Analysis Overview
SHA256
d850d741582546a3d0ea2ad5d25e0766781f315cd37e6c58f7262df571cd0c40
Threat Level: Known bad
The file PCCooker_x64.exe was found to be: Known bad.
Malicious Activity Summary
Xworm
RagnarLocker
Phorphiex, Phorpiex
Detect Xworm Payload
Phorphiex payload
Deletes shadow copies
Renames multiple (5386) files with added filename extension
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Stops running service(s)
Executes dropped EXE
Drops startup file
Writes to the Master Boot Record (MBR)
Enumerates connected drives
Looks up external IP address via web service
Adds Run key to start application
Launches sc.exe
Drops file in Program Files directory
Unsigned PE
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Program crash
Suspicious use of AdjustPrivilegeToken
Opens file in notepad (likely ransom note)
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Interacts with shadow copies
Suspicious behavior: MapViewOfSection
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-20 07:47
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-20 07:47
Reported
2024-09-20 07:48
Platform
win10-20240404-en
Max time kernel
22s
Max time network
73s
Command Line
Signatures
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Phorphiex payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Phorphiex, Phorpiex
RagnarLocker
Xworm
Deletes shadow copies
Renames multiple (5386) files with added filename extension
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Stops running service(s)
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6b1699a8.exe | C:\Windows\syswow64\explorer.exe | N/A |
Executes dropped EXE
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Windows\CurrentVersion\Run\6b1699a8 = "C:\\Users\\Admin\\AppData\\Roaming\\6b1699a8.exe" | C:\Windows\syswow64\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Windows\CurrentVersion\Run\6b1699a = "C:\\6b1699a8\\6b1699a8.exe" | C:\Windows\syswow64\explorer.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\E: | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-addr.es | N/A | N/A |
| N/A | ip-addr.es | N/A | N/A |
| N/A | ip-api.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\MEDIA\SUCTION.WAV | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\PhotosLargeTile.contrast-white_scale-125.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\RunningLate.scale-80.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Assets\AppTiles\MapsStoreLogo.scale-200.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\ja-jp\ui-strings.js | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\client-issuance-bridge-office.xrm-ms | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\Assets\Office\BooleanIntersect.scale-180.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\HxMailAppList.targetsize-20_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\en-gb\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\pt-br\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\HxA-Generic-Light.scale-400.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\AppxMetadata\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\Assets\InsiderHubMedTile.scale-200_contrast-white.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\MedTile.scale-125.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\resources.pri | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\root\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\SplashScreen.scale-125.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\CalculatorStoreLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-black_targetsize-48.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\HowToPlay\Spider\Goal_40.jpg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\DailyChallenges\Popup\CompletedAllChallenges_1_Solitaire.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AlarmsSplashScreen.scale-100.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\LargeTile.scale-100.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderStoreLogo.contrast-white_scale-100.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\ko-kr\ui-strings.js | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Templates\1033\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\small\bl_16x11.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-48_altform-unplated.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\core_icons_retina.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filter-down_32.svg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Emoticons\small\drink.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Arkadium.Win10.StarClub\Assets\star-rotating-57x54.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\ThemeCreation\AquariumDeck4.jpg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_24x24x32.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL002.XML | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\en\DatabaseCompare_f_col.hxk | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-256_altform-unplated_contrast-black.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\pl-pl\ui-strings.js | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial2-pl.xrm-ms | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\STUDIO\PREVIEW.GIF | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Windows Photo Viewer\es-ES\PhotoAcq.dll.mui | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_40x40x32.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\S_IlluEmptyFolder_160.svg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\OutlookMailMediumTile.scale-150.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files\Microsoft Office\root\Office16\MSIPC\et\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\small\ar_16x11.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\sv-se\PlayStore_icon.svg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientEventLogMessages.man | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\HowToPlay\Pyramid\Goal_7.jpg | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_48x48x32.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-96.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\sk-sk\RGNR_04C983E2.txt | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\lib\security\blacklisted.certs | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\FileIcons\FileLogoExtensions.targetsize-16.png | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\_Resources\2.rsrc | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\Files\stub.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\vssadmin.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\PCCooker_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\asena.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\4363463463464363463463463.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\CryptoWall.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\vssadmin.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\vssadmin.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\notepad.exe | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\CryptoWall.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\explorer.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Users\Admin\AppData\Local\Temp\PCCooker_x64.exe
"C:\Users\Admin\AppData\Local\Temp\PCCooker_x64.exe"
C:\Users\Admin\AppData\Local\Temp\4363463463464363463463463.exe
"C:\Users\Admin\AppData\Local\Temp\4363463463464363463463463.exe"
C:\Users\Admin\AppData\Local\Temp\a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe
"C:\Users\Admin\AppData\Local\Temp\a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe"
C:\Users\Admin\AppData\Local\Temp\asena.exe
"C:\Users\Admin\AppData\Local\Temp\asena.exe"
C:\Users\Admin\AppData\Local\Temp\Bomb.exe
"C:\Users\Admin\AppData\Local\Temp\Bomb.exe"
C:\Users\Admin\AppData\Local\Temp\CryptoWall.exe
"C:\Users\Admin\AppData\Local\Temp\CryptoWall.exe"
C:\Windows\System32\Wbem\wmic.exe
wmic.exe shadowcopy delete
C:\Windows\SYSTEM32\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\syswow64\explorer.exe
"C:\Windows\syswow64\explorer.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\syswow64\svchost.exe
-k netsvcs
C:\Windows\syswow64\vssadmin.exe
vssadmin.exe Delete Shadows /All /Quiet
C:\Users\Admin\AppData\Local\Temp\25.exe
"C:\Users\Admin\AppData\Local\Temp\25.exe"
C:\Users\Admin\AppData\Local\Temp\24.exe
"C:\Users\Admin\AppData\Local\Temp\24.exe"
C:\Users\Admin\AppData\Local\Temp\23.exe
"C:\Users\Admin\AppData\Local\Temp\23.exe"
C:\Users\Admin\AppData\Local\Temp\22.exe
"C:\Users\Admin\AppData\Local\Temp\22.exe"
C:\Users\Admin\AppData\Local\Temp\21.exe
"C:\Users\Admin\AppData\Local\Temp\21.exe"
C:\Users\Admin\AppData\Local\Temp\20.exe
"C:\Users\Admin\AppData\Local\Temp\20.exe"
C:\Users\Admin\AppData\Local\Temp\19.exe
"C:\Users\Admin\AppData\Local\Temp\19.exe"
C:\Users\Admin\AppData\Local\Temp\18.exe
"C:\Users\Admin\AppData\Local\Temp\18.exe"
C:\Users\Admin\AppData\Local\Temp\17.exe
"C:\Users\Admin\AppData\Local\Temp\17.exe"
C:\Users\Admin\AppData\Local\Temp\16.exe
"C:\Users\Admin\AppData\Local\Temp\16.exe"
C:\Users\Admin\AppData\Local\Temp\15.exe
"C:\Users\Admin\AppData\Local\Temp\15.exe"
C:\Users\Admin\AppData\Local\Temp\14.exe
"C:\Users\Admin\AppData\Local\Temp\14.exe"
C:\Users\Admin\AppData\Local\Temp\13.exe
"C:\Users\Admin\AppData\Local\Temp\13.exe"
C:\Users\Admin\AppData\Local\Temp\12.exe
"C:\Users\Admin\AppData\Local\Temp\12.exe"
C:\Users\Admin\AppData\Local\Temp\11.exe
"C:\Users\Admin\AppData\Local\Temp\11.exe"
C:\Users\Admin\AppData\Local\Temp\10.exe
"C:\Users\Admin\AppData\Local\Temp\10.exe"
C:\Users\Admin\AppData\Local\Temp\9.exe
"C:\Users\Admin\AppData\Local\Temp\9.exe"
C:\Users\Admin\AppData\Local\Temp\8.exe
"C:\Users\Admin\AppData\Local\Temp\8.exe"
C:\Users\Admin\AppData\Local\Temp\7.exe
"C:\Users\Admin\AppData\Local\Temp\7.exe"
C:\Users\Admin\AppData\Local\Temp\6.exe
"C:\Users\Admin\AppData\Local\Temp\6.exe"
C:\Users\Admin\AppData\Local\Temp\5.exe
"C:\Users\Admin\AppData\Local\Temp\5.exe"
C:\Users\Admin\AppData\Local\Temp\4.exe
"C:\Users\Admin\AppData\Local\Temp\4.exe"
C:\Users\Admin\AppData\Local\Temp\3.exe
"C:\Users\Admin\AppData\Local\Temp\3.exe"
C:\Users\Admin\AppData\Local\Temp\2.exe
"C:\Users\Admin\AppData\Local\Temp\2.exe"
C:\Users\Admin\AppData\Local\Temp\1.exe
"C:\Users\Admin\AppData\Local\Temp\1.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\4.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\3.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\18.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\17.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\1.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\12.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\13.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\5.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\6.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\7.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\16.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\9.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\2.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\8.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\11.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\10.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\15.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\24.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\25.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\23.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\20.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\21.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\14.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\19.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\22.exe'
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '4.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '2.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '3.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '13.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '1.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '18.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '6.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '17.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '7.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '12.exe'
C:\Windows\SysWOW64\notepad.exe
C:\Users\Public\Documents\RGNR_04C983E2.txt
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '5.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '16.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '24.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '25.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '9.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '8.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '15.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '22.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '10.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '21.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '14.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '20.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '11.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '23.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '19.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Users\Admin\AppData\Local\Temp\Files\t2.exe
"C:\Users\Admin\AppData\Local\Temp\Files\t2.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Users\Admin\AppData\Local\Temp\Files\npp.exe
"C:\Users\Admin\AppData\Local\Temp\Files\npp.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Users\Admin\AppData\Local\Temp\Files\stub.exe
"C:\Users\Admin\AppData\Local\Temp\Files\stub.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8416 -s 396
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess '$77-system32'
C:\Windows\sysmablsvr.exe
C:\Windows\sysmablsvr.exe
C:\Users\Admin\AppData\Local\Temp\215184418.exe
C:\Users\Admin\AppData\Local\Temp\215184418.exe
C:\Windows\syscapvbrd.exe
C:\Windows\syscapvbrd.exe
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath $env:TEMP; Add-MpPreference -ExclusionPath $env:USERPROFILE"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop DoSvc & sc stop BITS
C:\Windows\SysWOW64\sc.exe
sc stop UsoSvc
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -Command "Add-MpPreference -ExclusionPath $env:windir; Add-MpPreference -ExclusionPath $env:TEMP; Add-MpPreference -ExclusionPath $env:USERPROFILE"
C:\Windows\SysWOW64\sc.exe
sc stop WaaSMedicSvc
C:\Windows\SysWOW64\sc.exe
sc stop wuauserv
C:\Windows\SysWOW64\sc.exe
sc stop DoSvc
C:\Windows\SysWOW64\sc.exe
sc stop BITS
