infinitylock | cfa4daab47e6eb546323d4c976261aefba3947b4cce1a655dde9d9d6d725b527

Analysis

max time kernel
37s
max time network
40s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
15-09-2024 09:45

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

[email protected]
Size

211KB
MD5

b805db8f6a84475ef76b795b0d1ed6ae
SHA1

7711cb4873e58b7adcf2a2b047b090e78d10c75b
SHA256

f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf
SHA512

62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416
SSDEEP

1536:YoCFfC303p22fkZrRQpnqjoi7l832fbu9ZXILwVENbM:rCVC303p22sZrRQpnviB832Du9WMON

Score

10^/10

infinitylock discovery ransomware

Malware Config

Signatures

InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
ransomware infinitylock

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedge.exe.sig.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Oracle\Java\java.settings.cfg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_ellipses.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon_hover_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.143.57\msedgeupdateres_fr-CA.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\Locales\fa.pak.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\check-mark-2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\sl-si\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\ResiliencyLinks\Locales\devtools\ko.pak.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\ResiliencyLinks\Locales\ug.pak.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\ca-es\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\Trust Protection Lists\Sigma\Advertising.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\ReadMe.htm.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\js\nls\en-gb\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\Locales\ca.pak.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\s_filetype_psd.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\RHP_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\icons_retina.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\themes\dark\x_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\plugin.X.manifest.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\zh-tw\AppStore_icon.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\images\Info2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\identity_proxy\identity_helper.Sparse.Stable.msix.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\main.css.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\cross.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Locales\cy.pak.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\reviews_super.gif.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\AddressBook.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\plugins\editpdf-tool-view.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\tr-tr\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\faf_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\hu-hu\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\AddressBook.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\pl-pl\PlayStore_icon.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\images\s_thumbnailview_18.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\selector.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.143.57\msedgeupdateres_mk.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fil_get.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\ResiliencyLinks\Locales\hr.pak.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\ko-kr\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\share_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\ResiliencyLinks\Trust Protection Lists\Mu\LICENSE.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\ResiliencyLinks\Locales\uk.pak.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\fi-fi\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\goopdateres_id.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.143.57\msedgeupdateres_bn-IN.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\ko_get.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\da-dk\PlayStore_icon.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\en-gb\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\S_IlluNoSearchResults_180x160.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\uk-ua\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\ResiliencyLinks\Locales\devtools\es.pak.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\version.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\nl-nl\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\be_get.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ro-ro\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\pt-br\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\dd_arrow_small2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8	[email protected]

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	[email protected]

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	[email protected]
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	[email protected]

Modifies data under HKEY_USERS 15 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "244"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	4896	[email protected]
Token: SeDebugPrivilege	240	[email protected]

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3492	MiniSearchHost.exe
728	LogonUI.exe

C:\Users\Admin\AppData\Local\Temp\[email protected]
"C:\Users\Admin\AppData\Local\Temp\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:4896

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3492

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2036

C:\Users\Admin\AppData\Local\Temp\[email protected]
"C:\Users\Admin\AppData\Local\Temp\[email protected]"
1⤵
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:240

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3a26855 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
16B

MD5
1fbbff03171f3a0031aa9721190804f4

SHA1
8cbfa445e8518ba4033022e0800d652b9cf7b3e4

SHA256
515bddfdbaa6b07ebc236244dda3770436d06e07251d507d2f0dbd28bf74b9d2

SHA512
a092cbc5c425cf0d22c7adc40b7e421e63397f990b7784dc91a3911bfe47569948fda4415eb5b2c38e5684e3614540f2a3c89aafa230c306057db56e6af6a240

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
720B

MD5
c60dfa37742d6d2cdc91c49dc5d5b660

SHA1
ff9224b49dfddeb130850e767326446824a97ffc

SHA256
a189f054db6690d408e8dae923cc7cc3a52e1e36609c8a81783db5253509a0cc

SHA512
76de046eb7b12297bd7a45204d936f9fc5bad74c51ab21ba5177d1a120d598d27ed6f9641663b9ccbbfc6f52539f191bb89e3e52156d8b92fd7cbac6704980ce

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
688B

MD5
14d71fa2518c6cdcc24b822f76ba0fd3

SHA1
b0e7fc542ca549dc0665fbb0098ca89abb1e359a

SHA256
43dcf414a9f77179afb476c08aa399e8b1fed7e3fdd0abebff9968f4af5b7672

SHA512
4ce292a92d2a3a2a3de8e8cdca56ff2e8b0d92bb720462f4f62067bd0e54bc045511846d7c1b1bf2ffec30ecd46faebd88aea2e157c2a88d48a8ffb8e8a16cb6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
b353a2f62edbeca80f323114e636cb81

SHA1
8f87f2efa09c193a61f5f52c0635bd126324eb33

SHA256
563d7a8fa0f5113380ad54744ca4a33cc3528f7279def9d832d7931b35192f17

SHA512
36953ef3a21d6d6e4aa9a8cdf9bbc4c3dbc70df26a8a4e34b9045095df7a19d959f04c6c210c95e8ba2ed2cc4ebbbfb91694214ef601d1d2a71885da8c96b5a7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
448B

MD5
e91cd47c06e65652f8cf34cf04879bda

SHA1
f4464575de6d1402f5ddfdbe14d48d8cbc27177c

SHA256
7f4e4ec73a55c8bcc43507054594145a0a6a1f7b5185d4f5e1f186e81e245026

SHA512
a087b92b7372d32a424cec48ef48aeea84f4195041ec1db9ff71de864b572bdf2c41d46f8418c0baa5f76982e11e6d6306f82bc75cdc4e95a1085e48d8a3cfd2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
624B

MD5
1db5c17822c9d423dfda12d98e5f1140

SHA1
e593bb6b640c742fa3773259d83025043e362cbd

SHA256
eec37c9a0a0fe7ff12a7a47f487160be9c65f32cd633d9d16a9446cf673a0b68

SHA512
5c0908574084b8f1005e5c35a9c50d3741d1ff33cec5cc0a81df4a5bb6d431ec1f7beac177b8c8a4fad7573a3fe6a5740a109f4a456a92b8d73a1234fbd7b1e8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
400B

MD5
6ee31490b7edf6f73cf98a58684e0dae

SHA1
387fdd2082fb6e5f05c63af35934df9c3469fef3

SHA256
b75c8ff66602d43524aa202159a58d3a6356d678c61f97092982453e6787b601

SHA512
05702ffcef222028cc411a256cc9becef6902d9bee5c53ce67454dcdd6c658a81ecfdc598cb71199ac277e4d9c2058649cab990b2a5a3ceb7c14be6780179e84

