a1ca366e1ec7f9d391254bb5d45cc0261a3b2a6a2352f11527c51208a1c137f5

Analysis

max time kernel
119s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-10-2024 08:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Size

18KB
MD5

6135349bfbaacddca58ae566fc235491
SHA1

711d8a91866a1012b8d55381a45af5cc71eca140
SHA256

a1ca366e1ec7f9d391254bb5d45cc0261a3b2a6a2352f11527c51208a1c137f5
SHA512

6f4189a18df4296e43e987496513628633ef3b6e6d391ff7e31bd39b49c656c3708b03f81f60c0e6282381520c13a892242753e645366af1dc449879e7cc8601
SSDEEP

384:eebFNw4Pk1itKkpAjjI2YpdmVa4Vg48JrX:e0FmBkpKjPYpjFX

Score

9^/10

discovery persistence ransomware spyware stealer

Malware Config

Signatures

Renames multiple (2186) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Drops startup file 1 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Alcmeter = "C:\\Users\\Admin\\AppData\\Local\\Temp\\2pheq6ZBMROry17.exe"	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Drops file in System32 directory 64 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\FileRepository\mdmpenr.inf_amd64_20c8782372e47bd2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ntprint4.inf_amd64_0958c7cad3cd6075\Amd64\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForAny\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\acpipagr.inf_amd64_a3248d35e6aba0f3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmboca.inf_amd64_c4ed3602d3c754f2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmhay2.inf_amd64_e87e378eb673af65\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\rhproxy.inf_amd64_7d28259fbc48ab7d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\F12\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ProcessResource\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmdcm5.inf_amd64_a432be022b5f8139\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\msux64w10.inf_amd64_5aa81644af5957b3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netwew00.inf_amd64_325c0bd6349ed81c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms002.inf_amd64_2176cc45624119a9\Amd64\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_UserResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForAny\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_linedisplay.inf_amd64_a720ddb820f10790\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Licenses\neutral\_Default\Professional\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\wbem\it\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AssignedAccess\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ArchiveResource\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ServiceResource\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Dism\de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_fsinfrastructure.inf_amd64_1ef682cfd6fc7d1c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmcomp.inf_amd64_bf289615d063c627\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms003.inf_x86_360f6f3a7c4b3433\I386\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\termkbd.inf_amd64_a0634dcf2da1127e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\it\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetworkConnectivityStatus\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_mouse.inf_amd64_822333b41326bc2f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\zh-CN\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_fssystemrecovery.inf_amd64_aa57df1ffa9aace0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netbrdg.inf_amd64_8a737d38f201aeb1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\XPSViewer\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech_OneCore\Common\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_mtd.inf_amd64_2f8cc39571965376\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ehstorpwddrv.inf_amd64_220e4fad6c84d016\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\image.inf_amd64_d2006c0517ddc60c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmlasat.inf_amd64_36a71a022d8bb0bb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\IME\IMEKR\APPLETS\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Engines\SR\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\@AudioToastIcon.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_fsreplication.inf_amd64_cadbd20a667cf903\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_volsnap.inf_amd64_47e3741bbf4d6b06\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ialpss2i_gpio2_skl.inf_amd64_b68199ad84607c21\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wvmic_timesync.inf_amd64_aa4bfe1897922114\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\hr-HR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\chargearbitration.inf_amd64_a0097842bcc7e487\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\circlass.inf_amd64_9f3f831d13d3df1f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_sbp2.inf_amd64_db7034ac4806cf05\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\setup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\MailContactsCalendarSync\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Printing_Admin_Scripts\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\@AppHelpToast.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmnova.inf_amd64_4da8a5889bbd1a21\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\microsoft_bluetooth_hfp_ag.inf_amd64_d2736f1d9bc815e1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_b6748bc8bb8ccf4d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\smartsamd.inf_amd64_2238284d493e89f4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\es-MX\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForSome\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_LogResource\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\acpipmi.inf_amd64_310dc613a7e31ec8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Program Files\7-Zip\Lang\sw.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\LargeTile.scale-400_contrast-black.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Exchange.scale-400.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\Glyph_0xea23.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderLogoExtensions.targetsize-40.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sk-sk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageMedTile.scale-100_contrast-black.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\contrast-black\MixedRealityPortalAppList.targetsize-80_altform-unplated_contrast-black.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\OrientationControlCone.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\legal\jdk\dynalink.md	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\Windows Security\BrowserCore\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteSectionSmallTile.scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteAppList.targetsize-64_altform-unplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SmallTile.scale-200_contrast-black.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-16_altform-fullcolor.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsAppList.targetsize-32.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\Assets\GameBar_AppList.targetsize-256_altform-unplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\182.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Lighting\Dark\Sunset.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\sl-SI\View3d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-white\SplashScreen.scale-100_contrast-white.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\Folder.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-white_targetsize-72_altform-unplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-96.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\AppIcon.targetsize-16_altform-lightunplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\ro-ro\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\ko-kr\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LogoImages\PowerPntLogo.contrast-white_scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\hi-IN\View3d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1906.2182.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-white_targetsize-36_altform-unplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\AppCore\Location\Shifter\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\WideTile.scale-200.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\nl-nl\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\css\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsCamera_2018.826.98.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraLargeTile.contrast-white_scale-200.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.12548.0_x64__8wekyb3d8bbwe\AppCS\Assets\ImportFromDevice.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-30_altform-unplated_contrast-white.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\YahooPromoTile.scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected]	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-48_altform-unplated_contrast-white.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\Doughboy.scale-300.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\AppIcon.targetsize-24_contrast-black.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\images\example_icons2x.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\uk-ua\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LogoImages\OneNoteLogo.scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-80_altform-lightunplated.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\8041_40x40x32.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteWideTile.scale-400.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-32_contrast-white.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\MSFT_PackageManagementSource\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\NewComment.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\en-us\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\GenericMailWideTile.scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-ma\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\WelcomeCardRdr-2x.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\1033\LyncBasic_Eula.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsStoreLogo.scale-125.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-64_altform-unplated_contrast-white.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\assembly\GAC_MSIL\System.Drawing.Resources\2.0.0.0_ja_b03f5f7f11d50a3a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-devicequeryprovider_31bf3856ad364e35_10.0.19041.746_none_b4f3e8d89fa3d1e8\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ltinstall.resources_31bf3856ad364e35_10.0.19041.1_it-it_f37892a2db226374\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ybinaries.resources_31bf3856ad364e35_10.0.19041.1_en-us_c2e1ed5d5c8d4a54\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-inputswitch.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_cc2bf3accbec872d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..providers.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_adf44b5c1ef1eedf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-msmq-powershell_31bf3856ad364e35_10.0.19041.264_none_a6e44092b2d6a51a\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-kdc-adm.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_a352edb4095c0e82\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft.packagema..uprovider.resources_31bf3856ad364e35_10.0.19041.1_en-us_cae4735bef53e611\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-c..ent-appxpackagingom_31bf3856ad364e35_10.0.19041.1202_none_98c31ddfe48342bc\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..ices-msrdpwebaccess_31bf3856ad364e35_10.0.19041.746_none_6fd85971debf998b\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..line-tool.resources_31bf3856ad364e35_10.0.19041.1_en-us_70f9c6776213a4bd\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..ty-ngc-isocontainer_31bf3856ad364e35_10.0.19041.1202_none_016caa8c16e51981\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..ngshellapp.appxmain_31bf3856ad364e35_10.0.19041.84_none_24f8aafdaceaf0b5\square44x44logo.scale-400.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_10.0.19041.1202_none_20ddd445a787b81f\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-s..iprovider.resources_31bf3856ad364e35_10.0.19041.1_en-us_94a0e5474d614e0a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-windowsuiimmersive_31bf3856ad364e35_10.0.19041.1202_none_b0e4aa5cbda05866\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ldap-client.resources_31bf3856ad364e35_10.0.19041.1_it-it_1e07c00a908f8d0c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..i-asyncui.resources_31bf3856ad364e35_10.0.19041.1_es-es_ec3435bc07095c1a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-printing-wsdprintproxy_31bf3856ad364e35_10.0.19041.1_none_47845d0f1fcc412c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-r..e-rassstp.resources_31bf3856ad364e35_10.0.19041.1_de-de_f5df7ed0094f30b7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-dims-keyroam_31bf3856ad364e35_10.0.19041.906_none_441d509ac0ace14c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ocale-nls.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_bcff0d4f8bb8f0a2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-control_31bf3856ad364e35_10.0.19041.423_none_7777dd52093f9dd6\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..p-listsvc.resources_31bf3856ad364e35_10.0.19041.1_it-it_a349f4a6799ca6da\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.19041.844_none_d9eb415c5b9dbe4e\Square44x44Logo.contrast-black_scale-400.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-ping-utilities_31bf3856ad364e35_10.0.19041.1_none_69775cdd639910cb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..rendering.resources_31bf3856ad364e35_11.0.19041.1_de-de_4dda1dea1ec67e82\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc.resources_31bf3856ad364e35_10.0.19041.1_it-it_b2101dbabca3407c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..icesframework-msctf_31bf3856ad364e35_10.0.19041.117_none_53de5f904d7b34f8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netfx35linq-msbuild_rsp_31bf3856ad364e35_10.0.19041.1_none_86df8ca5d7903894\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-d..-japanese-legacyapi_31bf3856ad364e35_10.0.19041.746_none_9fb24601050af741\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-d..me-japanese-dictapi_31bf3856ad364e35_10.0.19041.844_none_b4a737a0a8a3d36d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-hyper-v-m..t-clients.resources_31bf3856ad364e35_10.0.19041.1_es-es_a3ac36604c2c172b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_multipoint-wmssystemtab.resources_31bf3856ad364e35_10.0.19041.1_it-it_c590ddf77e4dcb76\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-printing-winrt-core_31bf3856ad364e35_10.0.19041.746_none_dcbf04d49eb5e7c2\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-hyper-v-i..ationcomponents-rdv_31bf3856ad364e35_10.0.19041.928_none_1fa9f09ad10e24e0\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-inputservice_31bf3856ad364e35_10.0.19041.1266_none_2eafa4d6eebbbc04\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-w..ationservice-netapi_31bf3856ad364e35_10.0.19041.1_none_2b6c643e548ec657\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_wsdscdrv.inf.resources_31bf3856ad364e35_10.0.19041.1_en-us_25d6bb9ae33e4c22\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.powershel..ion.odata.resources_31bf3856ad364e35_10.0.19041.1_es-es_595eecd079eab6c2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemResources\Windows.UI.Shell\Images\Icon_MMXresume.contrast-black_scale-100.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..oolsclient.appxmain_31bf3856ad364e35_10.0.19041.1_none_75cd350cc8b5dbcf\minimize.png	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netvwififlt.inf.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_5ff5fb08690db5d9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_10.0.19041.1151_none_1ff907b40ed3d811\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-composable-switcher_31bf3856ad364e35_10.0.19041.153_none_2fe7dace2cafb8d6\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-icm-base_31bf3856ad364e35_10.0.19041.746_none_00c13520e8327e0a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.virtualiz..client.6.2.settings_31bf3856ad364e35_10.0.19041.1266_none_6c7a8e778fe0fed8\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.19041.1_de-de_c3e98eeb3b8b910b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..spellcheck.binaries_31bf3856ad364e35_10.0.19041.746_none_00c6cd22958b216d\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_sdflauncher.inf.resources_31bf3856ad364e35_10.0.19041.1_es-es_8b57fae90a427954\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.transactions.bridge.resources_b03f5f7f11d50a3a_10.0.19041.1_it-it_d94e846b6c1f3dc0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-p..ty-common.resources_31bf3856ad364e35_10.0.19041.1_en-us_c812fda5c4b1dba4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ouppolicy.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_78eb9fbcb0a7c8a7\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..topeerdrt.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_0ab0f7569e46629d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\ja-JP\assets\ErrorPages\http_500.htm	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_scmbus.inf.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_6d3868da63c3128b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-p..shell-mui.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_2fff65910733ebda\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-directui.resources_31bf3856ad364e35_10.0.19041.1023_sr-..-rs_7082cb9b56d1e7b5\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..rvice_mof.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_87fa2cd1b83cc1ca\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-international-unattend_31bf3856ad364e35_10.0.19041.906_none_a892faef80a943dc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_hyperv-vmemulateddevices_31bf3856ad364e35_10.0.19041.153_none_8a3087ca720b75f6\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