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\DenyStep.js.ragnar_04C983E2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | urlhaus.abuse.ch | udp |
| US | 151.101.66.49:443 | urlhaus.abuse.ch | tcp |
| CN | 58.23.215.70:8765 | tcp | |
| US | 8.8.8.8:53 | ip-addr.es | udp |
| FR | 188.165.164.184:80 | ip-addr.es | tcp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.164.165.188.in-addr.arpa | udp |
| FR | 188.165.164.184:443 | ip-addr.es | tcp |
| FR | 94.247.28.26:2525 | tcp | |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | 1.112.95.208.in-addr.arpa | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | kenesrakishev.net | udp |
| US | 15.197.225.128:80 | kenesrakishev.net | tcp |
| US | 8.8.8.8:53 | 128.225.197.15.in-addr.arpa | udp |
| CN | 117.28.27.75:8765 | tcp | |
| FR | 94.247.28.156:8081 | tcp | |
| US | 8.8.8.8:53 | b66c2ee0-f77f-455c-bb30-9b845f1006cb.random.tsrv1.ws | udp |
| RU | 185.215.113.84:80 | b66c2ee0-f77f-455c-bb30-9b845f1006cb.random.tsrv1.ws | tcp |
| US | 8.8.8.8:53 | 84.113.215.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.tsrv1.ws | udp |
| RU | 185.215.113.84:80 | support.tsrv1.ws | tcp |
| RU | 185.215.113.19:80 | 185.215.113.19 | tcp |
| FR | 91.121.12.127:4141 | tcp | |
| US | 8.8.8.8:53 | 19.113.215.185.in-addr.arpa | udp |
| CN | 8.138.81.152:5555 | tcp | |
| US | 8.8.8.8:53 | twizt.net | udp |
| RU | 185.215.113.66:80 | twizt.net | tcp |
| US | 8.8.8.8:53 | 26.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.113.215.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | outside-sand.gl.at.ply.gg | udp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| RU | 185.215.113.66:80 | twizt.net | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| RU | 185.215.113.66:80 | twizt.net | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| US | 147.185.221.22:31300 | outside-sand.gl.at.ply.gg | tcp |
| RU | 185.215.113.66:80 | twizt.net | tcp |
| RU | 185.215.113.66:80 | twizt.net | tcp |
| FR | 94.247.31.19:8080 | tcp | |
| CN | 183.57.21.131:8095 | tcp |
Files
memory/3984-0-0x00000000735F1000-0x00000000735F2000-memory.dmp
memory/3984-1-0x00000000735F0000-0x0000000073BA0000-memory.dmp
memory/3984-2-0x00000000735F0000-0x0000000073BA0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4363463463464363463463463.exe
| MD5 | 2a94f3960c58c6e70826495f76d00b85 |
| SHA1 | e2a1a5641295f5ebf01a37ac1c170ac0814bb71a |
| SHA256 | 2fcad226b17131da4274e1b9f8f31359bdd325c9568665f08fd1f6c5d06a23ce |
| SHA512 | fbf55b55fcfb12eb8c029562956229208b9e8e2591859d6336c28a590c92a4d0f7033a77c46ef6ebe07ddfca353aba1e84b51907cd774beab148ee901c92d62f |
C:\Users\Admin\AppData\Local\Temp\asena.exe
| MD5 | 7529e3c83618f5e3a4cc6dbf3a8534a6 |
| SHA1 | 0f944504eebfca5466b6113853b0d83e38cf885a |
| SHA256 | ec35c76ad2c8192f09c02eca1f263b406163470ca8438d054db7adcf5bfc0597 |
| SHA512 | 7eef97937cc1e3afd3fca0618328a5b6ecb72123a199739f6b1b972dd90e01e07492eb26352ee00421d026c63af48973c014bdd76d95ea841eb2fefd613631cc |
memory/2576-13-0x0000000000400000-0x000000000043D000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe
| MD5 | 6f8e78dd0f22b61244bb69827e0dbdc3 |
| SHA1 | 1884d9fd265659b6bd66d980ca8b776b40365b87 |
| SHA256 | a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5 |
| SHA512 | 5611a83616380f55e7b42bb0eef35d65bd43ca5f96bf77f343fc9700e7dfaa7dcf4f6ecbb2349ac9df6ab77edd1051b9b0f7a532859422302549f5b81004632d |
C:\Users\Admin\AppData\Local\Temp\CryptoWall.exe
| MD5 | 919034c8efb9678f96b47a20fa6199f2 |
| SHA1 | 747070c74d0400cffeb28fbea17b64297f14cfbd |
| SHA256 | e036d68b8f8b7afc6c8b6252876e1e290f11a26d4ad18ac6f310662845b2c734 |
| SHA512 | 745a81c50bbfd62234edb9788c83a22e0588c5d25c00881901923a02d7096c71ef5f0cd5b73f92ad974e5174de064b0c5ea8044509039aab14b2aed83735a7c4 |
C:\Users\Admin\AppData\Local\Temp\Bomb.exe
| MD5 | 31f03a8fe7561da18d5a93fc3eb83b7d |
| SHA1 | 31b31af35e6eed00e98252e953e623324bd64dde |
| SHA256 | 2027197f05dac506b971b3bd2708996292e6ffad661affe9a0138f52368cc84d |
| SHA512 | 3ea7c13a0aa67c302943c6527856004f8d871fe146150096bc60855314f23eae6f507f8c941fd7e8c039980810929d4930fcf9c597857d195f8c93e3cc94c41d |
memory/2648-31-0x00000000001A0000-0x0000000000218000-memory.dmp
memory/3336-32-0x0000000002A10000-0x0000000002A35000-memory.dmp
memory/696-33-0x00000000009D0000-0x00000000009D8000-memory.dmp
memory/696-34-0x00000000051F0000-0x000000000528C000-memory.dmp
C:\Users\Public\Documents\RGNR_04C983E2.txt
| MD5 | 0880547340d1b849a7d4faaf04b6f905 |
| SHA1 | 37fa5848977fd39df901be01c75b8f8320b46322 |
| SHA256 | 84449f1e874b763619271a57bfb43bd06e9c728c6c6f51317c56e9e94e619b25 |
| SHA512 | 9048a3d5ab7472c1daa1efe4a35d559fc069051a5eb4b8439c2ef25318b4de6a6c648a7db595e7ae76f215614333e3f06184eb18b2904aace0c723f8b9c35a91 |
memory/812-711-0x0000000002A90000-0x0000000002AB5000-memory.dmp
memory/3336-784-0x0000000002A10000-0x0000000002A35000-memory.dmp
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
| MD5 | b01c8fc716f4d3be076d71fe24b99203 |
| SHA1 | 94952c36a938e81aa83d0b3760df5bf71aad39e6 |
| SHA256 | 6ad1451517960d62d973812d6981b5b6a118292e39c3fe006c3497b4c8e86b0c |
| SHA512 | 46bf6b74ccc6a48a9d3c0aefdca41e437edfa7dd20e5a656caa2a4a6452c994f91303baad120f4bf4e139577d23dfbfabeb28252f9d65039053de45c413b0fd6 |
C:\Users\Admin\AppData\Local\Temp\25.exe
| MD5 | 476d959b461d1098259293cfa99406df |
| SHA1 | ad5091a232b53057968f059d18b7cfe22ce24aab |
| SHA256 | 47f2a0b4b54b053563ba60d206f1e5bd839ab60737f535c9b5c01d64af119f90 |
| SHA512 | 9c5284895072d032114429482ccc9b62b073447de35de2d391f6acad53e3d133810b940efb1ed17d8bd54d24fce0af6446be850c86766406e996019fcc3a4e6e |
C:\Users\Admin\AppData\Local\Temp\24.exe
| MD5 | 042dfd075ab75654c3cf54fb2d422641 |
| SHA1 | d7f6ac6dc57e0ec7193beb74639fe92d8cd1ecb9 |
| SHA256 | b91fb228051f1720427709ff849048bfd01388d98335e4766cd1c4808edc5136 |
| SHA512 | fada24d6b3992f39119fe8e51b8da1f6a6ca42148a0c21e61255643e976fde52076093403ccbc4c7cd2f62ccb3cdedd9860f2ac253bb5082fb9fe8f31d88200d |
C:\Users\Admin\AppData\Local\Temp\23.exe
| MD5 | 7e87c49d0b787d073bf9d687b5ec5c6f |
| SHA1 | 6606359f4d88213f36c35b3ec9a05df2e2e82b4e |
| SHA256 | d811283c4e4c76cb1ce3f23528e542cff4747af033318f42b9f2deb23180c4af |
| SHA512 | 926d676186ec0b58b852ee0b41f171729b908a5be9ce5a791199d6d41f01569bcdc1fddd067f41bddf5cdde72b8291c4b4f65983ba318088a4d2d5d5f5cd53af |
memory/3900-1187-0x0000000000850000-0x0000000000860000-memory.dmp
memory/5004-1200-0x0000000000E40000-0x0000000000E50000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\21.exe
| MD5 | a8e9ea9debdbdf5d9cf6a0a0964c727b |
| SHA1 | aee004b0b6534e84383e847e4dd44a4ee6843751 |
| SHA256 | b388a205f12a6301a358449471381761555edf1bf208c91ab02461822190cbcf |
| SHA512 | 7037ffe416710c69a01ffd93772044cfb354fbf5b8fd7c5f24a3eabb4d9ddb91f4a9c386af4c2be74c7ffdbb0c93a32ff3752b6ab413261833b0ece7b7b1cb55 |
C:\Users\Admin\AppData\Local\Temp\20.exe
| MD5 | f18f47c259d94dcf15f3f53fc1e4473a |
| SHA1 | e4602677b694a5dd36c69b2f434bedb2a9e3206c |
| SHA256 | 34546f0ecf4cd9805c0b023142f309cbb95cfcc080ed27ff43fb6483165218c1 |
| SHA512 | 181a5aa4eed47f21268e73d0f9d544e1ceb9717d3abf79b6086584ba7bdb7387052d7958c25ebe687bfdcd0b6cca9d8cf12630234676394f997b80c745edaa38 |
C:\Users\Admin\AppData\Local\Temp\17.exe
| MD5 | c252459c93b6240bb2b115a652426d80 |
| SHA1 | d0dffc518bbd20ce56b68513b6eae9b14435ed27 |
| SHA256 | b31ea30a8d68c68608554a7cb610f4af28f8c48730945e3e352b84eddef39402 |
| SHA512 | 0dcfcddd9f77c7d1314f56db213bd40f47a03f6df1cf9b6f3fb8ac4ff6234ca321d5e7229cf9c7cb6be62e5aa5f3aa3f2f85a1a62267db36c6eab9e154165997 |
C:\Users\Admin\AppData\Local\Temp\13.exe
| MD5 | c76ee61d62a3e5698ffccb8ff0fda04c |
| SHA1 | 371b35900d1c9bfaff75bbe782280b251da92d0e |
| SHA256 | fbf7d12dd702540cbaeeecf7bddf64158432ef4011bace2a84f5b5112aefe740 |
| SHA512 | a76fee1eb0d3585fa16d9618b8e76b8e144787448a2b8ff5fbd72a816cbd89b26d64db590a2a475805b14a9484fc00dbc3642d0014954ec7850795dcf2aa1ee7 |
C:\Users\Admin\AppData\Local\Temp\5.exe
| MD5 | 84c958e242afd53e8c9dae148a969563 |
| SHA1 | e876df73f435cdfc4015905bed7699c1a1b1a38d |
| SHA256 | 079d320d3c32227ba4b9acddf60bfcdf660374cb7e55dba5ccf7beeaedd2cdef |
| SHA512 | 9e6cb07909d0d77ebb5b52164b1fa40ede30f820c9773ea3a1e62fb92513d05356dfef0e7ef49bf2ad177d3141720dc1c5edceb616cef77baec9acdd4bbc5bae |
C:\Users\Admin\AppData\Local\Temp\1.exe
| MD5 | 8ec649431556fe44554f17d09ad20dd6 |
| SHA1 | b058fbcd4166a90dc0d0333010cca666883dbfb1 |
| SHA256 | d1faee8dabc281e66514f9ceb757ba39a6747c83a1cf137f4b284a9b324f3dc4 |
| SHA512 | 78f0d0f87b4e217f12a0d66c4dfa7ad7cf4991d46fdddfaeae47474a10ce15506d79a2145a3432a149386083c067432f42f441c88922731d30cd7ebfe8748460 |
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md
| MD5 | c0930d80d451ff2790c5977e093854f9 |
| SHA1 | 493764da3ff7e2628bd45045e4e283478fc179b2 |
| SHA256 | d144ad68aafabf0af611f5a29456cf17bf68368244f42b99b0e29d0d506eb844 |
| SHA512 | c9d5bc4d8912b880ee520b212eefe9a80291c23fe33e3501fb09b9eefa3a2c1150b4d3ff6506554c70bc9e36de6d0ec757e466d97f0fc2ea8e1584b3cfbc4318 |
memory/1204-1541-0x0000000000B20000-0x0000000000B30000-memory.dmp
C:\Program Files\Java\jre-1.8\lib\deploy\messages_zh_HK.properties
| MD5 | f622d2e5516fb07d86356ee9076bea96 |
| SHA1 | f79e4381b7a1698426b86c9ba4d69e441f02d789 |
| SHA256 | e0a81a16719bfc1305cd54922d6a6f29459c39f9d1b91df017804d71dcd5a393 |
| SHA512 | ed86570c292d8111df31f34b41afaa668370a4706b3b390a2161c19aff616fe3b21d5bf9ad24d1de37176c6e91ea0920f9c31de0122945e474ab8f56885245d3 |
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md
| MD5 | 9db3821f0926a76e658fb270608b7dfc |
| SHA1 | 5085eaf97e3952d93d6d6bb5ebe61dec68eb4937 |
| SHA256 | c3f1a1d96a10fbb0af8d9e4428108c5d7f7a19bf0dd556c7723cc3a6f04f7d04 |
| SHA512 | aa98d4585ece9147ea880acfb13234dfb61d6b190cc63e96154c2fc225bfa31cee42f84120206956ce71e25f1808527c44174bf5c5f8fabb562c743c04aa1dac |
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md
| MD5 | 54bff24e271c56e76bbb78e7d57f10ed |
| SHA1 | 0edc838c6069c94ac8e4c25b960c913d17c9ea98 |
| SHA256 | d345e3e57f317a835f50d61382be1e4482d23beff2d9f7f867832d28dd2ca10e |
| SHA512 | 4176d93ea9041d3a35dd6a6c3208ebad86694373db5c64a99e5620cba0a26b5919b0330b3dfc95bf19dbb671873e237b930a46a940cc8ee5982bb40ca9ac0254 |
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md
| MD5 | e94daa05871af55254b096eebd444a24 |
| SHA1 | 251f1dfb385eb00e9a567037b83640245781ef2d |
| SHA256 | 8c1ccca42d8abec2e3904e771770923957993a3fd2549841eff97bdadad9f3ab |
| SHA512 | f806a6af9c5901867ba180033f5d4409cabbdeff91109fe7f0f3264ae589c54cee357d483e791f064cdb54a036757845f0ed68e8a96e7f24cb0e9b4fcf3b06e9 |
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md
| MD5 | 58e8dc38a5da71f4f42e9ad67bbd8896 |
| SHA1 | 4aad2707cb81c18d0776dc65f73e5145f0ade852 |
| SHA256 | f0450794368831184a5a53143a59ce58e1039688d572f833c51ce1d137c50165 |
| SHA512 | 05651c224a990147742ad070aa6697943a48daa1b4debf3c550aba3eed19c0e1926f464f2d82a273115f046aa8c55e3000b3c962799d0c7a1c4e53cab4a0e7fa |
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md
| MD5 | 20c944ebbec46ed8e7a5f660e21ed7a8 |
| SHA1 | 45a0415cce6a5bc6a314259373995d966acf5335 |
| SHA256 | 6d5042d206cfc0aa23d2f567c0d1da962a23f60bec91125faea85d6a20b65f19 |
| SHA512 | 5e0b655cc8c0859ec17f6ab37f2befb0f352c0972bd0b988620245580268eda2f62ac8596e311a74890242887af4c6f2a8744e3b0daafc1e3a311e873876ba60 |
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md
| MD5 | 03f10d67b15c9194e141d7e60e2b3cea |
| SHA1 | 1f3bce7c0213f3042ca2ae543c1861ff48c2c595 |
| SHA256 | 4a9a359b5dcc9b2fec9a179d80f53b85c029dbffd3d71daf9ec1c62b1ad5770a |
| SHA512 | e7fec1cf8df8cef4e0968dc2c982c52bfec1e6772fcad9d187dc2d2045354edd1f5278993d9441d0e542d1fce0f2b995d40c54e1bade055c8dda07b62feda414 |
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md
| MD5 | bb514477a72ddf1671dba236dc741230 |
| SHA1 | 9a7419b1a75c782f2f23dfbe8c6c3573fde4e673 |
| SHA256 | 5662f14865e5cf495937d7aed4f3d03a012eb2bbb19a65906c83e82d577b3a88 |
| SHA512 | efbe9905bf6224c7a779c53e771f726cee42ccd16a079c6d736e332f272fba1671473b8ed6e5941a5a3521c1456cd5077ac48f705711c684e506d797f53c258e |
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md
| MD5 | 5be503b5677306c78007236280a57156 |
| SHA1 | 66bf67706ed41bd5b961e478f181d75ac7df599d |
| SHA256 | d09bd7ab6b9048e183812e7069b8e98025008be9209a023411caa6b7e903d7a8 |
| SHA512 | b4bab9cb97c154cf317f73943830a2393cbc7b927d1097dcc6ca96f0840a491266b5c1e7fa5fcc6147a89375a8df855c8e3aed82fad9eba45d4a3ce6caa9a66e |
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md
| MD5 | f60d05295493cf0cfb189f2bcf941091 |
| SHA1 | c5a79e2cb92a674476001c0788d1955b2ce52e26 |
| SHA256 | 14c3a19a1ee4cbfbdb4c57c4882b6dbb6991ab0ed8bc901ab2a1d5970377f9c5 |
| SHA512 | 6b7c82ad463ff7d159a07688be52f7270ee90d0c668c7d1f589822c39b3c4b68b936e497e57e24fadb81f993d83c1aa16fed4f12a77d42d0f5bdcb717217c0ae |
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md
| MD5 | 51cac8377345193dd30beb7bdc8ec151 |
| SHA1 | 01782173a17b5cc8ec3396c4504bfbe1a9cec3fb |
| SHA256 | 9793e33ce529f6085e2263f904f5dcdb485f074e473012a12c2c0d2de9cb0876 |
| SHA512 | d958d279ceb9dd05a606b8f9c1a3c62b44e24aba388d60627d40f038bb8dd719a8c2bf83be3436fbb61b299ff85f411e66e62e595955732c293bc0d75507ccd2 |
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md
| MD5 | de7273f4ccdcadcbdca68990a3e76933 |
| SHA1 | 0db2605e106bd8eb0163b39659d5ba89f68fe988 |
| SHA256 | aac0742af7d6610e9e8ece413d6c70ba108b08322b3f4ac74730757f2bcbfa8c |
| SHA512 | bd9d99d6598c9eff92f75ba0db1666508b89e72af1b3dd01f9e608da4f2526b8fda13351bf8fd8e61fb75b0ea87cecd08adbb9f157d30a7fb39d076bec37c00b |
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md
| MD5 | 7f0c0cac0a70fdb409ac73ad49b32624 |
| SHA1 | 8bf31fb1067ad85dd7a6ff2ce84b114208138bb3 |
| SHA256 | 3339cb829d276b1dde6cb063f7b560ef5a7b49fae38121ec02a076c8bf1cd372 |
| SHA512 | 0b26e44722ebb1da6dd2765c9b24472f087763695fa4e391a796d4a24645765f59bf53a226d44f5b4b008296a904834e4dcda92366d82ccb33b99174c1b6d7c2 |
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md
| MD5 | c354a7d42865e147dead180fc516ae45 |
| SHA1 | 95f3196060848bb847500688b40dbb1707ef1a28 |
| SHA256 | 5a19342efd84cd59184be84b9e7e2e457dd4dafb891c81916eb7526f8470fcdb |
| SHA512 | 924e7560dfb434ee967e2676daac91c302263cddd1bd21d036cc08d2063bd2af5b6cbb6f5f0db56d249cde0ebf1d432d54e652d13c544af0c63f0280f62468f8 |
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md
| MD5 | a03259761fde16bf0f2e470f0218ca4b |
| SHA1 | 2c139b88f7bd0b44da82bb437182ac30bf2eec06 |
| SHA256 | 01499d755769d412a015e392b42dcc84ce3b70f304949f73228d7313d2e6dce3 |
| SHA512 | 272dc4b5452d663d628197dcb92066f76df6bc2cbbb84614e44ff6bebd508a43cec4a0a90aabf7e97c4fa00a1c2887bb62baa3435c24e9037327e5925bba50f8 |
memory/4776-1539-0x0000000000C00000-0x0000000000C10000-memory.dmp