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
560B

MD5
002168a311eb98c70743288b688fb5d9

SHA1
510fe4213546297a672b5903e65fe14ab0fcf8e0

SHA256
0bea5fd8e0a0e8cf70af173cffc19ada39d097d76a21c2142bd92bae3af40c9e

SHA512
05501d515826f2e3d9b58100037f8e4ff4c97ac6213d2c3b1aff8f24a3e05f3d686d0eb07d37ad92b7b0e1639b6c8ae5a3ac0aaf72fb96537046b3b88d822b22

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
400B

MD5
8324d561174fbdc151becadbfa7e4c7c

SHA1
369e5ae7c1f0d9edfd6438fa3fe3f2dab94dd446

SHA256
b4836d783ac1cdeefb149874ad8d006da0777d1f50fa2e0b7b578f6d46e01f12

SHA512
52e38b0a5381cfbf85959a8733992e516b4296ddacd748c6bc537d9bc56b46cd74f53590c9015cafe8ad617b2800153c1e4f19acc45a0da2357d1bee7b964d4c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
560B

MD5
3db4b313d636a8634fb672e778d918d4

SHA1
9813125a765b932cbd5e582e1130725e550926a0

SHA256
b9aedf8412035c86ac76b629374b2668209b2fe7b95fa08e171033347280d75a

SHA512
d4f957495a7a0904d5036bbf2d511347a021dae34c77ca56efbd778472fe1c51e4cac89c0274849f757d5d7d1623257b56b476c68522cb232694ff24bc5b7cec

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
400B

MD5
ccc2928954951581eff5ab41814df081

SHA1
ff8575cbb7cb72640d563542e9809a40a3c1f09d

SHA256
676fbf9373ac701d27dfb1c173687c8771f63687c9d5a694f3cfde79fb96db8e

SHA512
476d3125011633f551d1af4d159017105d1a2da4737cabd117949d7ac6b744de360e5ab132ad717240b050e7dfd111b4676645ec827e5a2f777b48804afd2ee3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
560B

MD5
0c6b419099bda477b2567c07cbe15db4

SHA1
0f9de9bb93b93dda9cf71749a81522f6b3924cb2

SHA256
7d5665061098fe8a4594ad8ae0ae11e99e3cc69eb684628520e4efce75cda4b5

SHA512
d61cfb152bb8ec66509978996d6a8602f45d6c2193fd11bf741dc90cfb26d17c90587f7b75783f1b5542ba4b02ea588d0647dcf356b2e7b34fcf71c3a91723aa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
7KB

MD5
05d75d53f9991aa75f13fd24758f76ed

SHA1
3f1251c2ff44d76a25dcda69010691ace1eb912d

SHA256
2665968686af8f17ad8bb6b9f0f2be319c404af72fa87585008071e4480a87d6

SHA512
982ecb49f8f63dec06207eb5a80145165313da0a5db7e48d620ae4deafa7ec92d81597e1ad6f1521572b640833ea5443d3e766e7f03f923a9707f09603877f00

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
7KB

MD5
481c1ef47e1a5cd88351390152ca3f84

SHA1
85b6d5d85a9385dd5511cade09234c790992383e

SHA256
416df4646825d33fe551e578874dab1a50bd582fec95fe79d3ac2354bc4ad754

SHA512
73bc0f0f8d18e87a7e8b2818bf0a51c0ef9a43c3f9275603d0a7ee2383cf59d7efe94b0e324e18cd4ee940dd37cfa93a14ae8d3d931ce4ae2c2cf1518e5dff65

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
15KB

MD5
081c484b8d0cffb5f993461efaf53ab0

SHA1
1ded148929f7e5d124b86725ae8553471b6ad828

SHA256
9d74188c52d83ce42f0051c02ce3ff054c0459bcf518e1f1e20a3076dcc15b66

SHA512
506570ea235cfc5006db80eaea9be28321da4b68cf4461bc263ba354a8c27ce7c06cb76af3981c7ae74552d26f8f2ea28f7d2da69d99b83c7e37d69c41ef849e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
8KB

MD5
92d2866c4a632ccc1f5ad3235819914a

SHA1
fd696b1f59ac6211e41003cbcc8fa16389965ab0

SHA256
c1db78aaf10bca8f3996710f892f9c344ac500fcd7fef2c00619368cff681269

SHA512
eb49cce5313cfd7e141c8173e0bbfcce7d3f72d7e118220c0788854f895689df59c5ee8be46410ee44cc47e5f0e21339d62d166e525df569e301997a7882fe7d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
17KB

MD5
12e497b1b5068be450505922f284d265

SHA1
e859bdc83d7d518915859b16409e0b0222adff61

SHA256
8187aaacc755e1d878ac2fdf9ee41bc643915cfc5a8909f8a3fdceff67944fec

SHA512
09279cb09fb4a33daebcfca450125277b83e2321fc482078f4396131d591410ed5f40955d36317b0ac8ea735ffcf5c0d6ee3e4603a68aa1a0d0adb036f49fad7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
192B

MD5
b16d754cb0ca6653ab3f11c7ff73e1e3

SHA1
f8f34b6238ac86395ba366337a38b244fa7860a5

SHA256
7bd1d0bcd4dc00251288bbd3cd52884c7710fe10ff3880186d4db742578de011

SHA512
a3020e6b41620861369e90f71cf42ee8e02b41350fa4307b6cd6ee05825ca62efd8e7002c23720befad606c09bf27f5516900e8fd6e55e87af8379c6d20508d5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
704B

MD5
b7e5cce085b0f9e4237d2d68f6ff67ed

SHA1
5890c7a2977e7eeb9b815ea24384655e31801ded

SHA256
784f0873321b2db7855b26f0f733def5b9147d9e4284bd0270b1403d3e4da9c5

SHA512
8ea905e007e19c3e7e4f6a7643e4dc13bfe478c775e23d4aea911ea8b42a22cf4f60e7e5cfac9aa0387bfe9abd3508944e7f43c6b9b295372887ebd22832c0da

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
8KB

MD5
eff4bf017480a1949d679a69eec8f595

SHA1
ba93ab2614944c78a0edd5c5175efb9b0190b141

SHA256
70cd7f25776ed068846eb93b074d1d5e46f7ed1f0c62331dc8276e41d00fdea1

SHA512
3e44b83d03d360a6fa6fba1b5faff1eca626a96ac997c64dbfa48301212ef3e5a0874025e4ade75b70347d447eed06d625d7db67d97bcede34bc7761600ae800

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
19KB

MD5
6dc81d6a99848e76cc99669ebc159812

SHA1
3fff6996f18b8b24e2d57998a89b9ae45fd229c5

SHA256
415bd5f7617bee1b858de18eae1919f11b47b4cd20ee0099a65cdf2c64979125

SHA512
ea695368d4925ff16e1ad5cc5550d4819b7c7fd8a796ab020b1b81f6a1dd21820565cb5c4b0b61a5ad3dd9f9450faeed238c8858d8112c15d129a71f0e7d8eb5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
832B

MD5
b2c4a735ff1096a74daaa8c6024edfdd

SHA1
af68769a3064f76b76eef3da08f496e38f0b6767

SHA256
4defc41a434dd187cb5cdfdb582591948d464deff6677446221f2f23db8979fa

SHA512
03e27c146ab3c709e951ca45daad20df1f18bb4a7594c24e72cfdda97ebac5ad63852eaff1892e96f726d7411bea68ac58632afe3cecebf15b2072b288c4f744

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
035c4b1b469a75b530e5304ff0324d2b

SHA1
a2be9f1d53540c7bcb3b11e36ba407d957e0af53

SHA256
568fd1cbacd5efddcc149a655e83c189206209c1ac47d0e839e544c852542412

SHA512
89dca8369386256764bf9f5b9eabf77cae20b10785239b610bf81cebb80b1a7d4950dc0d28875300d077f50753cc7483e24eacdb5c7fc21fca2ed7ffe170aab8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
69867a858d9a8104342cc25c8eaea486

SHA1
3bdb8554448db25265624f4a157a677c8c0f05ea

SHA256
82992c26ca07ebdf4e606618625dd5a78b9c5efb9a623dd79f5ebdd25066697c

SHA512
f158b5a8d707455bc6533f10c3e87fac691dce3b9936d0c72eec809bd3a7ff9143c1bd2e52730bfb92e5e6b1df9381e3a92805b0df7d6503a2c3988f2e7e5c29

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
816B

MD5
93fa59a46e9b0e33efcbc11077b4a20a

SHA1
b7baa62774a290292b2776ca4cc959b158a803ec

SHA256
2d1c104cf9f54e3ef6f92941f9d7bffa44fbc4e06fb8a2653e53339761c8bc39

SHA512
f0c4ef4ede13b404908a7bc100c63567bef07e0056943949928ca753b145249826c19c9c3a34d49ea28096942760df1b79b8280e0ef9ed1f6e3dbdc20d8681ad

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
2KB

MD5
587205e0dd36420477dbeb31b4ae9c44

SHA1
e702a577ef556bc10ab7a94f7afdce3d6e628f0f

SHA256
45e1b334f140a24f981c4f287ba082fbe852fe8d3c9baa61423198bb04ee06d2

SHA512
cf716d3599894e986f1620de28e1798dfdadfd236da12812da2e62445d77a0fe2d6cf8eb35c481702e3f88a5a60b1e2eeb43a91d3e92d33b9f91928c9f883323

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
2KB

MD5
8bd817614677aec3f2e267d827ce5d71

SHA1
e93cc1e56555ce1f232a3cb3d9d916bbd6f318bf

SHA256
3b3b8bf6bf7f3a1af8096fe6be6eaf69b472716f8ad387b13b2eb736ee2aa53b

SHA512
31d727431e533b13f7314f605c7a1bc40000523de908382ff0d76b8240f0061289705d0d81d2f258770eee6a828c1717de5872c05b9eecedc11fd0bfdbb04b9f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
4KB

MD5
bd347a059a95b192515637a40c661458

SHA1
f8a5c0ecdc07113e44c13625d6f03df8b1b074cd

SHA256
08af8d328fa93912725d55ccb17c6431d6f45ab9519f133cb24d848762ea8af2

SHA512
3df4092037d30ec2b78a44bcec9bf11a42dc27131d8147e877de1e8a149e603412d8977cf6eb144a4ce3e79a9759453797dc22ea9f95e678566fe7e9972a2abf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
304B

MD5
7fa5c015b0e2815514c14f3310d75c59

SHA1
e854baa2a5dde2c713b35a2c4168fc38949426a4

SHA256
8bbfd44243486dc546477e5dcb2a286134ddf0b32a3804216f7466f30c0b8dec

SHA512
92410542aea26490f0ee4f515bc188bf5be70b776b62f00f705eacd59ec657454cc9e300088dead5b9644277f1dcc818dc2eb311284321ce032152f72de5184d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
400B

MD5
4a8805c7aa701e7fff35821d1b9e15ff

SHA1
9043ccc2bdcb49504d35ab30c000503ea0369bf9

SHA256
f7b031302f44071ad71886d9cd5822de0395c51bf828114b7a8fc1fd6de3bb34

SHA512
31c9efe45b587f198d7805e966ac5535d5eb1ce009cc1de5048695cb310ec15695cfcb30fa6b147404e3e45c8b85d777e68d1b6cb6268d1f79ceb2be27622564

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1008B

MD5
b05299eafc27521d777789603c2be929

SHA1
f5b4b329fda15bf54338535544a3217405ca5ef4

SHA256
797c5ec8d3e417afda87fd3b8600ef8b69d1a51d12de4b4006827dd03c5884d3

SHA512
752872d6807fb99777dafed9c1a04d76a18d801bb6ba691488b8917cf588c1aac805fc24d10b55378c33077b3fcbab991c3c5a457f10d03e0f29d98e9d6fafc0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
d24de1e940a67e837bffd64e6fcfab09

SHA1
a587ec703b20fdb2ac1b9b893179346e49d1a3cd

SHA256
322b48edaa0c21e481c4078b92d3dafe286716c4ba3fe736c0766ea14c7530cc

SHA512
fbb59f9e98cfe36f70fbb3adcbe34067a56160ef30943f5ab2caf45e7a6d7d4b52cb05cf5ccba3b2129ed87f4ee241a6a17375fc342c867f203a246812d39f16

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
2KB

MD5
d556c1b8af81a43df70247faa3299ddd

SHA1
18a7845c7350ac124fc2e360972e265a000e0c7a

SHA256
66f4c379c3cef7e2dfcda00d4ae67010090e9dad8e1d66a562105cfdca8e76ff

SHA512
d47a6e75050de757950813a8d1f2fd56ccab0b4405a79c249722ea784b4c9bc807641db18377c433448dcb76a8ded639c17f8cd3e0f3675f90c797a7ffe632b2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
848B

