347b39efa2eb3be7a9a16ab6612bf68e34e7c069bfb2a78f0bed382d024be8ef

Analysis

max time kernel
149s
max time network
150s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 05:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe
Size

5.6MB
MD5

eab5167f2fc67c0c8d9ed61f300789a6
SHA1

e340a8febe8144f096b4cf62c15940d84e0dc127
SHA256

347b39efa2eb3be7a9a16ab6612bf68e34e7c069bfb2a78f0bed382d024be8ef
SHA512

a15c05fda9c899c0d6e41b2fd42728e468f86adcf6656b5e9bfcc645f4390e1f5bed4b3924cb141d221585a845bcc64d54c372fe31c6adc49a9ea7412e3cdfdd
SSDEEP

98304:J8xZ1WHMBaUDvqr8HSB6smen6EamSkyuRt8x1nAnpIDEH9TytTd6/O2:KxZEHgaUDgx1n6EH7uCxdkTd6/

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2604	PPStream.exe

Loads dropped DLL 2 IoCs

pid	Process
1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe
1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\WinPcap\VLC media player.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempSticky Notes.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempTabTip.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Create Recovery Disc.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Media Center.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempiSCSI Initiator.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Microsoft InfoPath Designer 2010.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Microsoft InfoPath Filler 2010.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Narrator.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Default Programs.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Disk Cleanup.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\ShapeCollector.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Data Sources (ODBC).lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempNarrator.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempPrivate Character Editor.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempMobility Center.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Character Map.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Create Recovery Disc.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempOn-Screen Keyboard.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Narrator.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Internet Explorer (No Add-ons).lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Mobility Center.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\iSCSI Initiator.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempAbout Java.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Windows Fax and Scan.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Speech Recognition.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Notepad.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\XPS Viewer.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempSystem Restore.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempMicrosoft InfoPath Filler 2010.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempVLC media player skinned.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempXPS Viewer.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempShapeCollector.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempWindows Journal.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempWindows PowerShell ISE (x86).lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempBackup and Restore Center.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\7-Zip File Manager.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempSpeech Recognition.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Sound Recorder.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempDisk Cleanup.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\On-Screen Keyboard.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Digital Certificate for VBA Projects.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\Microsoft Office Picture Manager.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempSidebar.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempMagnify.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempMicrosoft Access 2010.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempMicrosoft Excel 2010.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Microsoft Office 2010 Language Preferences.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempVLC media player - reset preferences and cache files.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\displayswitch.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Resource Monitor.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempiSCSI Initiator.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempGoogle Chrome.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Command Prompt.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempMedia Center.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempMicrosoft Access 2010.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Data Sources (ODBC).lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempWindows PowerShell Modules.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\Backup and Restore Center.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempRemote Assistance.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempJava Mission Control.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TempMicrosoft InfoPath Filler 2010.lnk	PPStream.exe
File created	C:\Program Files\WinPcap\TempDefault Programs.lnk	PPStream.exe
File opened for modification	C:\Program Files\WinPcap\TabTip.lnk	PPStream.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	PPStream.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2604	PPStream.exe
2604	PPStream.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1716 wrote to memory of 2604	1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe	28
PID 1716 wrote to memory of 2604	1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe	28
PID 1716 wrote to memory of 2604	1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe	28
PID 1716 wrote to memory of 2604	1716	eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe	28

C:\Users\Admin\AppData\Local\Temp\eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:1716
- C:\Program Files\WinPcap\PPStream.exe
  "C:\Program Files\WinPcap\PPStream.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:2604

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\WinPcap\Microsoft SharePoint Workspace 2010.lnk

Filesize
2KB

MD5
0383120d8272394c09ef0ddf2f534cb9

SHA1
b37ef02de01385f9af228cef6e74d90e924631f0

SHA256
57842d0f76b040a28245dd13ab3e6fb710f0e58f250fadd859cbd7aa8b51679f

SHA512
33bcae40c81ae0f9cebef4fabeaeba1decbdbc1430b751e1f2209492ba50ad51eab79c441f038254a26ea07a6b97b3cf9b342fe238f31923e1ac81163c7c9f94

Download Submit
C:\Program Files\WinPcap\TempGoogle Chrome.lnk

Filesize
1KB

MD5
0d48e4ebc19d508786e34c6fed441ed0

SHA1
5f4259188cdf4d6149dc9aed120c63922f090c0f

SHA256
4faf739c128fd7ccfa84abda6e92a6aafd7ca8921bd9d1f14c1d89ac0b21d5cc

SHA512
d35c0f011c4608a8c2ef05977b57cf855a53160bdcb48a304a60e1efacdb4d679b7de34d92eb1732fd2bcdae1d640c77280f4552576328e45fc3e5aa7270d7e8

Download Submit
C:\Program Files\WinPcap\TempMicrosoft SharePoint Workspace 2010.lnk

Filesize
3KB

MD5
5af126d16e655fb353e15538d42a5c6e

SHA1
aa7a2a87e2a8e144739f48df7b40144a697722a5

SHA256
acfcf870087777b9b643ab512035da0e1c4100f5aa6434c0fcba7a344123ed47

SHA512
768b59ba89a95032e37e2c3cd089f5453a8bf7b70fe7cbfb004f366a7b20f583b3354f26b48cd199124bcaf04155345ab79c00fece3d733dab965a91357a67ba

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk

Filesize
897B

MD5
4a0062cb2c0c5aaffc810f4a6ed76808

SHA1
42961994797dc0136340b5d414bb8cf9adfdb3c9

SHA256
7d1bdae44da4734df9e553910269e4e82edca9c4948ddfab4834573cff23b2db

SHA512
00ca179cb7769d39223d5172d47f1620146570b78f9f129f079359bbe16a0a40188f02147b8fb3154baed49b5bbbf6c92d853f3b17115bb801cd5305e5ba5d8a