memory/4984-1538-0x0000000000FF0000-0x0000000001000000-memory.dmp
memory/4104-1537-0x0000000000390000-0x00000000003A0000-memory.dmp
memory/4148-1536-0x0000000000BF0000-0x0000000000C00000-memory.dmp
memory/2072-1535-0x0000000000BB0000-0x0000000000BC0000-memory.dmp
memory/3636-1534-0x0000000000110000-0x0000000000120000-memory.dmp
memory/2164-1533-0x00000000005A0000-0x00000000005B0000-memory.dmp
memory/4588-1531-0x00000000005B0000-0x00000000005C0000-memory.dmp
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md
| MD5 | dcb61b8ebc19321fba6ad59c5adef461 |
| SHA1 | 8decfe5c24e0686e1c87ca1a02da4fcabcf31666 |
| SHA256 | 2466a44467aca647abd8312eda8e8129092b849c1af00089edbc04f2c0db2f09 |
| SHA512 | a837f72a5cc35f5dac2a0fd543ab2210a6d93e2cb8e947b53226cd528a6ea5b07e07fa4d6c881474a53537d4cc279d28747f8ec7e0f20bc7f40e8cb58acccff8 |
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md
| MD5 | 809d9f04e44c6d1240dd866de05cc79f |
| SHA1 | be65e67430b6fadda587e4be168a6e00fd8227e5 |
| SHA256 | 6ad429659d040c2b70cfa3691c1e32d832e107aeef89f0df253394a7e5fae05d |
| SHA512 | 4602ec8423c200a99db13ad788e177a09455dce63eb0d098109466562137fd3db10da4c1ff6fcb0c45a73f39843febea79e48097a294ecc7af5b1e9cd82a044a |
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md
| MD5 | 0dd0a8ac937d46404a599750c6d34610 |
| SHA1 | a2e84b4e47833c6cf58390ad0c7cd2cde0e55004 |
| SHA256 | d159d71725cff791d5007861c2fbf6885e5e1dd616fb0baf7a3ea03e2dd4e596 |
| SHA512 | f80bbbccd03d228803c06621080d66a9e0fc040850d6a8075c89c7054f99ee12128d6e8d725c46ea26cb8617c5d847ed756f7da5bde7614240d057e81edde9bd |
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md
| MD5 | 83075b5823abe2c54c0dff3b81e220b2 |
| SHA1 | 31960db0938d45f6c053c366082fd1cd0e3fde87 |
| SHA256 | 01ba43b932905a2e057b22a81734b991e09465b7e151edfdf7c92c4d4291794f |
| SHA512 | a24c5dd757b3e23d642fc389143e06f80f0a1525cc59cfeb36807c44f8f86f9ca4f32cd8968f42ae1665243fb1ef6efef9f48173eb5d200507883f99f5524725 |
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md
| MD5 | c9153920ab35920aced1b47b46017e24 |
| SHA1 | efdeb1fc6bf65d38d6aae2c13a1f4737cfcef026 |
| SHA256 | fab15b37faf764a6c9393c3dbc3d1acbd5f87947f0d2c3aa7cac6b550b00dac0 |
| SHA512 | d4528f28a8f81f91082f6386043596e9c69328d93a51f12f9b748986c26ebdcd37f49a2b5258eba34e3b08f8aead5bc302bc6816f1a67fbd9d72691632552149 |
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md
| MD5 | 53fec5bd58a218dfdf7abc688fd87d23 |
| SHA1 | b032d81f09b4cf99f33891c1d7efd7eb272cab02 |
| SHA256 | 302b1fb06e6f5b7e46ac55a5c70d6ae9ca0da2968c8ac60e9a28d5b261462d8e |
| SHA512 | 0e69766fcff2baffa3e9025bd460096d4e794bf4d01b451d1f9352b8d0c3030647a36f1258110c9cc3dc2356397273be2efe2e2a306dbdd743dceea04f959c42 |
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md
| MD5 | e9c494c9282b6799f2b28bd79052fc7d |
| SHA1 | 2018e63f48e4562e5289fee439dcbbfd7941c89f |
| SHA256 | 316fb75073f410dae5788d86d843bb7f6a01d98da23d0cb4115bc7d0898ea64d |
| SHA512 | 014923133070cbbed5209654451e66a3fd9e5763092db4d11b3bff60eeb59bbca1d37a9bb240e58e9397123cb9f7faf0e54b343609eeb9792ae8155b92b6d71b |
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md
| MD5 | ae06da58c26bdbe64b065777a75383c1 |
| SHA1 | 0380d0455a5f67697d23da7036c240f1871a9a84 |
| SHA256 | 4fe87a377bb9958efcea5d78350dec66a69c3763ab94adcceb1b27be1550eaee |
| SHA512 | 3b60d0be4f90555c641e54be010fb5089f76b24e85840ad748b86ed5ff189b5a7bee28b2797c0d71c90c90234ae63755e8eee0e8d7482ddefdc4ee7f73b6ce06 |
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md
| MD5 | 8ec07f6f8b447e43bf7e2e1a674d0031 |
| SHA1 | e670118bbfaffbb138857ab028129b8094cf8965 |
| SHA256 | a57db92d3c7903661412e8c0a50f0a4d9f5f0932001a91cd9a9dc219cf3af875 |
| SHA512 | ba83fb929d59275d45928c450a6bd59850e0f7dc732e8186ed067a36ee82a1e9c607274caea42eabc5c3071ce39309718a3a98e56c38c626eea041960845547f |
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md
| MD5 | f8e87c27ea65c012aa0ef100c258a716 |
| SHA1 | 4b2e062861682193f1abd06fc7dc7d9fa27fcc84 |
| SHA256 | ec1910020848080626760f4bd6e4d099fdd5088fcded77e005278d299588280b |
| SHA512 | 07c810900e349bf6458c4962254584f04a54739344a6bc36fb0f167c15abff081baa67629a6c784b64cae98543df70041c7a603e2c2387921e3a30302447a545 |
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md
| MD5 | e9da502daca9399018f48c1d74dd89e5 |
| SHA1 | 834ccb1a3d8b32c0d18c2ce5aa8b1ca174e92e43 |
| SHA256 | 470927b62da60c7a5d74e524bbb0faf60488b926d7e7cd6521b800686a887ec7 |
| SHA512 | 2a694c67e8dee3f66b1d4591fdb224ef93f189e02a180f27b1e4b24c007258b150ecfc1cb6bbb3b8cd9f40312debc56bdc5b4220b6fba7c9dba728b0ad9facf1 |
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md
| MD5 | 83eb217f6809a5ebb9d511fcac6ce5d4 |
| SHA1 | eb14ba938d216f45de0cb774a480f4bdbd56fdc9 |
| SHA256 | 406a3b047c2e702205691efb0af717ee0677cd43fda3c19a54f00ca9d742f799 |
| SHA512 | 5150771db6cf85f5773986bfd0733bdd541892270b57fc161cd576ab146ba61d278c29ef0ace4aeafc5384b5c42bcb583fe7c45d688cbe7203dde486ba2a0421 |
memory/1828-1540-0x0000000000070000-0x0000000000080000-memory.dmp
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md
| MD5 | 90741b88b5e683cf65bad462ddf91ef5 |
| SHA1 | 2222d127aff9a0bdfc562cf4e0427b5004492894 |
| SHA256 | e85d0d5bb2af052c355b4814a2b1ef9d47d49c9d0378234b33a4ab2b8996def4 |
| SHA512 | 97215e5f09e41028efc819eb3ebf59559b4ab136d9c45f71796d09c7516a5a85300ceaa6aca0baf99ac13f4e06b020f43d74152173cda71e5839a70bea5ac4b8 |
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md
| MD5 | f5008fcd0bf393b4f1061354e6777e2c |
| SHA1 | 8c42d298ab8d43b609b75166b2b244ed5f855b9f |
| SHA256 | a65b37992bccccf830fcef856320aa0aab6ae53f0144b56154fbe34f09176e87 |
| SHA512 | ab691c864d163d4cd4ab0b11ec41e30e4be3cce1f14a3aa3eb56c06edfebf027a74f32d765147c99cb1bb7162252d1cd05a51c0948d4df905e4486c469db96b7 |
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md
| MD5 | 5db2e056f1255511e105dc3f0f56bab0 |
| SHA1 | 51ec569906ea5bed8ed700e165ea589e14728c81 |
| SHA256 | 0c27e83b7bda488fe4dfbef4ec8c9c75da09451947af86940c54f40c8ee6bbae |
| SHA512 | a151a28a45a9651adbe2ba5a4b107b3ec46acf2132fb34f4881d6ad458c2a7a00f0b6f5bfd7a8f0294a4617a78675478689de0b8fcba39f802be7b73c187213f |
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md
| MD5 | 7e8e757c3492d7d663fda1f7e8a946cd |
| SHA1 | f0b9966c2e825a071accd4e7523d687703408daa |
| SHA256 | 8b5e08b514a5af7dd7dd337b727df26d24d3f8cc194b96191f396d825eb1e5b8 |
| SHA512 | a708f4d4d6fd22d3ecb70c705bd92008416c05129968202a9e56900fb001054e36367d313c3ee2d28c48d5b35a5123f7bb1a43f45ee7a3537815ee6443a35ff3 |
memory/344-1490-0x0000000000440000-0x0000000000450000-memory.dmp
memory/4772-1489-0x0000000000FD0000-0x0000000000FE0000-memory.dmp
memory/416-1488-0x0000000000DA0000-0x0000000000DB0000-memory.dmp
memory/3972-1487-0x0000000000090000-0x00000000000A0000-memory.dmp
memory/4612-1486-0x0000000000E60000-0x0000000000E70000-memory.dmp
memory/4604-1485-0x0000000000960000-0x0000000000970000-memory.dmp
memory/248-1484-0x0000000000850000-0x0000000000860000-memory.dmp
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md
| MD5 | 681254aec27dea6ed94285e4923e7aa0 |
| SHA1 | d275929a50dc6a54ab16f48eb77158695d83526a |
| SHA256 | ce81c2bd5e90f7fcc91918f9476b9b3cbfc9580fb781905f066429aeca2f2c39 |
| SHA512 | ec4148ba2d37c392b909704a95205cd4a159137fc9eae2b3a21b60222639cc5b900caab6aa949b0b790195018554e4ed6c3c0bc2530ed4a6960a113ce6eb0c5d |
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md
| MD5 | 4c030646aa4b42dd2a3c0e5b3214a4c2 |
| SHA1 | ef696123c880dd2f2c8ea50abe93365562e074d1 |
| SHA256 | d7f0faebfddb08621b416d395f0ff99cddc708e1b604f38e4d745aaef392a8db |
| SHA512 | 98434f417a45b014a6a5084255b623b174fdeeb1015fbae9caf5d3a75f155575eb464bd2716cb37d6168308229b7f62599b7a86f1c1301dcad910307a7e84156 |
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md
| MD5 | bf15968c5867110a6533a950876c6684 |
| SHA1 | 2acb3580fdd9150d5b5637b47f1d755c7f0371aa |
| SHA256 | 25a35290870439b9fa636f7d7e0fb8483e9a5a81f488a8761b3a5a988737ae66 |
| SHA512 | 963b848286228d4b05c230e6a63ef435ba761108897b2b6cf25fc1d99597e3563d9ebf903d9883bd29a3ecda1cf48cf428938a6d3bd398ef0543821cac358ca1 |
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md
| MD5 | 656994030f1b3b813cadcc11a6e5c410 |
| SHA1 | 1006e037ba5e342d47aabc108687426a742353d6 |
| SHA256 | 6fe8ae29ed1c401d4baecb513ff7a8c1046e1af2fbbdcf32c25da787be1b8c97 |
| SHA512 | cf46f1f4b31f846dcf2387d3ce9e9d3a56c29e520e38446f5c0ca44821c627301ffb711584e3bb9442832e923027f579d469e7dab0f668702bcacd9b0cb13cbb |
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md
| MD5 | acb75f8d6aa9bd8bebe4a42d61e860b7 |
| SHA1 | f369dfd26543352927f4bf74f37afb71dec3a133 |
| SHA256 | da08095fe0e408cec2031e8d4a2cc277bdeccfc9db737a7eae56c627a431360a |
| SHA512 | a30b97a91228cd67a62f99af185a4b57a32af1ca7aa35b2457607f16c8609566719fcc2138cc8d0e66c186150768a73ef8271a77f59dca978be9747f10a67dda |
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md
| MD5 | 9e5d2a30ea24d4483f49eac3ddd3abe5 |
| SHA1 | 130c492715249dc2c4e1b930d95dd83e30c817f3 |
| SHA256 | 1790faff6b2fb60bd762fac42ba8dc1beab8f92025cf3aab3892e889ee4c864d |
| SHA512 | 8b0be9d249b24cb67218b1f480d1eaabb03e51be714ce7c656f28a9d0047ac88aacd2f8b7f7f5def88ddb813f964702798bf2a08336e19791a77b0f21ef1d782 |
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md
| MD5 | f8f42a348b5710b679ce7cfa1618d68c |
| SHA1 | ffc9b8a5408a89f99de137a70ef7d416cf56385b |
| SHA256 | 33ed2ae1d820c56e25f55f16f777f0668121c110851f8808a0016b5b33da49a9 |
| SHA512 | 5f951bf6c050f12c6e717be16056d954be73c8220ec7ecd9c9c492e460a6a054acee96afa125ea9b3ec643475854b746e6a5709f6fcd71e9b1c8ddfd6633ef5b |
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md
| MD5 | beb1d4befe55f61a905c0c9b37759c01 |
| SHA1 | e7b8f26b56b738cc8b21abaf1e3abcf95f1bfc7e |
| SHA256 | 8e774ae9d470010a5f27120384c48c5cfb8402b8a0e88a295dc34ca1cf11f72e |
| SHA512 | 960bfe64003bb937a05c635afa6ddabab0bc2f5939bf0670befe8cf0cbec52424be83e4ae5b8e5ca6a8f7ba92f0186e34c5731e9deddacd9c783ad43f0db0335 |
C:\Users\Admin\AppData\Local\Temp\2.exe
| MD5 | 012a1710767af3ee07f61bfdcd47ca08 |
| SHA1 | 7895a89ccae55a20322c04a0121a9ae612de24f4 |
| SHA256 | 12d159181d496492a057629a49fb90f3d8be194a34872d8d039d53fb44ea4c3c |
| SHA512 | e023cac97cba4426609aeaa37191b426ff1d5856638146feab837e59e3343434a2bb8890b538fdf9391e492cbefcf4afde8e29620710d6bd06b8c1ad226b5ec4 |
C:\Users\Admin\AppData\Local\Temp\3.exe
| MD5 | a83dde1e2ace236b202a306d9270c156 |
| SHA1 | a57fb5ce8d2fe6bf7bbb134c3fb7541920f6624f |
| SHA256 | 20ab2e99b18b5c2aedc92d5fd2df3857ee6a1f643df04203ac6a6ded7073d5e8 |
| SHA512 | f733fdad3459d290ef39a3b907083c51b71060367b778485d265123ab9ce00e3170d2246a4a2f0360434d26376292803ccd44b0a5d61c45f2efaa28d5d0994df |
C:\Users\Admin\AppData\Local\Temp\10.exe
| MD5 | d6f9ccfaad9a2fb0089b43509b82786b |
| SHA1 | 3b4539ea537150e088811a22e0e186d06c5a743d |
| SHA256 | 9af50adf3be17dc18ab4efafcf6c6fb6110336be4ea362a7b56b117e3fb54c73 |
| SHA512 | 8af1d5f67dad016e245bdda43cc53a5b7746372f90750cfcca0d31d634f2b706b632413c815334c0acfded4dd77862d368d4a69fe60c8c332bc54cece7a4c3cd |
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md
| MD5 | 21b24071f6ea8009db86031b800c15bd |
| SHA1 | 4bb3bab863d96fca5b3d43522e3752899f08507b |
| SHA256 | fce173d78e3c8eaa92c4ec80736d4315190c1b5da825ae8d21d94a77c28d26e4 |
| SHA512 | e17bb38ceaf43cc0d1e922c630daba5564243ba8fc5d1fef6c63cc9e3945877e311feeb89eedf2f669e5f605c552c2e4815c347b1735f993c72c7c8d12c7a3a4 |
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md
| MD5 | 86e38de229b3510e214440f8f59754eb |
| SHA1 | f613e8ccdac1f79147714d6b44ec19b1ca1e9ff3 |
| SHA256 | 82fb623b16babd92d11bb7c857d279a877be2d83a4c3189ef5248ab3ee2d9f52 |
| SHA512 | 2f37c022b9ee9d60aeafed5037a6cb32b58c655c87358b58e48d16e90314571e735a4a8ff946c166c7e7d940fc8213247140e5bae67cd8bd3aef59ce10ee8933 |
C:\Users\Admin\AppData\Local\Temp\11.exe
| MD5 | 6c734f672db60259149add7cc51d2ef0 |
| SHA1 | 2e50c8c44b336677812b518c93faab76c572669b |
| SHA256 | 24945bb9c3dcd8a9b5290e073b70534da9c22d5cd7fda455e5816483a27d9a7d |
| SHA512 | 1b4f5b4d4549ed37e504e62fbcb788226cfb24db4bfb931bc52c12d2bb8ba24b19c46f2ced297ef7c054344ef50b997357e2156f206e4d5b91fdbf8878649330 |
memory/2516-1441-0x0000000000A00000-0x0000000000A10000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4.exe
| MD5 | c24de797dd930dea6b66cfc9e9bb10ce |
| SHA1 | 37c8c251e2551fd52d9f24b44386cfa0db49185a |
| SHA256 | db99f9a2d6b25dd83e0d00d657eb326f11cc8055266e4e91c3aec119eaf8af01 |
| SHA512 | 0e29b6ce2bdc14bf8fb6f8324ff3e39b143ce0f3fa05d65231b4c07e241814fb335ede061b525fe25486329d335adc06f71b804dbf4bf43e17db0b7cd620a7c6 |
C:\Users\Admin\AppData\Local\Temp\6.exe
| MD5 | 27422233e558f5f11ee07103ed9b72e3 |
| SHA1 | feb7232d1b317b925e6f74748dd67574bc74cd4d |
| SHA256 | 1fa6a4dc1e7d64c574cb54ae8fd71102f8c6c41f2bd9a93739d13ff6b77d41ac |
| SHA512 | 2d3f424a24e720f83533ace28270b59a254f08d4193df485d1b7d3b9e6ae53db39ef43d5fc7de599355469ad934d8bcb30f68d1aaa376df11b9e3dec848a5589 |
C:\Users\Admin\AppData\Local\Temp\7.exe
| MD5 | c84f50869b8ee58ca3f1e3b531c4415d |
| SHA1 | d04c660864bc2556c4a59778736b140c193a6ab2 |
| SHA256 | fa54653d9b43eb40539044faf2bdcac010fed82b223351f6dfe7b061287b07d3 |
| SHA512 | bb8c98e2dadb884912ea53e97a2ea32ac212e5271f571d7aa0da601368feabee87e1be17d1a1b7738c56167f01b1788f3636aac1f7436c5b135fa9d31b229e94 |
C:\Users\Admin\AppData\Local\Temp\8.exe
| MD5 | 7cfe29b01fae3c9eadab91bcd2dc9868 |
| SHA1 | d83496267dc0f29ce33422ef1bf3040f5fc7f957 |
| SHA256 | 2c3bfb9cc6c71387ba5c4c03e04af7f64bf568bdbe4331e9f094b73b06bddcff |
| SHA512 | f6111d6f8b609c1fc3b066075641dace8c34efb011176b5c79a6470cc6941a9727df4ceb2b96d1309f841432fa745348fc2fdaf587422eebd484d278efe3aeac |
C:\Users\Admin\AppData\Local\Temp\9.exe
| MD5 | 28c50ddf0d8457605d55a27d81938636 |
| SHA1 | 59c4081e8408a25726c5b2e659ff9d2333dcc693 |
| SHA256 | ebda356629ac21d9a8e704edc86c815770423ae9181ebbf8ca621c8ae341cbd5 |
| SHA512 | 4153a095aa626b5531c21e33e2c4c14556892035a4a524a9b96354443e2909dcb41683646e6c1f70f1981ceb5e77f17f6e312436c687912784fcb960f9b050fe |
C:\Users\Admin\AppData\Local\Temp\12.exe
| MD5 | 7ac9f8d002a8e0d840c376f6df687c65 |
| SHA1 | a364c6827fe70bb819b8c1332de40bcfa2fa376b |
| SHA256 | 66123f7c09e970be594abe74073f7708d42a54b1644722a30887b904d823e232 |
| SHA512 | 0dd36611821d8e9ad53deb5ff4ee16944301c3b6bb5474f6f7683086cde46d5041974ec9b1d3fb9a6c82d9940a5b8aec75d51162999e7096154ad519876051fe |
memory/4960-1361-0x00000000003F0000-0x0000000000400000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\15.exe
| MD5 | c936e231c240fbf47e013423471d0b27 |
| SHA1 | 36fabff4b2b4dfe7e092727e953795416b4cd98f |
| SHA256 | 629bf48c1295616cbbb7f9f406324e0d4fcd79310f16d487dd4c849e408a4202 |
| SHA512 | 065793554be2c86c03351adc5a1027202b8c6faf8e460f61cc5e87bcd2fe776ee0c086877e75ad677835929711bea182c03e20e872389dfb7d641e17a1f89570 |
C:\Users\Admin\AppData\Local\Temp\14.exe
| MD5 | e6c863379822593726ad5e4ade69862a |
| SHA1 | 4fe1522c827f8509b0cd7b16b4d8dfb09eee9572 |
| SHA256 | ae43886fee752fb4a20bb66793cdd40d6f8b26b2bf8f5fbd4371e553ef6d6433 |
| SHA512 | 31d1ae492e78ed3746e907c72296346920f5f19783254a1d2cb8c1e3bff766de0d3db4b7b710ed72991d0f98d9f0271caefc7a90e8ec0fe406107e3415f0107e |
C:\Users\Admin\AppData\Local\Temp\16.exe
| MD5 | 0ab873a131ea28633cb7656fb2d5f964 |
| SHA1 | e0494f57aa8193b98e514f2bc5e9dc80b9b5eff0 |
| SHA256 | a83e219dd110898dfe516f44fb51106b0ae0aca9cc19181a950cd2688bbeeed2 |
| SHA512 | 4859758f04fe662d58dc32c9d290b1fa95f66e58aef7e27bc4b6609cc9b511aa688f6922dbf9d609bf9854b619e1645b974e366c75431c3737c3feed60426994 |
C:\Users\Admin\AppData\Local\Temp\18.exe
| MD5 | d32bf2f67849ffb91b4c03f1fa06d205 |
| SHA1 | 31af5fdb852089cde1a95a156bb981d359b5cd58 |
| SHA256 | 1123f4aea34d40911ad174f7dda51717511d4fa2ce00d2ca7f7f8e3051c1a968 |
| SHA512 | 1e08549dfcbcfbe2b9c98cd2b18e4ee35682e6323d6334dc2a075abb73083c30229ccd720d240bcda197709f0b90a0109fa60af9f14765da5f457a8c5fce670a |
memory/2924-1358-0x0000000000840000-0x0000000000850000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\19.exe
| MD5 | 4c1e3672aafbfd61dc7a8129dc8b36b5 |
| SHA1 | 15af5797e541c7e609ddf3aba1aaf33717e61464 |
| SHA256 | 6dac4351c20e77b7a2095ece90416792b7e89578f509b15768c9775cf4fd9e81 |
| SHA512 | eab1eabca0c270c78b8f80989df8b9503bdff4b6368a74ad247c67f9c2f74fa0376761e40f86d28c99b1175db64c4c0d609bedfd0d60204d71cd411c71de7c20 |
memory/3468-1333-0x00000000001A0000-0x00000000001B0000-memory.dmp
memory/3988-1259-0x0000000000AC0000-0x0000000000AD0000-memory.dmp
memory/1540-1188-0x0000000000280000-0x0000000000290000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\22.exe
| MD5 | 296bcd1669b77f8e70f9e13299de957e |
| SHA1 | 8458af00c5e9341ad8c7f2d0e914e8b924981e7e |
| SHA256 | 6f05cae614ca0e4751b2aaceea95716fd37a6bf3fae81ff1c565313b30b1aba2 |
| SHA512 | 4e58a0f063407aed64c1cb59e4f46c20ff5b9391a02ceff9561456fef1252c1cdd0055417a57d6e946ec7b5821963c1e96eaf1dd750a95ca9136764443df93d7 |
C:\Program Files\Java\jre-1.8\COPYRIGHT
| MD5 | 09c234253639afbd2865e15e69564428 |
| SHA1 | f5d0794caebba0abd8b14359175ced9f971da96f |
| SHA256 | a58971fea87fff4973724d69119f0bd056deb5e1d96ce088b0fd443f2b6a7cfc |
| SHA512 | ec9bb1c0e82f6d79c13dbc49efadf68737355f00f2671af447ae7dc2ab3bdfb062746895bc99414255d08f5fe88cad16b0df08e7fdb575d3ad486101a9dd6ab6 |
C:\Program Files\Java\jre-1.8\LICENSE
| MD5 | a88f9de7a7d4946f74d429b993722d89 |
| SHA1 | 1263551cd250aac9f6ff97e317a4387573f8dc21 |
| SHA256 | dc23dbacc890ad499bb24d88b3799c34b12f15fd55fe93ed5b89c9af2ea3f4e3 |
| SHA512 | 353a8e9c705cbcc0d9185c3ad565bf629803beebd99eec9b831dc06c6f27bc82e7c66b0d4bad832613a972d6191e7d4128b40b870de2fe2100e8482278063011 |
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt
| MD5 | 09159e98f97a608bd87c496dbb26692a |
| SHA1 | d936d60d69ea5258c355a202d3e70c35c1a96f29 |
| SHA256 | 180477bf32c8792b2e7c95a131de730db8a8c856f83c3997a2c532bcb1be6367 |
| SHA512 | 3b6b3e413e6caaca246ce4d6200da5098e358296e3cd2a6c81bfc5fb362d8d37c82a9608af96440e79a8bfe3258f13790ebc7a1278b940af04147418a83dfeba |
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt
| MD5 | 88f569cf03a85adb8c7b2d05f85fdd86 |
| SHA1 | 13fc0c88b115aea7d804e9662f76dc393545bc46 |
| SHA256 | ca6e7fe6e1b51a7f12ec8aad8cb695b7247b8363a245fe28e7669a96a7c22fa8 |
| SHA512 | 54a51cf507c1994bb0f2807570cdfd8f9e6627b6200a1638741b207c4defc5ab296b68ff45065c344535119b74cc8a97baa2297fe816bac70cb5098c62d30e4b |
C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub2019_eula.txt
| MD5 | 90c834d97b4354b8ddfa38e1b40ebae9 |
| SHA1 | c24bb0689098f59ee9f98ab28c7c4216a9606736 |
| SHA256 | 9dbda16a6b000429edce5ba6379c4499233f3c070fbfa08d50c5bb01bb9e8074 |
| SHA512 | aa07c87c47349c347770a832f97620a0664e21fea1ac05882628f0f0925551e2de5775a4fd9b23ebcbf5ff49b3a3cd8510c5ebe28b3c1a3b4ceecbcca8a385cd |
C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_K_COL.HXK
| MD5 | fd47a9698636537cf25fa130cb0eb015 |
| SHA1 | d38edc78d1487746d07439c2fcfea6c512c11322 |
| SHA256 | 79a5b23bb8ac7b2be931d47173d1367ad2d79245411d5beae7379f866d561ea3 |
| SHA512 | 78873b45107f3e7c087be5cf7ba6b482c853e2c8e247d874e2e0f9b5aca170d4e5fbd912ca9f154da6a274c8ff4f139e2bfefc650797197a01e04ae3224a7e9a |
C:\Program Files\Microsoft Office\root\Office16\1033\MSOUC_F_COL.HXK.ragnar_04C983E2
| MD5 | 5a83418d2bfbceb9092b24b09d2b964e |
| SHA1 | f664990d012f8796935ad444cf23e5aaa220c299 |
| SHA256 | e58c1d3027cd3a19920677d002ebb877633926e8db117e24bec8e0c6d8ba968d |
| SHA512 | d8a41a142d865736579a658bc17f0b0776dadb6cad1565e590a7e0854e1b8c69ac04ed37bbc25aed08ee7ca6c8d4884cd14d7ed368a3046cb99ced0ade8a2c9e |
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe.config
| MD5 | 7d67267d141230ebdef78485ef430313 |
| SHA1 | 02762a3f06ba719bcf98e0c0083bcde93fa1cc07 |
| SHA256 | ab4fcb5b90c8a914233f53edf1d7af1eb4ec6f15c3d0fc39cf391d4462d52cbd |
| SHA512 | b068a011d5f570418ae2f156525a2412030eab06183c3f77333c4485464a1eb6418a08020a79c4da57a518fd2aa0e6fdfacb395b7b1b1220e7e6912ee8cd86e5 |
C:\Program Files\Microsoft Office\root\Office16\Bibliography\Style\SIST02.XSL
| MD5 | f273f5e5ef85e996a0d18916ec268e12 |
| SHA1 | 1b06676f5ced00f1a50e3cae6eebc50dbc67fff2 |
| SHA256 | 7c184a141e55836ddb453338ce11bcb47817606eeea10ebcb15220a4391cca85 |
| SHA512 | 74d729ca6db1fc2720f316223475816f77c685b88bf902cababd4d5eecaeb9ab13920a4372e2af89b50e1ba88c589e67a2b223281465bc63bcb8b0e06050704b |
memory/3984-5026-0x00000000735F0000-0x0000000073BA0000-memory.dmp
C:\Program Files\Microsoft Office\root\Office16\PROOF\msgr8fr.dub
| MD5 | a9673701ba8f3a10860b22cca23c40ab |
| SHA1 | 1d725c42ad32d86158314f51d7d68995761ba040 |
| SHA256 | 47583fc57fa64744cddbcf84d1578184f44c26b25c19765db895c3100416290c |
| SHA512 | b6ebef1604f974c439384a0e75b121095ebe552ffde9615d259f59697768726730a319e087a63897aed34db040a08a6f63bf70bc15b968c0ba269b776c2b476c |
memory/6852-6015-0x000002697E540000-0x000002697E562000-memory.dmp
memory/6852-6136-0x000002697E6F0000-0x000002697E766000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_a4ypd5xw.idm.ps1
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
C:\Program Files\Microsoft Office\root\Office16\pkeyconfig-office.xrm-ms
| MD5 | ee5179ae6c7f9a71fe7df3f437c55962 |
| SHA1 | e7d65df1d27c6eedd0519c8317455de1f6beb91f |
| SHA256 | b90812a006bb1cb7c49f15862951bab78e07f283e85bda8f55ecc0fbec196f25 |
| SHA512 | f9cc1b0e8f29cb890bbd2add7225e69063e2fe5c164c27e8f50256441bfd1eb4bc06a26c44eac43fc3db83f0e83e5bce7b99b0d55e4e748039f9da513ea7bebf |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql70.xsl
| MD5 | 186b6ce07e6f5f52ea8752fca166ae6a |
| SHA1 | b087045b1cb884be408ad040cfce761677308e6b |
| SHA256 | 69eac6875d469b5ce5f7860ab3374c79e7c582cfb0196fd1ddeacbf0227c0cfe |
| SHA512 | 4b343af5a9b2a47c0ddadab183ee991e38ec5d77c6c9da5f8715fcb6eab86c0af84143c24e86f3307086946d71fbe62abde0167ab3d9f628d0d94d90c88eccaa |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Sybase.xsl
| MD5 | 931cbdc325458723d17631aafc031286 |
| SHA1 | 4e4021a4046f6f0a57bf46a5a7eba4ac5a0f5e88 |
| SHA256 | 8915a5e7cdc46fc9749507783e44303b6d0b93d47c3c59ba5d180b0d696db183 |
| SHA512 | bde164f6609ae7dcd45b9e075905f1dc3da63b03fd18f9bcc48fdeb316dd7f2a14b77006f401f5dba3fcafff9b32502382209f0f7f1ea0fa3efaaec9b11a1761 |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\msjet.xsl
| MD5 | f07e0ef24407e18aee4fff58d330b65c |
| SHA1 | 469f45a39beefcfd48fd4ca836e4682a8f187277 |
| SHA256 | 05bba019ef48ea22badcf32191929d5f47ce8a4ef9a8ab06d4219f4384d724eb |
| SHA512 | 27b18e477715f2c3678712fe8a5ee5db3523b1fefb3ec5a9200908d074aca2c7925b636077f9713c302c451e2e76b7430b6c420e3a54a688c781254e67f5b7ac |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\Informix.xsl
| MD5 | c6c680b74051ffffea86370006c64f68 |
| SHA1 | 4f801fceab5453a55a58f334414f068ee87f66c5 |
| SHA256 | 921c669d4a99b6e2ad6701df5c95f6b0e23ae7feade929db910ffa4550463eac |
| SHA512 | fb931fbba7d762efe674a4a13d5e1844bb37494543913069fa4ec8f8bf155c05c8a8431ba7f264ce6369e648fdcaac9f4523848b14f0a521119e77f93ce7a3dd |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\Cartridges\sql2000.xsl
| MD5 | 98fecb7d8c447e38a733b903a30fa662 |
| SHA1 | 03f41c59a1275dd3c81c7f7077265c9190816daa |
| SHA256 | 87ce192a91766d4ad2b6cb1b8997f375375030ec2bfe0f7da837f3e73143f1fc |
| SHA512 | 506eb1d2206c61120d864be7d5d75e8e779b3515e605259c4bb77f164e75b483ca7b50b4424f2b976964cf8fc831e9c4cf45ef67b2549f0f9af55640cf0bfde1 |
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\Cartridges\hive.xsl
| MD5 | eb96e0fe8aa0ad70f244e933a3e8542d |
| SHA1 | 30a4931c0fa5a1f923ad7c7da0a38a88f108ead5 |
| SHA256 | 5821eb69cae4ba70ca7e55c6682f9f5de2feb8a5c84f1e92456f14f620c408ca |
| SHA512 | 0f73a9a22fe790a2e12ea7d62e274872b06f087e25dda65a2bf6aa0b8644f570ccd4cd4fb368f1eb1c233e58dee7c5d66f4a91f1e02b6d26166c9fd7b2bcb30c |
C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo
| MD5 | 7493c5909b7f28ddf3e6318de63d8e92 |
| SHA1 | a29ed78b6b5bf87526d1f02c7b10a149a412b679 |
| SHA256 | 2f4986914eb22288d4ba7b6f5f519087b2709867c8d2be4c5c2b81949fbfa03d |
| SHA512 | 721a6bdb365b2f0a5f27b6bd7549089d0929592a1006629ebf06ca885efff011e0fe577aa2d92ab8767dd7882b8af2301246c26815bf0af7a5354dfc4b366eb6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons_retina_thumb.png
| MD5 | 78f152a6ef4133a95399a9753ae695e5 |
| SHA1 | 764c1acd876a94d74a631ed4c8403f66882bbe74 |
| SHA256 | dc4ce0f85a6fa63516ac72a13cb73a67652cd5faeb8f7e17ecb0af97eef29d58 |
| SHA512 | b89c66b96de026419b40470ef518c5c883157827939260d88732bd51be2fb1c4ef9ccd236c4e731e7f05a45a7980a621b2b98afd122797e07b1251f15a3b434d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_closereview_18.svg
| MD5 | 69e6d3cccf6215e964b55e8b298a91cb |
| SHA1 | 644f38e52da2646ac9bb0277a0c17bc5d0b3c52e |
| SHA256 | 5ee423bdefc3d48dabd8796a99d732024de2eb62ae51571c1801ce78187236cc |
| SHA512 | cb76c40e348bdbce5e9c921c22204dc9a5fc93885deb15faefa05251b14ffd4c767dbc3702c6ee4837deef7bafde63916093e7d83c935b7257e236c5660bc46b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_editpdf_18.svg
| MD5 | 28a72a0d01c8c06e166be954b12f0b65 |
| SHA1 | a5767f6babc3f21acc8cc42e56250ac91b638342 |
| SHA256 | 960cfa7f937473abdd32a3381abbf6caa16049a0ccc6526b705ab0d1c6cf0f21 |
| SHA512 | cd592efa89f01559b6017720a086bb6a9b43638c78147baa14125f4b04db54078167c7c0073405dd3c3a3cd019f6f0365a6d4c0300f7152931dd89ae2eaa5194 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_fillandsign_18.svg
| MD5 | 68155b96ebd83ca28058be8c6fa7c1a4 |
| SHA1 | cff5953bdbbb64d4e7e3a34693ee808fde5dc87c |
| SHA256 | 168aea0b2cee2f971346c80404fa0f48b6c2735e5d2f1057b29f356a0dd63011 |
| SHA512 | 055a1879355b5ce10b35593ca6af1cda69c53bd78292f413df866fae63a876be6700aa3cd3de39279914be0c7fea24591dc5135e20844e3d0636ad5f7a62fe0d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_export_18.svg
| MD5 | 7419ef2d3012a3cfb37fb3fc003092a1 |
| SHA1 | 44b053fdd8b97254467df1ec1f288db50a80e1f5 |
| SHA256 | 9bc87200d62a391912cca9cac934e0ab267d214849a049db2eb2a4ef6f04eb20 |
| SHA512 | f5c44698fba5af01a1a1ad68c65deb3cccfbeec425c0b6b84531172a8d34dfa7cf26b4b5b495c60dcb36e8dd93aae6c23469475da649df28226065640ffddf9b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_sendforsignature_18.svg
| MD5 | 00bcf52f30619ebe8a90effe244fa674 |
| SHA1 | b66669480f10e5a314fe4e940403a12b57772632 |
| SHA256 | 2757ec22ec4e0e608d9af6ab57305f1993134edd3339a839871ccb1e820e2b5c |
| SHA512 | f4288ce10bcd37b07fae9bdb9ebb9df12a31e21db664d7a3d686016e51424dc44a0c2f50e1499a0a0b8f77a47fa1ee22d51b3ea2fa7b49fe787b39f7c5a17991 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_comment_18.svg
| MD5 | 087f04802e110ae95cb1983fa8f28445 |
| SHA1 | 52d58034b755101b6e7730228b4dde1cbd827cb0 |
| SHA256 | d611e57061cd8b71fcc7b0074cb47c915949b04f319e8930798fe3f2a67d5ba4 |
| SHA512 | d55e98fe2beb48dd2c06320f9c86d944474d01cc7178e392c947e63dc2ad951f45bc50cc12f742b3e098ede5fe852e5914275da55124f5a91bf7bfaf1aa87b1e |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_backarrow_default.svg
| MD5 | 29a145bad35f615e9e852fba4c737634 |
| SHA1 | 38db3390a271bd13187b286933997e6124e32e80 |
| SHA256 | e80e4d766bccdafdc70bd88733b70789e34bd97c966fc6f563d6bc5f12925ceb |
| SHA512 | 7e56a5dfeb1d50025aef2e4a9c350a549aadef2de0a2c420a8397a2aaaa3e6020f236ce307266d39742195951ecf37c7b24956ac54f576cad97ad91fd5c3acb1 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png
| MD5 | f69d8bfc4c31e9750a04ad80ed500ba0 |
| SHA1 | 7339eca3f8ca8fff3552d2c0c3c19de02a5b64e3 |
| SHA256 | 3dffde47e653ce41af22871b3d46901b69e48260fa4925336661cb2c565b0896 |
| SHA512 | 7e809ed206042be24df3fd3ec8c65461e2f65fb2a3f0ca980151236e9dfb47a84de0535af65f52fc0ab6919facdaf82cfcf9dd7ccbf4f2c6fcbde783631ab3c5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png
| MD5 | 1e59f37bd24b834106cc6be40f2ffad8 |
| SHA1 | 0929ce6870ef3809dd6874e4daf21ae58c18cbb4 |
| SHA256 | 3442aa11e84ca06257abf4ec2cefe56efe48b5966326f4f197142dceb3deb93c |
| SHA512 | 8963152507d97b2fd6748d450a66c4bc72749072dc3cb2f56a912e96d6c690f2609b592814fd8134550a80fdfcc56d45935a523aa88ec1a9fa75068abb39733a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\remove.svg
| MD5 | e016a97688a74439a23596ef4c3f9fde |
| SHA1 | 871596b6315c5bdcbf0f058f4d710505d7b27b4a |
| SHA256 | 80c646c151526bb2aec026611f8deb5caecbe6af26580f6b054fb062dd625d5f |
| SHA512 | 39652dd241854c648b5c57dfd8f58b708ea0e740ec68a5c042dbbbb82a847e84ec37490305888d1f11ce1aba625260b9ea9e37f2183320b975c1af5c3b6f7bb4 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\duplicate.svg
| MD5 | bd8e1304930ac4ebda4e87432a582343 |
| SHA1 | 9c4ee58bc943bea249fb94f0c0b242d10a4f29fd |
| SHA256 | 8981717facbf35c0445857dff8862ce302226c07f08e3c659d4d9269017f2fe8 |
| SHA512 | 0ac1fe32374580bdcd853be3bb9ded7d1dbb8b93f63fec3c8792b615fde7f476cb80e4cb5a621c6e4bd91b979c441cd90231eb6606a94ee15d66af15b9328b61 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_share_18.svg
| MD5 | fc4eaf6be876fd83a780693070cda0ec |
| SHA1 | b78f6c6d207de8c38c80d9fdb08e76e3d17ae730 |
| SHA256 | dff5927cd8c890efe261b5466e5dbf4cdebeb0058e7ad0eb727fd8521bbadcde |
| SHA512 | f2df13e9d028fb5903fab858e67d41467658ffad3e4b8dff49506d3c867613e3f6935d5236d17608019c1012d8b9771425470090cd8d8dd04f6081de5c410b2b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_rename_18.svg
| MD5 | beb2e42c75682797999660f8b1161777 |
| SHA1 | 3d13b212a98b99e4b87fecf3d6b80f5c60a14c12 |
| SHA256 | c49607570fdb8a2fbea16f74674fd3fa33324815e1d4af894397d09d1a256103 |
| SHA512 | 4ac2364a8dabca1e29b456b3fe87998c7b71255c409f67e9d537245ad0c5ab4074b827863ca409d2fbfef88fc15e9b2046becb442b255def8504b263b5975d09 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_organize_18.svg