MD5
4a2eb647499fcd40a90bedc7c846636b

SHA1
8db0948f62346981ce9a3ef74d4f7913448fb362

SHA256
3af554b0af2ceb5480d1dd2fa9743cd9c0b85c4ba197e3e000f7d25d7406f132

SHA512
f0c5620cb86d66bbe13a821125494b29fe9ea133fa791a9f97e8247d66d7c51fa8aa678d27a232c48ec9dc0b06aa0bdfe82c42dd28acd172ddeb9132eee2aae4

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
32KB

MD5
b180550abf728d36c3578add1d720a7f

SHA1
5066b2c20fda0391011e26ba50ae65e63c0ce639

SHA256
8c416d689af16e235b9bff91681e0d5a80f13b565ddf15dc6e9c0cdffbc82c57

SHA512
839ad8b54d16c6289846ed46a00b9bb852a47064e99075b70d7a183cd7707ad140f04aac6448c9fa80b6e231ea9bf47159b2dfe160e87c2ecc23fd29312116d2

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
596KB

MD5
e0c9cffe9e61cddccc04bc66bf4b36b9

SHA1
2ebdfa9935bdc2f301d35fddc3d9036279a20f8a

SHA256
576adcabffd95ed9cdddb155700ece6f854cf216447a417951d5ed73dbb97f70

SHA512
b4dc48f78b2eba6b740d9f2578e31c4cc84ef3086216d9da4b5c94599a572da94febb0000687e4a621e300fc976c18a8cd7b37fed30a1283976b1700103c7e07

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
184KB

MD5
9f4c7fa006d074ca82e0853bac3bcfa0

SHA1
4f27f13a38aa5c7d25db74a20fb0aa1dab6c596e

SHA256
5b63080aaed8a3fa036e1ef9bca6564bcdc529552e99f27cfd985d7ea4ee23d6

SHA512
0e4e8b8cad060582e9367963c0b1661d8761cb1b2e9b0fde1ad6bdea1582dfe8504a4af40cadc0f0b918b0ae882bb799d8806d5ff2bd064ee73f140d28369fb3

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
267KB

MD5
44712124ef30275530429e3d86309e85

SHA1
edbacdc87beb4af45fff1ebcc5d8d6d07f0e4ebe

SHA256
11d736901be958cc9aace85f7d838d90bedd330c15b2510d06727d8fe2b449de

SHA512
c6a81d0c982ff196008bad0047da456159a4da798eca52efc154e3275fd6c8c741bc2f26a6804bf9bb839a545e3bddb59369a85c7bed9642666d31122b8e1958

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
576KB

MD5
53a1f85c48e19b1aa1a9972c133f16a2

SHA1
94bf3f7608167dae581d34736b55a6bbf702698d

SHA256
06b0636e06420a57c39ed1abb869c3beb907270b82c4ad6a84b2fecce34f178a

SHA512
cc7a51a018e0d0245b6462e017da2a0049d5591e0dd6bb71084289636257d2a72f8477d7149c3f71cd4794b289cc9f2d3bd39252f13cd07b7a8847de4c277f23

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
802KB

MD5
0709fd64616131e7720c0e580181937e

SHA1
d784486bb7af6b1ed8a4ff10c321bd94e2ec76ac

SHA256
9982e6f2e409fd2a6278475bf37fb58582ad618e4b88a589dc991a7e1041690d

SHA512
d4f8cd918496cc818921d8091e8ce44007847bd731a203d5ae6bc610140ede8f20900eb7099131665d7cbf5dff569c3cff8a89e63fd25fa10cfb7bbbed2df204

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
303KB

MD5
3350ecffacc2031056aa6a5e39778d4a

SHA1
a8499f71b58c4587cc6800c267f068eb1cb15fa8

SHA256
38712db331da7a69ca130e755bbdf24809c69b519ec92c26504b2b4b52db75f6

SHA512
a8d4a51a9a7c52851cbc6b3bb252ebc302ec9210084febc7d6439e78a50284299396b868a58538b8ecaf6cbad34c1f029c276aaae2c689447739824052dbe6df

Download Submit
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
303KB

MD5
0fb345059a62e048483b184d985df318

SHA1
477233f63d3844d820ccc882b46364010d5ee88e

SHA256
db1fdf118b7bef77b0a2c81086ffa341495037ef451ff482b985df3a294fc42e

SHA512
532eb257ce4f0472bf777d49bcdfbe9f3efa8ec60b9308c238f7e0546787c97cf1a2ade6d5f0dd427022049735cbfae9909dc4b94be8f2b058c07cad4b9c8f04

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
512KB

MD5
193dd1a6493d0fe25a4ab16af6d0069c

SHA1
cee9cfc02aa82ba94544cc8aa6c198983ce6deeb

SHA256
1900899f9770f3762c9a25f7b4f359cbbcb98907cdb1ce5d6ae47ee77bc4d18f

SHA512
2b5152004c5356795c92a4e0f17e139105c408e130e4305abc822efac779edb0f9ffc7dd52b718e3cf5a13247ad9538d0974af21b3bf4a4514b2ee75b9e8ef20

Download Submit
C:\Program Files (x86)\Common Files\System\wab32.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
740KB

MD5
4e1aad3e61c1fd6c6fb3eaaf42367f60

SHA1
a11f14dd40014dd6803afc6e932599a0ef7f5124

SHA256
d76e4efe2ec6939645db4ac783b1197b80e855ccb811724e6679d9de6baaa914

SHA512
9f63ee6588d95f269c3203a9f9ee8a155d9d2675b331b672618888871a3b2beaf26c8705c6f890b404a55df7770d03e218dd37d2fb2537aa219a75c6f9f7ed1f

Download Submit
C:\Program Files (x86)\Internet Explorer\ExtExport.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
47KB

MD5
7346499ceb792eda786538f2c8e24ebe

SHA1
6adde65acf651b29fb8cafa10c0634b654aa4c38

SHA256
36c98f64f502e317af4d4038cfadd89a19547edda4a5e9d94256062c3def5506

SHA512
6e7bf7e61334ecdadf3dc8b8f229d5715ce37a8156b663d0e9be7dc0851076cf49da4f817217ccf4fb54c73311673e3a4a90bafeda5724112f0e5e1afab210f6

Download Submit
C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\ResiliencyLinks\Trust Protection Lists\Mu\Other.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
96787217a87bd3334a7a82cef8fd6865