Modifies registry class 10 IoCs

Processes:

6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\shell\open	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd\ = "XQZGQTSALYMJBKM"	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\ = "CRYPTED!"	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\DefaultIcon	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\shell\open\command	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\shell	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\2pheq6ZBMROry17.exe"	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\XQZGQTSALYMJBKM\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\2pheq6ZBMROry17.exe,0"	6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\6135349bfbaacddca58ae566fc235491_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:1504

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
97a44d340fc1702518559c1f9db6be31

SHA1
e7b38bc62b2634b86eb28003ef89038e180fb76c

SHA256
a4e1c3e7ffeea70412744aff9c6f56e4def4df7af6d411df5146744d1987fa19

SHA512
7b6eb2950559de3efb4eacece916b3c8d96f092d0fbfced52fc2db6223e36d8bd1956a38b45f74ca73144f135ae67dabb500abb0efa153f5ad2582769fe75556

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
9a8ce172ffd089e3fc4738714ff28737

SHA1
c982d6a3350108ec978819a1b3ae840baa48da24

SHA256
e8e2df0e1444d0470e11f74eda6d1ccec1d89c3c8dd3cd4512f30a1fa58330a6

SHA512
c5d0c2b4537a46dc123bc2143c1d2d210fb6cb27435cb2fabe360b3ba655febbc07233e167249a6e0c1248e415de667e21e96d25591a62dee909c710dad87c6b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
fda1895a4e0abe04a483a14c270c1ca1

