41b93a574bb612aa155054a537fe86be308ece7c10764a1f57ce01f894848f7c

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 12:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

konets.exe
Size

17KB
MD5

6a178845e4b33de30efcdcf7b4e128be
SHA1

2f144879ef702ce6fe75515240c9add67b5945ea
SHA256

41b93a574bb612aa155054a537fe86be308ece7c10764a1f57ce01f894848f7c
SHA512

c1e6db9afb21263b47466636d23775a6aaa88a43903fdfa26952b831bc369cef59ae9200ee0466c7869e748192756d19ed6c717403a05622cc3a0ef0104574a8
SSDEEP

192:v6e44RTHEdAppUxevrtachyQpYtXz3usVccmDesQ5tf3XNGlraivR5uQpI:v6eFZLpuABbyQCRq6sW2amNp

Score

10^/10

ransomware spyware stealer

Malware Config

Extracted

Path

C:\Program Files\7-Zip\readme.txt

Ransom Note

~~~ Your files have been encrypted! ~~~ Using advanced AES256 encryption technique your databases, documents, photos and other important files have been encrypted. See for yourself! look at any file with .kon extension. You cannot recover these files yourself. Do not waste your time. Nobody can recover your files. Only we can! We can decrypt these files, we can guarantee that your files can be decrypted, but you have little time. Payment for the decryption is ~$70 We can restore your systems in less than 6 hours if you pay now. However, we will not decrypt your system if: - You go to police and report us. >>> If you report us AFTER decryption, we WILL attack you again!!! <<< Do not delete or modify encrypted files, it will cause problems when recovery! Send the personal ID to [email protected] We will provide payment information, once payment is done, we will send you a decryptor! >>> Your personal ID: 5ZY4-HSUI-YKHT-PFPN <<<

Emails

[email protected]

Signatures

Renames multiple (10361) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 5 IoCs

description	ioc	Process
File created	C:\Windows\System32\drivers\gmreadme.txt.kon	konets.exe
File created	C:\Windows\System32\drivers\README.txt	konets.exe
File created	C:\Windows\System32\drivers\README.txt.kon	konets.exe
File created	C:\Windows\SysWOW64\drivers\gmreadme.txt.kon	konets.exe
File created	C:\Windows\SysWOW64\drivers\README.txt	konets.exe

Drops startup file 2 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini.kon	konets.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\README.txt	konets.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Drops file in System32 directory 64 IoCs

description	ioc	Process
File created	C:\Windows\System32\es-ES\wiaacmgr.exe.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-Compute-System-VirtualMachine-Package~31bf3856ad364e35~amd64~fr-FR~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Multimedia-RestrictedCodecs-Package~31bf3856ad364e35~amd64~es-ES~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\en-US\iscsicli.exe.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OneDrive-Setup-Package~31bf3856ad364e35~amd64~~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~es-ES~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\es-ES\recover.exe.mui.kon	konets.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetAdapter\MSFT_NetAdapterIPsecOffload.cdxml.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Common-RegulatedPackages-Package~31bf3856ad364e35~amd64~es-ES~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-merged-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1266.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-ClientUA-Client-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Management-SecureAssessment-Package~31bf3856ad364e35~amd64~de-DE~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{5C3AD7C5-4560-4283-A520-1AA4A0597A7E}.catalogItem.kon	konets.exe
File created	C:\Windows\System32\es-ES\hdwwiz.exe.mui.kon	konets.exe
File created	C:\Windows\System32\uk-UA\bdechangepin.exe.mui.kon	konets.exe
File created	C:\Windows\System32\uk-UA\setupcl.exe.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-VmBus-Host-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-DISM-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Enterprise-Desktop-Shared-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\catroot2\dberr.txt.kon	konets.exe
File created	C:\Windows\SysWOW64\InstallShield\README.txt	konets.exe
File created	C:\Windows\System32\uk-UA\Netplwiz.exe.mui.kon	konets.exe
File created	C:\Windows\System32\uk-UA\sysdm.cpl.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Virtualization-RemoteFX-User-Mode-Transport-WOW64-Package~31bf3856ad364e35~amd64~fr-FR~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\en-US\rpcping.exe.mui.kon	konets.exe
File created	C:\Windows\System32\MSDRM\MsoIrmProtector.doc.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-UtilityVm-SetupAgent-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-ShellLauncher-Package~31bf3856ad364e35~amd64~~10.0.19041.1202.cat.kon	konets.exe
File created	C:\Windows\System32\de-DE\cacls.exe.mui.kon	konets.exe
File created	C:\Windows\System32\fr-FR\appwiz.cpl.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-Feature-VirtualMachinePlatform-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.488.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-UX-Common-Package~31bf3856ad364e35~amd64~es-ES~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-VmUiDevices-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Server-Help-Package.ClientEnterprise~31bf3856ad364e35~amd64~ja-JP~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\de-DE\reset.exe.mui.kon	konets.exe
File created	C:\Windows\System32\es-ES\CredentialEnrollmentManager.exe.mui.kon	konets.exe
File created	C:\Windows\System32\fr-FR\secedit.exe.mui.kon	konets.exe
File created	C:\Windows\System32\it-IT\getmac.exe.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Multimedia-MFPMP-Package~31bf3856ad364e35~amd64~uk-UA~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~amd64~~10.0.19041.964.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Multimedia-MFCore-WCOSMinusHeadless-WOW64-Package~31bf3856ad364e35~amd64~fr-FR~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\ja-jp\sdchange.exe.mui.kon	konets.exe
File created	C:\Windows\System32\ko-KR\quickassist.exe.mui.kon	konets.exe
File created	C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ScheduledTasks\MSFT_ScheduledTask_v1.0.cdxml.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CloudExperienceHostBroker.exe.kon	konets.exe
File created	C:\Windows\System32\es-ES\whoami.exe.mui.kon	konets.exe
File created	C:\Windows\System32\ja-jp\MusNotifyIcon.exe.mui.kon	konets.exe
File created	C:\Windows\System32\WindowsPowerShell\v1.0\Modules\NetNat\MSFT_NetNatSession.cdxml.kon	konets.exe
File created	C:\Windows\SysWOW64\de-DE\eudcedit.exe.mui.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DirectoryServices-ADAM-Snapins-Group-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-FCI-Client-Package~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoBasic-WOW64-Package~31bf3856ad364e35~amd64~uk-UA~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\ja-jp\README.txt.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-Virtio-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0110~31bf3856ad364e35~amd64~it-IT~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\System32\fr-FR\csrss.exe.mui.kon	konets.exe
File created	C:\Windows\System32\perfc009.dat.kon	konets.exe
File created	C:\Windows\System32\AppxProvisioning.xml.kon	konets.exe
File opened for modification	C:\Windows\System32\cs-CZ\README.txt	konets.exe
File created	C:\Windows\System32\PerceptionSimulation\it-IT\PerceptionSimulationService.exe.mui.kon	konets.exe
