2cdec83b8c5884194d13bf930a8c9ed0caa2eb6ce5cbec0da943735a20140ca9

Analysis

max time kernel
23s
max time network
25s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
26-08-2024 04:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

anyburn_setup_x64.exe
Size

2.4MB
MD5

60e973899dd0f3270055f908c4e3e771
SHA1

ff28bece23b7e7432c0797832ebafb182b04e519
SHA256

2cdec83b8c5884194d13bf930a8c9ed0caa2eb6ce5cbec0da943735a20140ca9
SHA512

65ff3c04b649e062542b1aba58aa900833c22c55c0cef552f14c466ac1ace21b6637caa97f540cfcbe6fa2fa47aff91228e18cf8b4889a468c23e540bd83cfaf
SSDEEP

49152:X2DJ3Xf0wbatPe/YIPpIvUr3DnJwd8Mcd/FNFiXS:XiFhOtPGYITDnukFNUXS

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4368	AnyBurn.exe

Loads dropped DLL 2 IoCs

pid	Process
2556	anyburn_setup_x64.exe
2556	anyburn_setup_x64.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 37 IoCs

description	ioc	Process
File created	C:\Program Files\AnyBurn\Lang\Finnish.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Romanian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\libFLAC.dll	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Hungarian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Arabic.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Croatian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Spanish.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Russian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\PortuguesePortugal.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Slovenian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Readme.txt	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Indonesian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\English.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Ukrainian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Greek.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\EnglishUK.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\License.txt	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\TradChinese.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\French.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Italian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\lame_enc.dll	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\SimpChinese.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Bulgarian.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\uninstall.exe	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Swedish.ini	anyburn_setup_x64.exe
File opened for modification	C:\Program Files\AnyBurn\AnyBurn.exe	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\MACDll.dll	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\libvorbis.dll	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\abcmd.exe	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Polish.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Turkish.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Japanese.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Danish.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\PortugueseBrazil.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\German.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Dutch.ini	anyburn_setup_x64.exe
File created	C:\Program Files\AnyBurn\Lang\Korean.ini	anyburn_setup_x64.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	anyburn_setup_x64.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5056	msedge.exe
5056	msedge.exe
3452	msedge.exe
3452	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3452	msedge.exe
3452	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe
3452	msedge.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4368	AnyBurn.exe
4368	AnyBurn.exe
4368	AnyBurn.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2556 wrote to memory of 3452	2556	anyburn_setup_x64.exe	96
PID 2556 wrote to memory of 3452	2556	anyburn_setup_x64.exe	96
PID 3452 wrote to memory of 2588	3452	msedge.exe	99
PID 3452 wrote to memory of 2588	3452	msedge.exe	99
PID 2556 wrote to memory of 4368	2556	anyburn_setup_x64.exe	98
PID 2556 wrote to memory of 4368	2556	anyburn_setup_x64.exe	98
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5032	3452	msedge.exe	100
PID 3452 wrote to memory of 5056	3452	msedge.exe	101
PID 3452 wrote to memory of 5056	3452	msedge.exe	101
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102
PID 3452 wrote to memory of 3228	3452	msedge.exe	102

C:\Users\Admin\AppData\Local\Temp\anyburn_setup_x64.exe
"C:\Users\Admin\AppData\Local\Temp\anyburn_setup_x64.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.anyburn.com/thank-you-install-anyburn.htm
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:3452
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffdb97446f8,0x7ffdb9744708,0x7ffdb9744718
    3⤵
    PID:2588
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,13000116279881542037,3240944032749309003,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
    3⤵
    PID:5032
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,13000116279881542037,3240944032749309003,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5056
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,13000116279881542037,3240944032749309003,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
    3⤵
    PID:3228
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,13000116279881542037,3240944032749309003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
    3⤵
    PID:3512
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,13000116279881542037,3240944032749309003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
    3⤵
    PID:3516
- C:\Program Files\AnyBurn\AnyBurn.exe
  "C:\Program Files\AnyBurn\AnyBurn.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:4368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3420