SHA1
8ff220d6a80a6771b0c49551f6949053faf5adff

SHA256
0208f144ae86d0e1ad107a1419258f8cdc7807d283803b1379f6b69eaef15840

SHA512
2385e6199ca2e9bfc2e85a7e2618c24ec9244159d1afcdea1cca9c75fe470be6c99fbe0561e334a0c63b0cc573bdf418cf2f21baa959fc1baff798b2c823896f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
18db11693b6f4b6ec44624406599e86f

SHA1
5c784917db31bd8f87004c3b28a1f9e13b7dde00

SHA256
2cd0356f90a22cc50222b42d425995bd370bc805ac5ae23966a76fc9ffdf0921

SHA512
fef15dfe222b21738e3d084edcbaf55e982b8bb298ee826a22c53b0b9075015ec3ade734f3dc7bc0b5a1b6d8d12b2222244a55f5871a23dc0038c13aa77f7018

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
3e329182c1e93b515f221a1bbb433cee

SHA1
ed99c307bbca2955f3396c2c39f1d4cefc6a84af

SHA256
f6bf043d54d911d2db564406691b2989530218e46f5844cd3165d18277ea627d

SHA512
4d46f7cefd1a5402a0f5ec373943c1883b946e71d0b973e9e4bc4c41918fa5c9ad0c30c16817e30e86e2bf4b91887284af0eebfd237af773416c866e132a7a1d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
4b73409d3e89f85ba80138a0bd38afa2

SHA1
948ab4b6fb1313c33c9eddd54da998c8da8a5598

SHA256
186ac1cba6b4e2afa02a5e9cd8bee026e6aced3ed813799a0412ac33763f7698

SHA512
50e00a4e8807a17f6c9d33a1de87ba9c22d9c0c6c9dddfdc49f8a5a65c85610be0c29f47801683eb83599ed8e503c466510ceaea7d09b20bccbce418340e2ca8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
a7c97f37d0f75ca44d88030d54b82336

SHA1
a3067c5be7293b5726c426f0dbb09e9dda908e1f

SHA256
ad90a8a797280ed581202a90fdb9ddd91ace9f67dc2113132566b7508d9a1bd1

SHA512
5211b26d3725852c7d11e782a241765aed98a860c8ed811b90eb6c3242ba2df93c69e380b74cad5be5d4be23a438f10da0fbe51dbf0e17fa75b89658cc569dd0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
18870500415986abbf42a6618e86b33e

SHA1
ad14e4cb30ac79dda9f7376fcfb806261e4f7333

SHA256
dc8ea2b68b89a639659670e55e372ff94610849aec7361242bdee52927c9c25d

SHA512
6c55ae418bef712fd418a99326ab83aac81b8b6160fa6e16fa65ed20f38bd2ccfb1d8da208fb025dc5252c07a820b0526f3aa5b2ae07ca121794b76ad40aeccc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
20653f4c92aab48f519223adfefe6995

SHA1
add27b0ee32969496ae0f3b05385c121534a70e4

SHA256
1251c1f06d89a69f5a0eb9d002f07d0399d0bbe7b077157b61e8c1bd4dd04405

SHA512
d6b8fec147518df6ef55ffe439b0814cdfcee0e5ac8725f2fe622bba3b442154c890ef78e8b773b6a96c9ed3ffd38769911cdcac5a9964b9d0315553c60243a3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
0168d44905a2374849d12a1e38003d1f

SHA1
443d6ebe993c6a4634394b27dc2c0b53bd92af41

SHA256
519c6500b3cfe6a4cef4ee909bfc443e1af71064f75d7241242e134e4f06d977

SHA512
2f61ad0ba68c451d2d0420d85c93e2db8cf1b403089438af1efccd4a6f91313967d1944eb031d57e6783246de433d789249c12698f375079632c9a6abfbce3db

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
d7873de7da7fca22ff3ed9ac88049563

SHA1
0c7cad604c8ad4f61ae9ea103a15e0905b899b50

SHA256
e6b277157283c00cc3b511953d9e6313cf61817aa92239e62661954cea2da21d

SHA512
e03d310535610a231debe69c2563a78b3490a17941b2779b7a6d941393cecf9d25510d7026c693b9a61afc1d8b1781336e69e4f9df0fc93844d1ea57159fe784

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
851eb2e14d78fc0ffa691e2f3403f16f

SHA1
396e1280fabcf56f067bdafc89b505e28849e9e4

SHA256
de09e78c71f1dc9edcf853c5db193b3772300ae18bc4dd26dbf3fc715598f807

SHA512
a8c0f7f1af623100fd8ccb9812278435e04e1c089a7a4b18b9a4fdf8da5d839e3f8872e5a08834e68a4be344fcd61262ff7104ce33c20b988ef814fceba8bc24

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
908a3f40ad0e55a9b02b8565725b6c5c

SHA1
01e0551ddaaa9c8780709109eea4f3a528f65883

SHA256
23f7ec5260e7551df707f3829b1760536f67b60d65df99e0183273c0816e5a9c

SHA512
3d4bfa2d448622b8bb6cc9c7326872daa125156b9e9ea4a122e3a5e3e8c3ecccbd2ac1917a919308b153116ca2db4e9b073ec23711e258694748c5f24327d4f6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
cacf375a25f5762340dae7dd2a0ddf5d

SHA1
6cd233d2bd0de4d036e2f9280bc807d9f9df5252

SHA256
8b5a5bc356f1d31464eecb29695226ac46bfec98e4163a188042099220f4f8b3

SHA512
6f53987cf37591a619eb7418605321b3238493db895ec4e010408a0f8e7b10c810533bad65ae79a4f722653c7ce644be70f9371a1edc3acc5cbf12104e8b2e5f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
ba0aacc9dc92ceab85be3035638bb283

SHA1
a382af2a5e2d174a869f87dddf9247dacc3ce844

SHA256
c8487a7f8fa5fdd8dedb5b3565fa0294d0aa0a07f489e06d43ea7fd57cf69aff

SHA512
9241a7b97c1e2e1d3f563f3d27af29849cea5a1506cfd55c1a96a8a1cd45892c6050d6b49eebcc861db9ba479f55b87de38fd5a35651d62934cff6c196477d35

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
95d12fcbbade78c078e18cce1557c5e8

SHA1
98943ba730f6202655417df8769526b71ad7b249

SHA256
d87a9ee3ccad9fcb9d94b77f9891eabe0e0350904920877564d7756ace28fed3

SHA512
8347d096b5def2570e8d4aa3384122b28dd86d691c11538f470f37c639a1830f7ef65029a0d7c0275cf42992725d37fed1fbce63db49517f392f8afb44fd5dd8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
7f3f56521266ef430611ceb7840b5f64