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk

Filesize
833B

MD5
f629a28246c6d5eec5a262cce8c0db03

SHA1
92dce5444e63769fb8b6b7040f133f81ef087c23

SHA256
5a37d974df1c6e42ef18c39981d73d0885220eb9370f25ce755dbcbba36afb83

SHA512
05b0ac3acb3bfd091480c5fd9a6e60501d71f681cb00f3122911094ce24c5d3776b0311700870d9ecf8aaea566025e8ea0fc895944c0ef17b1b7490494ac4db7

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk

Filesize
919B

MD5
c3be1141cff3f5ca4451d97151d8d50a

SHA1
97a170be1d295ea2847d627e659d55867a9bff79

SHA256
b341520f5fd77d17fae4c443dacc5bcefcbf2d3b41fb99e33f7b1b3c07dfcf8e

SHA512
66d873c909beb05589847d815b2b37560a80878718d2366911dd10fa0eae73ffb9d25d8ab9223b53717c4ce32f0f24ff1b116245fd28f92c943d8db79da810b4

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk

Filesize
835B

MD5
b5bed1b2d72a6948253d1b60ac9fcf26

SHA1
4b0ca09d67e1cf4d35e3d9dcd3495b8e8d84fd02

SHA256
f4a4ead7f23f17ab1b55da64e2860271746a3795b1ddb888021fb8fff9cf1c4b

SHA512
5fd30bd95e7b400ad964bd163994796195c659ba315f1e9c710a9d51156560e9ee6c986820bc58f180fd1ade0a7f9162f010bf6da59982b0f0a8c9051b9eb426

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk

Filesize
853B

MD5
e39cb4d10e423ae03eb7073e920c87fc

SHA1
6dc4f2dcedc544a5f3793045aa690410ef612cbe

SHA256
b97aed6041a686a1f3cbd423cad9f4f178e23d447c5c9d6c337ab1e531861d9c

SHA512
f7bdeab1372aad7abbdb06dd66cb2883d272fcb72f1fc64d4292a031304df852d3378b943010dc907e2e440470cb4b5ad6969074702ce507e660f6ab4a10f632

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk

Filesize
829B

MD5
8b69169d3c4ec450bdc8e5a043932339

SHA1
3a72f54cf481598a20c0b03de5ae5abc29c87469

SHA256
f692658bd2b8c94f994084ce30ab1b6ebbdad37f74d5017ae1b7693120770d9e

SHA512
a38d7ecbc96fe0bc8cdf3f895a14f41dcfea68db0a48440b963791a7b30f6911fc72e3d87f29fb0f0bc9d06bcc1b247db73cbec31ea4d560e48b001540c021b9

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk

Filesize
960B

MD5
3e65e4feae62baad3a3165356171fbc6

SHA1
bc6030195b624507695929828ed5e63d39823faf

SHA256
4fc9fea4a484a9b11fc86c14e9514746a4f7abab84bd02042f66bac387f4b0c6

SHA512
4d124c697cdd74d112e6e18b09a80e7da8d169649bdd2164ca6bb551128cee440d8447f78ce556ab8e09698d8dce4035d3a63fc84972e6b67b53822fd021ef3e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk

Filesize
865B

MD5
0415ade7a8a67da6d20814188f23e15f

SHA1
38ae99466267dc73df0ffb47eb2521f8325aae9c

SHA256
c43e3dab4c7d6cebf06622ca7e08ced4563d7c114743578503de61531f4bc9ab

SHA512
78bfa0073ba293273201fb7c9180891e42b4b5edc25922b308130866e847ff45b29105f7e3d6f2db14a683aec4fd8b150c6edeb64663d9bc31231069ad23333d

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk

Filesize
879B

MD5
89da2d7f9b8c6aaed60fec113d427a4d

SHA1
4d590fd20ef8df8a0bcbafb8d5e280187aa32885

SHA256
5b8635d2c34c02e94459b99766e9a69333dae82815e4377c760b5c5d0d4f02c9

SHA512
23693cb080e94bbe8249ed61c9d544dee51220a144d49aa9af0c1694539598e5d70a3a1739c85b3f8bdba7617c795c38b9dae5ebd1680f376eeb9bf6381d451c

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk

Filesize
950B

MD5
8e0b7262f9be59541172313452a5b47a

SHA1
1beb4769ec7c247e092c4d32de863b2b7daa4486

SHA256
7e548faca7c484f9aa692fd102918b2a2dd025f8a47e034908242e050ae9b1ff

SHA512
5cf41af52b9d99d85fbd89fb2326b34ab75aa694a5f275e14012a59a35939ee195a7523eba3c93a11765eda0286cd661897eb7aac5aa1ff538b7e40dbd6f2814

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk

Filesize
853B

MD5
a383663f78493b166fde89320cd71739

SHA1
857edad096dcc29d44a0fe336b2a125b6938df89

SHA256
25765298c713c1539498d0d6551982a8c90c44171ec3a43954cc2c424b0dba21

SHA512
95841886cb6476aac55636bd90feba7bb06e57397573a667c131e66de08ad54790eb5ba505ff44d45e929c160f760c344b4c32e2c39a403ad82242d604d3047e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk

Filesize
845B

MD5
1aea0dfe12bd292688339b8796b6b994

SHA1
e73bbda54c65083932d4f660b8d0f170dd867830

SHA256
257444e7d4104c7a1b74b0081e2ac59dec45d5e2b337c8c7053be90dce8d3daf

SHA512
a1157c063c0ac2dcdef1722c3d1dbb18ee225ea46deba1722017aeed7a489dcce3fbd52c71e8a65281e0f9eaaf16103a52c2aa54bca0e29456dbdd8249362157

