Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Glupteba.exe

windows10-1703-x64

8

Glupteba.exe

windows7-x64

10

Glupteba.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    53s
  • max time network
    31s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    22/07/2024, 17:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Glupteba.exe

  • Size

    3.8MB

  • MD5

    17121a4228da9d1d811e853b1b96cd0e

  • SHA1

    61d16b12fc84d530373a9892d441d08275884d8a

  • SHA256

    d45718639cc2ea44fa94d80ad765c251755eda022cd65d0cf3b56fa2c2325c21

  • SHA512

    a3dbbbde6879abfb1820610d898e7054f01949a508e061ebfcdaac916862e2306d5df226bda6c2bd37a27667c25c7ebf1b7dba3cb067e4bdf1aaae5c02129c87

  • SSDEEP

    98304:kXUZKpu2i2Rb665u8FrbO3MISyl32aKxgBuwrkAToXvGgn/YYr:8QKpRWMu8HaHl32hCBbkAToeg

Score
8/10
persistenceprivilege_escalation

Malware Config

Signatures

  • Event Triggered Execution: Image File Execution Options Injection 1 TTPs 16 IoCs
    persistence
  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 55 IoCs
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 6 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 29 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 56 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Glupteba.exe
    "C:\Users\Admin\AppData\Local\Temp\Glupteba.exe"
    1⤵
    • Loads dropped DLL
    PID:4140
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Event Triggered Execution: Image File Execution Options Injection
    • Enumerates connected drives
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding 6611FC536CA7A5000EF1D95914D9AF2D
      2⤵
      • Loads dropped DLL
      • Drops file in System32 directory
      • Suspicious use of AdjustPrivilegeToken
      PID:4104
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding A5F82E4A169FA8B74CAA4C08A1C241E8 E Global\MSI0000
      2⤵
      • Event Triggered Execution: Image File Execution Options Injection
      • Loads dropped DLL
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:3840
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe" 19.010.20069 19.010.20069.0
      2⤵
      • Executes dropped EXE
      • Drops file in Program Files directory
      PID:872
  • C:\Windows\system32\mspaint.exe
    "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\LockConfirm.jfif" /ForceBootstrapPaint3D
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:412
  • C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
    "C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe" -ServerName:Microsoft.MSPaint.AppX437q68k2qc2asvaagas2prv9tjej6ja9.mca
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4144
  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2184
  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Config.Msi\e57ae97.rbs
    Filesize

    632KB

    MD5

    f15aa6b2e55af96d311322c5a868b3aa

    SHA1

    44985706cd24b06e0834213fcde866b761ef5b08

    SHA256

    9e64662578512251baf0be56d53c7eeb68f69d2f9379c31e15b48dc382b46c97

    SHA512

    74caed6e7ee015098e6da4ecf79f50e36bf2f231b9f80cd7c5477ec41d955a7d28348425d299b7c90b35be9ec5782bda5bf65438395d1f2f0dd13ecbc3674c7d

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe
    Filesize

    24.8MB

    MD5

    1248c72c9c64a59abaa6b7c3d23f90a9

    SHA1

    b4c3778574c39f7e64bcc3b7b0e42c577e937504

    SHA256

    efe7823887f5366e78a53b1992e65afca89f4c0149c54d5e4c0d746c6d4c8ab9

    SHA512

    6e3001c2f282b00430d15d8359be1ee1d3541b49c1fcdc02f0dc433ea0b470b52387772866f08ebad854f28b6ff1123e9015d25916ba91aea014fb96821e6b3e

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\images\s_remove_18.svg
    Filesize

    711B

    MD5

    8bb62cfad37334a15129a0da2091d472

    SHA1

    a9f223eb2bd355c8cbf7d17db501db834f39cb6c

    SHA256

    94f76b160568e3705f1e0d2d6ff3ee6927bd812032498d373bbcc516af2864f7

    SHA512

    da08c15accffeca9c1ec985899ebf234aa881546dfb80862c72bfe206dfbf92772582ff87c0636ca0a4cdeeb03635de7a24aecacba86e22683a1d689724d6dab

