c6f6e0d1fb9cf86b134e5a273fd852a333885604d9d4ea3a79334e6fb3b45b07

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11-10-2024 21:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Size

12KB
MD5

36fc00a9095273bea40c8154b336a648
SHA1

e84a6fb6617d2f15956b9e2d5403a6e0b487a25c
SHA256

c6f6e0d1fb9cf86b134e5a273fd852a333885604d9d4ea3a79334e6fb3b45b07
SHA512

7d8f20b08e155e915af747a8dc5735c044657252e74867542021e83c291954aef2309e9ecf3614bfb43afc3c87d6972be20f35ace556a81ca562bc0cad97942d
SSDEEP

192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMCDY0:eebFNw4Pk1itKkpAjjI2YpdmCDY0

Score

9^/10

discovery persistence ransomware spyware stealer

Malware Config

Signatures

Renames multiple (2190) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Drops startup file 1 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Alcmeter = "C:\\Users\\Admin\\AppData\\Local\\Temp\\t5Igu5hV8iEnx0k.exe"	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Drops file in System32 directory 64 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\FileRepository\bthoob.inf_amd64_c6923052f60677d9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\cht4vx64.inf_amd64_b03448ba0b72ec47\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\net8187se64.inf_amd64_99a4ca261f585f17\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\acpitime.inf_amd64_e1498a974ab95ea7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_volume.inf_amd64_a2da2b286ed77704\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\setupdir\0012\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Common\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Schema\MSFT_FileDirectoryConfiguration\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sisraid2.inf_amd64_845e008c32615283\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\ru-RU\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RegistryResource\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netr28x.inf_amd64_5d63c7bcbf29107f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\hr-HR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Common\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\sppui\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\wbem\ja\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RoleResource\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_UserResource\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_amd64_3acec385f5d67bdf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmdgitn.inf_amd64_6360d736a6f64e35\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbaudio2.inf_amd64_8d164ac6f7088f97\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Management\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\avc.inf_amd64_0eaf27d749819837\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\uiccspb.inf_amd64_18454ae612999870\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsCodecsRaw.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\winrm\0C0A\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netwbw02.inf_amd64_1c4077fa004e73b4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\WindowsFeatureSet\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\DriverStore\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmnis1u.inf_amd64_64035dd8a7571ba7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netefe3e.inf_amd64_7830581a689ef40d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ufxsynopsys.inf_amd64_978099f98cc73ddf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\en-US\Licenses\_Default\Professional\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\en-US\default.help.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetSecurity\es\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\winrm\0409\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmbw561.inf_amd64_0406b31e81bea0d1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmdyna.inf_amd64_d89605b6b478d768\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\MSDRM\MsoIrmProtector.doc	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AssignedAccess\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_PackageResource\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\de-DE\Licenses\_Default\Professional\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_fsopenfilebackup.inf_amd64_2174d2189fc8f164\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\microsoft_bluetooth_hfp.inf_amd64_9effd93a75bc489e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sdstor.inf_amd64_0d2a33dd67a36577\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\hidbatt.inf_amd64_a6fa9bcee39a694f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\monitor.inf_amd64_8a98af5011ee4dc6\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\nettcpip.inf_amd64_96215b82eaa40fd5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\MSDRM\MsoIrmProtector.ppt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech_OneCore\Common\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Com\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_amd64_3294fc34256dbb0e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmairte.inf_amd64_a99a7ecb03853141\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\MailContactsCalendarSync\LiveDomainList.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Bthprops\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\MUI\0407\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\nb-NO\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SmallTile.scale-100_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Images\Stickers\Sticker_EyeLashEye.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-32_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\de-de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\Standard.targetsize-20_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\MedTile.scale-100.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubSplashScreen.scale-100_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\hu-hu\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\new_icons.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-black\SmallTile.scale-200.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\bin\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\legal\jdk\mesa3d.md	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\1033\WacLangPack2019Eula.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNotePageMedTile.scale-150.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-48_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\Retail\Retail_Get_Started_icon.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxCalendarLargeTile.scale-200.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\156.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-72.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Images\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\StoreLogo.scale-200_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1906.2182.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-black_targetsize-256.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-96_altform-unplated_contrast-black_devicefamily-colorfulunplated.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\tl.gif	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\cs-cz\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCalculator_10.1906.55.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\CalculatorLargeTile.contrast-black_scale-125.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneMusic_10.19071.19011.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\WideLogo.scale-125_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-24_altform-unplated_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\GenericMailWideTile.scale-125.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected]	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\en-ae\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\css\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\da-dk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-60_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-40_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-white\BadgeLogo.scale-100_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\LinkedInboxWideTile.scale-125.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\Assets\AppTiles\StoreSmallTile.scale-200.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\sk-sk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\hu-hu\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WebMediaExtensions_1.0.20875.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_altform-lightunplated.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\Background_RoomTracing_02.jpg	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\contrast-white\MixedRealityPortalAppList.targetsize-20_altform-unplated_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\FlagToastQuickAction.scale-80.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-60_altform-lightunplated.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\ArchiveToastQuickAction.scale-80.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\images\themes\dark\rhp_world_icon_hover.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\fr-ma\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\images\themes\dark\example_icons2x.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxCalendarBadge.scale-200.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TRANSLAT\ESEN\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\FileAssociation\FileAssociation.targetsize-16.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-white\MedTile.scale-200_contrast-white.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\StoreLogo.scale-150.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe\Win10\Classic\Klondike.Wide.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\Date.targetsize-16_contrast-black.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\EmptyCalendarSearch-Dark.scale-400.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\Lang\id.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\WinSxS\amd64_microsoft-windows-wlansvc.resources_31bf3856ad364e35_10.0.19041.1_en-us_f3b6977e3578692c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft.powershel..resources.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_6c1aa43db0003bcf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\images\smalllogo.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-e..-management-onecore_31bf3856ad364e35_10.0.19041.264_none_97d9b43333298975\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.19041.1_none_b1e502c19c2a358b\Square150x150Logo.contrast-white_scale-100.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..pertypage.resources_31bf3856ad364e35_10.0.19041.1_es-es_ddb9f4e20e31b05b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_msgpiowin32.inf.resources_31bf3856ad364e35_10.0.19041.1_it-it_aac7473ee40faded\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netfx4-web_minimaltrust_config_default_b03f5f7f11d50a3a_4.0.15805.0_none_b77b8ade8ec16b9c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-a..tionmodel.resources_31bf3856ad364e35_10.0.19041.1_de-de_b895dfb4643f17f9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Assets\Icons\contrast-black\WideTile.scale-400.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-icm-adm.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_f730c5a1ae947fad\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-l2gpstore.resources_31bf3856ad364e35_10.0.19041.1_de-de_384e42ebc23e32f9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..recognition-gesture_31bf3856ad364e35_10.0.19041.1_none_74a4677fa85a716e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\de-DE\assets\ApplicationGuard\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-repadmin.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_764170bb5c22a114\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mmsys.resources_31bf3856ad364e35_10.0.19041.1_en-us_bc30520cc1abbdc9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ional-codepage-core_31bf3856ad364e35_10.0.19041.867_none_14b972285c05175a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-proximity-service_31bf3856ad364e35_10.0.19041.1_none_35dbf7d43f206dcc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netfx-aspnet_roles_sql_b03f5f7f11d50a3a_10.0.19041.1_none_abe1548cd340f389\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-ftpextensibility_31bf3856ad364e35_10.0.19041.906_none_c1cf767a9499fe30\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-p..leshooter.resources_31bf3856ad364e35_10.0.19041.1_de-de_9c4695f6a50bbb8e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..trolpanel.resources_31bf3856ad364e35_10.0.19041.1_it-it_19d0d8db3bad695d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mlang.resources_31bf3856ad364e35_10.0.19041.1_ar-sa_a7940cd7ed29ac79\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-overlayfilter_31bf3856ad364e35_10.0.19041.928_none_d1c78425a25a44f3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_system.configuration.resources_b03f5f7f11d50a3a_4.0.15805.0_fr-fr_e158a02f3079137c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-c..entsnapin.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_665a0e5c8022f7e0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..es-licensing-srvlic_31bf3856ad364e35_10.0.19041.153_none_1eca1cc1925dc676\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-t..honyinteractiveuser_31bf3856ad364e35_10.0.19041.906_none_a6600355b5f69459\Ignore.scale-300.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..ty-client.resources_31bf3856ad364e35_10.0.19041.1_es-es_0066d2d97c89ff45\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_windows-media-speech-winrt.resources_31bf3856ad364e35_10.0.19041.789_zh-tw_a566087bd822eb2a\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-c..cn-config-registrar_31bf3856ad364e35_10.0.19041.746_none_0f6b99a629591478\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-iis-websockets_31bf3856ad364e35_10.0.19041.1_none_708c3c1af3943b36\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_system.windows.presentation.resources_b77a5c561934e089_4.0.15805.0_es-es_0854f439281d17a5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\napinit.resources\v4.0_10.0.0.0_de_31bf3856ad364e35\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..ty-client.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_251713da05484b05\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-update-updatecsps_31bf3856ad364e35_10.0.19041.1151_none_292d294e6c1d57f4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemResources\Windows.UI.Shell\Images\Icon_MMXresume.contrast-white_scale-150.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ado15-rll.resources_31bf3856ad364e35_10.0.19041.1_en-us_12ccb13428eec5b4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..settings-searchdata_31bf3856ad364e35_10.0.19041.1266_none_02712bcc4c459e88\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_networking-mpssvc-svc_31bf3856ad364e35_10.0.19041.1_none_500548fc673a4414\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-directwrite_31bf3856ad364e35_10.0.19041.264_none_bad3ba5692b129e5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-w..vider-dll.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_45d1ad95ea6d7669\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-kernelbase.resources_31bf3856ad364e35_10.0.19041.1151_en-us_ececcfbf6bb1cf51\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_10.0.19041.1_it-it_d2e78d3161d60585\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-edp-util_31bf3856ad364e35_10.0.19041.546_none_cc8076c97817971b\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..ier-winrt.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_9aa9d6f291812d33\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-csrss.resources_31bf3856ad364e35_10.0.19041.1_de-de_f1e5ecf3c650dbb6\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..tmlrendering-legacy_31bf3856ad364e35_11.0.19041.264_none_33cbc8e23aac35d1\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..wnlevelmanifests-ds_31bf3856ad364e35_10.0.19041.746_none_78b1f5f5c57dadca\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_vsmraid.inf.resources_31bf3856ad364e35_10.0.19041.1_es-es_4cb6c86f92aa3267\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_dual_wvpcivsp.inf_31bf3856ad364e35_10.0.19041.207_none_e90623c3f0674d4b\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ltinstall.resources_31bf3856ad364e35_10.0.19041.1_en-us_66cdc97910f775ef\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-e..ardplugin.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_a8ddca6b99ce93c1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_windowsbase_31bf3856ad364e35_10.0.19041.1_none_f0f15c7316a3acfb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-d..anager-unenrollhook_31bf3856ad364e35_10.0.19041.1_none_8ec1144d41f9adff\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_c_fsantivirus.inf.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_8b26807666a42ed7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-hns-diagnosticstool.resources_31bf3856ad364e35_10.0.19041.1_en-us_73077e9bbbdaf816\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-usertiles-client_31bf3856ad364e35_10.0.19041.1_none_df86f0e7b84bf07b\user-48.png	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-userexperience-desktop_31bf3856ad364e35_10.0.19041.1266_none_fb76f6fb7e78a373\InputApp\Assets\KbdSpacebar.wav	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.build.tasks.resources_b03f5f7f11d50a3a_10.0.19041.1_fr-fr_96b33e1f86c164ea\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-ui-search_31bf3856ad364e35_10.0.19041.746_none_dd5f2e51b631fda1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..l-keyboard-00000850_31bf3856ad364e35_10.0.19041.1_none_9cc539e103db20ff\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