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk

Filesize
845B

MD5
b93733f3728b65488b175c1c1eb976c1

SHA1
458549f06ef42b3049a45584918d9bfee994a51c

SHA256
86e5f3178b6b9d819d52ea442038fe00c6fac0301faf43efb2cc9284cc97a14f

SHA512
ddab2f390d0d1b6cceb2cd708e447b3bc4806587355c1c98fda2d5679f4dd771cc42fa029836394ceacf650d4df83acf0f4f9ee6bc162b22b50342790bcc9bb6

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk

Filesize
835B

MD5
9f1a3e8b30828b94f331bb851929ae65

SHA1
a71f084cf8d4894ea79be55e1f66a94f9ae6ea67

SHA256
5c34647dad65cd5e98e5cd299322a52ebb534a9b659bbba8dbab1ceea789baa4

SHA512
f1e770f0a44c8e3a3c731ae7f6470f9099f880247a1f650b12207f8ebc79a5a3960a1185fb0891371249a52649dde43ebf44e99ca9dd64a0160141f5c8a7cbfa

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk

Filesize
855B

MD5
a271e4d8ece470384e3daae7a9a884fb

SHA1
d47af46f637ec10ad915babdb4f38d02a38e52df

SHA256
7d7c79357e19ee8002a7a56935314df10cb4123245dcd3106f0c46290220c2cb

SHA512
0c8a9d9fb7d936a99af17de3bdf42083ade139b169bfb25b759522d14a16144af8a98ee7dacc43105569acd6dd743f25d5dda5f20eede42697364adba7e15f8b

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk

Filesize
847B

MD5
1bafd4d5d3933fdd9288f8ea18271659

SHA1
d842e6d44843ab09c1d7c93c44f43cc583fe6934

SHA256
93a5de28a3dc3a05710e12aa569a845a484c26a8842d0d20ef41278de7190aae

SHA512
1e9405d8791423dc7ee5a695f9e0242e5c723f4c6ec181ba5339e49b42f222f32de24ddd49c4419ba419396e9653e5d43d03df42742e39376afe4a0632f742c3

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk

Filesize
885B

MD5
c1e8fe3ef350771b04b3f89a60ac0041

SHA1
5741f82e39b6fc92d9f06016ebbfb7c76851af3d

SHA256
51eb9448ca5d888019518f582c5dbc40a50f9786753cafc1a713fe38782be2c5

SHA512
b76ec5a8df8f3d9c4d53588ef8af95763822757b9e1ba95a9ec9cb801e75f252123eb42f98350c46de133106b717f144c4d1ebbd568c9e74eb8275065b2b0b84

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk

Filesize
867B

MD5
17f90c88df65a2aa9506cdaeb716ff27

SHA1
4cc9e7af145aad15d1181b1279339631659594f8

SHA256
a2ecdf3605f66567f100c264e3c0ab08bcfa2f5ffe8a1f3a78956fa860a3d02e

SHA512
b07d772d8732b04242b78aa98d46b09b0b7400110a82af45b2ba098c0938fb3a26301bfd218efe80cf13122aebe836433d2384b69f62eea8af349daa38b87f97

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk

Filesize
831B

MD5
347a06cb03ffb8094c8ce5de6225635b

SHA1
d482633f225cf50b8ec3a733515366bef0b4fb3c

SHA256
743c94bc7424c7876f4259b0454e14ee91e72fb39a632ea513bf86ba3fca3974

SHA512
427db152e3585eef4647f0f81e87b9ae748cf4e7c756a89342e8a9f57f4acb93052884bc859a5ff8f18df22e1f2c69a2edd6bfcbdb0f289d43328e7f435c738f

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk

Filesize
959B

MD5
145440291cdc1217ffa7309a21578746

SHA1
137735c3800ca07b2d63b530ad1700b68848b3ab

SHA256
8290b9ab16d8dc70f21dda547fa89c9ef06262ba037bacd645ad01fd35c76d04

SHA512
74c1075881a357f8365b7c7476b56fbccfc3471a0f3976bf0d4a54e2df6322ce31e3659561e3eecaff7b72100027f5112ca6238406b2d117bac173965a10a2ff

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk

Filesize
909B

MD5
16b8f7b6956a15a7919c6d18bfaa8044

SHA1
e343e366ee34749283c0badc1a04d20879ef1351

SHA256
4199141f93db0a22ccf33d776711800fc9c0ffbc17a107608931380c5636259b

SHA512
312ca248d457dcd5c10cc66fc4f189620d04d0243a56c81d2962c801389afca86a753068d3ad44626f8ff8094147155605421887f2036db3d51e9353b828cbd8

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk

Filesize
891B

MD5
a7428ccf9bdc5bc3ae618616f0271b3e

SHA1
6e7ed629db0c9c3d0c795f806ea2a8307def8202

SHA256
91a1a66a87fb9833df6faa0f1d63615074e27a91c1878806cf212fc951704024

SHA512
171ec63af5a544309b52be15f40d8a826dd5f4b1d1709a5c6ba1ea49e27f8404b8d5a929260b7fa9f094377440089be3ccfdab4f1df330bbed00d8c3a43a1975

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk

Filesize
982B

MD5
5405619b1f42e3dfbc7c36842d115462

SHA1
892f0165a342134e46d58033fbec402cbf3b8b23

SHA256
82833a02420dbf4f01aeef2d1d0e004b493467e6de2a3f7fb0b889ca1ae8d572

SHA512
018d76013fe04b5b890be3865ebf98dc2d632b47c6dd9cd6e76b037752ee8d8ebe9cc61a317cb07702ff66d2b53401ff836d76090abb80d3859fbba762106550

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
1KB

MD5
5807b0726d3c70483f2350a0186584ea

SHA1
e7b706c64ad7c3bf171a80b0e507f1f82bd012cc

SHA256
f3d39e2547282cf494d8da1f506068fa9e8e44cd3757ddae3571cde1d2a54019

SHA512
487159d1a3ade76de3ae87cc5b2084324565e3433dd54fcc1021ca667aee5231c1f49a05c421498cf821afc7e9e1ba76e7f390a2b13e174b80498df07b1f4703

