cb25693307c1fc05f0b367013d49ad734868a5d998d9ee936b5d0e3ebff15248

Analysis

max time kernel
142s
max time network
142s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
04/10/2024, 11:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

133150cfba119d9b82a0c17136f233f8_JaffaCakes118.html
Size

179KB
MD5

133150cfba119d9b82a0c17136f233f8
SHA1

a866287c855deec6ad79f1e1e097d0ce18a78cc8
SHA256

cb25693307c1fc05f0b367013d49ad734868a5d998d9ee936b5d0e3ebff15248
SHA512

e793246f1b346ffb6b11723c0741f303b9ff196676e4902c9f41149b38d8b0e9a5bec0dd0110756329673678a6258fe297868db56ade2d7608ed1181c16d5402
SSDEEP

1536:1eFZnNAdG2BNL2FuCEp1+DUlGkhdoEbOuZbWwjV3Ki8yB9Ik7uX/NExf1/3SkEqj:1YZNY79G93k2QB/9Sjzs

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 34 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434203635"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000304ee742b32f6c42a2fd3c0ecbca887500000000020000000000106600000001000020000000499db62d69533923ad34eec6a4a5d415e2d5fbb9ef708bd20d41c6d77a6406ea000000000e8000000002000020000000f203d88bcf4c8ffe5fca252978a2429513a431d8020488396a7c9de005d5cf692000000090067f52bee2522f5a507c4a41471fe65906e40221d93f1e1d3fbbd58b1734164000000038d2754105afb80aafda931215da22927f35143156fa60a75a0b6c032d671eda1e33c8a6cc9879208bcabe958be9d66dabaa2d213e88b7c87f0dfaa970225615	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 409634b05116db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D88003F1-8244-11EF-AF94-46A49AEEEEC8} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000304ee742b32f6c42a2fd3c0ecbca8875000000000200000000001066000000010000200000005358e34d6a769449eb16dd9280e334ee4ff88f95cfeef1ffbfa9d5830b4f63ca000000000e8000000002000020000000a271a6a03a4244e7afa9e7f3926f4ccae164c0e162db4c00808e428192c212629000000062afe51de697176fd1590db2fbfdc41f2d6957e08c02581da1836bffa7d76c142fb22bf074c3121ee8f528674eb98217581a07daf8ad42efe02220676d77935f0b4ef48376cce74b1d38e72750e71bbba97f4c014c6df8b7b757871e9daa973a5b4ebc0642b58e4a8ad6a6365c81d279f5b07788d409cbaed795b01d8106f85ce231ca6e49d909818a34464537472089400000007a70b47f46bfc7097c700ece5d2c3a72cc460482722cc286c854a25e08be7953284fef590b01ec65e24ea5995066f11e8eda10b040a0eed3797c5bd94d21bc7a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2084	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2084	iexplore.exe
2084	iexplore.exe
1972	IEXPLORE.EXE
1972	IEXPLORE.EXE
1972	IEXPLORE.EXE
1972	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2084 wrote to memory of 1972	2084	iexplore.exe	31
PID 2084 wrote to memory of 1972	2084	iexplore.exe	31
PID 2084 wrote to memory of 1972	2084	iexplore.exe	31
PID 2084 wrote to memory of 1972	2084	iexplore.exe	31

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\133150cfba119d9b82a0c17136f233f8_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2084
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
e935bc5762068caf3e24a2683b1b8a88

SHA1
82b70eb774c0756837fe8d7acbfeec05ecbf5463

SHA256
a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

SHA512
bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
178aecf409432ac0e9a4b8cd7640d1bb

SHA1
522d493fc2a4fa8f0a0da5833ee885244c1f25f1

SHA256
2afa9185cc5d463801af3d132e026d0117f297d6954a536c218ee8731873eee4

SHA512
1e7f037319960fc8fb571720837b4c6a7f8fe12d7bea90bbab9ae9ba69db2b2b9ac502e2b13446180c3a7f1e5b61bc8fe9f4965f6aed82df908e67d7661ab15f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
aa7f326b5bd7e1bbd3129ff8a7fb1600

SHA1
fda4683b9815f3c5b9b96d068bc88ff3ee8437cc

SHA256
78db5090c81eaba347c44d149d5d710abb0027a88bb969e0161618815b22fd98

SHA512
c64fa656702ad24a360a78e4957f9cdd40d7cf6baa3a2b9a199c5ab6604da2f99e770421071e21948747262b7420335940245252aa75795b7af89d84fbda8e16

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
308ec71497818e2ebc88733c34ee5c87