Modifies registry class 10 IoCs

Processes:

36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd\ = "KDURWVJJQCGUFCX"	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\ = "CRYPTED!"	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\DefaultIcon	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\shell\open\command	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\t5Igu5hV8iEnx0k.exe,0"	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\shell	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\shell\open	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\KDURWVJJQCGUFCX\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\t5Igu5hV8iEnx0k.exe"	36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\36fc00a9095273bea40c8154b336a648_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:3692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
b79b880027c4f11b09ea8e23d3924791

SHA1
c607abe7c44c289f3997f30f57dc932a721b7f21

SHA256
94ee776487d8df43ceecdce76d65d185b6fc4a32227838515dbd3b7e71970fd4

SHA512
430c175b6d4a42a0cacbe5409f64bab9ee6df91b3b412772f1b17f3234a52ca608b7972598bd378a922869f54cb2248624bdd0f231ba763749d0f0af2f6d170c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
3bc2b48fe9ea09d02d4bf1b647ee48db

SHA1
82646380c557ff78ee4188a161cb9d604d887d6d

SHA256
95f5972a87a97925a89e7d58b67313f165d8a849b9201e5a0a176d0bccda7c30

SHA512
c63b9cc6c01eb2f353202a134f0535d036623999790630ba4421f7a2f341017e90a1c70a8914e0cfe0443a6511fe974f9ff8fdee70be90a1f9d9afeef19ec116

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
e7f96f6f4ae9eac86704af7e6cba1677

SHA1
c7509074f179c4714a63e1848f4119c0d2f38131

SHA256
d9cf49f371a3f38cdf81e364439a54c09d9e42d2ea76b32d80e9fedfbd4ec009

SHA512
87efcd9c7a614450245df0af0f13786e084627bb0aa6d045c8bf6bef730ff0b841e1e8baf6752b3f38914535ab18f8027cb456aeb5a04af7094d994f42df4195

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
57f34cd3df4170bbcd5961bb6199b7a8

SHA1
68ef0388bfe63fff748bb6cb944475e4ee1f791b

SHA256
6c2ea99c0cb83d7dafc442d690949235f178d17b7669c72ac75520ceedf879d2

SHA512
e036bf6021012e59a92656597f719dcb0f47716694a64251872ddd218dcdbe5815dc3834cf97bdfba56a1408bf9359effa0df5590c52a8371cc451ad85c507ca

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
50dcb7c174e0576335b8478141716b8e

SHA1
a5f6fd744952e9bf107dc8431b1261865d9b130f

SHA256
bbd348455a23dbdb6e4644368ab3295d0deff796786d2ee577e5e28fba041e52

SHA512
19ee265a27ea1ee738b3f9bc70a5cb7e56d7e56c58e342153417a36a6f175c84f462afa1a8254744c7ddd441bca0518db49882b3c7648c449d0244deac501714

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
7a00e67550afc9204435a024b48b5d82

SHA1
9c2816c20986546d77652599cc22f8149cfc4e17

SHA256
3919fb45396a9c64f743235040eba49e13d2fc7541160ab78bd4a4e65b272cb4

SHA512
1a8fadc6647e8b5a246c660d53765c5c8c1991d54fa4cf60adf50919eb8409f4cdd616d8f0cdfee584b495d8b0c0395b613e409ab5847d76d7756f012ee265a9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
5d9fe7d61bc34fe178689f5b5c5ffb5e

SHA1
d77e50aaf0f69a7e987306b0a7d8914ba4ce3f1e

SHA256
f38abdf88b9b987818edf8e4e1f3416cf106ff0c6d4a9839eee4dff44f54b4b3

SHA512
22a1c542dd9e89ed731993a10c3f4a914f28bc5ee9e0b766b0e6dbf184f061da2ef7a2be231a2924eef1054ea024ac302aff01b8461197fa4f3a4d1bba619cd8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
f9794b1faade6803fcec009cd5ae4d2b

SHA1
4460d4668bc0d17620992ffea8519b29df48bda8

SHA256
e000bbe9d4470fbd0e5a38fc922610407e549f8e4fceaa6722e7f4d413b4d974

SHA512
167bead34563c43bf830387bb41b070eba83478f72bd52c69c6d53f3a5907a0bbdff2170e02054745cc51662985ce5a901499bddac3ada93a8259ad97ada6ac8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
9b1e5511ccc938b6134e0140c784cd84

SHA1
0721cdcaab11e102cac6637adb4fd040f2de3902

SHA256
acbc82c723e22810ac44b9ac22cbae1140de9f792166a89095166be328f8eb5d

SHA512
7bdeac3c9de04b7b02e3199f80bcd694bcfe713e4008cf77709b0ca766def8d36cf052fcae9f24c7f2a029bc37c701ccd153967f6f952ab485c9409cdaf233ca

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
e2e5027b8d06c8a1509f8b11db6f508e

SHA1
aa6ad110f63a745e78eb1e9420af3c9b1968dd79

SHA256
4a3d049c1b2855bd14d67fa968cd359ca653812128da4092258ce77fdf673d1d

SHA512
599fe6bc301cde074b40103ba74ce846d3f25eeb602593cd81bb53a98a5e17b2ba0c804ab282e0fdc7642169e569e5f412b89d7d2b9a19af1170151e00a106e2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
f07cd0911b6bc391cf30f6162e9ad10a

SHA1
99378e726de208afdc35234b792c4303d542681a

SHA256
38b0932f66ec13985e59714d64484d33e265a5d362d736542eade1fdb26d7586

SHA512
53bb0ff7b48202adb40307856b65fe2a81b756feb8e1cece26bc3aff2f5570d4dd9dd5302298d9f4ef14d32b226c5c8c4400becb4c7792cd4accf43323104fcd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
6598b9f2e1b461b4714215b415ae6b7f

SHA1
9781ec92085f4355696bcef71b2ead856dcf22b2

SHA256
155654e48f4e11f26ed569de26d1f08b356b11b90597e6fe28cea01931fcffdd

SHA512
9c435458b1c001140e92ac45345e1173c2674d7fc7f133a709c87f4f2ec8d9d4d4a8dc069989ffaedfb0196e15cbb45af63cea1ef4f9f0feff5e012125f1a6ba

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
5184a37650fd958812c111b935b49b09

SHA1
7517d63f3adaee28f9221bef6e2c7cf371e8a01d

SHA256
566010efc693c6537defc8ba2e8efd24eea734bb9321fb699d36ed155d51b63b

SHA512
0fa73c4d422aa314b06bb6eb1a7a813e640da7d80b88f04672e71d0071cece5cb936ec818cbd3dfcc001bd140e8a4b9093a10b35b9089e973908c8381fd10f8a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
e7fdeb93360747351ce39ffacc44589a

SHA1
ae583ab0336bfaca09486d661e579f7088c107be

SHA256
a902ae929c0d42b7748df73e1102980eaae4adf904e00965417aa4828797bd85

SHA512
8852b56929a0a0914cfb1449f9b0eaa446a36cef2b842e88a0911ac62024cd3deaefdb5ade5a16274133ab8b2c63dfa69a6f00a031723435636006590ad01d74

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
b7b21cdede20edcc446889932a36011b

SHA1
f4924fb2ff2383b22022915f7d9b819777590ea9

SHA256
e805c92ffc74bd45a6307eeff7aea2a2b6c7503194f5486acda992aff111de8b

SHA512
95535b0bdf536be7dd8141e881a51133bdf3183cb632284e87e3c7c2ca1822ad185fd13ddb354287e658326234619bfead827412e7a3e002fa36fc15de20eafe

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
a0abcd04c3b5870a73aedf34c48b295d