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk

Filesize
991B

MD5
178459c23dd0d2b695e318fe35fed1f4

SHA1
8bc854a0269bdae90e919dbed8504881cb98dc00

SHA256
928c213d497739548c8d6eb348ee4c6327b6901022afd2bc8501db46ada90197

SHA512
77bff051fd4731fcf0bc7e58ae03bf8956348aa3817386398959c5aa3e65863080c8251ea15b9a119a78df5dd1c2108e85dafecbaded2a1a281d99f353f1fcce

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk

Filesize
979B

MD5
892aa98cc75c580b97f0d086bc87fec6

SHA1
a534a1e32f35712878715b997d47a74fd4b378b8

SHA256
692d1409633b27095c76791184ab3b255b4877728277e42c8f89d67cc47c1ffa

SHA512
573f94e314a5027971f514f15a8f95692deb36fcec760f613d28d5fcaaed3e3c1d7319a8a848cacb71483257022fb5a00ffb4a2f536745b44907985700efeb2c

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk

Filesize
1KB

MD5
09a08477c36dae02b399940682cdc9ca

SHA1
900d8cc442af035483190c4c02ffb34bb980f2e7

SHA256
cbfaed84f6be7cb037a4b58f27511d3025731ecb958d83bd51794b90d7a8041b

SHA512
49fc2ea9f4d77c65f63cd9846fa5b969b7bffd09bae773f290231d21c95a4f3d61391085e71d3d0dcc2b9ee52c05e4f1d40e08db508ee0dedf02860e43559128

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk

Filesize
873B

MD5
d91b4e79d6c75d9ebbce84b711ad31fe

SHA1
0b3b74320154e9bbbad074ed41b82ef37658ce27

SHA256
e45ac92f00cc18222329cb163b2b0f21f84018fcd9b992d118b757e663ffe569

SHA512
ded389968c4ac425f2c1309177531ade02dd0549c5a5b48e2e851b7594afb59e4c5be6553241bf5aa2a904d54c2e78a41dd66fad9d35f3d7a07938f9cce56c71

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk

Filesize
857B

MD5
8b3a34db3e10fb261c34c973984d286f

SHA1
62bc2fb8a408d36218603dfded700132d49aa6e6

SHA256
fb7bc6d5a3efc25448b0c2938f1caf7894894e55d1958f0d03ccb8238468512d

SHA512
fc9f16b8c192a161b08245567e3dfe1980724509e031671412003dc3d4be61e893b77ad583f3584d607043ad2d8691541f5b7e63837587b4be104a062d73bc1e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk

Filesize
847B

MD5
91ecd0aadb66458d61de5ea708059bb0

SHA1
1788958ff3fa5f59672d2516d15d6e54f3bd9d4a

SHA256
5294086f743e3451a794918f1569df53c99ed414e74921f53489bd77a662750a

SHA512
f9799c3f8ae094722dfe02db7037c8b87a84fc37708eaa739975c82d014c77ccdc964bf471b0b8a9dc79cfe54e89e424ca7c5eeae06d8cd113b50543539fed24

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk

Filesize
855B

MD5
4bf7ae0290cb3ea6d3d37055f8df15b3

SHA1
a144d84dfdf71a1fa335dfb465da4fe5165c308d

SHA256
e264ba0b432afafccd70d554090cdf787df45f9b56aa3dee5e0b83e175f8006b

SHA512
a31b480ae07a7cb1ff2f42d8636e888078fc65e266903faf1088dc6d5736a5775b350bb61399bb3ed1bb0f14f0600599626e867caa932b4792020adc77e79328

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk

Filesize
861B

MD5
5d5652c15f6b6024810c6711e30b0edc

SHA1
45ff53ed4061d1b9a68b0ff95300e5376558f7dd

SHA256
8909be56bbd231ed1ec810262dcde146ab3ea099c12b8c8fed0c16192aa99403

SHA512
64ec52231ab2231f0bed38216ef8590da8c738db1e903f022e88810b034352577aa473cd5127bc57b3f0095575892a66e9ac817a0050219150b0dcf53f198400

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk

Filesize
843B

MD5
185fed59be913a7243e75225517d31c0

SHA1
821aff741ad9611b42a9d5b40ea1eb6637500e34

SHA256
71323b29a6e0d1bc04c07da3d6334b8bc39fb2638afbe2905b66692f52cbb267

SHA512
46bfba6a3898e075793051e6fc7d37226027ecb001660bfeae9feb83e05eabdaa9214581b03eea66847062ad785d41398cbd7d179e9e43e0001805669e60672b

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

Filesize
2KB

MD5
890b8af9686a4693abb6c2f0d7fd076c

SHA1
08e3cbb073958bbca17d8a72c15dead38138f35e

SHA256
953572fb69469fe3c931248073c0a06971b97ca6e635f1e08730d73e47f2d3c3

SHA512
66ea8c479910098d2b36f4e3b6c81f9bdb50bf7d5d46ec90ad585d8a89a080abd408fb06322191a28575019aae5a0f7cd9cb88f54527d58ef3c730fe82c75e56

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

Filesize
1KB

MD5
761c63d49ebe9c23596a4888cd416b14

SHA1
d822be6a5ddac327f88ff3ece316bd9ad1a3e2a8

SHA256
a21a8154b684ddb393de4dad8f7fbdbe0c07a2b95f2c8166e8f25f66d3550457

SHA512
8e45612811b67967d13d062d3bbd7875a7cdd1e39034f66bfb1323b45842447f71a56cc33d894b09294baff5e50350bea9665ab43f24f8bd08745b59cad407f7

