infinitylock | hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/InfinityCrypt[.]exe

Analysis

max time kernel
127s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21-08-2024 20:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/InfinityCrypt.exe

Score

10^/10

infinitylock discovery ransomware

Malware Config

Signatures

InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
ransomware infinitylock
Downloads MZ/PE file

Executes dropped EXE 3 IoCs

pid	Process
6060	InfinityCrypt.exe
5128	InfinityCrypt.exe
4468	InfinityCrypt.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
48	raw.githubusercontent.com
49	raw.githubusercontent.com

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\fr-ma\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\images\rhp_world_icon_hover.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\es-es\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\zh-tw\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\themes\dark\CompleteCheckmark2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Windows Defender\de-DE\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\ca-es\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\ru-ru\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp.gif.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\ca-es\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\sl-si\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\plugin.X.manifest.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\nb-no\AppStore_icon.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\Confirmation2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\A12_Spinner_2x.gif.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\pl-pl\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\adobe_sign_tag_retina.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\cloud_secured.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\wab32.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main-selector.css.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\de-de\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\root\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\pl_get.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\ro-ro\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\themes\dark\adc_logo.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ro-ro\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\ja-jp\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fill-sign-2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_ko_135x40.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\themes\dark\Close.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\eu-es\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\caution.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\js\nls\nb-no\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_folder-hover_32.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_backarrow_default.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\en-ae\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\cs-cz\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\en-gb\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\EdgeUpdate.dat.LOG2.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\large_trefoil_2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_nothumbnail_34.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\css\main.css.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\pl-pl\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\uk-ua\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\A12_Roundrect_White@1x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\images\rhp_world_icon.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\hr-hr\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\ind_prog.gif.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_gridview.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\arrow-down.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\plugin.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\ca-es\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\pl-pl\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.147.37\msedgeupdateres_ca-Es-VALENCIA.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.147.37\msedgeupdateres_cy.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\weblink.api.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\back-arrow-default.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_folder-hover_32.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\js\plugins\rhp\generic-rhp-app-tool-view.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\cs-cz\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\de\Microsoft.PowerShell.PackageManagement.resources.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\en-il\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480	InfinityCrypt.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	InfinityCrypt.exe

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Checks processor information in registry 2 TTPs 6 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	InfinityCrypt.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	InfinityCrypt.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	InfinityCrypt.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	InfinityCrypt.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-945322488-2060912225-3527527000-1000_Classes\Local Settings	msedge.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 417665.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 24 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
3580	msedge.exe
3580	msedge.exe
2416	identity_helper.exe
2416	identity_helper.exe
5844	msedge.exe
5844	msedge.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	5128	InfinityCrypt.exe
Token: SeDebugPrivilege	6060	InfinityCrypt.exe
Token: SeDebugPrivilege	4468	InfinityCrypt.exe
Token: SeDebugPrivilege	3480	taskmgr.exe
Token: SeSystemProfilePrivilege	3480	taskmgr.exe
Token: SeCreateGlobalPrivilege	3480	taskmgr.exe

Suspicious use of FindShellTrayWindow 63 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe

Suspicious use of SendNotifyMessage 51 IoCs

pid	Process
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3580	msedge.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe
3480	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3580 wrote to memory of 4000	3580	msedge.exe	85
PID 3580 wrote to memory of 4000	3580	msedge.exe	85
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 3680	3580	msedge.exe	86
PID 3580 wrote to memory of 1180	3580	msedge.exe	87
PID 3580 wrote to memory of 1180	3580	msedge.exe	87
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88
PID 3580 wrote to memory of 844	3580	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/InfinityCrypt.exe
1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffacb846f8,0x7fffacb84708,0x7fffacb84718
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5824 /prefetch:8
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2068,9295678009772448733,965721113127474459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5844

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5092

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5980

C:\Users\Admin\Downloads\InfinityCrypt.exe
"C:\Users\Admin\Downloads\InfinityCrypt.exe"
1⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:6060

C:\Users\Admin\Downloads\InfinityCrypt.exe
"C:\Users\Admin\Downloads\InfinityCrypt.exe"
1⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:5128

C:\Users\Admin\Downloads\InfinityCrypt.exe
"C:\Users\Admin\Downloads\InfinityCrypt.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4468

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
16B

MD5
aa38e2f3a25384fd7025a9fce2a22d82

SHA1
621bd74e722b4736db8e635a53f00ce92472aa84

SHA256
1f10e8607118542828810e9f3ea9ab7aa89e02016f01065457985572be98ef6d

SHA512
a4ec9ac194034cfad5021063986b1fd58406e2d3e719d76be88d23b6ac4bd786584f7cd0deafc371a4714e6ac4717cdb702d88ed60943739e57f10ba9f3cda34

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
720B

MD5
d306785fb1f3f43b761d1f7e95353ead

SHA1
f5820bf7507eecfb339f74e43fdca7fd6d744a98

SHA256
1c78d692950e23e9e0a1bdf07923be35dcc1d21db578930f7ec365fc760eb6dd

SHA512
7b707b0b234a8965f607997f645d2ef68df4f88f35013a9b33b9d57a00cc6cda4ae4dec5a7c7971a51b39d04bf59841518ac259e3d358649c85b308946eda8ac

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
688B

MD5
0f4f017f4454bce465f4ce030aa35be7

SHA1
fb4f5a695666a138afb377d3440c6814d7148633

SHA256
9006193cb4e0994992b1b9d49ff4c990a4327b2fb366ac78106690d5b036956e

SHA512
b6e249b36b567fa9d7463fac0d3c665a2e1044ece3a36fb792c17cd8753d9cc0b66d9819426d2c0f6b1ccc9f4ab125e378dde03a9790e24c5ede15036caa2ab3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
1KB

MD5
ac7ab1326ab6db7535381b0dd1e1787b

SHA1
a65375739c211f5fddb6384aa45062fcc7f53d23

SHA256
539aa5090901a23195fb3c08e3aecf4af7255a6af1306b7e481c237e5e8d7c18

SHA512
277247ea7db090f16348e096678bcc63a9bf835237d1ee9fec06186ee4fa7bc6930d7716a6ee81d027b04bd0ee4df50bc8f197cd33eb33d92eaba10c0e44ba76

