Analysis
-
max time kernel
150s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
05/10/2024, 07:12
Static task
static1
Behavioral task
behavioral1
Sample
16ac4e206e38321d926e90f02147358a_JaffaCakes118.dll
Resource
win7-20240704-en
General
-
Target
16ac4e206e38321d926e90f02147358a_JaffaCakes118.dll
-
Size
262KB
-
MD5
16ac4e206e38321d926e90f02147358a
-
SHA1
b86863d688c5d044105ec0cfd6540568a5a2efa4
-
SHA256
a122f535a1028e17de4bddd597e26c22edd0f5db8ac41d6ea9ff9ca878f6ade3
-
SHA512
1408bb59117175dbdaa3605e734458a579bf033c0616b074ca2a5cc3adf86673c0374ac3d44729b8af7a5a37c1f458ae86aa5626d87de3d7331f433c89fe00b8
-
SSDEEP
3072:ICuuNCRs/Pj03pJEEC9ti9pocimFFVW6E1fZim4v5TRRJBYeBTg4vRPW9vc/Bm6a:ICIGPj038tAgFMldWNX++eJknGe
Malware Config
Signatures
-
Modifies WinLogon for persistence 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "userinit.exe,c:\\program files (x86)\\microsoft\\watermark.exe" svchost.exe -
Executes dropped EXE 2 IoCs
pid Process 1868 rundll32mgr.exe 1448 WaterMark.exe -
Loads dropped DLL 4 IoCs
pid Process 1792 rundll32.exe 1792 rundll32.exe 1868 rundll32mgr.exe 1868 rundll32mgr.exe -
Drops file in System32 directory 3 IoCs
description ioc Process File created C:\Windows\SysWOW64\rundll32mgr.exe rundll32.exe File created C:\Windows\SysWOW64\dmlconf.dat svchost.exe File opened for modification C:\Windows\SysWOW64\dmlconf.dat svchost.exe -
resource yara_rule behavioral1/memory/1868-11-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-19-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-17-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-16-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-14-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-13-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1868-12-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1448-36-0x0000000000400000-0x000000000044D000-memory.dmp upx behavioral1/memory/1448-41-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1448-408-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/1448-668-0x0000000000400000-0x0000000000421000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\flyout.html svchost.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Design.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Services.Design.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\fr-FR\slideShow.html svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACERCLR.DLL svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll svchost.exe File opened for modification C:\Program Files\Google\Chrome\Application\chrome.exe svchost.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.DataSetExtensions.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\fr-FR\calendar.html svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll svchost.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll svchost.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Resources.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\settings.html svchost.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll svchost.exe File opened for modification C:\Program Files (x86)\Microsoft\WaterMark.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Utilities.v3.5.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\flyout.html svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationClientsideProviders.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.Speech.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationClientsideProviders.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\clock.html svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODTXT.DLL svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL svchost.exe -
Program crash 1 IoCs
pid pid_target Process procid_target 2384 1792 WerFault.exe 30 -
System Location Discovery: System Language Discovery 1 TTPs 5 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rundll32.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rundll32mgr.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WaterMark.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe -
Suspicious behavior: EnumeratesProcesses 37 IoCs
pid Process 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 1448 WaterMark.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe 2680 svchost.exe -
Suspicious use of AdjustPrivilegeToken 5 IoCs
description pid Process Token: SeDebugPrivilege 1448 WaterMark.exe Token: SeDebugPrivilege 2680 svchost.exe Token: SeDebugPrivilege 1792 rundll32.exe Token: SeDebugPrivilege 2384 WerFault.exe Token: SeDebugPrivilege 1448 WaterMark.exe -
Suspicious use of UnmapMainImage 2 IoCs