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

Filesize
1KB

MD5
1f25a41c01f8cb7114b4cae7e19a086f

SHA1
0f1fe25756b0f1c3b545b279122e002ee9433112

SHA256
f9b2c7cfb84b29b8863d7014f90abaca196e892960f84894b741f8c3c35818d7

SHA512
f54ddb9cef5e9e78d71c63f69d0245e8542e83856ebc0f1a0e88dde115fd64cd440760833e4f836b2d637b414312b404b9f796e85553769a61892c1d2ef8b429

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk

Filesize
1KB

MD5
59cfbe9ac9423d94aec7e0cc7858bf71

SHA1
00584ab15c1ade5b41d5a33cd61a273cfe0e5570

SHA256
1a4cf1330cd4b9ef496b30f185e1196f1c6e6a0f49d1b6a335c29b53cc8c17e4

SHA512
979e2aa7c8665bf08829c0ccddab0edd140d35c0ed9c94ecdcf81c39535bbc0a91fe0ccadd34e7ef71e39101e1254014f98031cf5c401ac790cc6c902d17fbd7

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk

Filesize
1KB

MD5
4223de027725c18c6122f7ef4fa4278e

SHA1
a6ea4fc8c5fcc4699cc7eb3f772a74271c142a03

SHA256
db0e7fe12ca86ae3cf1195f253301b5978519766fa6c478c501541a7fa37949d

SHA512
608397a7d6c50e635c23bd618e7ad2c3e7001311447327083d265b709683d1b36f34664853690e438269c6694c71494987205fe38d71282799ba31bac7ac4cfc

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk

Filesize
1KB

MD5
781e83ee0127e0364a47505df0aa1004

SHA1
67c40877e91e965c1cce402d2ee36b9b3f2ce8d4

SHA256
4157b7b2996036a247ddbed14f4cf41d0844c62a3b66a4d066e8bcca6fcea541

SHA512
0d3cc91f758d431c810142b90e0cec6aed8dea9eafc3640a31a6dc8cbd5768e8d0994f360d4da7576f7347f0970b7b9fcd8365fba7d5b3e8d301ae830ccd3a93

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk

Filesize
1KB

MD5
085a378559c33bb437d2d445084682ca

SHA1
147e66c76ef8f81f5f4f5538b51875a59bcc7c4c

SHA256
83eae15daa613bb7e3f2c33455048da7e27681ffb8ecfa34ada37e0e13d7274f

SHA512
17dafab1aa919d5d940e3e146e64a1a003ac928c97e9f6069ba5ce82915a764344dd7c603987bca651b3972d8d67f471ccfce1e663ea26c08526d20b8cff8049

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk

Filesize
865B

MD5
5440b8d33425a0e77f756d0ab19b9436

SHA1
b7c3b4a5321987736c3bd192d2d18b443b39faac

SHA256
4e258f8c4b665992a958f6e2136c45c4d0c26518829b8086db76a3ef38939bef

SHA512
f983d490925cec05232d312abb09ce731120cb5a61b6808d641d34e7b529f7f993ce896b1402ffc64e77c7eb1a859cab44ac0c69adffe221598d8872c6bd61c0

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk

Filesize
865B

MD5
b68eb5ab5c33d1c2fab1ee47b0d29d95

SHA1
3bd6857dc2a684be8b236f37370d2c2a44609fa5

SHA256
57f8bb2d46beb06fc8477a2ce3ecab40ac69aa577eb5cda41a4d498c7aca33c0

SHA512
081a0abbedf54f555e28fb805eff4dcd580ac75d0ff52d926ddd616098f3211e58d71bf16686cfbe54989fa7b3d3863b4fe81d7b8781b90c2f149b05d2d5c259

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk

Filesize
829B

MD5
830cb0c0ad9548b41bcfe51f4f329c05

SHA1
38e6a47df0cce2ca958f7314930320bf0e287b22

SHA256
b68bf3189c556ded99ca4a09d2596e633ab55e7261e92d40445b4c6815dd5f65

SHA512
183bd10c5dfd0bdca0b388e523d64577125ed271f95ffa459f81da0afb5fbc445907d4957f1ad0e4c63f1d61b0f9348402cc4ae1bc6dae56b71ca3f8d52b75b9

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

Filesize
928B

MD5
808c21cb246b9b46000644e5f2393bf8

SHA1
25f1da4b379065748694a377c82f205e09437f45

SHA256
b42cb05a3f81ff6b7e931839d25d67da8a0cab4c0b22a715c7b32a5bfe41611e

SHA512
3246144b2a480f92947fa62187e2b16ce10ab59a06b42bda980028cccc6a0a08e6409fe2a6e16f21ab2bde1616043bc247e05aee94070ae40c19a75823fecd6e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk

Filesize
2KB

MD5
3a186495cd214b4cae560ba214af63f5

SHA1
ca5deef9a05ad6aee0f0c9398e59c657d662f49c

SHA256
1392f488fb355deb253005f8b3c5131a0821130866ce6fb2df070ae89a4ddfce

SHA512
780f06134344556a4c2ec31009c9354b26ae1f6b07497267796cf90ab63b882d39c04d05a6e89a367bbd28e80dd8cc23ae98602717ecdf7fd3026851b476c968

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk

Filesize
2KB

MD5
82de29a7a3b90b5da90bc00d0a538136

SHA1
d87d86ad17960a4ff2d8bf8014cf7be0407673fd

SHA256
2f54ee9554ac9f829f39640ec012d27417f5a0ad07294cb6e6dfc9c496c20371

SHA512
353b423f9851dcfc1737d5db1f2dcc216882c5787bf714ef87aab65530c139efbc022a12e22c4c9132ae963959773245fd4d18f414fcf423525006d76cce482f