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
448B

MD5
cf3238e9dbfea78f1c991c4401a01648

SHA1
23904902e8211618c6f2b992a20d5f8605be99d7

SHA256
70e940733521b92dbf813e408192c7332fb1bd6be9d404dd55395637e4d3e04a

SHA512
a7f0e12a41ee2b516a7e8979026c76798a1e3a2762f0fbdbfe851b2b9a7746af6e296e31826038dee550cac22ad9d372a0690a79944df196f2f387049a856d1d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
624B

MD5
49eb5c4e0e5143f1258410f0e72a549f

SHA1
5249d2fc71d3b07ad4551a2e9f6a8fa943128de3

SHA256
f5d290a49c778fd3ba7d98e25813d0a38e96ccce3df96420520fa3120e2dc417

SHA512
77852258754c7b03b0bcf5904d5ad4e727db045bf59d9532fac9b94549b796c086827c8986f4f238b5f3fa816c78d9123bd4897e8ee55685dcbe7790c7dd6289

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
400B

MD5
0e38661b76656dbd9e643217c64b190f

SHA1
0d9ba15fdeb0f1ac3d942b9a5a74df56090052ac

SHA256
1e2fdc4f5f629bc3820a6ea1868ac5439f3725534b90ff6cb69ad9eb0c58590d

SHA512
316a04a025b58bc857c7d9e989dbee4bc48105d7dc79493abfb0cc2fb304b43e7eb1754f85402a872265d108b2087e692fe72cedc150bed527002f4a21132f70

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
560B

MD5
3be78f98698a408f6707196c25a66f3f

SHA1
3890551f0ded243e3e5f3d1e710c67b809a5db7f

SHA256
bff7b4471c15ccfdd67fe14baf89d28ad44bea10dd1e587f922798c0d27d1d07

SHA512
bfddebd943f0e2cb81b7bd4a7097639e9ad7b499d21260c10d04f8776c35df2d48a7c735b3afa2e2c899b3bc31b702f62fe0170aecb02ea46712375c8743ee60

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
400B

MD5
f80b4e4ff23b2440f20e2cbb7d18dd6d

SHA1
8918897c6b5e879bfa0520b175e2ea549e55aaac

SHA256
ce6a8d938e86dab49fd550c746dae172e570c2283390bd05b60af93cd89fb0dc

SHA512
90f022ba75a0b26bcec2e83ac6da437544234a1cb42a16c6a5200114e734a8fc1f76866551939d59b04d156c60c69b715705e1f8d6e30ca3ea4a32308399eccd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
560B

MD5
2b46244d73e2355d98addb3f8c8c0f37

SHA1
f6cddf451728776b7c7f5a71c20be11f8fc3e61b

SHA256
a893054d46dcb0dcd77d3df2a5ec52e0b291dba53f65c5f3b80cbfe37a12fd12

SHA512
664103b34635e785fd6d8b0c3f22205e8ee3eed87c0c4399d302ccc456406889c82c77c81218da9f27339c13566c9f1d5b69212238274a3b4fa2a18dbd131907

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
400B

MD5
301490bbfc465a1af7e67ff15b7e1601

SHA1
f0949a94d6911c45c719d057be7c89138b355ef8

SHA256
a584212d7efd2beccb0a2fa63c0fb59beaa1d6f1b9403eaf615c1df98046edc0

SHA512
55e3faf2d173244aff0e01e5b82d143de949dbcdb234b1f24c3019701a56b29cf1a5138aba6491b7cd15fe2d9f0f3f5998ea8817a2a6f193f3fbded77204453b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
560B

MD5
1360415aa915756c444911d29ca9205b

SHA1
9a62d00fb103ce31f927f3c4ff846eb837d0b177

SHA256
d36b01472895564d99be0ab7ef7dfc63d20bae1702150d42477d74644552d409

SHA512
b10b3264c2093e52182b1d43ca1305fbfa438daefbc2b0b1ac0c710ffdcf55e9925da925a94e9fc464978c5bd3872c8ecad35a31983cc18f710f62c9a07e46d4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
7KB

MD5
4851ada6179ca65889f3adb4a91fa4b3

SHA1
eeac2693619fd30646c494a8e3cb8084fd0dcce0

SHA256
fbf325229867d0754ed31357efa644337af1179857af4e1727197c995436c87d

SHA512
6e48e07fe7f1444da58a862d0af4f0bd10ba3694775fd825e27672c4823d792eae6e0658b88854471a7af07aa779e19069288017c083c6eb9500c461b5c33701

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
7KB

MD5
87be1899a672565c74da61eb5698d86a

SHA1
de746183c7824350ce20687a760e14b69ea8256d

SHA256
92f2da067ba81d5426259069c456628aba3e708c184de4ea0f6aafa9f25b2e63

SHA512
da6ee20a6a4e059fa0084397279e2d24f63d874b5728a920a925ed9fe2ce0a89fdb1057b80424cea597754afae84b28dcab32edcb2152ff433ba76e93d06f697

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
15KB

MD5
ec6501020a26a0987a7b570b0ebe26ee

SHA1
c24c1021a07bf6a6f097ac4d066b23294e98eebb

SHA256
41824347e7460a6218b3a153b8ae3a769311ed12a2251841d638caefc0cdbf5e

SHA512
b56dd6d9e3b3c5d1eaf96ce4a3b9363e0101c9c35e33fc5fdbde5a111a80ae3a318af557b8a6d6bf13b79cb2b6a6c9e9be0800880614e4891cb1db33f66ab515

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
8KB

MD5
b590e4d4db38d9defa2eb6ac7ee8db63

SHA1
94fda3afdc49e5ef2325d1d7469ff2fee8a73c51

SHA256
20d0193c8e696fc9fa2b4ab4861ee3aa6a527e3e1e302e97a4ef00acb1566517

SHA512
f5e97ea0180aba69272c48fe6a0ea4c45e44334a18802a45bbe9ff58ad8607c28caa78c2701efefa5b0b155080ed40bc281e002aa2431fb3c66d96d030fc85f5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
17KB

MD5
188852c5053649c08402426b53f9e896

SHA1
88684524271452bf1becaf4091504e02a2fff8b0

SHA256
3551ef33f52c6a61f564cc3f00a3668526897b36dcf3251a7aa16ac9be62275c

SHA512
623cdaf75df4a55d2712022e86cf62339eba8c4db5b3c9a2c182ab3fcdd1d171806f07bac55607e2c4ec64e081d878f21269f181a8fad94d8ab09940588465f5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
192B