SHA1
623d96d2288f8400492e7cafc75328227ef24f90

SHA256
e789875c9f13c9909b96076091b8cb7bf587814c7cab0198ad388f9513c64263

SHA512
cb81fb89621a9473c375199732ecf2b4bf12adfc62cfb391ace06329793794c155945a279a5a07d34127652ac991159ddc53ee217f95cd7bca72af10fdd66812

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4ef00d2b2e7df16e660e924a2059da51

SHA1
6dd5ee2768a2cf85912c8609f6e8e6ca9d01c12f

SHA256
4a01f8ed8c0fbaa6495e53bee3910fd8007e29d0c6c5ce62bcf88542b5ed2b6d

SHA512
65027da8c9f352c93c6fdb3ef05fb2cf3448e8eaa64aea83c4e173152fd4c227f0bc95360183ddd9e43d3e6c5d1a6859c0ab35f1994fe1a680e304f664f9ee7e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
406958eed972954aa15b5dbe10f04bb4

SHA1
58dccc9c8f65905c367e62689c2541d01a8e5a62

SHA256
199f55a60b5fb93ce9da5b8e1cd48203e8a22a1fa6be32750f49846496104898

SHA512
bba845266b739ae3e3f3d6a8b299257b4d9068f2a72450ec6fe86b9a396f1b656ce9a339c3ad70d2f69c96968e08749b2d1ecc27b30755739ffb6e04f03c8225

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f49fa3286e04934136f7e479c700cc19

SHA1
09861a223505a99836c56409d6c55eee39032843

SHA256
49c67ad2d8933ca37f32e15eeaa88d68aaaa6e03cc315ed10ac615e1a093887c

SHA512
2c381f8bd8f90d0dfdc8bee42f53e580341a9be61dbf6d60a9c191142204e72fbf3fa187c7eb7b6f32de944d9234c09c1fef5e38fb44473a5a7a95ea657461e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec1f52b887101bcaee7725c31f297ad1

SHA1
62da35c3e5b3656258aff547008205592114f733

SHA256
82637a84a2aa4c2e8df652e71a3068995d4f5914eaa444030c9da3d86961d12d

SHA512
fb0cdd677c701a0906ef2409e9a979d738475abf5d1e55fa23b05ab2c3c418c88234c2377ecbe39bc748c95855b4bfb9715433904ca3957ff113535639d932ef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bbdd0c3c60f8fdfabb0947e0d7f7b6c1

SHA1
84413ca595b5398f791d0bae9bc3fb1b16615ea9

SHA256
011020a5253631fe3b04deca9a9e226d60d8cafcfbe3577c55442d7a4523fb6b

SHA512
cf9c7d9eab03f16c9fadd3131128dbd8597bc6fc70e674e662ab9478fb55f80a3ec9baf837a1128eb2423bae569ddc4ac24ae7b8972fa397efc98b08dfde221c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
561a5005fe4ada0b19c2869820e09421

SHA1
7d73ef5b9260b07dffd3a73dcf009eb525d28da9

SHA256
cdaf806d034653eac3ae4d61ab4791bd3be3e3f4097c951236f194a0f7069369

SHA512
e393947a701012849167f9f42e67960ae09a67084637cafe24e9bb3e8c130bcf6b920a74b659edd2c8ab3e4c0f8ef6399fba3fb8ee6f3ea1e25b37c562da0bcc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
487e0a5ba8bcafb5dfb13e92d83a76e6

SHA1
23b70029f864443517ae431e1d5c6be192072ed6

SHA256
a4c954f2596f0039c5e9029c1d1c1b44b0fa156aa62ef4b8bbe5c29471b3abe3

SHA512
c35fc24833533344c9ebcb5cab448880e38c02123d9ff32b4ddb8b11f83ba8e3002ef7d83fce2b57830abf1e5f8a6166f6db289358af75ad41d7458059c6dbfc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c3eff493aef8453b81ac26515474824d

SHA1
c903184504ff0ec54f753070a0a90149da52253c

SHA256
b89858231cb1d373b73150d6184ced510842f7c0f9950c6e2917dd358db1f825

SHA512
e0bdc6b2a7af024effdda77ed3492c203f93792915207b9d4d95f6f02d02490eaa6620b35245bd7dbf47d8971a561110af75b146bf0f4661e10918c29409b2c5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c886af43c76ea27a976e7b7ec1d44a85