SHA1
932ce009ccb8e79144903b04f8c89ec830b4b447

SHA256
de167a9e9f26c9cea2c2b2f7802b64831475051b574a247ad52186281fdc0fc0

SHA512
8ed56d035b7c823708f06503ea4054d59a6f825dc6b1e930910b92bcd6b7916813f30d387f65a3cb45e51efe692361855247aad4f1f5a174367123557bddc184

Download Submit
C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\identity_proxy\identity_helper.Sparse.Internal.msix.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
55KB

MD5
d0b5308120bc1880649a79d5de122f66

SHA1
a1d00efb350eb76a4d8d23bec9a45d57090b13ec

SHA256
7e733dc03f71453737f878033982536d06636eff4c801adda4ea5a42641464d3

SHA512
6235aa8ad68851539a4f2e0e5d1670c8735de717fd16333dc656749cc6353e7df4c2710dc3c6f8cf4b2c79ac959b94ada0855fbd36bd90084857a0289a5df4bf

Download Submit
C:\Program Files (x86)\Microsoft\EdgeCore\90.0.818.66\notification_helper.exe.manifest.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
c8abf1419104215dbdce68ce35665414

SHA1
0dab017a67993646d4f4d432922ce086423e3493

SHA256
61a12a555a5bbf688f759b535dd6dc4bcbc0bc6ea5438c04545efa525a3f9339

SHA512
59403dc2f9a66069cda544a326271215518c5ca911910b923e4856f91c936e4b5c06d5fa3043a6eb0f07d606ed5224b90f13a8d366ca895870f264ae88b6fa97

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\MEIPreload\manifest.json.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
240B

MD5
5a3ceafaa2c18fbae79897568786b9f9

SHA1
9810c135d2e2adf532d19f14a51f5da68f2b3993

SHA256
0bad6ed6333798eda9800f9b71f22cf537844441aeaacc9e0a5fa49ac198ca5e

SHA512
c74a7f8ca10edf6b4d932b619613c72087904fac474c530333aac02e6514b3bc84676f126d30507977c221df4275a1a997c179b064e05e4845c0a2c5fd7d64e5

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\MEIPreload\preloaded_data.pb.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
6KB

MD5
3d8e1abac668300e9a24a67bf8f44d91

SHA1
087403ad1cb1cb798c1da796dfa49027d28cd58f

SHA256
ac402a2c1c5e43776ec5afd37dbd145fbb453dfa3061c245c53fd2e471aafd77

SHA512
b47a8f7b2a94a451f3a7292885da4f57694fe300faf63a665d73d1f8206a58217817bbbdc744afbbb600aead971ad94eb3182407f5d5944af3a4e477b60c1ce0

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\MLModels\autofill_labeling.ort.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
15KB

MD5
69ae6808d4de9b11d5211872e15eee5b

SHA1
1333ecd27dba92bcd469ae9b969718cbc2d45d88

SHA256
7c6e002ccb6284cb0a8f2b56cb981453f21784e2484834591141f82c55f2865d

SHA512
198f84b5000123659500cb1d6640cadd4a020a6b5fda558e5af4a4d4291f5ab5905bf129cfa52cf0f016cc9f56e9b193085bb9670b348c5bf378d865783452d5

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\MLModels\autofill_labeling_email.ort.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
20KB

MD5
e3c8306d2aec2245b4126d35fd8cd19e

SHA1
ef8f625091c3e35e339ffa7059ecb3edf38b5fc7

SHA256
e64cc03d18eab1e4a474380ff677d278a72993ecdb1cfe167836b3d8fcea5314

SHA512
50c0b8eb1aa93ed1a309efe164030188731cc91469cbc728a5c9d1ff3b5e56973ab3d940d69300bfc014dd5f23854649675dffdd03151fb008db115a0350c294

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\MLModels\autofill_labeling_features.txt.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
8a5f90ea4bee1ec4e3e276dc90836c50

SHA1
f68816d24ce20c00186ea7198c8a3a2da924ccd0

SHA256
d653920e16f7b45b3f7f3b2427b991749b86d529b4b0c5beb890ea63aa95b51c

SHA512
e549cf11a4fa5a9920dc95a3492a763f80964d0a87d87718e4ef96f8a777e75e5bcac2272b8e68243ba5b913a4d0204130b5c808fbe67b095876d3519341fec6

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\Notifications\SoftLandingAssetDark.gif.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
158KB

MD5
f4869615893801986ee1f0d4a44ac7fd

SHA1
1f2944850e59e35848cb8154c9ff44cd34874595

SHA256
72a0f107d5e2f294b051d23a8538c795f160413a3c8d97910f06c44af8953148

SHA512
ba160dce860eaae8cdce29a7ed6c5821a41d2e18835e48bd573c670b362daaaedbe1490136d04e27c8ec9e6ac868b50981297bd0d6a454b6f7678254bd0d0ff0

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\Logo.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
31KB

MD5
0b8edfd06d0091bdcd6ba9d6bf021bb4

SHA1
07f717b5ea33627006afbf1f616860038dfd3545

SHA256
ac9fe813678bf2d10d9f280f845a0bceaeae10677e36a5d5093b417d225abf1d

SHA512
58be1959e2d1d3d1232026f88a0b0ec7aa920e776f38d759d13cf319ad1c579f1d18c51013bfd764f03264fc1d8a1f99874213794780556ccc50225632a0f4b3

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\LogoBeta.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
29KB

MD5
ea9a164b69f0f3156d5c960cd647c3f4

SHA1
21feaa1ed7f5e65e48a7b784945409c4fb7529b3

SHA256
44dde7c8cb7c006bed9bd4ff571f5050225230ad5155caf83aa9bd6a0cbf4113

SHA512
2f82c020e050b3453e8eba4f05588ed0ea819ff92d0f16c8d5219f5bb2dabd1d20c8432681a8942f30c9d87d764a15f74c742570dba2365563c21fd094361c25

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\LogoCanary.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
29KB

MD5
0d925f6df84b579bbd656562000f6d6a

SHA1
e39a143d4b89fca6340c4f533b91e199f56486a7

SHA256
7ca9e2f215f3bb268ee50483fcb57ed08400248f2c6b45f7633517a1559602b9

SHA512
6b6d7ff45930e2e2eabf9c1ef6d7a989f264160d6ed279b30142dd5d878f42e64ad53b7f51102d6212f41681d893d831af04daf7d5d0452e63413440382876f0

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\LogoDev.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
29KB

MD5
8e4a98ed4f66fba0dd3e560895416048

SHA1
400c641fc6852674f7824051745cb2d98f756f1b

SHA256
ffe9ed1d02716b2205e6150ff3ea6f990e087a3f22721ccc035ed0ab98d47a2b

SHA512
255dbda694edb60021b68b55e19bcff77fb5d0b71ee217bb5761efbe482e339659c2fc9871dcf6c6d8b1232505ba98392e6ac01df21ccaa714acb9b737beb537

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\SmallLogo.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
15KB

MD5
3813dc3b50e4b102a6780d905a669435

SHA1
61d3bb93280625df04bd402bf8ff6cff49f425d2

SHA256
abbaa7713b3cb0052364c814ba5616183d00996ee12ce8fd8eaef043a65cd15d

SHA512
ff42639e86f349029e1d370a561a4435d09f439e57cda59f2da33463d0375d99d8ebd7b0dd858bd4d4f0c8fd4e810d1b5d2180ca92cead9da23ec2fc828cac7c

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\SmallLogoBeta.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
14KB

MD5
650d22886ed175ad1441a53cf27d6649

SHA1
f428d03c661e0e73d58fefd328c708ccf73f7adb

SHA256
0eab390b47f898130957c674d13bdb9eec19e9adfa7515600884a49dc675ac29

SHA512
c03117f73d0e5401fdb3a4f0b7b3166af15c08a7442aa5e32a8c07c8f81ea2d788e99bbc9df0bc80a41c431cdd3f47d286bcc557560db29fc865eacdc5646ebc

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\SmallLogoCanary.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
14KB

MD5
14c75f718630e3823d96304e85e83bec

SHA1
9cd0b33f797a5b342bfab4b185983589e8cf2dfd

SHA256
1b990b8623368ef1ae58246f6323c721c4a3af7481bf16294916b3494f5deca7

SHA512
fec9f8725be284d8ab3736000b3fc8434d43b84a04e7cdb764ea33b790dfdf8fda7f29681becd0710a96f5fc8e5cac72671f8262448dd3afa7f23b707ddcaac7

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ResiliencyLinks\VisualElements\SmallLogoDev.png.DATA.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
14KB

MD5
5b810d8d5ccf30db11ed3a79277388d3

SHA1
36a4ceb32e2a58a1ee0b10a66ba0cf82fb8bc99d

SHA256
8ca5b7617121b957b3933d4f850731f80cdd5c8108d30e71846fd6ce47c11891

SHA512
0d712a972677e30af14dafdab336b8e7c791982aa9bac513c8dae9115040830633ac1be783c360f2ba8c472b9724ebd5a3c6c384072345829b0d611e98daca50

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Advertising.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
24KB

MD5
b79aa981674c25fa5a74d66eaaa90bbb

SHA1
51c84e8fb029a455e27cdd63ad1d9f052058f63f

SHA256
5ad3802d981270811ff5146502333ed0913e93dfe33d4fc50176a4220764eef7

SHA512
ddcfda32961e393f94f956742ac7252fdbd15980fd36fb368feb97d1ef94f722742a44977cb38c16df7848fbf34b878d92239a870cf4b1e92410bb57dfff94a3

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Analytics.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
4KB

MD5
386e336950e7a2b9dbf753a6bebd8644

SHA1
96fdfca352c06d3aa6c5f6e751ae9f6dc8089bd0

SHA256
e5dfd1346bfa24f1ee1c77e3387da5fb5bb107a6d830c9b2dede605f39ff08dc

SHA512
81f4eefbef3199c8fd8c0590878c390b516a999698e4adeabedf5272d1aa5110b93723ffd1d4ece5396839d2f1f3a43183df323a132e7a25400341cd5288981e

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\CompatExceptions.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
672B

MD5
457c74a9f6f722b2c500aba6f7ef6751

SHA1
1a02e6e54480b567561621a007e891d6cc621975

SHA256
04d762cf7f10e9883c247949140efe6bd3e210095e29ecb9d51a36fdf303ff43

SHA512
98e65ac676f48170cd9f8db5443c50aa8a5e9d1cc3363256bb93366cd32fa4dc369e4e41a1807d43b71155eb3d3039f66ea759c5629999b02aed9566d290423f

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Content.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
6KB

MD5
f3d9d62de8826c7a39d1454fb3f06173

SHA1
f071c08f654f2c62fb26aab1d451a08cdad8c6eb

SHA256
f26ced0c61e9cfc19e537f454e686d84101dc4708f48f4a3b59b233e50e35452

SHA512
42f534749c54aac47b869131ed4c12993ac71a8b384ece0c7295597be2b4b1eede2d57b02c07757ba3ae7f4b3664d9f38890dd11308ad54ee1b5f834a6a46c5c

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Cryptomining.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
194be75b707ad7d2521f9852ec8ecfd0

SHA1
30bc0d1fc6b81246718f6e04fd285e8190991a76

SHA256
85bf917337aeb45cab5f6011c9c74fab3240b3737f85ebb216908a1a49e0b379

SHA512
7b355f4ee7db9f71a6f498bb5d7572c68b1ed07a5d885a4c91519a7d192f7bea2fe208826fc7f308c9f72cc2e3b33b8976f5e224b7a2c74db6ef24899a23cbfd

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Entities.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
68KB

MD5
3fbab4af4191c5addc0272b1a89979f9

SHA1
1cb151a87f6c0c7057bffa304e3c92ad89eb00e6

SHA256
b7b61df067354e88fb1c110a2974fc73eea576bf8d6ced351493be8362273aee

SHA512
1ca70d70cb9b7de340bad70467c402a9fdafeabf1b3d25c2373053a80397759c228ebe0154ee790252645ef6a6959ba403486594a9c1624fcfc349c74cfbb308

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Fingerprinting.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
aa4c7c8ee88d83ceb974e9694fd3bb64

SHA1
a914d01351f7327827dcf02701d5fdc1f7fe63a8

SHA256
249f4b3fc6cbac34f41a30acc38f9393135946cbc6a902eaea24f5a423757a9e

SHA512
2b86f23c979c37b78cc109182c1eeae76dcfa0290e24bd2dffbf7311da5bd3a5e991c9dc4dce035e12837e3b033bf9c06a5516ff15098c61b8325efae3c6a7e6

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\LICENSE.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
34KB

MD5
763fd9a6006f1f284bafcfb9c0c949e1

SHA1
fab849157c3b692dd1865b5740667608867af992

SHA256
1d0203c28fb1f4b4e96dc09eed90ac87feb3e7b49f9578d3c739664813107b27

SHA512
e729ba3306fdc7dfd561cf760536ed9be77da0b57975a9b9833e9fe418263dbef7194b43378ede943610b2fbb9cafdee09e1672aa0ac22f29627e2bd9a72f8c7

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\Social.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1008B

MD5
e47ab3a2288838ec69ceff5a263977f4

SHA1
5c88667cff5a90e7ee021b601eddad481317508a

SHA256
34c01dd815a46ce1213c5f5203fc4ae25b01bf45a3c7b9cacbdb6524a4fd28d4

SHA512
0ed0295ce1a5314e7619d9a6bab52c0c043f16b39f37df6083fab8b09afe7d81125ee4b13f5bd3681290c6a569a027f64070e721ccd50621c38d717f3cd711c9

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Mu\TransparentAdvertisers.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
32B

MD5
ecbf1b8a9d6d80b186f279fe24b8d90d

SHA1
ec6d58813c4a37d93200a5633fb483793875d111

SHA256
99da10fec564ceaa488c8e7fe1f8292644d82bd24a6d0b9239a349ff3f638471

SHA512
13482ba744ef3f40cec370eee6b9cfd0145eb724d809bf0ca7004d38fd5e94485f47580dc120083cb1c181ffd2a6ce3ce8a1607925c90d8d7b1936fe321ea644

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Advertising.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
80B

MD5
e50dbcc08ad7ada37cae28e9b389acac

SHA1
924f3e56437ae96f0b1145d26d96685f432121fe

SHA256
aa43f628a8af862f62c4b279e8fdd471a4192992b863e63d7a2a5780c7ff4844

SHA512
5b12358b4ba220e6928742280a288b7ce6a7e65f13282a7223a6840697a0330149557e1d84d352b87e86ff2f0824d4f27c9a03000d52e35429c7ae13936dfa34

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Analytics.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
fd21efb88c01b5a095fd6d18dfe0c8f3

SHA1
7e84539d176ddc31fa01b87b65daa9f1c036ec96

SHA256
ce48585923e6283131744723d889538b4390dba6d0c48122c08fe4ee8221a5a7

SHA512
909c6949f3acb11ddf26d636f825326cfa0feeed3665d037429bff4be8440773c0f5059206cf57662b6671cbd97bbb86126a99d504619f155868d41d5d7265f6

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Content.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
689a5b0b8520817aa76eabe0996c7abf

SHA1
496a82a7937506799c66fc50f125b5962435f178

SHA256
f4a4ddce408479caa5979f6e8b9b4e34fe13a2ded94a28659da2b510b35a24f6

SHA512
9d3a7a6c9365ca6e4b3af3fa9d1b6c790b555662fdfc68552d8d76e1a4a271bf4107eaedfa13215c7871c7eb602bf580dd7a7a13ee26173f485475b76a3bdc59

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Cryptomining.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
3c7697ec4085c613f35b50d372632b7a

SHA1
d632eacfc16d09d7047d76669c3943c44566d02f

SHA256
3f91a6c30278947529d1f0ba90d96f314d966ae4d6cd5f2941c1a7b86813ccbd

SHA512
def12cd6635747ab07ed70e199cd58692c688d1373ac6f34709b8f5cf2d5c63e0b4db13c7f0ba436cabba3f5898cd5f90929d1dc6a0760244959787509f77c96

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Entities.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
896B

MD5
7aaf5739af604688edeff9d31eb18282

SHA1
df67e89d515bf2d3f37e3a475aba457bcd4db2de

SHA256
b4fed3e82b1e45c5a5bb15c9db4ad3a47b13b69bee7eb3199d5fc4b97f5c8e7d

SHA512
be20cf8450b7ad85deeee891b4114f7a02dee1e0ef8472644446f47ab7e6325f10250b8ac5b1adfecbd167c7f906a244a3cd8854173a38086d7702d9dbfd76e2

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Fingerprinting.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
d18c9ec9fd0380bc15e2c7b66a190bb1

SHA1
c545be44a53d464a56ccc6dceda90b51376e1327

SHA256
c497c9eeb9eb7620b6b0688fc2fb04039ad2c316ae696efd1afc94d2c27fc974

SHA512
e59e2a397a7334df3d076a7588362c233e51f6d1efedcf5c115b5b75bcc461b1cbc5254d8d554f7894aea235473fd52df66078287ac29aa3accc494f6ae5cc12

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\LICENSE.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
80B

MD5
5927eb4d20f5dd43ff509e5462339e8a

SHA1
861b16799c495eb2d8ee425a16e80d472286f08b

SHA256
b709d48ed4b5001b73963f6709823f871567048cb83cebb1337d0f75ea5a2774

SHA512
cb4f7a3f91243634d0532ae6fcb103ae368603b6f8c70f380034bc32f04c4563c5a5b92de65857241d153cb86a29ee9224a6a9477a128dd4baa51761dc807184

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Social.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
48B

MD5
88ccfd32d537520066105608e0edf8cc

SHA1
3e1c8d15a6d6c6dae57a03dd60b1f0823431927b

SHA256
d17452dad9f5fda1192f80a8bcbcdf33cb657f4d51cef2d9255f13b5cf64951b

SHA512
ebe5ac355f22433cde7b15d6845fb4d1f1f3cd3b3bb2983192c65d44f6fbb016c40624ff52d1978e28e6d2e507458062e1ed7197b1c2a21d8be89fc1c69d04a2

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\Sigma\Staging.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
256B

MD5
6f4e0c0c53cbf4b12874fa479104d193

SHA1
4da6307cf770bc206bfb5d8ec8dec6980b482974

SHA256
e4b3541c3b4ae4030ecb93e726e31b1627686400d4b70a610e29a812b57ab9c1

SHA512
23f63b0bde162d877f4967239643d27acc5c824bf8ccf4ac67b30ff22b905508c88c8c69279ed85bb8c72a550365a62f5312dc8e5b186fbdc84dbcf5cf48351a

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\Trust Protection Lists\manifest.json.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
144B

MD5
9f4a15a3a9e94bf20f700da816262e76

SHA1
07977c4433ac5a985f66e63dcb1432e506dc1676

SHA256
65200f385c25863b17d2df4e1957548cbec416b8059db9e58039c7f1ad39adee

SHA512
7ce15194cc69f37c09769d13a0f27b2ff5d937104f64d3111ee85f8fc93d35c3d95f4f5279d4db988d4c0f83f26d6b666bb0e22ca4a2e2b91d13f0475fe6ed33