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\rhp_world_icon.png
    Filesize

    445B

    MD5

    ed537606a39879a091a8c085cf95ff38

    SHA1

    86c73d85094efbfdcd80abf119f03b64a71cbd0f

    SHA256

    42c312aa2a038ca54e9a6fe4bad8c9c044c35b4c5f421496f289c00c957d7591

    SHA512

    fc331c2e1ec84a6a83b51f365484033b3069d73c5987094cf526c45a92c3297df22fe2a35ec20382ed4d563ee604ecbdbdf17fb735f7e0118ab444b4d5db8e9d

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\rhp_world_icon_2x.png
    Filesize

    611B

    MD5

    37d179c947c13f64b7b6356f57441032

    SHA1

    9d1c1bd0c370336c229baeb2cd7f80d7b3cf4d0a

    SHA256

    71039e6370f68913e67cb8451d3127c22d3e1045ca644e4dc9821e9f6f6899aa

    SHA512

    3034a8b9694bbde20be0f7fa2596fbca8fd3f1e45810b15a5cb1a2bc6f4ef852afc36639a56f82a4e582d74684724d5c4ee43cbf5e33c94c6cf00b3c059757bf

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\rhp_world_icon_hover.png
    Filesize

    388B

    MD5

    6d8f7e9751f955452a9ceeb815456035

    SHA1

    e6903b2ec0f2c5632d4288f88d993d4a41f04527

    SHA256

    8bcf53efcb1b630087d4cfcedf5e48a7abaa9c71dd13745eedfd2c7cfa6827f5

    SHA512

    c869a94a224bce8ed553f5a86ffdea6d8a279e06a1c060b311cc52e4538b89e07fc0a4a76f85a28e2f62e8629a7c67101e990cc12bef2d0e2d6d7d3c1d4d7d90

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\rhp_world_icon_hover_2x.png
    Filesize

    552B

    MD5

    f364ee8508831e375004ac82b924efd5

    SHA1

    b04bc510ef53760bdd22ce0dd9d2e2f248c16df7

    SHA256

    87da831caa04bd303918a32265830ff97648dc8adc18881ba14d1cc1d28cde85

    SHA512

    399b2da615c0373214e3cf421f502fd0de02bdb9473da644e9f23df9ea7fc792da7d36bde61a456c2451276f74877232c8bedbe55e57098c1ffd13719206bac3

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon.png
    Filesize

    388B

    MD5

    39be6b8bd8dce3ff5a1c20ac41ba993f

    SHA1

    a49d8a0c769601bf922c8aa1673bfd3a92d67855

    SHA256

    854a09f1f875a3a2e6566c593af465c9c8a3aa9b9112eb755bb09cee76224a63

    SHA512

    9fd5d4f02aa9d24ce9591ac0542d0abadf2b26208c3043220d2a0f036298199131ad804f9be20c6cc67f39e2921eebec65efb3a1e435ee7318fd8591fcc2fa2a

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_2x.png
    Filesize

    552B

    MD5

    b34c8c3b8117b038839beefa0df5a7ce

    SHA1

    c8d1e8eb4c71d5aa02e36fe3b7365374a9e4e32b

    SHA256

    bfef65c62bfc309f698e8e0b999edfc06ad272b87d805f183551c43f08d704a9

    SHA512

    89fa9f31f62c6e119e6280dbc475c35dd7bb37c27457732a0b1cb04809a35fec44a12ccb6a3a626586d596a0636d754a9ff79ecd9ed739c5c6edea50738a60d7

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_hover.png
    Filesize

    388B

    MD5

    2ca9f57d61ed45337ec4e6565480367f

    SHA1

    fa06ed14d72ad8ced6ad98a4e223bc80cccc5e75

    SHA256

    a584379ebf9aa0d3c0239edb7e1f114f01a9865f01c68494d5f28d410ba8d873

    SHA512

    83a172f2f304b2f634c313e248b62c11b7798f416872929ef233134bfc4ad8f44b1b4dfa123e8378a233417e1298a73088258f5671ace96ff677d1f26447de87

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_hover_2x.png
    Filesize

    552B

    MD5

    74af10749d7f19d15c8dca65a7453415

    SHA1

    dc96d9dbffe472600548dc64c724055e62620d8d

    SHA256

    0e0084df79ab98e5df48ed1e01987f7ac3fcf4a038dd5453708d868f73a073a8

    SHA512

    83d190bf6f9cb77894e7aaf84029c40a2a0335e43d08062ca2275a2cb7a784a29b3b7b8be820c7dfb2f1458ab0528fcdfe45f05491be673b30495e1ed916999e

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-computer\images\icons.png
    Filesize

    7KB

    MD5

    d3963e6fe853dbd9d22f794d5ece4c48

    SHA1

    db35a3e565d0b6dca7ad243443a5560a1247eb33

    SHA256

    a870c4e9ff6c433b5583a8f09fcdfbe712241c7e7d64cd59a10c2ad592f64fe5

    SHA512

    fe60a1b2a20d3c11152df2d6fbee05c3d6b80c89486d258dd6d318c3f89deef3e91a116c502c117d79a5020489e394194310f5c7a7ea3d4b7d284ca5a3e43ca7

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-computer\images\themes\dark\icons_ie8.gif
    Filesize

    7KB

    MD5

    d4585d0ccf35ae69b1246339cfb46b90

    SHA1

    1fffc3492684a5db89e949d2d8b612eabb38994b

    SHA256

    d6707a7a393687bccd92de05cecbd746be791f3a670cb4fc106252f49d2a0a2a

    SHA512

    a85560cabd3ce3dd21177948884a921385c0325b431dd281edda61d3585a69ceef28cb339c5a88d167597451ce22d54828b03d69823b5737bf3e253bd9bda9f6

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-computer\images\themes\dark\icons_retina.png
    Filesize

    15KB

    MD5

    7045217d47de04c1d72eea7413b780c4

    SHA1

    04c73e38fa17d35a1f684577cc79d77615c09e02

    SHA256

    8c659d0904687a97d9c6b649e4b74e99b286265e92252908824efcd07f956b66

    SHA512

    abe433cb154598ad2c0de6070d6e75bb70274a58ce92007ce200201f788553517bb579b0df5cbde3b4f2bebdca1243f0e54836d125d72ea206b3ccba1d15a385

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-computer\images\themes\dark\new_icons.png
    Filesize

    8KB

    MD5

    0e366a48bdf6a3b140508e56eed0bf0f

    SHA1

    bcd76a4a537fc00d8c468b9496d3d5b5dd6a2a7e

    SHA256

    a311b5a78e1b856505337b90e53edb4ba380160234e1b4e8801c231ba8d590a5

    SHA512

    1830e3e260a50f79553673bec5775c0ba623284d233c25a2da016f273e67e218f5d2f49bed5f9e68842c7dc14b852e979fbfc7ed336f9a34dafd04a48742f827

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-computer\images\themes\dark\new_icons_retina.png
    Filesize

    17KB

    MD5

    28a435033f504be69def6f9d52efd2b8

    SHA1

    6f50318e05b79851a445f98d4b3ae3d65feb22ad

    SHA256

    f84c7c93947e86e2a499117d4c55910de9fbaefb6d703a8d0f90f4867c69c182

    SHA512

    a2b410bb6bb328eb1e3af794259bacce7918f44698c8145fa530af9be6bfc22a064c1f0ee5d7ce289f4a60a50fce9b56a720793d19ec477340b1d7ef158df6b0

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-files\images\bg_pattern_RHP.png
    Filesize

    179B

    MD5

    117ec36a5cc6d82e63e8b3beae4a3099

    SHA1

    4c692192be53827f8ec8015ceb129f6e0f89e923

    SHA256

    041917c06c638a1b1accaf0d2f0b2a6dd335dea629de602e104553024d822ea4

    SHA512

    abb02a02a9161ece12464020676e880f1eed96b43a9dfd4f7ca06dc203fe633b0a712da5f151d36a5644d65aad7b2880c135df0bc42d7c1e61b44006807a8c9d