| MD5 | 83bdc9c997e3a2cc74f3295d9e6c7384 |
| SHA1 | 251d5bd0741bb8cd4d83b1d4e05ca01b4c9f97f3 |
| SHA256 | f8b1a3b4399609e7e016655686faa6b7fc09abae036f21c1e0840dcb9132244b |
| SHA512 | ed32e47417d0ee2325a3617a4e6348262d575a10b19f5795c7dcd610c5bab1fd1de844669523d899fffcc2974f88d8f98db078cbcd5df7bc6d8e21d2a02ec11c |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_nextarrow_default.svg
| MD5 | 8c46ec72e24b079d9dc0c294afc925f5 |
| SHA1 | b868cca276b723fb5ea014370ba2cc3fcb31cb3d |
| SHA256 | 760a3b5c15b0394b363f89b31ea6ebd4d3ecc04bdb967780e392e6691fe96386 |
| SHA512 | 9df85f6346e4d7ce2e3d388a2ff37b9629314062ba2bb6c791e5a7d4e4e15a57a0ce66bcbbcf4dc52d3630cd284d6b8cebd2f5d8879b577b3404f63c2c294f6b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_newfolder-default.svg
| MD5 | a331908f5bf9cd20d0977d2fea01bbe8 |
| SHA1 | 2cd07798bbb117af06a6cc04c0fe44f9ca8a4b98 |
| SHA256 | 5fd4ab7698f69590ce12012fc9e72d9cb6876d7d0bee743dddac33bd9764c009 |
| SHA512 | e910780c6d213c9e5853f41d24d59d87ac5de8993aaea7d8ac1ea060fbe83f249ed0508d7159c00c5af5939df353391969ca07f1865be7c34d0eb25b35839db5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_move_18.svg
| MD5 | 5bd2c801ad0b720370cfd8ceb73fe374 |
| SHA1 | ddec5669348a2706577e09c75fdb279da6b5e186 |
| SHA256 | 429403753b074add0752d702f78642edfcd879996f50a549790600ea51b43a01 |
| SHA512 | 332be1c80f7acdabddcb0a9d07669c82b06e0643cb919578b70dbf3591d36915a673a8dcc8a69b2466c505da970b828bdd4748ea6ab9ce6ec146610374c029f9 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\root\ui-strings.js
| MD5 | bb046073c9df27e04fd8afba8fb83ae3 |
| SHA1 | 6c4151a5629302d6de59820e98d92a0f8aaff67e |
| SHA256 | c98902555d3fc1fd24d55047fd369abc0b4139b672f98108feb3b26b9ab6cfa7 |
| SHA512 | d4e9686fb208d56c877e1b0c6d8a4c1fa680faeeb7e73aa58535dc43ec980267fbdec93193809062f922b7a66fa93c15a59e0c95ccff8071af3fe9dd38fc3173 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\root\ui-strings.js
| MD5 | 56c41dc0e88fec6ef81ee2a1a6049386 |
| SHA1 | c4545803975f417c19c7274a3ed221563ea3535b |
| SHA256 | 440e675d52ea00da87ade211ec8718b3f1041ad9097dfad0d3ac1a1c857ce9b9 |
| SHA512 | 9ddd50fecb2bd586e6fef33c33f98fbb6882ec541ad650b0a254bcec4b24001dfe42fdc2aff66d4197902130c3f9a095b9ced0fd0ed740c724309f8f16907c42 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\root\ui-strings.js
| MD5 | 74f021c966d7fbe63fbbff2cbd9195ce |
| SHA1 | d63d7e65cb35f1c6b1d5fab5304bdf4bde6ce20e |
| SHA256 | 4b1dea74bccf69a437f9f8ace7bd3400d3bcc4b25d01f272846c322e19d81596 |
| SHA512 | f64c6b2a025ed4e3dc219a1b8443d9f433cc3c34f88d022729331fbe3b461dac4629098e501b79111bdc59746aeb0ff39ce35ee0835a53443773d0e3b18acd04 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\he-il\ui-strings.js
| MD5 | 192d47c33674deb38e0a1aa8ad6cbde8 |
| SHA1 | d7036b546a53c7b738b6043749eea66ac0297cc8 |
| SHA256 | 1e4da39d874d49686e16e44a6d954f40b6e2dc04de829be87e43a18dc462a947 |
| SHA512 | a308cab3cd4b4b7076b997fcdbef0923127f999cc0446783fa35688f3488df1524de1421f5854f9011dd3458079bdcbb58cdf3e0e94512ae8dbecb0bb10901ab |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\root\ui-strings.js
| MD5 | 873cbea06a07e32652d21032b029a0f1 |
| SHA1 | e4c9a78c01e76e87d02627dfade52deb1777b3bc |
| SHA256 | d6241b9facd4467789a26bbecfd2152cb104b2836119b647e04434eab28c0e48 |
| SHA512 | ba6b6cfabaa9cb1b41fe24242916fe228b10e5a7192fa14939e556599bba722ceb0ed5e731b347e442c38a75a300be3c5941d3a33c6020da2a739f71ea95604f |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\root\ui-strings.js
| MD5 | 798406f6a89d12b7c6aecd66aa1e998c |
| SHA1 | 332a2a5374c44f6f55637f33ed87b698b9783ab0 |
| SHA256 | 2e357c620fcfc64f5a1190d1bfbd790d727974cda035f287e38ea5d5ecf16b6c |
| SHA512 | b049dd4f0863dd481b62f60ff2b87772e0889856bd00001df3cedd66a00acde99adb9b154e81e01e81a785c695f63cb6f10baf9031535a2de4d2f61780aa007a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\convertpdf-tool-view.js
| MD5 | aa3696ef05cf812890deeb060dfde73c |
| SHA1 | 9b9d68395c9e6d20f0106914de31a83257532b2b |
| SHA256 | 6e9f95ba5fc48f0b13ddbd50967a06ce35ed3050d4e4be2bbb09d37d6c4cf88d |
| SHA512 | dc495fd474fb3fbec4f2bbb3b925e2a2c3e850581fee2cc0bafb3b0de7b98b62b2a9f6d13d70a797fad92b8e750bcdd2a8f934d4886deab4cc0fd9952664fb65 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\convertpdf-selector.js
| MD5 | 7762dc9a1327d61b1a2bbcece677b47d |
| SHA1 | 77d7276c1da4b09390a74137afacd7539f8ad695 |
| SHA256 | 3a41f7ebcf81962ec3797411d9b082cf43407b54b035b240376cfc164910c3d0 |
| SHA512 | 0b033eb663114e76dd46bede9cde79801dd121e52a67f68b27733d1955b6948c6b5408ecc8ba650234c6a3e61ef82b025ae133b3b3cf4fcc5e64b5b1dee6e15c |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\root\ui-strings.js
| MD5 | 29efc500d2414580e56cbe09ff579e85 |
| SHA1 | 724cca2faf4a57a848afd197a649b9a22f091870 |
| SHA256 | 812e1c6b12a310f363fec6d7c6139d926f7f0ce174ca2eae7351867d2bc12ce9 |
| SHA512 | eb0d160eb49b0b990273f9859805e60a8db43a80985b3f2f5fc343bd9510365e10cade436ba2fbacfe54c684fb850492f5f3356ec7aa9edaa88c4dfbff36d16a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\root\ui-strings.js
| MD5 | ed47e4f9b99f94b9391730567c1d23db |
| SHA1 | 006802273f0054f8b431fc1ba427e7a1a605ec8d |
| SHA256 | 13ee9bcba26640b3ee54779bc7d8110aae9523472f9fc4b35c41d2664362a304 |
| SHA512 | c7b1040efabe0f3512a2d9213e61a978e9d001416bbcefee82794006aa763481cf33e48bc1add4ac4725fb72b2d9ed86f7134a909e212971a8b4934d10edcdbf |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png
| MD5 | bb289a0fb0d9a9d97727b31e3d6177ad |
| SHA1 | 0dec13ec4b0a7b1472dcbeb7736a09220e320621 |
| SHA256 | 639bce45539ae91fc8c300a31efdb922a86cff3561a6e1562f5e17576c3258b7 |
| SHA512 | 9efb302072652ca856101953fc205286c9f035636d6f76a9eb9b8772bcdcebe0c2f519f257d788a589f1d1165ed2a9be2f716340e4d209e9bc36267f1d9eb9ce |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png
| MD5 | 731b682028886506554b946d91fbb681 |
| SHA1 | b2a279a5cbf0fd17e22cd281a54150e39b7527d1 |
| SHA256 | 3d0dbb40dc93fb400fec0180a4cf640c44ee44a6dd2158148cd0ca9dbbe1add2 |
| SHA512 | 0f990bfb844776bb0454ecc48842515fe268aec5926a006fbde91dd9a04d5a472bb521a7fe6abcbd7920cc8bc59c4503dae5b85ae6e4a341be7f6639d11f3163 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png
| MD5 | dcc4b79b77b7e5efb468d5390320a2d9 |
| SHA1 | ca961d481999e8679c776c474eb1f971cfa0d65b |
| SHA256 | 228fb3bbf13bab943164c4d5a8bb85cd97b5a787ed20b7df6b49eec348c5bf12 |
| SHA512 | c80ea34b7cd96e66b24c0b9622157ffe5934afb7f58450a30ed021ba80f82a7e206bb6210b9d35ee62a25d122a1cdb189c682ef9cb5b4df0d75bfa48f5ad3e53 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png
| MD5 | 33d9f52ae6fa4098e143e1f1d25585dc |
| SHA1 | e6e030e3b2dde34550cf30fee156b215b0e2693a |
| SHA256 | 7e34a7d998d36499953308c46b97bf6c137fa065ca1dfadcb1057352bfd66ae4 |
| SHA512 | abf154b1a41b9430a1625c8aa899eb9d2f91d756fca58acef46b14f93bcf1031aac15adba01ed9de83f688e9e15bcb2dba224a6f3198673a28539d9454356710 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png
| MD5 | 0186a33726cbb0f3f3fecd01fc359744 |
| SHA1 | 54273dcf42c134f610563265f87f42b2ceb1e1de |
| SHA256 | b59799014cf0f937067a9bbefcb52a4ba8a491841424f6b549727fb892a2c626 |
| SHA512 | 215b51b852e5e024b10219198b3adf15dfed0b5efa87609193204fdf18171844ddb38f231cc12901a28625715c262172abe6c69a9941988ed4bc5d7a11d3f951 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png
| MD5 | 19094975d6c0990e3d8f82e065d38c90 |
| SHA1 | 592de8446a5087980bb34f7c620df34a727a5c83 |
| SHA256 | e5c04967542e87546f80d6bdd8057ca7d53682caaf1d1a9f2759b64f89a8182a |
| SHA512 | 017e564d4886a73986ff082ea88f0f9fc9edb9dfa082fa7ee5d6890973c48c374919c58a3accae59dd223f174da98fdd0378304fe8c668c1969bee3d111e925f |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-ma\ui-strings.js
| MD5 | 558fda65652841268346c8d578684b88 |
| SHA1 | a8960dd43193a2016d82e655193049cb1ec6f6d4 |
| SHA256 | 7d45a28420336ce887911269737d69f60d324c534f3d1d65308483faae1b2ef9 |
| SHA512 | e422999f66a10d44c4c425fde9ccba7d48cd610d154250dae61314826d1e5f17248acfcdb4b46408213de1e3c71763ca8c26f696e124198b42f542bc68311d2e |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png
| MD5 | 86b502eb04d99b4450a31edf8aa8f8aa |
| SHA1 | 9cbed0a04516212243c4c2c12cdc6924a71495ee |
| SHA256 | 18dd6ad039e30378ca8a593897bef3f26a0f29ff8ad691da10b92b676df64287 |
| SHA512 | 8d61cbda45b70c2da96477b94b3e4f4b64f058d7bf4c7d68dc18da49cce90d0e0aebbd7eb57cc2aab73372cb39abc2afa95b59c7a08ac2723a4db3fcbb44a004 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png
| MD5 | d2b93c56bf15c51795b0ab17525ada7a |
| SHA1 | 167adfa535e3cd2b21f1f8f99142866f4deb6cae |
| SHA256 | ac3f12b535418895730284c308157ce0a13270dfe67987dab1cec59b840b9241 |
| SHA512 | 2b4f25dfa7e3ffb17bb5b16b377215e20601fe9a35315d9b1e095822681164a35a61cbebaa70a452ac8784da952a9d0477294804bb6d9977be2616114e87ec58 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\example_icons2x.png
| MD5 | 650329f5651b8dfc54e2e54d44770046 |
| SHA1 | 2254ab983338418f3ad816174e8a413121c6dd25 |
| SHA256 | 3932223875b35d39347417dceddbedd32c4dd40ed80ac106eec0bb845c7810ac |
| SHA512 | 4b4410a1fa9b0ab4d17269a39c5f5a235b0b107349c2ce45d1779c03712ece6ca39c8180d65a8d2bb88f8a3b852016b717945e93b77ccb6476e487972061afe7 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\example_icons.png
| MD5 | 65d53a80d675deca356f049514844e3a |
| SHA1 | 4b232f46b7dd67451f01773d65f750690867fe3f |
| SHA256 | 9ab0cfb1ba1eebd90355ea4b8d2dad71662b5049cfa7b3c3380c4d384f2b027c |
| SHA512 | 0df05bd80f62d8434479b84bd55edc78bfbdeb1809aff72571808e5c62078f913117342867011ad0452931ffb5d2cad4ac9ddec1b9ef5d550dd16848edfec227 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\root\ui-strings.js
| MD5 | 837c471ad0822dcba634271074ce1098 |
| SHA1 | 416effe69c646e4ade9a72a7c3cdcba50d0dcca2 |
| SHA256 | 95dc3a833c2db33643c5e74ef9d24d95fdeac320d871ab5c8f09c2cb2715161f |
| SHA512 | 61f1547da785b8f1b16f5c483bed3027c4a5bf4d049af01de778bb8685bbc53ac11a99586ad2fa6a805b35b5ceffe2acbe9e6fab3ed7c9fa2890a4d09a05eed7 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\s_checkbox_selected_18.svg
| MD5 | 54d92accf930f9d4a1d335ced0dd37ba |
| SHA1 | 62a4785ca9afa3873e4ac80fe9464fc8d66e7564 |
| SHA256 | d83946e2b0d49f5c007d0a04a40d709d7db7e335156727b0ea0309a419fce1eb |
| SHA512 | 39124ccb4c433eb494bed46253de3f6226687c1f52c27e92d247231c0eb1cbde062319c4bdc19a2da6de727640030dc8d082026a73274d23a4e14bb1ab1f4da6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\themes\dark\s_checkbox_unselected_18.svg
| MD5 | b8bace947d0a08c8ede4df50a4faf8fe |
| SHA1 | b603729523a54a3d1d8974c6236591fb5f3397b4 |
| SHA256 | a9cc465d98edc7fe83559fbf01f06df8cd5fb7a27ddc6d739d816e09edd3e6aa |
| SHA512 | bc8ab93d0127dcc18494ab74c9200317ac77644ae39452972554e2a83fafaf8d5668445cb285c8c2c8b2d1e8f65448444351c9bcccf5fa8099567cec73a056b3 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\root\ui-strings.js
| MD5 | 360dd472a04b91ce754e68037aa32ec2 |
| SHA1 | e285d75ba8ee9d10a100f7d04fe7170fecd3418b |
| SHA256 | a0dc4850248684f9c35c8273fcb3b9bb94c6c4aeb3ae235161c632d13803020c |
| SHA512 | 023f5999b78643c6d64bc77a251904f94be92c2823d822ee60f26c3d6ca4f3c679c84ed7ecb5f7438c9ec6efd6889aa5aaa536281aaa8cae555bc0ac709ff1a3 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\fr-ma\ui-strings.js
| MD5 | 92657d4e20c8bce0614655ba6fadef63 |
| SHA1 | b1c49ef5c8c7dbc78fd62f2d42c556dcef5e7bf0 |
| SHA256 | dc0cf4447a7264f34dff1a0b618f9d7f8c4cb46f945eac7b1575542fbe2b57df |
| SHA512 | 6cbe247859e588d5e46f911f28e21e4b327483194b100caf2579137896f7c93370f36e160b511d20a5478e56579bc1a4b599d15e4c2e2755ed6d041d7199e73e |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-ma\ui-strings.js
| MD5 | 144073d826888aafadcc6c6f45515e92 |
| SHA1 | dc150df251212ad8a07f0cafc3445cd981c3411c |
| SHA256 | a38fda2039874783a1ed76ba2b39f27b3b60461983477b3d92d9ae83340eea1e |
| SHA512 | cf728f8dde8afb698163ca97d90978c6255a1ad6e6a9550839eb86b45238db6c8f20476c791f427fb3f37b2b7ea68e0827c4d85dfd5462ab191c1855ca915477 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\themes\dark\new_icons_retina.png
| MD5 | dd67cab623090dc422a2cf484e6d3bbb |
| SHA1 | bf98c79fdbdeb809986158c8549dec0a8fabb4f3 |
| SHA256 | 4040b6df7ef783902e6dc0da2a1c56e9c58b51612d4935c293120a8371c50812 |
| SHA512 | 251abf213cbdabc3c61d53dc9d1096f05906fbb9adb79da34bbc4041420adc1a122f2e627fec0e713d3012e32e9d12ba4d602cb7c8ebf3bd2e736f3a5632ca27 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\sl-sl\ui-strings.js
| MD5 | 4b1f323ccc80bfe406bc6fdbad037b6b |
| SHA1 | d9fa396e64016328b39e1298e1c37cb81581291b |
| SHA256 | 1bbf08a96366e3790df142d405d66a58eae3658252d37529ef53029f54da5c28 |
| SHA512 | 72b1433087547e270eaf22405e27bd7b8802c3dce13c0100b2b7c036d9ba31d57955fc3492dcf4901a14f70fae62c8e007f900a4f84a0bfd8a9ffb18e5b493b6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\root\ui-strings.js
| MD5 | 96456d9a151add5d9dd17d7b9addb9f3 |
| SHA1 | d30e8cffe46ad2fe134125131af2257b7bc08e8e |
| SHA256 | 2b247e0fb391d0da79d224e97e2b6426f250f7c701cb4117b149801a0bc93c6b |
| SHA512 | 3fb63466bfb9737974c9b6c7eadcef5e3d6ebaaa9095f9b4ab0fde7cc1f27214d731cdf365291646f9baca0cf77dc93d0d527797a642ad54c19e5d18814c4579 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\illustrations_retina.png
| MD5 | ddc98d185ec1f238619fca25fae15f5d |
| SHA1 | 510855ba9b62d165f5ce47052fe159c9e3afd791 |
| SHA256 | b1c713fcb4a40d3eb2a990d20ac8f00ac5e582fbc6cf07a21045a4598c0ff536 |
| SHA512 | 36bad422090b426cc61ed3043d0832f2408ce550f3d267702754e764a3f16a2fb9e9904ce30ee1f743802831556f7e440df5eeee4563755d6d8a6b537d2a40ba |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\illustrations.png
| MD5 | af6b0ec522ab03a9f0c3fe4f74e4d76d |
| SHA1 | a24c06847df71500c0412bed7ee4ece24f4e2527 |
| SHA256 | 2313b5359d4f0353b8b901c6d3391b38fced07c83749093b340a31412c1037cc |
| SHA512 | 48f4a1cb170fe05c3dc994c8ff3e747ce82647d7399669963102916aaa8f6ff9b967e89196719d61066757c647a7e0f9f71ed7ef7b92baefc3f3e31e6ff2bd8d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\bg_pattern_RHP.png
| MD5 | b7c233119aa1917ddee5baa711d367b3 |
| SHA1 | 6f4130acf111fd8b6325d0e515e3ccf762d15dc0 |
| SHA256 | 2829660d862f6277d55d12d9972fa279ef6f5b2b47c3318428f66629f67c3039 |
| SHA512 | d316a32974402a34d03476e946f95cae2ad5eb0b32d7bf58b91b41a4a9573ebfd4b2707f066a92d30d31dcbffe211ca8a074d675cd66f05c20eb69fb60c4be8a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\ui-strings.js
| MD5 | f8fc29b8c5de70e78fc73a346af9a15b |
| SHA1 | 7bd198d97dfac7d404657c8e0b0c2e8c14c798e9 |
| SHA256 | 557c27394480fa5efed0e6fc981bafd9095cc82d5d6ccbde6824d2f5c89674a2 |
| SHA512 | 1e8b572a5cc8660254320788e6c41ef73a7d3cc254d6337529285af514339f2d4454f7f5f0bd5ae91c4864ba328b034d72073a3f22e49afc64fa5f0db70f2125 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\css\main-selector.css
| MD5 | c311b5697543396032084fe5935ef881 |