SHA1
2d89a1c84e1500fd3ee860752f4daf2ddb440c97

SHA256
f76ca3812652cc68694856f30d9b1a4acde44fec699d6be3b79079cdb21f2a97

SHA512
f72e32c3ed91587f6e38081708cad4e3667e00193b27dd261a055d8cc3acafa86c6c521986b272ac8c56068aa90b556dba13521958baa17b3cadadd2d604dd63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f1fe33cae4974eeb854485535485121c

SHA1
3a48c157fc6e24377007f0a56d28ff2de8622cd2

SHA256
dc9c21e81b119150bc7dc06d18ed0165ee3b444e7ef1b178a6ccfa0c9ef60a50

SHA512
2867848b580686ecc654152e6d2f154e9da6bf626ad65e9ed4268e76e65814ba04e14d398635d1a5e99b12f76a0aa0205c9fcb60440ecffb19de003dac276156

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b7eac4c70b2b316f0d4fac56a944ba66

SHA1
76e9cbfbb8da6a19c1107bb773c5f67997db5e8d

SHA256
3706d6e8de4362f276cb5c061f66fb30dddce5dfa20daec8154d7167132b1e88

SHA512
2609ca5dfe74bd1488b1afc64a0b97583f66f10566e054bcb545fa6c0cd9e039d130a560ffbadcdcd3ff11bd94568df2f9ea204ab1b51ba172f725bdebff6a5d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6b63158c54f959373b9fdd72f6810917

SHA1
c767601e4fa8d384a57bde2da9ea04a699fd7516

SHA256
2e7b1700c7321ef430ebc4e27a5f75b1c16b72fc9d1aac330616d87eb1d2cddb

SHA512
b35bdf1fa149444b79886ddbcc23eb0f0fef51e6360f5a06e30df22fba2628a2ad5a3723baa42ccbe99540167c8d701b81be66e61907815f35e898094f3e1199

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec9208f6ff7d6272bdbb04f228413fb6

SHA1
ce106b7267280ec5e43b15a2478cb9772dcb4429

SHA256
d42fef2f57509d7f7fb37d6bd29a75b458b1fa9bceb9e9e4e89cbc2f0ad3598d

SHA512
299a64d103d2a1d25ba57388b4038a8ea021d2fcd2ab752d26ec603dbbc24fa8046badc04064605c747c2c51f4012cbc9eab0a5bd3651f430e375cb5800af47b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a28ee9f2c1f97d5c4c3181b686359804

SHA1
77692606b765ce6fe562a1e46e0361e527606b80

SHA256
699725e5fff8aa80a1682e58fba2aa7262787c477c9e292c46e12695176be77f

SHA512
abaa3f4d7d6e58d0623950d04bbf870c60e3f688c4432fb3ee8678d16ed4ff524206cde60cd7da6841ddce0ea16513373fc5f1a43abb6e5e65d51b3eacea06f9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
09e2d0080e1d7d9d800d868e787969ec

SHA1
728446b8b1b43cd4c8b907560ae67286d0720ce4

SHA256
b1bf7efeb938b541b1b10d134cac39d02943a3b1aedf1c453ecb5397bfbfbd8c

SHA512
6a2198c901a2943853bba9deba2efda549c5908b70768bdc9bfe209e1b3757e580e70e0b8c487e508ab3465b42c54014505f46c502d0fde58f9f9d2734657ed7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c9f29fbacf90d1f00a94b5ca8ce418e9

SHA1
4d9725d8dfb0d05d39dee9973e9d87024ff8f2b2

SHA256
1431223d673a2062e0fa1c433875f28ae4f3ba58abb3e04bdedab4753ee23a85

SHA512
25fba189335b8a1a5ce7d162d6929965c77d1c209a4d23f2c04610a2ee0732b05e8ce9c9c172ad0aea34db4ea0f8d8b3f74c9bdf24740241a46bbce8a5e9a267

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce613c859509de1d7318b15324b517f1

SHA1
5ba5fa6cd6d89dbeee24a0b902740463991b5d58

SHA256
fb9ef295c6f54b72a81d26b117635bd7f785f9aea4921610d8c2d1b61537b4f6

SHA512
e1cec52a32e7a535b254229ea47587a3e1fe45ba6f044987f1c426746dc006e0a422c520bd404d21bc4d0965815e90449fca6dd6e6091ed5834c33f2212a572e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f409b495dba842d6437657d4cf9de9aa

SHA1
2643d0edf4843d09450ed2b70d65498fedbe746e

SHA256
3a673a046fb2e101ae849a0d2db4ffaadaedabbf24a4ce880372d32c8af1d0bb

SHA512
1fda23ed435f91bab1b4e313a4f8979efee96fd9182be52ac870771750976756d2bb10337f0a3ceb61bce3cfbfc9bb6d5ef55e11cc96d4e44db20d8f0fb0be20