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk

Filesize
3KB

MD5
199bc1272b1ef9f8ebe9478aa3c7e95e

SHA1
0eec07e95e59758f1b3dd4eeb2722a97e299963f

SHA256
a9f3cf0413f273b4c242eeb9f0a69044188cee6c163bde8288209e105a7ae100

SHA512
f80f1b571b8750af5086a05c836b3d838a2292b08d8f7ca93b0c7b07779278fb2e12a56294494d052e0f685c203d728a966fbacef23d777b714aceb0737ddadd

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk

Filesize
3KB

MD5
0fd20a550292a2d5f55649bd8d53fcc1

SHA1
59835c6721035f00cac82cbc8925dc7c8df1b8af

SHA256
526779aafb8a34d6c2734ad8457c02ffb842e4af763996760b62ae8c450f845d

SHA512
abbe9fc70f47723887dcaa0b8f85b1c7c74a8c8dd4974f3852fa20fd69703770e77f56d40e88bd401ec88d476d24c6523c6864addf16630e59f1d277bb17ebcb

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk

Filesize
3KB

MD5
de8346581cf10003d9f3a315802072c4

SHA1
35154a91fb7f9e1a8eb299f7558ff6a8661ebed4

SHA256
49d041e8f987bd3c4cf4f126b5f1a24beb081ca4b23a56e8668fe628b3244d05

SHA512
ca30d4cd1edf6a9ed275aaaf9e00840037afe29b98260ef2dbd2d3df000c621a2084092f0d7422d90887ee453631b05a644ea1b8804a8de2ae21ff6d9ade842e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk

Filesize
2KB

MD5
c8268467f00fe55a47e9c0c998935df8

SHA1
efc46ae9b104292550846e770de508a34ad4bb5a

SHA256
e1bbf995c25ac1a882c3e19826f2b8c9fe824f8207d64f8940ce1cb116fecc2d

SHA512
1f1bffd239f73d9f1f61e466c0119851d064690b8f8ffb1581f43fbebede5a3d7b24d8e6f05b84d8b22afbe00f931c560f7b5eb1e1508c49a44d584129540cb1

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk

Filesize
2KB

MD5
ba213383ed375aed77a5bd6b45437ad4

SHA1
32aeeb1e589cc2b9a28d21e68c9b4ab8bcaf9fb8

SHA256
0224990f9d07a2da05c0c0fe5fb0d82b4cf491d9884fa6d2088e4e5298b27ec3

SHA512
c05a2041e65f68f9c1ee06841fbf58e6876f2faf5fb410d81c0bb7ca6799440b865f2f7b748b05f72481f22dc8ec1644717f1d2a3a3cf4470419e1ebadabab31

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk

Filesize
2KB

MD5
23cfe4a176ab39e327136eced523830d

SHA1
322629908aa89bf2904bde90bc68581f64010608

SHA256
6f3e48d2baad098c93893326daf21f4bf42b9f1dc0a15f9cc1b893fc9941ae3f

SHA512
80ecf9370068165cbf3ae5e79c379806df5bd751cdc499a73ace3f228d47f1c82c55576f57389ff67a004427bd3c55bdbea6f0c6aeb0dfeedbb4e9167af62ce9

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk

Filesize
2KB

MD5
fbf34275a8b54e749f561bb90544bc2c

SHA1
37268ea4ba473d5a4b7cffe7ac9ff526d1df09e4

SHA256
6736b13adb869f697e43cf8e452f618c08c5711793345295bd246ba0bc09c7e4

SHA512
01e374db2658b1c582d6819d2e3d544d706cfe2e1c12eba30c02b6a11aaf3eefa040b94a4ec703f978c7e1ab7d06136bbf371a75c61bedfd6d5660d7c6596a4e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk

Filesize
2KB

MD5
763b08858d3aabf4e1a51988abc80699

SHA1
97c41936e8aeec6faa4891eb71a13dd7e3ef968a

SHA256
176c500ae5dd6cde8c8d5e6d62e7b0aafe5b79e92eaa2a625b2ffb40a1d06810

SHA512
3a39ecbc2774c8b0bd0534f9b379ef090801f7e4d4a14c9b29e37f8d5fa7c371ac61e210e34914df8ae7130d0e8c5303a333168207a3cb611bdf93eee6ac83e4

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk

Filesize
3KB

MD5
667489a3c0c2c7c4100e3ed9a32bbaf2

SHA1
b45b00906674b17b1269987bfb851c6b1fbb2b31

SHA256
82b6aa97b7b08d02481d959012e17ec22b8286277b314a6761a4f32b6d187667

SHA512
8ebb108b2a975d3e1fda22e72d82110dde068f3af0347e9cdb1f5552e512b016b3ceec4480b8e792fe75fc92be32201bb87770273f7c83d38581050567e4706f

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk

Filesize
2KB

MD5
7b4a7a0c15a6f0c2a76f044ffd1fc63e

SHA1
105e3743cf90a02508a78d24a231db6e3a02e92e

SHA256
b73d1a71e369e91ffff2d380b6c65cf2ebbff8e18f4b7b382d41a84d3cffd22c

SHA512
40d66c7508921e447030e29042cda9bcf4f6db614edc967ab6bf6a2f6faa1b8ea7955db95730e52d15d4acbb3175fc03410b3a4a522e32f23c7a0c6b3ad8bdcc

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk

Filesize
3KB

MD5
7fadc02998a2fabc2f89ff1574a9e397

SHA1
8ab2161afafa4ad0891e3d847855cd73ce1af3f1

SHA256
1b8ed6887be5cd2fc3995de8e6f27d9f81e6106da24fe379efa78c30a1493e76

SHA512
7a7f7c49313859c0976274601fb24a4bae89f467dc6e6cb0767524de2ed7dce527133fa85c964e9284a9542453d6f644470d8d4a8dbd3a2e9d5dcf1465f0b772

