xorist | e297ed65badde263439d03895d0443247024614c15b014c3e83b0c2ec02a1beb

Analysis

max time kernel
92s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2024 00:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Size

7KB
MD5

0d20e6aa3159f6835ce0756d8f710929
SHA1

dde70ab8312fcc9bb90bc45ac5ae13484f4bc45d
SHA256

e297ed65badde263439d03895d0443247024614c15b014c3e83b0c2ec02a1beb
SHA512

a1033b7c55205bfc52f8ac8f3ba6ef404992d532d1f70cb9b914fd68cce8eb0050da51fe7631ceb2d29e995f3436380a165e21085de02459b741405279a77f73
SSDEEP

96:8RZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihExxSIqjld9RhxLpHpMUA:qzdrr1FG1WDCgmjPZxSLJjxLpHpMUA

Score

10^/10

xorist discovery persistence ransomware spyware stealer upx

Malware Config

Signatures

Detected Xorist Ransomware 9 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4324-5770-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-5771-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-9224-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-15796-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-19396-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-19531-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-19950-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-19955-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist
behavioral2/memory/4324-19978-0x0000000000400000-0x000000000040C000-memory.dmp	family_xorist

Xorist Ransomware
Xorist is a ransomware first seen in 2020.
ransomware xorist
Renames multiple (6622) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Manipulates Digital Signatures 2 IoCs

Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wintrust.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Drops startup file 2 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Alcmeter = "C:\\Users\\Admin\\AppData\\Local\\Temp\\6eH5TJWawcmL508.exe"	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Drops desktop.ini file(s) 64 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Public\AccountPictures\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Music\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Pictures\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Pictures\Saved Pictures\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Searches\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Public\Videos\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..-kf-publiclibraries_31bf3856ad364e35_10.0.19041.1_none_cbd9ad4986c925d5\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..ini-maintenanceuser_31bf3856ad364e35_10.0.19041.1_none_bbf8ad8ff53c9b5b\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Web\Wallpaper\Theme2\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..-kf-programfilesx86_31bf3856ad364e35_10.0.19041.1_none_3870d3554f39ac78\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Documents\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Application Shortcuts\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn2\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Public\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Downloaded Program Files\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\OneDrive\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..2-kf-commonprograms_31bf3856ad364e35_10.0.19041.1_none_047fa97bc9873117\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn1\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Links\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..sktopini-sendtouser_31bf3856ad364e35_10.0.19041.1_none_be359f0533764571\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Public\Pictures\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..-kf-commonstartmenu_31bf3856ad364e35_10.0.19041.1_none_f6eee8789c1c6fdd\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..ktopini-accessories_31bf3856ad364e35_10.0.19041.1_none_a208296858c76413\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Favorites\Links\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Fonts\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..ktopini-systemtools_31bf3856ad364e35_10.0.19041.1_none_345e4e1d2701732b\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Desktop\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Admin\Saved Games\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	F:\$RECYCLE.BIN\S-1-5-21-2392887640-1187051047-2909758433-1000\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_11.0.19041.1_none_4b0e6b545bf0f4e7\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..32-kf-commondesktop_31bf3856ad364e35_10.0.19041.1_none_a81a33274fb1b624\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..ini-systemtoolsuser_31bf3856ad364e35_10.0.19041.1_none_d69cbb4282e4fe2c\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Media\Desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Drops file in System32 directory 64 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Windows\SysWOW64\rtffilt.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\Windows.Payments.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_amd64_be4ba6237d385e2e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms007.inf_amd64_8bbf44975c626ac5\Amd64\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\KBDSYR2.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\bthlcpen.inf_amd64_a2917ed464cbbc93\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_tapedrive.inf_amd64_a3a36e8f2c921ed7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmgatew.inf_amd64_7e6c377859cfcb7c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\fveapi.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\mmcndmgr.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\cmstplua.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\DesktopShellAppStateContract.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\DragDropExperienceDataExchangeDelegated.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\networklist\icons\StockIcons\office_16.bin	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\reguwpapi.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\kbdgeome.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\mswsock.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\netprovisionsp.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\webcheck.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wiascanprofiles.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\directmanipulation.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\rdvgwddmdx11.inf_amd64_e8336336d081cc11\rdvgogl64.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\NetSetupEngine.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WMADMOE.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\eapphost.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\KBDUSA.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wisp.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_PackageResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\BTAGService.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\IME\IMETC\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\srumsvc.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\net.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\de-DE\default.help.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\winrm\0409\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\winrm\0410\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\CryptoWinRT.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\downlevel\api-ms-win-core-io-l1-1-0.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\mprmsg.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\NPSM.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\signdrv.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\usoapi.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WindowsOptionalFeature\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\cryptsp.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_c62e9f8067f98247\Amd64\UNIRES.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\KBDKAZ.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\ipconfig.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\rmclient.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_bluetooth.inf_amd64_7e49a68f06c14d10\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms002.inf_amd64_2176cc45624119a9\Amd64\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\umpass.inf_amd64_3daa9a904daf9501\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\mfc40u.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\runonce.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wlanui.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\Apphlpdm.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\downlevel\api-ms-win-crt-math-l1-1-0.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\netathr10x.inf_amd64_2691c4f95b80eb3b\eeprom_ar6320_3p0_NFA344a_highTX_LE_9.bin	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\netprofm.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\fr\Microsoft.AppV.AppVClientPowerShell.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\prevhost.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\Dism\WimProvider.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\netathr10x.inf_amd64_2691c4f95b80eb3b\eeprom_qca9377_1p0_NFA455_olpc.bin	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral2/memory/4324-0-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-5770-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-5771-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-9224-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-15796-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-19396-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-19531-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-19950-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-19955-0x0000000000400000-0x000000000040C000-memory.dmp	upx
behavioral2/memory/4324-19978-0x0000000000400000-0x000000000040C000-memory.dmp	upx

Drops file in Program Files directory 64 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-80_altform-lightunplated.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-white_scale-100.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\Standard.targetsize-64_contrast-white.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\themes\dark\adobe_spinner.gif	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\api-ms-win-crt-string-l1-1-0.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.ProviderShared.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\fr-FR\View3d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Transit\contrast-black\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\files\dev\nls\sk-sk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\server\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-72_altform-unplated_contrast-black.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Square150x150Logo.scale-400.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteSectionGroupLargeTile.scale-125.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-white\LargeTile.scale-100_contrast-white.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\ExchangeBadge.scale-150.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\MixedRealityPortalAppList.scale-125.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\ScreenSketchSplashScreen.scale-125_contrast-black.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\ReactAssets\assets\RNApp\app\uwp\images\onboarding\notifications_emptystate_v3.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteMediumTile.scale-125.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\security\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\EmptyCalendarSearch.scale-125.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hant\UIAutomationTypes.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Windows Media Player\wmprph.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\SmallTile.scale-125.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\images\StoreLogo.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\es\Microsoft.VisualBasic.Forms.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\OCSCLIENTWIN32.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\PPSLAX.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\fi-fi\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\BadgeLogo.scale-100_contrast-black.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SmallTile.scale-400_contrast-black.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\UCRTBASE.DLL	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Web.Entity.Design.Resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\de\PresentationCore.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\nb-no\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.371\goopdateres_lv.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\RIPPLE\THMBNAIL.PNG	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-white\BadgeLogo.scale-100_contrast-white.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxA-Advanced-Light.scale-250.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-40.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-40.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\AppIcon.targetsize-60.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\images\cstm_brand_preview.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\System.Windows.Forms.Primitives.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-crt-math-l1-1-0.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SmallTile.scale-150_contrast-black.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\EntCommon.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ja.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\AppIcon.scale-200.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\System.Windows.Forms.Design.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorLargeTile.contrast-black_scale-200.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\en-il\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderAppList.targetsize-40.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.Threading.Tasks.Parallel.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-d..licymanagerprecheck_31bf3856ad364e35_10.0.19041.1202_none_d34986b9547820a4\policymanagerprecheck.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..fp-driver.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_dfae36e51c2243bd\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_10.0.19041.1_none_e8b8012dee3ba92e\HOSTNAME.EXE	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\Temp\PendingDeletes\37ee3b4536e5d701999a00001815341f.webdav_simple_prop.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\wow64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.1_none_41668bdd85c44640\IISUiObj.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..nt-uevwow.resources_31bf3856ad364e35_10.0.19041.1_it-it_7e7f95c00a6bdac5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..gement-ui.resources_31bf3856ad364e35_10.0.19041.450_en-us_030d67b51fee0538\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\wow64_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_10.0.19041.423_none_f485c76e856c4336\r\AcSpecfc.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..l-keyboard-00000448_31bf3856ad364e35_10.0.19041.1_none_a04d88f10196c63a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..ionbroker.resources_31bf3856ad364e35_10.0.19041.1_de-de_8ec9765e41f28cc8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..er-client.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_a954dce26dd8d4d8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-p..installerandprintui_31bf3856ad364e35_10.0.19041.264_none_b435e08254cda322\f\puiobj.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-rasmanservice_31bf3856ad364e35_10.0.19041.1202_none_137dc32b55dedaf4\f\rasmans.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..e-cleanup.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_ed38c8035223da9c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-u..ountcontrolsettings_31bf3856ad364e35_10.0.19041.423_none_61b0f600375d52e3\r\UserAccountControlSettings.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netvwwanmp.inf.resources_31bf3856ad364e35_10.0.19041.1_de-de_0fc7e722dbf9e9dc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\msil_multipoint-wms.coll..lecontrol.resources_31bf3856ad364e35_10.0.19041.1_it-it_4adec832b0a3be61\Wms.CollapsibleControl.Resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-a..-provider.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_58afc79d0124ec58\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\x86_microsoft-windows-m..b-odbc-provider-rll_31bf3856ad364e35_10.0.19041.1_none_7d8fb98bf8162ffe\msdasqlr.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\diagnostics\system\Video\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ouppolicy.resources_31bf3856ad364e35_10.0.19041.1_it-it_d6c620afbd8cb6cc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mccs-aphostservice_31bf3856ad364e35_10.0.19041.1_none_0b2f10f1ed46089c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..vices-bpa.resources_31bf3856ad364e35_10.0.19041.1_en-us_f43892b7df4a9b80\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netmlx5.inf.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ff1b7f841cf0454d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\wow64_microsoft-windows-skype-ortc_31bf3856ad364e35_10.0.19041.153_none_d2372d0fe1e12dd7\rtmmvrortc.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\x86_microsoft-windows-m..dac-odbc-jet-dbse32_31bf3856ad364e35_10.0.19041.1_none_45b2a4f81b97eaea\oddbse32.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.Tpm.Commands.Resources\v4.0_10.0.0.0_it_31bf3856ad364e35\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_hyperv-computelib-legacy_31bf3856ad364e35_10.0.19041.1266_none_2764be90dfc8b6df\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.19041.1081_none_e4e5027bf1e82209\f\WerFaultSecure.exe	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-explorerframe_31bf3856ad364e35_10.0.19041.1023_none_3754bff128f552e2\f\ExplorerFrame.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-k..eo-capture-plug-ins_31bf3856ad364e35_10.0.19041.1_none_ab5ba9fcdff62c59\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..daptercim.resources_31bf3856ad364e35_10.0.19041.1_it-it_42a17673f6635e4e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-scripting-chakra_31bf3856ad364e35_11.0.19041.1266_none_7bdc56e7b91d3180\f\Chakradiag.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-wmadmod_31bf3856ad364e35_10.0.19041.1288_none_056b3c1907888f97\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ASP.NETWebAdminFiles\Images\help.jpg	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemResources\Windows.UI.ShellCommon\Images\NearShare.contrast-black_scale-100.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_c_fscopyprotection.inf.resources_31bf3856ad364e35_10.0.19041.1_es-es_92fa4602ba8a030e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-timedate.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_03bec04fef867fbe\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netfx35linq-vbc_exe_config_orcas_31bf3856ad364e35_10.0.19041.1_none_bef51d4c3bf1b6e2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_system.data.entity.resources_b77a5c561934e089_4.0.15805.0_fr-fr_aaf3beeaf642d173\System.Data.Entity.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..ngversion-windows62_31bf3856ad364e35_10.0.19041.1_none_b7a4d67f428dff1d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Ratings\RatingStars31.contrast-black_scale-200.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemResources\Windows.ParentalControlsSettings\Images\MicrosoftFamily.scale-200.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-deskadp.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_bf15e938e78752d5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..atement_r.resources_31bf3856ad364e35_10.0.19041.1_it-it_99ceb17cfe5e93ea\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\r\iismig.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-r..ance-diag.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_9374a5e3f2bad562\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-ui-shellcommon-core_31bf3856ad364e35_10.0.19041.1_none_91b1f58702057373\NearShare.contrast-black_scale-400.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\wow64_microsoft-windows-i..tmlrendering-legacy_31bf3856ad364e35_11.0.19041.1288_none_d50678dbc55b5baf\r\mshtml.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-wsp-spaces.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_fd958235e4149bd4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\es\System.Transactions.resources.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-d..anagement-container_31bf3856ad364e35_10.0.19041.1_none_dc8438e1679872b4\Win32AppSettingsProvider.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ion-mfcaptureengine_31bf3856ad364e35_10.0.19041.906_none_ca9fe18cfc715c42\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..ast-white.searchapp_31bf3856ad364e35_10.0.19041.1_none_2f147508fcb33106\WideTile.scale-400.png	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-security-spp-tools_31bf3856ad364e35_10.0.19041.789_none_2dbefc6b526e20cf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\fr-FR\assets\ErrorPages\repost.htm	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\oobeeula-main.html	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-a..-hologramcompositor_31bf3856ad364e35_10.0.19041.153_none_d49e841db09286b7\f\HologramCompositor.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-cpfilters_31bf3856ad364e35_10.0.19041.264_none_154c926b3d0fa7c0\f\CPFilters.dll	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..osoftedge.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_45a6c0aa2ed16c7c\pdferrorneedcredentials.html	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..lers-authentication_31bf3856ad364e35_10.0.19041.1081_none_c74e121d045d3bda\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.visualbas..lity.data.resources_b03f5f7f11d50a3a_10.0.19041.1_es-es_875970f201fef828\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

Modifies registry class 10 IoCs

Processes:

0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\ = "CRYPTED!"	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\shell\open\command	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\shell	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\6eH5TJWawcmL508.exe"	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\6eH5TJWawcmL508.exe,0"	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\shell\open	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.IdInaHuY	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.IdInaHuY\ = "MRJIWWSNPDKKHDD"	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MRJIWWSNPDKKHDD\DefaultIcon	0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0d20e6aa3159f6835ce0756d8f710929_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Manipulates Digital Signatures
- Drops startup file
- Adds Run key to start application
- Drops desktop.ini file(s)
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:4324

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2392887640-1187051047-2909758433-1000\desktop.ini

Filesize
129B

MD5
3e4afbbb236fad10a20fe8a162d9dedf

SHA1
15f497d6c7109bcf217f4d0dc32cca56cf45d661

SHA256
aaa0b6babc4998400370498fef5813dbb1b453fb4e5cd9734ee452899eab80ef

SHA512
9bc7ab4774ded4ebbc9a9d8fbbe08b0dd7e8ca5504eabba6d8c960655534abddbe2f0d41899369b261ab6a5ade1fb88ae8184efe6abd41e45a4cbe97c1a4d5df

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
8b01ddb05f53f5d1044032f3a6101fe8

SHA1
4b66b804fc6aaf5b4020425d433edfa5c529316d

SHA256
4dd89787c5d820d35a05b6e4ebc911271c4193deb482889008875671f1e4810c

SHA512
661e188c82a2473e4183c224e9a588c58c722661016f8745463a11a640eb85b93cbca7ead2d71c4cda8215e1e3b6df613014cd4e3385cd52c679e2031612df98

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
de09265a2ddeed836394d3ebd5de091c

SHA1
9f19f695be4eca74c43e5a4441b5964bbea01a00

SHA256
d6d7c271635c0717d5e290a2931dd5e7103898b49f735cb2483aaa8ee2e8047a

SHA512
752fd01849ff3221b55fb552839da00e0ad2a0ef250356bca232b58f661a069b75cef63a05c3e3cc368f05d6f0c5b1f83a85fdd951aaebfe4195b6f16a30ede6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
e9d771945bd9f058b80ebb3a59c50d5a

SHA1
6b9faab8acf579de36bc1b4c3afd351ae73230c7

SHA256
1ff0aabbc02e565902e69ae43f3c4443a7a087c818e5502f9a38d2a4174fb7fd

SHA512
210535e53118ebdd834f6d88c7c3be1adc4d64642eaa955196d37ea1c5c9ad4de1e56f545bd2ceed42b37d662a14719b742bf4bc97b1d28d69556c0c1cb2e094

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
a8828b3c934c52ab1c3078db3d42d546

SHA1
4230859cf9d80f0bf27e51823e5f3b2b45e2a555

SHA256
27221b218b3e88cd96841b09892c586c23fcc376f74fc39bf1f4df3834bbf9a6

SHA512
b7aa0e92c8828f79d675f523749f1d8911d0b82ef2504d22acea3bc0d7523359a6ab069bfad72dbdb5c0757f16565c5f7f19495442e90ec9cf5adf35bad8959a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
179540358f9b151461f43514c1f1bf6d

SHA1
ad16a72421f982800540a9ad8d92834d8bbdeb32

SHA256
692e93f34b77d1cca96424094d049ad43c53efb963beb7ce4b37bc33cf90c7ee

SHA512
531f0467e875a5178d71646a66a729ad1c05e1b4a5d9dceb06a356ebfc7f8ee8d2ad6356e3559d559a91317684cdf2cc3e71b8ff9fd16805e37a22a9ed3a97e6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
07edbcfea7c2ac5ef705b024d80d9133