SHA1
6ccbcd050c256d7fdf400d29ddda6d0f2ec4a77d

SHA256
25aeb5c05d20abdfcaa6fbf48e14549d778091b2b86e522b8e82a6d49cabb04f

SHA512
9829b1ea6a64feeada489d8d9fc1ec6587d45b856ee33e95108b6e0830d0b6282af96fdfcebdef1165b39e5780be0274ddaa1c0cd273124e4eb70d12fbd1c6c2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
d8e350f1637a04bf497a29d04a9ba0cf

SHA1
19f9efd060e5c53829c736dceac0a84b11488b1a

SHA256
83b185c92463bddb16b40352ebbc2658704b42129c72269fd1ee88cdca453868

SHA512
a257c513dc489d5fc38e73512d515f31241c39a3bf65e865de6ff716108d97fb86528035bd8a503255535267df6f00ccf9eb1bc01fbf691296d92c16e88f4a2f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
4b718ab7b1825110072625db4be5c955

SHA1
2ed6aa40eb7b89614ff0be6cb69b7d28c790f5c5

SHA256
6fdbc7f1cc85e4398d8c0b0e944436667c27c75adadf41af203a6404a036234a

SHA512
bf148af0f770d13b687d120299fe0cbcb6a29f7d75e3317a6fa26bc892fee79baec51d979d7ade4aa18373912e7403f5b8ea8d59bf55438f2b00ad570a4b73c5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
8e719e36968c4f10223e77e21d74157f

SHA1
d11d566a1637c3ce9947682d6e4d4d505ad42d21

SHA256
fac8b0b487092932fbaa7c11d7aa0c8a1ef0e8f487fe926ceae0f08ea2235954

SHA512
a893a1919779fee4ca9b13b0cdd7e5bb17b5d06a2a5ee99f1c0002542dc9cf5276acbd918bba4c29557b79964965058560560a6597fb0daed0ba815679b440b3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
951f50d5b036786fbe310a613636e605

SHA1
8d6cf8b8b0c94814afd771459408881ea5783109

SHA256
853a346d6c23cc1bf7c04794b128f6adda8c8863e9f9350deb513e39c2ff16fc

SHA512
d040555596b39b5d0cceac633ac63881d78ad0c57775a6477d6b8f0191c74fc977bfa697584cb0c744a2606ce70c8087c68c6f60b1f6f8629f8b9229ae5202e0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
41195058be6bcaaed1b6d79ef1c1ac6d

SHA1
8acf684b36ff0031ece6539ac23ce4e5eca95f66

SHA256
1a8e68adb3b058f68d3eef56ea2f9bf2e156665d07f0c9b16ddd8c94d394fa20

SHA512
3f7dda733fa1b50146d2a3d15576b1092dd78dea9e7b576c1f93418aad74aeefb902224c0381afb1bcc88dd9e75dcc3fd9dd0d17eb867e67865b438de1a0ac5a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

Filesize
19KB

MD5
0782b0507a1a5341633a9a4bd9138e64

SHA1
6d115849cf40d835fb8bc9d7dde9c3c418e5b97b

SHA256
9f71809ff7530123b8abe47308a6b87cbae042add7c346bb419c751e12117499

SHA512
7fc846d68cf99b33b1ac151ad18e86fce37a7a3c2859b088654026290bf9831b551692bac7ab880b41c640cbb67f3ac2e014631f552c15954eaa7a15f60811ba

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
824679380c406933030f7e625b6ad31e

SHA1
5e43b7f7f7eeff9caa6f683d5bf29df92001e6a0

SHA256
a91785cac4056b984742125ba3a8c596784b05c1376faeb30a0ce7a45c1dbe41

SHA512
0a4506568aa1b07b8e98cae631524b43a062f6e0d1475270f3efcbd1267f86e2dd1526045fd8e544a8bedad99414c4869ce278104a1d0f571b32a34357e67e06

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
16e3b683a397201300f9758b6c7736da

SHA1
9257e8a9413c0ed6d7e100a069c35245edab1be0

SHA256
22c04901a7225021d1c5d0e56b6be37dc9d14be9bca6e03af2b0c9fb66e75d99

SHA512
f8f197c7f0381761c17de78dacd58ba0e0c73088cbd604202f3020ea807e2de1397ff2830023a55534be4f4371372b0e32708ebb0a9cfeb53ec1ff3ffae42ed9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
2bd313e89ec51ccf84d57737bc0f1c47

SHA1
dc624749641f1da2d277ee3caded1486709adb9e

SHA256
d1565cc8a4f3c1e890dc3a9236b1eb94dea47e363b3f30bca77ef1a030667757

SHA512
bef7935e79044d1aa9765459334a950192caae61cac925ce51d5b8cd6453ecbc134b9cf086db65b0f09d277c822233b85149e7e01b6397edf37ecc82cf0b69f9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
3a13b51e9a19df37b079ae34a13089f3

SHA1
b26a64a2f7e87d6d14e014c91cece3512ee06374

SHA256
a791d25f5dae9d8a491243682f5d1552bb48c0bff81141fa5efdc09848b5d809

SHA512
4f01abfbbee7b3f1286ee7632b6bbd03cca0a2af0df275977810973afd45b7f3ce8090c6fd9d2132f4f24d16dccf56edb910e7410af5d6f06fbc453ca6ea12e5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
7700667c530cf8100611587f95419ef5

SHA1
044e80add0b00d7800459bec3a7df5954fb68529

SHA256
523faacbf3847d4759fff495311615d8478c2f5166e9e55bdfd1be21dff1f5a9

SHA512
69e863375e087ad957f525b42b4535671df07042088a4a83474b89c32f98864e7514134111cc741dee9c8e49d3b8d4508f86c688d8808d8b8b097321298a883d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
28faf132bdcaf80a25fa126a77bb7ea3

SHA1
f606ebd8ef5118d9d819ae659b8fbe772b40e387

SHA256
5da2d07f9d853bffdae71d22b73fa675258db0086035f36f1e0dc9e4287dd23a

SHA512
de94e87663753e0796baf393d720fb3f81752ba82c94052d9c74a5bbe5241deea642b9bf179114a91bd3b9f9a5add5a95cea9dee20f99f43d71d335d2d9fd7bc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
4bfa826ed25e3344c424c459b73288be

SHA1
2b5da283e9f250e158fa8f3ddf17eff99cc32bd3

SHA256
bbadc2323a008127ea1bc5b377ed5e42c5955b4634540fa217c19332e963bfe6

SHA512
df49e423537a757af1076eb1bf7e35a39d559c1f9dac1e5c7e252efc9e908c4580ea5a5f7f68c95038de76ba482cc01584f5413207aa33f915d177974764b474

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
0b49ca26cee9088a712971397882c8c4

SHA1
94c0b70f90c872a51409da7dff00c00db31d3a69

SHA256
ceb6e9b413d28fbe024e1a3ca8b05bd39ddda1af1a1a7ec5934204ff10009429

SHA512
6c78737b46d56ee06547a96c121aa945ef2365ca6e3cfe4fa7f772d99950de53a2c2cc06506accc8709dd44149c0911ef45b4850d019e1ad90f92f5c7e997533

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
a86aeae59f23e4adf6b4477038df51f8

SHA1
6412f9be3c0c5bca24836647817d413a778e9b66

SHA256
dac3210a3011109ae98c061d133107ba380ad184e0d91e6e8195b3573dbcd8bd

SHA512
53dc20a8b07e3ae1e1f045c0e81da5ad628b6c436af0ce6238e69ac1da2c0023a7873ca6556d2d52849d4b6311793ceaef93f396ad6aa65fd5ce6359692fc6fc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
5b278110224cdc78933fa86a32f0cfa8

SHA1
a8e358b5a8015b67d7dcad22a8f87929013aeea4

SHA256
af2300d5b89f219bdba80e16907f555f7765df8b721e97194568af9b479cf95d

SHA512
7c7a9390906223e947c6caa540dfaaaee47fa330a3acec744b64ede095e5a032cd5b3b2bcecbe4c0525c6640a605b2cf531c528641731e0cef5f643f9999e06c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
16d04fdf48fe1c3d23bafca227fe7429

SHA1
9ec40217dffe061f2bed51d377283a5f2331be8a

SHA256
5a0affdb1fcbb4ddcf6c4e1200aa8973bd8324544f8c47846ee8f7275cd6d824

SHA512
505858aec1b4d84c430dcb33ff2e3ec5524404a530904cb12d1387dbb636e9fc9e1d57f1fae979b485edefbd9ea8def99372b518004911ae7b4c60fd629bbd1f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
76ac2180a9bdc6a8d2e0cc3eed07c178

SHA1
1676a3e24d80968d825233c0d93c86ce339cc7fc

SHA256
d9dfa64c1af629ceb719dfb3002c93f03a2baf303bf2620ec745f8690eedc610

SHA512
11cff20204c6257090363beecfde3c0fd45123eb08aa0abdaad6788a9f750ea655df1b6c25b18422dd47afff5a0a2e2579b5de6b6eb93e805b1b9870c0fc2569

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
ab10dc1c0df861641ba9160e9b57ed3b

SHA1
d1beaa14bef3fd977be3dfa6a3d997c0c9e94968

SHA256
b81c5b9d8f7eb36e619d2ec95663bd8aa545344ea5a5fd8a24d9c60ac50b9dd3

SHA512
0ede72080a2091d46e9957a52ba7c3fcb68fd71e35256b3982dee004df141c58bb33a4a63a61c56f0cd7e120d6587d7c1b78221cceb1d752c8090e725ddc044f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
d0ed9860bac14fa0609fb2c6522ce07f

SHA1
d106d5836f10474aaec5f4199e6635dab8080093

SHA256
811d44cebbe905b12bf2c66dcef90f4cdb44cb71ab6b05c24167c71c87c8c83f

SHA512
8c1fac13af6136921632b92eb86b9b25db40ea2b068ba9cba28b9c396596d610afdae17966bee76954e44ca1895f6932f7fef0425fbbda64689ef49a7a92d556