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4956

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\AnyBurn\AnyBurn.exe

Filesize
4.9MB

MD5
db802095321d687a7bffa70c98663396

SHA1
4d5bc07d3fc7e4f31aa7cb461bc0df5f11d6c170

SHA256
ef146e2279e1df1e95d16c485d8002cc3f8257006d2ca1a00aaa3d65555932f6

SHA512
5a3eb7723003a5c1d86c887abf21a5305b826c8a09cae4a16f48f547778d177bf6857d06ae7fd59c04be52ab143d803440491156290dc5d85a75adcbe902ffc0

Download Submit
C:\Program Files\AnyBurn\Lang\Arabic.ini

Filesize
70KB

MD5
6de1b30a0388288e8558a4deb9e8e804

SHA1
6cdf6ef456e8934204874db8808812ffa4e55fa1

SHA256
9ae5205995a346a4a787585fe901f156ce2cc7e5233f25ebd33a8a7a4dc29321

SHA512
02666a7c90bc7e8e088ac2c249d9137c168abe0535b2a151e2f40ec1139f149463dfaf8a3af4a3925ef5f66ae11325d9046318fbc5505e62d670128f84cbee69

Download Submit
C:\Program Files\AnyBurn\Lang\Bulgarian.ini

Filesize
81KB

MD5
8aa2a671c87da0fb91ab24ccf7599257

SHA1
76add94c75218a22d6fb7e69d77434cd3e239628

SHA256
d57db73af8e8988ac367bfb0e388147032f9eefbb0ed04d707bfcf37ce37a98b

SHA512
ad7cc62ce822aaf262c0d53e86f5518c311adfd9a3e5241956855c6b61c3f9c91fe981d7f9d87f8be661a05f678ca5add003bd883c02300c05f14a5bb20549cb

Download Submit
C:\Program Files\AnyBurn\Lang\Croatian.ini

Filesize
78KB

MD5
8ab8987ebe805232a490a8e2e4297b86

SHA1
b32296527e9fb7bced3e9c247a68c077532a89d8

SHA256
af29d56943b55ba02e663eee7c1ade49b635e942d477acc0f4f391fc498ba51e

SHA512
59c919813c5e9bd311a5228520ca5be2159a95cd7ad5fee7f86589f89b2c54070adddeba2e329a8f6860f6d1ce9f576e0e7223f11d03cf87daf6e3db9818442b

Download Submit
C:\Program Files\AnyBurn\Lang\Danish.ini

Filesize
75KB

MD5
52de4eaf45b8838dc3e645d4e69a9461

SHA1
2e6d4006f3f21efee371a46a3122904cbdb1c647

SHA256
8c55acfc367da27a10845d543ef3dc6117df89b01f51c748c5cfb19f374f6b18

SHA512
448686bf55e9d3da09aa498de146af05dd83178819a4554e0c0d4886e4dca391db6321e4719c4479a98ec499cd6375abad2863cfb9f189c5cde4859e66d569d5

Download Submit
C:\Program Files\AnyBurn\Lang\Dutch.ini

Filesize
81KB

MD5
d49f91c980fe93cb9ab577d847335820

SHA1
22de1b19dbf7844ca94d962957120484abcfa652

SHA256
af09939ca72941a6090ca8448d6f4dba47e931e76ecd778a0c8e7d664b6aca4a

SHA512
b3306a601638a744ce6cd35bfc42baa39efdca027ff07961afb32ccb58209a9c4556cd53bc93138f62f3e63c28375e7be4249c99ce2a8daf605300266e86ef96

Download Submit
C:\Program Files\AnyBurn\Lang\English.ini

Filesize
75KB

MD5
c04269a6f4c8af6f2a81b0e4855de792

SHA1
3d9a5bf680cb68e033fb50568770cc1a06120508

SHA256
5304abfb5b65f21b58d95447498ef6a47efee61b06c5a5d233f0ef9cc0019a57

SHA512
d64592e74a748fe0345f057b1b2fdb13cd78bbc252862604bef9e1fcbced000b99dee91085ab5eb3120e6905ceebfc81314e76a504d932e79ccac40e704c076d