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-files\images\illustrations_retina.png
    Filesize

    19KB

    MD5

    ff84cb8f89545b86e32abd27a9694e1e

    SHA1

    3cde537531f8689772bc9eb39a12c687da5d5225

    SHA256

    8b32854c17056ea617a680cd26ea91015e77d68260f656758984583eb6895a87

    SHA512

    2690d712ba02fbaa769689d0eae380d0988721c6fcb710e04e1e2aba56496cb58f5d4168fe75540139afce179b1250c2ceb11fc4c3d589a3615ad20dccacc8f1

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-files\images\themes\dark\bg_patterns_header.png
    Filesize

    703B

    MD5

    ccc8d470e94b3441e41521572ba86ccd

    SHA1

    d294d7e78b596fefcc8084fab7917c54d3043e27

    SHA256

    a7cdf870b0b1b8459e94ed25a29daa87f5e9050294bf6cdff3bc72f93b928f94

    SHA512

    f3b2ca4d3160a089f6959b7c8e3e6c213c0facb2733f7948a7222196d3bd8c7350015602569df2cdc7408e38b0ff6700306d7e3439f0892b4d13d9f2d5329e42

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-files\images\themes\dark\illustrations.png
    Filesize

    8KB

    MD5

    f6e318123e7ad5933a49669eb035c737

    SHA1

    ed8938fa3c13af75978bbd0bcdd3e8bd40a02004

    SHA256

    19f68990146444907956056019aaee514c522c3c00ae00604da44a1bec2f8f51

    SHA512

    b2506a283dbdcf40ba0cac63b4fd0249463218cc9511ce52cae5ab8c36706090fc1f1942f1082204dcdad5d80e7b655d9e12326c820ac21f64a508999e130743

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\my-files\js\nls\ui-strings.js
    Filesize

    1KB

    MD5

    d59d8ff7aaa17ee875adbe48b7a77e78

    SHA1

    7405acc07f6137b7fd9575f99a2b4354135956ef

    SHA256

    d74c0782682efde01c1c30e46814256f7d16d7df00a7167d90f2bd55ebaab626

    SHA512

    63fc8bef9e8ef833e45d99f954a9eb99d6bbcae39b2eca8a7000ac11b976cdd0ce0581e5e5e6b2f1bb2bdc911e31690e503dad945f0a3ea702dfe404896eded8

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\pages-app\images\example_icons.png
    Filesize

    683B

    MD5

    a0522ef468697e74b90c444ceb4aa17a

    SHA1

    31fa5bb9b4ada150c9001b6e9f3213644117187f

    SHA256

    57804748e775c08ae188b4d860f31e4482ab99b44ed1d8489780daa6756fb11c

    SHA512

    bbb91f8b3c204c4c04da2ad635eb18e9f224f73395dac509c438c0a645316162b6ff78e03e7af76d5da2d9e84cd0c4b5e9db1d4dc08bc3f524bcc55c1f4dbbd3

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\pages-app\images\example_icons2x.png
    Filesize

    1KB

    MD5

    99a1fefa123aa745b30727cc5ad50126

    SHA1

    c48f74cee78f8ed8463634d80c4112f3e12bd566

    SHA256

    7a610114be56ff131462bc67f9a23bcd4fde4fdd0158691448ab9e4a3eb2ca3b

    SHA512

    504800f03a4aa57c1cfa15b28542382728b5f3dd85309fe12ebfd711980d78d15d8241d5f54956ee41da2cd65203b7764ab7b15119457b74ebc07fcf8e55a742

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\search-summary\js\nls\ui-strings.js
    Filesize

    1KB

    MD5

    3dde11f8594519f004ded2687db9b90e

    SHA1

    fcf1854df851616a25d7cf1439a9120b16902420

    SHA256

    196c132938d324c62184ddc85bdb1cd642af830712e0fbf0fb3230978316d510

    SHA512

    adc2cb3a37dbf5fe2ae79f5752c0d38d2427a95e333e848ffa113046f630eaa967b3cb29c049dcdd9b921d57e23392562d779c24207f770aba6e92392064f17b