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
a56873c9f07dd6d7348a0fe00f824cd9

SHA1
c8abff95fb17bfc67e1b590e0734e0cbb14df5d0

SHA256
db4ef24e0dc62311750d87c1004d6658b26c6e0796edfa09fa0c549d9a3e591d

SHA512
6448d2db9cdd454623796465243a3848b2f5facbaccc43d26a056c361518e790bfb76864f179475acf3a967bf7386097d9e4e58344d47f8b2c5ed29ff489921c

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
b3248079807a24643b947e40e516ca69

SHA1
abc8861d0e7533f18e523ec3ccc9aeb678b2aab5

SHA256
bae17d4ecb8eabfabc3eef1e8ed81ca16e58081c521514016443b12fa6c65943

SHA512
bfceddf649d77b7e58af8bf720faf9f133927fd264c3f609a7ba06450a539d7306e9f501f5a34fd30c2bb0b08adfd8f131b749f6b048e34bc96dbfb18fab9e2d

Download Submit
C:\Program Files\7-Zip\Lang\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt

Filesize
282B

MD5
69a98ef655778f1cb3764a923acbae80

SHA1
22683321e95c9a631039d15fc49ac5d3e639ac54

SHA256
2ff127d5bc4c7333c8f522aa4b456684eca97c06d452bf7d00b6a99b49b11b0e

SHA512
610fc09f40124e1a74ff303ddd95ad5809679be9e0c381e5d367ecf8e1e137c3da188142de7a2c5fe2b1225e12482245f2b5c417d43d73618108bfb1c32a5ed2

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
1c457787a1c96541945a1359daf94927

SHA1
9bf675bd700951cee6f697f829684502f820d4dc

SHA256
ff9ed5289fda7edea0eb79d67702d2972fd78d57a0b3370b8d43199f056aa221

SHA512
c98a648ece7f5f32dcfcb50cc12817ff7cafa4f82dff1725d5013214754d4f4e1a4e97093eb338388f08653ca6e1bcd3b661f7ba2c472310ca9a6dfd946275b4

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
123acc597c4a91c9161fc3d19245830b

SHA1
abe0aa77e58aa3b477a6d2a06b55b59b00d59802

SHA256
61ad517d97ecd0ebf89aac1e35967288a820e0cb97abb5bb573603c37b085c6e

SHA512
b628abd72b6ecd38d1e588e834407aea8f4bbf494d22b485f5ef0a3500ee660259fbef86e2353651da85f84ffafbffeecb3479cc4f04c69c1bb226231a8bc20b

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
ec23995707b17effed74b6cbb994248c

SHA1
0d21b23e5a9c83a1cb356ffe45d1d53979275466

SHA256
f5f8416e78a01cadbc49910a616aac898b553414d55a6f44cd73b7b00191c09a

SHA512
96e7cffffeed63a2006c172994923014daeb3f32559c2790b6e169835ec28438f5489240c684c9c6e10e64aafe1bf3c72fe1b59f4f32feda0cfa0d196c65de86

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
0faa6abded4af2108c107cad65c2722d

SHA1
bf774a6a9901a40ff78fef1ba143f24fdf8b177b

SHA256
2e0d4ccbc7c61d2cdae63e77c19a1a3a7befc5f1ff6df2800b89ccfa7fc8729f

SHA512
b23c1ffed136f19548b39b82ef70880d152e4d674e34dbb89a7528a64d3dc2be819c9d5df9fe6e713863258ccdbb43f935836cae95589721ea80eae71c287392

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
16944ba5c84aac1386bc9766d87da974

SHA1
1f5409cb299f9fb7ffce09ead68e366080a37c4f

SHA256
82d4f3ced04e65ddae46bf50e19ca13ec62ae81d8befc3952229354f9ee8cc4e

SHA512
1f3b3b36b6c83eb22909add2fd3f49daa30f679ffea00d4528f00419ad8e68e70257d6c33efa1720cfc0328c8472cffd67be26db4b5f117166ccffbb9db22ba0

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
75a87c87fede9e91de944c8915c0173c

SHA1
f0670732d2390b5310e161afe865ab668df4ad2d

SHA256
ff697fe14ee5b9d283de96c6fdda23a39aa5b0beb51f60b297e06d623d60c553

SHA512
8f586b6ad39e92c3feff48c94236eee980d1f739e731395fd1b7c5b611fd3ba12192837725d99b606fabf2253efa59ef5b716721ac105a2589db262f5ac7e993

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
59fcb61fcf2f34779196a662a3224a26

SHA1
e6039de2b17d7fac45090144dd4a6abd5fb282e3

SHA256
ddffee5695fc8ee5cda0fb73ca6e5647d9c8953260d3f8626c312c510728a1b0

SHA512
51b90e3a9dcc9cd2f505f156a6f6422396957b52890d0357cf72fd2186569a63b464d0c21f571722d7c26658df44826eb177e8b82b94cccbb90fcae938a91259

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
800e618080443e8b2d7d9871cc51c99a

SHA1
bc49732efff35226f6fc37cf575b9ba17b227ef1

SHA256
4f6ba12499283459e7643732d895d8df5ff4bba1a5631bf70f7907105f6a38ae

SHA512
b14ba356a8977ab63008f89ae0d76310b0d508592cbe19d2c0fe1b14a990a3c06ccafae1e5cb49ab851bf85ce3a912b376fc993a858effea9b529087623911be

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
2cbdb8eeb0f92434a44e159710250f45

SHA1
341098748e85b3fad8d128223274559517539be2

SHA256
01164685bbd3c03b1864e87918fc0c469020f2f84b51201af4158a9d06aa62ea

SHA512
9909ca5c58455ac62cf5154dc588ddb8a3776b10d5bd8ed542e0f11934a327e2e037ab66124e387af549aa32bc65aad5aa41c8a702d3dbc88a1095328b61276b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
47bc453f9f28a4db03d315c0f3731ca9

SHA1
cd116ed9cfe090a9e310aa222206e80c2d882b84

SHA256
0ba3ecba071a2a1aca83ac1b757a20a87844da450574b4955476837a218c5102

SHA512
e3fafc885cae9eb2ead57867dfc84ef26b073d68a109b8b7a1882b52499f1ccd1cb3852b550527bce313f1ac0b7eeeb52d807f67e063369098a3f5f7244b2827

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
21067ba7f3a2500b33776fb6edca7761

SHA1
555e3312568945080ff7abebac9a802326bcf867

SHA256
859e83926e8731f0242f71690932daffa76540194933d89379cbc5ddfc0efdaf

SHA512
fa1ef9c92c06b07c2623d40db425b177459878ce2238567ee203fa2219577cb8769149b71d931c917a8d6fd9ef785ad8792705b050976d08dda23cfbc2d4b5e8

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
cea374ff8926d3e31bcb8916726863e3

SHA1
046813dcf208e47e200e3d67b8b758443143b544

SHA256
b3a86d37c3ff1bb1dddd9073be733135047e256ccbd7dcad8189fdeef2131d68

SHA512
6e612f762c3a33ce64106dbddff4f97f2d18f1f69478055112488fe9823040857a79e40df7f27a652cec816afec943135f5970b933df99137cf701a167a2f632

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
250ee4af88148843faa8185e63a915a8

SHA1
35cf28ac2dad2f2de7ecfcadb68ecd471e2d0986

SHA256
feb88393fcd1ea42fbfecb6c1ddd0c4fe26fc5992b672d4d1aa1d3d6cb2ac529

SHA512
73275c249a5eb7e2ccbbc4e880e2e50c2646d2064df522c63d389a239c6900e1de147b259d05033ad56dd860c5d10351fd02e50a0bc6406809ea8d5c369a857c

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
2ef3161a22f3b3f1fa103c1d8dfa75be

SHA1
da8f6c69bdbb2c7f0956266243e8b335541a4e0b

SHA256
d8d9d3fe566c9f88fb8aca1c48eab527cab341e400b27cd8b800f4740cac5cc1

SHA512
daab8289ea8f932bb74fd98b7a4d0a19119e4f6e848a12c8bc4d967f00f94f65857fda89ce5be4bdb6fa54a449e359c975fa31b486253df04826da8b13c9f8b1

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
4d6b279cdbd52e0c8a42e7a71d687356

SHA1
7b83c0516170136b1aaddb8ed03ab0e4f3b2c96d

SHA256
3422dbe515b4e0f5eb06f4c091783a5628e2e1c5ebbe2385bf7d63939947d2d5

SHA512
217dc251c7e1087f3b7ff4bfeff923b0866712c4ebeabeb7b046884c129819dc09bcce70d2155a40e146dd5eaa31ebab198b510d606719316530b75afbe8a6a1

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
7ffce84e0f95e15f33522214e3729cba

SHA1
e35ea7f4029ca84f5f208062247b5d8c4a9eb161

SHA256
5433202f1a58c1af62820392a5633b5e786fef7f00ea64905fa5f7e75ee7c4d4

SHA512
c69954827b013890a69ba4141823950eaccd9d72c0fae133b08e285be85baab5ca3381185e7f2d732d7fe01b0cfe6a5e9b7d203d9bb970afd9ebe20d7619a8c9

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
10d7e3c07bf984fbbbd0728daeeec842

SHA1
8732bd583496d069c193a38fbb5c81a5c2c16c30

SHA256
03da44ca84b856fb47d2da72ae652b085d6fe7522de694d5ab14e876e1dafbc2

SHA512
e833b0311850a228c3b1b980b6be111ca551e72ba3d0474668d35c58b8037de83fae59f5cbc9bc69979128cd9f90f78ebd5d58651b9ebe88e582f88ec3641f03

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
150476fb9f3d0fd1dacb5b4dd3879e61

SHA1
84f3375790e39648537fb0928e5be154dfc1141d

SHA256
79be3582032ec1c498bc6652684bf1a50f4bda2649c5d25815fb48974079575d

SHA512
9e0f0197d7b5767c99e2f7d7f8c38460a35f6f791538bbffb7fa4f96143c0ccb6278825179bc05843c18b36ddbdeb3482fb3e060e597b2017944399b45c2d5ef

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
40d40c1c6066f20ec8a01da0eb9e1420

SHA1
96d23bd00693a82c742c9b8768c5333ba76f6bf5

SHA256
4952b43d71df984ea8b8ab3e07317361251a81cd9c7afbf06822811f87eb4a3d

SHA512
59e4820a7f4f02e34fdc94ff5b4b0b1a48f3bc66faaeb8a600ede396dffaa08616d80bff5e4de2bc7da2bbb7ef909d4a821134e3386a9460e6a92f9459656b1b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
f0bfd1b67aaea7bb0d0da7e328d22033

SHA1
c34edab554d4871cfc48d648f0601e9efe466249

SHA256
597c776d2002f7b23ceb3c2a79d4f6b15630b5ef09e7d3287ca277c3d5f22b9c

SHA512
f21f941a142a66525cd8fd31a60de82734430dc4424822bddf59f18779a833fd2e8716bcd5604823a6fecc75055468dd3414727bb5fc981602f22fa87ffe9712

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
18e240f0ab0e8a1006d5681309af8502

SHA1
bdb04f9cf671d02211e0eb589aab7a672af4f883

SHA256
c590ad9dc486bf0a4a4af12808a638169af4ebb93754c296eeb56275f3a0af9e

SHA512
5d8c901960880ce0844775a4b74ae45c8495676292406023510f94e64682d464e336f33ebadb969baf085fb90cd4ee894f9dfe1b4255607697fc7c00e10bd28b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
7d06e8730daa6ef20e601a891471b6e1

SHA1
f45a51cecd519b308da57390ad9e21b5e0af66a2

SHA256
e57e2ac815bbdf6ae7c2e76f74ff0c44cd47a8ab766734722201cdf0ae8676c6

SHA512
c796328f3c1777deeb49ca9a68b8fbf02fac123507a565e2487bb03ad6fda16c3816121d29633d75ebe2c2298ad9add3d9f7cf7981f4fc8c84cad071c41332c0

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
29a6dbd9d33f788e51f419864a5c77a2

SHA1
1b7275e504c0e8ed576454eddf5d48235a686ca1

SHA256
68e72c8396c694afac4e03eb5eab4269cba53fb12b5bfbdec60d2dae5d8d5287

SHA512
5bf336152a09864cd4ac2bcdeb46f9954ffcf55070c4935093847a71d49c7a1f64ff9ab8ae3ec43e88adb2914b15eaa59a1c8e23b021822abd120b8c7b2da410

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
2f83596eb0253379d3935ac4743a5add

SHA1
255377f42b584145b6e5be40c50fe26f674f7414

SHA256
f3d19bebe0d98b81d78751d918957d4e29bd7fecfc3480db52600035efe9d815

SHA512
ca3ebaf16a847365e46fb4740a62c2d253c8a26ad60c03edbc8cf9278cfc75704740d1bc7e65b825adc408351ced1881191961c8ad2dcbee514666dfdd28d04b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
5ded34037bcf6104ca4af068335ecd3b

SHA1
15ed340cb36476d438247e8efbb2ee89c288fe10

SHA256
ab1265b06d558f3fa834d0343298ef7f432c081bcfd4f38736e10e1c1f4774e2

SHA512
b9b4e88e4af90c7dc6ee397d56edba4c120c29e9f02ef8105d5922b25ca43cab17d0527627f525c0b21b3fe79237f1f90fea0f55a959675a473455d2ab301520

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
42987bc1ff147348272ffd4105d06b5f

SHA1
26ee6ad2136e23011c390f54a0f64dfa6f65a31c

SHA256
5f2ad29516ea96f43d466fe1834a44b1a4f467f34a9bd84d6e0cdcab043c8ba1

SHA512
3f245c0fcc394b2d00ea21ba14e3f8a4bde127c5d757729c1fc3c3befcdf793e56386eabd30df0325af716aabcfcbdecbb27b9b1ec9ed80a61005fdc4298540e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
18f20b845451fa25425525450e42f2b7

SHA1
080c0b675abed59192a4a17199c8f3e57469250b

SHA256
8095f67ed52d383dd6dc689ac54852a440828489df5d02a8ba6c31bc2e448d9d

SHA512
2da9d72227149f445702f4cfb8d0abade88704a2c9ee90f87c006558b6952dcee088dc607d72cd771b7b56e21882fbcde7370a733e0d80b486480b932f565700

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
c46225ad4ece4bc4531b781d06c5b411

SHA1
8b8cdc7f9102741d267bbdccb7584499d0d26e89

SHA256
979d2d6fe4b793d557b01e8ea8d630b11b09760280821afbebbfcf7482eff093

SHA512
8a8426125795e48fb51a338e1d5c8428d39eeb34dd73f2c2136a380a6591d2a7026fca379fb6b845812df9f0eaf6554277afbbdafc0809963c8fa0830a21948c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
b8932a0fa6c887c4e80cb5c56d637d12

SHA1
bd46ca5da851cea651b2a7206f7d80d66def2e28

SHA256
fa7ec230e1d68ebb796030ff1c6011390bfd52cc082df4e780fbe50af13c9877

SHA512
8714b9b9a3bdae93741294c277eadf7fa6ab516b6b083545e851e042fe86d989d68c823a28cab4f417f514be214a58142f116ac0140497a27a8d81cb3b728a6d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
0581180b62f0b3b1212ebec1deb5b6ff

SHA1
d7f85eaf3ef69ed3246d3cafddcc18f3e9a71bfa

SHA256
39b1411ad2ad18de4cbd221cad426788ecd019acbf52fcd001e54c9ade30b592

SHA512
9a66303710d06c7dc064353088a28ebbd5f37437f25b61a3a97e6826816693e0dfab9adc721ae49171c496e84ed15b29d140fd2ac2dd30305f66bcc2df86162e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
6aebf324b80c185882624cb77d7bea2a

SHA1
d454dc99c07fdbfdffe4e5e525a2f00c68be447f

SHA256
01956ba777ba6ccb7220c23c8f2fbb0f00cc4017f465050ab315ff8db663b264

SHA512
6417024a92194c7f17edddff7b257c14a20f6f6d9aeb9750609bdc5ae6b1845b25dd19649a1208df224df951fee941c69ef1bb355abdd0d2b7b79d66ea6d0afc

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
95a53cad001eb8b5ca7e24f9e577f274

SHA1
ef1a1c786cde752ef47ba8227c4a680b633683e2

SHA256
de84761a42b7d4e3e977126374314488f7289d12a769e8d413babc6d975d0c42

SHA512
ce170a43ad87d45967b0dc6bcbfa804a77ab9388e5d49df8cf5fbfb6b939d254bcaeab5322dec38027f37f1dc01be360628cf6006bc9fe08ad2c18913750f418

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
e3f3182437578bf5f96b1c94449c9705

SHA1
364b635059f5f886c552e76993a5258ba3b59732

SHA256
efad8ccca42db7deeda018daf5655ce9eb1a092344e99a09db088accef39a580

SHA512
a2048b836f11329aec06b12d81291d7ee9bb8ac757e4ad60266638dc99c702bc553274c1792b744bd1a8164794ba8f0da233c51f0328550a39fd75b96d89de41

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
90a5f7b30f518abb196303ddd6f2ae3f

SHA1
526a4abe6c42c9b331c679babe5def1d31e87d13

SHA256
975d953528fc5b636b87ae211b7c1d33be364c725de89e2e5a1d9ae8fdf07666

SHA512
7774cec409938294c4f6c835e96d19178df0e6c111f43439e862d0700d99be9c0e4725894ec546ef79e23ff609719b1f8cbcd5f36cebea6e6af1e679121089ab

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
2c5690207103e15168a0588070cf7ea4

SHA1
2c8e6b1fb03823e0245c2d26bca4f82f554dbada

SHA256
2e779fb8efbd58b1adaa804975f231d6e4e53bbddf165ae3354a4b8600b4af36

SHA512
debf82c2ba054ab978a0f7d2e708c78ade28663e410787dc6b5a65d13dd46761df39f7e449abc8291d991b8914992b4e70c7944243cd3674508e1068b5a843a7

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
8ec22671ce0938896ebc066b4d66de25

SHA1
d2c13ebf3c6cc18a8e9b88edd0d6cb30e80859b1

SHA256
e26c8f889022d52997b2bfa5c23617e586da02d73d2bbeec6025729360273a9f

SHA512
5576700f89fa0597229a1ac3b0b9731f46939229d6b8342f03b31cb81e43618b69fac76f7b653e4b45f9ceb6be807ac88e070416431c90f208619f7d88802718

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
c630f3c40141429f0d3264fb1f4fb89c

SHA1
c530e1c8faa648d34a2df5a8d5899d9b3feb38a1

SHA256
2d6c7aa870a2ec913f193efe1302db5599afea4c8d2ef0f1ed8d4c3d4ff2b1ae

SHA512
9a0db40fb4e6e81ab3eba0a235fcc2c46294bd9a6aa2e13c653110c4ce5f1e48d6a38929873960553dc9156178938abf53c5e3ff125686524c6a041e150d924a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
f19bf6bc5bb7a0003ba9cba07032e1dd

SHA1
3f72e8412770e8adfc8cf3436d56fa76f4e981f6

SHA256
fecf9b4e23fae1abd3574666c7bdf1ff734dd6d21f3181a192f42501428645b2

SHA512
eb7425d25d86234025678126c32bdb7815609749da7cdb662c355ec0166525d1364af88dd3cfff7a51cc215907e7782bbd40b8013ded22ca2771175aef1ad513

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
814342731b9bd8f2e32d91b2b05e3867

SHA1
01ca1700f2d475b841911ca09ceb7151f3a6e7cb

SHA256
ea913a67e8a63ddfc3e0158c30993f4a90d8a7fb2f4bcf4b5d96c03695aa90d2

SHA512
32cf7a55d19d15453da8e1ffa30005b26967ff3f7a917db6511b82da12dbd4ee6f9b93f46b67d9012cc7e0504cfd511902a7c86876de44840de6cd5aca562bd3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
064fc60ff686ab1fb85c1af45c0549fb

SHA1
0ab79eed531dd3731409f8e7ed8fe291a6bf1519

SHA256
5bd50a502bfdd33b91a7f1725f873a747dce6474f9aecf71375fe4ea6551ee66

SHA512
987a4b70e3b4fbb77556199e8430a6b3b89c0da0d32b4fc22a7a798634140c94d88ccb99484083e5ab7f52113b2c263407ff79f234c2811e173330c521dbb0de

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
c62cb32b3e489bfcf26b0a955cdc1cee

SHA1
6196a9049c7477c80e7e2b589d3d7b317e867cb5

SHA256
4178cfde84df63ec2457baa3c801869bf752756a7ae8b670ce3810a34f11efc0

SHA512
c5877ca4f3cd5650bfe5aedee7ca1cd6f375da7bfc1866865aeb6d578252196a171eaff715c1fa5c6e322583541bcf210d80dd7bfa0439df233fea56c392e65b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
2f3a25b1f9eb264f4b35e9cd18588d54

SHA1
374e83507b48ec88082bbc45eea6d8a971ff40ca

SHA256
f03b099d1272e25768c1d52a229f420ce02297537b1f2d892545adde602b17dd

SHA512
8b33368dcd370c77733c66a4a77af47b7f9ecce1402b87fa7caf0a9cd8530cdf0cb248cd9b1ae0138c6b4bd262c1d0ea2c09461f57fe76844246fe7153d59c5a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
39444724c85c15125ba9b340243063c6

SHA1
4f6ce7cd0b522efdca5066a81d880720cb50e92e

SHA256
9284b971fd3fab09f0632d6f6fec24563356f5d5f218ef9496abe1662e1fd324

SHA512
c30d846bf65bd29e85b50dc95a5233ac2f6aa31881c320ce72c58a30812cc3c874507cb853ccdfb8e278d53f968a09de1107bf6e56b5973e4f151d5d6143f312

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1011B

MD5
5bbb67ec38daadb79b11a7874ea91bb3

SHA1
55432cc95355158faf0872ebd97138edfd523f2e

SHA256
56b056601ed0433e0391fa49bd7e14c95c035da5aa7f56ad701fad3f9d0e6403

SHA512
d9ddd1f2487f6ca42657ce0cbf1143f911b702a052f3cab783791c21b9a3b5133620aca48c96f5548e1d6d5fc209724bfaf93902bfb9ed0d3c0fd60fb7878da4

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727662527520250.txt

Filesize
77KB

MD5
bcc3765e7119680468dcd37fcbbf1b7d

SHA1
db3968e5f021e5a4a7584a8a71e5bb62ddc9e54c

SHA256
6d5af7187e9c46395cbd0c63dc3fce79d6deda28da199e544a9ff59e54bc3f41

SHA512
05f81098aff2832ba8405b59284c5fef59b6146fca422261bdd97786844ce7fd9b5421364eb4073f6c700d3cd694f564b9c4a5ee8082945d7c8a0d026576475b

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727663115600892.txt

Filesize
47KB

MD5
8bc9a46c6aa591308e382022f9ecf050

SHA1
52250745c8a4a16f903d9cc607c59323a4fc7018

SHA256
e576bf1ca3ef244af3be3ebbaba68e5f73f3faa0dfb0af362848a294be3f1d44

SHA512
68fafdd882cfa43d66d320961c9a0c4b2b2fc4e01f28677fc3357aa9f5fe41b163c69cdd3e67a32cf4d00b131c1f8a616e3410fdde8831545fa3780605f6dfc1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727669117479246.txt

Filesize
63KB

MD5
8b87fc2c6b0b8a264d69af27e460dbae

SHA1
b92640f2be6b2569800e32156438ddf1aa617461

SHA256
389b697863ebd3ff109f3a98e31952b75c1096810973b7695d2cf6212ec25f51

SHA512
77150870be22b2a792af41a8f3d26bf01252fb4d3a39a08dbf26c6d3290666b82b33a7eb87389871139338e0e3e08ad4a6f289613810d063295f5705a93d8969

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727671764608349.txt

Filesize
74KB

MD5
2ec541e3b87684d1b9e43d29715cdea6

SHA1
d3a10b43a9e3ecbc417053593cd5627bb7b87e7f

SHA256
54bf2925af4113b74416c21de14593b890d8c91a6df229b696fefee748e3537b

SHA512
cc2f6b97c84c90d094d8f7b1bd2e0dc685daaafcbac4cb53cc2aa0ffab65bf52f107015ef9e0d0560b60e6048292182ca4ee66c16b3d29bfa6393391ded451d7

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk

Filesize
407B

MD5
2a727db094f6e229049b75618efd0a62

SHA1
a15f4e57db2dc19442bf6303d7fb18341345ee06

SHA256
42b70dba2b728584c5fd2473dcd0b13ddafbce6ad17e85081762150bca0d9e74

SHA512
42f30eb13268788127fe796ff836831f71838debffea0419a1d6bd812a0837bf95fad12b59388a2c6a8575fea2233ff4d36ace97e2f96c9b79cacf72fbd81d5b

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
605835cc89f8c453ed9a47ec55beece4

SHA1
a909e53128e49016ebad607ef14067db15dc192e

SHA256
cf84f4601f8f135e9376a47ffe2f6726ab2f89f4d36b38ce5d56c1159029f873

SHA512
e67c2998064b74e04104672d649dd7f27843f11f6f62a31df74118859cb398f1dc243dc84959c80316b10850a76b0f9a106fb8712a567db2c9c0dbcee50e14b8

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
a72548c44c7de13e0eb67fc4902e1dea

SHA1
a0afd4c9f350b9763e6da8cb6cf2e3551b4d17f7

SHA256
aaf12f261a084909e0de91e17ad3f7f0a3cd686cdb8d132ef859f71c22d0a5ba

SHA512
c89958e95c388dbf6e40ca8c00b0b17bd2d01220c5435edd5044f12e434380edc28c4b86f8279df2417c1a30db77f77f91bea597f48d9497ced62b4d0a415fd4

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
b3e6773d86e62b5a3e593c1bdfd666fb

SHA1
fe131afa5643c176452f6631fff9d5c5e6690dd5

SHA256
05a4c1ea30b24fdba061d4cdaa2918adb428746d526efbff9c128c9117667378

SHA512
f82ef287c30715311e8a8573a4eef3160298af1c84aeef3ac4b1cd89ed4c546bace7ee72be95824f77845c678c2d2d6f31175e4061e086358898bd76b060fa4f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
bc60d114ab69b8788b87dbbafc5f6ebf

SHA1
4b567a2ea842cc00af56e4b1f429b0fff35d2c07

SHA256
7bd64e2c1dff6019282bca56a03456ac11d508fe2d32b7fd8d624d40a90ee738

SHA512
2fd55da2a543702cdd05375b78f6585610bfa15af00e87a69348cd602128f8a095184d5224fdc64452348bc4ac03b483c69457176e0a1f6710496d46ae9e7fcc

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
949b18627863fd743d3c5a12a291c836

SHA1
5c287f46db8fe63acedcf57368e3e161ac45f7bb

SHA256
5c8680a6f21948a0b550234b563c8f9ecf92d9c7106133a6f0cdcf2bd3723e06

SHA512
1dfbc527ace32318fba9e2b413eef76bb25d7447140c5a5ab2029f97a1b01b2a4dc7b74e2f44fa4efef4606e297f95f89e311d9f254328aa8c4a74a68ff04046

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
3eccf7a0ec02d23ae792a90dc5955b76

SHA1
5288a0e0a6ead74340b7237c34d4013e7d0158b7

SHA256
0abd2da2d76ec0fe2886f5c1a540f6bd63969b4296ebf76962035e48e2079f6c

SHA512
128159cfa16b2c870c61a6e22d39fcb7dd310a975b9d75b0edcfced89d49fe189d874bc380d58b197dd8ea9cc55c816c4f597d1d9d0ce707c66b8f3b7c18f012

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
57d2bc66b4cd086855aba75bea21ae12

SHA1
93a0b2604de296f43a050082d95cfbd5ead8e1c9

SHA256
6d48d5713832abb353dfaa5776dcd0604370e5581afe9ca57c8503327646c2c4

SHA512
a47c0cb7393c1a0950751a0294103f9a5d10843217bbdf3c2251e81a75a147e374b44a8a195b86397a83b00cba961da856428d70e40c7a67e78973d84a6c431e

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
fe803808886bf32a8a2afd925a57c94b

SHA1
9a310a28780fc6e82a09334479b6575df9c47c21

SHA256
33835ebf4ad918232dc940f452d250e8e9e559886274f382b58378009daa3d6f

SHA512
6ae833d559eb97bf9bc197dca7ee53169f5f45352c55f0e9802c53584b060a0afc9092d57b18e1f43b8a57e1db5c05a1aa14ecc0052f0ef9b3b3ccfa3dfad16b

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
80568f7484f2d7f03af9d93baed7c668

SHA1
560642d59022941f2c1e38cdb32c42fc7e86772f

SHA256
79222e9f74351f83e5979080b8146252fadf375e483477f594b09fd63b288e3e

SHA512
597c432c5c8b4a2fb0072c4dc704d530f61386f1ebf4ac3a018a39ca637983640e228f85b9d87d5a620185b1b7769a971cfd80dc33b0b408a4ad21e77114aad6

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
e18c0f7d445db4c4c06308e43a3ad46d