MD5
d6e73cd92fb3ff577f35414e02a5c206

SHA1
b5b35a893dcdfcb5b717210b613641f396a91894

SHA256
c44e17cf67b6f25de97fda96d5c85fd2bd2665e5d005e9c5a46bfb759bdeaea4

SHA512
4238988d4878b2b4947420bd6981480e0ad35762dafa8f999d8a270a98fa8c56a9702469d130c0d5b64227761198cf93ddda44400232a5c5d39a57dc03077830

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
704B

MD5
487ecf2b35d3d6bfe8b768af1ccaf3d3

SHA1
283632e0dc32e9a230992ba784989c4aa4f815c7

SHA256
dc218cadb5a26a7f687bfa23f8bebccd2d5743f126f33bfd8cf6ebfcca485c09

SHA512
c588281ebc64b4db3e16b52feee15920c0c12da152f388cf1211e0da402d598e51d29d6e0024c2e2d7cd32a849ce4fa92d95c92081865487cb896fd9da715aa2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
8KB

MD5
5941860751c8aa39477c507b1b5768ad

SHA1
64a2085fefb23dffb78ab8300522ceff93b3c497

SHA256
e4b50e56ba1f89095b51a7eb5a7ddb6b3bb8350213df704dc033d3f5916dcac7

SHA512
400452d463ed2678d7539671f2311a89cd84c73730f31e8ac77cdfa316959dae0bf7f47034145b08d3215ddb73d003400d86436110dde116a3b49b237f472915

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
19KB

MD5
9017c10afb40d23616b8ad316ba5c92c

SHA1
28913c75277bc5dae17ea5f24329c9dbddf86017

SHA256
a82ce5873a2eaa6eb06168fe924a33cf538bde3044e604f09656ae1676f143af

SHA512
4970dfbfabbf330a3a9c9613dee7ebaabfb6d54d558febe80177ab938db1765568d5ada4259a0c36bef6a85e9d1c4276071b2a3e7a79f49c29bcc190d39f3950

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
832B

MD5
f9abacf9acd288bdd054e1a13c636496

SHA1
192f8e73e3caf016f01350589516f3b680defd46

SHA256
b7149dcb2f7ab4802db1779da3f0a07f0414d2714945a726f09caeff72d205b8

SHA512
47c511c15ed609b71045bbd761f94bd77f2bc8dec1526df0ef4ecd3b8ef0c675baabe14fc650acd69a9e1ca97cc42a1cf0e0bd2990755051eaa02195ffde0a81

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
1KB

MD5
cf261616e11c6cac8f4158f213e52e45

SHA1
4a822b45a9edc8034cde40d5fcf506ec9dc0e960

SHA256
86f3efd800e8875280f10722e1bdc47c5e2f555bf950b2a78e18a4e80e36061a

SHA512
6d5d3cb94583dcedef8b8a27e118dedcd2bc9c2854842df661886f1f05351c54bee53107ad1ac910ecd8a48cc9f6535f0788975e65cb94f0e711e06c164e22a8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
1KB

MD5
bfc6c21952e22baad193d85baf1b110a

SHA1
8acc4874ce575f1168109f7537ff851432c40876

SHA256
078c38e630116925a850f416ba5c26fb28fe8d4a2ccefc2f7506efad63caddf0

SHA512
32982029dbb733587ba999c76cff2628a0010b5de170930d968de3ac33f60668dc9fa2e2b62799818c2a31dffcdb391cd9b6f6f01cbe406cbe107c9b6241d0ad

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
816B

MD5
d0c78216c32e6d490c372453baf31755

SHA1
33473a28054c0cc06b6d630d48d27124187ab384

SHA256
27eacb629fcee9270914d16d0c93217e6b82404f3f2e9c337cfd92595fae708d

SHA512
0e4000cc27d0acddd34f2bdfede632b77eb348c005d54569353954cf3f7410c74ffc4056727061e0f8a92c02bae3989424670bcebb48aa4fe8dbd80bcb852baf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
d14f59131101fe0167e0f25df4e3b11c

SHA1
f6663679786b91ce7c0e3894cc70d32e06327c3c

SHA256
74d15090e2844e41ac546b66b880c264a88eea74cb38e5f9aa94ec4a18f23f44

SHA512
3253d9a71466c366a578602165a1426f914249565897b4e8d87c69a710b7c1e6a1c17c0a91a6d9f4fcf2889a55f227afa904072cf266c454f9abb891a437feb7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
0ac4299d17a2df588a28fdea47eae93c

SHA1
d6c23dc17f47220bd1b079436249b3b692b99ca4

SHA256
a52ee0cf97dc378eb57c1a6da35ccadfda2a55fefdd99031c93656a23021c456

SHA512
a0deaf5015df9d8a56653b8fce01544deeda1d3e32ad1b17b9b13976514964282481c9adeff1107b4ef52a5f74fab0940802c14eb85317d36e33f2b6ec837ebb

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
4KB

MD5
cbd85ecc39345a3c1b4ed3660b8ffeb3

SHA1
dad2848e31a7d0683867b6452d5ff616ae97881a

SHA256
f44bb8407ebf02f0f7c479e093da5e5704b7e8afa59239061acc7bfda026df49

SHA512
ed34dd1c32dbc4190c9e60cf021878f1321d76ded4b0129046a6cbb11ea781630b028e92cb7ee73022f48aa934c81f833bf7253ab656d604ace5f2af1634cde4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
304B

MD5
06c390eeb183ce6c3a01caa13572deb2

SHA1
e858f824b98b8d9c9b6ed306b898baf575ed4e04

SHA256
62e1ac2b7ef799d9b3546c4907a9b66f6c20e1cbfec039ce337db5a28a688a14

SHA512
b7eacab135d0d661410d2725c38daa70c884df3ad8be930a14d3499b1855ac58e3239650f4d9cf15de3b1afc8a1d0e30d0b928e409092a540f4c202c22259cee

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
400B

MD5
beb551d7ff8cad4a33ff69514069100b

SHA1
fadf19a30492ddc71080748cfe469afdac462cb6

SHA256
af85963bd6099fdcd2c3b4ebece33f6fde87a98f2d4780bc4a9563ba0aecee3f

SHA512
b8eb93068a2cd37be22aa9a8db0e0e676cfd252357f97cee904d938faf431a5e7aa03bbb705ad53508f9a371afad3eb6e5236f75abda183450dc6f0c1384ce98