SHA1
93be151b4cd9704760e70b5e3ea33d03796d1b7e

SHA256
e0e684585e84ae34965fdefcd4d7a6277ceafd862581e75f445790bb1ba2d66d

SHA512
e803e249bf752ee73c7f87d6d7ff4a0969e1082aa50bfa209e335e4b0ed7c3597b1efb2d453ff3f7cfb7a01404e74ceddc65154611a182c47ee36d1738f65be4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
5a7c7c9a9a60024a2562b8661ea0edec

SHA1
7026ba0cb2c1f1f5920a29d9f0a88c66ad52dd8d

SHA256
f3e57f014300f64b3fa358aa3c42028f4e481a57ecb1064ff473818b349b775c

SHA512
3953dc083b2eafaad42f1553dcf2ace7797d9ef81d4daa4d05b319ccb203433aec1a8219c6b8c8e4f7d2631e7afcd694daa3a36bc21d401b0eaa129edbd24c19

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
17ea48d3bb73ed790773ec12bad9d015

SHA1
e3e12ad286fcb4c9ebeb4b13f67ea29d3b49a2ad

SHA256
367cedd7afc90f000cbe1aab4d4b6ff404e1320d0de0cf7393498b7fc7fa16b9

SHA512
96fd9aeab8343da9456aaa91f10fdd3bbaf68e87288909464325c409704a13b03f8be0a79d7c02b445593806c271f38a70e02ea7d130d980cfdbc2cd345ebd5b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
abde08b0baf4bb3169a3c50c213917f1

SHA1
e866889f360181f7768b869a75c4fe3fefcf9daf

SHA256
1926c2ac59f7c650e597c30ebf55bb8727c312a0ae26604a68c0d5fff06f1292

SHA512
0c377a0cfda698af9482e83dd67b976d96b7a9e01b6bb6177998906fb755c90376cca9f3852dc3e408bb425b4d0a3f4de47ed4058420a4c7eb8bf152977b92d0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
39ffb8eee8cc758646e62fa04fafb553

SHA1
73a313df8f6517edb08a5427737126047f46b7a2

SHA256
71aea0adc8b80677c42b22f28b1e57b8192f217abd3dbdf7916c6a935e0bf160

SHA512
333e3dfcaaeb920b80a03eda24c38ba9e6a6df6c65d117588c5ff4400a0254fa3e84d9d356fc6ac7302eaec90ce90bb9b8702858667d7cea7940e07fd1869672

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png.EnCiPhErEd

Filesize
19KB

MD5
91d20beeb53f7196bc46eb5fa070e470

SHA1
9feaa837a1c3673aa0e5f3d33a99fdc582e634a8

SHA256
2c5cdeb80d1976e03ecf80913cc478097cb7e8909e0cf75ecda6cfc5906f9fae

SHA512
17b1e32b924426d9ac1d722b12556815ef750f58e56262125325cc094669deddc5520d1aa959e4de88cfdd43e9f9e5450ed8a15484b83b33feed5bce4d5cc8b5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
35526a9f3f15fd51a970a40dd605b0e3

SHA1
6f3e9565b23d5abfaffd1acdfd2c8745481fd540

SHA256
d6012188879fecd8b83a1dd25d0e323fb50b23a5b15d47f8d38cead05d020ecf

SHA512
bbf8a5c7dd848cd5f4680a6f52033ae1dca0f486fd67b22229fb626d6e9deffa1afcf6ebcb7d0330450f790b55a00b7c0618cf033e3693c86ff16600ee677bf9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
bd251ee4665af7c001b4b567e290e45f

SHA1
40553b9dc895ba2f338b0844e54a96266f42282c

SHA256
a35a719710dfe53c795c9397bcc4eef2fb7ef2f5463bbb168e2d605fe63b3313

SHA512
6923e5886abe31c0eefe5db5414dc5aa55c8319e4c966aa72747a511d46c2d4a3c7a6f84351b9a0825356860435223ff146c70eda9053dd91c97c3a89e13be7f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
01e5ef527d0b93786ac41864c65d7d8b

SHA1
b646f5549e75a47d347e20a3beb9dbf9f44fab29

SHA256
289c09919186e2a95cd303303fb6e5a6226dc8597c7a363c52b33ec5dd1b1625

SHA512
677fb549a2a712cf085034669086fcb0bf548d6b80e2754cd77b223b25226b7f9a8fe7c39c95a13bd5e3629022f605890e4a3654b8f3f40119cf76ad1a13e006

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
75add7e0458c2308c0c7cbad3ea3b378

SHA1
ed0bb32b9d3b8e097ba65da2d36ad142f7fb8651

SHA256
b4a4ce52688447dbfe33fe064e9c359e83b79e332e18c5600f56ba4f1ff3d4b9

SHA512
e522f46e0824a93a23cd369e7b77853305c821c9f6f5fe38302c96743e201d69545bcde69d69e2ec39532b842cf5c34c561cf6e51077067319b9aff01be75255

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
b62fa68f8c5544a5e26de498b36a2ab0

SHA1
8053ad48a126903827c9649bd39f02b53e3842c4

SHA256
292addbd4f47bb85fad8dbebb6072d21e3c977ec9841eb9f22ea2f573f83b9fd

SHA512
a9f0ed7b400d895a15d69491dc4a1c4a30e23b1f2d7cf56407b022806b505068ac2e5114f42f9e4816c76565107c9cceafa649f39634adb93b5cab4ab057f669

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
eac0c3ad1457d4d2aaeab790ed7f109e

SHA1
1f81003f2d6d7571b6f93ea97a7f4f57edac728e

SHA256
c2986943b8a2c09b101f29d92f34448418dd36967e35090f52cce7dff25b15b4

SHA512
a9784a35d7dfb6f5407ec6f514d35a4a64f8ecac12069f074a7bb672f9509ec20905f2ef78ead1aec396999ee055d77c1803f2068aaf5094901b9cb65fc7e7c1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
997875fdc0678f5b8d0ae511bc71eab1

SHA1
b19f3bd77588b7954bbae984c2752ce585668de0

SHA256
af25e8620b4141df4c88638fcdc975b01a7937504ae83134d6d19514c7ae712d

SHA512
46d5c64342dd8169ec094612e653263d0ef50a30be5a1316db6af1f50ce2ad671d62dbd1b12a845984d171fae08ce5951c61d51aadbd76cd0c2b6342004aca74

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
1d551636eda12bce5c52d0b7dd728601

SHA1
009ab1f4fa4e78fc59803dee89878f102c325bce

SHA256
3a71ee3c46fd324b9f32ca0d988e67762ac73db5ac12bdd4c6cff28847231d1c

SHA512
1e7f6aceca74a6313fde1691995fb6df400175782c9b3a515553084515fd0bdac843eb0289fb43077d8ef337eb6b9c832f4f5be712431be20ce4ca0f63b1b900

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
a5b3b45bf10a11b6e1b63a45e4ddacbf