SHA1
df4a482de1ff1af27694ea7bf7062c0d14609e3d

SHA256
a71d5c6d547caf766931be5a2fdd1aa44bac8dc0cb0a70bb4e5d053e585d8e54

SHA512
431916052c78338714d41573943cb3cabdfbfb11409f6c0838423cfa0b6e9dd26c21560120fcdd86049db0790877953caff975eae5f46e21be95278f3fbecb22

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
93fe34f92fb9f6bc3b5f585ebe96577d

SHA1
71ed8ccc063018a8eb7eeaafda1b64c7a80f8b30

SHA256
a0258819117f5f0dc7bdca3f64f7648cbef34c6c6b2d7c36fe477cd0e8d86163

SHA512
e4f1934c1e2fb83dcf25d7b1dda9b862ef886d4ae12a1ecfeb54d97f4ea873a86787114f2cd2c39532f1a661101e499293e37fde73220514c4697cb9a14391bc

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
d02b7220ce90d7c8e3ae38ae149598a4

SHA1
df318bf256425ce3bda38b10def747d53191efca

SHA256
6cb21335331e38eec2b27103ac334247dfec496ef6558453ba3e0369aafa8781

SHA512
7f6240b48497867909c118770621739c30ebc4f0d55b644c42e4d92816516ca0821abaa727adb5b183fda05bbc3ed71201f049970016ffb1763083f072a85e4c

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
c9030e6ab9e7eb8c0a91711c4696fed4

SHA1
848cb283a4d660c8aa228f4c693507bf2516338d

SHA256
1bc74c40ab10ad1c48d6f9546511cd817cb844932ecc7377e1e102a8c20c187f

SHA512
cbea5e65bf9565b91f931d30537520b51e23d6928cabc39a20cd840af30357a4eb401b014dcebd8d67c358debf7c69f7e0f3ccb6a54b08974a760d384eb4dbfc

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
e03c2d2a3bd90227c310dac5fe00ec2e

SHA1
801415d79fc6e4fb0044905b1e87aec0c9cb2d71

SHA256
1777710a24499be862df3aee02cd1da066b139850b0d708a294b51a8bef9c5a2

SHA512
b8847723878eb869a6dfbbd4ab538e9581bc59ee0229b18d9ed2248369996b4741d1cbc9ce5af8aa4eb2d48301dd07e45d068269c44753fe54586d40df72f7a9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
d5890ba9b8a51419f4f42d3a0b75f68b

SHA1
acc7c3a6aef2ebf63109232454d1213c0136f3ac

SHA256
a350895debd5ebdfbff92dcdda563f59e6260530a23abc2a5f9f84465da22d89

SHA512
c950b2ac5b67bd163d6c397d85a6b0a323362e2ed1bb1c81890b408fdf53f35818b0fba28f4852db1a1bf9b5a08ab2b52967771eec09da98c08b567ad540cad5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
d5de9a771f89a8f58aa01e9a8de7e908

SHA1
1d73d359f6d1986e36786820dd5747e69147ed43

SHA256
f5f280cdfcb299ae558721fb705c6193d886446a5d489f2713c1a6df62e99bca

SHA512
61265c1abf75ef4fe9097246ffa79397c3cf158e577793edad21c1f251a527088518a9d00d3d29070262e19ff11cf7a3d7afbade5af97c57308429df9695db4a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
ded44546b0745d2dc4d8ede39667b9ff

SHA1
46bdd19e087418e519a800d087dda9ad777efd45

SHA256
17006a0b466e244e38342ab098758f9dfd73689e1dca3d613679836b7c7cec71

SHA512
5573e09c0f1841c056d33cf48d6ebf7a03ee2fdec59692686c77bada9e7fbf21b889fc4afaacdac6a64501cdce96540a8295b79594cd85290ceec54fd18c716d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
da478314dec2972a7b6b8c3e9380078e

SHA1
8dd35e055911a8fc781142314ae84a9d77d001e1

SHA256
a2546efb3a51de3d21998d48667a8eceeb39b8813e555a4fbd75e76e5b32e443

SHA512
f4bfbe9a4a6f45a3800c3d7b901f39f87c11396a2610ae5ef945ce898ec07404e2c7e6f221f985985193e589986631422af6c0b7d9ef748f076be9ede97f7314

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
237e1324429ec12f6e5f516e9be925e3

SHA1
aea5910fe8fab47f68512855fd55bfa88c63e169

SHA256
f068ce1e83d65c491fc93ad2c9611cb10c80f229ff1f59f609e1de46f91d4e8e

SHA512
61cda29e05164ef3c45e26a02f045fb0ecdb808cc30230d9095530777be7534b3131bb540d02508aa7a9305bf0ddcc5881d0ad50708312e8d3d2a0a40fda102b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
9f85f767f6ecd3c0348390a3d764dc2a

SHA1
86a1a0b55ec3f5be6a92a0d154d162fe863ac536

SHA256
97990ba0cc4ef3cf01b57744a1a86105ba1c6ddb820bed818d9783283fc3da51

SHA512
8e652ae8817a80fc6d91c31dedbb686988319dfa373db86a090c6f125ad2499072864c426b8443d543bd72e031e87fd0da98354ef998dea23a04193bb2cf6e73

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk

Filesize
1015B

MD5
66217b5cf483049ae95fe75c00a45fd9

SHA1
eb0ea63ed001d5ae35c6b548746ba82135494684

SHA256
989c63e048ad9161ceacee25904013a2f69b7ab5c6f7657af607fee58842700e

SHA512
b49aa9f1ff76056a0d2b071153629d997e3e63a8e8dc0e81e3f7fe889ee02422cb8de5ba52e61a9cef6739e5ccd59263d1ff8b8abededa162678d51ed8e18b5e

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk

Filesize
1KB

MD5
4fbb03539308d2f4056b43b305cf0709

SHA1
9ee63fbf25c8062f2481eee532240d416163bd63

SHA256
1259b5f89874346bb5cc245363c22cf29d24306a7c8cec4cd76e6b4ea2a92f6f

SHA512
c76f9cbdec0b6e47da1463285af25edabcb802b9f422977d31f23a183be165092983280f64b26d0450665b4b5ea30224b92b48947fc2054d99d675747de3cf55

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk

Filesize
1KB

MD5
6cce374931e868b3f7dd34783d7aaaaa

SHA1
ddee6bb3bbb6fa4a6f95c96c1e51d69564551cc0

SHA256
046e6c136a95bf270e5bd54e5438570b42e86e98357972d31f9040dca8631af9

SHA512
f3ce14e68c73bbac17356a94a9ef263ad63215fccf5cf70df3b19286f79ddae01603480e415d978bcde125325842fadba69b03e756c60623202fc5c0b4a0b76d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk

Filesize
1KB

MD5
81b230ed4f6b8443774af3ac2c3415ff

SHA1
08671b9db78d1c203693524eb3be03f750711953

SHA256
6c8b0997788b121428a4aecbbd380a8178adaa147e2399d5ec5a3401a4a3836b

SHA512
9f62d1b91c4c84c37f3a0fb591c1328d6d2521d251e9fd229506a56d5465fef35ef1a67e700dcd6f31d79664de942fbe9d6a6566c7236fa6ff12a1cb010e85a7

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
2e5a313b81cd3e43a28e1ece94010447

SHA1
716e169794d75dd0f3bdda359f9049611c631326

SHA256
5d590f633a26e71b95b285f0fbd3b22c223adba7f40bbc9550130c5dd9bda632

SHA512
b9b128b1ef66ba9c960b032d2427bb3cf6a477c18174e62a5591e7ac28ec4fc5645e343161243af3353b6811b548b218bae633db5e4a110df32dedba15d668ea

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
fc93114ee3ca7fe8886cd3f833240a7a

SHA1
6c93f4cbd2f6cc55ca6027d3eb49f9facfe42647

SHA256
17f30d15d000a8aa4a11fb83c127a1f09f9ea7b2953245b382b6922d00a696eb

SHA512
ea1275f8f591f237475759926c9ab9a6cbf460101f322920666e321c973734f97fdc905f70b17e180feb3d41895e37ad9ef41854cc60028effb43016f688ae9f

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
431bec7b7bf901e1433c1f315cd9ff4f

SHA1
0259d321ae03c47e55b27e4a221b7fcd600ce464

SHA256
9548b2e5d8cfaf71aeeaadf0d51ea9a8fa7d35678e11892f247a7f52477c88b2

SHA512
4cf9ca5828fffcd679bfde599263cf3f8ef22fffd505c8751afe8efc72b7635f848d36e4f9452bbda5a5002db3e543289ed7b5fb1f8ba7d5563c097e3679bc33

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
aad565a68c89ea2b0e11d02b844634d2

SHA1
7901095721f61fc1801e5cc2553449d854d7dc12

SHA256
18d058d74c025142a0d00692bf1eedf21292cac26e7572af3b99f34655f7cce8

SHA512
e31d537ae8297b3b2ece26a044ad3e36e8e4cb16e3880df9cb2e630dccf7603e55477e9c63eeafa100d786f9ba23dc61074d1046bef59611504ca6e52ad22e62

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
7bce3ba543558629930c73cd369b4f35

SHA1
87a2afb047a2c80556e369b220a97f65fe7d8a77

SHA256
609bf41ae89670ee3ca4c77cc7eb90a9a15a867dfba413dc1e7461bdfc6d8c87

SHA512
df61eae032628298be825e14764f30a2166d7e2346c91ac4f9f88841c6558fe37c06dae07e03af093a081a7516446c24667aab6889e9505bcb5409b2dfa5338a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
e6a6c127005052bae7ab43c84afc5aa7