pid Process 1868 rundll32mgr.exe 1448 WaterMark.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1676 wrote to memory of 1792 1676 rundll32.exe 30 PID 1792 wrote to memory of 1868 1792 rundll32.exe 31 PID 1792 wrote to memory of 1868 1792 rundll32.exe 31 PID 1792 wrote to memory of 1868 1792 rundll32.exe 31 PID 1792 wrote to memory of 1868 1792 rundll32.exe 31 PID 1792 wrote to memory of 2384 1792 rundll32.exe 32 PID 1792 wrote to memory of 2384 1792 rundll32.exe 32 PID 1792 wrote to memory of 2384 1792 rundll32.exe 32 PID 1792 wrote to memory of 2384 1792 rundll32.exe 32 PID 1868 wrote to memory of 1448 1868 rundll32mgr.exe 33 PID 1868 wrote to memory of 1448 1868 rundll32mgr.exe 33 PID 1868 wrote to memory of 1448 1868 rundll32mgr.exe 33 PID 1868 wrote to memory of 1448 1868 rundll32mgr.exe 33 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2808 1448 WaterMark.exe 34 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 1448 wrote to memory of 2680 1448 WaterMark.exe 35 PID 2680 wrote to memory of 256 2680 svchost.exe 1 PID 2680 wrote to memory of 256 2680 svchost.exe 1 PID 2680 wrote to memory of 256 2680 svchost.exe 1 PID 2680 wrote to memory of 256 2680 svchost.exe 1 PID 2680 wrote to memory of 256 2680 svchost.exe 1 PID 2680 wrote to memory of 336 2680 svchost.exe 2 PID 2680 wrote to memory of 336 2680 svchost.exe 2 PID 2680 wrote to memory of 336 2680 svchost.exe 2 PID 2680 wrote to memory of 336 2680 svchost.exe 2 PID 2680 wrote to memory of 336 2680 svchost.exe 2 PID 2680 wrote to memory of 384 2680 svchost.exe 3 PID 2680 wrote to memory of 384 2680 svchost.exe 3 PID 2680 wrote to memory of 384 2680 svchost.exe 3 PID 2680 wrote to memory of 384 2680 svchost.exe 3 PID 2680 wrote to memory of 384 2680 svchost.exe 3 PID 2680 wrote to memory of 396 2680 svchost.exe 4 PID 2680 wrote to memory of 396 2680 svchost.exe 4 PID 2680 wrote to memory of 396 2680 svchost.exe 4 PID 2680 wrote to memory of 396 2680 svchost.exe 4 PID 2680 wrote to memory of 396 2680 svchost.exe 4 PID 2680 wrote to memory of 432 2680 svchost.exe 5 PID 2680 wrote to memory of 432 2680 svchost.exe 5 PID 2680 wrote to memory of 432 2680 svchost.exe 5 PID 2680 wrote to memory of 432 2680 svchost.exe 5 PID 2680 wrote to memory of 432 2680 svchost.exe 5
Processes
-
C:\Windows\System32\smss.exe\SystemRoot\System32\smss.exe1⤵PID:256
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:336
-
C:\Windows\system32\wininit.exewininit.exe1⤵PID:384
-
C:\Windows\system32\services.exeC:\Windows\system32\services.exe2⤵PID:476
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k DcomLaunch3⤵PID:612
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe4⤵PID:1600
-
-
C:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}4⤵PID:1020
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k RPCSS3⤵PID:692
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted3⤵PID:776
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted3⤵PID:824
-
C:\Windows\system32\Dwm.exe"C:\Windows\system32\Dwm.exe"4⤵PID:1164
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs3⤵PID:852
-
C:\Windows\system32\wbem\WMIADAP.EXEwmiadap.exe /F /T /R4⤵PID:2172
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService3⤵PID:976
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k NetworkService3⤵PID:296
-
-
C:\Windows\System32\spoolsv.exeC:\Windows\System32\spoolsv.exe3⤵PID:964
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetwork3⤵PID:1084
-
-
C:\Windows\system32\taskhost.exe"taskhost.exe"3⤵PID:1100
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"3⤵PID:1416
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation3⤵PID:2268
-
-
C:\Windows\system32\sppsvc.exeC:\Windows\system32\sppsvc.exe3⤵PID:2304
-
-
-
C:\Windows\system32\lsass.exeC:\Windows\system32\lsass.exe2⤵PID:492
-
-
C:\Windows\system32\lsm.exeC:\Windows\system32\lsm.exe2⤵PID:500
-
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:396
-
C:\Windows\system32\winlogon.exewinlogon.exe1⤵PID:432
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵PID:1200
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\16ac4e206e38321d926e90f02147358a_JaffaCakes118.dll,#12⤵
- Suspicious use of WriteProcessMemory
PID:1676 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\16ac4e206e38321d926e90f02147358a_JaffaCakes118.dll,#13⤵
- Loads dropped DLL
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1792 -
C:\Windows\SysWOW64\rundll32mgr.exeC:\Windows\SysWOW64\rundll32mgr.exe4⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:1868 -
C:\Program Files (x86)\Microsoft\WaterMark.exe"C:\Program Files (x86)\Microsoft\WaterMark.exe"5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:1448 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe6⤵
- Modifies WinLogon for persistence
- Drops file in System32 directory
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:2808
-
-
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe6⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2680
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1792 -s 2244⤵
- Program crash
- Suspicious use of AdjustPrivilegeToken
PID:2384
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html
Filesize204KB
MD54fbe7ed2b11e34c55553d7a02065ea12
SHA139c904989860abff1c9d0f0de80d008b45e47282
SHA2564bb0403f50541826350298045897b8acc8248b6bc4fe44df611201ed435f0923
SHA51245505e795c69a13d82b15fa5b1d225a1862e6076ff120d19d4b69a02241adf6fdc94c97ecfc58bc4e54e71fca7189bdcf609ba76d3149cfde770420a2432cd12
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html
Filesize200KB
MD57b4e620b8ee80762b7ce649cd9785703
SHA135b235c45f8d7d9e7f76c61c14e3fb060dc52bd5
SHA2564767d400e5da61236583851564cfe34307c9796a8382836ec3f75b7cbffcc5d6
SHA5129e2f718a53ba99083d7b707ff7d58e823a8c0c79e63bca36a3ead922367e4b33339400a68e1018c6c100250ba9622624a64cd69a19e00b32bf9512f549ae29a0
-
Filesize
95KB
MD5f9caa37eabeb36f1a220d2840767367a
SHA177a49bd0a22933e65ab3749a7177459b303cd73c
SHA2566f690538c457090d41b830c2863bff404f76057d45a7b0531cb1058fe9ea1e9f
SHA5121a3508c167d29857720fbefdc38be4c5bf3518d543139c4e103ba9b660facc3a22ca600ed54c42892b337a07ef4ad5770d2705802a4201c6e2255baf29e767b2