SHA1
422a04c9e7a7bac0114f0c1bcde9a365b9c85570

SHA256
37c159e1031e59e832ae19752d43278ed3cd64b891fbfe083aca07b3e4d026cb

SHA512
13cc2beb2ae077536557283d6c9b762841e88895f2dda49b2a984ff66fe8ad09c471f86e13d0ad4578970e2375007904d2a89f6bdb5ba327d14da713265bca42

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
8ecef835b3635f58e43a9503132ce05f

SHA1
ed520b9d65483fc0db7763f62df9bc4890fa5d37

SHA256
08824a83e53c61f1d84949363d6f50652659c34f2a938a3867f6c038e4b1c864

SHA512
50427a1d757e1afb340e8cc7a320ea6629645d36e22098c210f983009b3726b1f2bb3fd475377e2fd09dfade75331e6e154624955de67c3d82d6fff5a4de97f9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
f177f1a60bc9ea4a9dec2e5279c88f7b

SHA1
df5aba2540c1d689efeb3eec6d70b5980213459e

SHA256
e880cd7a23eacce5a4f80886ad9f38836abd1f540091bcdc56769e611acc5d52

SHA512
3be5e319c8069b16882095ebb3b1f2c74a11a0ca39244a09acf6bfca320a10325a539eb0d697e3ba9d9e4c93f2291b89fc728b31479e42c57203622dca243e75

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
73c3831321ccde31c0a4b445cc1b0e31

SHA1
9372a8465d5ebda4d1b0069a17c493161b3ee684

SHA256
68f475330ebd11a6fc36c1c722da1855297ef7bf955f7e628ae1f4c62741e67f

SHA512
22cda6c6f3db1bb614c4a604995ea906ba120a5daf1dbef0f8e2285388751e2c7c65670574fecd0b29670e2c574b6b31ee076392e7a6cb28645451881074d8f5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
8601d05ea1dc00991159438c32b46b38

SHA1
54c4dd6aab9e7a5b0441eb0331b17ca7194d706d

SHA256
6de12796cfb3a8c53a9210c3e93436b741234f968ce66009655d07fd69d6da85

SHA512
4e6eeef3ea9c7ea22c7a4eb0a8c3566a01b9053aef969bb4c07b8e59dd1d85c98d657e4d6c5b1b405ad53d376ff2189242d9047f4f89ed47150d06232e2b2aae

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
487344b7133c563d6a078a5fb92e10bd

SHA1
b7177d0adb798b2980f5f0769e54d1d49ac91017

SHA256
a30ae9c8c406589b9c8eee05ad3a579a14809380a2d48edc8a02040474efc7cc

SHA512
cd9ddeac9ff3cecc95fb84d4ea8069c97d04c19a91c0f308c428796eae4b19ecea4a95051706345548109d539c22a8c56a6abad2f9ad9476355798d926a6859e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
825d3a2b98abc0250d228871e433a60d

SHA1
2d6af2bd16893cdb0206584a7468c8ed40865e5d

SHA256
6b0b648944fb340fc2930f265ffa402a7302d5e078e90e6b5c104d826e03a801

SHA512
7817e56efc5032df0612e4639fc5f85d8fbd23dcc16165e299631432cdfa253bd0bec716458a4501f6c73a2c0adbf7b72da54f7fe6b4ddb035c66793a2162316

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
4dfcd7cf8025114460652827e45728ff

SHA1
9d30d637c838c728d2d8961d1281ace39b0ebe3b

SHA256
91f0a43b1fa4573fb9f3f67433e6d94572712d170718499ec48678a0a36a25cf

SHA512
1390536f182604cbcca45b6aace20b6ad4d4f6127dda68245e1484e334170e55ace156a019547843053689f8e669e1799b491d720babf3452a629fcf784ddc17

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
836195a59166d21509480a8e99322ed7

SHA1
93fff51ef1d9d793549eb3658cfe57153f799f05

SHA256
0e0455a19efa6ce314541fbbb82216651ed34c4b4eb7725bc5c3c4767366edd9

SHA512
801375b76ffbd09e9d5a5f15f0cf56b8fe7678dc30c45767e756a1862aa816b7ba3e4014078304c93546ca663eda96df0c12bbdc50e148e00f7e21c6560e2ced

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
64af55ec5c53d31a507fbe68e8cd1c68

SHA1
72e8e46f7dc919da2ae03567dd800401056ff878

SHA256
582d14d3cd6ba9920441082502277a13322bfc87bbb54974506e78bd572508f7

SHA512
ed29db6fbb4c9771e1ad767d1edf62d8a91b86424df17d1ce2a8542247d42622f48490cc62fd235da8ec59082ee5b06c0368d19173246e5419804960c7c0b0bd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
3132410608816ea5fcfba6802af6b0c4

SHA1
773bb8f200a252a146e3894de823e812448d31c8

SHA256
67b087ff5d6395e4991ce4d9a8e0fc9d69c0d602e083cf545dc7bd96fe11cddf

SHA512
a04ac733409c378738e9b291be7d846c89e3d599012c914e7574395e70875827c615c9f0add91359bbba18a7df42bc58bca6d1c75c6b3776e5a45bd8f3f1e6dc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
047c6aaaae7d7adb6f9d1e9d603f1c8b

SHA1
c522948ad64321718d4a70f2ba1f948c4e26fa15

SHA256
99b56649d63fb029ffece4006533447e217385a111b53b5b7a13463ac6b5c513

SHA512
1e1126dd4c1837ba039914d02fbbfa355cee84d9d86afa75c8c6a81ded1c672ddc410e6adcf90589e9ab8d903bd18bcd0624861bbf617c797a47ac7a7cbc30b6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
0d882943d74533685f56d3cc359ec4f2

SHA1
fa85bf395b361dbcd629bec8dc80871050d88564

SHA256
8b9a72d6aeeca0e7beb22b2c6401adf0f65228cb54dde8ea3d78f7aa1ed95de6

SHA512
ac52103611ca1b30395bf0d0fdaada0611681d588386ef096c7c9718c659ece904e065cf2f7e0c0f195c4b15a166b55c6a234e466bd0b603b89682e066afd182

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
ea83810e69e4f1b0973410347f025331

SHA1
94f19b5f02f1d7fa1141caab5290d5b0b053d1ad

SHA256
2e6a7649da3437c75f7df9aa5ee3bf1835f7738b91b57824713f846d89f74406

SHA512
6122da61cabf6fdf2aa6704fb6b1be877648ef30772313912ab9f7243e594d769f29041c25a7c6b8e0ed9c7a18445d6be2e95c95c25cc32bccb5bcc09096cf63

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
208129921bf008e7d74e060522e84a05

SHA1
a3be04f854240cf19fd549e509d8a1320c8eeebc

SHA256
baa439c34a00012d05d44f78dc950a6c7d5f7568aaa951ef2fc82b362dbab515

SHA512
4f1fa8ae2adfd0e7660bfe4e5c48e73bb903b99769a4f6be22333ee8e10b9ff7ae79e7dbc1e549b594703740dde16f19e5685d46bdff0c170f2d2730819ae752

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
504dfd7231276312fee163fc3650767e

SHA1
802b245e4ad8ccb0a8131a2dc3a9e35380f19c7e

SHA256
ca94bd33af25e9d51b9559d4d19db568f05d179f6adb23bc9efd8d88b17f55a7

SHA512
4a5586eda0a82be9b2d755faaea09d21dd7aa91f7ed48cfbde5cf5e22584efb50a7725984c651126b99ed3c7b4819bd61a28d3c85e827cb850d2627ccf60dcfe

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

Filesize
19KB

MD5
bdac3da1e0292217c216d3be5288abac

SHA1
3cbdb4232312e00ed9edd7c430ba070f10b704d8

SHA256
c3c13ae03a33b140d5f4dad27a25f22a80809841b74633c8b0fa7c8ea431d69e

SHA512
81b5eaf7de3e36fd1c84b0dc386a4073b9bedd300c4c8a55bd5417063f096e881586099cfd86dfce9c4fe5864a428f664be860fb3228cabd70dbee8084e76688

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
aaf133cece991d7e644c0e733fcc048a

SHA1
dc63cf4b4feb7d79d072d2a938d26da1e74a34df

SHA256
dada7e9e81c7f54ee4a99b00cc7a410ba5c60c0c3688f9f340964383bde586a5

SHA512
ceb50718fab46aef3c23eae1e76d86abbde9acb23ecbc04d82554392245ebd26bc235156d164e7cc871b4e7f5d1db23ab41719f3463432ee3f275bfa5d286fbd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
ab4c9d25e24364a6c143abc323438d1f

SHA1
9bfe466a8e8471d0c155c36c27009f3f809a693e

SHA256
3e0f779afca8ced004009daada03917d82313325706cd8961d31f1927f5b5124

SHA512
6054cff522d612ac6f494c3f42c7004dc97fb19c442536ccab1e332d3b5ab4d05ad1c02eecafe98c59a7cdb75eb3bc9058f410cb17ef34967299ae47807574b0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
6282784ff50adab5879c65a7940e19b6

SHA1
eac8c84c7b7c8ab366e06465ac9fbb161faf57cf

SHA256
c18979ce810787818e590a1e65c8268e950b16291b69de6ba52e9c8301d73f5c

SHA512
ce448a0f38b3ea888fa1e79b8832396e14091c80f81d73de7300814e7355117e8a60364e3aa932b794340c32efe27b7f117c72cc4c5e9ab933d9738ad1acaaaa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
a42a3caa28733b8bb1f087da7b6f1f4d

SHA1
86bfa5ab570b3f2b2f2ecb82f8c4e88ce7274820

SHA256
e8ac5e53f657d53a62104d5e96c9240080e511735250d3d28b7a4cffe971174d

SHA512
4b6b48af2b17c93826f0211b2d9c067cd4add9863f4204bca6b543e52c8be0603608d29e7178aa876c240090f7b4695410a8e90386d8b7ef5bccf1d20f40ab60

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
cadaf72f44d527dd9b298a7cf8f6bb04

SHA1
e52b484aee60a5b3bd077ab9652b3a3086ca45f1

SHA256
12ebc7fbdfd3433d70c6236dc58264e72859841d0e6febc232172238df21db8c

SHA512
f286020d9c40c38fe05ec3fd35d943782dc420241eacaa6ffc2ddd01bd1593ff042fd0105a01733ea691e927ffa7bcaf107f8e85b37c024ded9bf52e9d113740

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
444a472541b8908cac1b3dc9708c9b5a

SHA1
a94e3779a9b7676e977ac48b9ad087240afe1a12

SHA256
7888969bf2498ba086488b789133fda7a64cf0f2b5cd6a696712e7e1e5363177

SHA512
a4bb0795a095e99228f792fa68f558e7a97134169d61dae580410ffe99aef791cbfa84e54740e8640b82cccc91f2684f3bfc450519a4a3cc11e60b6a56837fb5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
81d21d5f5d908444f5907e7a9f9e1274

SHA1
8324df421067cf4e48d5f7844997b7f4582e4bf2

SHA256
ed4674280eac837dc03024c3e1b0e9372d9f872b6cae8eddd590f08c37bef987

SHA512
395a3f4ac4b14ec22b7d39eb257ea7767d47ff9134f2faee36e1bf4587c1f8f8b4d528c9e9aa3d10994f858faf95a2f10898b71e11f1b5ba94da6a33597ff901

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
6971aa64011fc3468c108b4c601b38ac

SHA1
4a10d3241ac5787399ebff10342690f0647fad44

SHA256
bf2182bfaaab5a65888d55fe7dcc501ac3d441f335dbdee4bfb31fa8ee3b2c7f

SHA512
633564fe40cf907b9921d67c827995dc7fb52f92f9022ac4219b3be6c8f57f1b393d9ccca77cfed944b2f084f29d3f4e50eb9cb400e5118153ff3350293a5df0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
09b911cf1125c552d636c9ea0ccc88f0

SHA1
ba0037cc95fe87c8ba57375177f46ca92d78ae99

SHA256
4f4a66dd9b6a5aba56fd182e72ce1ef4514b7edf963791362ef49aa877457ef2

SHA512
078688302f5649c8f01645b21457774c2795d56df838499e58ad3972ab681f7da999f016cfe66f815017c63aa2a05054f2b378a65f871918f2b8fec1a7dde87f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
e07ca7574a9096273b493d796d1ef76e

SHA1
82146fed5ceffc97e95829b4494ed6d5ea407711

SHA256
6a0d4f482a15df9fec42247c01114e845858d05ecd97f4e5ce1f57b448b19c5b

SHA512
18dbb510c471f2ef97e22ecbacd802ce7c928f43911c90875305296a985bceae1abe2bed4b31198552d473b13ff6c10d0cc35ce0123a505a88c4e73c4b5c2a97

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
abaa8e481b2797839cda9a7a4ea2b9c4

SHA1
8b0e65f0f6a25d7a4241bce8da58d81c009ea2c9

SHA256
b6d3238611cc9fb6fe880edc99a1158cdc0e13c433d68f0523719d6f2e45456d

SHA512
62387650b19343390cccce9827cad81a24c42bbdbecbb3c27b70055f7e73d079b44a45c8d6a4c9c209fdc076c1b42568f9e137e1d8b18cd7f0104c1fb84a07f9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
0bc382e4bcea25c2b45cc10f75a8a383

SHA1
4afa4d3a36d8cdd3d63b897f49f2d7c8309b9878

SHA256
f590a360b9409b92f29db532984614e32953b003d05df121536f6a928d3d100c

SHA512
18e7084dfe457d1061d27a1f6967cd84c36b287afc72f4f1decdf2d3607b39192b13b3c3410d72e0c9a06fbb196d6f85832511df2fe84c7fc4b85d4e51fdaa92

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
f21f2d849435db051e9a78dd82050eac

SHA1
de4f64925a42394c4804b478c176d71a64af6d1e

SHA256
47220cf7458a1bd8556fc40fcff617343482fc16f89dcda0e779a26c50d9e65a

SHA512
31f164f317836735b87a062e6fae1926d8d5ab61de6a5998334895b03c10dbcf9d2bdc4da2a1f1644469c046b56128afa6a81a629b13e29fe3007e482734c08d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
22c47bf5c85268f89704f0534ab73bf9

SHA1
cdbfeaa03c98f784c81344b8674697b80f5225fa

SHA256
702546a8dbb124c5553f13ed58fa2f77424c057e34be28c18cbfb24a08e79a9f

SHA512
37952d4229a624be20b8d0b7aca47da810cac829e7ef287f6e4f1b4397081b0ea5afd0a77d32b9109a095a83c60ed737b63d2b24e3d2ed954b24be26042baf03

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
2ef73d06f95b245711766cde0c6de54f

SHA1
5bceb345fa9916a4b7db8468969015cd22346db5

SHA256
563d271185e0393309ea54a43dec322acf7a2bbd65497c09ec134c79d8515766

SHA512
b06a76c0d51bc30518d89a783b922eefd6759aaa8e55532a472a6ca749cf824ca1dd21ebee8a146114d5ef20a608c80fde3afc9df5883b482d916dbeccbbb6f0

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
dbdc1d6fc6f0256d75fa832bb05ee170

SHA1
ba8adaf5f06455ff8af05e151e809e9163ae1789

SHA256
9da8846bb641d2336367b6797b9639ed2cf2886c6226e319a2bb054d5e338718

SHA512
d1e92e15390180b92fdccc49d20990d33de855ae6f9cb29e08c1da1c1de8cf66c3c524253b7e0286153480547455cfd798b336fa49e963f24b1f2ce5c9adbbbc

Download Submit
C:\Program Files\7-Zip\Lang\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt

Filesize
372B

MD5
993eaa8792620d40b347403c129d3dc8

SHA1
71934325ba9b3a7190ace37a23799c04e23ad414

SHA256
4469cf5d3febfdbfe5c144e9a21985f3ee9e9d338a58abbd41ff7fef74f08f25

SHA512
d1cac20172a96ca9aab66b6d86bda7cbb9b9cd06ba02f5a80abf68d2b39c6c7c64214ba167b2275c88358cd6205782bf8adf081b5e7faf6c556d23aca3211ffc

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\plugin2\msvcp140.dll

Filesize
558KB

MD5
5c02e097ed256f2dbcefec538ca8a0a7

SHA1
30098718a8a550509e3e217b2fbd57017a7fbea2

SHA256
adad36a33c49b60a07cc6fa9d90aa33e3612fdff878175c212963db832523bd2

SHA512
b70b040d0b873b246b29a8f8692eef34301665a18276083f1c3bb1a9bece99eb9ef84772ac0376a6a8fa825b628eb1ce731480478427b1ac00843d39493ced3e

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\vcruntime140.dll

Filesize
95KB

MD5
542bc38458c2309d4199522300455a54

SHA1
224cb25865907570291ea198d3e5dd02b3cb5ddd

SHA256
83e98d7b9e6bbce27a3af7fc656ec75711faaad912f94bba89c72949cc0c70ec

SHA512
589d78501912413aa8117a11001fdb2f7602aacbcbc09f415101967c04370355bad689eedacdb9d665f80f42a1331303b676cb233486a7a68706f1dfdc4715b0

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
adb9e3d3e92118059bf6c06982e2260c

SHA1
6433a31e3b1f8b7c21d9820e1df89323842000af

SHA256
c9711217a981b5ada26fe3151e15142b4cb638823c38067cf8d8b87a3121f25c

SHA512
62e060f59fdb8f81d342a6023ff2fc9e8e8a76d00f7c2c3e579bbcf2a35699062e6ea71edc2265e49048b3adcfd9ce49239d1ddc9a4b54c73c5df80b3462e04f

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
bbdc0acc7f8bf3f2ef04ebc16a6e1316

SHA1
7ce0aebf7777867e1ec83389c3fbb1f6dcfbd9ed

SHA256
0cbe0c1d1c5dcb400a9011013e87aed17a511699b718be121ce882e10897e247

SHA512
e9f6342c6fea1ab5bb44637fa8b9566408e80ceb25d96706e51eee9cacbafb410d70a61882ee4c9de9b811d2021b49b027e15cdea7783723dd6443a12efada93