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
1008B

MD5
d8c1110f8b29604e8e7e90895b5f7e9f

SHA1
5f88308c501b99924a50094395156760aa5c206b

SHA256
e584db285956bbbd54cd39f10eb1ddb0a5fce86712c1b9f79f423a9df8167b47

SHA512
876d58de23561cc7ea49a8e7a2184f8cb813d5ecd31c2384fddb574cff1bade10aee9d034e55f7d1005bd2f74d20df3c45277383030fde13d0d6d4d6941b4aa9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
1KB

MD5
e9f5fb47a93c1dbb49a5be70e26c7d10

SHA1
8e4cdd573c6c83ff44bbb961e13cb9f518f17187

SHA256
4ff6b6a3c314354e0091ed89167ca7152836616163a90b31c898ca3e9ae9e568

SHA512
9b8fee33bf76651076556b797db76351fcc0b9d41b81e7a803fa994b432a5b4a667f7b19c29aff7f3181c218a42d582a436c8574c6e2eecc612d08de15280da1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
72dc970f713eebb1f804a2eba6f34c2a

SHA1
73a04f497f045211a64147c01205a6c492ac52b1

SHA256
568bbeef27bb779398845f163c9a5d096e130230fb18da43cabdb5f85babc675

SHA512
5bba4f0886573033aa9ad1dc55b1b1f553499d3bd786017a671501fe40cc3032299fa1664c7e46f37a23bf102def626a88e6b654590494e4a620f989df8befda

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
848B

MD5
1c847725501a785608db1460386e10d1

SHA1
fc38ea049b8c175161cf53a36dee9f4eefa183a2

SHA256
26840c3fd425d4b60a66a1099cf61e1ec39b027e147eb10ffaa1ecd32b935fc2

SHA512
f66fa429a77e7a096f348958b0958c03f1f59d4c9ef48b6b471578b03d7483bb4523efe3cbd52cdc4d026318395f724d11bea378ae68e82b334ac20bccbe9c64

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
32KB

MD5
6c2914df8742f65e3da9161362e7e24a

SHA1
d83de4dc57b224ed19cc60cf63924a7e0f680038

SHA256
f01b996e7e78276c00fb8481ad33fcba7399213534189eca3cb7bae96d597cab

SHA512
b91d8b17dafd665269845854767c18b476c2d991b89cc90b9cc9edd39fd2036c122a21f5bdc63da5efdfb69fa1ae9938f7fca364b21599c7bede3b0ee5825f83

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
596KB

MD5
f3c53f819cbbe37fa52af98a28319490

SHA1
5adbc97dc5b69d2785285fc2902a009f86eb2c5f

SHA256
bafc1ef052069d1c5b568cc833b5fac0440323e6a7316a08f610fe66201405bb

SHA512
650a47bd5102d17e22a72f45ae5acce5fc70d4bcdf8c2c1be5b73af6271bc0f87c05b8f5a4692645328c9657b047d8cf715aadad1a6ce296a05f7aa9416cf275

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
596KB

MD5
e6d198d93467d896238ff7e305d22358

SHA1
36a51ee8e1eac609391cb98532a233ef77953a5b

SHA256
26002aa19e54299259cf4355bb0ce848957c5f0a87f85620548b432dfdf120e1

SHA512
27dbdcd6bcc5c4284703d43b0817db283417f57555ca90510703a67924dffea06c9ef62b809b80612967adbc21214993ee629343cf83532cdad3c8f92d5d2398

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
596KB

MD5
eea760b9ff1c08766736131d8c81facc

SHA1
4a11def5922f749b04e7edf605ee0f63d45c1571

SHA256
de585e33a0d027bd714932ea6ee28a5272587bbab946f2482facfcc6eb6c2542

SHA512
e45ed79a93dd1aad7572eccfa1f2b1b821005b1ad87e9bc318fed4ddb9e01a451a3ec5d4a1316cb22bbd2539eab5db0386732ebd6dab499c0ce83a1082c56f0d

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
172KB

MD5
f680b56a12cb6af902737d3ad44528ec

SHA1
ba963d62dd0c16f07fb295bbfeafd87ffbf431b2

SHA256
51aef2866e2280ec32aea21e86818a555ebae3e760c3897933ec2311c4c89c5b

SHA512
e0f7eb968ea5aacf550ae5c8453e4593b828a69e05b537074371bb48e1c4fa9314459e833f87476cad14fbe2d794895b92692ac7eec3dd55cecae8d3cca5dcf7

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
172KB

MD5
9db914f2cdcdfc10f33c64ece74f8e93

SHA1
5531334a8413ba244c12ad3c6c2fae882c7ba8fb

SHA256
72f3294b461e0bddde9f951c69da0037e8a2686f8f409f5b3611d06e528089bd

SHA512
a0eb5e926dd46b87c1461fd2959e4c4885190ab3be1dafa1531e8df566a1832206a315efc0d61c69f0d2e96d160f93029a5f50cc593b9112680e71e8f2871b06

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
172KB

MD5
6480e557290e9f166ad3c8c1efe05e87

SHA1
2e81ebe1242039b86b2a10a1f25188d84169ad42

SHA256
405b22fb0557a2cf5521e08565f073f4d6312f39fe6cc2694de965b6e9a2a3d9

SHA512
b07d6c86d1b9ad108170446408295e08960053d04d5b43a9b976487ef35230fc2866abc21deac0837d6d6cf1a2688e4e1edce0a37b6f72e3ec6a2446519e733c

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
330KB

MD5
985af3d91acba716a209c1a20a2d5a39

SHA1
c4cc6783ce6abcf03a08d3739bfc5a04f7f2b87a

SHA256
0448e1f14fc677a5f3a3df85989f43891d7a5480ce617faad5161e55e1544cb0

SHA512
e796dcf48b0b45d0645dc70d8fc507b955802ee629a48d30c35eb253d6368c009a687c72039fd993936c5f5f1ffc240c8783268ebfed9829a0c61d11c3420d6b