SHA1
d08ec67fd30112f1e80c9d98d0a9839f5cb005f2

SHA256
31839585c09550543b8f3019bd90c18317f6ac21c93eeba85ab2810c013da330

SHA512
917d5cd2990981e0c86d1266ca0ebd6cab9af8b281bbbd959993c96504b35ef0ab089ada753878adb7544180ad46441d1df781abc963924ab5b8a8b91c9eb62d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
e1ef4de9acfe0559a964d0101f550ad8

SHA1
060fc87e46438b19eb8a2c5add8af967ed9d8bac

SHA256
1f7cfcb3cc3d83294e41950701f1186bcc98c12dfaa9c8f97b0632434cb6df91

SHA512
a1db980c83587c2ef73572a951c1e3e607e1e36e3db1f3a04181490765ca3287dd3aff9f8297478d70034b77562f5033cc96d228c9e2567b00a3a551db1c561c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
a2402b71de3ba5f1f3bc6026a8d58481

SHA1
62603d1da166da59035dc8f01d864ae6d141d208

SHA256
ebde29f00e26674a280b7ae51e32298e4bc7bc6260cbd50bf0932eb3f0a2bdc4

SHA512
49ffb57bd3072f22f3ec214e094c3afc0fb5226d20adf4b015815d23e459348257b09ef5de51c7535cc8ef49440100be5bbeb45f39950b10778c1282ba56c4f8

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
be89bd59b58535efa85cd0e2adbaeb41

SHA1
19cee2d05638ffe9f520767fb806b7346cd8cf84

SHA256
9a35499959af5ce37890b36a6923e0a15ac8e626d9e5cf161f8b1736d01767a0

SHA512
7061aacb707c7cdbd9a5025497f8e41f6513415f2fba863d345f4ab544daf0137c5f6716cc11643f013549c14949493da91026fbfece1ea970971a6e9cb10922

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
eb43182a9ce3261f43ae128eda93332c

SHA1
73df67d0b40faa61e55715004ea74e9913ac10f5

SHA256
02bd1be22144311c047e1de0e09baa1d05c47bf23ad1b4258719cc22043d9c29

SHA512
2e8b9bfc421591c033238d33430232a130f349beb90e1bd641f33f31835fc30538e8aa79e90728dd206882f7393355d5ead8780a0bdb366a965cb9472ed14772

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
00dddc0d376d4efe3027512a08ecc7d8

SHA1
5507da0e9c8132e2510768cce2ff846f7928f029

SHA256
65ac6aec9dd408881263614d77b9020ee584c447f5e110548bb41cd9711a6541

SHA512
398462aa895d4a26c62b452009484c1edcc70f6d3dc3e41a0c385682faa4a6d6a40493c423546f80b435825099d96ffe4e15f08368116d91c48d6fc0e52d69ce

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
454bbef0ceb30db7a04b956db36c3a59

SHA1
7f0bf9a19ed41d83201e12838660e51900cd3e94

SHA256
51045ab4b3ac7087aec54633c79be5485692dfb207aa27ad778b4f2fd45405c5

SHA512
d23fba0cddcef6c332f57e2688a4b3de8977e7be3c9a4015617bbaecc633b5e659c5624d920b7dd0fda9e1831df290fd405b148c1508fb6ab461f734418f9582

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
7ca2d4fed4c497e716e4f4e2957d1e1c

SHA1
bcdf5232a34145bc7e4238cfec6b73d3b7c3fb1c

SHA256
914ab9619da37e179ae2e6f1c49874e1d74a63fcca91ed38572f299067b2482f

SHA512
232c0ac31c0a371dbc20d2da9c08420444e69611f82d3ea35aed2f57496f8e2cb224fdfc40d26f7c9fa12261ac91c2680cfa3fcfe382fa4f1326ea17bb8dd285

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
539a7dd32a405f9035ff7adc79ec75af

SHA1
6ba1d432c485dc5b942d94de50014551142fded1

SHA256
b7429c76f6c963d7ff42c10198bb983b9bb25756228287996fc80a78c23e6355

SHA512
43a09c3db080a373608879a89fd954e61b8512514da46fa3f7199120292642bd9098529b5064b59066a208ddc143ba51ac0f91a53c6ef201c78720ad54d9187d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk

Filesize
1KB

MD5
76f92bc90744a18a242f84d0401e6b79

SHA1
7f8f8b8fc4f3f8d2609981ceb757bd046aa7868a

SHA256
cdd12fbc608e53cb071e5cfce48a62545571d521ff54dd917f1ee1f275b2cd56

SHA512
16dd77299b6b9360c73750756ab150a0bc1aa7a10e10482f04d4f373365fd25e5d413770321a4e8d901741c0f6296a90e9df6447a9e0ef2659c4d5a47b30e704

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
5c2870ff26ba358133ee8c4d55539b30

SHA1
ca4e70bc14ad35a08448c0601b8410d32e263645

SHA256
b80354179769b6758964db2e791a8059208f81837775b7542387e0b21668f1a5

SHA512
aeda3641bbb4ca55ab8a2de7b43eb8dd4abeb1d3f592cfab5f045df93f44b984e7f752bec2d1164389e41ba8e72fe9db54e4ee86359ebb7a602ce60b23267bf6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
1bcf2c00c2aa413fd11ae60a0f8a6b9b

SHA1
cb877addcc4fe572b9937a6ac3a35d622f93bfa7

SHA256
6d90f1111d522213e002d958cf20023172973a7d9716c7350f7772192c279e75

SHA512
d194b325da46f4f5b6b87bd46ca3123eecd7438e692f1ff9cf2d6f6f31ab16c07817ff20fad270370e6a30b9224f1a555cbbe8a6783db15b260421afc0549aac

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
36c36592d7d17f98a53dfa3dcb55f3e8

SHA1
c649ff947aacb90a1bba39764a9fb565ea13479e

SHA256
c0d08fb5532f7c99f61e013a83b0ea36c4e8283e0e59b49e5bf17d39235a936d

SHA512
0cfad0d3dc3fd342058714c1a16db37637d9e6fbfa079ecd0a768344a405597e185952acc3ee512e84e41df7f9f40bc0e827eaf0ab9dd15870c775855d71d33f

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk

Filesize
335B

MD5
b1a7077aff710928d3b76b616a0e9c00

SHA1
ff87bc6856b3048d5dd8d7e9157fcd78c99da814

SHA256
da69d1d291bf7e4bf7c7e0360b4a49eb464591a55eb98f33e01a155cf2b79cf1

SHA512
a5c96d10fff93319eaf51a65306b5e91058ba7da6ee0de1e554643201f0de339a2138e99f08df885efdb1273a25ea1d6a4afa7f1e27757ec1573d8f71f3e204e

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
4fdc4d5c2f28e0103bcfdf3d8b38c66d

SHA1
88f837cd4ca537e12c37599c4a8d87ee715904ab

SHA256
f4c8936fa0571e11213e9daa5f517e68cbb4067b7ad121c6e1f44977431d0730

SHA512
3c249bd51d81ce5cf689aa2d8e054b174df93247e62aeaacdd586cf2dffc5189959409d44d11208aba0f35407de5940ac9aa180c3f089f904d20eb0f0c926fac

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
8d681170e1514b01657294246932251c

SHA1
11b19611e87bcdc2f6ce2b450a4cbcf64b5290d8

SHA256
c3a681e8f2d0d0c972703b6e59ece88235e05ce1361d5a588c13d62f0b19a419

SHA512
d908ced34f3ce194e00bf50aea137b8585bda439b8acabcbece49ebf7eec658ecb2611cda157af9064b9e89b2cd250a99765fc5a314f03f931fe1bcd0262616e

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
bbe127b568c7b63c3b60645fb39cb3e7

SHA1
be877985363d6f7b370523c70a64d037f0bd6d4a

SHA256
1bbd9ddeb7de83337a14ea0763503a77d2c45fe0fbebf98085f44d0998b68e3a

SHA512
d2974e18d0930a6be28b1626f540977dd53fe4d1e3918aad1c1a72768fb69da4e560effcb7ce7c9d74320abfcdb27ac8469f8f3faf7d09555847ab64b1be4356

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
ac027cf6c912513dfa47d6b30918faf2

SHA1
8c074e1fdb68f949fb3255d9712c2cbf63f7ed76

SHA256
5e0ee342230020774f6b777d58a1c8c7b1906d4c554fd07a37da56c0b2685cc3

SHA512
c3a039ecfd2d498849ae6203558a1a5305673fa0e8efe968725be7044f18c677a19f6fa9057603bb862b634ac0e833d986ed5cd91b9ab14f1f591075926c0d84

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
b03397eb2288f26ac08c686e39637d7c

SHA1
125cc287751d3099440f0bedf0c3f863cbc1ca53

SHA256
198af880a31a65174fa44a4b901268b7e82bb73ac6b22aa6347d991294cdfbc1

SHA512
5f247f866ff0c922248fd2ccf820ee322122e1f46031aa8a29229aa15cf204180ab62aa127f68d621cf830b27787db1478c29a4b41061026458320322cff280c

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
fad2d9e306347b16d99d6177a148ccd5

SHA1
d33d6045c651443e4e88c971477b61141c3f45f5

SHA256
d8ce5847952a22b7be640a19786141934fd16e4463518b283004ebdc83cbf210

SHA512
4b3f621640266c6bc709cb288a3521a67d9dd027674f2fe02670fa4a533ae1ce8594b0b4d7fcccd68f26babd62a58d73fa998480d15081d8e68ccfaa69d60a16

Download Submit
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk

Filesize
1KB

MD5
da56ca859d8d1f5ccf1f26c2c65a6eb1

SHA1
2fbef040ba0a38bbffee09a971a1b72a18586bee

SHA256
b63e1d025b39efe57d0d1cdaec1080ae891f8e814c728d2188cebde64ba2c2bc

SHA512
e0bd411873fc22c0528bd0443fa08858f14830be8fcea384c6652b2a697fe08e27e69b9c46e57b685f8932d8ba66b4327363f3a1e28265148d1f71f4ed1d4b1a

Download Submit