File created	C:\Windows\System32\PerceptionSimulation\en-US\README.txt	konets.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetAdapter\MSFT_NetAdapterBinding.cmdletDefinition.cdxml.kon	konets.exe
File created	C:\Windows\SysWOW64\winrm.cmd.kon	konets.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-black_targetsize-36.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ru-ru\ui-strings.js.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ko-kr\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-40_altform-unplated_contrast-black.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteNotebookSmallTile.scale-400.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\sendforsignature.svg.kon	konets.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OsfInstallerConfigOnLogon.xml.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\Timer10Sec.targetsize-16.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxCalendarLargeTile.scale-100.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\OutlookMailMediumTile.scale-400.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\ar-ae\ui-strings.js.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsAppList.targetsize-256.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\js\nls\nl-nl\README.txt	konets.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\bin\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteMediumTile.scale-400.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteNotebookMedTile.scale-200.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\EmptyShare.scale-125.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2019.19071.19011.0_neutral_~_8wekyb3d8bbwe\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\13.jpg.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\ScreenSketchStoreLogo.scale-125_contrast-white.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\AppxManifest.xml.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\hu-hu\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Images\Stickers\Thumbnails\Sticker_Icon_MouseNose.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-256_contrast-black.png.kon	konets.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\VisualElements\SmallLogo.png.DATA.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ro-ro\ui-strings.js.kon	konets.exe
File created	C:\Program Files\Microsoft Office\root\rsod\dcfmui.msi.16.en-us.tree.dat.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageStoreLogo.scale-125_contrast-black.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\ScreenSketchStoreLogo.scale-200_contrast-white.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\Assets\Images\SkypeAppList.scale-200.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\fr-ma\ui-strings.js.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\ReactAssets\assets\RNApp\app\uwp\images\sendingLight.gif.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\LargeTile.scale-125_contrast-black.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\OutlookMailLargeTile.scale-150.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\pl-pl\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-20.png.kon	konets.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\ResiliencyLinks\icudtl.dat.DATA.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Logos\Square44x44\PaintAppList.targetsize-24.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxMailBadge.scale-400.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\AppIcon.targetsize-36.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-36_contrast-white.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-16_altform-lightunplated.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-64_altform-unplated_contrast-white.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\plugin.js.kon	konets.exe
File created	C:\Program Files (x86)\Internet Explorer\de-DE\iexplore.exe.mui.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\Assets\contrast-white\PeopleAppList.targetsize-60_altform-lightunplated.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-40_contrast-black.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\WideLogo.scale-200_contrast-white.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\LTR\contrast-black\LargeTile.scale-125.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageBadgeLogo.scale-100_contrast-black.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Config\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsSplashScreen.scale-200.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.XboxSpeechToTextOverlay_1.17.29001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubWideTile.scale-200.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxA-Outlook.scale-200.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-40_altform-unplated_contrast-black.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\sv-se\README.txt	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-black\OneNoteAppList.targetsize-16_altform-unplated.png.kon	konets.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-72_contrast-white.png.kon	konets.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\lets-get-started.png.kon	konets.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Assets\Icons\contrast-white\AppListIcon.targetsize-64_altform-unplated.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..nagement-appvsystem_31bf3856ad364e35_10.0.19041.84_none_40bd4149a6d52edb\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-management-oobe_31bf3856ad364e35_10.0.19041.207_none_504b6becabbef9fe\autoPilot.js.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-sxs.resources_31bf3856ad364e35_10.0.19041.1_en-us_a7c23b7b252bca10\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-u..te-musnotifyiconexe_31bf3856ad364e35_10.0.19041.153_none_1721bd4ad34c0544\MusNotifyIcon.exe.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_systemresource-wind..-ui-accountscontrol_31bf3856ad364e35_10.0.19041.1_none_8805ef3af31f4b8c\Outlook.Theme-Dark_Scale-150.png.kon	konets.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-l..-lpksetup.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_e6d709a245b459a8\lipeula.rtf.kon	konets.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\es\SqlWorkflowInstanceStoreSchemaUpgrade.sql.kon	konets.exe
File created	C:\Windows\servicing\Packages\Package_7_for_KB4552925~31bf3856ad364e35~amd64~~10.0.1.3176.cat.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..-coreinkrecognition_31bf3856ad364e35_10.0.19041.746_none_cb918c7159c1f7d9\hwrlatinlm.dat.kon	konets.exe
File created	C:\Windows\WinSxS\FileMaps\$$_schemas_tsworkspace_8eac79c1e59127ee.cdf-ms.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-cipher.resources_31bf3856ad364e35_10.0.19041.1_en-us_5603efdd911955ed\cipher.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-font-fms_31bf3856ad364e35_10.0.19041.1_none_fdc3c32153adba41\fms_metadata.xml.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-waasmedic_31bf3856ad364e35_10.0.19041.1165_none_a82485b8f343811f\WaaSMedicAgent.exe.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_windows-gaming-xbox..e-service-component_31bf3856ad364e35_10.0.19041.264_none_31474dbf12ce5adc\f\README.txt	konets.exe
File created	C:\Windows\Microsoft.NET\Framework\v3.5\SQL\ja\SqlPersistenceProviderSchema.sql.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-lpksetup.resources_31bf3856ad364e35_10.0.19041.1_es-es_8bb05bb98f250445\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-printing-powershell_31bf3856ad364e35_10.0.19041.746_none_2a47504bd1d8220e\MSFT_PrinterProperty_v1.0.cdxml.kon	konets.exe