SHA1
ce86797a10c0684a928eb1515084dd359769e22b

SHA256
1883e7e35ee41f2d6724b62c60566c7930ca12cc8b98401971daff600457f9db

SHA512
8feef1a83c56c85113597ec2467c9fc9d0b6901ffa48a3458a0b3a70f5eb8588db378985467b55d984691d51d169360ee27e751e4fdfa7d3900cd305faef4af6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
949c10bf85b743157d4a6efe6b2c163c

SHA1
bd71ee1b0cecd7b49e4a0ee1ddc4b78c20d766bc

SHA256
3eb9e54624dfd3b8f390bbb7208604ada5e533a5642a027e7df09b389476fa5e

SHA512
eea282ce6615cc29fad65f461940eab27f65b39707c980214bcc630ad2864eb95eda0b6165cdb7a2c951fa461052f3fcac5239c179eec6d35e70b557da769c00

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
d5bfe70f7a3211750c5f9f98a32d3589

SHA1
953ea2c2316c3ad4c7535df321ae66030ff8c94c

SHA256
f860c43537d6badf8bb951c737a80ee8c4d4dcd590bb9bf1844c97b98976d840

SHA512
ec8c681b1f89ef619ed3f5b05f3e13b42f11c682919be12ffcb30fbd0ef23c79599a8e78cf982f6753240314d3bfd1f26f226cca61b32a44aa2acfa45679bd6e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
3dbbbec4e247d33079a9ecaba5f50c88

SHA1
4a7402d345091da2575388f65d90b37e9958080d

SHA256
b8e7c012f3f77f7122de5d1a297db2245762b940570b0d76045b4c5b70137085

SHA512
12bf393dd704670e73fd6d864671a3df649451cc34e62f2076d71f8ccd4c1d5484f66cf7b108b4aa4feea94dc0594090c719d59c837644e81a10ee3a8bf3d080

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
debea31058cdd9b0f3a4a536a7d33412

SHA1
fd2c37f48b48e0c7334abf3f9412d7c8cced2e24

SHA256
d2cbb66b76508151162991f65d1e7f2438110dec7eae6f99684cc6ce9953eeb3

SHA512
d42b50fc0cf6f273c8b927e5ce1cf7b78a82aaaf9853cc2a34cb63cf4b898a824e92762e61b2501123a0acfaccf75cfd323b20937dc919ac5fb78ce0fe26c2aa

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
6fe94fcdc57e3b4e5c0e7ffe8660a3a6

SHA1
42db5c524d403e63b00a5f0bf94b551de06b9c74

SHA256
45054641707da322943a647cb3a7efca77dae1c7bcd12b436e1abd209831e136

SHA512
0913391af6412d3a3f95247b0c9afb4628e8e9ee4d2dfc4abb17bf15e8c50f5bbc097cde549544d08fa497dd5f40cdd9cb8660c1019bc78876db2e02d35cedd1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
6540e695f3d19196600faed72e8a206e

SHA1
28c9b2c12100efc66b3374489e228faa0f30dc29

SHA256
068333090b99ad1b266bfb27369d6c03a0695c6edb54f28bfee34e8eb227de66

SHA512
756b856cfefdc2a0dda7bdc80ee9df4396aa1cfd70262e3f1929de0de5298412a6317b1710d38a6d510365cd4eb4027b5aabdcf207446c38c4b704c53f7a6c5e

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
5f0d43291b438e34f73b0316e83712eb

SHA1
1f62eb14552d1b409d2d91a99f3f8eecfbae1c1a

SHA256
35e37fcfc2e03959bc87dcd338dd5742b959f9ad9a002c112545a0c779fe572a

SHA512
b5fdbecc19dd798128b39244357698a7274abfe067f1c4f882d5c385e419361f1d8c0ba4f3353fa1262dff87be417cb39dfe3ed1b11fd348826b1b14e32896db

Download Submit
C:\Program Files\7-Zip\Lang\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt

Filesize
547B

MD5
c1733f02e7c0c1b7667259cb416cca3f

SHA1
b2df7bfccdf956ec1de3cd442b92b63d450d73b3

SHA256
b50ec7fc28573b36a16e85895fa563a8272bf7c50203274291ccd75faa52f5ac

SHA512
d175a6958d01dbe9a66c2e0f0881e6ec15c33cf899eeeab842c6d46e39b91a4d8395509625291dfbc99e28febce5e6145296e9015f15b265ad637e64e7641992

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
2b6407f2705b35a5284f0707b1711175

SHA1
a72130ec9f28e910d61c09bd7206273d2aefa555

SHA256
87f2d20133ca3f2b00cc9b57b2215706cfc49b66580ba86fe600d41e76c584a3

SHA512
75bb0cb73459eff13aa47104763c76a673e8cfaaad5fca5e3df23213841089e897cb6c5a9252566fe2fd4d97ebee6cba10a91245067a1ed2ef143c16ae7b53b7

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
ad038e95ee66f174b7fcc184079126dd

SHA1
ba04a9dc1e052bda75f1dde1ad938453e606c151

SHA256
4e0cd008b6135a58231f3f51d6eb586ab0a1e9818ef77de2f83b4202db370e40

SHA512
56edcb535cc7f536f05e084dcb5c865c576da1bfb40eb5da00214faf1a0532f60fe5f2ae1ac1afba3ac3aad22b0726654e7c900f18d8835d506056c85726967d

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
8011c071a01721fc1036a8d5901cdf62

SHA1
605f50582b64d4640937cbb436276ae44b85d9e9

SHA256
a2e9de43820ba5a18c44ea981ca11579bfb53bb823e676c5e71bc2b15669b338

SHA512
5212a8fb98710d6a76734a5ea667ecac9b3e5a96a24771c0f1a0dcdbf26350640fa6562ff485db3ba6a4547eaa5a86435dc1f5a7d20abf87d2b4b3f072595067

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
0559de3de1063fccdb9bdf882749d958

SHA1
d6f99afd7214c5ca2edaf4641d3335243fcfeaf6

SHA256
3ece310ad07d1d4f3cd1765c872a909b2ccb670231d009cd6b0615369106757f

SHA512
fac419573743b348c2365b0910165e23e0766e5282a16406e98c7f7fe4a83eaf8d184fa729b5439aecaead248528af1e0639871bd86dae9cf1ed95cb7953268d

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
a2c9f79bbbb480772d21f50472f41b5c

SHA1
529ccd1c57b07c37eeefce4ff651da36255ee56a

SHA256
630902da082ea76ba33eaafb46c6e436309906373e890a07cbbcaf658edf3d78

SHA512
0b09e3154bf7c076f3b453df490fd3c43894cb4735da1dad7d3be586df49ce9ab51dcd390f24ded7e1cdc19385840f3312ed517d8043fefa329cadb80a1ffeb9

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
bfa559b935f9d5984593dad4ad20ec48

SHA1
02ac4a58926dfd904c82d21242293aaeb921a0b8

SHA256
c89336f46c3582da6931e2b0a24590a0d0688c5a1b95e558fcb4b7011ff14272

SHA512
80dfdec9c781e8f4ea8ba7f4611df0eff4f92b5fcc4e2afd15c312b9112d4c64188e6ed0b897a9d35496a523d0bccab7d4a46b4f650cc386c9a75302bfdccefd