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
330KB

MD5
da88deab011f3ca42dd17a86107ba54c

SHA1
b949c4b45e6ad7d0fb99e650d20587d2f6c23ee5

SHA256
9dadca052851466cc6a13bdf5b560b773ac22b2951ed6eea5f1d7fe7f0aab9b7

SHA512
7398d27101b611c0e514503883de54ca2225efbacb1e04f51740252713be78db0c5249c5b2bb47d6328bda13121882429e3ee204f5f4191217e5e0fff283c116

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
330KB

MD5
24b07987574099324167db9958c34d0c

SHA1
e7d88768b00eff1cd78b2753a1ed56515c73195b

SHA256
f3dc76a05a0eafd06385965bc66301e58be8373c2b0cefe37f6e3654a838b392

SHA512
34b7d04ab233fb29a95fcf571e60faa139c0b16a2767f9234a078e2936cf4ee85601358e6e0a992632632283978c497f04eaf740d67bc3702239a976fd9f48f5

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
801KB

MD5
3937742ec0ebc24bd632264435566a6e

SHA1
ee403488870489d96ad570ee063056873f753cb5

SHA256
4826d9b6d326f113b219b0f86db5207d35a6494816dc79b27551a6271fa25050

SHA512
a9ac74de42345b5ebf62107424c7c2f2a386df45d0fa19f605b1d5b1634f4a10a147d62ec657879c75da4ae80b76a39b7b7c90c9c31900dee17585c74207540c

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
801KB

MD5
02fca783e24762d4bf33bfcdd9e6b1e0

SHA1
19e84d184fb2251852bf6cb203ff5304433e5f89

SHA256
6fd8caf3da66384781b5f7cee9af44e4dba0a8615d88fa68957551bf530cf4d6

SHA512
275062331232f22bf275c347193051436b0f9fe519e4b3a049dc2526fcd6c0829d463cbc141b00bd9cdce5019036e9474acd612ab1e25821c5737fe649e56a97

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
168KB

MD5
b710582d4419d537871df14e1f5c879f

SHA1
552485fe8e146838fca15c003c712d9e1c75e353

SHA256
fbf995aace480675a3de9dee5468f4af95d176b1b30929ef4bf7316d98f9556c

SHA512
ea987cf9e71365652ab8d9535a93fb552d268f1d7de053bddcb5efe056f11ac9b868cf803ba881b99deeff50f2af80d1a1a602167964388048e58011afa4a4bd

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
297KB

MD5
aab68bce78124957a9be975d2f95545f

SHA1
29ec4483444012a39aba716b2eda10878214b25c

SHA256
959213186c19c11879ddb3d76a78875ffc9bd9457504eb1b9f35197e029dee18

SHA512
edd70fdb0305a1b62c769201cce967f34379c20b355cff7dcec717bb5d8d8882a19dfbcf6199742b752c19f83d18dc2b491556b2b1f757fd5076a83d59467669

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
297KB

MD5
69aae2e0c4a45ccfc083f728898c8af2

SHA1
805644ce61ef13f4668e134a6d2163a2c42b47c7

SHA256
4d11bff3157b99c036f011f4fdb5b50a37fb28cf099148e5ef1285c577fe11c2

SHA512
31898e2534ff785e650e382e91a5d4cdda24cd12f65dd66bc0c2f55240d6ea04b4585160d0ffc9a0635560cb0beb57ad37bcb988af0d3185b25c203b07191369

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
297KB

MD5
ad94102e80a18ad0fec88167d787d8c4

SHA1
a0d3e501f70003963e48c62cda59ebfde0416128

SHA256
f00e43a88c7d4cc016ce1ed7fedc61de61d147d15fc792a5453cf6b6304dc500

SHA512
de663424ff53f936ac4acb75c7525338465ff7d31d1d492bfc6cd0c119980d7505a26cb3975ebf3affb79e11b71054366cd45dc5161290701dad1beab16b70d2

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
726KB

MD5
2acd86dab67e8fd52ee08a2e4adf14dd

SHA1
d46ca6de0df83a552f82750f74c875e1c18c6639

SHA256
8a748d4b59fa602a027a4a71a162dd85544faac38be5a5615b47df3f6ce41abf

SHA512
7805745ca1f2e1116308033fb63e0882248436335a8bf9138adc417b4581b87b6abad74074ae14ace1e054a94447fda3ebd57cfcbb997606ff4eeea22bdf9421

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
726KB

MD5
54bcc1843cf41f2eaa5d717dc12b1942

SHA1
06cf4d7394c06a888f77a6c725e3bb5a1b6942ae

SHA256
c939f2ddf7d67b125e15a8ef78956c050b5a2a386ccde1ac5f52ce080997b9ee

SHA512
dc2081fc94ccbb4385d80f9b1da23976ab7b4fe8ff9c05bd305aff717dbb44e237668aacdd2bc7126cf96723a00cd43813b18805d10adaa31a13ef9b450be878

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
726KB

MD5
4cabf271b51455e340cb8c2699426917

SHA1
75071b31307734fc0e3fe859b1e7256a9b556dc7

SHA256
9daf9c0f39718cdbc54953d04d0c5aec5d46d9843b0a9757a98980581c8f0978

SHA512
a032746780df10ddff878e2f3cd64b14f9cae43d71e8f0ffa9384fa1ad2ac45b1e242b2a3c68ff112d61ac7c35df41a3e18a644d26201b236b4d8ac66ad42472

Download Submit
C:\Program Files (x86)\Internet Explorer\ExtExport.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
44KB

MD5
b7564525dba716245826e6b0d3b23443

SHA1
1439743f2a096bd4252f1a1e606620c320c2c6da

SHA256
303dc2d425107ba9de39cb7b2953d599eae1d9e34e527ffd0346ae0068e140f9

SHA512
fc788563cc20c3aa9e05c726638a6e36bcf1d6785959b4e0efb0ea33da6089f52199c89cb4a94dd427d7cb9ba945186a7ba8b10b64d2c900297d2e44a65ca53d

Download Submit
C:\Program Files (x86)\Internet Explorer\ExtExport.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
44KB

MD5
d8e0e98589f53547f64dd1e60c60b21a

SHA1
49abe3e4192b7a43d6a516966ecb826226debabe

SHA256
ba002b446cb5680b1c07d62c79e8fa6e88f4085dcab4b66d29fe2d05eb3ba820

SHA512
c7793e2832e5d231c0339b7a882c6dc1c03cdf5ce6667077e43a64a148ebb4fb66aab6585c11cceabeab4dbdcda0b1af8340aa870d411cff2e8bf3f1e3d245ae

