92.in-addr.arpa
    IN PTR
    a92-123-142-192deploystaticakamaitechnologiescom
  • flag-us
    DNS
    19.229.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    19.229.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
    Response
    tse1.mm.bing.net
    IN CNAME
    mm-mm.bing.net.trafficmanager.net
    mm-mm.bing.net.trafficmanager.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317301455_1N9S2NVLYIW6WUPJX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239317301455_1N9S2NVLYIW6WUPJX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 804657
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 73992A42967F48758D43F1B88D966907 Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317301022_10AJDZH059R4K9Z5T&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239317301022_10AJDZH059R4K9Z5T&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 712130
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 71B948D3853C425A8807EDA6A4808AA9 Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239360264291_1OMXAE3VFGJI9A76K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239360264291_1OMXAE3VFGJI9A76K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 746478
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: A6FAE874919443EDB836C407A34B0776 Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239340418570_1AILBHE008ZL9RHPC&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239340418570_1AILBHE008ZL9RHPC&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 585223
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 60772AC8600D44D69BDC3B128BD07624 Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239340418569_13408TD3CSPQQLS8W&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239340418569_13408TD3CSPQQLS8W&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 815230
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: C708891ECF33487488E8C7A8ABE08118 Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239360264303_1FV8HLP8B8WOIRSCV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.28.10:443
    Request
    GET /th?id=OADD2.10239360264303_1FV8HLP8B8WOIRSCV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 401499
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 92FE7352EC9E41388CD4C36E0973258D Ref B: LON04EDGE0608 Ref C: 2024-07-20T07:16:18Z
    date: Sat, 20 Jul 2024 07:16:17 GMT
  • flag-us
    DNS
    10.28.171.150.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    10.28.171.150.in-addr.arpa
    IN PTR
    Response
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
    6.9kB
    15
    13
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
    6.9kB
    15
    13
  • 150.171.28.10:443
    https://tse1.mm.bing.net/th?id=OADD2.10239360264303_1FV8HLP8B8WOIRSCV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    tls, http2
    145.5kB
    4.2MB
    3051
    3045

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301455_1N9S2NVLYIW6WUPJX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301022_10AJDZH059R4K9Z5T&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239360264291_1OMXAE3VFGJI9A76K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418570_1AILBHE008ZL9RHPC&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418569_13408TD3CSPQQLS8W&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239360264303_1FV8HLP8B8WOIRSCV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Response

    200
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
    6.9kB
    15
    13
  • 150.171.28.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
    6.9kB
    15
    13
  • 8.8.8.8:53
    os.kitaracdn.com
    dns
    5f85321c8661ffdb24548d212c45ea96_JaffaCakes118.exe
    124 B
    135 B
    2
    1

    DNS Request

    os.kitaracdn.com

    DNS Request

    os.kitaracdn.com

  • 8.8.8.8:53
    228.249.119.40.in-addr.arpa
    dns
    73 B
    159 B
    1
    1

    DNS Request

    228.249.119.40.in-addr.arpa

  • 8.8.8.8:53
    140.32.126.40.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    140.32.126.40.in-addr.arpa

  • 8.8.8.8:53
    73.144.22.2.in-addr.arpa
    dns
    70 B
    133 B
    1
    1

    DNS Request

    73.144.22.2.in-addr.arpa

  • 8.8.8.8:53
    26.35.223.20.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    26.35.223.20.in-addr.arpa

  • 8.8.8.8:53
    232.168.11.51.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    232.168.11.51.in-addr.arpa

  • 8.8.8.8:53
    103.169.127.40.in-addr.arpa
    dns
    73 B
    147 B
    1
    1

    DNS Request

    103.169.127.40.in-addr.arpa

  • 8.8.8.8:53
    206.23.85.13.in-addr.arpa
    dns
    71 B
    145 B
    1
    1

    DNS Request

    206.23.85.13.in-addr.arpa

  • 8.8.8.8:53
    192.142.123.92.in-addr.arpa
    dns
    73 B
    139 B
    1
    1

    DNS Request

    192.142.123.92.in-addr.arpa

  • 8.8.8.8:53
    19.229.111.52.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    19.229.111.52.in-addr.arpa

  • 8.8.8.8:53
    tse1.mm.bing.net
    dns
    62 B
    170 B
    1
    1

    DNS Request

    tse1.mm.bing.net

    DNS Response

    150.171.28.10
    150.171.27.10

  • 8.8.8.8:53
    10.28.171.150.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    10.28.171.150.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\bootstrap_49794.html

    Filesize

    156B

    MD5

    1ea9e5b417811379e874ad4870d5c51a

    SHA1

    a4bd01f828454f3619a815dbe5423b181ec4051c

    SHA256

    f076773a6e3ae0f1cee3c69232779a1aaaf05202db472040c0c8ea4a70af173a

    SHA512

    965c10d2aa5312602153338da873e8866d2782e0cf633befe5a552b770e08abf47a4d2e007cdef7010c212ebcb9fefea5610c41c7ed1553440eaeab7ddd72daa

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\css\main.css

    Filesize

    3KB

    MD5

    7013f5a38b7e5df13729294ddf474d99

    SHA1

    06423dd44e8a1b7550d80f5942fd72a372f8c77c

    SHA256

    03e4642a7f23a5fab3e127a5ba91e3d829fa5e76545b1a30cb3f3d57f569d249

    SHA512

    a9802809f020bd990d9c1bd075b7e1a9ecb4660687b51c5b0a256075972dc5f4fc434ad209602fdec46c753a54bf1b6d25db0e778d35dc9fdf8afb16ab365d1d