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
04b6f909e79ca0df51996c2cfc26b38f

SHA1
85d671f94ff9542f8e47fe35ec43718349d6c2f1

SHA256
de7dbc9cfb0c977bd028696b9fb85a3d684616fdd54bb7f995af314be868acaf

SHA512
e3a4d38ad8a086af33d509ab68ce6a314cffc4183f3d804fc05915d5ad9214f1174e7b0ca11b7100c670f13e40f92044d61dbca5d30e38428bf495b1457f76ca

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md.EnCiPhErEd

Filesize
2KB

MD5
2f278f6063df2f87e2a312183e543be3

SHA1
3dc2890097cc8a33ced32ed21f050b3bb0a6792e

SHA256
1c57de96d21cefc7f5c88e86de838e83a718483087cb52cd2837350e88ea0335

SHA512
88ec52f003faa1545c7b5056fe194522f5cabfa926b261d430c494cdf73ccd1d10a79eb9e35ff0c28ea5037ff8df991b748193a4096cee1b049b109a9000a9df

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
7331ffd988bb5b8f673ca1c02571bc3a

SHA1
25a6dae21a3b304525c3f82aadf5b75918c0b984

SHA256
874c6c0c5e24d89e5200f937d7be034379af64be19c76f43d1c5999edaf03539

SHA512
5409d3841245cf03af4f791103b8d694d3b3814297a04e82764747d34f070986a00d638a075ce306ee9311c4767e11d94c7abf3d86273f88d87861deb2ca5369

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
04abe2299abd35de5c3107c57f0fa319

SHA1
2d1593b7b023dfee2d9e0fec758f8e8e83c1a060

SHA256
911384141b09aa07a6cb8b431ed7a8640c41c6657733791ed1742f3dce20d84c

SHA512
d51c2fe93938539fbafe1dac8b7c506c7fdafb8ee32816b038fa81bcd052d430b0170784d83398bf1f893c34492ee5e8b446d7cac6a92213721af633ef1e132e

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
ac2258c492908d803edb275a79616b82

SHA1
8aacc85b2a4398986a016e237c6e01fe51669637

SHA256
2da6ac99ac863d9a17b967a067f19f7f952d105f9cabd9384697573789ce5b3f

SHA512
1544d0b83ff742388602019ec9f1110aa6aabdd20e5ecf3b95d173620dd1fb660d19787b397819031c300330237fa6ca86350a077787a70bdbaf24b06b1143c1

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
9d2365784a22e13bb93fda07834061a7

SHA1
c2965b8fed9fae0136ab3d37557b7cbce9a4f370

SHA256
b7171050275670b7735595c40fd64d3de8313f13c853880c8d86e53b4eadfaf5

SHA512
eb0f52a3abd7019afee9951058a47a9a59e6da8023121377f3994e05c249f7a9779f1e198c5af66270df7cb3c2ff4a8a5009b6f7aa1058d347dd2250bac7d647

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
b009257bc1558b4f6b4acfd6e9496806

SHA1
d326421f84681c11719743e21600ebae5ffbca11

SHA256
bb433c3e0f5d57995a1c28b1abfeb9f1589583436a3894ba0b94442a3b1e4a09

SHA512
0c213d2e0498df17d0326dca41bec2169db6ae7c86cbf283a252bf57c32447bd6b5ce0381134327f8a622f2ad99650aaa56c0e6455ed1a002c946cec123e7813

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
02c4cb666baa790afea9df431338ab2f

SHA1
e5ed59a34c8b5a715acb0d28afe9d5fb83268062

SHA256
914223d4977d8d609b48afe9b4e4946bc84e664ae29654280afa80c107575f9d

SHA512
e0d94896e7ac34c15de71eb2c4095250910fe7c38b97fa29b23a5f856f329104aef9c495643cf8a059074d23d350a868da1fb616a5c4da0a16a81c2599ef604d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
2fcf35b43ce0f433219821035fd3b4c2

SHA1
5bb6628cc820bc92d41cac78ce7fa537de0e314b

SHA256
3ddffaf0efa557f421ae224b3bc4c5fddc9de9872db0c3e7015f6a4dacf7c582

SHA512
c495a0be2ff209b166b31a9e59ac0f58b10e9dd72a2380adb880263633cd6569f918875f996097ee98ee5aad386b7a36ddb285c71ad1c683c1d389d25459e0e3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
a33cd495247e8e86d875b12d5588a099

SHA1
53a189d1ffe2487fbbeb78a848ee579de93cd35d

SHA256
cc558e902855e5ff5657760e8f65725f157923fa3ed843f907d99f258485a09d

SHA512
782973935dba316d960cb361878a31d9f8641bf61f32ef7d57df1a14d64132e0c82efb08bca893ecae3d9e928ba687144702d37fb116a0bc5a623da38e934501

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
f89fe12da53d1e686d2b33bba2db00c9

SHA1
887016665a57ef1363a0de65559465e21c15a033

SHA256
1a12c795062c108ece1d6ad9275739c2b090188f94bd5b15fc5b2d912aa280a4

SHA512
65dec55a159c380d05fada4d4ee8ac7c42c78d9c3b5d145c23bd5c6f996731067152fb08a16f4845864eff9a868c960fdaa91b4f7ffe050c8a2ea9435197e76d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
76daebd92a19b182987685ad9d8e52d1

SHA1
36f1316a983062de88b811b5d4bb6d3405b532a9

SHA256
69dd5dfdf9b32e8e56ead110fd98bec7e5ce8db998db7dcbb670d0658f7295f2

SHA512
5141cf2d826bb6a3c15f125f77821a3d2adbaf64c6bc0b265ebf12f36858eaa4a6d8662109648ba439dc8af96d9609110db62dd4f308199242662211f9de43d0

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
b2f09f317e02f729bd6f5e332ae38be5

SHA1
31d02db4b840e56c0cc2954f998a579ce930518f

SHA256
44697afef3d7504910635f7495083a667f3a2fbab1d345dc0c3037af5fc18869

SHA512
4f3ed5a0c682c8a2c48ccb9bb5023da6a8609798dbcc6bac9ebc6e122e092896a37986986d5a04fc7b8974b244c6f8e52dcbdba66577acd62029389e79568fc5

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
d1f57968a0c2203969f6bd2ad03611e4

SHA1
26415ab02bf27d628fe6513708cafb2b1c2782cc

SHA256
9896f41847b13b4c93d67fba4a687e57f7792610b33fbf092640e052bff4c854

SHA512
d157968144307bdf299194db661f8a573b5b53b0334768b5867a025b8141dff1842609b7df53917891c91fdb10de2593f8bc19e474b5c3514558b6de033398b2

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
298f0d204321217b7ad50558cf004f15