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
fe4e3587054f70fe7d6ad07cfd61ca19

SHA1
c3fb30f735c80fdcbef2df7eec0b1d35e47d9ce6

SHA256
04d9f9fae9907a00f2a898077cede8800f838aea9a4e52db3cafe963700325ff

SHA512
2b912f58231c084ebe6bf9dd39be9d96595c1069352b09d2e766a46ad861f707ea7774d90539c9d9461f8e4acfdb1f5fd0e81f0926d8267e154829f4cb6aae4f

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
e57e10f208fd9179ace5f1c13ebf9597

SHA1
b8630447949c56fee52c34d64e1188f4005ceb44

SHA256
1f3c5dfaba9366d948af625f39a4c7e690e1d6f6c54b4cded17ddb869d84f776

SHA512
36f1e0af189eaacad4e1f4d82f093ef71fc985b816fcf791293b1f62143ad425afca769238bdb62fa057b772d1c8a86059dbd7d56996f2391f2a7d25d28712f9

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-console-l1-1-0.dll

Filesize
11KB

MD5
e694d5f938edad9b7741ab52b71ad4d0

SHA1
bf4fa50ee22a21209ff1c9ab1e68e562c4ec92b0

SHA256
23c0859632b5e9a577bf56857f3de07b4ca109e4accc561fdd4f79b4f22c52c4

SHA512
5b7b6e2e9a01467331de0141551d6dfdb6aafcca88543f6f107cc8c10af3b14dba823d130c3dcf1f6b1d0af553b9e8662f3fd73f03dcca4fd0d1af535510bf53

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-console-l1-2-0.dll

Filesize
11KB

MD5
2696c71f06fecab74e87e3ad7c180d0d

SHA1
e7870fb7646814b1e655ffa54a5c3ffc1d82a161

SHA256
70304792169b2f45b2d18788e899a4689ff482ea47dd1c8c42e6daa0297399f6

SHA512
98f0204e5aae50187562a2600a9d581bb3b65f8e105429a8a908024fc5f8dc8b31328e32f966a4367a7598761fc3779c874aa9f1adb6875a0ef44ff9f9066699

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-datetime-l1-1-0.dll

Filesize
11KB

MD5
6f04268d54256797655126e5ad41d06b

SHA1
78de26a660fef18f28693de0cc2bc5cddd0537ef

SHA256
a2d281537353883cff0f90bcfbf42d0c5deb9b4a090d60fac1f898d0b1e410e2

SHA512
1607fc880632942db415c07e02994c0218b7e876f0234570775e401f18db11588b86f98947ce5a2b9f50668a25aa7e201e30b931ffb1db9cb426fba4f62c4694

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-debug-l1-1-0.dll

Filesize
11KB

MD5
a1e9a1d7fba7e55ad9b6c478a2f6122d

SHA1
860e7f02ff92433269cd8b34f20d537c503548d3

SHA256
11da85abfab5e3a4152617846a08e2d9ace101787adc1f8cdcb4baf290ea4ebd

SHA512
cffd5f00a6465119a567566d1f14ebb6816feb6bb30781d9dbe47459d30e34ae0425273bd03f63531e2215f18c8ad9d8aba3658a770b9274be653915bcdadd24

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-errorhandling-l1-1-0.dll

Filesize
11KB

MD5
0ea70bb5b96d0699a4ef5d5b38062cc4

SHA1
5626c40d170548311947489063d8d1eca7b6c3a8

SHA256
6a9c4ac50a7ec046253b3ac41928f8f4bc24d31852280e21e7f8a2a0c7bd6bfc

SHA512
c2dba1f0e836975f367d621367248e07a1d314b628b26d67cb5db2776b962775f4d05ed926d32be6bc7d1f68cee7a0ca61ae2771fc811f8928f62c93fa08fed2

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-file-l1-1-0.dll

Filesize
14KB

MD5
bd9c38c400cd43e8f1a4ba7303b1f36f

SHA1
54fe16019e31bc1f2ff8645df3aa1a634ba069ac

SHA256
f54ed676db29c2aa66387977d017168b190db3c75899f15adc232164ec182576

SHA512
e821569a6509fc56ef06f0f4fe9e5fded79d6afda26629e17b0e6464d51d186d507a274cb8524aa42e5ad8a0a282c08f0c6058abe599dbc4e33663c0ba0ebf24

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
561495bc9485523e6074b356b0123bd2

SHA1
1a233b282d35a110019fe1ac6a048a1d447b18a6

SHA256
d544fbfc43aaa3923bef9167422c4c392615c71d54b9aee812cc4722a9140cf5

SHA512
722de30a6ccbdde90390b8f0ed8455aae658396f23286dca27bb9b87f01704a4a126dae63bcaa7114d45635be138cbbb60fb434bb4359433d530945dcc8c083e

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
eec33aa1204dab9dd1552bd357c8c019

SHA1
ff2b80a59494532710cc112ae03c68b500a37bcb

SHA256
f144c36f79fdcfa3686bbc113fa1c59c520f46e72f9505e685e5907f3e6da620

SHA512
da04159b1250f1ff7aa1c106fb8c2b1639d9e1da7ac3ede384a6a768d0ef25487cc03284d492ec7d6636c23aee59901f6c448453cfa3ee0a6dc93a7381701fed

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-handle-l1-1-0.dll

Filesize
11KB

MD5
73c32b6e70b90baf3e00362901f08acb

SHA1
caaaa2fc6725db0f92207c27b13906459e690d36

SHA256
efdfe2ff1cd8dd548a6200ce769d6e5856176c20d37e94b5d0860cc0471782f3

SHA512
187393626ef799a32d3335b9fd237b3748c6975a70c8c1d4bc3d8b3824e482f59c9fad50a1468aec9178e592a53c2b0062bd0d8a05567f5fff86f15df9423457

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-heap-l1-1-0.dll

Filesize
11KB

MD5
8e955db6885e0a633eda8617a3a321fe

SHA1
11613c1620163205da77b60c5e9b0bbf5fa7de9d

SHA256
593551d2e8615794d99eab8f08b69e7ab3ce1e320e704f5602ca80b90f45c587

SHA512
f7cb2d30695ba33acff4d05add17e768400514c6514c2db2061162cea27f44724c052fcd6af29743e718a324de1b9ebea438ffc42a58992b74191a5997c751e5

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-interlocked-l1-1-0.dll

Filesize
11KB

MD5
38cbd756db5a72de33faabca851ff883

SHA1
0338650cb0593ef971dcaaef26a4d5106a54db8e

SHA256
9dc8420c9c4cf9863ff39c3d62d9ccaedc14bd91eace4e13d0e363eca7df0c0c

SHA512
078d2c5f5fdb2a2035d98581bc4a1fe93557f2d387e76f8ef5e74969c36f7d75a73b3bf28f926d463f2273535bc1cc7579a156e09131b00ddbf6d6c9987ef02e

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-libraryloader-l1-1-0.dll

Filesize
12KB

MD5
dc8aadcd90ffb51a623b2048731e3185

SHA1
9e373bfb6616dfde90602a77fc59cda502b95c1b

SHA256
80000c560d4a438e52bcab06c357d55d6ebd55730981e87b63f8d97a32ac3c5b

SHA512
538df6685d88781f28e887e437fc661da6033c74522ee77559b81664c43fa2673aedee3bca501d02ef65bcf94aab8ba2f3b56a8e1150436ef26e5b884d1078d5

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-localization-l1-2-0.dll

Filesize
14KB

MD5
9e4c3b0e5c8d212159e1ebd7c78347b5

SHA1
54b27fe86cdecf510f18b6d6edf645a811d0961b

SHA256
046b2e906decb1e49c44ece46f7b96d3905b93ba86a61501340e654b3dcdfe52

SHA512
2d3497dd97cd7e402fdc66acb7c0fbe6309eecb65da9ccebe74add34570cbab5e5b9d7e95d9c34fac3ae4e0ef16702d41d516b73eebdd7b5b1cd455390868e7a

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-memory-l1-1-0.dll

Filesize
11KB

MD5
5bb35277f5386456c2bc1c938f3bc427

SHA1
bfcdcdbff286b2532d233dd1db0c5e475cdc6ed2

SHA256
296609292752aab6da08198415632ba0d2adf0508519b7cbe10a7cdf52e9dbfe

SHA512
1f902212aefdfebb0db847ac5c927165919ca95a4174792ccc5641672ce629a4f9206fbdcffa1ec3ca740ed0ed883f844fb5c4c0df4a12d86c8313ef84925d40

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-namedpipe-l1-1-0.dll

Filesize
11KB

MD5
304a715cf64ae483a7eb086dc0be6af5

SHA1
ac82451c635646d0ffd976f6825b064f79080d66

SHA256
f3efad456eca99ca30e4ea0400240552448cb69008c447ec7d39f09d498d9e85

SHA512
0db34b851c9c8131d81e7a298124c72c460d109e0ccfc4a323025c2d0769de72c5576321197b63f3ca466212ab1f14d7747e182dafb6e4fdde8fd6ecedf41f91

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-processenvironment-l1-1-0.dll

Filesize
12KB

MD5
b0c4f9010006efa8f2f17fd3eccbdf32

SHA1
d0feea5dd17978f61affdea357f47c9c89d9859c

SHA256
c4e76c5bce2bcf4383df820d7f8f82ad39a435271a218196a2da373e5dd06806

SHA512
5084cfac0fff7b953b1029bb0141a6b5b0d8a28721bce14077b0ea7abe4f9c0707d6bcf54aca2e070512913587ce80ea6044335705ad9e3f0a676eb123ff2373

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-processthreads-l1-1-0.dll

Filesize
13KB

MD5
125c204ba4cce647da9cfc4b121f0b13

SHA1
965f676f758f3b7c82fa870849b3b080f6256a60

SHA256
6b3aa91750c2431e83feec47351dca482ad739ba746f8fa6ca5384f028b3c106

SHA512
7439b7ba83349d26d3db35c983d60cc36e27ce21e02627cec723a91f7fd34a62e49b6b3e9d704ab24afb2e945f12b58b522715257405649f622419d66f828832

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
11KB

MD5
2444bf0b3fb9178fda90f4ae734c7144

SHA1
ba4720f8bd921e22be98f78c6aae1533bed4456c

SHA256
0cb1cba17353f7f34f322e95bf5ceee95cb5e703ce5e3f071e282fa486c9f91f

SHA512
b687b6dcf5f3daad162693e2fcc5d80271985725f0dd6d293590b3b3a55f4813f4e4acaacd611173c45c65404821727fd7af263a29c65439b20673dae9403f17

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-profile-l1-1-0.dll

Filesize
11KB

MD5
8fa45ef4a8f92b3601cbb7a9c0985b25

SHA1
d81cc9429d4ceaeed7f5da3ec568acfdf39aa011

SHA256
2e6e42650f40c7bf72df82157f34429543f49fd853aea4dc296beee4fb50d8b5

SHA512
e5b4d6c0b6a294c5a66be412c545b735a01d44f6d41f233558b266e3c7bb4a0f19cc813edd334b3b6a8d1cb9a91faad0d0812eac0d2516a60e36dac7c1b9cc90

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-rtlsupport-l1-1-0.dll

Filesize
11KB

MD5
785119bd5feb6f4f63aff87c092c1fc9

SHA1
cf5b76f133ca8d03e2c31717067c2ce1f191403c

SHA256
767bba296afc277a8207f703d140046ba61a81763cc296d8e17213c5dc5cd7da

SHA512
c5d7e43f2a6225e946a635fbded21e6f4cd88a83156d64090d734e6baa3cecdae4696772b6f305788bd7ef2c7a129b5329c46c04c95f4b86114ae9855dec8a15

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-string-l1-1-0.dll

Filesize
11KB

MD5
40a1ddc32e2363bc1abd2e21b15d9b30

SHA1
3b5a2d90f1e53a5e3e9fd90b92300bab80616137

SHA256
6c36a08d7701973004c08a5b342b32f39b35c5141547e50888afc66727c6f6d6

SHA512
30927be601ffd78f7823fede3bb0da4759e1b78b3eed55859ff3413ef3e2a7f65e17ed55719bbc25fde5654afa047d7382c771f9712625e182f9487c6cf51a6a

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-synch-l1-1-0.dll

Filesize
13KB

MD5
6ac6976d652cfce07a9ec38af7afcb4c

SHA1
b08f9d3b58c5590043f0e48f2e60a9cfa46ba799

SHA256
2dd7aeecb77bbe4dc6fe890831b5328ec060ad0cd8a614b30624f33c4c8dae9e

SHA512
674d0147d6e41703c0fec5ee4cb36f502510fb6b729cf3eb57a7798617ab1308e214d24390359d73ef52bc56c49b785df572b7b576dd4cde18c2971350b75b7c

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-synch-l1-2-0.dll

Filesize
11KB

MD5
65cf6c2d1e8f28dd34178a44a8d24116

SHA1
21eedc21fa9747a2f8e27c5cdf2c677b293f64e6

SHA256
d514867d7990f315a125b6fbdf83eba8eb84a39cadf46a20cf3e99e4ad415b1e

SHA512
2f31190bb6630595f7a028bc4021469bdd2bbdec03b077c88f7ebde63a7b4e3ebbe8aae912416c631fda30c64532d2825e2c3e4a3e9017e9b560c4e796379a50

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-sysinfo-l1-1-0.dll

Filesize
12KB

MD5
ce2cede29a3752d5666eb585887e666d

SHA1
177182d0048e80a904fff60c2a9756ca012ad710

SHA256
549494e2270fae822050cd901f35d5b3268c007deda6db23a76c63abc772fcf6

SHA512
2171ed74e496f24515740277f174e65c58e9e9741f8dcb00c1a8d2634c07b1c4b96a0d543e2fbbc29858c1733791ee969bee826ee3eb0f9297f4e8680834419e

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-timezone-l1-1-0.dll

Filesize
11KB

MD5
0f927699dfefbaad40b4845663b5ff33

SHA1
33ea56b4b4623871d03c10bcb666b3df3bb6edf8

SHA256
5c14b94802a7d29bbafa762c9b4ddc536678ceaf7715ead8f212d4ec0f944f12

SHA512
04c231dc30f35cc537643a6c3bef8b79eafd09f73feb11970babe9c3b820a756b5d130e95a5d9e065e1e3215f8200ffe686cc6af37ebfa6b6a0bb9b955fd178b

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-util-l1-1-0.dll

Filesize
11KB

MD5
1e2c8219298e093aea5bf96914faa1c9

SHA1
f2db749acb67bd184dab63d048891c701eec2924

SHA256
ef2850559b448ab4cf96c025add4a1877ca563a4235202b75df512ef1e89155f

SHA512
b84305e05af28e5989df5de5daf469790468c7f8391f2c4727a3ab1ac235e048668df93092def710f65b5391482b03487d5c0a42fe2cc1a62e7e11befb1012fe

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-conio-l1-1-0.dll

Filesize
12KB

MD5
bcd6315b098dba2881bdf52a80e163b4

SHA1
453e363d13fd19615fd94fb137de6a6fc3909b74

SHA256
4dc3222b9fc2464deb7123fd2bd9b2d3ab6e414bb3946c73e6dabb71b08f5428

SHA512
d5cd16405532e03434bf3ce26215e91a1ff97af4bd715edc1212bf50b0c5b1fbf8618464a5408248896930719b4bef6d8ffc7024d69a701d72b221aea3466642

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-convert-l1-1-0.dll

Filesize
15KB

MD5
2179e450f04c223939f129b87c6f49b8

SHA1
5d19494754bed228d8bcbe687baa264dd1a73bed

SHA256
b26a414286a0a3e36e828874485d074a0f6b4bead00418751612c3e2bbb62782

SHA512
b218b823e61e101d431757c2e7d63941e18998d2ecdcebff54935fdc1b25dbe57649bde669ed5e91bb8b3aa2560671783315e65035ca0d948404203362882b28

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-environment-l1-1-0.dll

Filesize
11KB

MD5
38edfcf899310ac78e0a4125f07bb172

SHA1
5032649d78990caf5116b048c2433db8bb30c26d

SHA256
6669787c9e351846538723fa9319a71e230daad05b3e5681beddad356668e695

SHA512
3405b7164ffb3fc9e803c1ade2e88709f6b3f373de8121fe64341dce8df0391a6d4dd6ac5c2abcebf4d9e0dfb5b43171455e99482b6b8a25e0fedc58c69e6fb0

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
13KB

MD5
2c4fe2338ed0b595d0cf9a0bc6e9acdb

SHA1
3e996a9c8fb7363e129f41bcae3928ca30d62350

SHA256
7d5a2f113269725dfa90ddcc019454d9141a7cbc6c64622695ec40a5c3dbdcec

SHA512
49d98229eaafd7a2612758356cb3b1ccc2e438b925f9efc61fb18cecfc2e635df61bd43516e2d31242098268d18c6030f5da604d4fc275d109151f9e08915cdb

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-heap-l1-1-0.dll

Filesize
12KB

MD5
c021f28644932f7c52ba5176b304c0d9

SHA1
96a2428f706ca9e386b617ffa9ce62d5106f7e1c

SHA256
c2b72748f611716ed5efb038dc8330dc829d1a89abee10c6766bccc058dad4ba

SHA512
2a9859998d85dad412fd57646e586238d6a658f6a09228afe10bbe720b6e62dfcb6b02b7afb674016ee1408fd035a7f50846ecc32267b72153a99980658821ea

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-locale-l1-1-0.dll

Filesize
11KB

MD5
2de93f9b8b9253275e3724400ac491bc

SHA1
6f4ff74bb92f9351d32a834ab152eef6bff56425

SHA256
ddbf835e711e61ed6ca71c27a632f708483a476ac53da9ed3be678c5d79f6453

SHA512
94b87e52f3447272de7bd3a85701edf51cb0069a86e665354a948288b76425ab9f4277e612fe41a36ea1ec427fdc75aff4b9d46ffeb4f9c2c537bfdcfcbb962e