Download Submit
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
7KB

MD5
024723c6ae0d94a8c5d4a6ac2f2de349

SHA1
4431ae3abf9e4c4dcdd754159f99d7866af3af64

SHA256
ce707c5de9d7b6b42685662189376e2e67093a683037977e9e37cefae6151c9a

SHA512
e9009c165039cfb3ce02f329374f60322006c32f4df20b1a3ae8f916f21243b8cd165cbe5e2ae0744108a1b2087786943289180c34135bf95c0167a40b688355

Download Submit
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
7KB

MD5
e6c3f7576f6ef2ef802a9ab171f9ddf4

SHA1
0960a30a38e4e6dbf92b16cd042764d61f794bfe

SHA256
064a074a8d9b017d131c7c787babce0f716aeea7f45b1fddaff6acdb5400a357

SHA512
2810f3bfae302c52976145858c32a3e23f345da0fcaaecb3d6d8873bb86880cb8a0b2580e0aecdb180cd8b96bb606bef8f32ba5c6aacda4bb86517574059fe31

Download Submit
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3.2MB

MD5
8ddcc8eb92377991c2814486a7bd8ec4

SHA1
1417e8a9fe767805b16fe9df9ca779084577b3ea

SHA256
cd6bc7d1c10d6342c1c0932956576a2066d4f9618650dee4d5264e8485223b63

SHA512
e650ac0bcc149999b22c6253be4c1077c1b96fddb449a32244d7f2f8ab592c3073e888aa30db46ad0a0dbc31d6186288f9bfb41750b5f5aa28ff36ccbbd91322

Download Submit
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3.2MB

MD5
aca89be7d7247bee2057d579ca298742

SHA1
9d8ffc69d98ac863b4e50c593d36051f3782cbb2

SHA256
ba2bee4f5322b8341df0018f1611e76cdf1855629b0f74e46c26e70dd1b8be03

SHA512
29fcd7c22a503a73e9d4daf2014f348cf07267870d52d3b455cf0c9157ce11413f9c4ee7f0ede6de4e98d66f76db6f870d63d4a91a361477ff4d78832a797b4a

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
584KB

MD5
ca84f9ad107b3c65c58d3aa474b3a69d

SHA1
4d4d9ff5f4dd0f89b255610fdf19a31a7ad25485

SHA256
b5ab78e088af059c2609c692a8d3eec9bf49fa72c2ed561bd80549799bf6053c

SHA512
713ffed57e9292c2435baddecfa70423206aa5f932ae3686d9a696f2ea148351164eddeb92f45eb39ef94ec91884cfa1a7d0676e975576d6bc36e7cba5bc9662

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
372KB

MD5
971e76ac395eeb102c93086bb1588666

SHA1
7a9fdec99b08571739828a51a33790eb576c3c7b

SHA256
72ee58a756e963537febea9972a3c10f9d5a394f61e555e31cc3f0901987b951

SHA512
98b61b7710342c2c6e7b089013184b5d96d8a0717d071122da3ba8a336289a78a3ec72f284132efc860966bc940aaf0d2585958e130a2599c2b7829c84d2570b

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
104KB

MD5
244aae543f37b3cf2ce8a194f8a69238

SHA1
10ae2820606d9e34a364696e0fa1dac42374e720

SHA256
5909396bcbe2942c26f34838fe94197a16ba52d9fddc4de5b3f46e7b032374cd

SHA512
90e9b1c3d89578b44d003fe79c69805a9e67c30e61f30ffc0e68ef7be513cd6cece2d1342b9471c84c99aea79e7b26d9a0636662a5d1eb2c54de587b0c9eff6c

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
104KB

MD5
7438407c9a1a4b1a8ba6841c43219bb0

SHA1
00c7f42ef3eba8bb3559f585a16e2be49b1897f6

SHA256
f1ce722a2707ea772efdf38d3844855d2a4a202792c5052c2c92a127bf2f17f6

SHA512
f86b0e479123af73bedc9814069bb9ea657369e6d4ee7426df31475e22fca630f3be6bad544ccf0cd4cb93a6f39757bf7e5026a5092fb89730f3ceed67959fa9

Download Submit
C:\Program Files (x86)\Windows Defender\de-DE\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
22c569f13122466a7df4ae095366d2db

SHA1
d620a18cbd92763b2ef9b88f334fc201a17b5718

SHA256
b6e8297436b917035419d7b72d1a8b8b5e04cb1358842a90e544de0d7fe0d766

SHA512
ef5ca365c1ec52c492a867eebe07f82fa221ca0a3632cababe8a54469384cd7f88857760ad916e2b8951a7dd38bc42713bac0d64db76240a87c67dc63b401be3

Download Submit
C:\Program Files (x86)\Windows Defender\de-DE\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
949dda37074301385ab4c9a4ff901a6d

SHA1
ae1d873b7310a4b3b2e19a75fd35b98b994db631

SHA256
d57540de494049aa6f64b3e1c3269bed76a5853727b4cf1db19eb2bb7f4105ff

SHA512
9b40344bf45a4c28affa8bc4e3de5b33925237799612ba2385f4a14aad729137a6eeecd5de1680fb71036026e8c5bfc80ff3fb3332404b8a3445bd3e391919e7

Download Submit
C:\Program Files (x86)\Windows Defender\es-ES\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
70a0bcaad55bb4446b509d513f206b2a

SHA1
8388b59dd49911126ef5a48231a40916c98a49c3

SHA256
924ba43fff40cf81f94df40740b6810d34d16f4d8f7132b376990696a2977b69

SHA512
d2f5bf0223e63ffb897f5dd75b2edc0132c411ace51788c7d1bb979273559e445560fcc0f8bec36e6f86fcba19e9006d5207111d1ec3777bed70284320e828f3

Download Submit
C:\Program Files (x86)\Windows Defender\es-ES\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
2d067571ff4dc35e4c0c53a8249708a8

SHA1
59fafef3bad357684dcad881e7c9ff08d5d24a32

SHA256
1635e89e7d68661efc6741df6fbe9e796161967dd92182939791d58e127e3472

SHA512
388b2e6ab99181060be5140306965b66e486ee946a24d10c1ae7de50486403301544dc8b5007de597d0116198ee01987ced88992cc3db722f06810ed4aa1018e

Download Submit
C:\Program Files (x86)\Windows Defender\fr-FR\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
f3bc36dfccce00e0b2345cc36cc662bd

SHA1
4932d6e820f963b308060171c9f082546fe774fb

SHA256
555e3bdb74f44b9ae0f9a03022c2e109b84c0fe2bca64f3c5e9c1c10b56eade4

SHA512
c78747738b94a55a71ba39b92c86f27c8829ce23e01cd44cd5cee92288c236ccb7129bba88f2fea8695b6ef80a4e6065e48b2f4a293fbafe5c970dbaa2a6c28e

Download Submit
C:\Program Files (x86)\Windows Defender\fr-FR\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
467eb3c55ac15a28e862415e769c3d50

SHA1
38e8ff1040b2fa3a674cef3fcf93b53e304ee24e

SHA256
fae5e23cf4bdd20acde6b5b7c163c8dcf87c390ed6af371d5bca4e71508302e9

SHA512
3e4187afbedfc69bfbd87145fb57424f46c650cac406f0807807f7ece604357003c9e03ecffe24c4f70359ecf76d42beac36894be83f1432ee6fb225bf29a6e0

Download Submit
C:\Program Files (x86)\Windows Defender\it-IT\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
846b1bf6b1ccf62df7772c91d7250bf4

SHA1
9afbc7e6ffd2fd249d3afe5cc68216adb52bd003

SHA256
0abd5abb69354100e1c01eda358bd2efac213a3e87bbfd30a47fb7b3827a3ede

SHA512
f7dfdd638c850989971bfd33b0e21e0d4f69a0a62493d9e7a1d852467176e6ed80988dfeb1d9fb5fc36654772da65de4eeeb4d093e72afa044dd3b3df676eda4

Download Submit
C:\Program Files (x86)\Windows Defender\ja-JP\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2KB

MD5
10f85f421b5ed53552aa8139a96416ed

SHA1
32363d2b5cc3949a37535a7184edeadf0ba319b8

SHA256
836e5df35e2b636a8a25c294b6874667186ec09d00b6b3acc42d6226695aaad6

SHA512
d40aef4c3be80fcc8a368068a40d56c108c90ed4d979943dcd1d4536430e0656b4ba2821fe67ee955fc6d8d3df4b41725b41d892b283c3feb7ebca62847d29e0

Download Submit
C:\Program Files (x86)\Windows Defender\uk-UA\EppManifest.dll.mui.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
01207488a82a195373ab44d52922f59b

SHA1
b654e72482b87ab3416518373c68409af3e59d3d

SHA256
88656bb97b9441abfcec2569c2c5869b26e5386d398eb51ea546c87fba72b486

SHA512
f59f1ea34c5c4e57253748558ea2fb49fce08fc9fcbc29f96d60255b7030bf2aa6b5b75781262b110207d8a80159a7ce5132358f4fbee184f805164d295f0167

Download Submit
C:\Program Files (x86)\Windows Mail\wab.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
504KB

MD5
ddd83c141b552bd32328d493d6977e36

SHA1
0fc632d0fd0a271478ca94e4f1583d7492651a4e

SHA256
0abaa2e376786b1e7bb27889384b48234983fc3c35a50686a8b623cc156f7fdf

SHA512
3ffed12bf39abe864ecf666ff3ce535e9c0bae75150cce7eaddec9e8e86a890110695c6f6ebec332976fb3d0bd376acc75239db376b2ed07801119056c675f5f

Download Submit
C:\Program Files (x86)\Windows Media Player\mpvis.DLL.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
159KB

MD5
fe8e4aee2666699c51d5b53c6fb5bbc9

SHA1
24285a3d84ac29730381cdeb73bbd120b3d441c8

SHA256
e8e834d18b000e39e6c902bc0e950e03617bac88b14f30f98883cf6345d90d42

SHA512
4d814acc403dbe47acba3cbae5f7642d8b676c82b6be0978639cacdde702cf0501091cb5d7bcd1ffef3b890778a8fc2902cffc88dd1e998f918b540f4c49296f

Download Submit
C:\Program Files (x86)\Windows Multimedia Platform\sqmapi.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
39KB

MD5
593c40a5eca990406c84d23fd1803c32

SHA1
180a60d9af4b0e87c7918910bea27ffec741218f

SHA256
55e849ebf9c83904df1a30a2dbd8b19c5775f432cc244f39422903a735c4c81d

SHA512
7667705eeeec4946489598fdcbd22523406a6ab24effe56027acaba530b33312c58959f3f3d5020eb088c558d5b3a8d99b96323e31d2a7645eed828e4e4b5b65

Download Submit
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
2.7MB

MD5
121ea248f981da95f637f70014f56ba6

SHA1
78a1726033374d06f1c950522dad670b6b7b8052

SHA256
c674a27cfdaa5fe91d43878eb61ac9c13a7acdca7e8ea736663b78c676d5dc37

SHA512
ac38ed6e9975bd310ace770bfaefb915675dbaf568cde9b38e257aa61d3d18d24872ea21710c76f59b74a3c23c95f32f1f75441220362a6495c08bec7ff826ec

Download Submit
C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
601KB

MD5
58d909e3ea83e1722596bd43428e485d

SHA1
44a1d9ddecf88701fe3707ec2e97905f5424d33b

SHA256
8df29dd93a3b836c392ba088074b8166c27abf5f59929e638a1a8fdf1b4e1507

SHA512
179f923628ea66229e36eb9c2a96bb3e8a53b7863ddea7d0cd2355b109a18f1569e15609073405eb15b61bbad7454ba919a338c7ed77f3a1fa7fa64d6c15111b

Download Submit
C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
93KB

MD5
4dd47fce097b7cb18be6da0e99c8df01

SHA1
4fe4fb7f2ed4cc490f2367add8d56bc75313a99d

SHA256
b82f825c9b1d892ea4fe7705d0509d679b68118d662a081c8d21bba638b8f37a

SHA512
af65907bb0b4244eb65eef3bde6829bc562a7f93bfa8717f2fdc234780830ac925893b1171a215b667d0eb9535c551ab467a545838212f90f8550022b6304d88