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
1KB

MD5
889badf745b536dc39c0297bc74ebd56

SHA1
f09edc4b7bd53cc59000b4a885677d3f2cbdf746

SHA256
8fecf0124b7045055aaa786f02dcf4cf7457f36899aad9d930de13bed4c90431

SHA512
78436eeff2c498b8cca97ba9bef76a1fbf7c7335f3779d9ba52d13736596fac9f6b0318fab48d93a77abc56cd171a5332abac9dc7b2547226d537e91529c2ecc

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\WidevineCdm\manifest.json.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
864B

MD5
8716720a40f499e6365171bdb6bf94d8

SHA1
4cdd51b6f8ab62ad9f1278a4cee3984002f7da3f

SHA256
bdf34f5b5c0113b4b364b0457b1863095662658e51145568ace19ca156970f33

SHA512
d12a489672064eeb3ec22e740e41ef626eb07f8206222681dff5ebc3a15c66f6b5a35ed54ce6bc5af214d591afbff82e429c833b72e7655bab98e2bf48c4b119

Download Submit
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
104KB

MD5
bc7034bd20f9b237029ae74952741c4e

SHA1
16c54792533e72fdf629e9c4131739d6080253dd

SHA256
59f1a90496a3a241fa7c38134669353c3d69d5c62c26f68d34b50f57f88f6d94

SHA512
8427d9d064f7e4593f4cf8768e673a9ca01c93aed5ccce8c1c42b21ad2d081e058bd5cbd2f043be012c1d677eaffec3f0c133becc95bf1d19436eea8f49c8665

Download Submit
C:\Program Files (x86)\Windows Mail\wab.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
505KB

MD5
e7f7f595b595b061f916a291bc3c2864

SHA1
3b6f6d45674fedce425ebfd8e47bd75c1d11064c

SHA256
5d545ea1a93bd1c70e5fd51dd10ef2ca1b599604f82fda99df71a951d6c86af1

SHA512
f729d55fc12d7d545c9631be44ac3bcf8314218d66c0fc07d243c8b8dd799e11457a910fd03624c6811c08bda8928669afb47922138aa6130056494c66d1543f

Download Submit
C:\Program Files (x86)\Windows Media Player\mpvis.DLL.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
161KB

MD5
214d4be9a00e2ec1f57fe36bb2de1fae

SHA1
1b7f0a34380dbefe05c695eb981956bc93010e36

SHA256
d3f4f55908afd85de3446cc17eb9f716e416abcecf8f8730b01a973b19ad1b3b

SHA512
4d256376d4cda20c9a9211dbfba4ef2c895cb62f40d6da634f82d0ed18dc13be4a90d7c6753c2679e5b1b9f26a68bd8ddbcd3be666d9f2e9d31141d599b2bdbe

Download Submit
C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
622KB

MD5
c88234d7dcc62c6bb9deb5b35dcf56da

SHA1
699c1b79c37e55bd46e2073a07d59893dbfee974

SHA256
2b8606e6d1001ebc7c54f292e27934a9e88874ca6aef73c0eb38602936976c28

SHA512
81bbb1a117c9526f6f091fd5fde0a83a87808555df8fddf9fda0e2380be88b56a8311110e55721ad281b97a2a44d17a90b47909ad72030ec92ad9e8733d3d381

Download Submit
C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
93KB

MD5
ca6c9813392a32ba89864031fee7232d

SHA1
3f2931c736cc0ca978c651f40fb45a701b543077

SHA256
a87c6472237a69245991781f39c012fe0717e64d515d8744e70f0536e83d6866

SHA512
2888fc878cd690f11d469f02ca24409e19c21e06c5fca1dec75b1d0049822ebc789a3806a2444ecc9dd3246b2957c87ff623c7967f037ae51bfd657915225760

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Microsoft.PowerShell.Operation.Validation.Format.ps1xml.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
3KB

MD5
42dd889a73492975c31c436ae5dce0c4

SHA1
f7bd522872c32bef48f2b0c9eaa5ee48f2616815

SHA256
2b64884b0c9c12fe3e042d2d3125e14bc58d9cc85c932796df6af9612d6218ea

SHA512
83ac8403c9a18636f7aae5a4f551f856e74742078d668d4d80e3d131826cae859c4cc2d78a4ac91ea225039e187eb6164c8a1a47926bb3bd1267429c71110ed2

Download Submit
C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\Build.bat.C8AF69316B7C593A5E622CFA4777A79A1B2162EE498FDE1BCD5DF897601A32B8

Filesize
752B

MD5
52ce87dadb5f7c1a9867c84b36081dca

SHA1
938019d7a6f086714209c6265fe5ce7809e26fe6

SHA256
f0c0b94ddf5dc3399f56c5ff3f4363bca2bdf7ccfb8aa20bb2fde0cd208cf8f4

SHA512
5a9bff7857d8e68904b73b83548b4b3f312fb6ca2439d0c064a769bac3eb873c819ea1fb75cf5930e2ca18acbf421c59f5b1648a6ea5a43a7449d4e509245e7c

Download Submit
memory/240-4117-0x0000000005F60000-0x0000000005FC6000-memory.dmp

Filesize
408KB

Download
memory/4896-1952-0x000000007497E000-0x000000007497F000-memory.dmp

Filesize
4KB

Download
memory/4896-0-0x000000007497E000-0x000000007497F000-memory.dmp

Filesize
4KB

Download
memory/4896-2-0x00000000057E0000-0x000000000587C000-memory.dmp

Filesize
624KB

Download
memory/4896-1-0x0000000000D50000-0x0000000000D8C000-memory.dmp

Filesize
240KB

Download
memory/4896-5-0x00000000058E0000-0x00000000058EA000-memory.dmp

Filesize
40KB

Download
memory/4896-7-0x0000000074970000-0x0000000075121000-memory.dmp

Filesize
7.7MB

Download
memory/4896-2588-0x0000000074970000-0x0000000075121000-memory.dmp

Filesize
7.7MB

Download
memory/4896-4-0x0000000005940000-0x00000000059D2000-memory.dmp

Filesize
584KB

Download
memory/4896-3-0x0000000005E50000-0x00000000063F6000-memory.dmp

Filesize
5.6MB

Download
memory/4896-6-0x0000000005B30000-0x0000000005B86000-memory.dmp

Filesize
344KB

Download
memory/4896-4118-0x0000000074970000-0x0000000075121000-memory.dmp

Filesize
7.7MB

Download