| SHA1 | 61f644051c761643ccfebc4b24543185611fa5d3 |
| SHA256 | 53fc8d8969a7f0b49622a63946f9258727ad4db5a58d263b40dc5a5249617db2 |
| SHA512 | 3bd1a23c09c298beda7689a8d3d2f405d4c071bd53b8f392679cb6742bf41314edb4713960b5bf4b40b2d6b9600da73d1193dcd11c864c47f60c44770852b895 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\root\ui-strings.js
| MD5 | df543114988bb0c9d3f6b4fd71472d34 |
| SHA1 | 191637fc393704536df16140257b7ba5bc9cd86f |
| SHA256 | a18466bd75fcb714e26dd0c2877f0fb250622759ea4825b27fc630c4bf224e22 |
| SHA512 | 28dfff1295f77e847fe0c82eb03a6caac3c7946a7776f983b580bcbe319895308aa15aaabe4ae6f5be21995bcd9917b943711cb97b43377ae3ed6c3faf1ab217 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\en-gb\ui-strings.js
| MD5 | 7b14436910f45d11394e09f359d72cf1 |
| SHA1 | 03952c3db74c01d2ae2a27dbd7884ef08b6b3954 |
| SHA256 | 4f0f4735fced2b00bd8a0a27e41a685651a044150b32fd68a048ed13a435b795 |
| SHA512 | 7eb21bb4ed1020532dd31b7d674e4c44ae4f4d8b4e428c0216ca2b0293cc19f86835ff416e98ad81b55040bde7afedd5eb959f97472c25292ab4f46ba4d375c1 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\bg_patterns_header.png
| MD5 | 3ca8b1a083a6e9faa5aeeaa1db119319 |
| SHA1 | a5270402048d8349f1446bf84f619c4e26ff5a30 |
| SHA256 | 87890f5458d5494f9fedcd20b2f01cd1d71532db1cb42794de7f882b3bcca43b |
| SHA512 | f30d80401c100d9bd1b1df764d573661a9f5a7590d7ac7dfadb9b4d323e729d0a5b623682220118533f53dccffe2ffeeaebc39cafac614d7c16cafde3b5ed861 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\themes\dark\new_icons.png
| MD5 | 1474f9e32ef294c71eb6d2ee669ec5b9 |
| SHA1 | 47c8bae901a8baa4bc0583a653dada31315e14bd |
| SHA256 | 27eeab6da4e0015e3cb9450c9b7a3d3aa55eab5631ec842a1e3c5d4f937127a1 |
| SHA512 | 1aaafbe5acf0de150bd0935e1318d0645831b59757a33a9238f5503721e29317b3efbdc5be59933537707e58511797061bc22a49198481f92e6fc04b8b4aa845 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\themes\dark\icons_retina.png
| MD5 | 739957a1b3ee3ac43def1c6089a1824e |
| SHA1 | 35b91a740d91e84363fbee6cac0fb0fa477c3059 |
| SHA256 | 93814eb76c8bdff9666aa4398a5ba7539dd49b97bcabaa4597fb05409a1e4e3e |
| SHA512 | 482c7cc327fd77b43f327667864b1e458feea05dc436ac0f07a0b54ba152727748aa359efdba3faa7b6b3ef457071c7a5ec6e1b4b8a95fd9fa730edc2132a3ca |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\themes\dark\icons_ie8.gif
| MD5 | 07fe597e3e8d55f8e1515fe765cf3d2a |
| SHA1 | 37ac20a141fc920583c58be54b3f1cd78224cda5 |
| SHA256 | 5db9a92e90c2394693af1b53c81db5b26d843a206193da1462e609de31406e1f |
| SHA512 | cc2a14f9e916c004743f87f79d19b024b0f9a854cc93884a239b4a628669f4ea7672db4a04b5f3958035b25bb25ffb0861a4cd3e33af66546e734d8dccfb848b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\themes\dark\icons.png
| MD5 | e9c476b0efe86ce8046b520613e2eaa8 |
| SHA1 | c93d6875e965e20408684cd9bb31f4cdff137eae |
| SHA256 | 0d8b7c523679f0710b72740f80533d10da7fae57bdbef8a66eb3f4174223cdd8 |
| SHA512 | 9d8a7adfab269be631d376a11b094a6c6f8bf41e3a1ab04c5f4cd1b0dfe2b18533c48ba776d95e840b3fca1eddd16eafeff806e7db12fdf52a7105da76dd5afe |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\root\ui-strings.js
| MD5 | f94467d26ccbc49dfde0314b588b023d |
| SHA1 | 71f3107d06814cf0259d244f187f7c2577fc0eb5 |
| SHA256 | debaef38454e0a664fd280c88553cc645ec7a7fafeeca352049549813d1618b3 |
| SHA512 | 29f5b268d72ab836e527c5fed302a81109c90d198c36b15d28e52773aea5ef09c1543031a23b2b1b48255e752adc21d8076fd757b4192802fbe905e175f1c1c9 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\root\ui-strings.js
| MD5 | e56166c2587e0a9c8b64f7019a57ee87 |
| SHA1 | 08d7f4f87f25d48dbb3a4c0e3ab614763189925a |
| SHA256 | 4ace53e3ed159614a4c1ebf45169e42b4ceb573f574cf55bd3291b2b2c154fe2 |
| SHA512 | 9ce484867d2aa2099468555ff9a4a4db9dd70263da7cf7b2ecd99a323f9f06041a15042f7990cb6d976cf77d970ef99bcc42c2b000179fe42b8eef87e6107932 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\ui-strings.js
| MD5 | 74555fafd91332a73e8c63e5d7985174 |
| SHA1 | ff7b905b7435db2feefa2aff2e947d90969423c0 |
| SHA256 | 2399d98cdfdbcefd80989078ca9e7df8217954144c4ac494d8d362e9ddc8ad97 |
| SHA512 | b50a79529aa5e243853cb67e173d81f68135ecf88fa78bd333b51403b9f527f9c8b228dd4e675f0082bc318df919cd179f6eea6fb08be2ac8f76101343586ff6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\root\ui-strings.js
| MD5 | a9821b6f3d239e23291a0b18a7f34fc1 |
| SHA1 | ded853f41461c0be1b3ccba2a414ea1d5a1c0782 |
| SHA256 | 960d50178f5ad62fe3c456b003e615defc49e3f15fb0eb6a0cb165383cbcf582 |
| SHA512 | 70e3b8317ff4046002d06b5e7f00e72b6f24a8ebdc3fac190569c9785720be4872107f982bf0e2caef3ee9653e3046459a41ac66dbfb97ddac4226ca18e1067a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\en_get.svg
| MD5 | 8f93e7671191d0cf977b25951ba52e71 |
| SHA1 | 31951a798a1b902e69fd24a0d48d94043a8248a3 |
| SHA256 | dee7b31391dd1d8235d574a995238dbdc9a0514165bfa45eef91851a3199028d |
| SHA512 | 54f388c0d16534cf9e472f915b8c76ce7000e583f7b6cb66e14bac14415179c7e474a2fb8956ae480a06d0ba9f8e8682313a57a3f3104859cc8281115106eea0 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\root\ui-strings.js
| MD5 | 59e9d7e8c4606cacc687cf9e09f47cf0 |
| SHA1 | d55e39f6ff6eabc1ef82d9b5d1900e0c3d53bb07 |
| SHA256 | aeb76cb3750769f22dbcefc213c20a9d0d402502fb8c8badbf4949b61d6dbb75 |
| SHA512 | 8cbcfd61c5495434dc37ca19b92ba1c8bdf33e744453e795fecea9d8f65d181170f158ff78e49f320214df14f97ff45a30c737fb1cc5b3b4e87d48c793bfe184 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\root\ui-strings.js
| MD5 | c8e8f2cde7892c9f8fba8b89876b7ee8 |
| SHA1 | 01fa70f961853498a14c952750abe75fffd48928 |
| SHA256 | a0929a489fcc2df003d816948f1e40ba583693ab079192e4829af62a1ff3801e |
| SHA512 | 5550f4e73bf9f45c9d6c94b0d380a1770cfe9a25b09dcf29b2f06070a2dcc9356e8a934a73dc22a268c8f7c473cc91e108d17069dd9b871f57182724262d96d6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\root\ui-strings.js
| MD5 | 88c6c1d180bcb69af59029ed6f0fddf4 |
| SHA1 | fdf200a7c3d066ace9757fa88d76c4097e01c40b |
| SHA256 | 5b4aeda17d1e6df5d77864f2153b9599a7af4a9ac74402be2acf1750c1d06b59 |
| SHA512 | 9f6734574bb555a45f81d4705f6493df06bfdbc60a101c4d52f607718fc158715aa785846cc7c0b05cd79a29bd351690cc7a57714c10e34242e1cd0079a5188b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main-selector.css
| MD5 | 35c96d45cd60fd48241b2ccd2f5cc06c |
| SHA1 | 7a669011e1a97c24ae049fdb06f74766ed5a5b7b |
| SHA256 | 5f1ab2bb4862ae4add2f76d89e136adbbde78278b68e11f15596759b6e5ab049 |
| SHA512 | 51ce7dc13f02da2ad832f9c2467ce555232a5bf34678aa28e8ecb3fb20791e4881ed259ddb9ff17113d2a5fbf1cfeae100f7c505c182538756c823f5c263f840 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\sv_get.svg
| MD5 | e316dda702cfe5be2e230d82796a058f |
| SHA1 | c4c772ba87c8e6bc840b0f0b20d74ded8c92c220 |
| SHA256 | 7424b64e7c523e20760ff4b29ff2671c99450c63a6eef07a9177c2e0306fe631 |
| SHA512 | 988518e9fd0de37d7358ae235ca9c563545bc1dcabd9a7b36badf8ca278e6520bbefa8df95a42d5f5824c313afdc3eee61b1290d728307ed8152c3d83b00b44c |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\ko_get.svg
| MD5 | 488267345df46234bebd3689155d24dd |
| SHA1 | c79d4b8cc308301a8b18b058026088a09e8a0f86 |
| SHA256 | d049262bacb8cca9c21f96fe18d4b18f334e0e4773812b0e9127927dce1118cf |
| SHA512 | 912e819fe1fe73c9147b15a38eb9ed085ce7c281d110876db5e2db4a96427bd0faa2441cc97ac7e74d2e484889fe3b9cf69844aa49e602c03eb87f4645b9d144 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\it_get.svg
| MD5 | 8b4a3a9f20e53ded3331a44d9b81c724 |
| SHA1 | 4afa01e77d6ac8f826f928128e68112b0c005f99 |
| SHA256 | 044031fa68e25414444ff9ec408c7627f6b2a4de9b7473b6b7c625d288d922e2 |
| SHA512 | c84d956d9734b699c9bdae3f43eacbb8f2bb65bb6a9900c16acec61be84b9ada51dde571da93b7930aa38932b74b931733762723bfa4d859f76a566f66e826b2 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\fr_get.svg
| MD5 | f2540d1e9023db864399db312490e601 |
| SHA1 | 2908b2ea33c07701c9fc0c26e66748b687dcd6c6 |
| SHA256 | abc35c99c8d054e6392ef65bef78c49238dba952f9f714d2c816a5fe5752bc35 |
| SHA512 | c9fbdf85db2108553969e06603d1f688cba7d213016eb37c6d91107111a3035509c00bc0de4f9fc4831d4ed9463bc54d95319b27ddf0d15f8a6f35c76686e486 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\fi_get.svg
| MD5 | 6495d70b8d5015812a32b8825e811eba |
| SHA1 | a4abdb1059e9c401be9d05d265584708d081ba98 |
| SHA256 | 0e7877243f40d8db878664a2e6b0491c727fd84dc2ef4975bd22c093bbffa105 |
| SHA512 | 600688866d1db255f9b06bb7ffef11605a17ca98e1d795865915e9b474bbcdb4e4065692e8806a3b63dcec53d7d5d872e088d2ec1b7b4dfb024ef2d164a31609 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\es-419_get.svg
| MD5 | e4acb36d5262db685f537dfc1f4442a9 |
| SHA1 | ad99ddc7d8a42def7f63ee4e0167f4e4d95a30cd |
| SHA256 | affc8a01ae4140f0e42e26f650409ad310ef0caf814c36e27d2a8d9671349153 |
| SHA512 | 89075341910d119c3145941f2b7b3f0f763592dca8250d8322701ad7c56042965620e4da49a30230f1b8aac79dcf1d247b2e0fd60b45b549ab34323a172ff982 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\de_get.svg
| MD5 | 965e7a6e82f78af8a4097e35abc6dc5f |
| SHA1 | 95c93c914866e2da2f333dd370048b42f78b75cf |
| SHA256 | 2f7111821d768ec4522d63c5b1478559d2efa051de56e9413473c944ae8c0ee3 |
| SHA512 | 907492f945c1e3ffcd437082d6d17ff4f7d4d52ebd5da95ffccaa2d689303496ef72e1ebe9d05ee5ff37c49c3a3e828cda64bef41f6afe74e03212ed3db0813d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\da_get.svg
| MD5 | 033889d2c2721e7d45e8c76eeacf48a8 |
| SHA1 | 8a57ff44464c8f60ff72a73a55f0dca4274bd30a |
| SHA256 | 4c13373696397b03fa14751e1330ee2acdc967b0042087ff53c4ef5641c1d9f5 |
| SHA512 | 01ecf6a6d6552bdfd63833f77242656c391971fc4c456c8372f78e2e6ab74af8ac4d467811f64e961a47b1a6d3b3b932ad7864b72ef2a69c8d85295032c9692f |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\cs_get.svg
| MD5 | 6db5407ced35885b134866b7037d8005 |
| SHA1 | 6edb96bfa4121d979e0d3d2d91401ab436536143 |
| SHA256 | 6f3e353379dd5d195f804866a7866f12ba23f67b348abfd0b27da479fb95125b |
| SHA512 | 7f2eda1b414960937d5dc72c0eabbc5c15f461d60ec1056da8416dc117b43714451ca03b78a6dafd8df49a988639f5b4c7d75b84673c747de2766ac37b3c1b98 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_zh_tw_135x40.svg
| MD5 | 112f23acf8b746849421ce188fc06eca |
| SHA1 | f3872afb985589001cfbf31904dc46fdf0220e50 |
| SHA256 | ae01e4f88b5dd7f642d01a2eeee37262fc1a9a88a1e0f63df3a73ea2c126d55e |
| SHA512 | d26cc778a821273a43c3e05c3a39d84741c712954f6587e54ef9520852ed9705ec5acf72a686b15a7bf4605f8b535c3b1abb130a1d6d89af4e7a76c2eb560292 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_zh_cn_135x40.svg
| MD5 | be0d188f72ccbe5bf228ef8c8661dc86 |
| SHA1 | eb058b0f744b058fa977cf8ec049a9a70f49e80b |
| SHA256 | 5547b21b6d907099edead0248d2bb1d5aa0ffdae7912c16c937d0026c2b29b60 |
| SHA512 | 5ef4b0b15a9fdbd100fbc56c9527d8638066d8568e8a13c13a423cfc6cbbd1b96bdc71ec7a6229e5552ed704f693a202e6d5883451d3c25dc68345063db263e5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_tr_135x40.svg
| MD5 | c10ca7e72a6df8f1fa71bf3a7712afb4 |
| SHA1 | f972e7764d51076a586bd23935ec8e7b15b83f20 |
| SHA256 | f9c9124af20c76aca15cfdf4df244c8b90ab95b8aaab1b6a2c4cba5b3c984464 |
| SHA512 | 00bddb569010880c8e9e450aba30b3a5559c346906c0e1a6a42da018b967e3d482893ad55e4fa38906ecd4d6b14816e399db87c0d22f07d58ee0ec6d74f41843 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_sv_135x40.svg
| MD5 | b2d2b20a870b62c5ca6d8222761915d2 |
| SHA1 | eea28f029a1b97d53ddc3c9571bd67fed86069ff |
| SHA256 | 27f662ef69e93811cd433847777ee41a6cf20c8bb8488f58602829bde6ec0761 |
| SHA512 | 3a6e219ca8c41a11e22a6708d590c7e756d424d541ae8f906da8453cc8739e042fdb2e0db185d490dfc07ac8be6304c7b3cb15a1a9b6495ddac3a6e1f229a8d7 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_ru_135x40.svg
| MD5 | 22502fd8cfee550a893990c520cce898 |
| SHA1 | 9b94e12aa46c48ab031a6ed49976e52d1ce480bf |
| SHA256 | c327d0069518220c1ebbbd2ea3cd8794927b88f4df18823420e7ea3071dd8daf |
| SHA512 | ea8e774e7a8c15a2e27141d9179355948051b00c1d4b1d4b94806e1dbbff9a8b111d22ec4e25f6b15fe0331dfe9fc3c0cdf4280212145ab032235b79702df159 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_pt_135x40.svg
| MD5 | 032645b1d2e90d7bf76d022d1306ccb2 |
| SHA1 | 32f2896723283a659db205f330d6ec9d2184b9c9 |
| SHA256 | ec3080843f182c8d2b04ed0f385217fec836198ec99c7fb516e2dd0acb2346fa |
| SHA512 | 3dd570bd8b5dcf7c35e722be7525fd124dde7a8726e5f1193bb8f592c1e2068511d5382a5b0305254887861b9b71fa75e68bb5b5b75d87f50af335e43769d586 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_pl_135x40.svg
| MD5 | c3a5cb5296cfaaa3d906e8f9bb1fb036 |
| SHA1 | bc5579532a14ae41c6cea6a86becc20cdad37fd8 |
| SHA256 | ed2b1b75ca9b1e0f9e0f4decc5d2cdb7ec0659a20cc444888c6f783c7b240958 |
| SHA512 | 173b0ac152a24d438463023fa5896b32051b3ee70eb0c2e85949d2c04c2a425d24871dec31830fe0af969692efeb71296a156d10c06a51325b7b88bd0854bec6 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_nb_135x40.svg
| MD5 | 7353e5f86915f25bd1f9a5daa8085c9c |
| SHA1 | 37068399aa8d0fa1a85530d2fde7b6c2bb316e55 |
| SHA256 | c89c07f8280990bc9c7ec5261ca11b7438881edadf045f63b755c444f946904a |
| SHA512 | b134c54c2e9bf5a60ec8e7c864629c7ef97d1dec5636197fc1be4778bc5b7cc7f158ead9f3b25c3aad4a3c2ee8d48e787c702263bf95dd6563879807ca41af98 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_ko_135x40.svg
| MD5 | e5e4b3dc54d2a3d4dafcb53b58c58399 |
| SHA1 | 65a68f9b05e8ae682997ab48c19b21cd0079f28d |
| SHA256 | c3f1af7552bce6eb58046e04ce001cd0e2ac1f1a757a6bc27a7eea3d5036364e |
| SHA512 | ce993f969e85765aaf17b04ef48d6afaf9fd2050079a3894a5813042c971d2f5c65eec9d4444934702788bb888157360caedeb782dfef433791a21f32c05f97a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_ja_135x40.svg
| MD5 | 695e552930dca85531ad9a8c38636396 |
| SHA1 | 579307ea110aab4f98c20b56811fbc741ae8f1fd |
| SHA256 | 417177cf6478d82ab14023bc41a68672395fe0c41eba77b6686dd6f3505c930c |
| SHA512 | 1013df9c77d65f2dd37be00d852623d6b0cfe41c301a0eb960b0900192f69da72f8da82bd594e7be6e9156af79f8d02c6c69c90052e823956cc643cf389fdd83 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_it_135x40.svg
| MD5 | 013d01bdafcbbdefee8a362ddb1d5365 |
| SHA1 | 0f69665761f524ebf3a892abfb5c634a516cba6d |
| SHA256 | e12996b18a7b6639a54e023ab168a3f8b21347b8bb38580a83a7a1e1f5633e2b |
| SHA512 | 40506f9a9305d14bc488e2b6fcafb3a15eb9e3056cd955dddd12e8260702e80839f8e6f70b0d1c22f5e226c76491cde56cf3c7191c0963bf7ae004862a68bba1 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_fr_135x40.svg
| MD5 | 5e6985a28dd36527b872638b0b3c3752 |
| SHA1 | 508ec33a4294a703ae7c9190178d1ebb40b8105c |
| SHA256 | 0a4c1b865951b9fcbc9f1422bcc042c86abf8791974ce917a2d2933843dde4ee |
| SHA512 | 03b8af4dd440a61e1035bef6c8a92d286be936b0b8a84ad62f847fd546bc55e9bd61996fe6d15b7affdbbdf2a2e674c2f117f82661c567f2899e3df66484f254 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_fi_135x40.svg
| MD5 | 9a6118bcdd60841f13bdd3566f653889 |
| SHA1 | eaf568f498c0871d353b5284f0021c73b081bd38 |