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\task-handler\js\nls\fi-fi\ui-strings.js
    Filesize

    823B

    MD5

    5e884e2f05ac036b7a6cded3efc2ea2d

    SHA1

    807c1cf1bf0943404601b6241bf4bcf9fcc29c9e

    SHA256

    b333de3a4a7be7749b82302085ed26ad868f0f8eccd09d2a8bb8840414e624d6

    SHA512

    6665aa6fa35e05d01a4a2312a93faf52d6b39409bfaa861c187b0cc2fc51e74aa253ebf56061872d548cb6d3d7bbf1f7c2568de81e5287e0a1d6591c1e780f15

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-selector.css
    Filesize

    802B

    MD5

    bfeb063e064c71e44ce75898e79c61bc

    SHA1

    c4dcb4b6814cbee53b415a2a5df02fa500510ef3

    SHA256

    af439ebb0d55750003f7dbec517e7b0b26a6a0506b21e3b74d800cd1c7faa004

    SHA512

    0835ebe63867fba6d69a25c83dca767ffd9c57907ba76d9c71012be18510e2145a358d37c1cf4e4ad35d1cdd4f67ffd5928e70e18a376db607d8482356f12219

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png
    Filesize

    2KB

    MD5

    4c27ad089d04cfefd979d56f2a67b172

    SHA1

    63289f9198ee4553759b07de7a4229ad370fa976

    SHA256

    e34bcd5b8436d3bc45f98dd913d41f185c6b06326b66937d6e0d5c6434b16fe7

    SHA512

    23f9283f769fd310dcac26cac00d2eb033763d73bd45b0d148ea1ec3a3c75b073572c9fa9234699372a7e1caad7fcde7629d004815536df1d39d291f2d2d96a9

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png
    Filesize

    2KB

    MD5

    61bd39ed095fa82ffd334fbd7982616c

    SHA1

    51af9c2cd42743c5cf81200e0fba3cfaff801885

    SHA256

    237a70fe0388ce6884f5424692c460625691ef7acb0bf80403ec6b25f348b94a

    SHA512

    54dd8e1a5c19a9d51892a12e9501b7f6f69e09e0c446ec36f7ddfd9ad0d9cef52604ab2f8071c71ce63989510a703f1cfd5492e1ac20c8b37258ba21f8952400

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png
    Filesize

    4KB

    MD5

    543415ad8ba14db1b75a93a551a4abfc

    SHA1

    3d4737451e899240fe19daa07f3c58ce9a623631

    SHA256

    03bcfd7fcbd98e48b1954f912ecd66ce0bd5c181da0c2408beed01486ed23804

    SHA512

    7c4bd1cf6fc8d7aeedb1c666ca45c95615927fe76cad3d3c4f4dafc987f4ac04f527ecaebb3103f593eb080302e768fcd77739ce8344ff2e7ec10efdd1113cd0

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png
    Filesize

    385B

    MD5

    c789d387908d7b7f21c6474a86e84019

    SHA1

    1c36fc6954178c43d9249a5ff3c7246057c6aead

    SHA256

    223f32512aec50c1c00fafc476d8e4ce61e79aa748c67b72fe55514882a31a5a

    SHA512

    1cab85dff119b591046049b69b6208283ca5e009d95129bb407df2768c82da30fd2af8debf6f1bbd91f37518538f3ba6bcda32b63d1d278b56fdd1f5f93439ca

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png
    Filesize

    1003B

    MD5

    c5aab3d175e0a3753ed2c3bbd7b929c1

    SHA1

    3ebee0101ad62449a67f506df9c8e7dacc39f877

    SHA256

    2e187b74e926afe70eafe0648c7125817e99f5586eee3e2e05446e360d4cc1bd

    SHA512

    e967020462477c3e9465e3383c544cf468dd89f4da084193634f5bcdc001b90f5bad3f4f6dda9e95ebe068108986daf41504e02331f4922ea25e7ffee1f27040

