infinitylock | hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master[.]zip

Analysis

max time kernel
555s
max time network
555s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05-08-2024 13:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip

Score

10^/10

infinitylock discovery evasion macro persistence ransomware upx xlm

Malware Config

Signatures

InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
ransomware infinitylock

Disables RegEdit via registry modification 2 IoCs

evasion

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1"	Krotten.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1"	Krotten.exe

Disables Task Manager via registry modification
evasion

Suspicious Office macro 1 IoCs

Office document equipped with 4.0 macros.

macro xlm

resource	yara_rule
behavioral1/files/0x00070000000234b6-4091.dat	office_xlm_macros

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LOGON.exe	DeriaLock.exe

Executes dropped EXE 5 IoCs

pid	Process
1284	ATF8Baddies.exe
2224	Floxif.exe
764	InfinityCrypt.exe
4472	Krotten.exe
3384	DeriaLock.exe

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2224-977-0x0000000010000000-0x0000000010030000-memory.dmp	upx
behavioral1/memory/2224-980-0x0000000010000000-0x0000000010030000-memory.dmp	upx
behavioral1/files/0x00070000000234db-4142.dat	upx
behavioral1/files/0x00070000000234e5-4162.dat	upx
behavioral1/files/0x00070000000234e9-4172.dat	upx

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\svchost = "C:\\WINDOWS\\Web\\rundll32.exe"	Krotten.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\AVPCC = "C:\\WINDOWS\\Cursors\\avp.exe"	Krotten.exe

Modifies WinLogon 2 TTPs 2 IoCs

persistence

Winlogon Helper DLL

T1547.004

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption = "DANGER"	Krotten.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText = "Äëÿ òîãî ÷òîáû âîññòàíîâèòü íîðìàëüíóþ ðàáîòó ñâîåãî êîìïüþòåðà íå ïîòåðÿâ ÂÑÞ èíôîðìàöèþ! È ñ ýêîíîìèâ äåíüãè, ïðèøëè ìíå íà e-mail [email protected] êîä ïîïîëíåíèÿ ñ÷åòà êèåâñòàð íà 25 ãðèâåíü. Â îòâåò â òå÷åíèå äâåíàäöàòè ÷àñîâ íà ñâîé e-mail òû ïîëó÷èøü ôàèë äëÿ óäàëåíèÿ ýòîé ïðîãðàììû."	Krotten.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_checkbox_selected_18.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\convertpdf-tool-view.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\it-it\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\de-de\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\goopdateres_pl.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia100.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_ellipses.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\ko-kr\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\PDDom.api.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\next-arrow-default.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\A12_Spinner_int.gif.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.195.15\msedgeupdateres_or.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_remove_18.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\da-dk\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\da-dk\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\sv-se\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.195.15\msedgeupdateres_fil.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\nls\ja-jp\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\en-il\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\sv-se\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\edit-pdf-2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\sl-si\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\ja-jp\PlayStore_icon.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\ru-ru\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.195.15\msedgeupdateres_af.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\back-arrow-focus.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\v8_context_snapshot.bin.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\tt.pak.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\Confirmation.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\Comments.aapp.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\uk-ua\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\share.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\eu-es\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\eu-es\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\close_dark.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\s_filter_18.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\pt-br\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.195.15\msedgeupdateres_cy.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\ko-kr\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\Viewer.aapp.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filter-hover_32.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\tr-tr\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\MSFT_PackageManagementSource\ja-JP\MSFT_PackageManagementSource.strings.psd1.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\Locales\sr.pak.DATA.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_folder-down_32.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\plugin.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\pt-br\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\af_get.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\hu-hu\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\fr-fr\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\LogoBeta.png.DATA.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\tr-tr\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_history_18.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\images\themes\dark\warning_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main.css.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\themes\dark\line_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Notifications\SoftLandingAssetLight.gif.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\images\themes\dark\example_icons2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.195.15\MicrosoftEdgeComRegisterShellARM64.exe.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F	InfinityCrypt.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\WINDOWS\Web	Krotten.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1120	2224	WerFault.exe	110

System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ATF8Baddies.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Floxif.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Krotten.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DeriaLock.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	InfinityCrypt.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	InfinityCrypt.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Control Panel 6 IoCs

evasion

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\International\sTimeFormat = "ÕÓÉ"	Krotten.exe
Key created	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\Desktop	Krotten.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\Desktop\WallpaperOriginX = "210"	Krotten.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\Desktop\WallpaperOriginY = "187"	Krotten.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\Desktop\MenuShowDelay = "9999"	Krotten.exe
Key created	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\International	Krotten.exe

Modifies Internet Explorer settings 1 TTPs 4 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\Main	Krotten.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Window title = ":::::::::::::::::: ÌÎÉ ÕÓÉ ÏÐÎÒÓÕ À ÏÈÇÄÀ ÃÍÈÅÒ ::::::::::::::::::"	Krotten.exe
Key created	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Software\Microsoft\Internet Explorer\Main	Krotten.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window title = ":::::::::::::::::: ÌÎÉ ÕÓÉ ÏÐÎÒÓÕ À ÏÈÇÄÀ ÃÍÈÅÒ ::::::::::::::::::"	Krotten.exe

Modifies Internet Explorer start page 1 TTPs 2 IoCs

stealer

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Start Page = "http://poetry.rotten.com/lightning/"	Krotten.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page = "http://poetry.rotten.com/lightning/"	Krotten.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673398518972846"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key deleted	\REGISTRY\MACHINE\SOFTWARE\CLASSES\REGFILE\SHELL\OPEN\COMMAND	Krotten.exe
Key created	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1288	chrome.exe
1288	chrome.exe
4528	chrome.exe
4528	chrome.exe
4528	chrome.exe
4528	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe
Token: SeShutdownPrivilege	1288	chrome.exe
Token: SeCreatePagefilePrivilege	1288	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe
1288	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1288 wrote to memory of 2396	1288	chrome.exe	86
PID 1288 wrote to memory of 2396	1288	chrome.exe	86
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 3592	1288	chrome.exe	88
PID 1288 wrote to memory of 2804	1288	chrome.exe	89
PID 1288 wrote to memory of 2804	1288	chrome.exe	89
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90
PID 1288 wrote to memory of 1464	1288	chrome.exe	90

System policy modification 1 TTPs 37 IoCs

evasion

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Uninstall	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMMyPictures = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFavoritesMenu = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSaveSettings = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{450D8FBA-AD25-11D0-98A8-0800361B1103} = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMyMusic = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMMyDocs = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives = "1044"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood = "1"	Krotten.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoUserNameInStartMenu = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrinters = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoThemesTab = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D} = "1"	Krotten.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuSubFolders = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuPinnedList = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrinterTabs = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Uninstall\NoAddRemovePrograms = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoManageMyComputerVerb = "1"	Krotten.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMFUprogramsList = "1"	Krotten.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive = "1"	Krotten.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/archive/refs/heads/master.zip
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb2bc2cc40,0x7ffb2bc2cc4c,0x7ffb2bc2cc58
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1836 /prefetch:2
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2140,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2256 /prefetch:8
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4828 /prefetch:8
  2⤵
  PID:3632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=1044,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=208 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5252,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5408,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=724 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5740,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5748 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3664,i,5656943669359782901,3605374893673496003,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4088 /prefetch:8
  2⤵
  PID:2192

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4484

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:824

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4672

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\" -ad -an -ai#7zMap26554:108:7zEvent8951
1⤵
PID:5012

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\ATF8Baddies.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\ATF8Baddies.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:1284

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Floxif\Floxif.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Floxif\Floxif.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:2224
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2224 -s 432
  2⤵
  - Program crash
  PID:1120

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2224 -ip 2224
1⤵
PID:1616

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\InfinityCrypt.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\InfinityCrypt.exe"
1⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
PID:764

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\Krotten.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\Krotten.exe"
1⤵
- Disables RegEdit via registry modification
- Executes dropped EXE
- Adds Run key to start application
- Modifies WinLogon
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies Control Panel
- Modifies Internet Explorer settings
- Modifies Internet Explorer start page
- Modifies registry class
- System policy modification
PID:4472

C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\DeriaLock.exe
"C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\DeriaLock.exe"
1⤵
- Drops startup file
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:3384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Winlogon Helper DLL

T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Winlogon Helper DLL

T1547.004

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
16B

MD5
2b69a304a275bca757443533d449b9ce

SHA1
77dc52a8ef18ba832cabf8d98dcb62448fd50e2c

SHA256
e10c555c9f22bbda50fec7ac2215fb7068596c1447fe00bc5ef3148e3fa52380

SHA512
e940bcb23adb28735b28be95b034e55a5b3fd09712b7777971225cd64780e213bf9723ed78af657efe2141d605ad3314a36cb03087d8ec852de3b5e6934afa62

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
720B

MD5
25ead03e8c378b810805c6f77b6cdf76

SHA1
f33f8b24cd20cd31c121c56b638dc519d105f2a5

SHA256
6334d8ce5cfb24f2fe538ef2744ff50126fcda87491774a032926254eb1ea067

SHA512
da61650292c4f4256b65ded6bd2b79b1891c803e001a4e033b1cfbbe96ba39f4e11a35516f046ccf7cf435d979138b96437ebafc2c5821970e03337ab51584f0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
688B

MD5
f5a9cc9c7e32958ea91cfeec56d615bb

SHA1
b8e146841bcbbc94fe1e6ba280168fd504570462

SHA256
a77edc65a576b178cf13af2cda9154ba2ac49c116ab04afbfd80dbe28bb845d4

SHA512
e5f8e5da23eafd3d6ed2bbb0d29ab8a75b2b3c873cc18b27fa7b5a83503c9409d84b93ae695b24b28dd2762688867b280f3da6946e43f08539a7522947b62456

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
1KB

MD5
3f7c7514c15268e92bab4bf69341e590

SHA1
c04580813fc9aa39b254b487c9afb546081e6676

SHA256
7fbec27d6096d8448e87152856067b93751081ce6700d828dbb8c039cbb8d4b2

SHA512
18fa2d2aaf7161e597b718345b470a736f331c45bd2d9aa607cae2813d41b53941a80cb742064b25b200982800446286fe7b296233a998dd5a9f6bbf92097346