| SHA256 | dfcbb036ad643ac308bd2a30af30ba01c1b01103268757cfcdff014e1c713366 |
| SHA512 | b4a6e1257ac40f8599301d11e123a52a8a49bcbf93eb4f3004c995b4b525d2aa022a21f3d01256328d055c540fea1affa28b5546ff7bd0a4022834c7803e3291 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_es_135x40.svg
| MD5 | 66f4cfec9350528072a1a21d556ead00 |
| SHA1 | cdac1a6654f679337ceae3225e68722b39455351 |
| SHA256 | d65fb2fbd7a1ddcf9b368c1239dfc6c64d33c5fd95c85e5fdd9b49a3949a438f |
| SHA512 | 2726d43ae08551cb87f8a33445ca05f7369a645e17d98eb336fb70c5a06c7dc9bd994ffbad575c53eca45a2965471023519810b14c6199fe5a652afa94032719 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\ru_get.svg
| MD5 | 46e0ff7d485d08bdc87ed5a933d66f51 |
| SHA1 | a1bfb6e49e683cd153d9af40f4ebf0cf9e5232df |
| SHA256 | 3694cb63ff97fdb24fad9cce38efbc96d3539f896ae8a864fc9f6c882a68cc7e |
| SHA512 | 652a9302e445c7d70fd70ea0cc082dcc1458b6425701c535e628ce41c33504e1c0155ea42a2ccbfeb80607a43e5097376118607d71fa890c8ce5bf469f71ff37 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\pt-br_get.svg
| MD5 | c7e10ba9487876c57025df06c42bcb0d |
| SHA1 | 2f09649831080fbe1a4411f59b119050177307a9 |
| SHA256 | ff5e6a3b896a829ee542cb186d1f80de7ff6862409da8b9697384d9a08bcc241 |
| SHA512 | 8609048617d520a762999541240c10c35b187cbd3efc2a5f67fc308f4f331000d6c3bf73931d768990c0018be958a9c986d7d8a12a02a7b52a6318a5953c93b3 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\pl_get.svg
| MD5 | 33eb28eff094d330fa061fcd3324e26e |
| SHA1 | 3ae665327a74160c62f0203c791e3ec437537739 |
| SHA256 | d2a04ab32eaab7e346bb855b6768e844e7d95734deecad0440e71d3b1e17296b |
| SHA512 | d309131fd50ee17bdb56f58790aa5c3990e324554c7c6cf7966de6527a1546cfd933bedfff391cac22db5df8426ace9df96eea6d38beba88e37fa74d913cdd5d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\no_get.svg
| MD5 | bb57c430cb4f7af34b1841229da9076f |
| SHA1 | 7935478cd6a7acf551348203d191d57aeb62ca4e |
| SHA256 | bd9d93dfc80380e19cc5d560483cadb7eedeecccf1a6fbbd17ef3f35562968ef |
| SHA512 | 56c19fa09b6fa67a47b5ad6a4771b16c286ade5487fd36599ca53ff95af059d2ef761a16163b66d9629f00710eddd7a27b6955a9fe08d01761e6175e400bcfc0 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_de_135x40.svg
| MD5 | cbb881da35c5a52f0ef8e0a3a1cbe91e |
| SHA1 | 987ad9a1b6168b67a903bf5aa3300a895fa475e6 |
| SHA256 | 31130180f2533efb3b2e0db55e564807798e77b2d991a37a5888a206679295f8 |
| SHA512 | 1956ca8ab236e9edbe92a1848afa02157ba73de89094a3d041e49ffda3de7f1e5aacd3bac76bafa7c7902ea5ae365edfbb5b3239546cfd9b60030e1729fd2e26 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_da_135x40.svg
| MD5 | ec0f636d1984f9acd27d34edb4efb58b |
| SHA1 | 2818bfb4aad828566de71b5e4b033c3c05441c59 |
| SHA256 | f9037730d6fbe2f9ab3d66bfe3aa002e7aad1caadb6514f399a8b30ef8eb4044 |
| SHA512 | 913ba48341256e53f599bdd8cf570d9e569dfc083c6e13e1c632135197d992323ca86d09951aa14c41d9923d8d6a286acd837061eebfe8864186e75c3f106193 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_cs_135x40.svg
| MD5 | 969b8320810d690d8b7ef009ed785722 |
| SHA1 | c5b13bde82dfaf84b6990811d4d84ab1973c1034 |
| SHA256 | 633fa842a581cb5fef8f9b4db050c2115dcb74a1092d4e3f1763f8ca66e2d9fe |
| SHA512 | a8735316e77b31d619a8f418519d2c6696bdaa8f4eca717cdce22981842e25404218b0996c109259d73ebcc609cd16f3cb515abd044c6e552c85ed7ab06f6dc4 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\zh-tw_get.svg
| MD5 | 088e717c138ee34e2051e1eabaeff2a4 |
| SHA1 | a074f6068a2560e7993e54eaf61d434f9e24ffbf |
| SHA256 | 3fa845c511ef57e788132c47f4f4c181e61893052a152c620c50ed7eccff79f9 |
| SHA512 | 3ee8bb23c39275a05a2e7f7d5644b1104a9549bcbef6aae2f3b91ef9074b048503bffb261ced187e22bb0c648da60bd1691e51dcf11f4de6752a254dbe8ce053 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\zh-cn_get.svg
| MD5 | 973aa7cbd9aa31f12752517af76363c4 |
| SHA1 | 33813b3971580150e9911dee23ca45d0c970e89a |
| SHA256 | c02c0765478c59168a2ff3c41efa073286eb5659500e3e4833e6e9f2d4402d6c |
| SHA512 | ab422917ed1e355262550d5e378cbafbc5ca34ae9e47df1ae04da9f09abe01236f8058e4237647b5735e68ff2957c2a430f48b8de186bb2abd76a6297775e7b1 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\tr_get.svg
| MD5 | e78bf445a1f9722f240950aabaf89529 |
| SHA1 | fe40e40ebb67b420666c3c5255d898f861c46fee |
| SHA256 | b3e80a3058ef70d58bbc39329d3b3e8817b9e810bf73e21535b9b0748a85e734 |
| SHA512 | ddae8f67acba43fc73dd28832351bf44dac734b53f0542e78e29241cd164573c7161acd4bffa6fc81f79cb51b84bde6b305e0ad5a233d03210faba2aa3762854 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\ui-strings.js
| MD5 | b72047fb78e955cfce4cd66b60809fba |
| SHA1 | 67feed2027d4ec5064ffa5645894258318fb8b07 |
| SHA256 | 1e5e0241db72f90edbd97c15aa732bb574ba43ea287964106f698a5db8513c55 |
| SHA512 | 4fd317fed9246b15f48cb4861541ba0f6637387c42174bc3b5f035b9ec0c1c8925b67ef1ee0fcca04b8a3d9e0b59fa7919c03382d09d38bba7ab6d06f4cd9e7a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\he-il\ui-strings.js
| MD5 | 64341701145775bec1b852f4450cf165 |
| SHA1 | 8cacac83acfe52ffd8f747cad0f7e3780ab2a42d |
| SHA256 | 7d9ce9dd420384678fef57002d6d39cae9addccb7b5021fc23da0ee7b171f753 |
| SHA512 | ee1f7180ca1486da9c37233a8205b6186dcfc79b5a0ad5ea51d10553247832eeadcc2b246ecf76541d73ba0f3e144aabad2a2d0c4d919868b182e5ea7d639e8c |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\css\main.css
| MD5 | f7f630c4b08970bdda80d6e9bc50aa2d |
| SHA1 | 36b7123e8dea3665e9239ebbd90d3f65d1efe92c |
| SHA256 | 50bae6672d3f90889d9ec87039eb503179e396003242116cf385100a2495ef51 |
| SHA512 | dd32aaffd968c7ea382e61aefe914e3e498a26861539de3caf1cbe259becc5ef35347bfa1f8808f87cde61fb06bf8ef7bbc6631e3edbf233ead968c314bc3ac4 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\root\ui-strings.js
| MD5 | b6886e2a92b06386aa110f1218ccbbaf |
| SHA1 | faa05276fecbc208aa7cdb117c230ecb5ed7c95a |
| SHA256 | f5082ada67585d42656145f43d47a1e8a8e16a87a333910213b5bf28bd3e0a12 |
| SHA512 | b10a46a5b7db32c633acc1c057386b55af033f3533eaf23d6ea4f3ec143697fab9ea9600bc5665dc05684c0718874612aec2ca142c3524e6d66d9ff35cbf9230 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\root\ui-strings.js
| MD5 | 1d71402f48bb0958b6f2015a18050505 |
| SHA1 | b41d5092b4035bfb63f8d10b15125dddcf9a105f |
| SHA256 | 80d3aa9a137bd05db41fd415e8411e3a5f2a1416fdcab4d3aecf7632b0cf538a |
| SHA512 | f67b7971baa4a8380d7024e77bdd19482bf531e6196a25800b9b0ac18c1b3d72311f7967084c4dc41d9883a0b807deed31cf216b9e7cebd1e0c4cf480fbdae0e |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\progress.gif
| MD5 | ca3ba94c791b98fc05b4d5b3a08d38b1 |
| SHA1 | 9bc58bed9026eddf9b09a353963c90b9d9f7eb98 |
| SHA256 | ee0e2f434cefee4d703f6775f814a5d960824f45b0b495625c296bfa88afe7b0 |
| SHA512 | 723bf429d0f31e5810f291161f9cc70fb6ec4e0463b41676223c1995b28f9931ebf1c71e0fb7d5a36fd37dbfbe2f9ea98904dfb120ea746e90446a159517227b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\sl-sl\ui-strings.js
| MD5 | 96f56b90f7058eeb53c3a99743d17082 |
| SHA1 | a13a2a84f3a776aadac21df1b0c0441a90a90661 |
| SHA256 | 5683a33282a701b4ab70cb3fbd6cb4d8b767cfda266206fe7e069a9d4a283422 |
| SHA512 | f73cd53c71a7c078f6302eb715d8b75eea02a8b2e2868ede6cbda859bccb433979136d7cbbbe6491a107f0a6ab8dcb3e9cbe27eef91b8530e1c20f00570d2e7d |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\root\ui-strings.js
| MD5 | 77272c06c00aa907b8a608d1e473b542 |
| SHA1 | a682da828530485aa741eb7718e3d25b19fea47c |
| SHA256 | 6fb97bbfd923e0caefa835fa6a2a36343629556397ece18c6f6a520b8e9184e3 |
| SHA512 | 6b5b3e25c6e57988be20a8ea3bb47a05b88e6707826865b33061d6ff83a522862c694906537609b0f895f9137851231e4dee021271ffbc3a454499dd681d1afc |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\css\main-selector.css
| MD5 | 5f47f830a87a0ea54bc0f795c4b99ba1 |
| SHA1 | 709c49d0774a31bfdf0775a4b30cacd765ba6100 |
| SHA256 | f76a30a2591f9d52b66a0e6bde22f3f2bfbc194926ad27f8bfe0c12015aa627c |
| SHA512 | 1fb6e1ea0b7bdc1e5e78c6a0bb7a63ac56c754d95dc4b728f070223b6bbdb7d2f9e0c2ffffe84fdaef98f604e5269d2f74156cebb2204f269c2a4dafd34fce32 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\nb-no\ui-strings.js
| MD5 | db4114ead087a94cdb1a6e27411ce2ff |
| SHA1 | 0e5c7172445ba7e3d418b6e62a6a1a8cf434a62c |
| SHA256 | 639826edc6abb4787d7bc5412484bc20b9c43e4d32400c95aaddce773936c43a |
| SHA512 | dc1e112ed5114ef3842f7c6a32eb584732f3719f146f16aebe1cdb1cd722afb629abebf24ecfae91a259e7616150a4f850d991712132966908439bd7303bbf5b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\faf_icons.png
| MD5 | 772e98184142f6ec5ae45eda77481de8 |
| SHA1 | 9cab297a5e2e80c218e07b81056b23ffa10468d0 |
| SHA256 | 576d26bf58de91dd9cbf8112c5015170759d6e382b9902f35d535a3f41423be7 |
| SHA512 | 4a0de997df42ad60b70cf846261073362c68130112db78c1510ce885eac0855c76897860fae402ec0046c5d1fd45abd969675a95bffeda209364d51408b45cbb |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\s_filter_18.svg
| MD5 | 758b9ab5cad754534104b16ae9390127 |
| SHA1 | 25e28a567d6a50d846e2e8a9349dd35432f4ac0c |
| SHA256 | 0225d10a25b1f38aa58b40b9136141737650aa76448e22f51d8b46b6733d9d01 |
| SHA512 | fde5e028f2c628a79a472a37b46d80125c910a171c7bafb2ed96df76b833b182d0724eb4619c9e111993ac1888a71701d291ac6aee99fdc69f27f3debc847fed |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\s_thumbnailview_18.svg
| MD5 | 46c76a7fdd92d7ca4e44d3e1d4242994 |
| SHA1 | d1bdf953bee6c53c4699d4b6e1a04c7b6cbd9aee |
| SHA256 | 85df945aac9e59e3cb96cdc4d58c0bbd31fd75c490b5a40099de85b055c3a243 |
| SHA512 | 5b7532df6865d19058ceef2598ffc4405b89a11cf6ffd9db9630569d2c99b89627a84fd07fe934d0495cc04e5ce5e6131c6e0ec42ecaff3b588e924b6c2799e5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\s_opencarat_18.svg
| MD5 | 5dd542285347f89807ebdb9a98beeae9 |
| SHA1 | a85d96821aedf0223dd4c11a5d14992d8017bb4a |
| SHA256 | d8322500cd682670c1f4baff1bae490667fc22f61f23ededf3432f6039a0a974 |
| SHA512 | 09d946583f3514cf63caf582ebcc8880e47a6c414a18a5ff0da3963b8e049383224ba382293a3c0213f22e96a12bbbb8235fe7b7f5a3b3c2c1f47254705b466f |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\s_listview_18.svg
| MD5 | 79aaeaebd3459523fdc7406a19295b38 |
| SHA1 | ddf1b5930f5c4f0115d36d2327a154a8cef528e7 |
| SHA256 | 2a415c31d3ef4aa8ca585bc36d992e9c9812a05c99fd577e6f965dfe3c76f272 |
| SHA512 | 9df2d3bd86c2fc577f9107178a9c7b09dd20b38e33d47bfbfde6c21b9870373d2e077a9e2bb18c970f389848014e9e6a5397abea99d1ee735cf768d76f4882db |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\share_icons2x.png
| MD5 | dedf0acde781c0673d952d190d0f62b4 |
| SHA1 | 31f901b8449907627a2970cecff9b3f749acc16f |
| SHA256 | 192cdec0b0e046a328ba484a5443a845aa9d6068e2b23efa8e8748aec29883a4 |
| SHA512 | d1c32979b35caa0d382a8478fb58b282bf96ff68812ecb5c95f0994bf9e66dded07bd57178ae9b62f53ea18dd87c0c8a3d6afea030ac872cb29c505f84bf703b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\share_icons.png
| MD5 | 76d2621a3e64dc6601ef7a66ede48715 |
| SHA1 | ba56658661e07ed776ce5855fdf571c94006c36c |
| SHA256 | bf90d1b51111f36894e4dfe5753f79d46aa05955ea1afab9baf00b7b7db0caf6 |
| SHA512 | 06ed8016ac2d51bf3b38ee931f56b7da0893a756a8e16c883bdd913cc352e72dc0718a7fdc31d8838e28faec5d63b56e389c4e7d24d41db19c31fc5163fcb643 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\nub.png
| MD5 | 496033168731064b2afe407f72eb19ff |
| SHA1 | e9d2386e5cbee9bfcfaec2c53114df5bf037b138 |
| SHA256 | 004c6124bb3b45cce747977fcaff4cb3aae3f11046fd9cca6e0298a09232b96e |
| SHA512 | 5879c0384ca5628139269d95b7984f9ad601818508c4f1f37f5052ec8fe28089035dfa02d7e13528efcda2e9b0d9909f62a5014767945de5a17578e137681c5a |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\illustrations.png
| MD5 | 81eb598385fa98b57d899bdfa9c37f58 |
| SHA1 | c1d191738098da05ef143c7dda462e88ba4e0c3a |
| SHA256 | 96af9c93be2fbbe8fb45cb312b1bc8589b61722fd5c6000ade822aea43876a6b |
| SHA512 | 58a861a82a6a0be69b6f38ab4101a6ebab47887bbd56ec1cde295c2f08ba36cb76ed4736edc04ec8f3d21922809484e63e521a0ad237dc4f90ce6df62d6cc71f |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\dd_arrow_small2x.png
| MD5 | fd6e74552b0c95c39c582d1200394d5a |
| SHA1 | 0dba180f62967016f1ad59fe2ca5d97cfec410b6 |
| SHA256 | 6690773d1d25542ac2cd90ef8710a78713e56576e6613ba1cc92b8f8848d0d00 |
| SHA512 | 8ad84ff61788006a7de26e0ff295706178afb148beea2e6fc6fdf443b36e5902ce135f1a6dda17c302729d85349de698e75fdc90fc192b63551b0ad875925787 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\dd_arrow_small.png
| MD5 | b7d655c4cb3ed48e6ce59ec8530838a0 |
| SHA1 | f659368edac8504307cacd440cdbf8c9a6072f38 |
| SHA256 | 3d4fa4a1f29c3a0a71b9aed46f7c5b500a751d4d837efdb5498290cbd496f03e |
| SHA512 | 5f702f2100d385fecb50bf7468e6efdbfbb3aea94e040eee881759aa4d7b7124837c0f960318645e986e43f03f840cc1b2d51cd14c404fbc5d6124c01bc18169 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview2x.png
| MD5 | 7bb70a9fc9bd036ed64ee461c9d4fd91 |
| SHA1 | 3e9c436610124b2882ecf5ad1a5d6c8b72b2c50a |
| SHA256 | cc345148725ac9d84b45a8810d842c85fbe5c79436420680fa0a0d34acdbe0fb |
| SHA512 | 927fc11445e4e68c26c0ad4e0da34fea347e272660b54f3627cdfc18ca7cfa9a4726e3b7cfe2367d06a1151bee00b69a346b7542e1f5106926c0561f95bd2cca |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview.png
| MD5 | 2ecc9039ac6accf203b327005a59bb6f |
| SHA1 | 5d0f18a726f6b7aac0fb460460148871a67db8c9 |
| SHA256 | d5048b74e8b7a117d41b61187a41c2f52e62accc4f8d7186e731a481da58e96f |
| SHA512 | 498b618cfb7c500ec8c4add2916c1613218e2ed88291496f004cafeb54ad5545a38c5989b24c5e7f7f2d8b9afd7749a97951f10248af25cddc0f93764d078dd7 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\bun.png
| MD5 | bcb0e58d6a58496029f648bb7afe261a |
| SHA1 | 8400d729abb8993fbaa84403fe744db20c141647 |
| SHA256 | c9c662051e1cf93b2ea28af13305759543b6c6fa2cd86167abbb719072c3267e |
| SHA512 | 7b9a215647607942973578093e114f4f0f44d56b8d3bf2ae7a1ee8c1966552c14c8b629f9bd986158af22d6beecb5e7e4f888d3ccb8ea627670a5af9a7821f20 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\root\ui-strings.js
| MD5 | b1d916b8a51112a9e69e5d443798cc5b |
| SHA1 | 41da64b54883833f9dc86b5b82354dc7a542c6fc |
| SHA256 | 244ea8a6abb0a7474e5bc5051a25cffad08f1bb4faeed3dc7b01ef23d4d77d38 |
| SHA512 | 50bb22d5d3122ac498f1d6b7235f5c1238a6405bd0f9a90d75365c7286b22ca623f082eb994c2636f657ee476540c4079192f230e3ec00ceb5a9b650b26ba130 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\root\ui-strings.js
| MD5 | a7f7b5ec94c5a99592b7166fe4e9ee5b |
| SHA1 | 7cc3b573c6d63819e675c8acc22ba7dec8c8cad7 |
| SHA256 | 9b75fe207d86fbb454419807b406c9a11f5a65841a3fe3cf0363a357454309ef |
| SHA512 | 19a662fba892b444fa6b89401f403a6772e1b90879f1f8614d1ee22700a39cca15f2848747dca8678a91328c89c3561ab25a40b824332b5d3ca9a06103dea92b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif
| MD5 | 61c81bc763c78b61ca77144e94d205f2 |
| SHA1 | c216ac408945949ca993efc6e52974d5ab0282da |
| SHA256 | 35a830741f53d5f5db7d857ac0f2f70fbd90c2fb0220b0b1a44c35a847e9e6d6 |