File created	C:\Windows\WinSxS\Manifests\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1023_sl-si_a5bc9f2cf9d4120e.manifest.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..oundation.resources_31bf3856ad364e35_10.0.19041.1_en-us_449a26ce5b47ea97\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-u..te-musnotifyiconexe_31bf3856ad364e35_10.0.19041.153_none_1721bd4ad34c0544\f\README.txt	konets.exe
File created	C:\Windows\WinSxS\msil_smsvchost_b03f5f7f11d50a3a_10.0.19200.110_none_30a09d63c4775424\README.txt	konets.exe
File created	C:\Windows\it-IT\bfsvc.exe.mui.kon	konets.exe
File created	C:\Windows\servicing\Packages\Microsoft-Windows-Client-Desktop-Required-Package0111~31bf3856ad364e35~amd64~fr-FR~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..r-manager.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_7c8c790cc08b4cd7\cmdiag.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..interface.resources_31bf3856ad364e35_10.0.19041.1_es-es_1c2c375a656f3826\cmdkey.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\Backup\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_pl-pl_1256afb9f5d1a29a_comctl32.dll.mui_0da4e682.kon	konets.exe
File created	C:\Windows\servicing\Packages\Microsoft-Windows-NetFx4-WCF-US-OC-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-e..ifiedwritefilter-ux_31bf3856ad364e35_10.0.19041.746_none_c7c6fccae233c8b7\ResetDriveSquare44x44Logo.scale-125.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.19041.1_uk-ua_a64ea9441dc59b4c\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..quickstart.appxmain_31bf3856ad364e35_10.0.19041.1_none_4a388618f6365227\NarratorUWPSquare44x44Logo.targetsize-24_altform-unplated_contrast-black.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..xecutable.resources_31bf3856ad364e35_10.0.19041.1_es-es_1ef7103703b406c8\unlodctr.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-rpc-ping.resources_31bf3856ad364e35_10.0.19041.1_it-it_efe9283178bb7499\rpcping.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_10.0.19041.153_none_9fd3a313935e2396\upnpcont.exe.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-userexperience-desktop_31bf3856ad364e35_10.0.19041.173_none_6486f23c2831aaf3\InputApp\InputApp\Assets\SquareLogo71x71.scale-100.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_10.0.19041.1_none_27faaee495997877\alert_sml.gif.kon	konets.exe
File created	C:\Windows\WinSxS\Backup\amd64_microsoft-windows-u..n-cmdline.resources_31bf3856ad364e35_10.0.19041.906_en-us_adc1f5c62c383715_dsregcmd.exe.mui_8ce2c638.kon	konets.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-quickassist.resources_31bf3856ad364e35_10.0.19041.1_sl-si_a9e171dae3e70b63\quickassist.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\wow64_multimedia-rrinstaller_31bf3856ad364e35_10.0.19041.746_none_fb3ba1752084c5cf\r\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.117_none_e0d32848ac56114e\tokens_enUS.xml.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..sbinaries.resources_31bf3856ad364e35_10.0.19041.1_en-us_1279c10c2d9636d4\401-4.htm.kon	konets.exe
File created	C:\Windows\WinSxS\FileMaps\$$_microsoft.net_assembly_gac_msil_system.web.mobile.resources_v4.0_4.0.0.0_fr_b03f5f7f11d50a3a_d2b34c93cad8753e.cdf-ms.kon	konets.exe
File created	C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-w..cationcompatibility_31bf3856ad364e35_10.0.19041.1266_none_a77a42d38149fd44.manifest.kon	konets.exe
File created	C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_10.0.19041.1_none_ebe59bdc3d4ddc3f\FlashPlayerCPLApp.cpl.kon	konets.exe
File created	C:\Windows\WinSxS\x86_microsoft-windows-s..-binaries.resources_31bf3856ad364e35_10.0.19041.1_lt-lt_25023869f0988122\lt-LT_BitLockerToGo.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_10.0.19041.1_none_6fa7e5bbaa15a17d\alert_lrg.gif.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ieframe_31bf3856ad364e35_11.0.19041.1288_none_1d22271c8cc35d4b\r\IESettingSync.exe.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-u..onwakesettingflyout_31bf3856ad364e35_10.0.19041.746_none_8a469514405342ff\README.txt	konets.exe
File created	C:\Windows\WinSxS\Catalogs\40d3a19b52a16985721a975db3140848d50409f0234adb968b3a9fbf681e5c46.cat.kon	konets.exe
File created	C:\Windows\WinSxS\Catalogs\ecfa7c1a527fe8f71d463c679a82ff0830a15736c207cd8e80e75748410920c1.cat.kon	konets.exe
File created	C:\Windows\WinSxS\FileMaps\program_files_windowspowershell_modules_pester_3.4.0_snippets_ad15ce9ce12ae9f6.cdf-ms.kon	konets.exe
File created	C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..shandlers.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_bd8b2d55dd6b693b.manifest.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-resolver.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_07cacb37014e066c\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-efs-rekeywiz.resources_31bf3856ad364e35_10.0.19041.1_de-de_c6549633eadd9804\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..quickstart.appxmain_31bf3856ad364e35_10.0.19041.1_none_4a388618f6365227\NarratorUWPSquare44x44Logo.scale-150_contrast-black.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-appx-deployment-server_31bf3856ad364e35_10.0.19041.1288_none_d616f4b76bd7b8a2\f\CustomInstallExec.exe.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..omplus-ui.resources_31bf3856ad364e35_10.0.19041.1_de-de_a5bb71b00731158b\README.txt	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-e..atibility.resources_31bf3856ad364e35_10.0.19041.1_de-de_931e87eb34e7ad03\DWWIN.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-f..istory-ui.resources_31bf3856ad364e35_10.0.19041.1_de-de_1507d1e6ba8d1774\FileHistory.exe.mui.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..oolsclient.appxmain_31bf3856ad364e35_10.0.19041.1_none_75cd350cc8b5dbcf\EventsCollapseAll.png.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..sslockapp.appxsetup_31bf3856ad364e35_10.0.19041.1023_none_7014825cdc7916b8\r\AppxManifest.xml.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.1266_none_777e4c5802d14c18\f\oobe-chrome-footer-vm.js.kon	konets.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..foldersui.resources_31bf3856ad364e35_10.0.19041.1_en-us_6ccfa3499bf76a9a\shrpubw.exe.mui.kon	konets.exe

C:\Users\Admin\AppData\Local\Temp\konets.exe
"C:\Users\Admin\AppData\Local\Temp\konets.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
PID:3928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.kon

Filesize
720B

MD5
dd7624bf3d95d81fd407b784b837ab44

SHA1
d7a24b31b56464b5921aeadf3164a7286bebf671

SHA256
a35acad5cd93fe91e9d21f356cb056183d7c13bb35835826c6caa4e3a9e9537b

SHA512
e1b5d57c501675d0e36b026cf3f0f958243b6cb9a4cf7703f04c3de8f7bf6f5c91b1982f7acb329de1aa0ee0d3d0ddc36c9248e02863ae4d071596fbf7aa71f8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.kon

Filesize
688B

MD5
2e16ea7e80e48208772b07f2cba5b45c

SHA1
fefb0bf90131fb54c1769311ac1cbb075daadea5

SHA256
9b505223fc7a928d58f15d5ba577676e4de360829cf924bb24e05f468dac24ca

SHA512
63bf68ff119382447ee6d3da8084561c6a8fd4c3471f135881ab2ddcb428b0649e47e416eaedcc044ce543ade8e85c6e300d193edbb9d19819b805486be76064

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.kon

Filesize
1KB

MD5
a9feb84bcb9271d7c324fc5703ef6e8c

SHA1
df414b3ee1c1822bc4fefaf9035b7c76b2f3c8c9

SHA256
a574103a34661dea04a8ff0b83179e990e851eea2f3cc73b787a8ad8dd6bc27a

SHA512
999c6f804b04248c689fe2b352ed211085962d2f24ccba172dee012ecb38df327583da75476260fc5f72bef26266c6436c045f2eeb4773f40a77c8ac502724ca

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.kon

Filesize
448B

MD5
fe6826ac5431819ce23ff7de6a89ef2c

SHA1
a9b8ae74ec467ae051e4ab65c6fedd7c757453f0

SHA256
bc31e70c15c6dcd887a5a1dc64b3c320d46694ab5829c8b4ae7aaaa8fcf6e0e8

SHA512
6ff7780033d88aafd8752f0d13145ae3cad41e86acf50fd00fccf7c5b679a5423523f482d3ad0a0d440cd74cbf72ab57b12bfb9317020c8ce1a24c927aa6ed2e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.kon

Filesize
624B

MD5
7019350ec48cfeab3f12e9f7c9242229

SHA1
0e5309bfb81519112bf4c8b68338fc32f7e3b9f1

SHA256
82401406b61ac93eafd6070772d5d97a36f3c24fd33dd5cef0911d12076c975d

SHA512
c409c7ac083c0c2c65750dbe8da653ca4f305feea3a4eb47b8fb0d8cda6d72ce602f84746a9e3083c7041a0744ae0eaf9e36273779e18e88861c46ae9b358fd5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.kon

Filesize
400B

MD5
5ce1511eeb9a9b2bf5e5b6866e0fb257

SHA1
761714059136b4e392df540c5502c7e9ca0f7572

SHA256
a574d8f92f9d5fd201325ae0a7dc49162ba240955cc5a7edf987575a900a0a0b

SHA512
b171502acb241e6357dd8dc355281c34ada9084f47dc08c7c12fd4593014a6321367cecb2f726c3013b23cc2edcd3d624157bdbffd90cb880228ac576ee841d2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.kon

Filesize
560B

MD5
d066398f5896e5d1db86bf46dea2d464

SHA1
e1cfa43171f2ab245914de786273c891ea5c0cf0

SHA256
a9adcd69f4370a0aab418b76fbcd1ec9b59c069a5d99c001f387c292d9300f00

SHA512
66084e7c3aaabc00a35fe6cbfc86a2229846faf7ef958b743b7c71135e81b61e87699abb1846cc05edb62575119bf2b87d33d4e3aa71da71af8e38c5f8c4c406

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.kon

Filesize
400B

MD5
04cfbf4dcae75384605a6b91dbfa6ea2

SHA1
760111c80d5742057fbfafc43193374874c5b20d

SHA256
b88a090e622d3c71bc31e90d8f3926419c72a68273361b7d7ee2f9db6390c563

SHA512
f5c0553da58f6107e8d639e016c2117f8ae65f940459322686d0a7b14d3b7fe72ebaa7328308bf3df602d69be6b6d64f0e98e96462a98e3828986ae3186ea25f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.kon

Filesize
560B

MD5
1df9c49f21e94ae8df2d7b63cf5c16be

SHA1
2ac5245ea11b37ffe5de889df6db73380705c7ac

SHA256
e94abefed84d9bce1f2b102a4490a88e107527ba520a751f9ab2d94e8f74ca09

SHA512
de14cd762dfbbd1c3101a7034fa7ca474a8c473261c061f60104b498d92f54436b6363a59cf3009fe565f382c5d760be628076656e47f6699726916f7ef236ba

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.kon

Filesize
400B

MD5
9917ecb5cfea78f85e85dd9007d2da9f

SHA1
4eaf15fd4cacaeb180479077953b91adda8dba56

SHA256
24c6424856ae5e7ebb7874be1298c8af71c086ee1481936f23cd472f5a990ade

SHA512
8c55462266fb6f4848caca37131d27340a94ae564341bac5206a8e758052fcd8d36c8aa5815ef41217c8326d41cbdb84d2004b09a734b660ec1e2ed2e8fe6e92

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.kon

Filesize
560B

MD5
1288d5746bcad63426e202797cd9650f

SHA1
82c2b3ae30156943b90f11b860eca69b34c25684

SHA256
2cdf158188011fa0ec642d72cc9e20aa10be3dd6814c30240c6a3e131676dcde

SHA512
418694ee3d2b564d548c67f676c2e9a8b0cf6e4c0611b8eb5218ae7cb841323b3b521c0217219a6ac3bd1b79b7a2b64aefab84fa68d7576ff4cd032a0d1615fa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.kon

Filesize
7KB

MD5
eddda034320d533b0020a60d499eb194

SHA1
bc119558b16654d3c8b0fb771414dfc8adee1436

SHA256
dc5e9a8f49272eb1dd2e89f45e7e58264d49a91056095d12dfb16d59a91f2baa

SHA512
6239bdb1a32ff716d82bcc2bb1f5639df23880a6f054813e14f48316a42ef7afd13d9d7feb44261de9e031276aa5de6cf0684b363f35ae671e950919d207469a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.kon

Filesize
7KB

MD5
31104ad5aab9645719c757c4f6fb01ca

SHA1
3275ac28dc0c12d1364cc1f96571a689858c2652

SHA256
f6fec146f2f1c5dcad4b869da57a578f8521ccac9012272b4c4a7657c7b80fc1

SHA512
1319395c2c5862b8170967d64b5b50ef7598b9e81771cc53b433437b2af0d9821d7cb12cf76168f7b692cf0df2af62aa8f6ae9a0a2d29764d61beec1c4cc3fea

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.kon

Filesize
15KB

MD5
77bd2abdba5f7a3f5bf390c5d4554b2e

SHA1
be4aff4de5577db595d2a5394e56c277cc4ce27f

SHA256
4e66f8308757ca6ba7d75631ef7d05ad4e2b451f75dda065b56ed28d336fc837

SHA512
b781a6414adda028cdeed482b5acee98a412d850a13951d8a969003ca8fa8bb65fab6c8c031f87e92cd5521528776212a32c131793b13bd75e58d3b7b6be49c1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.kon

Filesize
8KB

MD5
5391d8048bdcb8da1771a4337afdac39

SHA1
32ef7b56fb226335713b13bf04eb919a5fc42a2d

SHA256
2be9c3e1ff145aa7664da91870f210b627a0002bdf11c240dfe023d473476139

SHA512
5360dd9971184d597f9a0d5c65311bd32b8c2bbfb2f7fd25de33b194f6c8e8991feb3c65fe6ff676f145928f0a0d0ddac9623d530811c4597adb3a68a7ae65f8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.kon

Filesize
17KB

MD5
b9d2a6c820b66d5d95d3858034c5f6e0

SHA1
4d6bf8084fb4c0509c033768a4d43b4f8bbb576d

SHA256
356235e7f1ed347679d5f68d15a241cb92cf9b68129bff603d9eadceae9f7325

SHA512
3ebf3f50787b018b627d2081722fd5664c0971722a1f0a7523b313df1262858eedfec5a6d3b271e4ef25686eab9fc27a722c19a9cd6ea83595a399880fa3597a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.kon

Filesize
192B

MD5
3bf93c7218fc5da8ab915b8ee874d867

SHA1
6618831de1f792cce3a76bf927a796c1da711e99

SHA256
aa79d802de8c69ba12910eaecab29fdc3eb7086351ca99c5565fe980ac156928

SHA512
2b9ed9bb13c2b71137ece061f78acad46f77314ed0e11d0f878ca9e17bfc32edbc74ea0521241fab6cb5255585cb3783a7807a108c30b65334b8504dd49cb1b8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.kon

Filesize
704B

MD5
7eaeddf25fa95d44056cd3a6fc2b0bdd

SHA1
95264c70be1d74079a2826e9b5396e50d3cb135a

SHA256
5846141a8855bd1a33c2c8ee464e2eea4705052efe25a424334daedbfec390b2

SHA512
c16f12e2a073e50f2aad63f7856a6ba53ccd835290e59febc0fb8f43623eef481bbf55e1ff062c928e38493e9b5350cf5c12e8f56fc50a1af74a1efcf8b7badb

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.kon

Filesize
8KB

MD5
ab44a68be5303773793e5a7a9b158ea5

SHA1
99a79b3823c286735d42f3e2fd1a4c0dbc3a7384

SHA256
728311afdb98a5d3656cc86da82199f9ae7a97f3db83343aae60e7346772df37

SHA512
ed98e23aaa9a7d76ae70e291f0a01414c72c0237f7dbcc08689e37772a3674ae3a753d8597455a431b31d1dbbf497219188bb34e3fb1be1082cf37e8fa9d8398

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.kon

Filesize
19KB

MD5
6ca4e44cdff3e13a86be860d5ff9a267

SHA1
fb8231d3fec892e5c55649deddcda8150830cee1

SHA256
f268c1bd65e81aead57b73fa01d0d3f62cd71659aec4af7e063733280c1a5c18

SHA512
d0f63edd3a7c98721e4902d06f472517b81daeae5834b3c95825b306f43de02523817bd71318f62d724aad1a5f7367b0c81c0c274aee0f320c8511d54886c491

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.kon

Filesize
832B

MD5
1cded862bf59bcdf01c855c025e3d2bc

SHA1
7eecbca9b224d198118fe80f269da78cc5840beb

SHA256
eef210480ab6edef5ead899d1a1d823fa569f6a4d2c45aad9f93272f41df4df3

SHA512
98d4c0a542a333d95f556af631c9b21001ca8f7a63b42d00b59efdb0b037ac36db8f46c7f7146bb384c1caca269ea052244118da24f65e0f5929b7dd45ef0811

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.kon

Filesize
1KB

MD5
d0afd80dc8141f36dedca7ab4b223da0

SHA1
057c15d0e71055b07481d9f9a6835f8408d7f65d

SHA256
ea3d5d9f65fee754d5454bcae813fff6c03431a9ffb885e050c8af718d6b98ba

SHA512
72d38c766712115baa77554457d194e94d02df5c8c3aa510b7591b79ec7480a4f2981675d55b3e29c0404bde7a55c9e04db53266c07f766875f2df192d8456be

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.kon

Filesize
1KB

MD5
c383669afd551df55ea2b361ffe65e32

SHA1
d58985875ee05971af52e59730c2e7a090af1c5a

SHA256
c41bff5a9c51054764dfbfaf0a7c08410f4578492a0ee8617a0f26e53c3f20a7

SHA512
3acdec2d4ca7ccfc785ee7fd9b48e60d459a8e111c8fe418ea9cf7f645f5bb7775b3a49b3fb55a681fcd327f30cdf7ae4627e0f25c70c6d966667f440e40863c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.kon

Filesize
816B

MD5
adc759eed3a2e0775dba9f8ae3c7f2d5

SHA1
7bfe466de25f521e5dd21c4dd37cf0aca2c272ff

SHA256
90de6f036e89a10aa3b9ac6fea4cd72579b0e19db1a8a928c2a2cc741d725cb9

SHA512
e29b5a449ed43b9be28db7dcd69730d81e98c3c0ae3706d4cbe44713fc7858ceeb70e1f0033ed52668fed5c4ff019597707b1504c29eea09a11c30d8177e1b4c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.kon

Filesize
2KB

MD5
646b2d9d2fce65173661db08d38ac2ff

SHA1
0464c493ba8376c1216e6e38e369c2097abdc57a

SHA256
d2f6eac794e16271a57029b25819396143e310873d52e744952bf701c48306b1

SHA512
f3ae0aa2e4358a4a4cb0172f6fd68bbd152af3d58f73899b5128bf174cffbc7c3a8f135d1739084abc4807975468c99709f2e23bd425c8ee502fc1fb2e0de0c3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.kon

Filesize
2KB

MD5
25c072480ed1142c034e2fbfd525a62f

SHA1
96fe5e0bd68630f4ad658a53922c43d1072efb7a

SHA256
5c703eec69a5b2bbb67b3642ab31ebe02039fa166a5135e3e7ddfd7ee5c555c0

SHA512
ed35fa28cc43b4861ecaa9b2b650646e5063e0cacf7b5baf99c6b6a7e52dcdb212e5945417ac2924f89dc03f594e65334b56279fdd352ca7a7b65019d129a137

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.kon

Filesize
4KB

MD5
5399a84ae4c5bd67f9703b971b5b172f

SHA1
cad7738bb0feee5c69a1a7bca7323ad7b5924a4e

SHA256
fc0b40f41e42c1aabac6021e1e80f3084f63a5fd1ba497e8c8451077057c983b

SHA512
f8ac3b28c3af1837f827234f62b7927fc300fe107e9cb5a35c45515519ac41180bf2d2d3f0281979ea39044e0ca1e1093275232e0106d92f422a6f9ea7dcb59f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.kon

Filesize
304B

MD5
9c8b16f3df42a94f2b9f3ce6c52e8b5c

SHA1
d4ac9d2d85caed33f645bc403a01cda1cebb467e

SHA256
6f7b23c8e2265253233b23c1b003d934f7da68fd5ec188201d0766bf1232b13f

SHA512
f0008019937ba60306fa89ffc0b61147fc9b9f63023973ee12c96c0003648bf88e7f77df8b04800545a36f415887f229a29b12608ea84b08d810015312a9318b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.kon

Filesize
400B

MD5
5801b19de866c168b8bc38a91b958346

SHA1
5d8d33af1ae5923561885317c88b2ba8fc66de12

SHA256
3274c8225bb59ab5ed7545fbfe185fc8a394df090eb7e86386729cb10a0bdec8

SHA512
4596bf7cc48ccd701cb753b5bdbe6df52675c102dea6a8366b3890d06c059b94574caf950baf26722b6acc252eabc7e6f9da0bfc49433c2f23905bd362cd7f1b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.kon

Filesize
1008B

MD5
035c80b846d350def644871d364a433d

SHA1
db412a3e10c146b0fd7e80bf62f7e4f478e7649f

SHA256
a1b89e5cc5c59a0c9ffed5696730005322aac17e4a56c96bd27a7d3b8e5711d2

SHA512
b488645d6d2e6ef721ca500730d25c5cf8f619247d391e8272f3cfa03bf0bee909ee12ba96c56aa1ee749b26231d14cd56feeb8f19c5c41be8a53c2436876d4d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.kon

Filesize
1KB

MD5
75b396c5d2a036ccde6b857948bab625

SHA1
1d55c91a28919e64260eb4e2f63c568e87f7bbbf

SHA256
5f97b9705896078bc380c185f1c5367b8815a5d894d6b1c9e95ae81c34d741ad

SHA512
b83bea3e1bc54d2a92d8a78a15b369760284e8fb994badfe3db90ad40aae197690f8997ef02639f7f254083e25e6f067e048fb539648b8e3d63bcf53fb4c28b4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.kon

Filesize
2KB

MD5
e17fc68b1b507d6a00fea8a067da2ffc

SHA1
05e3038dd35db068a83d77c7df065ad214ecd782

SHA256
53b9735367209313780001fceb14179907bcc72f98c5cfda84510ceea5ca3fcd

SHA512
7ded9ae806b3821d2cddebf6c4481a5469ce66e9987c63246f3570addd5de186b060d0425fdd072be58b7a4b093f0f34a5bc419dc1c3326f1800f1350be3c7e6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.kon

Filesize
848B

MD5
d0abe399129b5c2dfece657fd9a14f8c

SHA1
aa067e6511409dd19fc9cd079d0a69ee03a4a105

SHA256
6d84183eb203eb423f7577eef71888f5bd34d70bb94c47f7a1fc56b513f14d0c

SHA512
039bd291c44eee7b8d84dece22987472a49f779dad0bf9dbf9cdfadea0908294f2bb580c087dc7e0060cd458150302c96e9716c4a43f5dad188f0ba641d8341c

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.kon

Filesize
32KB

MD5
cedad03270ac6212cc29274eaf80ad0e

SHA1
e8c9226fdcbb899d65e2c298b442f159ddd27cb3

SHA256
83dad65ce3260242a2ae30cec05ef2477ac4216dee772cfcfed29302d883ea3a

SHA512
6831280eca7c3af54ec80a6a0cda24540144545e81df974ab4e78bb98e747d8968eaf145945f77ab1e212bb9ae01c690632083ea408080a221c3d012c7e047cf

Download Submit
C:\Program Files\7-Zip\readme.txt

Filesize
962B

MD5
3deaf39e93c057e2b63762cfc2709c19

SHA1
fed15842e3a9af48bb1a70a83353e15319bbc2ab

SHA256
a242de598278604b7b45056022721b79bce70c426ab81970249253ccfee35e16

SHA512
885a2c4cbafa7f0d79c01b89e26e5e31d473ce97830abb3fc325712d38e0c30a8771aba3080aa7991c0608ea419904dd84d289384adb0697907d6a7bd536f523

Download Submit
C:\Program Files\Java\jre-1.8\lib\images\cursors\invalid32x32.gif.kon

Filesize
160B

MD5
e6b6ecaeaf0d9e545aa26d4848620e45

SHA1
8e84a2b47fad193beba76c08b0c2d43ffe7c3b46

SHA256
29f3d2183718c99fce83be20aafbfba7c08114bb57fc1e9ab32cda8a1e204ba5

SHA512
c72d8d1d85c834bc72087247a4db684cb1eecc85623c9b72af7c77038561a4231ca222989a143ba8a351ea6c784a3529e524fc8dd9cdbbccf641171a2a2adc11

Download Submit
C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-006E-0409-1000-0000000FF1CE}\misc.exe.kon

Filesize
1014KB

MD5
bebf79a75c7992640481aff000524382

SHA1
17c7beba195605217195307c1080626c77dfd6fe

SHA256
8474bb9de5361c09343ef0e1c9fb5ad48f7a1fdb8524ffd0881ad004b65a3b52

SHA512
e70033acae47d1e355a06e2e1298d55fd98de6f92513ffccd9c13e3aa7d4fe9668ccd817eb3c33ec37a38f59b49f0d7c16ef1a4fc5f921e0d2ff33a066f09ab3

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\README.txt.kon

Filesize
976B

MD5
c57a8b2139a23b3597ad5d7b022059fd

SHA1
7f4530789718ce76c43d82b3950dfc4deb6f1f8d

SHA256
cca2b0e599eea4d885ef176ed5be6d11f32421c820a3cc061264e40dc779b831

SHA512
df337c55656d08d86ca0672267c5500aff2e627a5087fd84b84f6df882e85cce063648fc75b53dd3e2c56eb810a0b11ae45e15af3ab7201d2ff26871e312324c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.AccountsControl_cw5n1h2txyewy\Settings\settings.dat.kon

Filesize
8KB

MD5
9613e11d4c2cd4812813664657a7ceef

SHA1
5fffe0ecc0475c86d185e65b0dbf53eba807693d

SHA256
7633bea68c8210a3b8410961dc85d82006ca176641b4bb39293d21ed59c8f709

SHA512
18371eb2b1cf1f2a227f601486d926c7bd5eb5c680d1557e406262efe49cffc940e271e206854f5483d009dfe4d621215591fd1bc6174ed86743d10be8bf1c91

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{f94138d4-4cd4-4221-818a-f0c33d41c660}\0.1.filtertrie.intermediate.txt.kon

Filesize
16B

MD5
6969ff89721f442409ea5eb713880e69

SHA1
22af205eb977d7c2b5ef4f8a799730efe5c4361d

SHA256
4f4d5acdd1999dabb68a209809166b3328724a435e8493256fd05682774ae50b

SHA512
bd08372821ee637e02049ddfea70f748f8b21bde656f17ef79ff522059a26f24b50bed6247cebc2d630245db5f0b196043311b96b201f16ebd20486418caa806

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{f94138d4-4cd4-4221-818a-f0c33d41c660}\0.2.filtertrie.intermediate.txt.kon

Filesize
16B

MD5
ef2f19658eb16bf9644fb6acf04a98b1

SHA1
4ea32575cde70d7354bb80c06432720356527e12

SHA256
0ad6c3a78a8cca5c71c390b0963be595dd2cdfa61cd6f7a23a72e2004bc8fdd2

SHA512
b14d93b8675c702dc6513325c549a057d8bf96fa3444703f05ce1ee5d55406edd44478ffde2294531d013cda30ae39ebab4e27f0f5e5054f2fe503b0a77f3a1e

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670754066107026.txt.kon

Filesize
77KB

MD5
64e35b24b3ddd999277241736dd89417

SHA1
6a94776a9fc49672d6729a0483518af226da7764

SHA256
6f2270ec0921834d8ee992304785d8ec4d146b257df4747de7d4467139553ca9

SHA512
98e4297648c85f15fddf54257b20bc7feb95e7c1818624c43cdeacb38ba1b161f4cf66184c6210ea234a482655bf4cc7f378321d501bc9aed5b6c1962386c1c3

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670762621537007.txt.kon

Filesize
65KB

MD5
55ec29d37ac175c6997dba322bfa6957

SHA1
2fc69691e93d206dcfc2eb5032fe3e6b22061172

SHA256
2a8d2319a9971c5b9377285e103ab032f555efdca7509c1519962f6c67074723

SHA512
30993cd68e52c1f6db28c6fda1dcf6d81fcbd8ccf254e8d8115ab489d90eec235294fb890d845ae989e126ae0c989cde65d477fb02149030e254648e88835592

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yaq795em.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.sqlite-shm.kon

Filesize
32KB

MD5
cb94a242a48e98397fb6b119ee5a6ac3

SHA1
92917119f9f29cb8a6b026cfcc5934fdef5c882b

SHA256
63b03443ed828d83295e6bbc88be1576c9c6827a147364400da0520803b46ab1

SHA512
18f64c2ef1c92ea365cb437daa25dbda2fe3ea55b10fc8cc29e82807045b104b980f46b3251d539a8963444138d0400da54badd796539259bbed2abb719256f1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yaq795em.default-release\storage\permanent\chrome\idb\3561288849sdhlie.sqlite.kon

Filesize
48KB

MD5
7cf95122e86181d1cade250194326d69

SHA1
fd69991829f4097a7b40477c4350b3ac9c787fb0

SHA256
d7c56ac42e97dfb519d441f9b5d8a34ce7c7a5b87b3c373c0c9dd77e75abe034

SHA512
f1ca458d35291ca5ea9f517a5f4df7c6651051302912c0de6afe4471080c76c363c6ac5941924ec6ca6fad377fe7af15f89e8fdbba0fad04d435444f1d45850b

Download Submit
C:\Windows\Cursors\aero_helpsel_xl.cur.kon

Filesize
133KB

MD5
13cb587b85c51d1b9ecebc2273fd8370

SHA1
c69e324a0caaf6cfc75d73c07ce14cbc3a5d947f

SHA256
d9ce8635f211e0288ae39546ff351f6290ae50beca42f724cb3af5395dffa8a7

SHA512
c9a8e05058aceceee3ec3925ee9e0f7ea8352a3b5a1bbdf8f30d43b5fe2955c3646286bf4d8ccde4226bfbda12bfa9ecd6d53dff706010590002208af1f3d870

Download Submit
C:\Windows\INF\.NET CLR Data\0411\_DataPerfCounters_d.ini.kon

Filesize
48B

MD5
ffe0b9d02017207f29a4a3547e974d67

SHA1
a55ca86596a97d8dc9c24a23f99206dbbe932d96

SHA256
cf6b82b80a491b2e8045e16d602c148d702018626f448e6f8abff33d3eb04e7b

SHA512
1833dcf7788bdbc85482b8498aa9adeac7234c3621c8a84fb429d9a92c4530528779fbaa9ad51ae4a6219f0243138b87d74ccf9cb6a749391c4f581508539b9a

Download Submit
C:\Windows\INF\.NET CLR Networking 4.0.0.0\0411\_Networkingperfcounters_d.ini.kon

Filesize
48B

MD5
82f6585e7b99f47ef2f78a26e570b723

SHA1
f78dcf3db75f2727c1f5f02accd52501dd448acc

SHA256
6b1b96b6584c6f831e33c5324847bc6cd6adddb9aad8b6cd3c0b83f4dc08128d

SHA512
51113ef11fc9204f718ff67e86f552b34b03189034970ff5d410628ba4855640a0783ac9ec358b75781700577479f99d288097aadb703d103d15a3ce1b61a7ca

Download Submit
C:\Windows\INF\.NET CLR Networking\0411\_Networkingperfcounters_v2_d.ini.kon

Filesize
48B

MD5
0c30ab7e0e73bb1c3e98af8d9d264946

SHA1
b8c4fbcce145135f3350519620e823baa1973caa

SHA256
3e3c43303d39187e211a88f6c2370fc5361e4759b22dedff1febb6fe7eea8e5e

SHA512
309239db4c304bc2b63e3e0f6445f4682b89a027f8846efffdc519813834d0a82125bdfc267470ac677a923c499f1e9aa61a843fa1469839e9a12f27f5b92a39

Download Submit
C:\Windows\INF\.NET Data Provider for Oracle\0411\_DataOracleClientPerfCounters_shared12_neutral_d.ini.kon

Filesize
80B

MD5
3e06bf6f4c454f2625c3f8050010b5b1

SHA1
f7831e140b2506427daec480cb78998e0e3aa658

SHA256
a89cc3a165b4e3a2d627c52b0c4d97fcf25540ce39cea569c46b6ce52c2f9f68

SHA512
38c596da1b37e5dd1551e1addd594ad29903b7be5d89e6d5a12cca33db7b831088e9275385fac59d435a205d4d01ede40da265ae709fc389b8187c238e6c4fa1

Download Submit
C:\Windows\INF\.NET Data Provider for SqlServer\0411\_dataperfcounters_shared12_neutral_d.ini.kon

Filesize
64B

MD5
b9976e875e8a3ea74bd4b4e9177bb5f8

SHA1
7305902b6c00a1df13d8f8ce38d8d09b679b1fe0

SHA256
f1b31acd3f2f3570a5f51248ae1d2a534235ca94a66cec4a8a56aab51b86a90d

SHA512
023cb477d0a1b1749007a4e3789a0ad9bf54e83d20dd4e8c593880888c873775ec94d892638d9ba24e9fe9bd758a93915c6aa2355befc6c1e877b5bcf63e388d

Download Submit
C:\Windows\INF\.NET Memory Cache 4.0\0411\netmemorycache_d.ini.kon

Filesize
48B

MD5
405feb8dec89d00186656e4bc024a642

SHA1
e66b89c03b578941eeb05f891504c28ad296bc44

SHA256
956a6cab9c0fd7334e8194c03a7ce10cc5402f8157b8ad125be46a80ce818645

SHA512
17c508a858c1b0a6b291d466a7f6252d57a4f7effdb17e00786daff830ea1b4328eeb0432e3ba8e32299bca9794ef9e7e17119c6aef9e9edaa323416a4129708

Download Submit
C:\Windows\INF\.NETFramework\0411\corperfmonsymbols_d.ini.kon

Filesize
48B

MD5
0779fe9cc24677b3bab7aff9ee3e63a0

SHA1
a193902da343840ac67d3368ab416fae7fd3e8c0

SHA256
91a196a7b1e12777d0e954f7ba184fe44007f52d50cc0020b980f53a92c57041

SHA512
49b2297e08a86284801d5ed01603fd78cd8bcca62a55e79b69d1c6082a89bfddcdb60dc63faa7acac2d2ce20ddb44e613697302812c61cf5682bdf8089059854

Download Submit
C:\Windows\INF\MSDTC Bridge 3.0.0.0\0411\_TransactionBridgePerfCounters_D.ini.kon

Filesize
64B

MD5
c3f1d710f59bded9ed1f531d4dfa2135

SHA1
fd84db3fe47a66a764b51c14b1c0fd6399b32397

SHA256
8e2f50ab4a32346d6f8131f416f881746dbf518cbb1228174a0f10ef59e81ff2

SHA512
c835cc2c9914b303c42a271777e79b53f18f45abd86ccaae335747e84b3d63d7236cecab4c32a22f35969f18c49206d380a6e55986cab656fe9a0b5695c98b36

Download Submit
C:\Windows\INF\MSDTC Bridge 4.0.0.0\0411\_TransactionBridgePerfCounters_d.ini.kon

Filesize
48B

MD5
7c61fdaf00c41c404451c18b3d3d8f0e

SHA1
a28fe020b2cde3f64400ebec9b09308ba53e95e4

SHA256
64ca8076d53085ab8dbc05be465000fa525543b47563e24d7e5450e3292fccad

SHA512
747cbd9b7a2282aef7b84decf61595166791e33ae79ac5a2b8578b0810ab9946bb9df609d85df391894fb0ddcded7366f3e45fdacc175ccb6235d23988be3487

Download Submit
C:\Windows\INF\PERFLIB\0411\perfc.dat.kon

Filesize
32KB

MD5
f4c91cebfd9ff79cbc27c851073b500f

SHA1
003684652df712b4a338c6025b3fc4f6570975a7

SHA256
d53c045f5927c4c9aeb64fa79ca405e5732687c0a4e24b42f6411359ef564305

SHA512
27162029f72b6df5db12a850973f69f9f5d591816274f486cd57887adaa18ec9b90442140aa0867740bea6b4b0441f237add771505bb608a5376687a91f9027b

Download Submit
C:\Windows\INF\SMSvcHost 3.0.0.0\0410\_SMSvcHostPerfCounters_D.ini.kon

Filesize
48B

MD5
64a6667563ac0280d1e3cdd7a68cc2b9

SHA1
a4edeacadc5e02da4460915f2ccd24319a6cedfb

SHA256
5d7fe89ee27df5548e26796f74071bd2056038d9e67eeec9dd93c8611f5a5be4

SHA512
d0245b5858a577f2f2c955ed3837fde58b64c89268ea6393fbaba931663feca3051f3c290065af8c9037588051815555127ff9b8c25f6350b49579e47cf755ba

Download Submit
C:\Windows\INF\SMSvcHost 4.0.0.0\0411\_SMSvcHostPerfCounters_d.ini.kon

Filesize
48B

MD5
51354fd838326aa3e445137322026ddd

SHA1
5f0f6a95072523baf56fbcfbdfb077147f9a77b2

SHA256
c4aaef43ed9852d860b17983846c1c91bb444b3c4e70c0c6e87f9121ad8a7575

SHA512
4046b5a2fd139a2bbeed0b92f2b40c605e9fc09a5ad438f2d7fb5efeafe64ef49c9b571efdd4a547911863c9cc0e17094c68294f2e77a6340f6c884c5fc19ac7

Download Submit
C:\Windows\INF\ServiceModelEndpoint 3.0.0.0\0410\_ServiceModelEndpointPerfCounters_D.ini.kon

Filesize
64B

MD5
a86b0f3dff902fe3821e86912777446f

SHA1
1f9b8911fe4c6e960f5caf3c3d09fe2c3d25aee4

SHA256
19ad5dfa02543b476d8795a9d213ad6ff855f29934975c04998ea0a7f48ead76

SHA512
d92f84beaa20d180907ff5b8c4099cc197bd92f2978f4be9598a9fa24bb7f285cc20b5cef9e39f203a8de1e004b19443ee2f3b1efae7888d8b54914ea678567e

Download Submit
C:\Windows\INF\ServiceModelOperation 3.0.0.0\0410\_ServiceModelOperationPerfCounters_D.ini.kon

Filesize
64B

MD5
34721f7c374ae89b2a1b8b4a0ad4666f

SHA1
3fbc9030d3daf3082e6824762a8028fd5fa3377e

SHA256
f06b95f5a884657b9ed2f956f22056680daff062a6f84bced3271235992095a7

SHA512
b88832b67693426bb54193fc5154728d6c9ee667833f02b24c6d59be2d5540b56bb33376b103a6f0c38ed061ea2b6f5484745468c123d63334186b717cffbcdb

Download Submit
C:\Windows\INF\ServiceModelService 3.0.0.0\0410\_ServiceModelServicePerfCounters_D.ini.kon

Filesize
64B

MD5
e4c68ca5c6d02f3582ed9de9dc7de4f2

SHA1
dae92151ed1eb0cb72f1483927c79905e35433b6

SHA256
ca92efcf59a7f8e2496f6a2716b081107037e590bb9047c85595977e265bc27b

SHA512
b22585de0908a20e03f2929ce713336138e46615dc48089cf897be8110415f46c61e3097e9ca333d151c77a893e4a98f58e323e794a5950ac13aeabb778e3fa6

Download Submit
C:\Windows\INF\Windows Workflow Foundation 3.0.0.0\0410\PerfCounters_D.ini.kon

Filesize
32B

MD5
330d7447ff975680ffe31188c90d4586

SHA1
a9cb3a68e4aeb3052733327245794b05a69252ef

SHA256
7a0b5f5e696e946299a0059b9e26ab84b789e3470ad0c8210a9f53553cbc7d95

SHA512
2c8030dd7b092eff4d8792d454341dffac380567340f026b8b9807189dfcd65b4702e0960816472e7598b164d556652050249091519d797ab66403ba956cdc1a

Download Submit
C:\Windows\ImmersiveControlPanel\images\TileSmall.scale-100.png.kon

Filesize
992B

MD5
54c9eef8720da5431e80d0a6a720c58a

SHA1
1b6fb4ac7a083a225b86136c12531ffb3141c49e

SHA256
80bebc77eb523029c9aa74a198b9d9a6ef3ac3829e585c5e07036e6715510f29

SHA512
f1b6250a3b478769320083e9945de3e1058699eae2454552856e88d198eee4776e8dcdf9048f094f5792c31bc4a4dc54a71d938c38cdd130a7d12d83562081af

Download Submit
C:\Windows\ImmersiveControlPanel\images\TinyTile.scale-100.png.kon

Filesize
576B

MD5
b70fa6cef6b9385de65883a7401b6ca3

SHA1
2e2d67cce56157a94abe6206ff88f8b4b6d4dcc2

SHA256
bb570999e79a621668e32e1e8d9fb0465d7823d69ca094ae3652130f982f839b

SHA512
048208a729dbedbc9908cea7693005d61756ed8f05190a45cb15f9cedcf3250f333ede85279abbe1b877e449b7cf9b6f0e7a08d3b1f70e55dbac2906bfe6bd04

Download Submit
C:\Windows\ImmersiveControlPanel\images\logo.scale-100.png.kon

Filesize
368B

MD5
7030b3d9f51edf16375ae173dc319a68

SHA1
800f82629739e05196f901540af5240c0eb3ca61

SHA256
702e6568396a4cdcf836bfb63cce75724824a59451ae8fff14d46721e97ac729

SHA512
bf8220dac3ab2342c70f3aef134ff086f1e7816e2c3436a68752e64c0ffd0f65566d8bbd2c6dac62e5cee6a1d230f868eb463923f63a3ec8ad1e0ffc8a73e1bf

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_sml.gif.kon

Filesize
64B

MD5
a140627769e8a4215fcd975e1bb15100

SHA1
d06690b7e5e343c83e1aa9de0598de144fda2197

SHA256
172047843c0025da959455a7737cf520b8168ff274e2f97110420594c76bf3c8

SHA512
b7bf44732eedad01421d69d4a6636f2c3858cc06013c4dbf4018c36624c34ba12f5ebae72fbd32aa8a46977a101a1f5798fffb9d7a77545c130b4d863d0d9c15

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\selectedTab_leftCorner.gif.kon

Filesize
80B

MD5
2827604eaaed9e947399290fb927ab63

SHA1
327eaa80cae28f286f6604582f7311b2ee34712d

SHA256
c033744ca26cea51f7929e0e8dbaf3a01332bff48b0d665d1ec6bae0db198797

SHA512
eea237cabcd73ab3dbe5202f3bcc99fa2a721d04f142907db9fce77c6058d06a0bfde507e879e5a37d16b25dad055ce27f1f9bfabba651b123009374a222621c

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\selectedTab_rightCorner.gif.kon

Filesize
80B

MD5
c2f1d67e1a40a92c63a003f730e73464

SHA1
8a5f620f78dda718b2b342f5946342d9e7428323

SHA256
c2c80f471ba5f608297b855a03aa06ae1e8a3010ecf73e96164d554c6ba2858c

SHA512
3ff6d0fd8eed7edd5bf4fdeba08eb58c3f88f066d2144c5bebf4859c4267b8aeae5fba40855d54c0cb852da7a549d34030923bbe92bc7ab3bcb7e7a39be79da5

Download Submit
C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess32.exe.config.kon

Filesize
160B

MD5
faa0c1dd7babdd40bd6cac60c66d8efc

SHA1
71ee7929bc121ab92c4662dd385471ba47732e45

SHA256
f2ab457227e9e55050a4ccec0983fb4b7c5a1c5b10839077764956d03c7df2ad

SHA512
8fa4549d761359918255938a2a278f27d94a90da945b330a9c61011375b51cb5858dc71efa8d3b212cabe4087dfe05663302f401fc2047bc233f1d6c49ac0ded

Download Submit
C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe.config.kon

Filesize
160B

MD5
524ecf27ab20be0910eed4cc671ba3fb

SHA1
6f077c4f4bfd808d4b4140b7a43bc0a7d55274b8

SHA256
66adde259f38edfbc1883db08502163ece4e31eaa27488353e5f8b5fc4ca1837

SHA512
60c3958873337b1dee98d7edbf55de810c9ba0eb44990dc6c1b006e082932ad74e3e409876273976381e8ed3ed8d024bbb8ee1d2b654ed1f5b990fc42b4a4f65

Download Submit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe.config.kon

Filesize
176B

MD5
3921e56a1efeb3684e1943783b7c4fa2

SHA1
5bcab2db75ff5c4df4c9f237db2a155605ea4cc4

SHA256
745372d91de81b2e6a77767b1c7393b7d511365c9c1cb914ddf5c44d54f4d55c

SHA512
d4e45b4c7598501d3ca59ba960394263c6da9c18e3a496fa443b5b8f757f1ca9e6cd8ca139afade45f76f6a6b4e94a93c58b5e6ddb38df2bd2e8a410f0fe5e71

Download Submit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\legacy.web_lowtrust.config.kon

Filesize
8KB

MD5
0da6a390ff4b7e6a1ac2a7042ce3b0bd

SHA1
3277ce89de4450bcf4c2745519b5b1f6554bcd3e

SHA256
f8119f5fe495a0c2e49e4487b4e7eea323028a36d08b80b09ad0779ceed413ab

SHA512
24d1a8723f49ff3341e19e5eafc23233adfe61605e20b95bed9336f6266e8d0cac4561124afd4f0621c4341234b3b0d789127330de68cbea40befb87b45f5b96

Download Submit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\legacy.web_minimaltrust.config.kon

Filesize
6KB

MD5
c9703ab7fcfdd469078292aa3d4fe49b

SHA1
9b13dfde08acd91ae451b133e9610556895cc1de

SHA256
be13e37014fe94c56096cf4890fb10db58fb02ac30340af270574734cacccf3d

SHA512
f441c3806a955c7b1c9b4f458f371b3ab7ae4c639eada90059a8f6775384e6d4e050a55bc7cd3aeb436d069dda5afad2bc75ddc9c1b64e331505f1b2f63432b0

Download Submit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe.config.kon

Filesize
192B

MD5
0a57d231c6e0fb04cc5ad610683357a1

SHA1
1d2b735b4db40fe9671122c17520f461e4b18ca9

SHA256
0b9ffeafd736ddb793603bd9dd57fb3dee0181833469f24558c2eb5b0c45b9d7

SHA512
d5acfef33f018a25a2730d1ef52d6383419d840c9cbd943d254a91e2f10c4d914034515c284dbad462d2713083dc5ce3a7583232092f18ea98c4ae73ba4b28b8

Download Submit
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\applaunch.exe.config.kon

Filesize
288B

MD5
d98c1904d8ded6e9b9d7f02f32a5d867

SHA1
1fa8dd8b8e4934d720fba12022f0db8f4e5aa115

SHA256
b8883c2aaa7de01245859c4af906eb96ea39c1409cd796a4d1d39a34164e490e

SHA512
a4f4858343a485352b19f0b99d72789ce95c4f7f7175f64c62c156fcfc44f618ea42afcbbcf573af54b4acdd9894541339d09812dc557a8803aa903db90c6de1

Download Submit
C:\Windows\Microsoft.NET\Framework\3082\admin.chm.kon

Filesize
48KB

MD5
1ce8178d276d41df65c4d57d1fead5a4

SHA1
ce2d9c09b6218c9d1cf0ae7bb31b107930d6e3f1

SHA256
2b212259119e7dad00837bf5b4b49b697752a89f124957dae0d228d34cabed0f

SHA512
6dbd1586201759afdf7810cad82c0587606a49e141835d7d7a235874ba6674c1a22fd163997cf45b4b2a4cb991dbc8762926247f4624644b9966f286e3119153

Download Submit
C:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config.kon

Filesize
192B

MD5
cbaa449ec0ab2bf9208e1badf422d7c5

SHA1
3a931e76d5f0b98cc1e1c470935f9d4861d5a9d0

SHA256
285064b39ea523ecde343cdf31aaf0460f8a74ce3552fe74c366c04606e4a61a

SHA512
de0c7498b56cdf1dea9782d9c4f2b54e9cc28e5530ada14c609586afff9fc39dc6836e53f5be93327b6d1bb237362f84e5fd5842141c2443693cbb2183e09d61

Download Submit
C:\Windows\Microsoft.NET\Framework\v3.5\SQL\it\DropSqlPersistenceProviderLogic.sql.kon

Filesize
2KB

MD5
5cecc408adfffa541e6604dea0971176

SHA1
d5de47f075d9290c67e1766bd96a45d60ac26fb3

SHA256
6f4801fbe24ffe2b6655f627a0b4b967131758e61ba4d3a43dfd17b1590cba1c

SHA512
5a80ba060838c64c7515d2d0bf2b7f716cf446c32a952ae3c4060686edf7bfc77d0db15c7647a042b284f58432e29378aa7583307a8c538985a9474fc601ac2c

Download Submit
C:\Windows\Microsoft.NET\Framework\v3.5\SQL\it\SqlPersistenceProviderLogic.sql.kon

Filesize
13KB

MD5
ac686141cdb622c21092f02d0e1ef0ea

SHA1
d35a70567d759fb05b0a9a1d49b601f7fdffa2ae

SHA256
08e56f12ab8e0d4ea73561c7661ab721419494ad4beadc8d6d3f3813f9eca62d

SHA512
670a1efd542670df424521b3bd8e660125a996c7bc2cae8fb316c1532a1e19fb19f46d74e8f15f3cc550228b52c69039adaf2627c4250790f97a1ef2946c2cda

Download Submit
C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe.config.kon

Filesize
224B

MD5
07d20e71303a1926ebc23e5a30175123

SHA1
0d56090430a57614ccd240ac84fc48cb49ca146c

SHA256
66a8414583245d08629c97a61ad67e5db3a36a7c34fe35b030507caedea27ab3

SHA512
489bc3cd7313114888b2a05310164be108484ea93199922c44b1d88e1b29673ed9242cb0fe11d300c45bf98850fa20ba16d124508f73166902db177dc20d635f

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\fr\DropSqlPersistenceProviderSchema.sql.kon

Filesize
1KB

MD5
4ea847ef041697a9f9cfc974cb7fc8c3

SHA1
d2875551e3824480fd67acde3d406ac7d9cc69e3

SHA256
e66c2483ab1d8ea52fd4aaf508f3a0ba76d43bea16cbab67b94d7eb92727a39b

SHA512
59ca00037fd7056f31ae4204bb3be4c8b205151a0ba31de5a702274b50e0e71d382a455ed6deaf98c23dce1bbc11841b5fd106b84264dbae855cedd1eb097b7d

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\DropSqlPersistenceProviderLogic.sql.kon

Filesize
1KB

MD5
bfa4565272b2d483994764a946e54187

SHA1
065f8bbcfde59012d72978dc6943e411438081e1

SHA256
5e20ad7a3fb5c5f716de54d72ea02fcee2169c5da75b4c3b979bb6caee6d3d7c

SHA512
4dbc9387ff8393deab8d7195caf751510ca8a2d0fb599bde80c97f9ad7ee5fbda0c5f5b7b99cc67cb07778b85b35208f19b3bb2c35e575c9329a4c9ca0ca55f0

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\DropSqlWorkflowInstanceStoreLogic.sql.kon

Filesize
5KB

MD5
8f91f760afe364cd6771ccab7c344305

SHA1
3ce6d8de0247b3682b36bb1da293b2c6d99db7c3

SHA256
f3a6b3dc72ab96f95d637f16f163628e244de164628b510ee07a851942488165

SHA512
f05c1d375f13fa3a916b0671c3d6c966bba4a6bebd6b5a7334410d8b5d1bda66b478e91c0521c458a31ccb1a0d85afd120641389c4b1fbb9883cccc50cc848bc

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\DropSqlWorkflowInstanceStoreSchema.sql.kon

Filesize
3KB

MD5
fb1c21c0840b874da9aa0b1c6acfa8b2

SHA1
28e1b930ff5fb4d820f8cbf555a7802235b4ea82

SHA256
e3e33b0f04bce8120c9a3b29572cd9759c041a38752344d9e8cc4f5e4af101cc

SHA512
9cce249c26c734aca4a96bf4eb0f7acf8985b069e096eb7d0ebe16b4838c88fb0842491db43729795016dacffa175d1e0d8b79badabda258c3159744c09ee5d2

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\SqlPersistenceProviderLogic.sql.kon

Filesize
6KB

MD5
31b4bbd516f7346007ed4ef9ce00a6da

SHA1
452ae924ddcbe32bd99f07bb22c49e311097de22

SHA256
67038d03e687d99bcf5bce12ff343d64f2b03964cdcf08b23c365be3223d2cc5

SHA512
9f5e7d0a7565f4d913d818bb79249f99e2db98f00d8ab0254433a0f993444bd2826001acd74d9da69564efe0f1f3e78b2e012ab6f353f00005d03557d045fcde

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\SqlWorkflowInstanceStoreLogic.sql.kon

Filesize
62KB

MD5
6297ab22f44c7c5b34fbcb88a56405b7

SHA1
436a53053b3e559cf058f7217af50e5e14b1cad6

SHA256
c9cc37f71a3d1c9d28abc54f595ac39d9672112a77758804c429e9a98cfc9a66

SHA512
0e1069ba0f98049ba16c87e009103259e4023c767f9a874e988d5be819ed255dd4a0aa384ba304d36b1895abe8d500bc916e79a9e96c9cc62cccc34dae7dd6c6

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\SqlWorkflowInstanceStoreSchema.sql.kon

Filesize
28KB

MD5
238235b427b55f1eda659d925ad449a9

SHA1
bea183d5630c2184c38bb01e11ad13ad7807e9d7

SHA256
50fbc6fa8c4a6d3c4174a34e73375c7c6206d2fe147f9ccce7871e054544086b

SHA512
f6eb3040326e6e4f558971663dcf4503a22b61402d8dda6d92aa2214d31599e9ae8759cd6f6b9f61eb1bd12144d8b41c0d6ebc6a9bb72c45502d901e9e91099f

Download Submit
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SQL\it\SqlWorkflowInstanceStoreSchemaUpgrade.sql.kon

Filesize
88KB

MD5
4f6f5d7916e314024e25d3ab0c963f24

SHA1
60fc32449fb6ab56d71db7a877804ede47eac920

SHA256
0273893d1808ad168b53138431b970bd793e432a10eb1f4296037de130253ff3

SHA512
e011195a133688ae1686a8af23584336701317568529e82fd9658afe2a3d28f6dbaa52bdf3ea9f000b10bc514784789ff7cecc43ed079b3dc32dfe6f311538c0

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini.kon

Filesize
176B

MD5
cbb7a880b2b496879efcfa74629d4ff7

SHA1
4eb649d3596be9278b903a9de3e9651e1139c193

SHA256
fda07075511a2b0568585fb01efaec94de7d126e7df792f66288ac7671f80175

SHA512
74270d7b28b1afe90c4c0ac16d4e9f65e536d65a00eb16ad4d9da3025f60059537bc5868a8b2c1d68cecf616f032a33df3fc9472374d93fc6752a850a90e0152

Download Submit
C:\Windows\SysWOW64\Licenses\neutral\OEM\Professional\de-license.rtf.kon

Filesize
113KB

MD5
98613d8488770de504a3e41ffbd63da0

SHA1
97b37242f97cd7d6f77d7480f8f0f4be683e159d

SHA256
a6f4317aa2410e3f35953077b21cb38e1a9aa86d4a6963985448a5523abb557c

SHA512
f0f15e83e7eb57bb5d6ad3aeb3fccfeb2af30e0e9832cdc38e7dfb320c507a2408162eec3f5f8655966b265631b1173d0b1cae638e33b6884a056e8001bef00a

Download Submit
C:\Windows\SysWOW64\fr-FR\Licenses\OEM\Professional\license.rtf.kon

Filesize
236KB

MD5
c47dc9ae1dd223151f683f0ea4c22dcf

SHA1
c8abd5b1fb616072f7d47aeac3452564b8ffdf83

SHA256
c001827c5057589b70064fff6aa7ff889bcc4848c755ad8b5b04edd10b94dc26

SHA512
abd1101a0e7c4671e5713971a5d723f0ef241aedb2eced044526d85097f8b3797f2223f4f62c3a410069323fbd7fab6d7ac18ca3b6ffd3f13a83576bf85cea15

Download Submit
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log.kon

Filesize
512KB

MD5
dd46eb4faffaeaf7c805c4ff8c51ed31

SHA1
65a10148346a9462da3876d13d77286422cbd592

SHA256
63b8cf706f99c4004be0f7378cf2c1436ce9aba23f3658f85a79cf06cecd95b9

SHA512
da65259b23f1bd993e684b732e29936e25682a6e196df38bc2280df1c923902b41b004550a7968a2bc73e4b7dce09d83bc4253058dc191875dd661eecdb63cb7

Download Submit
C:\Windows\System32\fr-FR\lipeula.rtf.kon

Filesize
992B

MD5
3d907b17cf9c93ff7e8a5897e7d6c8e1

SHA1
b834f46dbcb5ef08641a99b88cc56ac491362faf

SHA256
897741070018e399f35ec9c1d0939858244d73478e00fcded9b508ac492d5801

SHA512
1d66b6b15e38b15191cd1a47666e1f2bb023c695bca59be1ab26d71ca6510a73490f8be7010221c0620982f80b59f25795a44e9cc3b8fa4ac843ed2d96bdaa7a

Download Submit
C:\Windows\System32\perfh009.dat.kon

Filesize
693KB

MD5
773dc4ed210fd253c85f5312225d392d

SHA1
b1b9b0e7260dc895ac31a116b5ccdc875abcc9f3

SHA256
eeb40066b98997e61093e5d2675a85898aca53603edf14759829d23b3668d888

SHA512
ea66d49fe0a62ef0a14c164781c2df11771e59c6a8e2a301c06801dc2b9113988e5b62fe6590a4d491346c7f20ab99a1db9766ba2896e6eb17308d69041939c5

Download Submit
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\ja-JP\assets\ErrorPages\PhishSiteEdge.htm.kon

Filesize
112B

MD5
9384470f07d860f69c5d0d556ce968ca

SHA1
6d0c63ec42326d4bc3f80999d8fad6ae54a724d7

SHA256
d5a18c685d8f5cda42ae8b0e04d37e26913dd991da42226c75a095c83ead4b93

SHA512
23a5d947ee4783d746c5a061718d2ae52a8aefe857b960f7a5f242460eef5c9dbee41c3e9eabf36b0a605bef0946f72eb598a5af92da03a4207dde5e04a1ae19

Download Submit
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\uk-UA\assets\ErrorPages\ErrorPageStyles.css.kon

Filesize
57KB

MD5
ee9fd380241778b24c7b8c9dec2c9ca2

SHA1
ce8f083092ff341d1f879669fcca2ee9b3074bca

SHA256
a07e3c2efb4b179db04f4bca912ea631353d3f4bcb2a107302a2bc9158b6ce2c

SHA512
7606184fc57f9b41d3322e1f7e275cad4fc967304483ffaa1ba0d9b0d2cf43852664e3044a2de916f888f7827324e322b39410f4d22706d0c33419f9d00f1ffd

Download Submit
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\uk-UA\assets\ErrorPages\PhishSiteStyles.css.kon

Filesize
5KB

MD5
767d6ff306baa9bf068edb1b31f01e14

SHA1
14ce3f58135b203ed80c39b41c126371991b5041

SHA256
abb3ebfce644bf6f92df72ec4a0a08109c5ec194c8f06e3918c0084c8a4efdd7

SHA512
eab9e3f7d14dbd061c3be436fcd11f04b50f962a7f27d4b3123c5dd144b1f9381262609f79fd6edb9a3249a55d421fbae537b7364f52a4de0dc671a680853f85

Download Submit
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\uk-UA\assets\ErrorPages\TridentErrorPageStyles.css.kon

Filesize
4KB

MD5
6d11d9b8cbdd67e893ef98932356471d

SHA1
841c106e7ce2ecbac93f33e918722bf9cc54ec85

SHA256
47f56bf83af51a44b92771ddf1d3f32a2a58b166f482f08af9fc517abc572aea

SHA512
a64fcb7a606c59c1ba6102644a0a0fe5748a7caaff67a1c6188f6c3af461aa920f0c012e69cdb4d2e5412e233bc70be5f83d7b6fd1856f3bcf0e689b54441033

Download Submit
C:\Windows\servicing\Editions\ProfessionalSingleLanguageEdition.xml.kon

Filesize
30KB

MD5
4f8269b00e54b805f4c71500c63a9d2f

SHA1
a105c90ddbb905f34de88c4647b5ac69a5f8e1b0

SHA256
c28dd5b722e6935d9e03ef54b06941eddfcaaec403641b8e0918cc93a1257f3c

SHA512
a36264cccb718c22c39b1e308c4b9d3689b370e1009c07b620c5d2bcd07b2b1550970c75fff6d9516738f9b76c132ce7d748d9c351cf4d8d2b5f951787c8356e

Download Submit