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-math-l1-1-0.dll

Filesize
20KB

MD5
cf4dc10eb99d34aa10d85c6cceef46c4

SHA1
8b194a739079c0c34152d497583ef9d96bdf12c0

SHA256
31357bc13064b51fe0099b0a65ebc5a5b4b06fe6c800365b5eb36a92e17f2fb1

SHA512
dc4481738c669fd07b9afdc880ee56eca62e7fa0c89cec8a9722a52a9da30e27b749406363211b60e972d7f3db497a3bb2fc6c154c1ed3a44496a131a4804aeb

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-multibyte-l1-1-0.dll

Filesize
19KB

MD5
6952d5311f847f0e9e18be4e908eacca

SHA1
c7d4fc7b5cca9f21e2f9bc63772a9ef57b507bd4

SHA256
c25c9720f9f65017f1173ebca6f7fe9c5867b365652fc3460c47c6f4289c3823

SHA512
267dec719ee50346101ba36b823ec91e287ad25bfc9ae0812c283f7a732db62f0a02806c3b9fe8efb1bcddde91507894270146ebf4ff1f34ec2f10264363b414

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-private-l1-1-0.dll

Filesize
62KB

MD5
7595d0127ec9f54243fedda14e65015b

SHA1
9bc0344fee89a128bf2729e864d522402efa4965

SHA256
81c30d0f424bdc66bde3f1250839f411891cbba5dd3b7e62b1bd0b0490987b10

SHA512
21f95a388c43ff79cf3c93750f25874ff61a252eecd452ddd0336bda1793fc023013f049fc679c7ce672e0a88efe99a98fd6e202475c9f4b87f5be9e72449212

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-process-l1-1-0.dll

Filesize
12KB

MD5
863cca4c5180db51dae7693fc05b086b

SHA1
1ab0df5b1d0f08f76d4a09a3e62e3836017092ef

SHA256
881285023a02d84862e7055e6165e4c46a7588ddab20bd22bc2ebdb0a12d86d6

SHA512
72d4e75f30c6fe0026552caca8551b25f0a3154136f5219e1307e9c199d8ab6068dc9fef49b1ca5ca1050078c962ef905b704ab556645c610e32196fc29cbbcc

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
15KB

MD5
5349053ab19c831d19d1faba1941f167

SHA1
60b636d37365364b19bbdb887d0da758a12a288f

SHA256
304bed4568511fde6704ce980893c3b31da0bf461c0ca44aed0bbd3d4a166e56

SHA512
75121cfb16a0ea7b2620ca65c0b0d345e9b6e342e57c7bc1e90486d99bcbaf6b8123c78d781c8d02d4bdab371e2228d9b21432109b0884d86815b387b9371c2e

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
17KB

MD5
fae6809e5d57cb85ca7c7c4a4ca33195

SHA1
27803a110c39d13fd3b469364a0d383fe8de8c18

SHA256
2d299bf07076468c215373b6ff56bdfd14129a4b46a66f74ba96135534157b11

SHA512
884d4d0505e0abbade9361fd040392fb35ec669733cd2c8f4ad965894e09c72711411deb99897696259941e493a7e004a9b5cbb2b3f70656fce65f21add04b2f

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-string-l1-1-0.dll

Filesize
17KB

MD5
3788b70757bd87d17476689efc0969f1

SHA1
e6d955462d5fd803142c4b877d3ace9d4929210b

SHA256
de5aebe398a22826fd4b535c74ac7757a1cf91df64e539d4908ed1a3157a098d

SHA512
2b096a3d4a4714e0485c05304457ffc007fcbef9124d9504117c6a3be09660e53c63935c2f42923d79ad4486dd3bba1db55f5d07948efe547ddb52a36e13370a

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-time-l1-1-0.dll

Filesize
13KB

MD5
e0a2e60e7c0c946e0979aa6f698e5a73

SHA1
fd12bfa72e2f0fae963301b38c69e7e5ec8afd4e

SHA256
b46d7c5a43cc923ed1576cc3c54d1013ffcecbd04ac9a32c203e822a5f5cfc96

SHA512
a0caaedb5c651e4d4d4fc46aa65a2c93141eeb15d75ef6bb5c7d3954f453d8472d6bfdd08e5099a45e711d76c162a4427f47da714c40dc67d89d64d0de4f1042

Download Submit
C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-utility-l1-1-0.dll

Filesize
11KB

MD5
99828110c3b73b2fc6f825e02371ff8f

SHA1
82d99750029bfc2132b82942070799a48d513720

SHA256
e3227296adf01e6f2a9c2b85ee97c975497c6c393b4ed6996809cd4b16679839

SHA512
94a0c668b2306bcdc001662359a237103a3c3fe34f420ba4ab58a560f41414f1ffe93ca828692a695a4012c907caae9445cfebc09a49c70e192ddbf207ef5b7a

Download Submit
C:\Program Files\Java\jre-1.8\bin\ucrtbase.dll

Filesize
1011KB

MD5
be2fb7e4c20630c0783b942cdec5dd5d

SHA1
5e3fa411c7b899b81acaaf51530b75aac50326da

SHA256
73ec3fc3a7e578ed9eb62f8f8cbe5996e1beda5527d7eca6f362f453433f64e1

SHA512
8445e77187440cacb5ddb65dc0b96adeca371c9442a094d36116f704e65f02c56a5852d2d967eed04242c44b342be87b83d3302ac4a78b46fb231ad658412f7b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
9bb2c535fd960425b94575a33fbc5342

SHA1
d21a805fd88bc0090dbb96137d8854a46aea138c

SHA256
2016c094e2e08ce29ba4764036fa483d2f954a75e2c54934d31daa89306a4658

SHA512
6cd0a407558e89909c9fdadffb8d8a5b70dafa0611737fc8cbac677e8952b71aab9c51e47c6f8be2094dcceafe551d2e479f77201d1d65e795b99aef86f5a163

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
f84464bec7733af34fcfbb154706f0ca

SHA1
1ad5152a5558dc75539158af578e2830c3bd7c27

SHA256
aed2117587f3537bc1030cc171c88242fa0051d757dc92ea9cc5fada4888efc0

SHA512
03bda34fcae15ab16c95c11b46b51f72568870bb6f2a8ccac18420bb12f8d98bba04ef91194e05ad61f3d604baf21a5007698bd6822c43151541bdd9668657a5

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
b24bcaa2db4a3bd30c6abde725b61e44

SHA1
4e081c01e1cc026b9a8ae803529d59fd390dea91

SHA256
97d2b1238b2911e56ea0a6ba24de5d99e5845dcb04227114c3757969c6ef57ab

SHA512
94cf4aa4064e806d9fd86c4d86bcd1bebe57aa5ef31de2033b264ec570d12e36f387053aa996510392bde5f773f3cba6d1a58cddae2592e143a5a7fa4334d0c5

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
e22c598bf6ab0c57c30ffd6ed946cdec

SHA1
b1a46fc32ddb96967bb58291841d89329af2d6c2

SHA256
fad1fb7a542a75450853713dbc570e10b069c90ded5065548bd4b2bec2af3d2b

SHA512
91006fbe03ccfeb1f93ca7541de9406698cebb8d6901b5d16fbb42c20c2ac0cc5eb2bb7f4101fb8fdb64fbca125ddbdc80a572045b8d998c4cde23122c4341cf

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
14547df261cf0e4f4cfadf8d5dae6ed0

SHA1
ede03ade65a246eaca9e3d09b44d3cff8f3761d9

SHA256
03851066f424f2b04f64009c97ade6513bac62ac4d084bc048aa437424570f06

SHA512
252f51ce2b7d433f1c891e3ac8fcb68c8bd6f8f8bf4c73fe4078b7a10f8bd43cc8073ee981709f0fef9c9c1cbb1d40857ae4a078ca5f9786a4bc815e01b6abaa

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
382e8ec387872083afcb86e65e37647c

SHA1
640ba3774b1c84083ecc8f61b78489cb2390fea2

SHA256
a699b19e87ada38901bacc2c9113ae89b3710d0efd92db75c30d8e391562bc21

SHA512
9bd6957e641288f04a9f719ac4cde2c06bed087a08104c2e2ff021ba504f778cbf7045188a0c384104d0ea8eee55eeb7196160dd6478540514c11538d27acae3

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
32f64f691477a53d3093d2b0bc109a16

SHA1
76e9accb16bd0b3925cd748ea57ccae9e88d380a

SHA256
73f9bc4bfd8c001b2b1f99054fee5358ea3c0fdc5b89f7c6752d729c4c06414e

SHA512
cc7d790fa67cca8f08159cb14a382e4d78a9ae16bdeb78f70ca41313d0160164f19a42fb9e8b20d76eaf41d0ee158fef27cb3bd2af34b8726ec4f13282e2f43c

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
74998e617381f52bef3d22042899a061

SHA1
583b6cf059435f8cd71b573fe3c9565d4cc53d2f

SHA256
fbf9694c32a0d44de393d04f894bd193965faaa50c6322d150e00e63698e318e

SHA512
19ab815e4187130992dcab2c9a306ebae190183a3d39a5497e2d4d100e12b359ca618150e725e5554806497bb1a335d40498ec789d83fcc472e80ad3eb7034f1

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
9bb1160cfa318122bce53842efe99b1c

SHA1
ee6ec8a20990d126e14c53c8ace1514147288f96

SHA256
faca726b559f35bb86e74b38c81ed2d5477d22732e8531aef764f0c367b04ad7

SHA512
5fc1ea2bdc1c7aa85665a73ff400acca27a4eb8f09160fe24aaee4648d39ac09cf1482cfc2a8b5ef52c78d5fb4dc134701b1185766d2ca17c3789ca443db942c

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
96c47da8bbc7ba2fcca32fa1a78504ad

SHA1
0e30811e6cfc511dec024716ae883565f1be09af

SHA256
19c6606b7d0368df42b6f483de173faf2411371bce077177bff1dbae04519178

SHA512
6297e817868b51564f1e40881e9f80eacf068c265036efd39bbcfd991283b2288949ec9ef4b1221760196f3c55f395f59e8e1029c23e2c4b57855d2768e221f2

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
ae0e988d4439568d10e73c36c11b7950

SHA1
be0003abe79ad2cb37baabde72fc6bb54e3bc95a

SHA256
3dc778fde5db6e08eb12e014d7149fb1e41ee9e860b0d04eaef8083044e6343d

SHA512
8669d7fff441302891e5c31d92418ecf3d93842b0b213773dc7e3ab1343db220d62caf79debf9c1aac8c053086030dfe28359912b0029eea8ad2e44503d8d39a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
f512f41e923fb73234be901a7ffe1d88

SHA1
27867662e442f882a9295876cdbf78ff5998d0b8

SHA256
5a93f11b417a020559fe686950616b850d77bbe40b9387c9ae7ad53b3cc558ca

SHA512
2b5f670257bd5aff20712b4f3544c95691d9d5eb3a21d1aea0e33ed98cba54a1f6c1b01c6d3b3e4dadf4cad867579e5f70a179cb6efdd242c75626fd3fa860ae

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
7ed58f44d2475cca3a34e2090b28416c

SHA1
62f6447beaea870bf96893ceab40043165f02f0d

SHA256
3badde8782f2fa3f8c58b73a436c21e82324f1405b7b4dd18e7cdef6e63e708a

SHA512
a4e61bc33e7a97aaaac207cdabaf9083d61a30ecb6f9a5fb64b037e33448445daff57266c54a500410040ee8ada77f4f3e7c94a8920b814b78d8616b2be83b21

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
7f0fbde40715c264766688649a8800b0

SHA1
5fa7fe347d0ea586e067b8ee91b4432e39d2cb96

SHA256
9003ebe7899d579217b55e646dcb571b314e2b6e3cd9f1943a03848adbcde531

SHA512
1816a6397ddaecc57ed9cf5a8db5bdfcd81e0a68bd0dcf38a9d581801540cb217ecc4c3ab06a35f45aadd63413f6de675bbecdcb58b48ae9f41890a0725230e7

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
39dc4dbb907e4f7ebccd16e74e75a003

SHA1
e6cd0aa664eb47ce72d8860c306309cddf15f3e7

SHA256
a08543ed4b5c94a17127305f19c500dd2cb82196e798fdaaa1f71e86953b9bda

SHA512
a72bd333244c5bb7730e18229c24679b7ac859b424e2e7871901101bfeaad2dca343c9afb210c3f18f3e074017a29bb3d4f2599a20c36ad6577a3cb973103b5c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
b4da83f9690eb9dc92e0a3ffcb12d94e

SHA1
bfc38be47e1804e09ff2ce7c50b190a5671ba474

SHA256
fc41df494f293179152f807535c9579fc60dcd836751e6e49e91cb3fbbb1e384

SHA512
35735a6f387c2039a9cbe00b9c8cf35b744951bea54c1fadcc59d5e1ab3b3e31b6b0933536f4662e23d98e9bab13d9b6b8531e31a9523f7f1e88034e8373796b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
811b881e5a06e5562fcaa59308c47d4a

SHA1
0b025f0f53b7201a6ee3370bd90ed690cffbc132

SHA256
91b12eefeb0aea18105e37178986f9a96f80d418d6a7435c10075f1bd7f309b7

SHA512
fa348d096cd7d8498c748601072ed25668d4763e7c9f1840660859d6e8e7b6096e76edbf8eca9bab078440edf3cd1294400d6d6d2e0391bac615651a991151fa

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
b53a143a4b0e91c2e91860588c481b22

SHA1
db963a30374238a8b4f211d1425cb9f676fe12d0

SHA256
7badf58fbcdbf686db8e501331592903ae15f2f7ff9327a21bf2503493386335

SHA512
a40bab3ba39f954b295d08a4c35dfa0ad1ec189a99ac481f21172423ba9b4b4423a1474bd21e2eac35e938cbbc2c94845db98acb999e103664405baec21b95e5

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
537151fda00d97005b1294af7a831fac

SHA1
f843a9d064e2a84da8902242edf9556320fa5f5f

SHA256
b51422f3e5b84571f49648726118230a6c36811625b50250705292c0a8050e99

SHA512
b9d2ca77965c9e73d8f565ebd475271a0415a71218e9cb50e29c81bc3d24e23e229e8f16358d41093b0096062a0f8653a096ae727e3986789fab77240ea4dc0a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
ad0e93cc0b85effe6af570a6350cb462

SHA1
cab1696c96868130950db7282a61f9d6e854bb75

SHA256
3ed64d20663a051737cf3bd6c820acad82d7a3cd3380cfc76e4bf6a8d276b5e0

SHA512
822f8014033e35bd63259a786270e49a083c85733e1a55e3fbbfb32798364bcdf400507dccbe3ff56cdef2cf7b59a4c7353bd634e7ed0b7576f6f73995fd0262

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
8a940b1f76de6bb3ddc60c69b60f4aed

SHA1
65d37c32740b1ceac174e4cadb90188bc76b72d3

SHA256
3c6e8d55a75601461dd7ec137fd4944cd75a913b2acdf8d544461b24c384eda8

SHA512
827ded6e6a0960de7891ae797b967caeac8d9270c0746ee4de14d17221d9ee6075fbe527568d4efeaa079fbd0cac1f704d63f5ab9af8ca9f3c82284bd226e714

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
ace844aa534d4f13721dbbf2aa33a5e6

SHA1
523d2fa8ecd915a7281fca1a6b01ba3a49b53edf

SHA256
b619b1aa43bfaf5cfc352ed818c4c12e6f45e28b5a280c15e96c1d8abfe04128

SHA512
ef0e22fcc75b8626c9b825cd2af26d4beaf226e9bca2ff15d47880079d9a7636a938a1acb72f0356463b984e14d11c81fd65a7d0299c6d0030866a61442a66d4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
c05892b73a7ab89b4b9d07aa2d75cd54

SHA1
5f078158826ddec080708a6a06f6669b1a861c45

SHA256
a9770bd321a58e74c052e4fbba9e464541d55d6855d234d84bb7598183a5e4d9

SHA512
22e518e9f9eb3f7660c603bbb12ef93d9b20ea8aba2cce789d3f5d7d82511801a7fc052d07bb4336dc4f9900c3ba4593af1f4d723e7b9da36f0a0465b640d2de

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
7c4be2a6b000362003d11f8c5b4f95d6

SHA1
a676e1cf8d723b4889c784444595f06929052970

SHA256
1a97c5bf4bb9783239cd6ec04e8dc34e42d771e7ca5be1d5f1be63270c15b174

SHA512
8f4791e25449a01e134abe3ca39e5621484b03ac10a4eb8f2b56f22e569fce587cf5ef93beeffa509a52319f923607d16332be5961d11913da549ca0002aa67f

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
2cf4ca566087b20765e6678884aa5f4f

SHA1
a7b1d73f648a92975174a6477037eed6f2e2d442

SHA256
23f07c7c2aaf659cd4b8ad8d2d36b0d68399f409b1e946925b411cc397166b7b

SHA512
be12dd2ec99005bf5b2b412489b0efeab5fd88d9c83744ab73c799cd42ed0c838e3a0c087d8b0b35bf0f2508b8396f77562264484b974981869a9d9eef1c7a24

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
43dc2e0b9ca46f981fc0a10b50856383

SHA1
87962cd2ee9682027a3740927bd04198371d2a07

SHA256
e1800dc1cb39cee2bc1a64ac3546b40e5f574f1b4170dd2975c251cfa704f0da

SHA512
9769a8b7c85a79f009748f8a915e311ab9810c9c9a0c95c37599f11b226cc30a7e1fb011acb7af229d630244931d1349c5f5b8290ca91db8fcb2d8a251e397d7

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
80867b880894b1461801537b55b83445

SHA1
2bddb9df5b8b39a3a724b577c81c77c3dd5f09b8

SHA256
d94c4becc1ca0ee55411923cd2393cb4b8394c5cef5cf03ccf1b25ded694f628

SHA512
af2bf304ba359cdaa4a5801022cde2d15cd34e4d3c3a4094a0a75330dd65a27f92c58590c8554479dd6725ce5448e8b82c9d8409cd7f691bbb656e1535f3ff84

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
bf9438621c176c2e124d84378cc20deb

SHA1
88b4181ee2cfce99bc9edc203351f5fa94a572ec

SHA256
a1873621d474ae7c9e39ad92a6546774216fb5d9e80dce1546bdce6ab1742200

SHA512
c123f16a5fa1c62c0d8e7a0d94eb697f300b6a4bb88ac876b062ec98bf71e76fa911f499a4f62e799e7fbe2688d9f356f9fc144275c85338f81fb6ac38bcdc6e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
4812aeaf2ce8e063feb9d37d530465df

SHA1
6c8549975af4f31c503632b0a079c4e8f76859cd

SHA256
87e80de2e7e934aaba08008b67edf61eedc20bb816a2d2999a75514339fc7e7c

SHA512
e6864a2f2185ad53cbe0f1ea0319e1fad2b6b76737340a9af2bf00da35a49bf0d2f13425473b00faedbd12c5e1a6fdb541e5541b4f0899281f96f6481ecdaeea

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
9e6d08eade1a0a759d14872008cd2a8b

SHA1
ea41ce9dda9755dea61ddca09e82a1715312aeb0

SHA256
18e3c43342b1f52447acda4d56c54692474408af5dcf716041827233d27a264f

SHA512
68a92f90d7a530a51993a776f42f291df9a72deebe265f1fad66c617afacafab9e4aac2779271c8a61c631352cc84f541b3c282027d48e18afc71cd85ad2f17f

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
6ac93d0994a95ea2013b0ad3c590430c

SHA1
ab2ffbbfc8048224aa73e1a0efa3d12bf439ae60

SHA256
1f8037a1c89e400c7b415c3ef2b217ea2f879392454db74e67f7c1d47640d0f9

SHA512
bc6bc99c34e01f6cad0fcc4a79fbe5b2c4cc5c0247ca6d31b198b5ad2d552f2a98942bda824e05b13df00bd7d2a0d3b09aec7791441def370ebf750976d2d1ed

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
7d65513fc7553f84925c27032777b61a

SHA1
1f307c6f745c86f3f2d08955bb1af35e398b61b1

SHA256
f4785ad371686e2cc1280b0ccb11f99f42a6313e4cc780c055892caa7d3203dc

SHA512
1b94e67252215cc273715d69fd8ccfbf9ec02a90dc5fb6a68fa97da0b5b8ad2d1d4373122c560dae2af728aa7944ab6495c2b5cf7714e0cdb2a616bfdd0ccd71

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
e29bdc426f33508b8bb94650bc96cd1a

SHA1
2e37056817a248acf21138dba5e2199f3797b9a2

SHA256
5886d76084bedb57ff91365e2e85a7073b45882f71cd1a6595aa1f21fdc4a4f2

SHA512
b7b38603b39e08ff8b7e7d084621dcbb05a0c97f6ff7206d6e0097aec82d5d23a1692d16c1f399b1b1056135b7930ce7cf52951b430612f28cdf2eb09a015e80

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
f433d276d8b709e3b79ecb524c6116f9

SHA1
7e142d5856a521ad156741cfcafb35418707afd3

SHA256
d32d0489e4f0e9b8438440a7ee78d33ebeff81a37fa0984f770e27df63a4683a

SHA512
1bf84c0921e004ac2a211aa5e2ca1effe14f2abf974e532c238b91a3f99a0f40374e1f8d91e38be769d6b52a10d7f669011ae5bde31110a1626a05f76ab6f0bc

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
6c54dad924ca5c4ce44585390272832e

SHA1
72a4be30eece8a06fea88ed7a7ad113bc1bc9331

SHA256
56e763948a5cfa966505973853880ad5c06c078b0c619396d918d07e24a7de72

SHA512
fadba3178d2b1e150ddeddf8ad7c7f6b26804d9a4885406a1a966a00a2079ef5d69c5116b109b3f1ed1c55ce16235649dbe386ccdc489759a5b439cfad328c90

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
75ac30d963ee768072fc52242b9a49d3

SHA1
4b096160be05dca87220e18e5f35413a89b57ec5

SHA256
c76c858dd667529d16c73f539d3d0452b1697000b15fe8dfe6b9551b03eff793

SHA512
1dde53c37c44816519405bd6e84f8d413f5aceaf1e6382448b95aa689e77fd18da21fc2fd04dfe5b178e8932bc9a89e5c19874b79e84ab85c1e65b43cc4b8124

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
ccf8913e0e77cef298355f23f6960d98

SHA1
0ec72af2efd8fb3569563137476928fa38db6ea7

SHA256
e2a2e142a76aaf53328c7a7757d5209b46d642b9e30bb3a0cab980c93994ffe8

SHA512
268675eb280b28f9714f735fd907e21879a93387619bac23f44b5939de28d015801f98983b6ae6cb00f89615e76c61c32a0f98904bf54a7eed28470ee9f1ad75

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
5f0109dc33b9cc6dbad6669af674059c

SHA1
f3d48ea30fdc8ea2f8bf05d546e2455ee8d2ecea

SHA256
9547debbad67d89e03e3d5d64fef4845e95815aef57f7f5ac20857816539b658

SHA512
4357b7c47a48b49d5f1bdaf39745ebdbd68d6b87d5e53997b5a2ed915e5d872dd14c8640530e5c8a25452b057a5d748035bd8818075c52ed521c0a51db41881b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
73ef807a0808ccabc9be1cd3adafb0f7

SHA1
e1b5a4e1b76523675075f6305dc2dde6fc67cad8

SHA256
671197728b685ccaaa15c90a887d20ad6b4742a779d3a13d34b4fabde2b743ad

SHA512
18f3074f611bb617f6fed68f624703ed5e075fcbbcb5b402ea7076ca1d5116f67c58b1db73f4aaac6f642aa7f8f29c7be314fb2cfebabbe74f903fe58313bca3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
0969ddd610059e9c57250e3c8c5d4f43

SHA1
d6a9f323f19c9a2778b95d027106cddb7e0ee77a

SHA256
4a5e9731ff9920cec0a42d2a1a5559f11b8341935c96225893bde8c5c2f42959

SHA512
3620e6690db303831aeb4c63eea27cab5f7ae8223b9bb902320041cb2ae06447255dd256e42c5145198c5aa46cb86b4439a59b1fcc9ef82b91285ca6173110a7

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1011B

MD5
8700ec38f935d78d9c70e82963a4d46c

SHA1
e158f803f2e1b4530cd78d2f0ba92a2fbfa22b45

SHA256
0be7d34072fb8b16a657320c0a7eaa60b94a0c578cc0b63b07d1df06483893d0

SHA512
49218e6e19da34327492809317d4e4657e2bd1b0556055472c51a7ca70f28527e6b3045780d72a7babcdcf6a89980d26ffb98422ed489f5f66b4c3689a36b610

Download Submit
C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib\zlibwapi.dll

Filesize
274KB

MD5
405345141680de1080c1beed333a7d97

SHA1
02d6fb7dd2fdb8d10005c29cdcbea2c3c8bdfa9f

SHA256
995632e3238da348c9b4e502c35a130aafb04b43a3a8db0384b16daf350f0ae2

SHA512
5fad0d9d6195defc13e386ab3a5b9f3d9ca65517329ac0214a56292dcf0f3861949ef26a6182fb2c5760c3e3020e80dc3390546b2a6fc7f48829187aab9fd124

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-file-l1-2-0.dll

Filesize
18KB

MD5
60dbb240769fe9767f06132a4cd7d052

SHA1
e9d4dd1be223468313bab6264a76785a617e0760

SHA256
da74627c365c7a83b883520122412ddf00c0cbb24e566f47b6b8eda35f2c1628

SHA512
c846a71ebb5b8443316d051744c2ecbe8e0d2449674ef3a5e21d106c24670fd3f629d60e7cc5e0edc3f7f5acbfe35eee617680a8356d20dd997232bce01bf032

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-file-l2-1-0.dll

Filesize
18KB

MD5
d9b83a850b1fb51bc838fb26d5475234

SHA1
e447a77e6493529f26ab3bbaa49e6702f71d16d8

SHA256
dc4a83f8878c64143d0b743d42fc8427a0a79c55e0221077608c862a7da2e122

SHA512
336415df69c5907b0e4dd1ff559dc79514ecfd67a66f5e22be83863569f796adec08e7087b82e11650f78817f3678e869726e7e19d313d1169840524d745aa73

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
cf9bd8a7b161616d883bd7cf3268b166

SHA1
4ed93e942a6b5879f3b3092b31f24b7dc60a2ef0

SHA256
4d435ad7daf4a612742c52d24894e2ffb8999cc7485e90791e7037b3927037ef

SHA512
10a53eb0282e189b8b3bb6e16c7e8ebf45bf6c718c9afdc43d805c683ecdd21b0b9c136a1d2a5a63162f6e9ea36250fb894d12c45c30bb959b030f9087cc58b6

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
d725ed8cf3e0bbb770bbe327f1167b31

SHA1
8d1d1820ae258aa0fc702f595b02eeb2a72b6a72

SHA256
6272b5b1716ed3eb4824c774d1995cf654bd2fde8a7f15b0830f74d1a9107c5c

SHA512
c3adde893c851630f8ee4c92f3c4ba25bf4855e4f3ead8aa54080ce806434bf630569560d92860a59e8d1ecc436bdc5ca9f87b5e2190a5f2a97fbd19603149c8

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-synch-l1-2-0.dll

Filesize
18KB

MD5
27b77e3f3c594aa78eeb800b226c6328

SHA1
aaf1d60cbb666837dbbb4f5198eecbbe763a8e3b

SHA256
82c3eab0675d198bd46549d96a1779c486cac399b016d10195f9e36ea1f863e6

SHA512
77e6d84b00563de479abda03a84fd4db53fbc4c9f89f4cf1f77c9733b3e786bc662d546fb9796362aadc879b67a2b920c1bf414fc79c6f8f9e5ebcbb471277ad

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
dd556a29ffcd530fb4e70d61ee29507e

SHA1
2a83d2217986f8bc4a0279e7fa187207667543cb

SHA256
d0fc6c5e68af4792963a62903f99b588407fd690ca210389009abe4c24b9c26e

SHA512
24c1f3646e2e1d551e5d1e4f14f799c4ec33ec24092f80c1e8c72bf58a90ddfff614530607edc21c81944c0cf1fa214472938c6af1823af93a9778ae01e29c14

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-core-xstate-l2-1-0.dll

Filesize
11KB

MD5
1b03e152ca20fb4aaa67b2d262897d8c

SHA1
d593ebdc5bfabe60ebf852ff43656043cd7280c9

SHA256
46631beb0358197bea84ffb5c58a23b5e6a512090f205043f7f5109a7dc585e4

SHA512
ece722723227b07f31ceeaea8cf643b6f2a3322772912332c1a9702790f477c7186636508616560599c696c6035daa49f36dd51dab4a0cf28ca8a000ae181795

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-conio-l1-1-0.dll

Filesize
19KB

MD5
8759b054da7e199ef2c80298a5f5bc73

SHA1
780f244914b5786463359fe14b569c97eebb52c4

SHA256
79080ef3e1e6347dcdc780f85be92f79f331ff28b7dd4074d2307074eebcd0a5

SHA512
3f03d849eb546ef74fc917d28fe57ca684abb3401b14989f23bb307fb0adf3c060d4de71ca4354344dedb108880fc4d2f92bbea82fd97d94fe3b48593271f536

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-convert-l1-1-0.dll

Filesize
22KB

MD5
2da5d56035aedc9927149034ab979dac

SHA1
66aec2df6e013962a277ed3cefd0a101da7cd47f

SHA256
ae63cf7d420ad81497add192be7fe67f5f2efabb8fbff2b5474118f54601debb

SHA512
7697f14b5f63b82d3f446364f3cf2642eab01e0a3012e27b25c444a25b5312add2ebabe4ca353801b1f264b1e7d43203accbc8e3649c991174bc35531ba5beb9

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-environment-l1-1-0.dll

Filesize
18KB

MD5
8276990a7fd25ec74c82dbe4b022af5d

SHA1
7b10f72a67b334ef9c997fce942b2833db06d56a

SHA256
9d08bd0798ee81c03d324882270143047225ef9829661a6f815568994d4a410b

SHA512
0b0a0a512d2b06ac2740c58231b4bcc967da11af399feef07b3cc7b48773e7d94a6199fee9ef8d5674e920ef3d5d09f79543f0f3765cf169df9c6af0704d59ee

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
20KB

MD5
442a7d74776248fa2b3ca6827fe93f86

SHA1
7051f3b73db0e7117d1394d6c34c76a93ce17625

SHA256
43ac871aa357a150a7fdc9c5992cfd82501597deecc8bb843d62c8cbf53fb75b

SHA512
e5426d0703b92b316720ba26c8a6140911db544057bbd9f92f374585e3475830a221af4e9503bfe2b4d2abc826e848c0ab024fb618fe88f879f5704e58dce6ff

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-heap-l1-1-0.dll

Filesize
19KB

MD5
b43958a41301436b91ef8421a2f42d47

SHA1
adc4d83339d49f9d561e613454cdd40d28923397

SHA256
8b66ffe76b62c6cfbc47f7253c1e018fc8198e41e86a36a6cbbbdd3a44301150

SHA512
44de95cba232e96810682aa7cc8bb6464a317fc8f0a0e1dcadd6913c6bec28b3d0fa0b35f527aaef1995c0a9a33445515bfa35b3a7025bbefbae09f124f19d36

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-locale-l1-1-0.dll

Filesize
18KB

MD5
7cadba0db37a4379b0763afd9f4ac309

SHA1
31d32cf78208bfe8d67a8fce1f8903825162d86f

SHA256
a43597e9d52eeddcb53430aba60db543181c851bdcc44203c03def43e7d42389

SHA512
d6ec18208459e2a1e6d80ce011f7e703103c23f7bd7d3f7cc3a8237806ce789af3678d02dcdc1296c83abd47727e9d1f5d43a2129fccbbd022c506cf44391027

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-math-l1-1-0.dll

Filesize
27KB

MD5
d8a3c6ff1842408e512d77154f30e4ad

SHA1
ee39e7ec61c246675dabe62677b0cbb4011f7968

SHA256
1a6fe2ca184acb38669909b75601a220d9d5418e2540289a47170419e3472d64

SHA512
1562a5033e5a2c5b69f244e64dddd8b61b3eb48f7b61b8d14357d13babfb49c63f6b66f49cc69bebf1577130b34315efedaad2bd2519c8f50c0d954ade5eccf1

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-multibyte-l1-1-0.dll

Filesize
26KB

MD5
fe6f40ab93f957f48346749150f9a84e

SHA1
aa1341140ba2c994556b883ad98b52ced87498b3

SHA256
17c2c7da71de65272f48f01ed04e03a64ba01a674e087ecbbbe211c902b43736

SHA512
a66e02db1cab6b12d275c7ec1e01c54a60721d73782105221d4106528300669914499503a122f3f048197af70f9adf5c31fb09940687a2d347b2cc0727b1e2f7

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-private-l1-1-0.dll

Filesize
69KB

MD5
b037209863fbc57b599370526df5495c

SHA1
bfcd9df875f03e02f87aea9bff1de3621d6a5d9c

SHA256
835951ab517ddc0f22e20c07bf145bddcabb4879796417ad3353bedf5351bb73

SHA512
92d43384335780d361f3fa4c395a9dbc6c1b9f05587f36e79daa9309d4a84e194e91f690edb46ae2e0e31b16b2f82ca97e54af23fd32e3512df84e6b9c3d4f6c

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-process-l1-1-0.dll

Filesize
19KB

MD5
c47af4b6aeb3d4bb01c3d18a0b0b1540

SHA1
5ec070da79ca0d5948fa2524bfe76b5e6698226d

SHA256
3ec9e2b7f8be601898b4df4d0af6fe7f49ea29f3da98984cd01557e4ee7e8a17

SHA512
4d8e292edfcf78a60f3c6dac73e22a2db71bdecf894fd6578e983dac4b4a3be40af96c36779ac6e433f6bca8f982af5ecf4b5e09975d2e567d42c8bd178e5a1c

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
22KB

MD5
ff0788d138b550245a3e98eaae40cada

SHA1
3383c30c3b08a38b1a828670971f5b47e6c68582

SHA256
476850114d465981f7dc0d92324853e33ee1311a2c9c9925870f722ae6b768a6

SHA512
9f41cfbdf12c253f07b1bfccacead8c47e1a854f9c29843ea52e545b0c430e8203cbf7c29483838a61b5bec53d01ec2425e4f6a640cb74027c17a7d4fe39b6b1

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
24KB

MD5
b036ca3df041b78b306ea1d8093cdeb1

SHA1
c99eb13f6da83fb6d50874948faef0d2070c2927

SHA256
18f9ff37df995e6c528601ad0830ef2f09882941843382161236a3419377badb

SHA512
84c77709a8bb0e6f638dafc4d475559f6eb76b91a38ec9d97f53fabc5d90172999a121858817487cef31a6a03e032981b514d60975455c7d89d88dca0823e89a

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-string-l1-1-0.dll

Filesize
24KB

MD5
7be0be8b8dca17a38a3dd20e3fbd43d4

SHA1
468224116b040f480126ab17f4c74748852d6cf8

SHA256
c47d30f3e1d23b00063c6f63e0e8f8d4615f09a0a4e49d9ca6ad7d076d26d972

SHA512
13ec22ee130efe14e2efadd8fab6792c5fcfba189514d945a2a40786d2147fb6177a82883f96699a53d1843cfd98e4ac98a08652c12770da704cd8238c1fb6b4

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
095394a7c6b2431f22de81579ae45252

SHA1
ef17b32b3d6cb9134275e6455fbcfc06ae1586cb

SHA256
a6fa593846bb33eb0152c0eaad1578d1a5d681028528f13e9a27e2ee43bf8ce0

SHA512
9be758513b27779ae915551cedd10f1e77b560d141cc3c968ad10b71d1ca39d7a806f35600f5676ce31894342fb03625091cc16a7f8c158e016c49d69ec2049c

Download Submit
C:\Program Files\Microsoft Office\root\Office16\api-ms-win-crt-utility-l1-1-0.dll

Filesize
18KB

MD5
366206b601cda7fc7c367fa61ad29d5b

SHA1
eb574edfd11aae90d3a52bcf52decdf526d6aa31

SHA256
64dbcf143659a2d7e8c0e153f9c49b8538e3addde5082a44c9b6155bf63214ac

SHA512
2e59096717e2cf33d9b2ed240c2dc68025bb30bd3d713070eecdee37c849ad1d34c5a563718a19f74c969659a0f2424ccfec84e405fe300a77974738d59e2781

Download Submit
C:\Program Files\Microsoft Office\root\Office16\concrt140.dll

Filesize
324KB

MD5
9c45b79e49da43823b8ce070fd773faf

SHA1
bb93a9f9721a6405b21ae7577a47187d8ff9ad40

SHA256
5412bfc73c30f6f4e7a7ff0c25f82de6ede6e8c7a035e2930325c25d887953a3

SHA512
a31cb8b84bfcf8ab08e48f447c7efc91640d2c2ec13720eb53021e1990e4acc1bb3b32ad7131b06e741ad418465c2371193507cba114846a9167c67740b05ca8

Download Submit
C:\Program Files\Microsoft Office\root\Office16\vccorlib140.dll

Filesize
358KB

MD5
74823f107377c01480a61551f838507c

SHA1
e43d7d3d20fad8d6a214a4f164268005b0d683a8

SHA256
6ddfb4511bd9d67d25b969c331c15ac3ad0a294bd1cb2e251fa765f66f0db281

SHA512
cc05d4a7eacd49e050a3a5eef69e4ce1568713ae92188bcae73784b8e64a98ae8892553dbc972860c4cd10e0e3ac49c3cbf65903282033ae785721b5570c18e0

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\mfc140u.dll

Filesize
5.6MB

MD5
477d07c18a6ac0b4559cb65620ce222e

SHA1
6f2e197e1351f8d4e65759bcb6dc04869e830cb1

SHA256
59ac6c053bafdf43f534f9597eb8960f21173193b3ecd8fafa21fe7491a2c678

SHA512
e092ab55132a1afd33dbcf922d7b8c2d3e1918819221ed8357104a16a4532bc33c38b64171242c3e253634812909d6f2a70bd3b7bb14f97a118648cd95e59958

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcp120.dll

Filesize
644KB

MD5
823a998745182a6ad73f67b700aca5e2

SHA1
addca21684349ade88d2776393f614e61fec0793

SHA256
36579ab0cb4c542b22e9dd903ec57d9707d56a7c02b80d9bbeec6e887462cad0

SHA512
2931b773149e544ed964e94c8ec2633506c55a83c255d9578b1e74f243d42e506c67b59d92ae59fd3ee8c033f497e534c1dc0665430f755f26c76b6c6164f5cb

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcp140.dll

Filesize
613KB

MD5
2acf2e61c90f39f02ff9fa43994302ab

SHA1
4b06c805843eafba1e7c90ffba856acaef8eb413

SHA256
1de36c30d16509170400aca9c1cdf99d48129bd1047adc93d08c8fa9aa185d0b

SHA512
fc39e83cd41b4f12c92ae2a26908ab1abb0025c0dcaba853b39d67d2e1305aa6ef08a4ef67249629526782879100356c9598d130631e3aff4c66ce6f1e979d7d

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msvcr120.dll

Filesize
940KB

MD5
3edc18162b068537c221bbb908324353

SHA1
7ed72d7e169b178747f0f314bc4c14cd1a6cb53c

SHA256
743be9a7a69000cce25c210366555acf98a6aeb9847e6352ec59dd06da83a074

SHA512
dab7ff3736a22257c1a50f9793e3031750016012417074d4bd65a366fdbcc0712fc86371f8e1936815526cecd54e2dfc9bf25588d8fae72444bbe82043c6416c

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-file-l1-2-0.dll

Filesize
18KB

MD5
417b48499a20db443c94bdc74417ad6c

SHA1
bbfe8add712d9ac5ed1d2b12ce9157eb07dac1d2

SHA256
b5560a7d14762dc225b90169eef5cc3afbd0f6dea2d5f67c837c92874ca9c20a

SHA512
5e6ea6908642629afaf644a502ee63d52a4d0603bc53c12ff8ba17901f98fe03ac09871aa3a339a41bdf76a30de8349fc568782f9e397d0a58d3ad38a8df0b90

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-file-l2-1-0.dll

Filesize
18KB

MD5
f54778f455e3e7be79a1d97fd8ac2de7

SHA1
e880797163f49435bff79f4161fcb19fd92ea2e9

SHA256
d26aaa7134e42821aa0636f621f22a3088bd73d96d82cecd239b74b03d68efc8

SHA512
f69392c809dd616c93720f5e85692102e24fcc77ceeb1f0dbc04ff46e8fdd56e6fdeaf1a715d4c144e3fe4978c6f7520a4acbc4d382c7033aa092ca1fe3446ef

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
37387a0c4678206ef5db05648d058db1

SHA1
c50dd5a0e2f8379ff053b391adddac192758a271

SHA256
70b54324c6175bb76462be2d7a5228deb2b192b9fc794a75fc08c075c52c14cf

SHA512
49fc97b27e2ec3c3f79b06092130e1ab8c9ae89e564a581c945584dda0e28547ec6b5a73639d029794c7e539a9cac95260e18e790fd916c9040c3f581aa96adb

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
69cc8f5fc0f2b6424c17e8e871c79387

SHA1
01dc01ed7cdf606e058692c0b932c39093ee6d20

SHA256
0f62de76d0351f9983f6db4ddb16dfd7ad48d6d06b51e859f3d953e847135409

SHA512
4822dc5ed93debeee707b0158fa75cae41386a6049f0d81bb161c8d100526bf6d0ca2b5b794d81a55f3c39aa83baf5bad4dfec1fb29c7440a3ca22bca7cc9c4a

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-synch-l1-2-0.dll

Filesize
18KB

MD5
4ce8bf1181ee56f668e2725ab6cff9b2

SHA1
534a5e001ab6dffdf7291c94d95e19d201e3b2b8

SHA256
938a9268e665cad25f77834869972f240f9bb2040d84cb2be0cb0f3ea37340d1

SHA512
0d40556e9d7f8d78daddf77e26a67c36e2e0b3856a32320113978d8f481daa166742fd00debded8f3d211bf29129f118be6dc39ebc3cd2a7758aec1ebf959b52

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
ea6039af0ebe61f4f8ce57b9aa741438

SHA1
ed19b3a3d027d1a560a3fa16b54d73dc954836c3

SHA256
9730a32806a7f999e09b6afe8fb87ed78033f46918c612762e6c8e321bad202e

SHA512
9198125dad943e3f91e5fd0471c8628bd507f8148aae6b6d63c617d44708ae6f38702e8ca37828ed683b9c29aec79da4e7fc011e639ddcf71171cf80fe8b819b

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-core-xstate-l2-1-0.dll

Filesize
11KB

MD5
82751f3a7209dd699d7729f643cdc1ca

SHA1
9673f0208c2949dc0ac48ae1cd3612d2096839dd

SHA256
036397c629df557a513aad54617873fcc3245c0e4be7db953af80f8ab2e74b39

SHA512
253580d01fb5106977c47924520237506d38b674c1a166136d2608d06e01fdd7d14ca1b1c6cea927c0c444661e19e88ab5b7bd28bfe68e104a9d2f90d41b9bd7

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-conio-l1-1-0.dll

Filesize
19KB

MD5
f9a1cc7cbb4770dc7ad341765922eb2c

SHA1
35e3ce78045e018cd981fea29f134660ee7a89c9

SHA256
a910d03c236d17f3ba3bf10bd211ec62465f49f70112f3d38d7b468fe0bf7346

SHA512
d3fb494ac46ac4d712fbd672f3458c9fe9850bada10d2668e12511dabb62de298ac2dd8e00f582d76fe01fd088fc14a0bf27050775dabbbaed0ae61ee7a7455c

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-convert-l1-1-0.dll

Filesize
22KB

MD5
4d5eb0baf93ff002737b16c7ab899193

SHA1
cac938b1de6a0ac0939bd67b09a758e3b8c2c41c

SHA256
bff3c944dbcd6824989db463aba4103f6d0e08b1a83b859feb7f6f68fb200ed5

SHA512
b34204b28d07be542489e146a8d38e71ed2e34e1283704c7733682a811dfc1e0304dfab569e373b8f74a36a77320f90b4aa0d4b39cff48dcb82fc8794bbec3e4

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-environment-l1-1-0.dll

Filesize
18KB

MD5
3d943455bc567a7d9a90dbc93bb796e1

SHA1
e0f13570bbdb3c609f59ca43de5a32831c1ced1f

SHA256
4668f9ed3f5f95c3497a6cc3c0529cd2a278a9cc867229b5e65aa06d61da7fb5

SHA512
3f3665c4ff3809202840bf9208742a780457b89f83ea4fbca2883d1cb57654ccaa72baef7a52d60c7ad13853d79cc6d6d14dee587c5dd7000125e8249609328d

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
20KB

MD5
3916a9bcb92c2f2732813bfa66e079e0

SHA1
da6f9df8cf70200569ceef8d33d26cfdc06ba150

SHA256
59946fb8d89c6d730895b3825617b32a61da76727e053b5631ddd1d381cb7a00

SHA512
e9dce28d26a6510f4b941d0cefb6e1f966124fbdaf04b5cf1800f8b4a396cad9ce82b8357e74ff723b9e51eca1453d64f349a7a316e8c6251c01fd6618cd69bc

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-heap-l1-1-0.dll

Filesize
19KB

MD5
7263aa7fb98a870a0c0604b9068b1392

SHA1
9c5f03ab90b367e7322406e4748a3e6cd7a4c9db

SHA256
40ec62596b365d1107b6da705856a4b2483beceb0389a9b5d566af679c51a18c

SHA512
8f06969a2da40a193719cc4642adebff28b78ff4b41e548804ec3713d3e278853634ff340a945dd46048be22b922ffd2f6d2b82e0fb279fab6b43778ed6c8e1b

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-locale-l1-1-0.dll

Filesize
18KB

MD5
141fbcefee4c921897afab986f6d5b29

SHA1
1c03e72c32bdb0ea6b95b4e0876ac0fe1b0f9a45

SHA256
233e25008f6f3220aa844a5a6dec086065d43739e81fd671f34d50ad000e3575

SHA512
27dc79101548f35e0072e6ecf83eba0f904452fcbc96dbd9addbaeda3fb3987f589a05f892913cc99464f2de5162ce0614a2650b31d8b294106b7605897365f7

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
ca751695d62e631aa8377599663e79e0

SHA1
59f48552df06999440fae86f9cc863a17e05c848

SHA256
3f5d4e2108d6aa09c1298c84bf9bb1b27529e9b72e50d9dedaca7505390ed2da

SHA512
d8cd28f91a108dbece5cc776a9c52fdd7c13ff59ab38e0092703a2a8cd9ea945f806f04d0db10e2f4d73f6b18909d53645a42e52f64425cce888344a6cd7c64a

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-multibyte-l1-1-0.dll

Filesize
26KB

MD5
656c532102df8414faca58acc96ce854

SHA1
dbcd88c13ed261937986348d351cb613a59f0899

SHA256
3bf8b400df047efadaef91b3747f442cead015f5c81459414e4e0d1588f0daae

SHA512
a00603c789900920fa41dcee9bd1ac895f388a0a537bcee7390cacdfa8027e32c684a6598c76936e9acce1758f22034d616a3ef3bc96639be872dde31be107e6

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-private-l1-1-0.dll

Filesize
71KB

MD5
e0aab08e65e89633dc05ea5d0ad85cfa

SHA1
baf7503ee8c040615eb9a174e99e5694de812cd6

SHA256
c6fd9c08eebec58232317f23fdaface3a3886107ccf377fb634899b818b77c04

SHA512
039e282539218f46f5fb865ff511ddb2026f168b9e3d804441560955a8840045ecdcc0284276ad0acafd596d29bbae073bb1aafc731b14ce5a868f869094dc23

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-process-l1-1-0.dll

Filesize
19KB

MD5
63f8ceb56675d2e7376a98d22c565da1

SHA1
360b1ff75d9c7ad4d0bf73daabed44b8b7acd648

SHA256
1c51c43f1fe2710714c9560496c70060a707bedc7fadf97f3f4c8528ce303a34

SHA512
10667b8c2b7c26100a6333906f7d84787acf62c0e2f3c610354c26c22fc939f056dc93895c22e6e0291b3e4e6f3186af1a24f002a91ce12db54d4401c327972c

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
22KB

MD5
b7587554876fc1dcd0269dcacf0f1019

SHA1
3312a86777bc101e425a9774926262c89041b55e

SHA256
e4881a0e4e0444d70abecd56e2f25dc7fa0a88eebb39bffc7a28496e06d79b21

SHA512
61dd789d1f2068d73c63b1e1b9682050188f8804d972b1dc8d515443b3e367651ea1366a41210d749babc5f3c53d11d62809fbd67f23c1bb19aeb29e289cff66

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
24KB

MD5
647e50b847c72d8f4133b6f5e803a3e9

SHA1
88d103889d3c487e2f9cb87d21a06c47e82c53ce

SHA256
77e1d59887b8e4e6579ffc3a3b8e8b3334848e92dae540d0fd3b7304b23418b0

SHA512
d89dbae1fea584639fe159f61398a25a987e2b78803218989ce351e91d89a5632d7b02e6663288f5a8e605e0ab9b33ce0a7c91fbeb233711006ba6791b1be340

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-string-l1-1-0.dll

Filesize
24KB

MD5
62382846cb5c9271052b6537322deba3

SHA1
ad7b3ad2d33d3710bde69dfda3eef0e0232b92f0

SHA256
41da8882058b5e23c9c3d0363694126e99ca5a7c2d6db996af23a75ad6bb9838

SHA512
e8293df9cb64ece03b811f57143a17bf0e69f90d73383812bb12d082ba6f01d5b32bfd9a35e699a7c5221d5916a1477f0c1949ab1a4b79d24281482074d9db6e

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
2111058ff6746ea554e05eeef2b3c8e4

SHA1
20bb8b2051c863b085cab75865b578f3d13476a4

SHA256
fae39a2316e2df9cf989379b4f4b2b34b841c318ed5d5a4b3839ca3cb35fb7db

SHA512
379dc812d6cd57a980f28a608b992fc16974b97dd229cbbbd75b4e1a13f68caa15899361c824ff0ede9dcf009f0dc82e931906b37c424c5ebb4707f6b981bcc5

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\api-ms-win-crt-utility-l1-1-0.dll

Filesize
18KB

MD5
bf348e85356f002972ef834b7a82a4a8

SHA1
43b6fff4d92ecc805a7790a99f126a8e04370fcd

SHA256
441879383cd450ac11a2859ae584e29f1d2f6a53449c46ad1de6b2e0a86b0f8f

SHA512
7749ae2af71f13cdbffa87e1bd57f6bf8b8bf9cc88ba59e93460aeafdcfa07b6a6d5352e318695b2597b093991b9228916ddcee9a333dcb6e4f665d95032a894

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\concrt140.dll

Filesize
244KB

MD5
0b214325230516bcb5e795924790626a

SHA1
4017b2689062a063ecb6de5e875d6527b2521c8d

SHA256
cdde7e5822f8b7c47be1bbc9fe92ad8730a18ee32042480f49d05d955c8564ee

SHA512
0d9e40c98caa00d0cdfcd5af192b4978edf904dc0d7dbe1bdb42acba5b41e7fbefdf7f8cc73700fcf5b0572495a4c42efc6c0d3ea7373f0aead0cb76a445aed4

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\mfc140u.dll

Filesize
4.8MB

MD5
9feeaf2ac2f238090a1e6dff138b5290

SHA1
41a1e962bd3835f45d4024a5e0f4c5a81e49d01d

SHA256
4dc9ef8d49847430bc2492f988f369e8667d75c3cdbfc240f3917a9bb6b05932

SHA512
54dbd6a403cc8f26aa155fddad2f4e802d440bfe5d2525e789eeb833b891d9442f255c8208fe8a3cc23199d970860aeb9bf17a2fe4178e3edd950156edc877fb

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcp120.dll

Filesize
444KB

MD5
88b226a81625702d574bbf1a3962d7d9

SHA1
6066e9b49748be3e003d680862694da28f0b8091

SHA256
50694dc6013441f83ab7cdd925c8b604b29c97f3e29c345afc1391630a583eec

SHA512
1c4536ec894a66bb22dcb34c0a8aa1e6ebc03f880f9b2693e762c712d000cd1ba626048437d13db3ed7e392c892f8e2d710c85204736aac7795fa6197c79f7dd

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcp140.dll

Filesize
439KB

MD5
741e688760022094ba79304b2fc4d5a3

SHA1
22b011199b6761ddc77d6a2ffcd526fa0f5f7977

SHA256
37940ccbf4b4bbb9032cfdd701bac65c9b35def175ab4d00f1121015e32a3ddb

SHA512
4865e6fac98d63cae81db9773f5526cb0a5c3ed57d3ee8bf1c250b4349c7276db92ff927742cc0227b66e06f6cf06aab03fff3e2bdc3c2c07290ef16f3d89152

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\msvcr120.dll

Filesize
946KB

MD5
6ff93adc30da9096e547e17fd5b607c4

SHA1
181fca5875819a3c116682f6608976f55b0db2b7

SHA256
5382dcb245ee5ffed6d839e8232593ed16f33815683de6be71f5288cb89b2731

SHA512
a1aade25ef96deb360a71e00b9e23c972d2b099ed032faae7aae46e44ee29e1d7f350dd9c5554691b079c6e523cab619b4bce52318e2bfe54b70f278292953a1

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ucrtbase.dll

Filesize
879KB

MD5
2bdfb025a42c1609330dadc310fd87b7

SHA1
ecf8686b460ed092b94783a8b1cfe6c45a8c54b9

SHA256
b5e2d5b9cf53ba64c792aae93ebd9029e10f76f6685e02af2eb2246e336433b2

SHA512
d32dfa31762633b1cfab0205a18f750b4983c0e0c09df94873738874bef73696e563cc2cb0f05bab09c6eb7a8f675905abfded3d87a2f325a0cf33215fc18a61

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\vccorlib140.dll

Filesize
263KB

MD5
0091771162aab7673e1aa9613d1a8fa0

SHA1
7f1f959a88cb4c5c6708993b3c9e89d8e8b0c51d

SHA256
8a7895d59a88f29c40232f4563999d0ab9d5c54020a6ce13416524169b399858

SHA512
97d612e6cbe835dfcb0906722e4072c62ca52f1dadfc8e3df451d020d8b12faf0b258f8d18f68366437a6728053d08d80f46738b1043c87005ca0a13604d3195

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\vcruntime140.dll

Filesize
78KB

MD5
c0db657a494eb49268a8e61c1cfed630

SHA1
f147706f737526628d083f7c784dec039b7d6a02

SHA256
c3a5cadb5c1b50f311465a0683f60904043c581336e434369571872bb7be0d63

SHA512
215acf59f06ebff865605f68c8cc1b5865d1020f8d28630ba315ce2863d43dcaf267a04312482b97c402fd7af61722de59d51fcf034026e9d8a9eb3f9ffb4bf1

Download Submit
C:\Program Files\Microsoft Office\root\vfs\System\vcruntime140.dll

Filesize
83KB

MD5
405eb3ce3c0f541f822795ef6e4e6220

SHA1
1170ae24f61daee6b051289fa3ae6c4e2627970e

SHA256
4b90e2138b4c59ee5e9b8616e00bce6c44c8d23dd44680d74727daa8fc54d37d

SHA512
44d9b63411cf31cad04923b78e3e50812e26218e5d7bef6767af055662e23d0d775f9e804b2bed5ba938319ca90a8669796735b65ff9d4d5cf4e459d076db798

Download Submit
C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-001F-040C-1000-0000000FF1CE}\misc.exe

Filesize
1014KB

MD5
86d43aa1f9b47a744e2498e606cea49d

SHA1
df2b84144164b2ebb6e106565834dac953e43f21

SHA256
00c7b2b64a8d2087b2bc2039b57417bdd1bf04b3db02ff6bca412d9a8948b6dd

SHA512
29836b3be06423ded4ff481d9b051dd483a3bc03acc98a6c9dd4d694970cb45d1102840f80a9926cfa065b8fa342bf30695518cd9775de10e18f1ec5eaea0423

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\Microsoft.DiaSymReader.Native.amd64.dll

Filesize
1.8MB

MD5
5820ec28c14c8cadc83a238f4485f0ee

SHA1
b1457ea961ae8c1d4b7004c17d1b8aef994627b9

SHA256
6a7ffdf31c627997725854a56d45b5b7e34119d468ff7e7f525c0b02d7c70bc3

SHA512
6983296fa8d12868d759c67247eb5d8638de4a0c18fdcf83e802ae7b142a129b858de98238e8f7efd5149149afad75a1349491c35f7d3b1e24b418d040486172

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\D3DCompiler_47_cor3.dll

Filesize
4.7MB

MD5
f25018342463ca048bfebc4adf501f3b

SHA1
d77bf0c44496f3c6988cfe10f2330ec584806139

SHA256
eafa248467cff98a63ed0a40040e4496a91bd4c7b28864a6d7a3f9c3f5a15709

SHA512
50dff31834ab9380b1ec246a573bef99786796bff5dcf81bf341a068a949465e1ff5ebffe6db4d75b7ffadfbf0c529e2e3eacebeec7bc2c62cd666e85222bbb9

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\vcruntime140_cor3.dll

Filesize
116KB

MD5
8df75a1382cfbd8380d1692be47903ba

SHA1
163d9f116753cef4cb59a02509dd6c34e73e21b6

SHA256
a4fb64843420c097968c10a696f549ae1e91b2c4a8a1222a60d1a6599df0e46e

SHA512
ea3786a424e1e5c021b8732d13dedc89913f37d701ae2cc11b8b5111e5a679da79784cee6b43a30c5893be6a0b6d2481845b5f89f33cb3b96b53d1fc2f0a1faa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn2\desktop.ini

Filesize
174B

MD5
1014447b9b3725e19ede1d01d0fe430c

SHA1
90ff6fab66cd3653e205a6ee61ba992d6093a92a

SHA256
804782b3908d79b58377c919ffc2ede2d2e7c1dd1923e878e3d6cea9b6999e67

SHA512
52b4187694423723f149c57b481dbba5e43e75ce75d6b4fc8cf5378eaa23ef673501ffc140c96bd28f548dabca6017af2dabb5282e7b2035c3d43a8cf569342a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670753904038769.txt

Filesize
77KB

MD5
d938391a700c699091fff186e22191f8

SHA1
6c04f973e5989c691d8903e6c3fd5f4983188d49

SHA256
fb4cde0e68f5af424ebcc4febee37451749664b6d0a469890bf7641f7e1b83b4

SHA512
583ba1be6b1c1694c4be4b29b4d33c0d1f3609a8d70a4536ed87d5a9353d337ef104a3d7555c6b17938a16081bf3beb74b5b09eabeadbb15ba3349c600ad6e88

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670754799667567.txt

Filesize
62KB

MD5
0dfd888f3b4406bc329a10a1b61da716

SHA1
1e267874ca324a505974046713e748ad68393965

SHA256
fee4cef484f1b1bcc691deb079f2735db264d4286c175fd8bfa2c5213c8b8243

SHA512
c327f3803b53122a019619a0f17dd11a027a0b63b6e8cf8851ea0b13188d37cf10c1b87d5444069befba22d5f50f4675ae221c8c49697d968f4cca23335d1c93

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670761839928108.txt

Filesize
63KB

MD5
83a15e59ff43dba54ce553f2a76e8f2c

SHA1
10a59f8252f7e2c6e2b38246da20a466618cf959

SHA256
8b3258fc828ccf169f569237d77bab8b3b0b083e5305ca87fea175d37fc3847c

SHA512
275b939db5a25c604413ddad611e56b1341fd273737ba20df550348347039963719233b68138d5c1f799dc6552848c5f2dd55b4c91fe3427830b9a4a07ad94e5

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133670764416908406.txt

Filesize
74KB

MD5
43f538b4b6061b7243afbd9d49d15aa0

SHA1
ebd3a6ab8b7b19e275c6dacad1606bd83313e06c

SHA256
0829a6fede1b9bda800acd026e3e3bf0c15d7021a091445115d21e4de0440fd5

SHA512
c39b944387353170d83813b780ba611e33639565a2bc5324785845fd14c6daeecf81f6ecd9f8874b1558a9bd836997bdc6443501c128482b0bb03d6592916888

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini

Filesize
170B

MD5
9450cc10c1e822d9e62f0da1cb5d501e

SHA1
8153d411d3d1bc6a53abae631c51be5822f4b005

SHA256
9b21b49c8a327d3ff6781a1f9cf8c1fa3f321cb91b9eda6d70018cbb49370bb8

SHA512
ebf9bec130b9ab35e8cfcb9cca2e9f4366156fa0998c1fe5aa017c1a0cf32b7c6c7aa1e3ba295c08a024e6ddf655eb875f92be18c778a5f189acb1da97616219

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk

Filesize
407B

MD5
c37efa7571c524e0d5f3acbe66bfd1dd

SHA1
490a6b39088bcc802f1974596133448ff93b849d

SHA256
1fdc44a68adce5e088e0dbb9cf587ecb52ebca34009193f5ccfa1b20a5b60deb

SHA512
f47b0322bb97d5bbea1527cce0c6b3c1a8925d5ac545b841903413ef4ecdcba90e33a02c12f7e0f22b7b773979bb96815c8095b3068cd881c5649077eae16461

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
697b6ca543ccd08e489eac7998077f5f

SHA1
ac9b33c9a637853a961138236c596881e59d4102

SHA256
c9f4f953c1dc0ada593d566a6947e2f8656fd5273325c4f5c6e8af1c7de814f9

SHA512
fbc347bb4e5d4b66d4788ce5df1389a1138a9a773e6cca325c6c273b54dc5c0fbef2b308e2b01ab1c8caf3a6fa21b3d2c2092695b4b250391cd728a82148a12b

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
63bbafc0b6a47baab2c7410d8f85ae48

SHA1
528fee80d0320eae378877090223a69841728c2b

SHA256
5131f82512beb4cbb890dbce661bc55b102ca3dc35b0e21aef8ecb79128d39e0

SHA512
ca9012cecc2fb4c21737332bb2ee8b72c0bcdcc8ffd90bd055563def3e7b51d204418384f663a583e930a2005b3d501f97a894fed3f670e40a0310b9d32020f6

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
104ace0849bf59780fafbe9359e6f13a

SHA1
2991ac972b804101e39fae7c90eb3a49ccadcfef

SHA256
d28be916de74c48d463aa3ef66a0f8ef04b962edbcb847e607de4194d574ee88

SHA512
7104336ea6bdeb32ff2a57c4216472c49533471f96ca6bc05f9d7570246e29dfb0b40a9cb857b0f9a03a0e2f3f4069aa68ca2768f87dec780a32eb007432146b

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
f22f3db414e7580292c8521d132128d9

SHA1
8cd233b3bd20623d54494736e58759cf091d3aeb

SHA256
279f5d565cdebf4259b1b2189b8f73eb98ccf7fccf57d34a28115c8f5b4a0389

SHA512
4d4bc8d0bd19433348409770f8c24766ecb659cc7676aae95c220427f12305abf3395def6638a528543786467c42aa8ca93eca38c90228bee8fb7fbfb00c1940

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
5feb0c527639478892ad364cd0ca8394

SHA1
7ea627f82155f7a4665b02bacdd3c3156d878877

SHA256
7e3ded1106bf80a887f075b289398f66bfaafb4e92c72f84a9dce170ccea9d2d

SHA512
d5ab84db283d0a5c3fadc078b5f8c0965992f8d4e400d1a53ea6c92029b55292c23c7174030b2a91b2d75d2c44707b8e894247cf7f64d9f6ccdc1ea166bd05aa

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
452f67b151096bd8727728f5aa4028d3

SHA1
a9bded22cb974c68318d7a99fb24f125d39f73a9

SHA256
5d35b5da5fcb9a09b890d413832c61e5680e652c01ed63b24e00476821a2e98f

SHA512
60f34d44881091c5b6eb850fa5af285a4953a726340f9b2fb893412740364369529a5875881ab431dc469d328b4fd4f72010b969d3bd193d8cfddafe53f00fa8

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
d2b907d04566565f73a5f80606623c10

SHA1
7796119be6d4cd88b7350f894574488b8d763dd6

SHA256
f3aacffd99a06d1812ddbbf22eea7fd8ad9363a22b78169d513086f49db2ee46

SHA512
1b511a65bf7a289fc8be028e79da5f3ac68933f51daef5558a8339249ebce2e9edc9c6a47e2c9867624c9c1d8ee75352acff569ca5a7563da553e463e0e61901

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
7c08d45b94343f5a61628e8056d8f59a

SHA1
f06e4b483b0ac1249ac40774db53dfda9ca602c6

SHA256
2cbc9e3369805f469862b1eec9dccac07ab8c45cb3da39eb4ed66efb43bcb040

SHA512
e2209cda0707bc8aa2469152ebd4d0e58d59c0c562bf7a9fe7b5e2ed065ee55ddd4161ab9887c43f4a62bb32557cb8fb82db70680cb552d1d33d9557f72d59fe

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
dd7ce21b0f3e984af01f2c18c69571dc

SHA1
042475689401ed3c9c88cbfbc07e2f306cfdb5eb

SHA256
bb00f94caec8773f6cfd142e47ad988b4168afb89bb6207a6006ca9a9233afdf

SHA512
81d546880232d77f4b915be735c8c5325f07a186ad059d1e3fab731788496485bbdfbcd8fdcd840125c737d802e249503a0b0c6ed781d42fe5be045038a65e87

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
856cb9745f2278f5129f4014ef42a269

SHA1
d4a1df1c0f973574673b80fd4ed9631622fc629e

SHA256
61453694fffefb61b9c559e067f8ae5861e787e2054adecd73a3e40add624de1

SHA512
4f5451eb79610f4d0eac46be27c7eeb1db3fb8f4b02fbcf77a9edb30617ddc16c27dbb2864e00b4d8dc03152abb8240e8fc583f148e77f20c71700e4d083712b

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
e5bfb622fab6cbe1b6a516eca33a4271

SHA1
d6344ab81d06ed50ef99640e7539789398974d63

SHA256
92ba6159dc7394448aff78734c663f6b3571151ef3d17073846fa0b44438fa5d

SHA512
4a4bde98a55b89d592b3cbf92a2e47d72d0ff60d70bfefbc75abd13f8e11ca00774946d7958e51cd0e1d6232bc36bfe0a281a000aeb50fd9e234f29a6535fb5d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
c2da83d4a3a14c32e323c32d48056eb9

SHA1
870a8f70bf2e2fd787845cb96918fee11bedf079

SHA256
045323517e982da18451ddfe3139fe907e7ad80eea86ab42fd6984423d3f8de9

SHA512
d8aab09df41f3571a3cfad69c46a0f5a09270daa7bcce0c0b855f179f7c1892115837b98c2fc14ed1fc167a21b6cbb1e27425bc23bd25ea79ef1673ac47b6ee4

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
ffe67b587c756f55af4e0bc2ec044e9f

SHA1
2a80aef31e97f542c7b4d3187177461f3881189b

SHA256
7fa3849d2700a22d07774acbf2c5b220c3852e735fc602d392c6ccd601486020

SHA512
38c5cec746666879c14c343c33ebbacb5b4b1686ffc625a95fbeae7dd58ceb076c3fdcc92e38f618d22c7ba975fec114312463f1a7925acaf444dea0640d07a5

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
7c00853c1e51c8ef12bd34611f7f7aad

SHA1
d224c68df33e0faf385392425033260835b386a9

SHA256
ca78d7b6d10c005ae4339a14bf3fdbdd930a451810fbfc71b1fb27647a2f3e53

SHA512
055b1df00c523f7ea20379ddb1c06380f1413db410212ed01aba088140a84352741e696871e565d60fdd87b2fa9f6dd30524c3cc80035cb08dc030aae6cc9484

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
7f5fe93b1f8660e39b2dfe1e82d05d5b

SHA1
e7d0b10ef8e4a1f55d7ebc91e62f4f52a4590425

SHA256
c869da1a75aa0319d43634e922eed924dbc865de2a82ce8d3cc301e995a22e0d

SHA512
fde39bb510cfb29d35cc2c25f6589c14097261f1c9a7523e1d42ff09581db74f054a1fef0b176dab3b055b9adbca48dc3b75db86bbf0c4b23cad07e3368ffcbd

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
75ce687545f15fa431d4004b263466b5

SHA1
4cf7e7c79d2ddc0a07d97cb69d7a27f4f532545a

SHA256
0c9a3db7e8a36e55831282a4e021703f0c452b21176a8452fdb37a102b8272f4

SHA512
fffc9d851b2e88587a937819998f9a15296922de9b23e660120d0d468a375f38a2b4221f277b1d4af69448e184f98100ec58af55e3d69463597fe6ef403a2441

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
1fdf99fae9ea1594641f89de7f635e39

SHA1
d0d0ac6bc3161f80adb380db665eb3817c42373a

SHA256
9ba88ba7cabc4c12c7c8abb36c31c808c884229080211c5670495b3e3f22ae04

SHA512
7fdbf50babdb3aa1e3451e064b9f9883888e8c33c4dfd7c46fefee477dd4469c1ab8c9990957e8759999eed3d7448cab43f43f010964ff8bb1df657941e1f9c3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
a4d551f03b24e8351283a9e95d55eca2

SHA1
85a3a77d808265f865c3b6c4c6a73f2c165a7e94

SHA256
26a72207e69aa3fe4994e2a649a957fe94bc0df4b3686d5a68f1ec6c808a47a8

SHA512
01901b5ea37af21c390735854cf9cd3abe5fe0aa11f6837b276e8b472bd0b10c10158767d2e61b45150fa938cb935d53b149b260324b40bfd39f98ca8a919f73

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
a4049f8567ad894d65a01c3af4e461d3

SHA1
a4c2bff0455f02c86bf3f0bac163c6dd40152f02

SHA256
fb1391a6095c8f37b461e1c40ff1bce04b59ee1f4d2580356b958ffad29110ca

SHA512
2ee8946c8f897728e701f8d7e05c7b40daf0a697b2c420c0664d05a99d40e2046c7a69aea7dbe1c57d14ac807f08683e77f860e4d569873b88fac9c5de79202a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
711595efaacfca7585fdebe1f3e33d64

SHA1
5088080089aa0454f27c5cac6f3ce0611699b969

SHA256
8fcb7523d4d58ff3ab875748cc8329b68576b0a6134537aca1549ebe1b629d86

SHA512
c3f0d88c61e9dfea5b591329403398d238e948f2f683919887b08696591647e5b08b9eba4806912df07010620b862827d9d45e6c44d6742021dd641faac9a3d6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\desktop.ini