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\css\sdk-ui\progress-bar.css

    Filesize

    506B

    MD5

    5335f1c12201b5f7cf5f8b4f5692e3d1

    SHA1

    13807a10369f7ff9ab3f9aba18135bccb98bec2d

    SHA256

    974cd89e64bdaa85bf36ed2a50af266d245d781a8139f5b45d7c55a0b0841dda

    SHA512

    0d4e54d2ffe96ccf548097f7812e3608537b4dae9687816983fddfb73223c196159cc6a39fcdc000784c79b2ced878efbc7a5b5f6e057973bf25b128124510df

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\BG.png

    Filesize

    16KB

    MD5

    612a87dd7da6eaec11e680a5a6fdcf6e

    SHA1

    55270a0973a98ac13c805a7ec4f018c13348f4ca

    SHA256

    a15c437dbbab21947446ad9d39fb221b1d900fe6e716b412a144fac3044acfee

    SHA512

    4b58b03368125b780878d97e872ace5866e284b822aa1c9d5556e30b09a501bc2257ccf277de61746d79271e7c003664e7ff537866d072e9a0cf2788127111c3

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\Close.png

    Filesize

    925B

    MD5

    249e564a2ac708877c7fbe9a73ed6b19

    SHA1

    65b20a84f59d70b63bb3198b394fd9577741a317

    SHA256

    ea7984a4af75179bd5a42e56bcdae7d06cb89d03d814a0168f8a223bebbed058

    SHA512

    86595185632af4fb7ae7b425eb2fd67818ffd2f079da4b236754a74dfc1d1e1e3b5904f122c6fa5e592e674d7c5d38c16be52fa362bc78773f90bf7ae6768222

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\Color_Button.png

    Filesize

    1KB

    MD5

    233e3ecaf8b6f0a9f82ca79ccd1788a1

    SHA1

    69775c8479f3ec49f8c3817305320a208349938b

    SHA256

    8b0bf039e841739da7555d8b2348b02111b9a00cca8f654ae73953778155f638

    SHA512

    099f1becf1176d4d0abc7887332ebc6a19ea4631a8c0f93a6c5ccbd35bae62621dc3090aa8ae78d5d8a42a12f0e8ab8458a60fe66c1b9fdc5b56d929dc0d96e9

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\Games_Pics.jpg

    Filesize

    12KB

    MD5

    3d508e41c8e160e70b4f2e1a9a66b1bc

    SHA1

    900e64092e3849cf54bf61957e78d4d78faf612f

    SHA256

    1ca7924ab528b00d5508b442f15288043448a63f2860307253019d901f4f9d82

    SHA512

    40b0a138df819c09d8fd2b551cd4e5ee02480a6630f77676e52e4b48587447fc323d4d95553e6309e43f4abac9fb0a7f9e91632be50cd878fc870e395f0c6547

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\Gray_Button.png

    Filesize

    1KB

    MD5

    35800b05c4334c3a5cddf4260ac9d4b9

    SHA1

    54affc5d79378b688b64171c03434abe83b5c6c6

    SHA256

    d36de61d654cccf61b8767923efaecfea8b79e013aa0d0d1b832d23b9ab811ea

    SHA512

    76eeb5bb528949fcc5baa327463459d99991823c2ab5aa82366c797d74ac0db9b5bb5b8d5a55ee73990e0c1b0c3074f9ad09ccbf4ac19ec4737dd97d8687ba7f

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\Progress.png

    Filesize

    1KB

    MD5

    6e729d132f975194c6d3975cad7d5ee4

    SHA1

    ca7d67a9b6a06d7ac20099eecec71c23ef85abd8

    SHA256

    85f2a178f1b32d85a162b68590b526c50ce70e82e04c508597476da67b962856

    SHA512

    60c71988687d2df96f3c9b48fe5ae7ca92821f887dacedb33c8f611d199513253834f387c12d0452548ace076aebc299b0e5494c47caf2219009c0b256ba8747

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\ProgressBar.png

    Filesize

    477B

    MD5

    830234f26fce01833c8f74f1829d7717

    SHA1

    38207d8cbf96b4e1a7d6182b7da4b25c31e538dc

    SHA256

    fa8bfed0f1e98d212938e307160d1c5b68f134f67ea0826b9f75f2284be9e2f2

    SHA512

    f4ab75c710c1eb287002a6640e0ec4c5061d2e921a49d1b5b37be5e83c217d77536a5754cca3b57d446c663b402377280c283d99d6b6667eaa7ff38b8a2e49e2

  • C:\Users\Admin\AppData\Local\Temp\ish240617500\images\loader.gif

    Filesize

    21KB

    MD5

    360281e85620142c3329848262da263d

    SHA1

    032ae1e422af859d78d172e918573fb0f55318de

    SHA256

    6c7d0d5402ebcf34cb6280473b4dac5966aae2a4bdadf80c796245663e2d9b55

    SHA512

    48ea37754839abce73898d29c6cb1ede20ac980dcd0b8c0f1274a690ea0bb44659129aba7581bd473ab7a735b7b9d08d6d041973bced4fe3fc0b70b3a73ec2a6

  • memory/1584-1-0x0000000000400000-0x000000000050B000-memory.dmp

    Filesize

    1.0MB

  • memory/1584-0-0x0000000000401000-0x00000000004C6000-memory.dmp

    Filesize

    788KB

  • memory/1584-133-0x0000000000400000-0x000000000050B000-memory.dmp

    Filesize

    1.0MB

  • memory/1584-135-0x0000000000401000-0x00000000004C6000-memory.dmp

    Filesize

    788KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.