| SHA512 | ad3135d09ba6048da40b4fedd883e362d2bdaa933a2fe1f1f3a8a17b527a7a461a71768c2a63a080d64c3e1c8b22fbcc49fba5b437f78c485c0c56f0f9bb6035 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\sat_logo_2x.png
| MD5 | 4a629f57c14a3055484926dd23ed9045 |
| SHA1 | 0cb34f263933a0fff887f2f0a1a21f549e6eaa06 |
| SHA256 | 539748d00637c10093a9ca77f57044460ce517b62c9bf78673736a0d21fef1d7 |
| SHA512 | 6c34de4889fbb76179eea5656842e835d94d34833a3b179c2ce9c0e84645a1a4737ae600a04726aceaf504e94a69c976303a2bc742fda0e63a7cf0cf3d5e8df9 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-gb\ui-strings.js
| MD5 | f654242ff3d4ea8c35a4299eeaab5bd7 |
| SHA1 | 1f287b681f3b5110e5deea26202da2d878f0914e |
| SHA256 | 861aa27f6fa4323249b4f4d302f0414467992668738247c61e429d1a8bb1068e |
| SHA512 | 0cd1fb4685b35221a7e55820a367338e048cc883770cf2fd648b03d65cca4f706015db50b754bfca973012e59bc7fd8845ec30de0bb9c02c332c57baec45c9f7 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\sat_logo.png
| MD5 | 4d5552fab17c4cf87e96362061c6e0dc |
| SHA1 | 1613417af7bc6d79916e9daf85129a2c9895aae2 |
| SHA256 | 9d0725e1ae835364b96b458375d97b32a7ec5526403660c77f3d4d65b64deae5 |
| SHA512 | 190de9662e6b396ccc0b4af3ea25fd5318a1ff8575ffb49415481d61058b282a32dec3f6fc9975fc18dffd1eae8d0945feb2466ad0eedbcb7298bf753f8270b1 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\themes\dark\logo_retina.png
| MD5 | 11d8d76eb4330819bac59afc70d69fbb |
| SHA1 | c018d2bfca062de9d06d1afce2ac1cc88907c555 |
| SHA256 | 39a5929cff962aa752a8df6e52d6d1b99b49afd90a1f2f04d5c1484a1084c4e2 |
| SHA512 | 0dfe2c810921feb4d1ae801bc84ada6841eda8613321b2b2f478f933f097bd2a1149740c6c094ba93d0fedf7e28c60135a2487784d24d2ba22731462d9ba6da5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\themes\dark\adc_logo.png
| MD5 | bdfdcf17c914a27f256894b563fca841 |
| SHA1 | 43076bc26cacbf4bacde4afdf3c8963d8781263a |
| SHA256 | ea34311447214e5a31d8d89f8fd86231cec584cf6fb4672a6051623eaeb66d9e |
| SHA512 | 0bb635fd12c4f01aaf6cd82685c883a9da149d58144172f10d03b74d747eeb8117124ab2157f209041b7e3a243be684446691ef7cfd643094e27c901b78dcb05 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\root\ui-strings.js
| MD5 | dec1a5ccb3c87cc7b4c4669eb08005ba |
| SHA1 | cb1fd8bb443c324a0b0402f0768085bc88fa1ac1 |
| SHA256 | 19cfd41ea1a55264cad625cebd7438d7f9b0ff0c7b8a8cc22775533fb82fa7bf |
| SHA512 | 9ca4d8fcde6c12a257b789e8146a5642bd0425cf5a4662f3b5d9e2965a5287a9149ae77adc171d24dd110a6eaf47da0a291d538bbe57771e678f05fa2d71b0a3 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\es-es\ui-strings.js
| MD5 | e872ce773cd87f7a8285fb4fb6ddc00c |
| SHA1 | 0f070bfdeac259c72b62280e245a29340b85ad54 |
| SHA256 | 94d8ac9d211b6fe7bc520fd8023f3e24b91b864785f5d32d3e585983b68a82cc |
| SHA512 | 6b8105f8a3c5d05f2d4dc6ce4eecb22c4c229d6ce4532662d8bf37f85c4602b83f53eee9a88be2b284c6203af09d106336e51950be787be8ea8cf90655fe82ab |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\root\ui-strings.js
| MD5 | 7e83af3f042a6e715e70203378504570 |
| SHA1 | 25a76d19c42d3b9aa25bfc43cbd889bfe353ac78 |
| SHA256 | 46a3c297b2f045ade0ee89ec3d6c0b42edb17587b1ca66ccc93de7d7f39d6f0e |
| SHA512 | a9831e5d98146a09e8776d245e6194c0bf1022ebd068bd0545bd81e6f791ac04796aade6b6b24233a21d3a9504f327e4316510bc321bb73baef08c9717f69ddd |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\ui-strings.js
| MD5 | 4b0425a48622522ce94b4fc0d5423941 |
| SHA1 | 642a7b2c29c65a6b7f518892e60babfb41d11466 |
| SHA256 | efd45472455dbda2e88e5e10d986a15ed44fb7921681651b605ce2d9ede10b58 |
| SHA512 | bee1161ee91b19d5bff572cad212d26808416c875f96db64c246917aa3e0e3e9eb467bacce8bc65ff55f98c3c46df4c8ab6d49049255735050bd678f7622180b |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\root\ui-strings.js
| MD5 | f9ea283addfcec08b8393a673ea0c22e |
| SHA1 | 37470b7531dcea4461deb8c9ae2329d7c197409a |
| SHA256 | c5638db08d2d07d51181d6becd4070473b16491cf3cdb34dd7e4173172e7893d |
| SHA512 | 95c1723d8b591b1657cab70a07b4678eeaffecc56256f49c2dc2cdfa8a115e24c986d26251ebb1df05a1cc9d14b0cdc6ae6479a56f5a19fba80dbaf506629af5 |
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\he-il\ui-strings.js
| MD5 | 80b45dae260435914fcece6627e38398 |
| SHA1 | b5ca3d42d0667f06052559237326f19c8dc5ea87 |
| SHA256 | d704be0f741f68490cff332106898206f9408a7cf5710dfb45191fb7991326fc |
| SHA512 | 13e9a7e1484f5c4fb1b2741374d53eb6052001113b1ec4cfa645a92089bc3f6c739dca2ded480805fa6a4f17cd3bb6e6d85ac2c0927aa1df8a51a2b4e97bdc27 |
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt
| MD5 | 14405902a68a52b05a86ae28f4c5d591 |
| SHA1 | e39158211d839610065b244b1ca9a678a0e9cfce |
| SHA256 | 3e168680a3e70d81e986b3eb040587e966df00b2aa99e2fe84d2dcc713419dd1 |
| SHA512 | dfc91636766fac27dca0ae3e6e31c3fc70f739db71649d08ff61cb729befb859837b3e7fa576d4fd9873c16544e5735bb3845d1299e82487632ae8aa700c0582 |
C:\Users\Admin\AppData\Local\Comms\UnistoreDB\USStmp.jtx
| MD5 | 7903db1191b26559f73224ba6cfa9cf6 |
| SHA1 | cc3b799e92ae04f0b0961d7e14182150dc682d71 |
| SHA256 | 422cd8f124344be66dfb0b7b52f0f855b824d7b3a0a5bb71b32c0ca940a4c187 |
| SHA512 | 09c01b58d45ab08a3758f44a80057ffd2c1b2207440e90bccdf38f72b73a570005409bddeaa64b67d7f59e459e0d59d8544e0af146ab001929a6b4c782454633 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Bomb.exe.log
| MD5 | b8d9d9a5e497322b1138d431f1efea9a |
| SHA1 | e15c30d528f1f88a0a824c95af3a6cef3269a157 |
| SHA256 | 1e0914781a44a12001e9adc67b3b07ae24d80f7242074f3f22b8b383d28e2886 |
| SHA512 | d42d9ec40aa6aef960dbeeaabc78652bb32820d583b0c8b32f13db2c5c0e7758019252b9351fcf337908095b179c4c2367085e0dccad373b4277e6b15c9cb6c0 |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\winword.exe_Rules.xml
| MD5 | 7c748c84c9359993dd3f1724ce10a6f6 |
| SHA1 | 921d1d0d8f5a5a612a928412edf865981a96d14a |
| SHA256 | c4f6ece901405b2fadd5136589acb6bd3ca3d5765dd2e5238b312528771f10b4 |
| SHA512 | 975ee94ca70802d8ff12de7a92410ea23dda6df4dc645130ba0a74a0d2ee5ade2b7764c2ec01c9bac4434c6669de591272f7d770817defc19b0ade547b11ae1f |
C:\Users\Admin\AppData\Local\Packages\CortanaListenUIApp_cw5n1h2txyewy\Settings\settings.dat
| MD5 | da4d375688838b716901dc9251f17343 |
| SHA1 | ef730cec373ea57d900439036bf47876162be303 |
| SHA256 | 5db52ab84bec1a57273323c500dad9ec91377e6eb5a1ba6a1440159404f06133 |
| SHA512 | 90e38d31c9c1480a6abe4b45dedb4696c30f83075ab6738832fa247faab8b432c63459953cb26a22096b8b73d486943fe641a91ab3a8b0f36b4971fbf26ee57b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | d7e158a92afb391b499431a48516f595 |
| SHA1 | 8dda6474962e91e26f529d8140fefcd91e510cd3 |
| SHA256 | 4638998ac130f3c8ac6a69ced385b14a81fa585b7c3599ddfd3b385093feb4eb |
| SHA512 | ca7c3df75669aac4de3b9d80ad06751ce1814e5125065912c761e6ef8c4777a6365e19bc5a48c6354bbcf3d93ae8e6cfa08c5f75a2f9b13951f84b2c9d25bc20 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 0235ba518674976b2618809e3c059d4e |
| SHA1 | 447d4a6812e9c1544f5c22bf379e268c9fa947c2 |
| SHA256 | 5723a62683450e9f5af85eee2657d16a02e16e324a48af55a401829f85f5b33f |
| SHA512 | 286f1093ae82a418a629dff3d29dec512d2cd5cca360a70e1965e3f1ed9ccf167c7f2561c79bc4f2ddbe0d5ddd127ef527728f672d72cb1799e5f91fd3340a4e |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | 8592ba100a78835a6b94d5949e13dfc1 |
| SHA1 | 63e901200ab9a57c7dd4c078d7f75dcd3b357020 |
| SHA256 | fdd7d9def6f9f0c0f2e60dbc8a2d1999071cd7d3095e9e087bb1cda7a614ac3c |
| SHA512 | 87f98e6cb61b2a2a7d65710c4d33881d89715eb7a06e00d492259f35c3902498baabffc5886be0ec5a14312ad4c262e3fc40cd3a5cb91701af0fb229726b88c3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04
| MD5 | 28d4294f903ebe134a940f0d37c77a20 |
| SHA1 | 49eba8ea13668461eee26e19145053a6f641f0ea |
| SHA256 | b74c9aa403c980b25224af0e62d25312fb525435ae9ce3c8593c4804fda4b88d |
| SHA512 | 934c42653fb7f827b5e118a7c7aa92d4a737bb9f901297bea2bf601e3b58ce18c541a3a6c2485247343bb88552317281e884253086e500ccacdd9ce5650331ad |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{909BA170-4777-411C-9A71-7D2FE8577526}
| MD5 | 32b0b6523193d76ace826363f3f56a7c |
| SHA1 | 648160a077fd981de84e4061188c904cd5b0e3c5 |
| SHA256 | 57b8e861b2b6f4fd2c74b5fd7e16d3bfbb8383c22a028b23a089fda6f275d3d2 |
| SHA512 | ee7e09a0a42908c505009e855ac7c16986505bb718527abca721e4555b75827b6491a88328d3b7295d7fdf3a2eb76773425621c78b0796dd49141454696dc970 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{aabc41c2-49bd-4a0e-a74a-2a8f0c6feb4e}\0.0.filtertrie.intermediate.txt
| MD5 | d20318fc117717678696bb666a2b4185 |
| SHA1 | 7fcc97fdeaef219f7d274e0f482001e7502ec083 |
| SHA256 | 066cf4d2d2beecd222408cf2637ff1db008c3c554c75158d40d96763d3d715cf |
| SHA512 | bce18f413332b9eedb748c03c7ec895e0f2784e1869c98dc9ce536d5a56a7585e5e5a8fb2a0dade0d38fb3c45a9d73734255fe5b5a72a6c398a0eac83da5b3fb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133567067454100560.txt
| MD5 | fa867c786ca221bacbca290fb9dadddd |
| SHA1 | bd5f9ee4d6e5d302fe5ef4d592c4d1ac4af7119b |
| SHA256 | 7ef65218f1facb4d3039800e5d8d8fc12f727488229ddeb15766ee6c58fdf777 |
| SHA512 | 9c41684438bcb18f46829e613158af4eeb67df8887c00eff71a022a483213a695067c609c158831247329659ac3c3354c60ab648f17014fe3a3f4ebf3324135e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133567066645589540.txt
| MD5 | 6fd0a46919a141bb98674d29a4089078 |
| SHA1 | f52a97cfe0c4b3b60ed14d0eca0a7fb3fbb0e62f |
| SHA256 | 5cd7219252d53d6924fb05c87f021b1becce5327bff161007bc4b32b5a8365e7 |
| SHA512 | 919f5aed8717abacb726cd565e0f95f190e0e1cf422d258e6eef8509961c15a7ea2a116c8c4f020fccb7e82870fcc661e65cbfafe5cbc1f18446cac1b0955ab7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{7e66d639-dbb5-4058-a88d-d587ca4b635a}\Apps.index
| MD5 | 13a419c8829062ea73d1b5d158063aac |
| SHA1 | 852c0a7b1760b9ec4f82659162b4d425f0147fee |
| SHA256 | 6c17496526f9f462328428f9861817e0979e79d1d3f31983407244f346ecbfb2 |
| SHA512 | d9187f1da567762af6c8c2cc7a024fe03375e5f6996b60bbb33567e8cf147999134a1dc5e32b18c5436773c69ed589f2f38f2eae1a3de2e8ddd723bfd23957a7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{7e66d639-dbb5-4058-a88d-d587ca4b635a}\0.2.filtertrie.intermediate.txt
| MD5 | 3e206494b16cf9535df72e8ffe1af8d1 |
| SHA1 | e37810b0594b8bb0b783b37278ca603514a9aeb3 |
| SHA256 | b071860ec7cd301b8296c41171cb51cbdd11f4254d5d26610da9cf7815c32859 |
| SHA512 | 21321d9989ddb4cd7da7210613d0cc72441d54d32ce00a622745b2774c6bcd29b134f62ad368640efa581a4b92b65c045b91de3350044f8fadbd9ac3860902e6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{7e66d639-dbb5-4058-a88d-d587ca4b635a}\0.1.filtertrie.intermediate.txt
| MD5 | 5593f5e28dac4d7bfe94070e50c91bd3 |
| SHA1 | 0fbdb16127be7251659574d45920e2525d1e51ec |
| SHA256 | 2d91b688f15033e4e02bc6d053b74d7c5a60d942be53e74b9e70a6e2bd2a7685 |
| SHA512 | 56760c6e0d953d8b56bd8fb8969da2fcf44464baba483f4d958c3303d1a7d4d278a6a360ef2280bdd9c51ccc976111cf8de66c845c6a27ce7881ce52998a07a7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{9BC23058-0CAC-4235-A8C3-22AC62375C55}
| MD5 | 87634de1697f9335b741a0518cc93e40 |
| SHA1 | de4ecd61d2be673c29ee884eafa05964694e1279 |
| SHA256 | 2b786ed3c5ebabd01bcab9de06645113db1398313797e513abb76e4bfae85d11 |
| SHA512 | d749b2426bbeecac405e0ba0b7822429033b3d1d3578d1bf3cc1e9f8163f1c03040d18b41705806378d29e4960573dffac6d719367776a0f023f06a49c2fb63d |
C:\Users\Admin\AppData\Local\Temp\tmp403B.tmp
| MD5 | 015b69f67dbf319a49f2fbc049edea8e |
| SHA1 | 4b918940fe5a38e23717c17edbfa133f14d0cef6 |
| SHA256 | d96b6fca848e9770c35d530b1cc95ac72e664d86c8fe5385e817f2d6a642eaf5 |
| SHA512 | 7ee7c3192c57b6030a4611378639da3b47594a3385522ca61db1b7ed636c48e11c96c9be962241a9af76e869f4f400e234041598137cf95e179efd2a3b318fa6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_0FB9553B978E7F00C6B2309507DEB64A
| MD5 | a67eedb0d28e06b52d7917c17a6ddecc |
| SHA1 | 8b98a1a46268d70c3476ff4202860f5427bb0654 |
| SHA256 | 67b82763fd2d515172c6aa707112565a550b2f54110a98fe476235e6fee21b2c |
| SHA512 | 73b3ae33b57e906c66330d4c07661388c420c6b1874443d5b727435ccf7f6f545916f0a106ba88136fcad4801641a710a9789d1db95c7ef8d46de4f12985e8e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB0D848F74F70BB2EAA93746D24D9749
| MD5 | 4d90626fae86cb630aaf2f97e423fc20 |
| SHA1 | 7b65381a19300760166dd6c9cb0beeb6d69a7155 |
| SHA256 | 69a1c88c53e47b9b566dc0f26d6aaa5625710a72b836c6f509d47d6abf7fa4ef |
| SHA512 | 80f610f0bb1860929d91efc36ab8985c7fa1a2719f295da035c3bb9d46f92e01b0357f4fb1f28c08703fabd57b76aabe80de015f296c56cb0ba994a7d531a193 |
C:\vcredist2010_x86.log.html
| MD5 | 0de1b44cd8849e88d51617a6543c20a7 |
| SHA1 | 576cdf5a956303ca868621388fdb3b2810f3d50a |
| SHA256 | 5c4316386b0bed0419de038545e0bfaa7dd8d5185cbee779510956285e159f57 |
| SHA512 | 16de1ac0efc6117f3755739ebe979656c1148e99375009a6f6942a32f0adde7f734b97bcb0a47fe230443e3ba9d6e7ae834e0e5b34930391d7301055d09fdfab |
C:\Windows\sysmablsvr.exe
| MD5 | ababca6d12d96e8dd2f1d7114b406fae |
| SHA1 | dcd9798e83ec688aacb3de8911492a232cb41a32 |
| SHA256 | a992920e64a64763f3dd8c2a431a0f5e56e5b3782a1496de92bc80ee71cca5ba |
| SHA512 | b7fc70c176bdc74cf68b14e694f3e53142e64d39bd6d3e0f2e3a74ce3178ea606f92f760d21db69d72ae6677545a47c7bf390fb65cd5247a48e239f6ae8f7b8f |
C:\Windows\syscapvbrd.exe
| MD5 | ce554fe53b2620c56f6abb264a588616 |
| SHA1 | 77bbdcd30e7e931ef95c913406faf92fa70d4c94 |
| SHA256 | 93237a51bb710bd488b0e5bfa8288751445eafcc795364df7652535f3c210431 |
| SHA512 | 2330b9bdcd3c4d5d3f6a65cb277dce7d59bb655cce6285154ea8153b2b7df41c9a51b0bb62fa218e7345032e83f3b7e738fc1fea5f56a8bb4690733f51442982 |
memory/9152-30710-0x0000000004DC0000-0x0000000004DF6000-memory.dmp
memory/9152-30711-0x0000000007690000-0x0000000007CB8000-memory.dmp
memory/9152-30712-0x0000000007410000-0x0000000007432000-memory.dmp
memory/9152-30714-0x0000000007620000-0x0000000007686000-memory.dmp
memory/9152-30715-0x0000000007F80000-0x00000000082D0000-memory.dmp
memory/9152-30713-0x00000000075B0000-0x0000000007616000-memory.dmp
memory/9152-30716-0x0000000007D40000-0x0000000007D5C000-memory.dmp
memory/9152-30717-0x0000000008350000-0x000000000839B000-memory.dmp
memory/9152-30718-0x00000000085A0000-0x0000000008616000-memory.dmp
memory/9152-30735-0x0000000009460000-0x0000000009493000-memory.dmp
memory/9152-30736-0x000000006C7B0000-0x000000006C7FB000-memory.dmp
memory/9152-30737-0x0000000009440000-0x000000000945E000-memory.dmp
memory/9152-30742-0x00000000095C0000-0x0000000009665000-memory.dmp
memory/9152-30743-0x00000000099E0000-0x0000000009A74000-memory.dmp
memory/9152-30936-0x0000000009940000-0x000000000995A000-memory.dmp
memory/9152-30941-0x0000000009920000-0x0000000009928000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\53808182.exe
| MD5 | b37046319a495742af2d1d9e5ccc0ea9 |
| SHA1 | d13ca92d5a17068773a58d167af40b77813be532 |
| SHA256 | 7c60a0bab1d7581bbba576b709837ef75a5c0833acb584bca3f7c780e70f6c14 |
| SHA512 | 5e7ad4b7d55f0d5e4c7a17cabccc54d9568cf4b98a8e0566607f253e238d090e111e5f6f44b23617e9d1a9fc2370a10fa761cbe50a9d17a182da31dcd8ad2b48 |