Filesize
325B

MD5
e30d7151a1cb201f8f895be8009f887c

SHA1
de744a9836033c47cf25ce205ca891e1b7a72063

SHA256
b1528028b8e3aa9bee51c9ec99c813af37ad88c09b1d3be9a7e7977b8a57bac9

SHA512
086962c7f2193729f93dc394fcce289a8f2af0c221ceb404257cf81bb6acdf0bebf2ab625a321b59b9a5a8a03419b7bc56aec0617cb3ba5903cc287401578a42

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk

Filesize
1015B

MD5
55b745dc3d870b0879468acaf109bfeb

SHA1
65d25c7d0cf2a45278a46d5a0d9445dc0a7fb789

SHA256
bd7aecd06fd121475fa7ce5376bcb369d79a08e8c25b3c8addcea99a871f0152

SHA512
cd91863aecb84d10aab30d7066386c235b28056b09b03b452b8b2861e54736a25de5f6384fbbb4a01d722eabb5b04900bc30447115af8df3e689393bed4386ff

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk

Filesize
1KB

MD5
3855723ad1646e2b50138f81cbc453b2

SHA1
10ca0b2f46662cb9464953d0febe696985540564

SHA256
14b3f67c78905237c23cb2afdc4905c1f6e6c42b9b7bd6cd8c051a8f43d7962e

SHA512
95297254541d9dc5ee7f27938c4fb605e9b1a8e98a10c016540da81d29d04f4f23187d73a8c308dfe7bce93de235d79619e38b6ac2b8fadad7d1c2b7473243ea

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk

Filesize
1KB

MD5
f6c66edd9f161a9c7144b3f6792beda7

SHA1
2cc902bad93590d9ab1d355b20805ff8de2745c1

SHA256
5ca92462783a969098fd0fc66f84009cff2ee71ea93f5141a1deec755234d90c

SHA512
00b129f6ad0397bc2d0b710277d14335244ca0230e017c2544124b0dd012c1b4c849967b6f1f85b2352bc95f0dd07c4ea31b094bea6e5080830245191cf366f9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk

Filesize
1KB

MD5
59e0b1f9aa214792197fe684f68e496a

SHA1
ae5e59df3d78384da2af8cb28aefb2315ca10a14

SHA256
86230360759c9b641764183df3de10bd57749382466bc6b4f393f0dd217fd211

SHA512
afcea180a7549ec2c43d5d35383ab3bb29425d1b20ac8b55c8c278f0be84f6b082d8405c9561545902f62d35d1670ea180d8eeec357c46b85a96b4b64e8b4567

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
9c9068a9231af9ae7d8cf976d96f9970

SHA1
2950653c856c267c16992cb5e727208f0ca09976

SHA256
7e41b0ac4f3182f0b43e09377220d0e6eff05b85ed9d624a3f7b2651e628e7a4

SHA512
475c8f9124b785e76d94073b0e1727348f814d5175125271d8fe7c25e1e799996b76c6b402f7ca718cc04fd95bb770f6e19010999d3319a5d88170c64899dd5a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
0a9d60247ffec711e9cd54f362708832

SHA1
b919f8f74f605f8a64379cbe760a97b988f007fe

SHA256
850c3e20585643cdfcc969550b7e6e6442af44e0e7eb64f1a97d2c24eac9d6e3

SHA512
c2521a3602f90cba96b2c70a77c7468be69761b1fc130ef18ab2a4be853c819d95c380e30a4ff885583f81251abfeba8a75eb3e8eed933e047ebb7888633f4ee

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
1c0954065908bfa1d483a886d9d66223

SHA1
a864588a71c3b33db7f4f627d294137d14914da5

SHA256
d82bb26f97dfea68941859644f1bbba34180ed7a1626af7717617230cf4d60c5

SHA512
a561e37bd4c4ede58246eca8b779e914d38482c6189bf22dd4852b437dbb0b7cd2475e8d7a84c1524a28707a824407f9a35e6645e1b6c6f605e7f23f20400019

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
e8ac7cc0e91f9b25e1c68e219cfb2394

SHA1
e065f8510dc64937e84dc116ba1de5c16f71259e

SHA256
8f6031fa3f312bc34434ecdcbbf39f675bf068a9fae6403eaaf136da54adf2cf

SHA512
49caaac1c5e3c9206909223f961086999d66bb5c5e824ecaa5e943745806d4bee93ca41b54d17fafd11b4556c5be39d11be4aa4c8b781696610b8ec69cabe5d3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
7a6f1b710c75172cd6ede3941534591d

SHA1
4acf0c05dc9b8442fd922163712a5cc29ebf9f91

SHA256
04bb0d36716168f14e3899bf0a9eb451ba1a6d20cc2f536edd1dae146ad624f8

SHA512
9d9ca9766452e29489fdd63aad619e89cad03954033e197322baf805aa0d731c239e73907a17466251623c3d7bbab3de99e45c1c53b10b24e82ac8feaccba023

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
ffda891be4e59a33c1d1d595b514bb01

SHA1
6c30e04521c20963c50998299f7342783e8145cb

SHA256
c94ead1078fc603ce4762387c13005ac85a9f3c4f653b7d282d366aafb226829

SHA512
907102d1d1b20152657d082b1dda87004f0adc15e7c5fcb8a885b4c7926747042f4d425a40d39c8eb087299900922a2a21b2bb9ccf3945dbcde09351c21ff738

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
4811aaaec3aecd8fd7388ba51594e286

SHA1
652551a8a3a615ca2f237c391a50c008c3a14f59

SHA256
717de1588e2468681fecdaf3c3512f01b1dfb78a7e30d36251ef33f63a9eb788

SHA512
f53d20b4aeb6fac92069f4d9557de714e2912de729e45b0c5ca57bd51ef841fc13244e8965d411dac860479bc58950ee26fdecd87c845f98c14d99453730b30d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
d72e2b19973df16a774cbb142d450b7a

SHA1
ef297bdd8785d95c9e960afe0cd17078703033c6

SHA256
6653c9a621e25f9f0f1ab615ee6b98107fbea9cc5519a676f7629e94850ad681

SHA512
3510e4305be7dea4b1a0704bbd9e7b7cd55ce969cc247e6388a6779ba4527684f18b28560f319261ffe8c141cee20a6f11bcd5c8d849449192d43dd9372e94d6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
6144d4e705be686f5573747d572f04c3

SHA1
eeb89427aab8560180b1cbbf29f1c306a89f05d5

SHA256
5d3ea51fadb079a192d3d97bde89efb6d85a3edde6ae6e4f0b0c8b3c7b2442c8

SHA512
bf25caac53c2ef5757ccd138a060cd418932cf113a21bbfec0a365c43a6b36c033eb2279419fd866ab52771479bd6a754eadc06799cf1079d66cbe0738d08bb9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini

Filesize
941B

MD5
e02ae4da39a147c60fd7f6d04548db59

SHA1
03f419be1318a44488f83238986bae9d82a165bf

SHA256
fca18927308b8cc38817357a9c097eaaf2830ccba19d204724463de8f4daf010

SHA512
156109a34922879163d811a32f1ef11ec6ca1c0e1790c6277722f429cfc1843cf40670f5e4ea78049f972c654fdc77ae1b2e99772da2269c8283450367c72d86

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
e4f2eb018bd946ff55c8cf6b1f0dc2be

SHA1
60c29cbd8da635e578367e0a9a6f10cccc29170c

SHA256
5ec3e3ec7d9039e16c4e92609ca2ead6f2b7303ac2159108f79c2e4f093e354d

SHA512
0dc21c43cb985868422d29c3c05951a2d3293137b3bd7180568915879a7fa7786241c2690d020cfed35202d1bf7a32f80ef4c3cac4f1f570b1714b73e70ea45f

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
b930a59b2bb9a810c37b2566de9bdd92

SHA1
2de03bb82139b143cee920fef9b08e3d67090ac9

SHA256
4cf269895bf70cec48859edee1d9b259695a78e54a7ab4e3a148203a4f68c6da

SHA512
f30996b6ecfacbebd3b3c1834ce15f3bc6f1a02e96a989e0e111021a976ecbd747496b991d8ddbfdc1cc5dc7c0148bc56b9df0caab325633e0897423f4e54165

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

Filesize
148B

MD5
3af66a4cd478899bedda8fa644343f70

SHA1
42ec3064f53b34d97ddf9589e32cb16b11762dff

SHA256
203a5b33f90a8796cd9e889b9df7f34be2965f28e67d36180ff6e275053ef715

SHA512
5d266cd2eff40b310e0188d0fb69afc2ad394f8634785fa50b3cb20ec77e66bc465ca24dbcf39830a69e8ffa5a71c0d4b4f1b912b70848d7e2d4f5628b247570

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
32dfb2be9c52752341599f6b0dd5bcd5

SHA1
29d11c40757e7ad477ba3ac2d3ec9cee76d89e7f

SHA256
d0d6dff521569dc94b528110e9e2c0b96a2f66304d579ed26ae0e51182e3952f

SHA512
6cd56fd7c5f7a0a5672e7c1a1981d47ef3b01e890ab1dd94efd4a200a4d093b040ed67669ef8e2b1f26f41e0346cef16783c38421c75d6287fccc9e235ca07d6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
3efa3b5be63c4de305ad15aed92d9e6e

SHA1
d269f8f917173706c1804ddf9888f3201a42e5dc

SHA256
649a8474203ea284e1d8a07763836b27f33aa22786228ad584a20f4dbfe01d52

SHA512
18d704af23802f85e4255d6d86997b8bbaa0fad0d214292636cb396eac5dab742e21f447c4db4f0de2f8c2230d8a1d99fdec5a999075f2f46ec0a29a58c3cb12

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
20e195660af24288b9feda6ef9cc0266

SHA1
9932c2d1dc1ce6058a9d8a6a2285137a32ea52ea

SHA256
3c3b840a8207016519e01c0372ce5bc91545ce5cbe7ea8bddcfe0a09026036c2

SHA512
99951465bde9227f370d2b8587299f092c75d48be23fe59da137b57a626ff3a30af9f3db2d229fdb0bfc5cb7df143c5b5ec9e38b24d38498bf9029957e0d52b9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini

Filesize
568B

MD5
b7134b271d9656bf61b166949a59685a

SHA1
934fad7ce4eaa69561f41d76145e16acbec9f927

SHA256
fc9013d86957fc3be1ae6be0fc8cb59a69caf7da1fb2f1bed0ba5009bee7004f

SHA512
928ef5558d20faa8310c2894716b04219d98096157d59c5e796593928c2e7e3bac278397f4d07c7cd9f483621afc6b5f9a762fe4a6f84aa31aecd3f193e2ad62

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk

Filesize
1KB

MD5
4c0f2dfaf0d3b133038d0b724b5c7451

SHA1
2688e23abf99bb094a3cfdc959e9d123f44d589c

SHA256
b6fea449f454bc557ad5d4bf0ef67b7e2c06c8cd4069985389cd661442208361

SHA512
b200655575eb0384a5cb084d597a6d96a8f165c7c9303ba03d08e78d67b5097550d6230091ea120f68701fd42b872a750937fb96a812425b461457603d7fffee

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
45e36f8f42a27b1b1f227b53ab1b58e8

SHA1
f9b555b842ce9990d9a47778a1c58aff13af14e8

SHA256
ba81ec46bcedb27f2d4d0d799f26cda0c1673b4c811ddc82c71d732553f2d760

SHA512
00d2f9e28423ee2ee49896698e5a2db0f1f92ab11824e25983ab7961e1d8d305c0d9cef2111067418ee938364f2857087b05470df80fb77f1714c2444c4fe54a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
32d7dd31fa756ed5569bc5a8df9e71cf

SHA1
087d069508a0c6b58fdb48ed842b74db08613e0a

SHA256
bc250752d4bde307a77cc5aad9c8cc60f2752a528824484c9d638b74b9e03704

SHA512
b48cd6352106991fd2df339a787fcdc78d5b202433f6f7a2826707e0cd9d50c98a3f2974f71b3ca22ce20e48e5fce7b7454d1dcb53d12b1696731a5aa40c954d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Desktop.ini

Filesize
934B

MD5
419a60ab817acd59393a0fd2bdbaeb7b

SHA1
0ae4354aecc32b92b5364a3aab836c16db3fc337

SHA256
86dae8b115266fefc6b4805b5aebb56ff7779ea4de17ff8d9bdb10a38bdaa9e0

SHA512
c41b7d427d14840b1a910b2070000c2620a507373b81a5e88295f41d9a46689cf47c0bdcebe058a5aa17512ab4387ad8e46bb020ca56e2c308af6ef4a1c52ab9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
77eb0583fed5c30637111265d8fca9c4

SHA1
803c4d41df58511fdd79b5880d5ae637a86619b0

SHA256
4ea0e112f725ba126118a0450e6aea9d5bac995c8605ec12e3dd9fabdd682152

SHA512
8af608661d0c82227ebf2f1fbe0fa519e6fbc7f12d5aadbff5ba7901704d59facae894d853c309d4f844f1d591992eed34d48d875e0d3e48f2a8a520022e8efe

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk

Filesize
335B

MD5
5739bb260e4d41c70670ad449bed2c92

SHA1
b5778c05ca5494db5311456447d590321a4469e0

SHA256
f193b7fabdbb1d80717a24c402f2e3afdfa2959c0bd228776b9c69c230e7c5e9

SHA512
644dbe92278f7be41f629ab1e4347ea092ec86db57511ba143e3e9bbd497e51418ca5dd1f7aefd629135bbadeb652cf032ed6c7b48739898468ca26da7f11d0d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
d6c4180d8f51eeafc04ae02ad71c35d0

SHA1
1da168fe742e0a2c7bfb857d8d30f068b13bbcba

SHA256
d0d3c4fc51fcde6f73850ca5b7c6443aea6ac0708ffea4286b3c4b71a602949d

SHA512
da6dbc0f6000d6fbbaeaf01f339548aeca51dd14a37347e94094c96d99d6f94a60ba1677f5d52fee5db1c7de77eff415aa98e7362be2afa5a69d3b554a67abb3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
626cc3e55ba038a6c3f38113604bf49e

SHA1
8e8b3b4f94a31f7480795b56bffc0c8b960e549d

SHA256
3200590624df4dc56e5ece085f597030a5aee8ccbfa33ea2d505a0c992157b13

SHA512
658da75d2f36dd372459af0cbab6fe9fdeb8705e81a13cf16fc3222be982462930a9c7ba17e0800a73d5b773b0fa41e4829404f373f21c298065849ef2f3e165

Download Submit
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini

Filesize
558B

MD5
18b3b5624a50b2e17aa7c66a57c2f6e2

SHA1
2c73c3ec269c496c57b0328b1969a756e637b851

SHA256
63b4873b1f490ea304c6f36dc295912c3cff5c8c76964b695d31090bd65dd066

SHA512
625ea24fa6de42eae2a0910ecb171a3f46f3c1205f0cc7644a511e1931886158064be30d48d6cbadd8caafa61c861abf3f431fc7b497d94b1af65bae9417f218

Download Submit
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\desktop.ini

Filesize
218B

MD5
c9b160cbf53ea507eae8169bc43d0cf5

SHA1
c9e888824eeea73d68146b7f83db2241983195e8

SHA256
92cfee1eda20ca9e0b9b0e267a72320244dcbf79103c5893d09af2b511d1892a

SHA512
4c3ba7762d99598fd54369e25a5201f1627ff40f7a4364e5c5bfc14b2d34cf28776e6b75251a21278096668f41edb7a968d1f5f1e4c0d3993f5570249e04efb5

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
e526d5438bc628ba7ee7e1c3a747d591

SHA1
5a8bb678d74984ac253106be3511f5540954e39b

SHA256
fb88d3be5d822a195d3c85a14fb61025b7b0f59fe1a9d6595e706b1a8478e8c8

SHA512
c38358a2f74d32cb9c73f324dc30907386c45fb92a655d5928cc406840fcb8506638ed83b21d7178233c77f673ce1711a4d9fbf76551a62de17756d5032378d6

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
de5e5f577fb090f769c64458c870a643

SHA1
3d88750910fc5fdd11e8dc90cb25c35970fec24a

SHA256
2bc4ffbe3087d3cd9f4db875d10cd5473fe111862eb680db480fb348c13b0396

SHA512
f5b5eeff016f9546ef547af2c35c3de6856313a0fd55b52d794c85705b06bc7e4c33123961e87a90b261bcd36e171328e18607c7c510ad09f6b750d28b2dd337

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
0289f32f32c4ce27a2124c3cef3f935e

SHA1
b3c1d25bcbe7957cccc2473933b5f1b7f5c7e273

SHA256
b4b58243fcafa8ea8315c40e76c23f4b5402faa0c85855500d87a9d410581f88

SHA512
fabbcb90be19850f65aed034c849221274df96c7a83026bd4cb0641a789ba2c80f895a5cf4864847966faa4d9d5cd396e36b4c1d63607b0534ffe657674ae40b

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
742c577d729c002dd00f8b9a75b0a121

SHA1
cfbdb6ec1a6487316df9c9a66cb1b950fd128e0b

SHA256
9c1733bca9de1b6f41cd26e6cdcd284a7dcdd730b4eed9bd9128f76c387906b1

SHA512
8453c564a248e075a29580310a18b7ab8d67b2e6dbebcc9838e783365e3d3371679e8d85c76cb7196ebf65abebfb247088a55971e100ebaf2d11ca05020a90b4

Download Submit
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk

Filesize
1KB

MD5
aa05c4d70f6498ccb4db5a3474bc597b

SHA1
fbbedbf9869c5bc67cb5080c6ca164eb66fd1da7

SHA256
2b2d48d77072dfdc5a2e65bf261f1219298f1df4349b0beaac1637852a96aaaf

SHA512
0c0f2e45f1784f04fc595e380ccb2cb1929ef3b965f8f62a2510bf1fd11a5c8c460b5dfa3b73bc7c58c6e2822eea8cad363359fb43d942d8eda755fb735f31ea

Download Submit
memory/4324-9224-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-19531-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-15796-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-19396-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-0-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-5771-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-19950-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-19955-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-5770-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/4324-19978-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download