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk

Filesize
3KB

MD5
b9d7db5f1451fc6bb56b1a30f9a6bb11

SHA1
1475a6e2fe8b38322e313ebcb79be75d6e0237ad

SHA256
7b4546e289b3000afdda3735fbbbac12d8fc2fbd1ca4fe29407448b618de269d

SHA512
c6aad5862bb70065fa650ec0781ba590464dccd537c8d1d41a615cc7fbace43ab214c58e58171c71f8e78f9cf96c3613d93e2d0ff2560bd14caeeb059b9e2f8e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk

Filesize
875B

MD5
091e6937e90ff9cca15fce70e1ac2177

SHA1
fc614c4370283966779ae1ccb58f729e2d8afce5

SHA256
0e09f41b4ff66cbf6df95d15eec26024e5c15b9631cf0f6bde2ccf5c37211bdb

SHA512
0c3c6265723c8191e4144c33feff4e1a0fa4a0aad90a59fafdd4ff595b14b8fb703e33521475ba3d8c7ea1dc700ce8fd61cdd8bee8ed94ac499249c55970147f

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk

Filesize
1KB

MD5
31bb388e7df30016c28307b2d273f5d6

SHA1
9fc25717475bf6602689c5bc8ba23b5d6cddf055

SHA256
573528a67dde5d0710b29cdde487c671d0aede50be0f69923c3e598f0e0abfda

SHA512
bafe185139186d6f444868268d02ff9367a90ecf9543fe3798674268f760a86d18859f7d645061f016f7bcf8b26820257463cccba6d17d28cc111dc794414f4e

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk

Filesize
1KB

MD5
80f9b403222e267e06e2e6fae6ab8ce6

SHA1
c9c85bb5a3dac5f05ed843e67eddb2904989e222

SHA256
ef9f226c571cb1d9733abe03318049fa9144ba57bc09df63ce8d8b29ea397489

SHA512
69e57f5fc10182f2fc5b735c47d344dac91e737352a402c8543f0eedc0edb684f0276ac1f80eee56b41027cd6831111f2bfb91030ce2bc9a7f404dbcbe35fa42

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk

Filesize
1KB

MD5
738858a2dee3f473dfb71c7006e9af3d

SHA1
db25527c786f21424cc8b71e929502c8acc43132

SHA256
03832461ade609a21f7e34716dd9b81d65abbc079ea9f79916664a58970f805b

SHA512
8cf727f82d1c8bcdf5bc10d5fe10b4d106d658df5bee13aae313b4a2ada587e494ce673de209ac1ba82b67d51413400a94dae93143cab9fa58dc9cfda866d762

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

Filesize
877B

MD5
d5dfba60fb37a5e6f2db8a8315e5c628

SHA1
55eb14cd1b3e2d420a246bb0771e2e73f0911d28

SHA256
b9ff8b56fb6390ebea2566a687ed34e4d28f98328f02b317389f3d410292caa5

SHA512
6a31f3d87058309335cd2e4222f75e96c2b5065551e7d0a7ceb027a92bf002ef88d738f187405d8e6eda0af69c62d054e27f68f3bcfa8fa37dd7663520fc05bf

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk

Filesize
841B

MD5
b8084c66c5bb7968b31a73ff75b11073

SHA1
ee84b75960dfa2fae6f596fcfd4a1097d23eec59

SHA256
d8d06f39b161aa62e485b437c2bbcbc2ef285213dda94c31f46f74af72705491

SHA512
7c0a52a2e9f6ccbb573c6a3dbbb937fd6aaea98b50462d55d36758df0b9c4224e729a98ba03dd6c353013ace13890ea7a660cd999ca9b5607dfc343cee303fa8

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

Filesize
1014B

MD5
4ce16dc252de562a6c93ee011a03328f

SHA1
bfa2826e89085e567c1111cba22d02a8991c079d

SHA256
3d0ce3cb1d1d338e8d502a61496f67c5f64f2fee2dfda8e530629dee8dd2415d

SHA512
34eea4905f1f7ecf8e2e7d1a906464bdada9bde270b194be45140b53570264c5ba7f35422972341735b32f0e5eaf1fead632dd21a98697b038ee0866506aaa16

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

Filesize
847B

MD5
01d180396366707fc796fbfd57c28ebf

SHA1
d641a9298343709ba3600c633c749b033d6576cc

SHA256
f69a30e6a4ff8e5c3f2254297e9856e32114c22f696a1c0a61c928cca91fb72e

SHA512
12e7efc101af4056d520aab333fce9d54e0e12fe0843a3b1557701d32ab4850de17bbdee6ff38fedb36e97ff9948641af02c68f131bf5cd400237c5bb4480a93

Download Submit
C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

Filesize
831B

MD5
ad6345e3b9346c6f11267faaaef660cd

SHA1
bbcb808095578b763c05795e389b0c4a9620484f

SHA256
63ee605a0272918447926c0af25faa96516c0e67a5b4abf57a11273f5310a7ca

SHA512
d7f76d19ed96c4762d43a7a32b038a342c9e8c5efaeffdaa91a59bba903fadcc93df0cbaa93488e56e1f85f2d03137cbe073684a142234db8eb5f64596cccfd8

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk

Filesize
869B

MD5
48e11fe872059fffe231b513186de639

SHA1
cfdd7821e822348b3fd77c5d57c97086e198b765

SHA256
e9aef3a86a30f0fdacaa90a6f772b9c8ddf90640c08086e785e98720cff67bc5

SHA512
5006e4dea60bd557b2015fead2919ed837eb00afc0199bd6734f0ca72adcd129ddc356c53e505b0ae1ec4d7b486dedf10e66bf0d3670cc853e97bc10a6f28a7d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk

Filesize
825B

MD5
250d35bdb082a7c6c89c6698cc4b24fa

SHA1
0017fa50f35704817a0e13264d6007ed29ef1f47

SHA256
2e7f1265b5a0f0fa4d09b5aab3d24ee2b6b7fd470da0727d4b0eb65bdfbf9d96

SHA512
75859f73d8b5191677bf7d5745fd6885870bdbbe2631a39ec695c6216bcde6db2bb177cda89bcd2d58c14a8220da386455012f3f809575980f6911d3e04203a6

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk

Filesize
829B

MD5
4c8a3be9c9447253e37845f67f590203

SHA1
74c99719198b250230b31c5f81df15999ea546ae

SHA256
fddf091e3f99116e166ef1411c3b58f8301581454463cb0e5e50e3870f93ee7f

SHA512
16a7e06bded7ffa7ce21994843515af89c0c10ba0bb3304c320c50acfcb8e59385add6b7e7f763ce22b7fc00096dc8786908468c1a141848b2c0d69f4109f5f2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk

Filesize
847B

MD5
00de6faca137a4b6065ef83dba42a3d6

SHA1
69a34635df00ae5223992df8dd8d4068d7066ed8

SHA256
e8cfc1bd7f8712ce8f036d6c0c46233473ff5dd94c23d1cf0b19bf5e4ceb0950

SHA512
b7ef9c2cd4560acef10b2d118ca0de22ee884011c5e798f40e76740d0e8ad609b85ab76b762fa2179f2883ef82ea723c684fa66bbfc5c3ca4dd30178bdd5cb25

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk

Filesize
831B

MD5
5490d1cff42a2596a1dd375ec688801f

SHA1
2b966b19073deca6522980d4e459f41a36c691ab

SHA256
fc086b4366c80a6a9f0ab2fc97d7efa106f0a9ac5bfdb1c74c64bd1ae8555d92

SHA512
f0fddc0fcf067582c34c7be605bbdfbdce618376fae1296441161be71111255bec55043c0d7f3f5e4f2b43c4fc37de650aa0ef31f0ec73b186374f4dbf986f06

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk

Filesize
833B

MD5
eba2c0e12c944750578ce46535c68f84

SHA1
ed0943bbe5bf76b52dd7e9a515d0d9c84375e0b4

SHA256
61d5bcaf0d5b8c84a8f28fbbe5d78c34964a655683e7fc3423e4fddc820c4c71

SHA512
c4fcc8e6c1195077f422bb67fe402933fe022e69c16404864af95bb1f6a4e37a8ea6d17bf2ca4c6316d53a75afd4acf352a5755cc14697c411f6c0aab2ba00aa

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Filesize
2KB

MD5
8f4c1e102ed10605c4910f7f3c87c664

SHA1
02862740a81a92b63d2a7d7c943aa542b80e2198

SHA256
c54d521084002d29d3c4389866d5b84bc43200e4ac9bdc71ab93166c3e49267a

SHA512
79f63ae949f1266fbf6de6da59a91429e11005ba5644f619a6a551c67b93d9ed3bde1cd8df422033b5d2df0921381f975e0d5c3b24b978c9bd5cf51154c8284a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk

Filesize
861B

MD5
93c167a7378fb2f6460596d9a90fcf58

SHA1
67d68fd22506017860f7c99167d50aa29737bd94

SHA256
ff606a32c1902aa8d6c9eacd4a0e93ea928897a1197c6ac8d1c38eda31ca446b

SHA512
71594e8d0989a8c95186ad6d252e4de0dedf2390b9414f1c250a74fce165d685dc812c9bcc408f94231a43c5c89fde8ebbdb9d5d32f02197af975379c08943f0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk

Filesize
835B

MD5
fa17cd364abeaa017508af8e5fdc11a9

SHA1
9299416f19b268d8073bf783b35598827341ab16

SHA256
d8027640e9547bb19fd04d4840110a2121ca1716c73cecaa42ca763fa0f7e8d5

SHA512
90578e47a4ed8c2ae247073782b40389eeba13bcae13a2dcfedb70e87aada1e2b051af83c328fbdbe9167a261df2bdd78cefb3cdd26323b958c39e12ba0adffc

Download Submit
C:\Users\Public\Desktop\Adobe Reader 9.lnk

Filesize
1KB

MD5
b8e010547daba4ecaecad31cf81fdf0b

SHA1
03e14936aca0cf859c153963d62b0dd3c07eb844

SHA256
3a0eef7c6a7c4e2aa2e2a45e35fd8f148ce939d202a51d78bfe403d20252ea42

SHA512
13e31b22e07460d17d64733c62b96da9566634fa4f20cb83d00318cffbdb1ebc969c4760dca72902a41eaeaf7a4840de20c9d84b1fb1d81e859556b126d8ef87

Download Submit
\Program Files\WinPcap\PPStream.exe

Filesize
10.4MB

MD5
9a62635fb2d0a14a40526dc2fde1aea1

SHA1
a5367bf582886d108318cff95fcfdfd9ce7280b9

SHA256
05b47c4625296d3b4d5cf3cfbe84d1afdcb3aa6f3c6b5ce22046ca8c9f546e20

SHA512
f1532e4363feca8b10e89bc17a732b586f4de6c2b4fb5179f864a0aed8bd9a034403d682a999389305ab074f92f2967ea73dbdae88017cf279e377464ae3efa3

Download Submit
memory/1716-17-0x0000000000400000-0x00000000004BD000-memory.dmp

Filesize
756KB

Download
memory/1716-2-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/1716-1-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download
memory/1716-0-0x0000000000400000-0x00000000004BD000-memory.dmp

Filesize
756KB

Download
memory/2604-16-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2604-14-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download
memory/2604-13-0x0000000000400000-0x00000000004BD000-memory.dmp

Filesize
756KB

Download
memory/2604-962-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download
memory/2604-961-0x0000000000400000-0x00000000004BD000-memory.dmp

Filesize
756KB

Download
memory/2604-964-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download