Download Submit
C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
39KB

MD5
c85fd55848560e027b48244a031b59bc

SHA1
5fa55a2536afcde213c7a7c62ea16c1043866fa8

SHA256
4125c4e75d0cdedff2d572b3503e9b4ab2e6b0ccb13075dbedc0cb0acd466f84

SHA512
23fdfc3d134ccebfd9becfd8a33a2f17389f22830e462b3dd95671b14253dd3ab141596366d99033593f5e1ee70366022efa3770d750f7dffe9790d3d600de17

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Microsoft.PowerShell.Operation.Validation.Format.ps1xml.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
3KB

MD5
630bb2d25f4aa687bc104758bd9c30c3

SHA1
217b0614caaa56d662d9551a1099b2cb89d719e0

SHA256
e1046367456b29a13e877fa49159d0dce7fbee297bd448f25e973533dfcde5c7

SHA512
e65a6188d5b3672e7dde6e5db5a6a0e341bc6c6479c6fbb291dba2bc29be10848cd2f9d66c9e45fb131426ea98d4a7dfb66ab4de946e6d96d81bd2aa17b03fd2

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\Build.bat.2A4CBDCD9A5F9F49C53D723205E6CC953D00F85A5A014507B7B7189BD9DEE480

Filesize
752B

MD5
11ac114940c86a5468dc17f80b5053a0

SHA1
6f24fdd12c7175da469b5931860606b9eb03f9c1

SHA256
fe72a9b209568c670e1be4e6ef89b153b0c0ad93119d5af194e1803f917852ff

SHA512
e5e91eb03331e896dbe630b2928cad7ceb45d959daf47afcdc73bf5f8cf3eafb934344bfd14f2402db6741c65f15540bd19798910fb326387f2af66e953fc4c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
704e73810c9f8f68318e6655a4b6f814

SHA1
e919c0be774cae8e7769111a50592f6dbf6ce622

SHA256
d9e16e62584722fad7a0fac5178a5dc49d37cf0d5102104ecb009a4fbf1837ce

SHA512
d1cd3517bbce9f246f4fdf931f1ddf4784963d09e18e335842778cbdaf5181081c0fe3ee76814b3d22f282ccf23a8d5e6402dcf411246cdd2fee209e07815255

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
579B

MD5
ed5f4213c17629776cd75510648fc019

SHA1
ebfa685dca9b7c920cd5ad521c03e4ad0ce435b9

SHA256
e969795f0e63ec8a35cdf34d5bc43867ca0825bebfed9734943e69b34ed2ad87

SHA512
71bcc166ae5a48f7a79aa5de7ecc7e10dce22c39240ca9ffe9d0f9340f40fc2a2429529cfee8b2b5d7082efe94921fa7df3454852d5313ff4093bfdffc189627

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
58b6eb21fccca8eaa1c06327c774e17f

SHA1
6888c1a6a39c05cd7333dd56b88e3af028def8e5

SHA256
9c531c27c97bf71820fd51680bcd09eda396df16bf0f808c9eba185bbf1b7f6e

SHA512
0ae306c434c220082cb503a3bd3089fdbf1b2da5a6a1c7db2e94af2bccdd4f08c303f04fd41e7934fb23471904af526fc01321df42be2fc0ebb6467b4a010d81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a0f01b5b79f93f4f94be2e02a8765edd

SHA1
4c9712414cfb44ae42b3a1e3f603b51895309faa

SHA256
8385db2807e894f5c725cfeb164a75f3ca5899722242d58fd82cb46ee24a6a74

SHA512
033bf46cf11f17b55452d9767c2acd254ae537053874fb8a86cd99b20b974cba8201335e70b77d20824f57e304ae1c3efbf4ccdbfd65a565feb97f66da531bc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
613c36e3f8117f94195f49281754e655

SHA1
41f51185b75839f96fecff4519c86e12cce9802b

SHA256
20e830c8a789930c78c9be57769c70021be4f708b070b2b631e04bdffd9e9399

SHA512
ad0ec6ebcbd046eb8ee48562ffe383efa81d5975add53ff6d7c9b51fa9a3cc50b9e5502e1f23a07ef33906207caea9bdfacb9db8da89b0e87e76619e240eecdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f648733ad51c376acf9342ae18773d51

SHA1
24f1881fde7af71b66d506d768bbdab5a2e17f1f

SHA256
17ad94e2567a0c8a551a635189925162731c530b3b33b64910d92a3697fdfcd2

SHA512
07616216b259c25e1582dda4241b34aa2517787577ecef7ef003511bfeae72c872e657ce1d1ceeb57817689545c47bbee856f1efffa9a4e5086324e540929558

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
01fe060bc2d7fab4a841a8e1a8678443

SHA1
7db3005a12adb01d775d633d5fe8ee45f7a6a370

SHA256
6222f0fde047597820e7a16615446e7aa47d478507e309467f4bc24d3a3584d0

SHA512
4d8e5d365aa62e272114c06281e3cb01aec9a4cbf0842868380f0341a68561c9068442c48c92ac3e8efae991148fa28b5180229f008ffc31f28f2559d89f3b9a

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 417665.crdownload

Filesize
211KB

MD5
b805db8f6a84475ef76b795b0d1ed6ae

SHA1
7711cb4873e58b7adcf2a2b047b090e78d10c75b

SHA256
f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf

SHA512
62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416

Download Submit
memory/3480-3532-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3542-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3538-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3539-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3540-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3543-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3544-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3541-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3533-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/3480-3534-0x000002437DFE0000-0x000002437DFE1000-memory.dmp

Filesize
4KB

Download
memory/5128-3390-0x0000000005FC0000-0x0000000006026000-memory.dmp

Filesize
408KB

Download
memory/6060-225-0x0000000000C00000-0x0000000000C3C000-memory.dmp

Filesize
240KB

Download
memory/6060-226-0x0000000005660000-0x00000000056FC000-memory.dmp

Filesize
624KB

Download
memory/6060-230-0x0000000005920000-0x0000000005976000-memory.dmp

Filesize
344KB

Download
memory/6060-227-0x0000000005CB0000-0x0000000006254000-memory.dmp

Filesize
5.6MB

Download
memory/6060-228-0x0000000005700000-0x0000000005792000-memory.dmp

Filesize
584KB

Download
memory/6060-229-0x0000000005620000-0x000000000562A000-memory.dmp

Filesize
40KB

Download