SHA1
d6c8671f82984cda68a2e947635b352d9c9a7719

SHA256
c28fff90699e6cd404a3cf02469c1d92be31a65326f611e2a3f9c5172c2bb580

SHA512
bc0ab7954c76dd39723ae2da2b16177e5e1cbcd180fc023ec2c5771cbdd912963dae70af8a3a125e3f432fc7fd5bc483b081b4d7281549056c072a1159a25045

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
58f625b3c35b229ec1add50c7cf41a7e

SHA1
8e57c45e4762b99dd126609ffce56d5fcfd54e68

SHA256
cbc399421bd7ad2babd7a38eb8e5fce60226cee6a1a6fc01abc2230051193bc7

SHA512
0579a8bacfb8b3de6d088a7b3809d085bd5c9f5f480d4537448dbd31e8f428c1955db2347d229ab9bf1be4ba8bdcfd9a8f2dca3f2ef1326d41f74ac1b9ca8aea

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
8ca79dd3aa5831eaff27c54c82753806

SHA1
6a20e55e341914ebd2dd4c7806d3e44de969ef80

SHA256
f65e04b0ebea0f34be6d80ac4a99c40d197a1a0a340f71dd604fb37101380c49

SHA512
4c0156d5acaba06947076631303a1e634047c37436025ed2aaad04252da34b39324eac2fe65ffa10c453dcd4cfd4eb33863bc6ee2949faf25ebf22a2d34b8823

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
cdc05056284985e694044bee89164ec9

SHA1
d28e407c5dc63bab65ba6c4295484c6dba4ec4ce

SHA256
f529ca63c1df8416ed711107f1a8d215d9d800ee564d1734c7da22145f1c6421

SHA512
4d2bfe66e2f6676fe190233e7f1ff9ea324c289eb2fe67bec7f591338cc6cf61eb237c33ade8f99d5f23fe7179b8cca7e4eba6e44bbd1e055e05093cf2026dd3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
fa1ec8ac6c7d631b8cfb049d2da26fd1

SHA1
a315de1f3695745f2a663e97ec49378f2fa92034

SHA256
f47e2eafefca156e2061e5f2f18f8763ef92b9b8a77a318113aca62feb2ab9c6

SHA512
5204971bfd1e07a33f310a6711a739d2075622e967be2966ff8c93bb342b85894467a318f1c8ff053dd855d98ba1b81040efa9e99a6ee18c0e3bd76660edd528

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
43f1d5cbbfa08d17c3a5f47384e8deac

SHA1
c9302beda1aea7a822910bfbc5c72e0028c6ec98

SHA256
d3c3efd78fc8c9dafb8d1aae4821f9465c664066f6ba9f92514704b87d91f353

SHA512
08127181f2ddf587cdc8a7c35aa0712f521119e570d88e0960f2f852ef6e7ef998380a1a0d5e1c3389931afd907a29364d6fefeec2e357d4b65169898e9e9ac5

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
c1d44897c54008c4daa6de3fcc817179

SHA1
b677cc9c279d7ea61d4dc8159e59764865cccb90

SHA256
f6f7cb77d91c9eaafb419f27faee071b60b994eeb383057d9037bc8209a40482

SHA512
3c4f004f7edf6cb7baf28e578b686787e994f41203b6ebfcc228eda15ca2b170b7d4f64c93faa4ea11e9e9372e184e5ce28b0f18b7571952807dea4b76d63b6f

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
2331f05d9182373155fe2bfa7be544ba

SHA1
92155a086b4f9845276c28355f9a1c7c8aa3e681

SHA256
d72da7b1bfb3605405165e283e724421a9206eaf0e17c30dd633c335779a8480

SHA512
69b7e2eb6c777baa76dfdb93c6a6a6bf97a446705ff40eb0ad57959d2b5f92f60e2cfddb45eb030da75fb5693bc81a15effeeb67e99f7df7100d38e2030757a8

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md.EnCiPhErEd

Filesize
3KB

MD5
2618b820fcd3b04e420053c6f9ad4f1e

SHA1
c9e8cdc10822526ccbc08f1e77aacee22fc1f9b0

SHA256
76c50c06792133bfef456ddc2553ed66e3aee5ec468c0b3dba1ca5b1a20d7913

SHA512
897558e0a24ec2fe335cc9b47b2cfc4bad8da6664576464cd5cd33502a08ac20e3caef97459e7fe956ab6f67816eb974a30f8e6a4b41c8727248a69636181720

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
639eac2ca292b6da5c09f836eb79f789

SHA1
e4f25107b2d95dc9fb4e19a552b1b8d5d050af57

SHA256
5b4098d63ef5af6767db021d0740df36bbc90a524b8a320cdea6a71aa509570d

SHA512
8f9497eac0fc1f1411e90577ba667697cbd8c41f1c781ea277075d9271c207bf9032213b2372fcf84e878c56f5559c1bcf22853759fed2ead5c0ab1b531dc6c3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
1fb48af0b4f8c2e7d5f11425d22e3bf3

SHA1
79987e1bf1348ef3863e24956ab0487ced853306

SHA256
c647b2cbff84275d6e4d2225b82ba3ab1b0dfd4841e25103487d32b17f93f1fd

SHA512
528b9c639bbec5b0fee872a9526b761a9bdc634ac05e893a1420e62c575fdbeb636c1ce3777525e33ea3c7c99be040f1ea570ac2ba99356e910ecdac88e3e1be

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
b8d94b04a41aceda27d9bf662e728c08

SHA1
ed0ec10598ec949b8b3785a22342aa71e74113b0

SHA256
bf4cd2782e35e366b673c7c650af018b447e4d58c8cf28f08b0d6c8d6b7478ce

SHA512
cc971e1dd5ceae6e8d98143676da8b89883b0a6f0d5222051b3bf4bc07d4f7887893d5dc3446733ae97396fdedb768b89dd13d2dff5e3484da698e6f9e8ad2ba

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
874f19220d9b187426ffb949b074bacc

SHA1
3770074302b92bc217331833ea878b625ad66d19

SHA256
a6250d61906317f5be1e2f8a2455e0174faf26db8e770a97c879d47dbac1765d

SHA512
afa22f6bd4df5cceb4a6284edfd807bb5e3cc2eec7994395bfd59bef3b86de52f51ea6287da84e5d0fa7567bd939134ce546b8a35d36a4ebb0a80dbebecd3b5b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
93edc32e1061c6901a2662dd7885af8f

SHA1
19ff81e83985158b4e87f1e5b697572194cb826c

SHA256
9bbaa49322e138d3a6c98059c412fa44eca98fe1bdf58ad550bd3ee2a6fb564a

SHA512
d8cc74af7ee786b4189d12d491b2ae30d24e8ac541cf4397724e4f1aaf1c65f53e82abb291034c8d76f3b9d0cd84f5f6e7c47e7cfbcae13df1d720bc5e3bbb73

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
078e36f71e713612eeea624e6c3296d0