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png
    Filesize

    1KB

    MD5

    808971f45b803583d9d1f812803d81b7

    SHA1

    0f6aaecba7c976ed8c2f53782b3d3148f41b2905

    SHA256

    c25d9409ddf9645c2731ec785cacbb7568005bfc78fe0aec7df3ae3c4d30e333

    SHA512

    121e6b01125f9e9d4894f7d498bb4d39ce676ce51e29cbcd148e0c1feed46fbc58267cea7d5f66654be831dc479e4643be8b28b005467309b7df5cc7fbcd0dbe

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png
    Filesize

    2KB

    MD5

    ad68c0b141ea1dbfcadb540c1817289f

    SHA1

    548a46167f7f5193c5a1335753bc208bf92aa504

    SHA256

    537ac64cd204d7ef82cfe41c932deb9cb1ae738b2156eff4dbf73208384c0a13

    SHA512

    269ae39458a9f30351166f304825b777f3ff143b7914b98e83e01600fa04c7790e6e813466c2a1c5396ce13cd2199792905cf0baba1cd28a420440efce0843e8

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\dd_arrow_small.png
    Filesize

    289B

    MD5

    36503740756a442b7be294947462be83

    SHA1

    a1203ae869deb46f59a3273f6d130e7457bf5321

    SHA256

    d188ab283c552eee50677129f3b0ffd8d97828c4e7007bea258174c9a2200e87

    SHA512

    6ff98b15c7d757dd351bf50a1c4ac759a73fdafe03d5fad506478550987d0ec016ba9e617c099e6bf7b0263846eddc4eb32cb70fb1fbbc1189791defe556967a

    Download Submit

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource1\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js
    Filesize

    840B

    MD5

    32147da1c647161e45a1004eb1b16349

    SHA1

    a953c222cce91729ebab36bddd43bd5a795a69cc

    SHA256

    434731fdc6d2f5115c5f7786ac989fedef7d0f60cd2ad4385cc98f6d2160566c

    SHA512

    8c825f8d38519cdac2a49e4ee8a9564ae72839199562ce9acfe72b4fbb94f8946775054782cf26a9566eaf8cf944a26e42b7b372c4e7349b33a8e17dcd13df94

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json
    Filesize

    233B

    MD5

    1ae45328a50ccb5d7cd8e3f84c060e67

    SHA1

    09e8ae3866f88e2fe89e1442f379eaf2d39a79d5

    SHA256

    059f2682f67d1d3f84c181eda2b27955179ffb26e4d7c82da58af7ad03f6058e

    SHA512

    8f7fa73edefac0d770a3fb636079cfa0b70fef4dc6576b298e91059698392f1995101b96c3b7543baf2f33d72d3c2c89b95a6af42ff30f51c075dccbf87ab9d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\cloudCommunitySettings.json
    Filesize

    2KB

    MD5

    404a3ec24e3ebf45be65e77f75990825

    SHA1

    1e05647cf0a74cedfdeabfa3e8ee33b919780a61

    SHA256

    cc45905af3aaa62601a69c748a06a2fa48eca3b28d44d8ec18764a7e8e4c3da2

    SHA512

    a55382b72267375821b0a229d3529ed54cef0f295f550d1e95661bafccec606aa1cd72e059d37d78e7d2927ae72e2919941251d233152f5eeb32ffdfc96023e5

    Download Submit

  • C:\Windows\Installer\MSIABC1.tmp
    Filesize

    57KB

    MD5

    c23d4d5a87e08f8a822ad5a8dbd69592

    SHA1

    317df555bc309dace46ae5c5589bec53ea8f137e

    SHA256

    6d149866246e79919bde5a0b45569ea41327c32ee250f37ad8216275a641bb27

    SHA512

    fa584655ae241004af44774a1f43508e53e95028ce96b39f8b5c62742f38acdf2b1df8871b468ac70c6043ca0e7ae8241bad2db6bc4f700d78471f12bb809e6b