Download Submit
C:\Program Files\AnyBurn\Lang\EnglishUK.ini

Filesize
76KB

MD5
ead85763965d0a7968c92bdd1065fd16

SHA1
6b50fa24ff2fc5d1681b119337782d7c52aabc11

SHA256
b0633189b72cc02ce97648200542ee59a2c8d7829ef2ce8eaafb7b86e9ec9936

SHA512
ebd7a8c03d782a8ea720270dc65011496b7110ba37e704f403594cb0a9c01fe5fde2824c2e6a0091c2884befcbf829e1ab519c5b51109047dc8cc984a623750c

Download Submit
C:\Program Files\AnyBurn\Lang\Finnish.ini

Filesize
72KB

MD5
08109a3563da759f555bbab19daf864a

SHA1
e41c650eb087df086151e76d7d7cceefb6b167a3

SHA256
5ff5b4a9750dbcad4aef6008cdb16eb8662f57fd2c3eb6a5810b8e5916fa35fa

SHA512
1158f731e1b3b21ee474d20081db8de52d1d590b6efeb3c13008bc150c79ad80a7ed7d75752c2a21af30a2790b7317b07af1c6922a3908268cf638bb1e95742c

Download Submit
C:\Program Files\AnyBurn\Lang\French.ini

Filesize
87KB

MD5
2e3107fd03984e7f099801160cd954f4

SHA1
2545b3c1c61f5c8a866ba01cee16f4baa47b2c98

SHA256
6a55a99d2034f4d5820999eced542c4274f04eb83b0f9e650bee2929a9a79978

SHA512
ffe8f60df1a39dbd0aa09be90f8b067160810ba62b714c6cb029f60ea3940157a85261bd14a84b5c35a99ae2b886fae812e484b1838346e0c4cb97efccf185b0

Download Submit
C:\Program Files\AnyBurn\Lang\German.ini

Filesize
88KB

MD5
3874ec8777c2cf9b4e6ed7abdeff4f77

SHA1
56170d1caaab98c26356f33a10ba3319b2b464d5

SHA256
fcc4179be5c5cb80a476125e773bc2b541f0e4f7400d4e3558e946c8adf21219

SHA512
5f7724fedb824b5b8a3ab03959bfd7c47e5bf7e7e2c9ae1693be7ea20860725ff642401e0c09272ada1e39922971bd00adbb36ffe5ef22841ba6011cefdfe67a

Download Submit
C:\Program Files\AnyBurn\Lang\Greek.ini

Filesize
84KB

MD5
c0ef520567b1aa8272b43f6717a6f15f

SHA1
94d1ea7b0aaae459c354a7d3518e97fe44f1677c

SHA256
f40e1d42573dfcb6647f28418a51279303320689bb736fb408d12ef00789b212

SHA512
1f5cdab1d9041bc0c744f25a13472344ebd2ff9da7807b8a304b589428f76d0c6a3f665fdf8a32a2640eb3a4ce80a9e8a4f3700298dba2a83de505bb2d1538fe

Download Submit
C:\Program Files\AnyBurn\Lang\Hungarian.ini

Filesize
79KB

MD5
52462e5b860f26a312dc4e08d2d3d5ee

SHA1
45f3d33d0c48f0719ba530082f46fcdc27fdb525

SHA256
6eddfb60599139092b701d04f9f9ebc56978b5ca7ee2430b5eac7268f225460e

SHA512
5991575c99582523a95ba65f736c714f8027d92b60a82f8e4d490b833069e9bb1a3bc901ea86232dbfa6745269f983d25587e5b0d7dcf85b3599604f4e7db4c9

Download Submit
C:\Program Files\AnyBurn\Lang\Indonesian.ini

Filesize
77KB

MD5
f8b14f775a09e701ed43e2d2470045f4

SHA1
5a6e9b6118cf48f5fcee244aafdb3b44fabc6e4f

SHA256
adfddf01d20d7716a24d5b64df4ce1e5b22b14d15f2262fc384c71b0f4858fb8

SHA512
c9aa8a502e267b851ba9dfda145f1f0a3b44b2dfbfa88971a60039fc070813b3b51a56ff9579a778ec53563252d542d81c2b377553078defae550b81bfa8b0b0