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
448B

MD5
526be6be39c5a0f8d8a6b10c8eede80e

SHA1
59683b8fa63411f1194a5baaf99d23c4e635a1ab

SHA256
b53436ad0d879df8d94ea417e98033635c1b03c8abdf8b0913569d217be194b9

SHA512
c210228747870a52f90bbc55521b32f39ddabdbeda527a50570cd42d053280fe6e78d15b96d25a5c0244d8ac3d1d55f27419e998d07b0a2211914ba1d6bb2a84

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
624B

MD5
f6983f2d204900efd179ce5379663585

SHA1
98c42c2bff162538a3baedaf0e4e59a1356c486c

SHA256
9c3bf278d287500a24e6f75a7df7c18ab421cd4239b739ece709b1318172068b

SHA512
145b20ad546deb33d1c1f26c91f71ba46648f1b9a9f0c3d416891b95a2efbbfc2e31d0a69136a7a7742e6a6e56e0f094c7ae68d81165e68623c84280f69b1081

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
400B

MD5
9e0e4eb4a3515f872d4dca57f3b6ac00

SHA1
dd9c3876879db2981f2aa46b2cf82c9f3f08f85e

SHA256
243fd84bf672ed35c38f0fc2a3815be18937e204a4ba7cc00ec8d5d1f2a2b411

SHA512
099f8050743ac7de305f89ac3e9469feacbaf2640f9719cef0e112c0fa090468ea78a3fe84f7af58536e6da4223c3ba2fc7e29d674964f12894569d96953ce07

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
560B

MD5
78cc6e34ac2f11db18ad849ab6721a98

SHA1
a51d951e57ad5121b2c42f03d2968ab9964f7a1f

SHA256
cef6ee5ff085e40fa23b9d8ba23c74211c3a7e54535e8087919708541a23bd79

SHA512
35a1b7916266002d71a22fc45c9bedcf62d97a37d32c1ad6fced786c7240c2bf8df25284e029947b9ddbad19b7a5fcfd6d2b1323fb41420ba0b66d6043522b7a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
400B

MD5
a46c8f19b81094b559b684da8cac5360

SHA1
cc2043e828441c13beb330f0f40c271779e47ee1

SHA256
21cda1f22b43e3ebe72f8a5cba27cd2acdbe0f18cc6e6025be7574f768777899

SHA512
3642a8e695bafd6e722301afec51e65db9ed8267b0be36cb08d646b3b735fd07b9b38beaf71b5b614cee894b51f3478943ccde4ed289c71267f02bfa411e5239

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
560B

MD5
74933246c9f32bbd16f0f0fe9eb86d39

SHA1
6475ccef657d3b571092cacec5f9caba2c6d6e23

SHA256
10ee1f75a42939aa68528356a2e73c2aa02cbd83a17f6161f3175e6692c21052

SHA512
5b4a176b8ce4a507eb584409e94f9c1418104845a0b31bc2e68412a350066c62bea3ec9e3c567f5ee50305d4c87be6e0e867ca9062377b8da5fe81349602787d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
400B

MD5
db6f5b1ae555de0547aac5228a99f42d

SHA1
a2be3cc2080fe50e119aa11eab2d81ae4299e093

SHA256
82d7e165236adfc291094cb7d5a2ac9fb0fc48a52b44875510fd01266d8cc6fb

SHA512
c5d7126ea0fb67e411aba0b18126d804fd8ee378fbfbf2b04e5638f0f68e5cfa68d13b19b2f82303149c7aefa1c4bd8bd0e26410f36844b4d1ea88a7b3fcacac

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
560B

MD5
30193754a8a043284910fe49f7b33899

SHA1
8046fc37f78a2c4957d1cea25a98193266a575b8

SHA256
1b2a4f08697ed4e778b1d270b2a9d49595382b5cf1ed96ad82ad7b5f8d8f83e7

SHA512
ce92e826fde4b91df9cfe726b94dabb9d40ee179db9178a79dd1d48c1da8dee3718275c02c7adfc3d664d82e9ffa14013dfa63c2c47eeb01a1d1bbddba2f9ca5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
7KB

MD5
92021f96cb09c8ac91069537d07da2ee

SHA1
959c364bf0b2c6b3a1b2c3f42faafff551936849

SHA256
55cf913ca459e96c43ffae370eed8dc0b2f89c40748ebf1ba49a72f35b0433f6

SHA512
612b4b915f222f6b54f1886d9fac4857b304097170431dc2c59bce302047e03b135a872d4e965d5e952650fe429e5d7768b35576644e519c306f11dca9386c8f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
7KB

MD5
ea00cbe11282afb33923fa92370fe0f5

SHA1
81a715edd336877aa24ce34232d89d4ef5377cf7

SHA256
a62a9de3f26f54cd7db9c9299aa015b915890e90d8cefa4e4e769b69400e0fb2

SHA512
203dbf82a5369bf61856b5e38abc773371e3b8cbdd00e07ee558c62bff3a5c2ef3aee16bb3309b43f19ffe282b188c113de5e51e7c4c8577411590d98012f70d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
15KB

MD5
fcc69e03330ddb3fb8a515874f9236c1

SHA1
c96d1751cd59e2ea731baad665c78b19426ebe15

SHA256
46201410cd5f47172aa599aac9b6ddf8a0a5afb203e656ac99b912ff95cdccee

SHA512
66b24780d34402035d76a112d86ffe959c8874f17a406bb1703335f1ba1625657815764497112696635432cdb0f34a72e8448e816e6a11f84f4324dfc3d0f680

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
8KB

MD5
2def48d8ad22cb29c7f30ea59bcd72b3

SHA1
b8cc4d8420f9de47a931dc6ab88e495acba48eca

SHA256
03b8f45d8f31730528dda30858db455692a098ec51357269c2b1f0fa38bf572d

SHA512
cf5132d32ec68d76258278b439366501d094e2e9d185f4e947c5432b018fdd94e580d6c380d0637aa872f5430297e672af0a62a7ab6b32aac282ba059c4d2f84

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
17KB

MD5
4134691f14536aa457a2180ff566dfb7

SHA1
caf80302966e5972e8c23281ae91d870d7fee84e

SHA256
250e4af2861500a5d510ddee4650b7fa3631d1dc8f01732a4f61111d4944dfcb

SHA512
378f17d99f8fda27b8268814360cc0f5e4a5cdd2e8b42fcc919d0c0a215aae1bc6af5b9b0a2c092b425b804d8db8d206845faf43fa6acda10721461c1d0900dd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
192B

MD5
3f1840d8ad1d3581fd8d0ee3b4a0e4aa

SHA1
b57ce356e9a3de277696ac1ee8e3f242e19d9b4b

SHA256
59a19d110aad3891be46f5865621f11821d70b62a9bc8a8047ba8243dbd17a75

SHA512
1fe5a5f7c197aad64ad1ef05d7458f58414820ff9dd5628d35a4ca88e96e0b7ec20da2d20eb9ba8846e88258d01b2a045b339eea5e398093687c5e10d4da1421

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
704B

MD5
0bad04eadf9c213ba046c728cbd16bc1

SHA1
c456f6553421c58040421f25aa16d3206ca4f118

SHA256
33ad2a13221d113a0e62fa6ac6a29a00b6101f86b214fb1218e0cc8d3dccd105

SHA512
9bdcd8373e7b6938520acceab580f4e7fcd259ca77cacf76c72ebdeb62f0872bf16c1bc983743422c450617c964d96d0d3e7b2dfe5ebdd6bb04cc86772d8f69e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
8KB

MD5
7bae408d508bb3d2ff318915ab7f2f3a

SHA1
c4bac5c2f47927aef70c891c143185067172a283

SHA256
707b7630fc8f7d84e02f7077b05ceb6be697fe334d48652716e44c69a4915c4c

SHA512
b9289bf59b00432a6a0ef87c7bcad7ff3247671d5beede76a14bcc0c486ddf477203959bf00abdbbbdac4cc3ff03a76d8235cdca17594fb68a39ddd90d2e2bbf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
19KB

MD5
dd73579f93711fb5cdff701d92c2e5e5

SHA1
a39ac7286d0be092fb6072980322ab2e9addd77b

SHA256
b478b85bd78ee8570f36d25dd53bc65dd4dd859e84dac81882d17fad3f697ff0

SHA512
1ce5942c2b7802718e8bc7e66d35b446dbe339954af31b27cde1917da5a1961a06d1cffd7ccd5c9f794d74119d65375b546d5da983f87981313843396eac159b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
832B

MD5
3e3ff612a75d13bab42e0c6f5752c7d5

SHA1
0ed4c1d454cf6e6979de027e673e6c2eaf1ad8c5

SHA256
16559d6bc1e1ae12955f87d840b3c689a8fa578d51df9bb19113c1d4be249c06

SHA512
234e662ba64821e6ba5ea9b7e61f1f1a9c4587310c12e6f8fe009aa4c673b40b05d7d4bca0fa0b6c3a86d9ab9285f362dc50136cdf2e6c7613884f0092536ebd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
1KB

MD5
5dc66c732ffb211c86cbb7c142f544b0

SHA1
4ec4a6aba8c9441ae149d3e150d0e4dcb9251b02

SHA256
ca92e3e2b90c35b6062fab11062229211c01b9d07c5f7cfb5f0c835afa1e51ae

SHA512
7516adde1237eeec2f773e837338c84725ce7f84803d58ddb65ce6df7e15dfa691c6f62077463805dde307c6f557ad183e24ada9a3ed360d54ba862d3b33fb2d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
1KB

MD5
9aae592affc6dbaa8fc94391917a5ed1

SHA1
535b26bfbf33a2f7bf86fead9b252eeaed92291c

SHA256
96c1201bebe0510070082f513a947a3bdbdb34fbdc807324efc42938a23904b7

SHA512
df6f5dcae56f4f9178671b7560786c0b57ce7a0f67c6bd93b3316e75ce5bf4aac1f6fdebb13c28b1b651bdd1c334af23991c37a9691c3bbf4226b2b1f844277b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
816B

MD5
3c47921e51d718dc5d28fca019535133

SHA1
b66eadb1ddb99889e1ee280d8a6ea90facc93cad

SHA256
66d27908ba95267a0942f72812f19b5785a56985494793ccfd037d18f3df32b5

SHA512
f407b53cabc44aeac0a80b17e6325d6abb06b3762f8c6ec02db831a8e50ac349d40c13cfd7ba896430087d6578f80c2ad906f5b24741736ddb5e58a5a38493fa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
2KB

MD5
3ab4f0ddab2897daa540236e3843a47b

SHA1
d4d355b40fc4ff4de451e7b39e543774f06a17d1

SHA256
2df56af17aa1549e7aaf02c520cb26e1b66b3ed23317fd70e09b4a65e6c2f4d6

SHA512
664ac8ef93f7a541ab8853108d303619df1afc4b8f1763eb7ac1db02c701aee3f7b61243c940f0af4048658f4734ba130dd3b2c9d49d27ffd3a4a1b44bacfff8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
2KB

MD5
c85a79c7653a0850c1b3a469856a22dc

SHA1
caa199827a535fab4bd9acff6442ac4367ce28f8

SHA256
74cf454002c04b695a0e48e32b818d1b024c1e142c5efb85406d22353e75a538

SHA512
13a8f120a3f9d467338cb03883b86be9a9695ac24bfca0f766025654c1ee1ff4878c7ff70c66b9a45f6d238937ef9cdd09b0c724c1ed85df7e142558957b9e2b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
4KB

MD5
2d3bbd7ef73872ee90314f17e042c878

SHA1
b3a38f79b9db94944c510fa7c1e350a4df9b0b21

SHA256
1d8081eaade2eef79ad3530df50c2934a80d68b25fcb776ff207489e1573c10f

SHA512
c16c8390a5ee2f4ca464461fb8851ddb30ee49632717aa0b8a2dee1c6005dca0413541f5c9ef1732f24fe5dc8352c8d92a125ff5ebf7b523c129ccc373c3f6ab

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
304B

MD5
03e74e9b9861b2a2fa5b70487b40e1f3

SHA1
a6d193ce55cfb107fb30a4ce5af783d569f91b7b

SHA256
342a339dca54cba68931c15a45698e0241f9cd9d2bfae2e29eba3733f18942f7

SHA512
61afec85accde3ffa762512b3caf66f5b8cb13f02488ea3be9263343c858c7706402e4454a10bb008e621867023881e4ffd3255a85926ca923563538b7c294bf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
400B

MD5
207d0cc8b12ed15c6a0434b3351dcb5c

SHA1
947b1576d7b2628d84ab9b5a57f378fcc99de448

SHA256
b36e5319fc5e229396c1967cd1754e8edae3eacfe63e476984c27abf1c9df256

SHA512
ffc870290b9e92896c23cbb0d7e4a2051689308558ed74dea74920e428460a571c8d3c21b78a6f235506623e20e6c0683cd31cd5eef9516439fee16e5ed22812

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
1008B

MD5
5e64a78242757f0b82f54813bc6f04d5

SHA1
faf4dcf794a9b87f27d1a9c9ea133fc83355bc5d

SHA256
5c0b1507c6eb265d297bb391feded6a621aba1a73014057e121523c22d63ea70

SHA512
8efdc6cc861c68ee5cc8aa8ba9f9166a5af5dda71d77b12f8ed6c5bd79b33468ffe984bcc989567311bd6504a16281b100bde691891a344d151f242daa610669

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
1KB

MD5
1825c254462987ee1ad7c21cf7441dbc

SHA1
c9915d1ffdffb728dec8de792f7f783e277c3efd

SHA256
c2d2898b28ae2b3818aca8b4cd3c7d024f2f899edc6c51bd3c5b4fdee6cc837a

SHA512
ceefb17bb2c0d0a731689817b545efe937cef85aa131e9171628e6ec99cdf55e8272aa7cce2d75b7bb1c068378dafb96248b677129b2c0e04bbb31525bfad4a0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
2KB

MD5
0fd5fcf2fe76a47dfa0ba92e058fdc98

SHA1
0d77602f6c4209c222d065f74dfe93239cd60973

SHA256
399b7b145c857a443b74ad47277e6035f141004825acf570b538c71f3ce897a2

SHA512
218ee2c5e6d3300f59b173f21707f387178bc4d1e7878de87dc76eb2e0696ef898858bdc822055e492978ad1d86ff57f1e65cf4cf7a4a659d83d733d0a0c8e1c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
848B

MD5
cfe260bb72d90a9dae949b2649bba1c7

SHA1
076b143dc1c1acb79296668435157b9aee5bab10

SHA256
3adcf93bd0be029567ac00cc54b8e7d4fbf5100fc78d4fb8457c48260b0e97d0

SHA512
9d666e28e15f279f3de7c0dac887c70cacffe63efbd7b76ae8e6440746371f6c9c10ee6dd5cce55b1e660d68493b76e15470c6e056be1b3b7d84cf2ff9b524d8

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.1E258AB7133FB4E875F6A57459DE925210E636DDD53630D8860D3881ED85D82F

Filesize
32KB

MD5
e71c5aab7087306ff5efc97d93b117cc

SHA1
146644d71626bbf911ad29d51ca7a182c2f81a25

SHA256
23b54d7a33416711b44c415b0e1d0534bd35fef29e995a6d3be6df90ebb50a81

SHA512
b0751ac479cf16743413767bd253cee62f21d992ffc82c224f9bd3dbdd8a355736ae7b2c361c45f7f1c9f27b219295d176d57c15996b29778eab3035eefdf41b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f761b3adc781877_0

Filesize
19KB

MD5
9d9c5cdda1e24202a9d87f9c5a705df9

SHA1
ee305642b7435499abe4ff08ff6cff1382ade78e

SHA256
11be234119615a1d77405179b93a64fbf54a92c15fb6a228fbd61be70be1873d

SHA512
df256c84a2ad62da85ea14ad14ae9f4ac0354fbca46c1fe285c7d2b7708f0749afc1670f02d19c854a4046e970e20c570db75e3e27489ad8debc6815cc10837f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6723311ae2cf5f1c_0

Filesize
280B

MD5
e0b6f66200a0bb505075f715797876c7

SHA1
25f89690b8b0d42740436450421cc158cb3714c8

SHA256
c665cf2696901fd85d19d71c8a6604b96001bcc2ff75b65f7068bc8d47bbec1c

SHA512
0211df4a9321ae9bb9dcf49f181cf8e7533fde3ccc72a5a858d66c34c79f10a45cce9ff79f19a6d7816acb06441d7e3e72c992def22150b6cc46ec47c161dbc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
b22073a8b34e31a90da87dd736340742

SHA1
ed851c57f24c0874b1263b908c93f71d6d22e52e

SHA256
2a3c1999894f650fcd672ba074b422c1d305e50d2df1f8d16056256937598437

SHA512
7fe0842e0cc4dab8b8ea3d6e8aa4858c821949922cd0671b00e92b22acd20d8d3bfb17c3c4f1f2b2ef5259a5a0a88ff468fc78bc7d59e14d51ee822a7d4ef262

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
1c8146d9a8082be6b0e35952218311d0

SHA1
6b71851a38b132aa8bcf3384e2084eba075a1c92

SHA256
625efc6ba227ddba27fd607871200675fb533d9d06f1e508d39ffb245804f496

SHA512
44bff47260f4702183b5ef05586b247128d4b3feaeca9fe02a2c6deaa894a87d235d48d0d0f3aef86b88256ad2f34352376854820ea200dc1aabf7e3902ab9b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
8416d152f0432cc2c4539b0c7f7b9c15

SHA1
a7b065f108a49b2d21a977c4a91c7df0d30bbf51

SHA256
f9a05dda589d61da875c0d06e260a9bf7524735e0034cc1eac9e951ec7ebd704

SHA512
4231af8ca2707f153b1e4692be4c32ad30c7d6faaa1cf89f58f880b18693b01c5b7ac4e9424b78086ac156b4b71b4db450c6c547d29037dcf3812cdf7fc8d534

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
1fd989880eee12fa1ead8b9b9dd8062c

SHA1
5dd1cf62faa23db8abf51cdf1aa5531fcca8e790

SHA256
3e3d5123c666d230f635d726b09b2113aa1d07c8702e7cbadc944bdbb5a14044

SHA512
be13c5f6c71d5a9391f51d466e0259b3214cfaf929d4675bd3e505229acb4adbab8904515fec78795afdb7746a75cebfb34d1cb68233d36cd7b1ca841e1bec36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
049665425823034ff9fa76daec6712c0

SHA1
ef8aa9be093267d84aba229da5e79aec234cab7d

SHA256
1436a0e81251d6902681f57c5331b8c131772e67f07834067fa405c0201c796b

SHA512
b3e9315bf687d5db87b7bfa106f70ac99edc485c3bf2035aabe92b2ff654137e9e24e8e3fbb23f26a92aaf89bdcab5f8b9836c6480c3fbca64b515c65e5d8957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
b83878bcf8e481ee1df5cff310a585c9

SHA1
9ccdb2eb1015a61267a1ca737576df554f3c082c

SHA256
5a5b0440f5ad91d5114c50de6eed13d90018f6703bc17aa7e7ceacbc8ab04f71

SHA512
ccee6d0ebcbe1382c3b4c6d5992aad16bcd4825e448967106019338032c06e1e590daa2de7949651c507b1f1eb189fd5441338998988e8ab5f94b204952bdfcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8cae2092a4ba04bc343d8ca429d4132a

SHA1
8163eb702ebf71c31c91ae2d35206e15ea334656

SHA256
7889229a8b9515c49030aaaab1f338e21bf96b1a7f2bafc70ed065de979f07ae

SHA512
caec179c12411829348888cea947d822032d43d8f5c8bc01cf5bc23877a5e781ce7b0fe57745c639e7c00f0a5439445483b1481df1550bb6a21e512a790c0c75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
63525140dde0e0e883864a51c82feb9e

SHA1
3f814d4191ee81f761f67c4fe4cff2989a47a049

SHA256
5cd618b7343535e00668426b87a5eff7416c21a08cf2b3faa38403462b07c174

SHA512
499fc90daa32903824880da1a1bdae1051db2539088cf92f7e916b49dd79b72b502eaa3801d0c47bce47c80f0a0a0b9af3cf5f0f2bd324b4a77abe5b171f987c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
663413b9f5d9910be6ce296ee839fd1a

SHA1
63b404c0a735f9858e9ebff4ad46fbd2ff1269e9

SHA256
b5559912d7d2301f6255bc1b5521832b943c6421ea8f07f11f87f66667738495

SHA512
9e5ce00ce8a08fc24c6b213bd8b1ca08b9d1dc98129505e4ac12281a5279bd2e36601abeb15f882cfbfeba956021b86fb682e908ada7b950e867ae8a3b76bc6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
52a167b4cd2bf0c18ca04f88922cf614

SHA1
914986a78f56bedc874370a7a655df9a9a344050

SHA256
33e3a0c292c0bc9756a171c24809bd292c991a71512a35f116cc222e057a9a53

SHA512
0f4c8d69f87dca7c9b2628ef784f34b03afbb06b7ef523ebab498f5903f99f9a41bbe0d7039fc571af8ce3fd6087eaf3648336875a4e8a34547d5703c6bfe450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
6b03238e20d6db55a255f479f44004b5

SHA1
fc03612a31d1c62496a89dd110a2231ac74d9bcc

SHA256
2d124a7488033ac33d1dad1a4790c5a765ba09c17ed15a9eff8234a8990e85c4

SHA512
5a3d2312dfe6d75baea23502fc6418a0c52da1259c3a379c4a8f0191664629c70be8bf05d710710462fae4385b94e5e1c02727d0abf7dc352dbe7298b1d69ea7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e89cdf8f9c6dccee7daf6f945a8d5e33

SHA1
232a9901e2e03bff16a850679629a51c5c151b9e

SHA256
f2c066f757c97dd2f473f955723b1dd3fcee735a5213a4ffa71aa97119eb6973

SHA512
39216bedde4c443b21e14c64f49d9d03c6fdc972e876253d35a221ead2ac2311f55c5d21b76f51d9d33f142dd1679a6ef78819a615ebe7c8c13f97fe35a48050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d5316a489c23c5103fc9e01b6c6bbb0b

SHA1
cfdbc49bf6b778602cc82f8aefb17dd3e52f6cb1

SHA256
3fe0de46e15cfd9302a6c9deda8ae43df0551f5f46dcc70457dc9032564ae888

SHA512
349aa7194448a250ec1c60a8e1efec9be49e6684ec8b2e11beea3f343fa85fe65aa1d6e0a951e2e68bfd1881b07b40abb8b0019b2c4b5bbb422563539efaddc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
a6a07aa888ab12959043ae882ea2ae8b

SHA1
a6c2e4addb5d5238420777db26f25ca1ef3305d7

SHA256
1b330b42ea6114c0b17a36ae14e1a2458d5c2eefff1beb632dc011b879e89417

SHA512
5cbbf67bf9292bba021852d7ef79cf4a59c8b3cb5543aeff2916152dba5be14f00a0d1e492a797bcbc0f96005461b2bcdaf31562768f3fb1e9b0b790cbd11fd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
2cf1c3d9dbd720da6044b0c12d251431

SHA1
4b6b8f2eff4c1470f8325103bfb4ad41359f002f

SHA256
24087fa3105e472139f81996d676877a911b40d4d18aa3a4b289efe3169de498

SHA512
5ebe33cd9ac77a5447b301c612b4c5c1c08726dcd7df18bf86322ec397dcb07f141f2dd482d9f09f824933d732f9e73e7fa84d026f75a1e0f11baf719b08fb39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
3838a0d5ae7a1099b381fe65fa50120d

SHA1
5ed41e0f93c9f714c475b09cfe00eaf4bdc3d11d

SHA256
a445c33ec8b72426b11ff52c9300ca382f7d3db191bf842bdae8d93b6d80b4ba

SHA512
81d18c9f23a93d909b9599d0d057cf85c6f05ec47c35e7257f215e4f7eab572807b33cb3301e084e5ea3c99f0259fde428feb3843757dd50a24868744d9c2f33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49c7211f1b56ae5e8c4e88b710f7459c

SHA1
6f1a494fae3c3abbad264064b17ac9d865ceed76

SHA256
4df769e521fe9426c0775e8fbebd354f6acc995f33516d32f4f1a86a410b0bc2

SHA512
88571b5c7c80749d79a196de542ac29f3a66238e1f7c4d1a7595c33482699433e04e5c432f27a9db1b55493227d203628b4313e8f3dd607ffb3f8c46cc50c07c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
41ce595d6bc9ef17d00e33d1eb2e0047

SHA1
5f4fbf6031421d975f0c638ebc4692e3f3c40423

SHA256
f3898860a76dab79878ebc1b9f105b603b37f5ff7e1eb6c9b54877c6c6716e08

SHA512
95b2e0c5954b34a255773d484e6d6beadd2a41e54ba2efda8c3ed34577a1365b41468c63df70cfb066fe0eb72f0162a4bb176b00c619eab2a55da4bba892a750

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7a8b786e50eed0489c7d9969e85ee475

SHA1
07eda6611617af2f6d89fff0c7c333dd4af98c1f

SHA256
fe55d8974d0f446bed92260ec9150658f64f22ba07862b0853d7e843b76652dc

SHA512
79e7a37688eae046901369a2d0dd427a7b5903d7282286a3efe5b32bc357a93baa721a43500a6d423eb11101489180192a76e55891be338b5d5a9a94b95d269e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
40ee8222cf1f87e0f56bb4fe5d0d1f21

SHA1
6f5fa0ae355f23f98b4c6a1ed3cb93190aeef828

SHA256
1f063ac2864b9a77bf847c1d49bc5e9db84a3d967c9a09ab6a9eea43cd1cb527

SHA512
0990e964e48af17ab25d9fb858c6e43ac77b8e11c51e18440413f9d655af367b754b1fc83778edb0c48cdab16ae6177d587b2abaa615ba32aafa5f24db5e1179

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
12fe0b0062678e7942ab43717337eadf

SHA1
a1c6362691d22aedcde3d9d72927c7c18cff6b68

SHA256
827c147fd90b741580702123458ea6412e5e8889c3bfd23363babcaee832f564

SHA512
3d06359400d13e5a50a703bdfa1d54a4737b6b943ca19ff0f3aa5710ad8bf4cfd46959c3636324c3a531750c1cd29276b5284fb7a33fab15fafb71a79763daf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
429123d07de32d8caec23f3343318412

SHA1
31fd9d172dc501e30cb77401a1df40d15bb546bf

SHA256
426e0eaff82a4b432daa9158b0d2b2685e45f231c685e86f6fb04a151f974379

SHA512
80508db1436c43d95022bee8a2c2b2a1c95e7f374202854e727505ee0e0405e2d6b06dd876bd405a76676c8edf100d5fe7a700d1487373fef94a779a4e499d13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
59c97a5e11fec172fdaf695b47f108aa

SHA1
4825eeff9d6efa50890a269b5d87cf4607d06963

SHA256
a8b25f509e11b9c95c87516ceb7d12513be105e6040b1c88aeb92405735e67c0

SHA512
1f60845c62bfe0c4526f1f29464993c552f9a8a8b5ca45471206e6ae6af81ada99a105361d15c25e1911741115f60d312bb85fadd2650dcdec71f312d0078507

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fd0bc126711a6262a0ed9f796450ad17

SHA1
71ecbb3bac108a854834588363d0146225b8cfa7

SHA256
a9442034692d9ef5ddced12b1a09453380b92b26cb42cba63575e06f25a32328

SHA512
63edb3e2fb3caae03c3cfbd57ea3a04097c664b7dc7af92c7a0df135d3cdf4b3b39c581500a5e26a1019d5e2bc03a4bddc8420adcccd0007704411ae61228db1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
69f734bf25ad2dc62acb0cd6db053791

SHA1
3cca26d2aad285a92f467d6be4fc844a4706a58a

SHA256
57b2a6c31590eaeefc67aa2293f46005def43c3621a3a6450db6b754447e6692

SHA512
8edc37f74c35b470369869ef7515dedc988bd1c4ded568583f4085ced80363365a54d9c5a57ac582ea78bbdb9948394db5267d03ab5935901693a2eab5aea368

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7a613deec953298bbedb0b6ffe618029

SHA1
58f4582d55de93ca481813232a0b8968f89014b2

SHA256
4a1b44b1f1c9f028fca382db3706d6b225b8cc17f6c7e786f22929d8cc89c07e

SHA512
097ce50cdb8e39a4d28beb4256c37c3bb9fceaf722931695b4a318982dc0180148a33f5f9ad018f0c634878406e3415e5056331e439bba8ba82807c64aad23a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0e0e62cb7db314b72ad9353003d0c436

SHA1
383e293581530b6b36b0e01077f9c70d66d7ace0

SHA256
3068a58b6304758accb1650e5153a12fbe70f82112148818ad8571b10eca4005

SHA512
a0ab0bcc29cdbfe817dbcdd0b9b1a009ef020574b4dcbbe5c9dc4f3b5f2f285ed11930944f340bde75845711df13e0f4c20c44243896b445a931083c1e9ee0a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cc9f1bce3dd1d860eada191e981b897e

SHA1
bc67b49bd44976e05d3544e4d0e59a5d305bcf81

SHA256
90042dd9be8c2f38cbcce3a3971995e3d82b8b71ca1191d59e7d493bbdbcbfa8

SHA512
400b60d89fbf3505c5283e7d082b96c502efdef4abcabd021149f15f57ec87431f9600e4988018593e2199f2fef581b712356920a64c6ce9d03f8dc718cf2b65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9ab5543f4d429065e3e09b75a28bd84a

SHA1
26ac38f2dcea38bd5a06b4f96345c3b5539f7bfe

SHA256
38fe620c089201ebd18be4a434e47f6493b1dc736283c1e4188fed28c28c4e57

SHA512
7c32f03383af5d72294063771dea5d1a38bc8ef8aabd7ce8680e9198befda25f06a1429bf115ef1314d1b618acbcbdcdca1787d7f111eca762f3a248bb77db9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e244965deea96ff29f76b5fc918a2902

SHA1
fc32a353992623fae43bf94a6f50a349aec9c4f6

SHA256
a3ba8892c95e7271b19968190bb962b0f951c95aada646263851e12deaa5954e

SHA512
353ba2e03c56e3775ff0ca233a1dbd3cb896a5a8c10fe27d354bba0f1c7fac4578c934eda0f9dddfa1fbc1efe7a393e10aa699437f1596e0f5e502636560ce62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
af2d58d38f85be6ab74450d1056257ec

SHA1
74a76adaedc11c18357b0fe9279413dd3cbba2c3

SHA256
e7b4b332e3e7bdfe3d7d2468a0bae8feef763e6ab94013b490c422683aac7259

SHA512
e603b7ef271424cebd550dc9aa6ae08125b0dd4eb8405f9abf578865360077f13f600a97d9039dcb45baaf264510557a2b076dc9c5556e66a67e2874e184c680

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e46e54d77525530b93cc85d50085c25b

SHA1
d44bee58196157a4c75ce0ece34a7064e5da2042

SHA256
3e1d2be2f7884ff2df54d06f884d3ac100e83929f178bbbbe8046f4b3be67bfa

SHA512
5219bbb52aa0b0dea70fd2e78df4dc98414a1e21f70ec6db229eeb43ccadb373ed36742f861d203356407d218fba19308b5c8429da1b0d6ce105013cb9d12be4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7a45b6f188dc4445804f3c48211f2a62

SHA1
84edbf5c0c395c0291f8384e6344e6573e7c2a87

SHA256
66c021fb343d020f65031aa83acb404274ec863ae8566abafae305260456510e

SHA512
d2633663e8aae77e16e53704a7516b77ed6a441bc637ae6b3893c8d32d146744bc9734c60f69b652ce7282aa200e315e1b858fd0b1677adf3040beee1fd33c3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c4bf87958d17f3bc997d745ae4cfe580

SHA1
0b0a24ee4f1d28588cc66da4acc6546bb24ab0eb

SHA256
c19c4179e1cc1f1fc35ae0a2fe7e693acf7f665dc61c6434a033b67d903237a0

SHA512
d47b63a36472cb8817d8fcb198a7ff1dfe2b417933dffa131f90daaa02f5d6275ac336280eeba2ff51fe7722e72dfe641c981298c3edd36a333122ef738d90f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cd0b10615abb7b34de8346d5502ad9b0

SHA1
55a1764cad4825524a859c8dff727480a6fe604b

SHA256
02101fd5be48a3e7beba3ec0fb499fa1288dd3c49a326d0af65d29b8c639289c

SHA512
1097a221d5daf41a9c38956adbbc434004d5d311ca4f574c74718259c0ad97006a9b51fba29d3733c576de66b9cd6c5b4a94c61e5872f04cf9386b1925a9972f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
10817f94bc100c4b425f9bb47d572a3a

SHA1
615cf91e1d41e5c588e9e1aab0cd7b0c20278023

SHA256
820eb620a4ef64ec9bd5192f79d3814740d2778d8ae2599885bd562a85e433fd

SHA512
b832596f65c22a10d75cdb1c4038fd50adea3d960c6b42f72ce5b46ef48bac7109edf6ccea8c7fae61457ed2ae03ce690423f6297ac086ab159106628d7907d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
800eceafe118b1c000acee6296e3c2f9

SHA1
5b6b730b2c64862a05e93404dd6a48a3426b7393

SHA256
30007f4cfdb2f886f21f78a9fe25d91d054a15a15c5dea5ee2cf9ab2c3292c7d

SHA512
7da05986ca88a41edac832d4cb96dbb24b639bfc4faf7ec746e98f4164f33c5b98bd788be26e7ef154f3fcb823b32b0c1ab6f401db7a14c78d05b256d3735ec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c758371c0e9f1e9a62f0ed03b3dbc7e1

SHA1
26d11d71628cb1afcd7db789ee7a21916ced7dcc

SHA256
577f41db97501cb15d36a9c90fcc83e88860fec8a61950fa0ffcf0abbb3c898e

SHA512
795550043fa72bbd34470c39fb2b9e97acbdbfedb63f89fed6651451db8e1dad1d19efe95bb07accd3ab84fae4dbffea65de8f88fa98957e42b07425f38e288b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c15ddabc791a2885d6a375f2cc4ad6a0

SHA1
b4bb0cc55fee98c28fca6d8eb22fb4a6d68db577

SHA256
5b5212e724a395b95217e3075ebb7e4b86fb68066712c18de7b7d97416ccaf69

SHA512
b726364c2ba0fa2a2038a1c8f0b78d079dc326d84b3b07c8547d16c5a249df95f097ac0cd4c2f8597f9a62a8d1173dba4fc3cfd590d32ec4d3078ab2909340bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
14ac4ae93b348e1131aa8e1e4f6a69b7

SHA1
0cdcb6a71d9df6fb6c480fbce25e4e7637301999

SHA256
c2d5f37c8bc830bc98933b5860aa28a967094fe0d709a597f731062f70ec3e04

SHA512
5b07bc8e9e0062bc8cf6aeab2ccb68c48361e2adba76ef7adc67bac55c619e1ba6417222a47f467caf121a09351765f1c96dba9b988c83f92bb1370ce40749b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a8d304429013ba341ec382ed05098545

SHA1
87b279f446f6f6a48a7bdd15f092d620d84a14a9

SHA256
b148e3424bb889468afb3fc034c6ca588247de2c80f41d45b1a57b052744178d

SHA512
310af817bf35e369b0190b748347e24b248f617cfd46e6a12be84c2bbd4344a257ab1b205b3d59947a46968fe52d6da8f7151619b637d785a7da24d9d98ab910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fdae9c8e380a0689954e9b44d4dc7439

SHA1
faf4ca81f50df56028befbc36660b7aaa66316fa

SHA256
cb8c2fe89d7c11734111a3d381f38e775b0717aad1867dfece209eb223e4b6ba

SHA512
bed692bbf065be570f13f75db21d20d02f4689be08973ee0da51730f9eaefd2969cb1ac2bf53e7e825446116177cb8d591d54e96724d6e136482969e360e34d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e2931b9e15e883aee77e6a22b97a38df

SHA1
1fcd66415b9a59598ba463babee3cc995f85f574

SHA256
27afb70f56cc899b477893710af19ed4abcdd4785ac20e0b803c8e922c2ed924

SHA512
db0bc1704528b6910a9273a286a3432008c39af204225edc166620d35afda17c77f10957bfe3ac7a4bdf092762ea54cbabe244536bcca5d9b6a065ebb58dafd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0b2f8a0b705aa224042538ec93bbcef3

SHA1
076608f4b805aef9804bae65078d3c3ef24c36a1

SHA256
7890abda35bbff550608b3c0585773d27b2f5c377eae8dc89fe2e8b9112997c3

SHA512
6df3d58c2a7fcbe6911e08e2472deb8ececa718b57ee97a53588eba145e54b2f75ce16b581aefc755a9154baa19981eb2aeea24673c668ef74db998e91d27fb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b085a3d8e5153884e48a5949d310a819

SHA1
665357b8efac484478c72a87e8f636bd47923d8f

SHA256
70004183699ec7a332bcfed2254d1a996e635bd2541bc137c944ab230acddcee

SHA512
9500f5d84f5d8a47d229147b4ace568ffe7eadb6b3314dfe9faa00c3108ec2057462ad30da3ce73879439873fc05289cbc4a5bff328faa7be4a5c8744dc1e956

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
29ccda1d18ab0f8b792f724bfbaef5b7

SHA1
da61300045e454a14d6e4e65c30f2896d2d4f1e2

SHA256
e86d3bd389782f41db93af39e0900d19ee43f24f3c60bf313fa9f3d64357a0ea

SHA512
37a780d3990bb222a67611f0c65248916d3dc073bd192434dd88f4d53ae88c419e19af7c620429f1337ebc3b1120554e16a57c0608a4bec827ba8937134139d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6f87956fe157bed04cac0e1a4ba61527

SHA1
4b79d456c6d9a00400ae0459f9a07947446c989d

SHA256
f9256d89514a491f35ba59c63496c39e67c37bed3a4754aa8dff637cd1cb3e71

SHA512
cf05aeab132b109d6fe872e2ca6ad9b8293dc834292b0f921e5c03bb9c1d8e0b851e397795d16148d471ab3825800f27b08903474052d3792d10ccd2ae4d5478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8dd201eb2c27bc581bd1a96cbc4f5452

SHA1
05b348b077fb92294e48ed92e40bbe09c5fd217c

SHA256
5e19898baf05412551e74ae6440068f2dd80e15476430275f27a0ead14035e49

SHA512
03358508b7b308e2c70646ce1891ac973608d713b58386f22cc4f46a0581c497ddb0ab32af307a9349f4796dd95aba38e495229807c5a8eeaa7b4064ae3d54f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
34749d36364fc0679b2998b68a1632c8

SHA1
884d17fffe231ab1459642a1b706b9ce5b360617

SHA256
b97909dab80d5c5bc4d2aa7439244ce5c30892f8fb26731367e0b92b7b200882

SHA512
0d67e1704436c22268c76b54824b1e6130e426d0f155cf2d114996e02f5e2b966835a8f762c29bd7b372c0f0d271643ac83e67eef29073a69f446cda5216d24f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c30894a86b06619eb29162c0c7fef64b

SHA1
a6c725a625013954768b280f64310976380140f2

SHA256
7d0d97d2b16e4a518b04095150ba20c79519cec818f35a12bb96b48940ad2386

SHA512
ab35d3f5fcf3a197dfd6d11fa2c0ac7ab5d1546d760ff1de389d145640091607b2b6c9f73c09c3a4f6a5c64a83c356cbf5d5b586c3a0c80a66c06a403c3e418c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7a26afdda17ed04e7b500dc11b6315a

SHA1
06a8c19eaa836585ff38cbe9c201d1b61f24fb70

SHA256
5952856a7814f08fcc661462882b0b3729c6fcd4610f9398b0e4aa9b40a21d24

SHA512
101b7029725d67502fe3767ce6cab6d40ad60878ebbcd9015277243864232e34239e98f750b4016e5f3bce438f4282935f6ec826163330137cdbef1f25b09c37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3d687c97d04301ac8ebe23f16e5aba62

SHA1
39131ddc6760692b2db1421e12855822552b17e4

SHA256
3bd79d100a0bda0584324a70e13e0d2dc5d5df523cc31c6ddee7fad3e689b98f

SHA512
3268a6e17eec89a7197a4e10fccd4444fc97598e69a95c991d7b2052c55a80d0d4938c982e9abc9489b47abec03ebed3cff51b5cfae175bc6e5089a4d1f0ff1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bdd34f35a909e37a810ee82e0b471e9e

SHA1
f7487d9cedd3f841830dcf53b797bfd2b209b627

SHA256
c4d878bf28890a8938beaf44c27ade93839ca78cd3bf5b8586aadb15e57ec6ee

SHA512
5477ae28ba6a177d0e4adf38c140b8146c33df6032500502d7b98ada29fe42bf16ff379f08b90eed55c8bb780edfc71a379f4f85850264701b9ae9d0560448cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6e4a263810ed6211d068624b82fb062f

SHA1
0ca51823bd8ebd3add906017f7407419bbe28a94

SHA256
07ae335b24807a019663494755f22f0a1315900cc0ae44dbe655f3739b6b9eb8

SHA512
249c0e997c4e17a47d1e7a0372f014451d7b166d7fb8bc562b03f88b3f249222c21a19c5251aaa97a52ba2e664fdad8ebd1f95ed84b3567f24cdaba6aab0e931

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a1613d4fce050e7934e78581b430b30a

SHA1
94854b3d93c7093053ec3dc239a51d0e2d87c8c8

SHA256
c482da0289843b6aa90da6a1cef5509af8ac2ee30d44561a61c169e223340303

SHA512
4322e50f1fed95249ac83826b9ab7d29d5280c9af4c9fee41a4c57f96b4e1b04366c9a62f0406b66aca073b1c40989230b50759c0a35b95fd0fec717c1f1cf8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
8c405cddfd8b49dc471831de5c10ea98

SHA1
5e046a1a526b3d837257eb767f41309065c52d90

SHA256
c24cd786261d85eb76d89935e5b83cc6219dfe27643d868076cfa12d783fc9ea

SHA512
5a81e11f9220f3cd216bd82e52e25e078ca52ecd1ea89ee0ea43ba09152e981527a03f5f3ae8236f29eef465fe6ab7258bf9d489a573313991367247dc588eb5

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Banking-Malware\DanaBot.exe

Filesize
2.7MB

MD5
48d8f7bbb500af66baa765279ce58045

SHA1
2cdb5fdeee4e9c7bd2e5f744150521963487eb71

SHA256
db0d72bc7d10209f7fa354ec100d57abbb9fe2e57ce72789f5f88257c5d3ebd1

SHA512
aef8aa8e0d16aab35b5cc19487e53583691e4471064bc556a2ee13e94a0546b54a33995739f0fa3c4de6ff4c6abf02014aef3efb0d93ca6847bad2220c3302bd

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Banking-Malware\Emotet.zip

Filesize
102KB

MD5
510f114800418d6b7bc60eebd1631730

SHA1
acb5bc4b83a7d383c161917d2de137fd6358aabd

SHA256
f62125428644746f081ca587ffa9449513dd786d793e83003c1f9607ca741c89

SHA512
6fe51c58a110599ea5d7f92b4b17bc2746876b4b5b504e73d339776f9dfa1c9154338d6793e8bf75b18f31eb677afd3e0c1bd33e40ac58e8520acbb39245af1a

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Banking-Malware\Zloader.xlsm

Filesize
93KB

MD5
b36a0543b28f4ad61d0f64b729b2511b

SHA1
bf62dc338b1dd50a3f7410371bc3f2206350ebea

SHA256
90c03a8ca35c33aad5e77488625598da6deeb08794e6efc9f1ddbe486df33e0c

SHA512
cf691e088f9852a3850ee458ef56406ead4aea539a46f8f90eb8e300bc06612a66dfa6c9dee8dcb801e7edf7fb4ed35226a5684f4164eaad073b9511189af037

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Browser Hijackers\BabylonToolbar.txt

Filesize
57B

MD5
2ab0eb54f6e9388131e13a53d2c2af6c

SHA1
f64663b25c9141b54fe4fad4ee39e148f6d7f50a

SHA256
d24eee3b220c71fced3227906b0feed755d2e2b39958dd8cd378123dde692426

SHA512
6b5048eeff122ae33194f3f6089418e3492118288038007d62cdd30a384c79874c0728a2098a29d8ce1a9f2b4ba5f9683b3f440f85196d50dc8bc1275a909260

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Amus.exe

Filesize
50KB

MD5
47abd68080eee0ea1b95ae31968a3069

SHA1
ffbdf4b2224b92bd78779a7c5ac366ccb007c14d

SHA256
b5fc4fd50e4ba69f0c8c8e5c402813c107c605cab659960ac31b3c8356c4e0ec

SHA512
c9dfabffe582b29e810db8866f8997af1bd3339fa30e79575377bde970fcad3e3b6e9036b3a88d0c5f4fa3545eea8904d9faabf00142d5775ea5508adcd4dc0a

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Anap.a.exe

Filesize
16KB

MD5
0231c3a7d92ead1bad77819d5bda939d

SHA1
683523ae4b60ac43d62cac5dad05fd8b5b8b8ae0

SHA256
da1798c0a49b991fbda674f02007b0a3be4703e2b07ee540539db7e5bf983278

SHA512
e34af2a1bd8f17ddc994671db37b29728e933e62eded7aff93ab0194a813103cad9dba522388f9f67ba839196fb6ed54ce87e1bebcfd98957feb40b726a7e0c6

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Axam.a.exe

Filesize
11KB

MD5
0fbf8022619ba56c545b20d172bf3b87

SHA1
752e5ce51f0cf9192b8fa1d28a7663b46e3577ff

SHA256
4ae7d63ec497143c2acde1ba79f1d9eed80086a420b6f0a07b1e2917da0a6c74

SHA512
e8d44147609d04a1a158066d89b739c00b507c8ff208dac72fdc2a42702d336c057ae4b77c305f4ccdfe089665913098d84a3160a834aaebe41f95f4b4bfddeb

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Brontok.exe

Filesize
106KB

MD5
d7506150617460e34645025f1ca2c74b

SHA1
5e7d5daf73a72473795d591f831e8a2054947668

SHA256
941ebf1dc12321bbe430994a55f6e22a1b83cea2fa7d281484ea2dab06353112

SHA512
69e0bd07a8bdbfe066593cdd81acd530b3d12b21e637c1af511b8fee447831b8d822065c5a74a477fe6590962ceff8d64d83ae9c41efd930636921d4d6567f6f

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\BubbleBoy.html

Filesize
12KB

MD5
bb7b91d1685db89b58ac01a72921e632

SHA1
4a1dd457983a7f1bbc7943eb5fca3da6d93d4176

SHA256
940a563df059604ac0dc6a92a845da2f04236b86887208b89969b70c6781c3f8

SHA512
09e26d197b22a4553e2e87a9ee0957700766c2dcd11157b5b71744d67abfa30d71d45c7bf1081bf9337527e3b8aabde99b09bd2bd30aa302329ebf480078307e

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Bugsoft.exe

Filesize
32KB

MD5
70f549ae7fafc425a4c5447293f04fdb

SHA1
af4b0ed0e0212aced62d40b24ad6861dbfd67b61

SHA256
96425ae53a5517b9f47e30f6b41fdc883831039e1faba02fe28b2d5f3efcdc29

SHA512
3f83e9e6d5bc080fb5c797617078aff9bc66efcd2ffac091a97255911c64995a2d83b5e93296f7a57ff3713d92952b30a06fc38cd574c5fe58f008593040b7f0

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Duksten.exe

Filesize
9KB

MD5
900ebff3e658825f828ab95b30fad2e7

SHA1
7451f9aee3c4abc6ea6710dc83c3239a7c07173b

SHA256
caec6e664b3cff5717dd2efea8dcd8715abdcfe7f611456be7009771f22a8f50

SHA512
e325f3511722eee0658cfcf4ce30806279de322a22a89129a8883a630388ab326955923fa6228946440894bd2ef56d3e6dfda3973ea16cc6e463d058dd6e25ce

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Emin.js

Filesize
2KB

MD5
d9fd66a813b647e9461e654ba80db7bc

SHA1
075344db68a3b4bb3f549c0cb79c672aaed70b87

SHA256
3db96ebba9a6875bb058a3a2a4457165103f8ed51183cf4d79a525c959602499

SHA512
55eafa2716d45a629aadb1422dd240609faa9f55c7ec4488569e6fb15298a586b7ed5a95060329e76dd4b272edce8954ea18be5f238d4cac70fbf59a391bb09f

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Funsoul.exe

Filesize
44KB

MD5
a13a4db860d743a088ef7ab9bacb4dda

SHA1
8461cdeef23b6357468a7fb6e118b59273ed528c

SHA256
69ee59cee5a1d39739d935701cfa917f75787b29e0b9bda9ada9e2642ade434c

SHA512
52909b5fcbf00ef4025f6051ee1b8a933fc2a0bd7a292fe25fac708f358e7c96d6d31ba263d07128d56bc614fcbd053b2fa1249024a8138baf30da8ac5f54806

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Gruel.a.exe

Filesize
100KB

MD5
b0feccddd78039aed7f1d68dae4d73d3

SHA1
8fcffb3ae7af33b9b83af4c5acbb044f888eeabf

SHA256
5714efd4746f7796bbc52a272f8e354f67edfb50129d5fdaa1396e920956d0d6

SHA512
b02b9476eeb9c43fcfef56949f867c1c88f152d65f3961a2838b8bff02df2383945aefb9a8c517ac78d79b5a9163c7677f5b6238f4624b1966994c9c09eb428d

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Happy99.exe

Filesize
9KB

MD5
02dd0eaa9649a11e55fa5467fa4b8ef8

SHA1
a4a945192cb730634168f79b6e4cd298dbe3d168

SHA256
4ebe3e1af5e147c580ecce052fe7d7d0219d5e5a2f5e6d8a7f7291735923db18

SHA512
3bf69de674737ca15d6ff7ce73396194f3631dc4b8d32cc570adeeacdc210acee50fd64c97172ce7cc77f166c681d2ccd55955b3aca9188813b7ff6f49280441

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\ILOVEYOU.vbs

Filesize
10KB

MD5
8e2c097ca623ca32723d57968b9d2525

SHA1
dccfb092fa979fb51c8c8ca64368a6f43349e41d

SHA256
556700ac50ffa845e5de853498242ee5abb288eb5b8ae1ae12bfdb5746e3b7b1

SHA512
a468476a8463c36c2db914e3fe4dc7aee67ac35e5e39292107431d68ab1553ca3c74255a741432ba71e8a650cf19eb55d43983363bfc9710e65b212fba37bbde

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Jer.html

Filesize
4KB

MD5
ecafc7fa4592920ca0948de98493a758

SHA1
6ed9a12aa6d586bdcb1b56c65411e75c539408fa

SHA256
390e460334ec801fdeadb511d7404ff2c8b7a0a945a0c763d0b3354e15639dbf

SHA512
27316d1836dfeb7b5f263d2371c3a8f4bb18ef6ee248955940a5d75a597161ab152b8e2d6092cf416bf326b629c2e6babda271b8a1e8977dd6d1f7b2317b876e

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Kiray.exe

Filesize
13KB

MD5
f22ae972aee081ec86faa30e73d9675f

SHA1
a559057e10f7e524688043ca283e2380739d6744

SHA256
166865fdb90e7964e7ea57a282343026d878230215e5694145f88a8afb56132f

SHA512
80c000c1ee73a402d0960ee768272096541786eacda7b938f9791ca3da067f5838c6850c74dff466cccde11851989062328b4a3d87b2eb99a6cac0efcf45f4c1

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Klez.e.exe

Filesize
86KB

MD5
f2db87b351770e5995e9fcaad47d9591

SHA1
4c75bd93f458096fbc27fa852e16ce25a602f267

SHA256
3113fa9a3cf00ed423a2c686a2ffb19586f6a047747de65a93436a7dca8fcfa7

SHA512
608e74274b555a239534a9d43514e07cb8aad9b13baf4cc383e8c21ea4e9ebd36162dc0b4bf30a0975c334facf23d6e63742e2bbe4ba400e80d9f191893a84fc

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Lacon.exe

Filesize
12KB

MD5
cb0f7b3fd927cf0d0ba36302e6f9af86

SHA1
32bdc349a35916e8991e69e9be1bd2596b6321cc

SHA256
9b3f73a12a793d1648f3209e1e3f10bbb548b1ec21d53b8ac060b7b95ae4ef1f

SHA512
e6152f3645d73c63f3f3aa9881fe8b404f9794b14a8ecaea659621828462baf042c13c88bb7f2c32277fa854ceda3056d09aa5603e92b107c6c8194464154252

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Magistr.exe

Filesize
107KB

MD5
9890349fe3c68f5923b29347bba021a4

SHA1
fa080a50486b205b75833a6b5c9505abb1e3b4df

SHA256
068f2ee28af7645dbf2a1684f0a5fc5ccb6aa1027f71da4468e0cba56c65e058

SHA512
aedd86837987cbe8c0b1cf3b4ca0c3a875e4cc9bcc8097c160d0d6070427ad9e1d871d5339ea95cc03499c39a6536b5a6b6d43372a49eeaf2e87bf755a3d3367

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Maldal.a.exe

Filesize
80KB

MD5
cbcd34a252a7cf61250b0f7f1cba3382

SHA1
152f224d66555dd49711754bf4e29a17f4706332

SHA256
abac285f290f0cfcd308071c9dfa9b7b4b48d10b4a3b4d75048804e59a447787

SHA512
09fdcb04707a3314e584f81db5210b2390f4c3f5efa173539f9d248db48ae26b3a8b240cf254561b0ecb764f6b04bb4c129832c6502d952d1960e443371ce2a9

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Mari.exe

Filesize
44KB

MD5
6513e97cffb6656fd7b5a29859fe47d3

SHA1
9ea95b90f501fa4b1fd4798622e7d736413d56f5

SHA256
efb67be90882ded2d3e53e463ae175a4b4b5229ca6929b835fa7dd4687801144

SHA512
87b34e2f980f446b0372815ee54942d42439c6b063f934f78b8ac1f8f04c9a8a48a2674621e83f62d0d2eae59f134a9eb6e033c698da56ddb8b3919d1f4e59ec

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\MeltingScreen.exe

Filesize
17KB

MD5
4784e42c3b15d1a141a5e0c8abc1205c

SHA1
48c958deba25a4763ef244ac87e87983c6534179

SHA256
9d355e4f9a51536b05269f696b304859155985957ba95eb575f3f38c599d913c

SHA512
d63d20a38602d4d228367b6596454a0f5b2884c831e3a95237d23b882abd624de59ea47835636b06a96e216f1decf8c468caacd45e5d3b16a5eb9e87bc69eb97

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Merkur.exe

Filesize
44KB

MD5
e6f8f701d646b193139cf0a92229455f

SHA1
b7747d41fcf52c3611af1153e46183dacbb3c709

SHA256
7e89fabfdbe214bf6a6f9730f3e451e69f752b62bbd54c0a81d2aae2320abd2c

SHA512
135d69ed4b3acdeaf45639090cefd48fa02f9ff1fb168d249717d0e2d3295530b697d8ff3fea84fa20a66aeb99437e5b0f2a2c3936f2a109c1068816263003ae

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\MsWorld.exe

Filesize
128KB

MD5
7bd8a009b84b35868613332fe14267ab

SHA1
d36d4753aab27c6c5e253b9926406f7f97dc69a6

SHA256
56511f0b28f28c23b5a1a3c7d524ee25a4c6df9ac2b53797c95199534f86bbd2

SHA512
ad8e121f601f6698d720181d486da828781f729ca7880fb35c6fc70f021197e4a508dc46d980108a168ef2c6c89a62f3140e676ff71a1e40ea3e397ad0c63261

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\MyDoom.A.exe

Filesize
22KB

MD5
53df39092394741514bc050f3d6a06a9

SHA1
f91a4d7ac276b8e8b7ae41c22587c89a39ddcea5

SHA256
fff0ccf5feaf5d46b295f770ad398b6d572909b00e2b8bcd1b1c286c70cd9151

SHA512
9792017109cf6ffc783e67be2a4361aa2c0792a359718434fec53e83feed6a9a2f0f331e9951f798e7fb89421fdc1ac0e083527c3d3b6dd71b7fdd90836023a0

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\MyPics.a.exe

Filesize
33KB

MD5
94ec47428dabb492af96756e7c95c644

SHA1
189630f835f93aaa4c4a3a31145762fcbbb69a32

SHA256
0ae040287546a70f8a2d5fc2da45a83e253da044bf10246ae77830af971b3359

SHA512
deff74df45328126ac4b501fc6a51835eeb21efa4ae6623328797d41caef6a247b47fc1c245fc8f1d434c0eea3b7c2801b65ed4957e91a50e7b73522502e0454

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\NakedWife.exe

Filesize
72KB

MD5
da9dba70de70dc43d6535f2975cec68d

SHA1
f8deb4673dff2a825932d24451cc0a385328b7a4

SHA256
29ceeb3d763d307a0dd7068fa1b2009f2b0d85ca6d2aa5867b12c595ba96762a

SHA512
48bbacb953f0ffbe498767593599285ea27205a21f6ec810437952b0e8d4007a71693d34c8fc803950a5454738bea3b0bafa9ff08cd752bf57e14fedf4efb518

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\NewLove.vbs

Filesize
7KB

MD5
d2b8ea4a267c69040c7d3ad80f64f8ba

SHA1
ac2296b3fcaed80221c78d3a3cd9180b86bd33e7

SHA256
aa14a4bfb1e6de52750cc89b91cacbe8bd318634ccb54fa835f5e2c5d1d2f633

SHA512
4a0cbd391ae029a2262e43320c96e3f25d1f4893eb4f144cb90f248d364c11e98f6440d74a413417eee5bd9fd0c0968d53e1c4a58d8617ec80cef876759e4758

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Nyxem.E.exe

Filesize
128KB

MD5
a0bdce2f937ffbb7ba548845b24749c0

SHA1
b79bbd469ae9cf3bb89adb354cd0a31ce8aceebc

SHA256
62f8364c46300bce2e75c4cc65039de3f060b854764dd90f0fa656efaf31bea9

SHA512
fd36fca722a6ff0b280f212232d92810f41e55d3832ddb14aa9eaeb269da8842ccb57709695860e502a0dc6529fcc63fdfd72de792b795b0d5f267deb45e3ea2

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Pikachu.exe

Filesize
32KB

MD5
715614e09261b39dfa439fa1326c0cec

SHA1
52d118a34da7f5037cde04c31ff491eb25933b18

SHA256
e1dfc005d5403fb2f356276f0abe19df68249ce10e5035450926d56c2f8d3652

SHA512
fe905c388b0711f54941076a29b11f2b605655b4a3f409d9f0f077f2fe91f241401035310daa490afb6df50a6deff5456be5ee86984e7b9069506efa07af51ae

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Pleh.vbs

Filesize
3KB

MD5
55cde934290e89ae29f92ff118b6280c

SHA1
e13989a5ba4dba2cbc7c2a779b06f381266c32c7

SHA256
dc98a3995c8c9db2897b3dcd603d0a55e9d6b42cb3900f9b5666dbb461172197

SHA512
011822883aa21cd328582dadae90190b0d51040d6c7b05463584997a1c2f67e4c9655f2e80350e8c87c4d3c073ab0d80ff9bc6459d85f03e85ff1a6db9f28157

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Prolin.exe

Filesize
36KB

MD5
65eeb8a0fce412d7f236f8348357d1c0

SHA1
c31af321819481bcc15b2121f3b5c04481eaf525

SHA256
db0c7e3029fb2a048e7a3e74c9cbf3e8bcec06288b5eafac5aae678d8663bffc

SHA512
fad1b721a6420984e13d2278b1d6b5bd70442ab3517553682880a9a8d90f9d47000ad6069cb68d3218d01bc23f771936bcce2529b646501984b954ae9e9ce573

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Quamo.exe

Filesize
56KB

MD5
a1f722324492fda51077449ec2db2827

SHA1
e4d8d27d77f8c2f5282a899a48184c40939c1665

SHA256
fc2ced1d89845dcfae55b6e854cd0e622fdf98baeeb4a67a60852ecd1212f93b

SHA512
6c30ce6a2055300990a951ab487039d92985271a06123d81864495bebc88fb6790be81397f729be4dfb2667d5bad506f51ce93426e4f9369f93fe5c832d8c9e9

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\San.html

Filesize
4KB

MD5
2e69f2fa1dfcf256549cca809cc4c9d6

SHA1
796e225ec50ef26eb3eeb9eaf2cab12ba2d9b75e

SHA256
49151419f15b1bf00dc4d5b1d988d9c2669d1e4e46c62cf2b0db3c89cd0293e7

SHA512
f0f90fe8546f4bf3717efbe5c240e52661123d2324b74356e0d92a110fd2c1f9559cdbc8a1d8bc254a8856c9bbfeb47f4d959d1a5cf4c693ddca46d8c88ec811

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Scare.hta

Filesize
6KB

MD5
b4978d1e7542eafdc7b3908a5f45b8a6

SHA1
b68ed71afa32b7ba4de42feb7e0c4da2f6ff5a57

SHA256
1a8083787b336b322510f93d930f52aedeb90d2052501e864bfa5b1906e74d58

SHA512
def529cdd9216219e1ba55dca52a119de87556db0ee1c1e2f8d6257ac99b59c6015e5db23f2dfa94bdc4ba3712f5ab2caad061e5ff77c56acd4a3a8be54cdd1a

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Trood.a.exe

Filesize
10KB

MD5
47d1f48a127736e63aad709ddc9d81d0

SHA1
36e2049448fbdade83e14aaf9c947a2d1d4fe29e

SHA256
24dd269b4d5edeb591ad992db33553d90f1848f58c06c9dd9fb3cdb4eaf812f5

SHA512
d9446385c5f1f341dd575bf9d3fbc9062320b745c150f4101390577723dbc77a9ef0a01df3fdd7e394f438be1aca4479c94d3e4451b81e1d759f26f71fb19b16

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\White.a.exe

Filesize
40KB

MD5
dff252d337a54d73c67e38bda06b72ec

SHA1
09b52d41da4e5c798de7cc1a5602783284d035e9

SHA256
c0acebefd398f733123173adebaac32c9be2c2d52fcb17f6aff72be04f3569c4

SHA512
b95b7ecadbd8c3fba0c64fe27ab042bda75ad0b7ea9d9df76acf7ab7eb31e41a0dcfd515ccd441db4f3a4f6c71fab9bde3549007b505e0294111b24967950728

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Winevar.exe

Filesize
89KB

MD5
e79d0b1a342712ea9b96104086149d65

SHA1
a10177aafebb035e104eb22d30bdacb3894e0e1e

SHA256
e68ebecd17bb8e91079bd4fe9bd24059a2bc007b4baac477127eda7c5d5c6706

SHA512
f8cf1b773024784fe28f29af2200ad1d8f333b0dc251a1d39bef5a988c0c08c24328a6d9bbeea0370454c46c76835887f4792a55ec4f21608fa60b26977f27bf

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Xanax.exe

Filesize
33KB

MD5
df24e1ccceb3c75dada950a1c1abca4d

SHA1
dc8120829a5593a3246d7bad126420282feaabca

SHA256
910c03d210381f0443bfcefe682717f28378dcfe5415071dd127a9837a97b0a6

SHA512
0df46654815eaeb13eca7e2bcd0fff6c62f34ddebe237dda41fc8dabfbf3512ceb12ef06a7c2bf9fcc52e0a4f87a886743b541d5b5b616eb9954e83892c429c7

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\Yarner.a.exe

Filesize
427KB

MD5
64218ac85566808ee404a3e2aced679c

SHA1
8ee5a75d89b03f07d3b51907815bbb425a69975d

SHA256
c8b59505e578d555976b6176732c1f19fd76860cf465cf1427e1dfa50622e067

SHA512
19680364e2caed60e68afdf73985fa49681ed6be9e7265a1aa3b5b6153644347269e609be643a9f77bd552d58d3fbfe860f6271905a57d100e33bf1f77091b1a

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Email-Worm\ZippedFiles.a.exe

Filesize
205KB

MD5
0e10993050e5ed199e90f7372259e44b

SHA1
2e7a515c81926ef8a3e1e533c2f58f57fdbfade7

SHA256
8f533a5adb18c8e02779636e9d7dbb4a6cf13e4f60ee435b9afc3504b308d68a

SHA512
d98b5c7a2d307451866a11bae8b3c7524d968c03e40bf1daa5110b8650c9edbf6b64cfed1052574ebd723e73b4c614358b3bc6442d1a21134c157971989f4d1d

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\README.md

Filesize
57B

MD5
da53941085b635d68bba6cfd5ec25b41

SHA1
3a1fad738f5576ad8eeebaaad7f85aea1110136c

SHA256
f14b23fe8a5835b3451b2c099ae01afc77aa8a84067621cc80b31fcb5b827a32

SHA512
c3f2be04c0c805260372174d57db68e94039a6657c7b2ddd8c71cf07c7bbfbb6b4065beb037956b574f413a268461d7a551109c9cd2fc39113d54b13e6637556

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\DeriaLock.exe

Filesize
484KB

MD5
0a7b70efba0aa93d4bc0857b87ac2fcb

SHA1
01a6c963b2f5f36ff21a1043587dcf921ae5f5cd

SHA256
4f5bff64160044d9a769ab277ff85ba954e2a2e182c6da4d0672790cf1d48309

SHA512
2033f9637b8d023242c93f54c140dd561592a3380a15a9fdc8ebfa33385ff4fc569d66c846a01b4ac005f0521b3c219e87f4b1ed2a83557f9d95fa066ad25e14

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\InfinityCrypt.exe

Filesize
211KB

MD5
b805db8f6a84475ef76b795b0d1ed6ae

SHA1
7711cb4873e58b7adcf2a2b047b090e78d10c75b

SHA256
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf

SHA512
62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\Krotten.exe

Filesize
53KB

MD5
87ccd6f4ec0e6b706d65550f90b0e3c7

SHA1
213e6624bff6064c016b9cdc15d5365823c01f5f

SHA256
e79f164ccc75a5d5c032b4c5a96d6ad7604faffb28afe77bc29b9173fa3543e4

SHA512
a72403d462e2e2e181dbdabfcc02889f001387943571391befed491aaecba830b0869bdd4d82bca137bd4061bbbfb692871b1b4622c4a7d9f16792c60999c990

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\ATF8Baddies.exe

Filesize
32KB

MD5
eb9324121994e5e41f1738b5af8944b1

SHA1
aa63c521b64602fa9c3a73dadd412fdaf181b690

SHA256
2f1f93ede80502d153e301baf9b7f68e7c7a9344cfa90cfae396aac17e81ce5a

SHA512
7f7a702ddec8d94cb2177b4736d94ec53e575be3dd2d610410cb3154ba9ad2936c98e0e72ed7ab5ebbcbe0329be0d9b20a3bcd84670a6d1c8d7e0a9a3056edd2

Download Submit
C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Floxif\Floxif.exe

Filesize
532KB

MD5
00add4a97311b2b8b6264674335caab6

SHA1
3688de985909cc9f9fa6e0a4f2e43d986fe6d0ec

SHA256
812af0ec9e1dfd8f48b47fd148bafe6eecb42d0a304bc0e4539750dd23820a7f

SHA512
aaf5dae929e6b5809b77b6a79ab833e548b66fb628afeb20b554d678947494a6804cb3d59bf6bbcb2b14cede1a0609aa41f8e7fe8a7999d578e8b7af7144cb70

Download Submit
memory/764-5048-0x0000000006160000-0x00000000061C6000-memory.dmp

Filesize
408KB

Download
memory/764-1037-0x0000000000240000-0x000000000027C000-memory.dmp

Filesize
240KB

Download
memory/764-1038-0x0000000004C70000-0x0000000004D0C000-memory.dmp

Filesize
624KB

Download
memory/764-1039-0x00000000052C0000-0x0000000005864000-memory.dmp

Filesize
5.6MB

Download
memory/764-1040-0x0000000004D10000-0x0000000004DA2000-memory.dmp

Filesize
584KB

Download
memory/764-1041-0x0000000004C20000-0x0000000004C2A000-memory.dmp

Filesize
40KB

Download
memory/764-1042-0x0000000004F00000-0x0000000004F56000-memory.dmp

Filesize
344KB

Download
memory/2224-980-0x0000000010000000-0x0000000010030000-memory.dmp

Filesize
192KB

Download
memory/2224-978-0x0000000000D70000-0x0000000000DE5000-memory.dmp

Filesize
468KB

Download
memory/2224-977-0x0000000010000000-0x0000000010030000-memory.dmp

Filesize
192KB

Download
memory/3384-3841-0x0000000000A40000-0x0000000000AC2000-memory.dmp

Filesize
520KB

Download