    Download Submit

  • C:\Windows\Installer\MSIACBC.tmp
    Filesize

    418KB

    MD5

    67f23a38c85856e8a20e815c548cd424

    SHA1

    16e8959c52f983e83f688f4cce3487364b1ffd10

    SHA256

    f3c935cac911d9024c7797e8ffe4cce7d28154b236ad3e182f9efb85cd5a0a40

    SHA512

    41fc1b4e2f47d5705861ee726c8d5d7b42191e7d586b370981da268414f207f6dea00a59dc53012cf6510c44651fec4a3a33bf69e501d85fd2efd66517e4169d

    Download Submit

  • C:\Windows\Installer\MSIAD98.tmp
    Filesize

    148KB

    MD5

    be0b6bea2e4e12bf5d966c6f74fa79b5

    SHA1

    8468ec23f0a30065eee6913bf8eba62dd79651ec

    SHA256

    6bac226fb3b530c6d4b409dd1858e0b53735abb5344779b6dfe8859658b2e164

    SHA512

    dddb9689ad4910cc6c40f5f343bd661bae23b986156f2a56ab32832ddb727af5c767c9f21f94eec3986023bae9a4f10f8d24a9af44fa6e8e7e8610d7b686867b

    Download Submit

  • C:\Windows\Installer\MSIAE75.tmp
    Filesize

    209KB

    MD5

    0e91605ee2395145d077adb643609085

    SHA1

    303263aa6889013ce889bd4ea0324acdf35f29f2

    SHA256

    5472237b0947d129ab6ad89b71d8e007fd5c4624e97af28cd342919ba0d5f87b

    SHA512

    3712c3645be47db804f08ef0f44465d0545cd0d435b4e6310c39966ccb85a801645adb98781b548472b2dfd532dd79520bf3ff98042a5457349f2380b52b45be

    Download Submit

  • C:\Windows\Installer\MSIC0DD.tmp
    Filesize

    271KB

    MD5

    f88c6a79abbb5680ae8628fbc7a6915c

    SHA1

    6e1eb7906cdae149c6472f394fa8fe8dc274a556

    SHA256

    5ded99991217600ebd0b48f21c4cd946f3c7858f07d712fcfb93f743faa635ed

    SHA512

    33e150822331356e1cdcbff824b897ca5bf2bed0345d2fa39cf9b1f36a77201167819761b1cc3b6cb02a87625e0b6b85a8505281ccc575ca6b73af68e1e90361

    Download Submit

  • C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\PDXFile_8.ico
    Filesize

    340KB

    MD5

    d07cea5fbf17f2ffa4fdcb38e395dbaf

    SHA1

    c0218a4f53428d71f19f1121b8532b3fe0d178b9

    SHA256

    c5ba5c23decaa64a9176f20f8b18a8c89b42ed54f55f3285bd400fd74051e37e

    SHA512

    98ad990280e9db23ee91e23ee5d0ebc8e289eed7923cd07bb31b845af28ebe0a09bc49f9de2c7e81a49a041d9f87f089a4a67402e1182c41e0d41a3e47264d4f

    Download Submit

  • memory/1400-2617-0x00007FF75A700000-0x00007FF75A7F8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/1400-2618-0x00007FFB6D4B0000-0x00007FFB6D4E4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1400-2623-0x00007FFB6C7E0000-0x00007FFB6C7F7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1400-2625-0x00007FFB6C7A0000-0x00007FFB6C7B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1400-2624-0x00007FFB6C7C0000-0x00007FFB6C7DD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/1400-2619-0x00007FFB5C710000-0x00007FFB5C9C6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/1400-2620-0x00007FFB6DF30000-0x00007FFB6DF48000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1400-2622-0x00007FFB6C800000-0x00007FFB6C811000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1400-2621-0x00007FFB6C820000-0x00007FFB6C837000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1400-2627-0x00007FFB6C730000-0x00007FFB6C797000-memory.dmp

    Filesize

    412KB

    Download

  • memory/1400-2626-0x00007FFB5B4B0000-0x00007FFB5C560000-memory.dmp

    Filesize

    16.7MB

    Download