Download Submit
C:\Program Files\AnyBurn\Lang\Italian.ini

Filesize
82KB

MD5
b72cd362de7fb90f5ceddea19433f7c3

SHA1
0e56bbcc3619a9722ea55fb45525a8286033803e

SHA256
bc1d103a387dc1cb1b97230e04729ad578f5f90c4f0e0dd084ca16ded491e76f

SHA512
b59bd75d5a6120d13d288a714acc00ace348316b95e8df23310331a9481ecc32a02081eea40179c5cff90e85802da63f431c127982debceaeb9dcf77986f75ef

Download Submit
C:\Program Files\AnyBurn\Lang\Japanese.ini

Filesize
70KB

MD5
c33b45de7a3ebc178eaecef5a5f31cc9

SHA1
341f0bda585b666d91a11e0f0f94e5e8e3f17860

SHA256
c02ac88a984866ce973d713abee01c38f4612e97c2ee726855c6346190de00c6

SHA512
a0fe83a24e69eb68f04224ca5f1cb3f260c92ea70cc7190954b1b4da1a84de1109d7d319e0aace472b00df2f7bf19d6c23483004329e882d2ffaec3f64c0d1f0

Download Submit
C:\Program Files\AnyBurn\Lang\Korean.ini

Filesize
49KB

MD5
5fc79d75d13236d68ec25c38cd62a66e

SHA1
c4d628c00bcd67e8111b38f7d13837a6db7c0e98

SHA256
9c2f965fb034635bc409c12b692df1f97fa97cc95cfde95dbe6f4bd1200030de

SHA512
574aef230844839a4a6dd42551160a45f43fc5c4116c0a6f12422632ba7f3c48c7e4875dc9661c37871be37cf6ef63f81ad75e8cbde5187ca50458b423fe6010

Download Submit
C:\Program Files\AnyBurn\Lang\Polish.ini

Filesize
80KB

MD5
a38a6ff7d2756fe96ff24e943787ce96

SHA1
20db1e8f19b54e7988f8f25795f8e05c25526854

SHA256
7b9f8f641168e2c0bacbe84bbf852f55b415bc56c1adc250ed2d8d6f6ee28147

SHA512
83701820d559f690c994130d3a23807bba9be32c0541dc741890c76a139d3a7c36aa5559bae6e57c3692de654576d50398f27937dda0e3f5e67ec081d53023c5

Download Submit
C:\Program Files\AnyBurn\Lang\PortugueseBrazil.ini

Filesize
80KB

MD5
33efa85968aea0f193dde788fda1fb47

SHA1
cca8afc928085b154f4b9a09e23c0397080f70be

SHA256
ec3bdcc6e1f59d152a254ecbf1df43b40a22b22f98691cc60dae062122af2802

SHA512
ceb0ca68529d011c7fced1a8ef556282d623d32e4a0b0d7b62d3dc0ab3039818f2f1c059bc64e8709974ad79b48fbd0e9c8796e845a27a61a45f39f08590d1fb

Download Submit
C:\Program Files\AnyBurn\Lang\PortuguesePortugal.ini

Filesize
82KB

MD5
c1e86221503fca4ff199ed561e7b4c38

SHA1
bff571048c0ef846f1c8c9b0173c65a148e75bac

SHA256
9d7a87184a1e30bb29b788529d5d26ca982f488c337b287106da3d9c9d3cdd07

SHA512
211328ae1531d6f4bd762bc62358ae2ede45792a3347db084a5cb306f7f604d18570eb41efdb4c42e85bcc5700d202ec83b37a5b7b82455f8b524cc1b39671b8

Download Submit
C:\Program Files\AnyBurn\Lang\Romanian.ini

Filesize
83KB

MD5
e56ee3b29eb3f7dd2325c6dc00dcd21f

SHA1
fc2e5e5b46b6eb4306189d3f62566830d900394c

SHA256
ecb586f700446e2381f4b24ddd47cb01d0761592b8289c5152f37754f0e6cf9b

SHA512
e411d7c112884fcae955abf4b070dfa55c32e2873707f74f2fd957bd7f52b00239bcedf00ad1ff624c6f4e3cb3c1017bb9d88dd43f80cf22b4843e7f0a993412

Download Submit
C:\Program Files\AnyBurn\Lang\Russian.ini

Filesize
75KB

MD5
223d1a2048c35d775d508e2a8220adb5

SHA1
a1a2d136f79299dcdde02f24a1e85d821c63dad9

SHA256
c492cb45fb294d4af9a821988232b94a29a38ad30ff8a84c0c114969548c9ab7

SHA512
6fa46e92c47f22aa3623b014c0a70cce42ca86fc09234ec8941d41706d898641a367b0794b7f32c6d71570520eb49ab1d5fd5b8ff38d8d0ee10e8fd97fb56db0

Download Submit
C:\Program Files\AnyBurn\Lang\SimpChinese.ini

Filesize
37KB

MD5
1619228149b6f1b369361e523527f911

SHA1
ecde8a4b69d7155e4d354be01f3ded0b95140d64

SHA256
c903e6834e0854f1994573f153e96d6f570c4730badc1620bb35340946522b8f

SHA512
d0646c77cc7a5dbb712676cdaa6ec287c78a523c6b659b5e128123ad97c9de7a8fd08575f49b7dc510ac1d38d62a81dccb3553de7a63d091f4a0e324956c3cba

Download Submit
C:\Program Files\AnyBurn\Lang\Slovenian.ini

Filesize
80KB

MD5
ddee309ec6cb8d9932c244a573506721

SHA1
9c7b31831738c82e12e0517b77efc96669a26703

SHA256
811ab8f079ee56bde6d1375ad87e8d13ca1ea8072a40c6b2bb9d1c51173ee58c

SHA512
bd7b44c010e2efab691ee341f2f1050c38f197f4bc3d376194e6fa1c62c10f2ce26a01be7492536a485437e7ed7aa870f753282b6c8aca7ee0fd58c5080bce95

Download Submit
C:\Program Files\AnyBurn\Lang\Spanish.ini

Filesize
83KB

MD5
413d6c22280d0a08e6e59753887cbe3f

SHA1
e50e5a106930eee267a1819a3d94724776abc736

SHA256
dcb8b5f02fb12386700ef955b926cd8b9d973591d48dd2a5016b7881f84f7d9f

SHA512
7f1c5266275509abd511474b46b85e6e7a5949a4c49304119977fab88212ce1980d9060b256e23cfa975c5a1053cef5d4560e38d2ef45bbb7e8deeb6ef08a1e0

Download Submit
C:\Program Files\AnyBurn\Lang\Swedish.ini

Filesize
76KB

MD5
247de23d7130df2cab91c321daf2c0d3

SHA1
c413535f4257007997cc9cda15ad7b6f5e1e1e1f

SHA256
187c3f55491af0e511b5d2f08e9c052d92df28b67ea399e441c2cf81b8237b7f

SHA512
5a56aa669b6c5e4fdc10787e61d5dcde7efb6c951873a712b8984c1915c3559ef331e05071e814721cf05f8c31a6c25542487ce221ede23497f62688d9d86a44

Download Submit
C:\Program Files\AnyBurn\Lang\TradChinese.ini

Filesize
37KB

MD5
6f041711b9dd18e0d64b8f8aced559e3

SHA1
f3ae314c871ecaba9ee64b6279e6fb309db22588

SHA256
6573168fde9efa71e1fa6a0b1750c25867ef779494ec29dad919d154155028c5

SHA512
c246813d751498b4027e811ddb5a5c1b9f80bb0009e0418a0352b5bee82af018d11bc51ce1e7de654133bbde44ce9fc516e989243e5ed51f8c4bd236b88fbc95

Download Submit
C:\Program Files\AnyBurn\Lang\Turkish.ini

Filesize
81KB

MD5
dbb148e2fc65be9a1c4a522f0729de3c

SHA1
2cc83a67b7d7f58519639d0d4993bb83cc1e352e

SHA256
62060d072507ed2965b263cf577898e41589bb6d2e7e34bded3a248624e18dc8

SHA512
f21a37e78920cfa1871ca49307413538b227a1066969ad7f68cbd0576a19cf757ce2ac55ef7552dd071554e54f7f0b378016d907a200ed7621b2463005446c71

Download Submit
C:\Program Files\AnyBurn\Lang\Ukrainian.ini

Filesize
76KB

MD5
50aa7ab3d6281c30392d040570128a97

SHA1
8a50f224fb748085ff870c56431c24b0fade68b2

SHA256
39897b9a9152ab49fe323f409c64629f9af3908df4d70c92d881c95b272207dc

SHA512
116e77d7e4498839df097c752273fa2c23e4f7f06684c0187b7d39985e156d7e7ffea4058b774f4395253628670e98d6f91e762aefbfa4fb26c6260cc7dc7b61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
f2d1dc9af42e1b60270e86d13d00ea6a

SHA1
9a67f86bff4c43a88d0c9d2e322700b8911ba141

SHA256
956e7868fd0e84ee10136efb5ebece0b66c798e42bd0aa84293df7ac66154376

SHA512
a6858c83189cfe6dd64fe8fe26c577359a1c2e3db1f7f7324cc341ea4cb62b0030b5b6214dc4e7855bcc200f901851602a534054a071c3de4bfd0bec290b26ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
520B

MD5
2b5acb3548cc795c410480194e9d8f8e

SHA1
37c49910faeb8cb93e4a1844970dc2636e00099c

SHA256
99f95952fdd27851c8f4380d9b450f058b59bd7d60dbd280e870140cd3625f58

SHA512
5094930159d50fc43c8eeb6f549a34fdbaf70fa96b917b4a850b30a53fe77e71006c3c3cefb8fc3ea4a6c6cff0c1d292dd392758377b1983441cf13b85a57d72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4815a34b9ace2c8c06dfe0a3a88f7e91

SHA1
e16f036b61ed19fe6041496ffb8aebf65661ba42

SHA256
00f7eb6cd8e990ebc60164978d94494a2eec1846c943ee5a24555e6282026e9f

SHA512
677bd31fe819acb97656559acca3342b034f10a8beeb2c35b74f17d70a44f4ff0d158ec01555d20b63816a7dc243e138a462082f10de41c18e57229303d3164a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
83c9d79ab7af4f656b87e72e3aceac9d

SHA1
27f5dff6d95d8b74202746d00cdd6b11608e1133

SHA256
4564787275c5f96b5d13fcb1f4a81d2c41b8a9becf55d43286506477b325a04d

SHA512
3b73bf5314241690772915211e2c2094fdeb22f9e75da4664e591dae995e08ee2fd7cbdce9a373879d9102c071d293a3555b10035685fc335a90fcce1f24247d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3457744e13984cfcd543ec0f3e1873cc

SHA1
2d1f50b1eeb70cc4f82a58d5cb96e99b56ca7b74

SHA256
0e6b98c95a88f12170d7118d48281d798473991d06c7e9298b71ba6b332c6d35

SHA512
c20924f35bd68fde87006b21bfc66460fc58ea0bd722a816779b40dbc75d7603c5ae3e540bf0f49220e1f8f4336fee86a8b60b60ce85085757d02d24b00abf18

Download Submit
C:\Users\Admin\AppData\Local\Temp\$AnyBurn$\C803.tmp.ico

Filesize
2KB

MD5
4198afdeb9ace242c575ee572af22e1f

SHA1
32784594ec69ca459878010401c3931be8e5e15e

SHA256
b4d6704aabfcc8b7cb8f4ee58b162dd124e2d0e4dce20ecf13eebd262dd1e76e

SHA512
d4288466d9a669c7735dc788f81fd5581876048644c48a58df5e2f8c70d468464d9de2bcbd295cdfe8510fd77a9a3cc26e3de0a1cf985622fec00baefda7f4cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsl88D9.tmp\InstOpt.dll

Filesize
8KB

MD5
a9b4e84b5c71be9aad7cbe44506a6b4e

SHA1
d3a7b3bed2f4f3cc3edc85e202d202a1a535d62f

SHA256
313648b948243e992f08eec6e567aca26c2131ca6b9d307dd11071470521baf7

SHA512
0c78a4d8c0c129c26fd3d99e8b04e4598e5d844d0d9f213dd318ae873ffd23db1cb06c0fec636ad7ac8a6f9306dbcae58cf4d8e7d33dca2b7a3a31e6ad36bab8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsl88D9.tmp\System.dll

Filesize
12KB

MD5
8cf2ac271d7679b1d68eefc1ae0c5618

SHA1
7cc1caaa747ee16dc894a600a4256f64fa65a9b8

SHA256
6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

SHA512
ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

Download Submit