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb251b0310672cc935f28eccc9bf3bc9

SHA1
5fac6f30a59e1cc70d9e7c2e5b9b8857792969fd

SHA256
0f9b951008ec4f67ba6d68bcd368c4bc86d6d3ec2ad91af070b348ca7f8d6d66

SHA512
f3f30f57950e2aac24c876a10b4718ad8bc1f5ee66075a7523a6217ca92c1f9d3d0aa5e8d89796dd79bd6a34379281095035a7934177c0c2dbcba076c097b0b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
27deaa2c2101509b2efbf2c96bd70161

SHA1
8435f6a64026627e93bc58666895a5ce9bd3a132

SHA256
fc54094c8d6bdeff689c2a72c8b089b1dbd6fa6ca2563eade7d7169d63eeefe9

SHA512
fc53de2d466f2d5b26353073bd1a0dd3aa0622721541cfbb42a45c05f324fa331a881608aa81eb11776ed719a7cc973f4dffcfd13b2e5fce7465d1049ba10f05

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e81ca81bac9d84bb3735caf0168a1449

SHA1
b5bd429b163edc643596405e116cd473e2cb41d9

SHA256
94158bb4b990aa533669281559ad72cb47403ab0c02a80a1021fae3efd32f244

SHA512
07c925fdd47f895fef0df3c1a61dd8c0de6a967cb21dae1cffc2f15ae5f0794a8222e76a9a635251f5235c9579c4a276f419fdbff4f4784c9b0bdcc46321da48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4a4b2e83a2c4d3fcfe8499917a72ef2c

SHA1
a531fc74233c6e28547400f615c1efc0fa78b9e2

SHA256
f5ca027122ddc150c0d52deecfb8a27c0b439855a4c106b78a59f55936663838

SHA512
310af04418f2d0f505b423fecea451298bdc7a908c6086c418bcccc1b5a22440ed6f3b1cf9edc1a7b4d809952e548426d85b771d7f9753c90bb676aa591e4f08

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
20c31d87dcb35f1c8778f4567c4771d3

SHA1
1ed11933f79874836a002c2f409bda53c7302848

SHA256
2be518040a6784e6e1c076b2e04e59a9bc31a0709a7794a87040f61e1ff7efdb

SHA512
21c96f6056776d0b3af1e3e92ac0ce7772eed75c343b78fdb57efecf5c01c358ae08c038dcfd6139fcb913b09b4cfc44813ca0bba53691a4545f27892e223993

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f9feb271e57df36e3959f2364d07c064

SHA1
ab78b2ab0a59ddd48a3e7be556b03b360233f792

SHA256
6dbc87e2a69da2833af0facbd3b5b76f1ef375e0e3c55e69c496f3cc235d6a43

SHA512
f3e4cab34da5b500ed0edd8ff67110c96efae0fa3529bf7320a04b25c889ad6989c7ba39e98abcf104efb7e572f6a29b60ba94ac1f9995c65ba4e2d245b49448

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6a4a62e61afc076e6d2f21028453496e

SHA1
2c40b40bdb3fc8b8b52ac8ff0095775181419ef2

SHA256
a7166ee83ab83d316b62e4cd65c02fdfe3452b663991948282a76528e8005de8

SHA512
99a4b5f74576cd5f48b868b0c8013b0cc13663f0b50872723fb0634646ca4fcb3ff952a224dbd3ceb550f9cdb256b13b8ba8fd7a281e0c07604464806f26a849

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
d656a8743882eee3aac2a2e7f38e1f49

SHA1
56a6ad33ca3d9af16846edca02026f63f5ed1c5a

SHA256
c10709e1b5885b963eb759a19e8c49b4205e634889db7b43fbc7c574c9f543d4

SHA512
7441ff53e1f574c1976271d7b9446597073965fa51b574bb41d52a5e0287c6ce94c16b3c62675196c9e0cd178baecd453d02ebcb244109f0865a988e985270b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OX8Z8GR5\top-10-superfoods-for-brain-opt[1].htm

Filesize
795B

MD5
5d8d79c3cb9af023240b1be6f5057aaa

SHA1
df22980677b134e83d878893f7c7984e0d78a240

SHA256
e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

SHA512
66f432b622cee0bcc06cbc0f833de1471ea36c295b4cd93eb848d97e69c2252acd2fc8972db51ea35475a424f4d6cb5001325525fb04f71b8704eb24de1c4008

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDCAB.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDCCD.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit