infinitylock | hxxps://github[.]com/Endermanch/MalwareDatabase/raw/master/ransomwares/InfinityCrypt[.]zip

Resubmissions

09-08-2024 16:13

240809-tpk5wasfll 10

09-08-2024 16:12

240809-tnvb6asfkp 6

09-08-2024 16:09

240809-tl9ztswfnh 10

Analysis

max time kernel
99s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
09-08-2024 16:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Endermanch/MalwareDatabase/raw/master/ransomwares/InfinityCrypt.zip

Score

10^/10

infinitylock discovery ransomware

Malware Config

Signatures

InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
ransomware infinitylock

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
28	raw.githubusercontent.com
29	raw.githubusercontent.com

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\images\themes\dark\s_thumbnailview_18.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\drvSOFT.x3d.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\ro-ro\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\ind_prog.gif.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\plugins\rhp\generic-rhp-app-selector.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\en-ae\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Internet Explorer\ExtExport.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Multimedia Platform\sqmapi.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\createpdf.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\selector.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\fi-fi\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\Dictionaries\en_GB\README.txt.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\hu-hu\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\pl-pl\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\files_icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\next-arrow-default.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\fr-fr\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\nl-nl\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\ar-ae\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Defender\es-ES\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\nb-no\PlayStore_icon.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\plugin.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\plugin.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Mail\wab.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Multimedia Platform\sqmapi.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\da-dk\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Mail\wab.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main.css.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\Comb_field_White@1x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\scan-2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\images\dd_arrow_small.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\ca-es\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\SY______.PFB.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_ecc.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\icucnv40.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Microsoft.VCLibs.x86.14.00.appx.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win8-scrollbar\themes\dark\arrow-down.gif.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\goopdateres_ar.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\EdgeUpdate.dat.LOG1.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\eu-es\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\HomeBanner_Light.pdf.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Defender\ja-JP\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\s_filetype_xd.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\nls\en-gb\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\checkmark-2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Mail\wab.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\logo_retina.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\css\main-selector.css.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\goopdateres_ro.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filterselected-default_32.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\A12_Sign_White@1x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\hu_get.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\css\main-selector.css.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_zh_tw_135x40.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\de-de\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.147.37\msedgeupdateres_zh-TW.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Windows Defender\it-IT\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_pt_135x40.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\nb-no\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915	[email protected]

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 14 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]

Checks processor information in registry 2 TTPs 28 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
944	msedge.exe
944	msedge.exe
3812	msedge.exe
3812	msedge.exe
3584	identity_helper.exe
3584	identity_helper.exe
5080	msedge.exe
5080	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of AdjustPrivilegeToken 14 IoCs

description	pid	Process
Token: SeDebugPrivilege	764	[email protected]
Token: SeDebugPrivilege	2664	[email protected]
Token: SeDebugPrivilege	1160	[email protected]
Token: SeDebugPrivilege	1796	[email protected]
Token: SeDebugPrivilege	4524	[email protected]
Token: SeDebugPrivilege	4996	[email protected]
Token: SeDebugPrivilege	2976	[email protected]
Token: SeDebugPrivilege	2892	[email protected]
Token: SeDebugPrivilege	4068	[email protected]
Token: SeDebugPrivilege	3212	[email protected]
Token: SeDebugPrivilege	4580	[email protected]
Token: SeDebugPrivilege	3332	[email protected]
Token: SeDebugPrivilege	532	[email protected]
Token: SeDebugPrivilege	5480	[email protected]

Suspicious use of FindShellTrayWindow 37 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe
3812	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3812 wrote to memory of 4688	3812	msedge.exe	84
PID 3812 wrote to memory of 4688	3812	msedge.exe	84
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 1232	3812	msedge.exe	85
PID 3812 wrote to memory of 944	3812	msedge.exe	86
PID 3812 wrote to memory of 944	3812	msedge.exe	86
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87
PID 3812 wrote to memory of 2476	3812	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Endermanch/MalwareDatabase/raw/master/ransomwares/InfinityCrypt.zip
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d48d46f8,0x7ff9d48d4708,0x7ff9d48d4718
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
  2⤵
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 /prefetch:8
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4708 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7536200690551644281,3144176232573674185,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:3772

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2932

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2364

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:2664

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:764

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:1160

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:1796

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4524

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4996

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:2976

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:2892

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4068

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:3212

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4580

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:3332

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:532

C:\Users\Admin\Desktop\[email protected]
"C:\Users\Admin\Desktop\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:5480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
16B

MD5
9cf8fc34fc13f96469d3e3ea5e04edef

SHA1
cf77a32d9897804e6eb2e357de4b18b6b4b71b97

SHA256
c1907f89e8fff348cbeeebd900d112f0a00cf4dd89597d9193637ffc3845f4d7

SHA512
ae7245e558a16728cad33a125139b5b48c7588116aba783d69087dc2fd30c5fed3601421b8b198adae5bfcd37e420a3d851301fc8409c3c06fc0361570882290

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
720B

MD5
98f22835dbccb5c6fa1b6cf733cea729

SHA1
5e5a5ebb5e940a6d8101f2a189c77940873c9c25

SHA256
f3efa8f15e897968dbed40193777ddcdd696ebc8777a27bac8c3337ef5bf9e8a

SHA512
08c0eac2c5899bd03c5733efecf71db231fbe901a1c78590fbfd75dfb3620a94a49c74888a68ac0ca35380b17585d39a180aeee57810482a9fe4d3aea2fab04c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
688B

MD5
5e5da9918ae400ec26eb819859a1a573

SHA1
f8a4993bb89156c054454aadee9a7a1b2ab71bd1

SHA256
01153e3deb135e1724bda0aa6e18bfe51b2877b82fcc17d50e1731c399b73f46

SHA512
3f230e1e0b596c017606971623e740741fac3f81f97fa89cc8703a1eee00cbe0abea6b865961c51eca67d1fba43df8bdfad533c414fa85716abb66c565192cea

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1KB

MD5
5ca6a5f550f89838e731dba98e83c098

SHA1
eadfc26b2d4a7aac1ef71a7b22638a49610f105b

SHA256
7c567f7236440c2e770226ffe703fc9bc2160a707f80dc6944fc41de230d870e

SHA512
d3e646a1e190ea497eb773f6efc39e83be41884f6923de8be7c3e89a0b146931eb9dfbeb5147af14f4698876280d143d5adbed65bf28202120c6298bd7f5b7ba

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
448B

MD5
08b7fe896f60d58a03cf1b46e4f7e67d

SHA1
3e54868f2548114c823a998a3411e0800d39d814

SHA256
500120fbc8882f662cdec237127b07a1971e68ddaf7935c78c756e85e6569066

SHA512
2dad5e01de452c472618dcaa111877826096981c02aa89bc1db02a06c84bdf72ce72ec16c3182a097610a0ee0cfe5dbb74f5f0026c3cffd802bf40c667cce11f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
624B

MD5
6d9ac800d4eb725edf98ad125b4e21d8

SHA1
2f95b92a69d66dfcdb90e836d34d60fc4b5d69e3

SHA256
4a24b5b560233b9544dd05c3c894965419d0d1e9be1b293d654996cec1a3b432

SHA512
651b1ebe6d3607d17d872bff636ccaef9d48bb676d82282884ea9262c3599301d80009363f6c1b51940895a511cff62564505bb2dbe22e1e8ca941da05295a2b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
400B

MD5
6bb40c2b1390ed3ca282a6bbaa4c3092

SHA1
e18d692c16acaa9e5ea3bcaf626b0e26f2cc5511

SHA256
d2123b3f740e44402c87cdafd0615d91c5346cdc333c2609ebf586c1f94384b5

SHA512
1a36c11d582071129c0329c21d4fbdd92dd1ce2d8de3d2b2a3c1f56072d33bf34b490b5a832f02d0e566b775b7f084652ba1a09797af51f0a17e3be89ebdbd78

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
560B

MD5
0e3b8baab8196bc24b01628694d8fbff

SHA1
f04b27f0e03b6b5aa792245e9500da655b707c93

SHA256
5670519b27c23b08e92d15f016a96db9035f815535e818916485f8a673c537b6

SHA512
a3c5ebf3b8ddf8fe7ca2363979f3eec3e59cfa8b1d357059b8a987a611d83acebdc193353909858cecd50d8724ea97e7c38b88897a4026375c0cbc4c2c5012ca

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
400B

MD5
d379ff76be9e78232c2c02020920146c

SHA1
4c9d89d59fa7d266aab73f7327e6682e498a4986

SHA256
26cefae7692628028f30b69601d2661da3315ad367eefe49d70d430d74507bcc

SHA512
1b191330807d42ec580faaf75e2b431f570fa98ccaa60cbf6dffe079bfdf23622dafe8e6520d83eae34e0066895c4030a251012a1b153d389777d47ee67130fe

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
560B

MD5
4ddc11c4043fb31a856d1eeba618df01

SHA1
68ca6be8403efb0d991ff274b126365f1642c258

SHA256
b7970d84e5e28f0ea9c731ec822ef6d2ad4db60a473f0b0efd5c6577426c4365

SHA512
06fd78976de3004f3c936eac90b7389121c5dac1da2c8ef292a0dc3f6434ace7a7800db34aa4cb40bfeb8bd65084ee6fd6292fdfff3279b3b271d523f811bbaa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
400B

MD5
0ec8f7edbbff1f1ed14151444bec129d

SHA1
e0637e42f25b6ebe9a528740235af1d1465dec94

SHA256
20d72f4db96dba18cb533787faaa2bdaac6e26b60ebd8e1104f98392a86fc6df

SHA512
93b4102559b2ca637fad9530824fe8552697ac14917eeb696dfe9054c5e2efbd4851c72179eba7eff364e6f43f128008aa3ddc996e62370d4feb6d7d92d0df8b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
560B

MD5
303d08777fc513e12cb7d2b901be41e7

SHA1
54a32c18950512a8554ec60cde2aacf546755bd1

SHA256
186ec481579d53606bce04b51d5d3f66df7f4de81dfbbf20caff0fd0955c2307

SHA512
c02a56a76220175f057cefd11fce909859107c669b32630b81e4de078edc38c7c0e2b7f169676f12717122c39a130c2103d5d5ec09d52877b22aa86f16630f64

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
7KB

MD5
e8921c99c4707e8c6a1be7ddf2eace88

SHA1
124e3c97469de96d9521fa3147c082e1c1d1591c

SHA256
bb0cd744990040353e4a07b1fb28d975a12395365d1d3b68618ef3b0093dc604

SHA512
2e4543f3b97d7d6bd0e35342347a3dd3510b531a1ee408a67a74264577fce48a8e36dec0c0da18b178c992e63329b00d07fe09f9abceae9006f0ee5e33cb2e1b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
7KB

MD5
60f57a4287081533ccd6973a3d45c1c5

SHA1
08155bad5a08c57437e5c0a69ace9e3c8784db15

SHA256
811128972fca234bfcfe7f364734a5ffb2762b2f63e5fee916c8a5c9c13c3d62

SHA512
18a446bf1d8bde67fc51cad1d4664b18810e026502077894496522f8fd6921f1beb5d8fccb6de1a254001725263939e927afef7f2c3cc51d44f128c1ed96006d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
15KB

MD5
9a1053e38a00c06ea8638eda2733aac5

SHA1
c7c8c0299dffa9ef185cf3dcd2325851e316a56b

SHA256
4f36ca79d08990172e5fdae4d6b0af47c6f667c469334778f0eafd82f49337c7

SHA512
d85c5db298a3c624d10613456657198ffc0060781560294b6e622530d1a977baf4b1a370ed3a0322c61009d2eb34eddb940901a192258a5f8c8a2598f8c77e2e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
8KB

MD5
9e818d284efaf39fbbf23e2d255e1f29

SHA1
90773f12f2b6d795a31604349dde1b7b64d36373

SHA256
6bd71e6730d8405c88ea493c04cb9350420147e54770e40a3531a581f6a78e3c

SHA512
c874677626f369027e0de01df02aa50e4de33dce809fd35768f4f25188e5b37f49eddcd9b708c3816e62a892f39d4e2d1ef36488a12695d548d37b6c6f3ce31b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
17KB

MD5
c39eecdd328494b44231016d5efdc52c

SHA1
9411e1d42c6521a5fa036558a339dfb5b45586aa

SHA256
1fc7801e03d52cff40f1db9c8faa50d011686b0c7e8a6c1b7f0d6097da0e2527

SHA512
759711896d89a64d72abe6d5cc05d056f77d1a3e9e4e614cde223a277647939baa65716721e77529a5d96a3b9abc2cb7e760d66e69816150cdc8cec641707ec5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
192B

MD5
88941753807dbec4c4e5dfe7dc6eeab2

SHA1
089e2835525b960805166f99ef933f18a6dafd09

SHA256
f434e85e9a1dd7fd6c1eac97928d087d3020fcd4b0ab881063b601e5d95af346

SHA512
4a9e84b058742dddac73eb10bd5e7f9e1268d0d0d3e2e24985e61d39f241944a7dffccf1bd4c84707baf3ebae7c47f2095a9d32de26b7c4a6d9148477997923e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
704B

MD5
ee46fe66cf67fc2939a3ecfd232d8a63

SHA1
3a991471e463b6f0e09a7924994bd173c0d883b7

SHA256
3d81726ad721dd68f2279689f5208489ffe2b21fd14a0c69ca114644f80311e2

SHA512
f33effb60a57d10d80ca95d581542dad2170847a4e31a740da7d2480a6af63e3d1448bb4c063b7e4e358946684d6dc735a2fd25e9c9656827a1a5f9198d14c7f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
8KB

MD5
8e5e559e3822ae4579ff4c39455c223b

SHA1
70b27ba9a4b79b80e93673fe152f726750e01db6

SHA256
0505a9356e2ef56a9a2c987378c61712ea94f911f9c5ae9e90aebd485a1661d5

SHA512
19c51e637943b4e93c0f87230b9ec6eebb6eb6136baca05ec7a107e5dcc44a7ef944c5a5c7f412f08bf5c01098d2b2ab78a093586875a8c82be10ace4b71575f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
19KB

MD5
b8cb4ea525ed930c4013ecdcab70c448

SHA1
e66ab3608d6328cdd2873a3b12136b9dcc600e14

SHA256
2f063fc82f0078b845816435d4e3faff3fd0798ef731c1e11032dddf3d0c0496

SHA512
f733fffb9f8874cc0e0725a109793a220e417cd52f7e12ceeab6a34706c8fa95d3668853fd52bebcba9f300eba5659cf7783aacdd2c0662fbbf7f8c496a884e4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
832B

MD5
b886e8172acb66d74bc22b4abe47e70e

SHA1
42e370175e88387fb78234f1af1fe0a7ddaf488b

SHA256
856916ddb34ea9d4ebc292b54c8e0546d2b06e68eb6a8ef098a1f34dc887b267

SHA512
6d9a0ed164a52c9c2970b8e95500aba37fefab153731c00f13cf84268e3b686228ae038402a328045320c7517898dea0b38acd8114d63bc98dae92faab3dd864

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1KB

MD5
2a51f6cd1032bb40d79612c72ffc1f81

SHA1
1a5deeff7bb0f200e22a64d40cc1c278c067c2cc

SHA256
e0b546be7298a2b277058741962701d5797de2fe68ecf609583a4214521de85d

SHA512
a840d69370eb13a179fc62d6f0e170311fdabf0f04040bb2a3933d1925171b6943c151cd0090d939a40bba850fec1d4abfde08ccb52578dcbd73837e78d1a559

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1KB

MD5
a983cb1623fffb048736418da18fe4a3

SHA1
613989a2cbc121d92ffbcd1a3e37c6478adc7f2d

SHA256
3de4b5b7118d891dd3e664cfa1081749a36fe6422b0ff7cd1b9810fff47cd63c

SHA512
20ee795d244529632b3cc299835bb35df3787d44f7bf0fd528a83bbc21ca7ad73e97c0473c9b1d2e2e86c9a5911d7729a04c2b3921d7ca3be3caae05ea5337b8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
816B

MD5
775fa42ba51cc5d99f67ad1bf2158d60

SHA1
7208e69081d012b8e1daee73a0329b23a475620f

SHA256
75b3fb8efae3a0fcc79f84dff0cb049c0c30a1b52272301c8be183b69131f64f

SHA512
f6cd0c85669c017985d24b4eed97a9c2f0eb5fe7280f499f086a114775dee1f141f65269bb52e152088fcf031ae13e066c5776302f95ed11347e8983dd391d73

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
33594c419fe0ee08440f33639731e1f9

SHA1
0e471db8df869e9c9604732877f832771225812d

SHA256
655172d5571fdb389145168a5afe4cebde628863c94f35f1ecf2f184acd4f48a

SHA512
84e453d6bbccfb5d63815631f1d9182071e601f99ea0db26699c43579604176efb2a7cf922870c36825a3a06d19009fffc65e8375b2a3676a29ecba5f811abd9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
8f629596aac6851ca2869eb4d14d9f8f

SHA1
5048d55d095c9017993e18fdb95dfb3adf318cf8

SHA256
2790b497fd57b0372841c3e38e72b03402b051bc193c82726077b907c4e89689

SHA512
43e3bd6a0e69ef787155f30cf77a1f2b82ae91ca8206eb1fc9673cd2fcab0e7db7f152fdbf95fde2ba4bbb27d772e66e5760e1d738894dc0ad15b30af156f040

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
4KB

MD5
09a7668a9b4a0c1b26fe6243f6ea9be8

SHA1
5effb92c053251456c292922c3b7a2379379fb78

SHA256
950f6638a6f93c2906acc6751db34ae73b59cdca006659e6538edbff9399f831

SHA512
53273790f733e059a15a66c005c3d5806a866705ab74a063e382ac10fd1c5250a12e82b94bef9a16dc34412ea1470eb0c61a45f7d50f535e148dc85f72dffb4c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
304B

MD5
34f754a96ff4bc9a20e7d18c5532c8bc

SHA1
7f369ec29c38ebe7676919b7c0ede03f256f1863

SHA256
bce209757a957200d678ed5d57b705ac6e2a22a5e56e90523ed6cbdf5e2db012

SHA512
72773463e83321a5dc81910d9fd8a00d5241c54e15b5ab4141008d085671de73752886329b034f0b982151f03ec5e253592fc6466743c39cff7f6a8e1dbc5a27

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
400B

MD5
7afef04c52fbbbf86712f245b6cf4353

SHA1
b5a829e3c6f7efcb989f4d403d6795189bb0d21d

SHA256
f179c1fe1881ccc5f7bfc9d3fa383d7c24881d5724ffc51b63fc75b4d134369f

SHA512
01f411268b7bc2aecdb086e26ffc6a8f7d29345696e149f52c400fca2f3dbb60551201f62bcfd8eb05d4af518bfd8219827c43a9ec3cb42627b2b6d7957dccec

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1008B

MD5
c7a6facbce05004ff7f4a0934af295b6

SHA1
d68f3726ffbd313ad2486e868ee0604f99c49335

SHA256
0b430d71aeb54fc6540ce641b6f44b36e1bc2133dc4b6db8d1e518235ebad063

SHA512
01833612115e31a16ce32e47455078151f5c1533759f023d55e4689f05d75c58aa69460899d0e3300ccc0a27c5a2d1457884e0e5ca5aa0e33bf3bb8552ec507e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1KB

MD5
cf0a3e7be27f273ed692375ac6866e0d

SHA1
3bec458c296eef286dbe6e9d060b61ebaf93c228

SHA256
bd3f7e9af166f18d74db3c6d951c54bbb01884f02859e21d2847ecb47ef8ec3d

SHA512
d7862e352a1016a9b717466d8f0ec3e265675ba9ff3d8d929c1a9c29525ee9420a635fac52b7bfa142d8afc713a4fae8a6f3f31c4a4c3a5a8d9ca4630e027880

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
0960252d7ab8bdc122c3edd342069312

SHA1
cd794138446319439e4cbaccb2f2a2a32066650d

SHA256
dbdf1844a960f1b3f1ffdd183ad7683c824ed6e45841422cd5628dfa2ac25c6f

SHA512
a87351ab4205dd111bc815371ba516ca429ea072767ad151c2065b4a1f98114811dcc6197fd73fe4026878d26d4c44ee76d67abd4d2110faf725d618fede0e83

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
848B

MD5
7db8c63686909a0e8893f75595cc6373

SHA1
e285cc310abb48dffceac02431b3b56360aabc94

SHA256
ca94c0de39c6eeb92e6c7c0aa9f1b947a0162fa79128711e01fe2f717cf65b17

SHA512
20856a72a2dda67968118ee03d94dc213dafc8ccb155a1e56e3a6787260f673864db11f26e0075df7e24c1ba5e608069bc3d1816d9f4ca1e3e534f34f771420b

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
32KB

MD5
aeda0ca0d9915b5852074307626fcec7

SHA1
24bc2b870be27d2f660b56a5f47f7331f39df48a

SHA256
94703328bc920dab4a431251375104f359ba707bbe59b3544d52917720c3267a

SHA512
dded8db66f4a318d70a57923954c127261c3312fddcb1c73369db0272067e044758bfa67e2464d932dbefa82b587767c39499de515af54f5b3a3878859450167

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
596KB

MD5
16b7954b63fe2abc59ccc11fa183d29a

SHA1
02f5c349cca8d7f0e908d04bfc313c82e8a2d079

SHA256
521a4e682a713c833eba48f9e760c36043307cd74fc4b7973d3dedffa7af316f

SHA512
4a5aad7f681bc8271f9ba50114544a11373d0fd40d3c89f46be244b19efebf781a175af36a578c79971f910909f418626a354ab78d831f8769ab163640aff937

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
596KB

MD5
38d540d29f0f3341c9eb0e25c68c7723

SHA1
0a8d900e0660de697412879942c772c5d33e395f

SHA256
19d29fc108ef34823d20c125e56afbcf5f7416b765f0a40d3e7f83d1c539470b

SHA512
1a75aa5e09a5488b2f9496d3110ab3811f8a42397e38238266a01d544c3035adc3e346c79f491073925505845f5d97314daf122ce7b58210a6a8e1b41cb61365

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
172KB

MD5
f3fa334c7a3907fe4220b881b2d18e88

SHA1
a0dd4b332d939aa86e5a63ec6021758fafbaf9a5

SHA256
c6cdcb2b24d5cb95033519d91bff790c305c82061eb2e5fb20f5db0a9aadf329

SHA512
81e11905202255a3da3712add8d2d7aa8ffe7209bb78e9e1afb7d1de5dc475ec4c999b28730d1f8eb64a8a6f6995884870438b8151ae2dee2ba86f309fe9df29

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
172KB

MD5
ed596286a89ca20f68035424f24d3736

SHA1
c3e15974b99b3fc2fb6c4846960a650893d48d55

SHA256
99a6469d5f483788b2e51c4712e1fdfd93a2ef590db84cba83e3e5f6b52d537b

SHA512
47416910c64a8efa7ece16159976d9e48b35b631c27fa5922b7f4dff336389b00992a7a21e0678d2ad1175709a09cdbceaaaced92ab2662bf60a12542837c597

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
330KB

MD5
ed67a736ee72e7bbc4eb7540c38e6042

SHA1
7a3cb755ba44287b7ab7712088c5b959530bd0fc

SHA256
09954f4b1f64193b4e1483f7de7af642a923db223960e37916fb2216276736b0

SHA512
a8610b9a89d34fd97227d46d8a17db6575c313b8153f0a3db6915810bf55f1476da88321c91d92cdebb67a3e045fcb837fe7e50bfc5e53c53048d335eb6617a3

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
330KB

MD5
07dc1d0bb77689fc8af86046faa1416a

SHA1
8c1f7f0d2dc2b68fb07dbb1c123a51008eef2b00

SHA256
44204d2446da4e515ad1a20a0bbcb6cf66c25ff3db6f54ee8c85b5f028ea7d74

SHA512
2c0b33b0c83cde095807c53d2dfbf8fddafa149435cb34ab6ccd67a0f0ac8849c65e01ca4638afbefcd4997574abad0c73db8546380b1f01db5a8f34ce8b6527

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
330KB

MD5
967dd1889c19ba298e5c1a2db4164cc3

SHA1
f815b51cfa3f2699e18936bdccb20feaef1927da

SHA256
c8ddc80e3e09089433afca42cc8c9520898c4f3db47a95106d6408ace412125c

SHA512
dc2793e1fa69d8f3679335ddb8d69d2eae754706b92fadf4f0a23f2263ec5ca814284d41b8f7bf0886064c622577b60edd34194f46ebd356de8c3c25a98f1bf8

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
801KB

MD5
f3e7fa9a4f6e7146b64de2c862c8020d

SHA1
1ae9f1596623f0e82306a1c80b9da3b7b041fe49

SHA256
10bc74aa52b1f3c0b3bb6110963a1d5cbd24592a8af79a52e9d178dc3b5bac9f

SHA512
ac84ec9a105911c2801aa2476e50499c54ee1af7e9284a68a14b825306d644e098321c5cced26822eee681e88a9ea0c6528baa2515e612f082afa6fda1271e76

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
801KB

MD5
8011f3c010fe00b90949722b6effde40

SHA1
a05ec66aa69f02b361fa153fd915f7fcf146efbb

SHA256
82fd286fa5eaddc46765485f8c9bc1d7ea767ff6fbf9107b628232e55fda90d4

SHA512
2be8cc9edf702e1caa2864078f2dc8311a09ba3e035e578ec1d570ae3e3935bf740d893b0f4efd0d290ded186d49cd739b4eac10b21ff6fb47f7bab12d41692b

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
801KB

MD5
19c28044bab57a764bbc74bd64176e81

SHA1
3bd7b59753810ae5c73e5c4fbc50a476cb0cbfd9

SHA256
3971086d9c0ab79c00b6fb074296ba7539527d1d3062c6dcea252ac420f27454

SHA512
9ad6b608992801ec4a40df5d541915bcd9e3b2092e372b2af36f4f4fcb031d916e27f6f4a96bf5c646d80581c186f8ede6706e355c2b040ca59963f3f34275d1

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
297KB

MD5
47acb3cabcc0afdfe7815fa9047f8f31

SHA1
50c6a663cabf331e9866d4adb9c784c7f475cf9c

SHA256
4dc8ecda8c22dd3266f6d99d0174749de37abeec32addf272088b4394c061cd4

SHA512
e54fcf82eb6b6db1d6f56e41b237e48271a39a5adfb27caf8e16c0c60eb0c5bcf03f177be20de69651a6ce48761103b59cad5593885c72857701169d13d83466

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
297KB

MD5
edf04d4558f26f5b845ecf813d8ecd70

SHA1
a67c3a5694b69784aefd6f678978827c0c7fc019

SHA256
e73640400551bb1fb50c695e43a64357b22ecc403fc9bb18b8aa0a14895c3373

SHA512
871c171749bfc0595c0c0853a9b5ce17aeefdaa6bc8465bf794aa8c10889fcdf9880217edc59faa2c8e8fc4b853fbd3597bace04aac9e718448ca01a43768f3e

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
726KB

MD5
9416d5cd6250e5951bd47cb5fc19d9fd

SHA1
35255fcf658aa9525abbcdd3fda7188571230c12

SHA256
3c20c6a56ec0c0698fed0ff6a9ac7c6461adb45fbbd2a7304fad291badc86d2f

SHA512
b4843986d44c3f7a1f1ed14f486b045557671be6393046f37b5662ce772647df4f114ad55d3c9245fc128a80fc310414514a53004f59f7a918f542cefe761429

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
726KB

MD5
cf4457f3a2e483363369808e66bbfa9b

SHA1
c5369911d5fd31d38125fa9c7f6ca73adf8c5ad9

SHA256
0f7afd263bc14e0478513b006c14ffecaea89156b6bd37cb668f9c19c9a888f4

SHA512
7a0f6e046f037068a6ca1344287abcac5eb4324870fc03418acf180393ab346f2867b3ada0a33e05daaa8e526b26ddd1c295fa5a662a5225a03ee3040fcae23e

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
726KB

MD5
e1097dd5edc4ba742560310d0dd1de56

SHA1
4ceed7bac6acb1662d971387c1f0e39f67d6f63f

SHA256
3d44342da159bbee2b885896c18eace672dfb32457e8da3549363645332ec0e1

SHA512
4254539f80b67f505ffe3f97cdf7ed018fa33b024e82da7de0c2d22fddf53a9e6bf6ef33225a5a65c557eafaad31573fc0b123971c4a90e420a4995f2ed250fe

Download Submit
C:\Program Files (x86)\Internet Explorer\ExtExport.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
44KB

MD5
7a2678e3f5c5a736fb2c8a98479f44ba

SHA1
93fb884587dbabaa392b30a0a1bc6881d6cced35

SHA256
add079c51cbe3401d08e0d572f51566ddddc76a566556264809629f71312cd49

SHA512
6a36b6fbc8477bfacab384828b2a71a95e876daee9f53dd1d74f0f4146a873d8b594972d42385f4e94c2656727e0d188d6f73ed4c4bcf59a5bf7df1c276f339d

Download Submit
C:\Program Files (x86)\Internet Explorer\ExtExport.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
44KB

MD5
87da7e5d3a3fbd0b664e4d99f4d11e0e

SHA1
6ba9c613d5660cb962c22520c3861b8123c9e18e

SHA256
9e85d0d37e0ec1dccec2baeeee4958dff1c65c0d8cbe01b6146f7606fc919746

SHA512
1623dc0dfdf4c163751bf9a68d2f8a94dc452884d137b0776f5f76ee3e7bad0d0842a6a52696f80492a0140c4ad2350b1c33be625e3baec519a386a521fc6bdb

Download Submit
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
7KB

MD5
fc159f3dac96f548c3b055d7c69723ff

SHA1
39c17a37ab98da70ce22fb0ecd019f97ccce28ea

SHA256
dcf74fb34ba9c5489181cfb4cef2af158c5c4e8e3fd7feb6ba70de4da633e581

SHA512
c0110c4e77fbdc7c7ba1931dadcceae7c6dcd671ebe47e1656310807fe0b3a81477f1056cfcd26d4448fd24e923d2b4f9e40bc8d0bf6a99591ceaa14d28030cd

Download Submit
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3.2MB

MD5
dae20cab71f3747853706d6bbd9cd3f5

SHA1
da364046de8cdf35883a87d27c2836f119803472

SHA256
90f595f63032039a7552dc2bb3ef14a79dd3248289723aaef97c87ebf6621741

SHA512
0a22540feb6ccfdfd300c635745580cf197217070cf3247375162794f850941234156f529eae7a3b46c3519a9e2a56409c83f6a91ea45d28c5e559a92b536774

Download Submit
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
1.2MB

MD5
b4bf72c72f0e6e077a9b1ed03b4ce1cf

SHA1
2e7806afc1d967dd7f32b0bbf33bfc9760e9437f

SHA256
748e08ac97be1c7feed2867bef9dafe02b303aff47ab4cd73f0c57020237dcaf

SHA512
0c990e81cceb3cc2b18ed2effab4dd8e7a01dd96c3513802a4b0ae8b398edff14257270055bfa2aca2eb0f5e4c8dfac947470b37e4db54ac03ab80ac6e672ebb

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
584KB

MD5
8fdffe1c2657559bbfa90fc2972f5f14

SHA1
b74faeb9839ce8ab025b38cc4a868b6e68eaffe6

SHA256
fb2e57c5f137128b88105a9ef64636ab0481742fe9bf806eb962c95b617f7712

SHA512
ebef06daa5bfb1d3358ee8743865b4bd7c489342a1290b850ca6b89bb1c7170053cb4c883b42e7871dd8f751f986c7ff8829ad13ec661264263b3ef95080d103

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
104KB

MD5
ee11bb9460649e64fad135aeae5ba11f

SHA1
f4844598de40d46d3e2607aebec6c95f96614b1b

SHA256
af6d1296363a47e38cf816981533f9af6c3de4e4c58c00c3128707a01535d557

SHA512
1c46b5c3ee8b491dcf4b31e5a67ff074790a293ae9ffef961676e3f4812fbc235afad47dcaa775c1fb90e5de82f32c6be111f22829a2e5270bbec35caaf763e5

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
104KB

MD5
35dfc64a8b20cbc68cbcdef1149335a6

SHA1
00dc2ac53a3e223afc5689bcc309ac43e74e2c2d

SHA256
f7dcbb74ff07962626298510c5d72ac84e298ebe6ca29b29b93dbdbdf432225f

SHA512
6384120cff3aada6018fdeb13dbe98864d6fc403a2549cf66e3d1fa22cf3cdd9df00ae4a4fd1c2dc9e83e8608261b7355c13186cd53a108a254e0ea334c71b60

Download Submit
C:\Program Files (x86)\Windows Defender\de-DE\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
cd0b4824f0738f3afe91745982123a12

SHA1
dff762b9fa45ae2879c32e13c1853d8693265b55

SHA256
55c841ff1a9e7fe6c4cd970844c22bb64b7c7741dff10ed5977fc34f7d6408f3

SHA512
7a1c5d9fe3eed12b511975100c7aa3377634ee061af046b75c336276f32661dc9306c4f4c9ea75317b0060b786b6174cc7278e2d459a416a78a2a3a628356bd2

Download Submit
C:\Program Files (x86)\Windows Defender\de-DE\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
8ac30f54126ff498fa16e4872b215cfb

SHA1
6ea9ba75f84ae46e91b8b5e1f05e9cd06b2a9cc4

SHA256
9c528fea2caa7f28f158dcc99321350878295be8f04e685e83e0bfa8a03b04e1

SHA512
5b0271eaa551720d472cd81da04adcee1d2b56abbfe969f384e55c0ee07561d0ff6dc4c95cbd79628b0fa8bef44fbb66869b47dffc4468e7ad2cca967c30ad6c

Download Submit
C:\Program Files (x86)\Windows Defender\es-ES\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
f34aebad3fb23d6cf261ba269ff84971

SHA1
9811852afbf30b237859b10df574aa5f4cb5ce43

SHA256
49d39d0ab06afd2a484cf9b5fcf879030bda70eb2cfc2366fbbe2d8418bb766a

SHA512
2ba8a0859a08fb1904196c9895962269800a72b54992e1d86967a6bc54065286ab224721194db5d381766c7e6b101faf046f088459d226f06594cc6304145132

Download Submit
C:\Program Files (x86)\Windows Defender\es-ES\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
991b7f857351f562d709b7e709ba1a75

SHA1
972e333dda90efe5b4d06593d79a7378edf60eb4

SHA256
c9188c5fac745d5a5fa4d9684aac9fad90582a1581afacc94fc3b4bd78229adf

SHA512
8d286e87e96b74b8760d9a373c10ad54924815f440373a3db4c164dd60839ba952deef57f3eaef24c6ba3618bb491d2cccab6bd67ea1a38735d72b9e94373c8e

Download Submit
C:\Program Files (x86)\Windows Defender\fr-FR\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
6aa38528e6a55850f126c84d60a90e2d

SHA1
2e653f2a34cf6a6386c9e39f21c36bb3e70a7e97

SHA256
176e6ca861a7c6a1d97338d998f75ec6abdfb35ab6d7cc492684db8dd5dfb900

SHA512
6fd2d73f9ed9ef9b81eff5c2053e4e44d2a995b1b6d262f6345daac34c291a7503838b244dad2ee5287a8c416f703faa86251ca0c598e32c5ecb9124dacfdb57

Download Submit
C:\Program Files (x86)\Windows Defender\fr-FR\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
d8080f72f83231aa12e4d0a89113486e

SHA1
c19c21e3f9b5684193fdbc0baec7e976b67167de

SHA256
1afdceae1779ab7bb8aa0aa102a5d67ee7df5993332d0891b767c76a527b15ee

SHA512
5ca6a7e73ad0afc0226b6ae47725ef8b70c07280ca94360d1557731fa84e8e43bb1cd09743cbbfb65f3451c1d55548700d2fea6bf75769c33af584c0fc9a3a1d

Download Submit
C:\Program Files (x86)\Windows Defender\it-IT\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
e41495858e2492ddf2c92ca5fd2f46db

SHA1
000da549a609f04260924432d6c0650c3d1c383e

SHA256
a34bfdcc2fba373a767dab5dbd6754eab3767d6263d4d5ddc700eb6563e98410

SHA512
c2f9d998c110477c433fc3ed44530d71f051453c6cc2b655a27f6e4c0cc0b8bfdb3745854ce6cf740c6d9fb9d0e18c4a90a93b699742393e663cc8ae3c359b81

Download Submit
C:\Program Files (x86)\Windows Defender\it-IT\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
0654a4ddd1b230376d7bde14ba86c0d0

SHA1
6be578961a6663fb2163def3b07b1a54c9025f51

SHA256
af89b26887c8eaef49183390a07d44acf319d3493138ce69ee92b2f3251aa213

SHA512
f0ae4405739f2059b5d60ba5b2d7537e677175f94eeb6b357c276ff30f7766e6f6c2d00199b92b9a96527ac52f92e78ce5447496dd7fac8f8745be20d75b1845

Download Submit
C:\Program Files (x86)\Windows Defender\ja-JP\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
5161ef91887bdbd4fa74cfc4f5f06988

SHA1
bb9beee99fca5e61d22db0791e7e500378f772ca

SHA256
344e03d62f59ddde3aeb709e598ddce690322515dee4b5eea79e15e168f380ae

SHA512
dbae47f04fdd017467e82a2f60c74523cfa660f3a830d7bec808df1adea2f37efb4491233f71a94e40f7dfd8531c7631a22d4bf02c84d3fec2db259c7d36d149

Download Submit
C:\Program Files (x86)\Windows Defender\ja-JP\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2KB

MD5
2e23280e05aaa54510a2e1ac35384092

SHA1
53a20d228219a909d6cc27eb93685c16054f56dd

SHA256
53f3f3a6a800c5d2bf1caa57bcab2c9bdc5518b981327f70d217f9dff27add76

SHA512
e507eb483e972d8a26577f147bea2493957c958a4c7aa725351c68f65728462b8dd83f4ad64eb7a1112bb62eb86971f7ccccb1b9c7c6adb079a3cb69033d1787

Download Submit
C:\Program Files (x86)\Windows Defender\uk-UA\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
6c0f17ce948c5e13b553976573888720

SHA1
3e93f8b233f45142adf4b431a08fd1df0840d1c8

SHA256
34e8a51c0e099d83f9003c67d4517e3be1a7c4e04371315d76422ea81d10223d

SHA512
ef521159bea18ec03f06d090ce7ead8b4d522ba551d10ad034cd32ab224fd2fce2101cc765aba241308c0f5c17514464d7c1e6e9fd85bd77633a6f0ae4b77abe

Download Submit
C:\Program Files (x86)\Windows Defender\uk-UA\EppManifest.dll.mui.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
91152efc82575bfd31d6a748062bde7a

SHA1
0122fde85c1d10252bc0402a5de6ba2842f7fb5a

SHA256
b2585feec91989e34f852ce965f4cb5cb7b665324c4d14fc73bd1ff975451c22

SHA512
3f5c35573baba17b261f9ef722449c0a2bb31b03534e91ff755ea5ec8256b840e8ae41f6724a2198f757bb229bc92e75d327aee352761005efdb4d5743adff25

Download Submit
C:\Program Files (x86)\Windows Mail\wab.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
504KB

MD5
fa74170d2f54784c8dbd061abf95f404

SHA1
87f370021264f70f64044e6f459841e4e40bbb9c

SHA256
31587d43b6a05e620e5561b3fb1cfc6b62e840269d852314b54ea1bf6f3301fa

SHA512
39921d2de3884f679d69850f308ede33e628188156790c288fb6042ea3119eb0b50d7db5319e527902e57311a666b243be1e3f24501fedca77045b81ca8bd4dc

Download Submit
C:\Program Files (x86)\Windows Mail\wab.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
504KB

MD5
94284c25b63625b4d9747ab218f84030

SHA1
7906ffd7930875a0995df381f9cb888e2bd773c2

SHA256
e75b2c6470092183426c4a9256bdbb1da86d8d6739a6373784d338687b5ecf3f

SHA512
1322909731d5f3e33a79a131db8af362be23ee9534717b2d88d91a250b159c79ba880353973d8f8622a2313dbf5c4be74c8c5bb8feb5df2163c8ed82a091683e

Download Submit
C:\Program Files (x86)\Windows Media Player\mpvis.DLL.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
159KB

MD5
4e0c1be465af0f8def3f7bef50f6fdea

SHA1
a924ec9e4f2f6e5871907e48a3fa000ede656987

SHA256
8e90ea11eff36040fce97041f8d7d8064b701ee61cd75737c55fe105e59ea23f

SHA512
495cf43dcc33aa0da24a3996e8a35caad4d54263bbb8c2bdc81dc8827d77e510cf4903200a51ddec65b5f38d1e693f7fc46856a17940ab43c0d1ae718823d50b

Download Submit
C:\Program Files (x86)\Windows Media Player\mpvis.DLL.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
12KB

MD5
efe3638f8096201dfd41774c553a4e5e

SHA1
83852673d7827626dd5a3b76c324c63d7b9582cf

SHA256
efe9bed88a1367e0f83ada01d99fe76434d4f0fd476ffa8cd6361c89707d4398

SHA512
e5691c8d4802390ed6a1e5328b6020bbcce9286c53d92b4b49f04f5ee029787b22a58c3fdf2da24f5bd020399d9cbfb0b098574e9c703a2e40c586d93997a925

Download Submit
C:\Program Files (x86)\Windows Multimedia Platform\sqmapi.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
39KB

MD5
d2146fe3a3cb488cf7c5484039f4a00c

SHA1
40f9c96c7082163076db3da41c2b365f49dd36ea

SHA256
1c4ec1560f4397de8726bf8e311f340bcf31db7b666bbd92361bc51e7adf7f04

SHA512
d666661b98bad4a5a305db2e5661d10c4d4d1f92f4d75d98164ca42b4f16fb208d32d810ba90a0040315bec1be78d6f23dd9ac3f6915a9ac03fbe9c9049c2017

Download Submit
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
2.7MB

MD5
d596aba6081269d9bbbe72b2aad79847

SHA1
6631fec0f53413a40f7faba957475bd19fda9e15

SHA256
36ed72c55717a6c383ae78da4bc21b39ed3c6741445da9f9905edba68a5097b0

SHA512
b54e41ac29e2d5e9abe4db6a2174c8683f8eb1033e97d6ed29102b731c67bcabd7fc32c51da73dcf2a0aa6951cd09ff77f647413a5a8b04def39f5e9af4c0196

Download Submit
C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
601KB

MD5
74dd379904e3832b91b1ca48219c91ef

SHA1
ed91b7477f9d280126c54b7cb43d8ebeb8a726db

SHA256
e02320509fa4e8e9a10f2f029aa5625c273ef5926a010596776dcfca572eeee0

SHA512
314e3233b4d83911e53eedf523f26f288fd51735f614e947fb4d25f25b0f51e4e7f664f89fe03ed30e7a3175ebb561aba4761a91fdfbac9782a3a720ba683c88

Download Submit
C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
93KB

MD5
c4de07acecb4891dc4807efa4541249f

SHA1
373813292f4805f4cba915dca154d305c73ec335

SHA256
cd9bcd1259fca08d7f8ba905383ba123eed287eb4fc2180a343754794a5b771a

SHA512
b1f18184a4df7741d471846d335278523c0fb5f4d6d1753a0da6def0e4019e2aee40dce1dd01bbdff00b5e35476dd59a6d66ffe9ba68e58b76656a8350221d5f

Download Submit
C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
39KB

MD5
b6ff06d59c6ad59ba3cce9419b3f8dd5

SHA1
3646714dff7e06079bb3367a6226a094b32a3161

SHA256
1f5bae8a91de6fa92c7da0904d4e3a1242b96e978a870ca128b0abcd47a1301f

SHA512
44a8c65386181491370a9cd79b9054ac7ba4b30e309ccbd46267b716a6ee484f7856be94b09c64694f0455f23067668ed92f4b10b6e0f40841b8232edd1cae3d

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Microsoft.PowerShell.Operation.Validation.Format.ps1xml.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
3KB

MD5
1ed9f732bbaa5f8efcf9f4aa6bba8518

SHA1
50faa68fa5397ec3f8f16a25975d063f78685987

SHA256
34e19d3239348f7eb1b5cfb03f0a144e9bbba937fb3cb5f9e4a3e5ac66f62bcf

SHA512
74de81f4e7aa800e09449ae51440f27c94cc65c583e2cedff6a4d982130cfd77de7330b2a551d44da76ad437295747187634eb9c64ab7c058cdcc8ef05edc275

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\Build.bat.B3D1D965B6443C8DC0FA9B0E02F82E151481EEC9B73B2E7F64F474EEDF80C915

Filesize
752B

MD5
b66c1cd6aab1d949f11d452f2da69bbe

SHA1
684683ce0f5dfd16f1da089ebb6d9f95330f6054

SHA256
caafd176df7717c41db5783f4bc86fb669bc10bec3bfd1844ead8b65d558d33c

SHA512
88b2c5c39020be66da4d333865df1b31ac382ed0dd1afbe39b65dc8e5c528892acec8a295b9c1fbf486f26e987ca328c4f0d8cd88dd174b3de193e4fc9418b56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
261B

MD5
2c2e6472d05e3832905f0ad4a04d21c3

SHA1
007edbf35759af62a5b847ab09055e7d9b86ffcc

SHA256
283d954fa21caa1f3b4aba941b154fab3e626ff27e7b8029f5357872c48cbe03

SHA512
8c4ce1ea02da6ffb7e7041c50528da447d087d9ee3c9f4a8c525d2d856cf48e46f5dd9a1fedd23dd047634e719c8886457f7e7240aa3cc36f1a6216e4c00ee37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
49ad71243b74c1595846cd25f58c1fe8

SHA1
fdaa4bdb011b93e99e6a4dd47191ddf51936fffb

SHA256
3ff8da5f869422c7e9eb0d5cf666204ab3b19741ce33acfb5ad17bd1ffdd23e3

SHA512
0b8969fcd1e0f2e6e4e91bd62a6475d36877f06204a4445340d9a00684d3cddb6dd3037b79ccb271784336c0946fa9a155261a29a1efe3cd80f0c25eee957ace

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8dd595c7c98870b4efbd2e7e8a821505

SHA1
f5573bfc8224208977042d00b186593a71f2761f

SHA256
148014f500b0b2409183b16eeba95df3bff5c6c1143dd04b8d41b536f9af0c42

SHA512
1b7342f4184cca9fddeb30a79e725e431f0ed37d1463b91014f1ef210a8302dd32df1b270c5b1d1fd62df28fe1c61d20d4774e396f6c2239b406e3e3b5b45c16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
602117c0793e9ef05e66b2918c3aa26f

SHA1
5948e8fdfa22bc25b91b6ffee8416a5fe873c35c

SHA256
ec7b572cae0c18a16c588b1f669f055040b35e3e6d236247520565692cb93bc2

SHA512
cf28b6c421246b93a3f1b7bc3dcfce3084d005ded0fd1e2cd8f7afb650dde690e7cfd195fe1b4d2a95fb4e72f95f395f48d23a8fb4b04cad0f962f66ff0d8cbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d234d135895bce86faf24e35d7af5828

SHA1
8688dfb76b77881013e3db6f1955bd50971d11aa

SHA256
9fd9c8a85e943182f2b4ae4b0a4fc335378161e4fa3de63a39dea115eafe5019

SHA512
db2e5ef4a1f132a53fcd65810c20288ef00c1042e68df1b65c6c2ec24cc65ebe955ede7fa4a01f0796064aed52d607f6ba3acfc23a4b55b7c770e83f27a5b29e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
461bf6d6232aaea9292dbf7c2a60bd1e

SHA1
d4b2941627aa51d202e6d714a0f9c79a07537a7e

SHA256
b92c343f3ea64141da8d9dc00683e76743b9cd27e54b23c46d5c9c869d409ab6

SHA512
7ac2a2edaff89c11c1cf2be9a09aadf6a7f28e857b7954ee22e721642bbc53435e855127d38c0e3e3cf2f7dbf7962af61bd4c86d6f9171ed3b0c38821db78d0e

Download Submit
C:\Users\Admin\Downloads\InfinityCrypt.zip

Filesize
33KB

MD5
5569bfe4f06724dd750c2a4690b79ba0

SHA1
05414c7d5dacf43370ab451d28d4ac27bdcabf22

SHA256
cfa4daab47e6eb546323d4c976261aefba3947b4cce1a655dde9d9d6d725b527

SHA512
775bd600625dc5d293cfebb208d7dc9b506b08dd0da22124a7a69fb435756c2a309cbd3d813fc78543fd9bae7e9b286a5bd83a956859c05f5656daa96fcc2165

Download Submit
memory/2664-102-0x0000000005830000-0x0000000005DD4000-memory.dmp

Filesize
5.6MB

Download
memory/2664-103-0x0000000005320000-0x00000000053B2000-memory.dmp

Filesize
584KB

Download
memory/2664-101-0x00000000051E0000-0x000000000527C000-memory.dmp

Filesize
624KB

Download
memory/2664-100-0x0000000000800000-0x000000000083C000-memory.dmp

Filesize
240KB

Download
memory/2664-3263-0x0000000006650000-0x00000000066B6000-memory.dmp

Filesize
408KB

Download
memory/2664-104-0x00000000052D0000-0x00000000052DA000-memory.dmp

Filesize
40KB

Download
memory/2664-105-0x0000000005420000-0x0000000005476000-memory.dmp

Filesize
344KB

Download