SHA1
764050509c276371a78ad709e4f841f1c8a4a397

SHA256
e67401c05099f4ae022f514ceca627730e2db84402ed74fae6e0c7eff92a7feb

SHA512
982a9b91712b54265282177d8b6dce9a3b2ffd89fc7a082d3e225f4e5281ed88930f92263717bb92ab94883322ad5db1ce511d329ace9bb8a39ebed202cc732c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
256cef9a6cfcddcabe11b51be412d5f6

SHA1
df53d7515697003c43d5b2c935c729f79ada3620

SHA256
a92a6f283a25cfeeba54b575b1e794306ade611252dcdedf23e75b59a51d55f2

SHA512
9ec5b7c019a7c61ad7f2de7fabf5baaa8df238d54ff4e5ef5abf65777b601d765877a4040b6d5efdb6d3e0ebb52d08792ce622271c05e59631ed1d62ab650cc4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
8f60fd59e2d134b6e04d8a30aeb23c9b

SHA1
1200a663c511148877e0621daf8682a13682673c

SHA256
a9e2c4060f9afea930902c3b6f11e63eaf41c5891fe32bd373fc590ca6627c56

SHA512
0be3a219b5caad8cbe96b6230538425cf09589e62de193c7f9cd7e5753ba1f988ca5c425cfe333f790419566b1385fb1db6a093cecad82a71a12525662458778

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
6fba07157b23d9a46633f2e310670e6f

SHA1
072004b5c4caaa8f9a3727e4267dc5618ce0c3c7

SHA256
62cfc716e63ced807c2001b76b8cb950add253e5585dd805bf27c71e56ec20ee

SHA512
1609ea40f7b3784fc7c9a73954a89a0f4e63f42c04e5149eaf739961772828386b46dccd13f4907a679e8951cd7b6ae6b358c3ee8200003e2e0a9e115ebd425a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
ce8833fae9d9e9571f2325a4eb226edf

SHA1
72f44c12ab0aad3dcaed5dc500e9c75559ebed3d

SHA256
1c6bbc8bdeba001eb825ec06f058324a2fa45cdde669a19222e7760e05f926e7

SHA512
949d19994d26af9ed42a22ffde7922e2ed7a0564103ac0aa3b3db900a096cb0e4f52949be304c5ad1b60d55c4e7280a9dc24ce80234e23406c4eabe7e2dfdc1c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
a0f62884ac2b8040dd8209557c137034

SHA1
d0bf00ced49a70ad8b0071dbd2a9d29b329386b9

SHA256
40b7b602213dba30d06e0fc602a323a0a38882ef0e3cf63d16c6040f4acd73c8

SHA512
b8e7dfe2bb00920c65814d0a4385a31d3b977b65e07124b7fb72a6e26c22908b7c6c3017a7c31ae5bb83922718746f64094b1a21598cd18fac0c12a291f91d92

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
5995435898709adc2408dc7878680fc5

SHA1
268ecda36386dec31233095ab36b70545f6d1f03

SHA256
26a4e5baebb285c59bb515a91262fe65820da3bd710d4bdb835967c8e259287f

SHA512
3527290928482ef71e85f872050c96a93444de63436e02411268f95a31a4b2ca6679aaca206e95a221d5093815aaaab6a912e32ecf9190b8729cb392523fcb74

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
71fcc5019fc631c4c45690fa038435d7

SHA1
d7f388af126ec3d198dc2c7302b8f9bed56cb55a

SHA256
4706090b8967f92c8ac64ba5d8a53edb18b8d505a58a5a903cbda95ad1a97916

SHA512
ee36fdc56e852c538b4826fcfb9fa7fc87e9f700b95e2a569003c8cbbc5076604928bab4bf3a2f81e0bc60b785b0237a5f3a41def8b7b72865eaed7cf1be4b0f

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
efa605b90467cc5327ecc983954c4940

SHA1
ff3b47b68671f3263fdd72b76bc4a8f84db56208

SHA256
0fe356651592fbab04b208b5d511e4b18aa65407159e59a2494bcce01eabda18

SHA512
32c42d5f8420d639f962ad747aca20d74c7d3a3226abf33ae7d8d9d482a92c617d7d7a9c8ea88c5ec3f425ce99f6f70245da40276fc9a118202b1604d2327b7c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1011B

MD5
0d1e4caf47dfe7417ca198db15846397

SHA1
28bd15c955105302e59a356b9dd3df88a62206c8

SHA256
b62f1ef40d4521eb253549775f1295b291b006bb93c77ac74160e0ce96f288ee

SHA512
8fdea7521cf309c8122042a901e3bc8df124c6346f88802dbc447feafe35c06c299f124b007ca1248f351835faec97ce5bb681c83b7f2b5c9c55041afbf6b074

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727656120098725.txt

Filesize
77KB

MD5
be68f32339b4e19e9276a737d1fd58e2

SHA1
301acaf5c5e351fe9a2f66712e2cea07ff7d026e

SHA256
a309a14a4857474316781cdcf15d6f1191ae403e70ddd7e61f92782ea3fb4a54

SHA512
7ab621eaaf9c62ebf1d17becb9a8804a774ea03d87fa06fd8fbcee9fc59164b85edf2594b77e6cd017210f852d87e533d1295ee4822afed6b531c53b1a52d4aa

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727656590293648.txt.EnCiPhErEd

Filesize
47KB

MD5
a4a455c490933ea0ad47316d2e8a4808

SHA1
de9c0c55dc79a7c6a5fdf7f84abc88c16949adb5

SHA256
53b5a6ca9e78faf5ad7cdc2c757e515a4c2f557a3aeabc39c9e8b8f07684f219

SHA512
13302bb06cc448cc5b61107d4085e7cea13867abe22d3558b54c203d4f1f9cc41c49c7d31538bf68bfc5bfb0f5b4648d334535704bc18b1c2d202276571a7b4c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727663328721506.txt

Filesize
63KB

MD5
1d5edb0b897c3d0347e76f6b7dbd08b0

SHA1
0e90b7e9a0425774b5bccfb8aa9eadc7d4c5b968

SHA256
b919da02164d15ece9f129ebb4bd98e75a2667aa1a5cb4e4c3609d319c69ca4c

SHA512
bf8754c5220c96c50adbebc5c1ae27fccea93b94f03701ee220909b13a6e0012ff7d765d91c3e10e57383ed91ac6362e0646926b5a3d7bdefdcfae3966fdb132

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727666039184869.txt

Filesize
74KB

MD5
e3a49af282bcfcd38c04456544556274

SHA1
d75c8024c903a5e96dd30bff0462e1fe18f11b42

SHA256
d55136e729f7809fbd54043843d3c6e442e5fa5ef14ecfb1910d23ebcc9de64e

SHA512
92eb7b353dda2299e1d045ce646eae3cf6d0315d4f29b717601aa4e73bc3ef96d6d2060e6baea0ad664c3e322b35de808c626f981c78e2b0d5423e4e314e5505

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk

Filesize
407B

MD5
6438f951b8f30bbac2be4f266740849a

SHA1
edbee24c4f5bc8cb60d8c6a90af8530477fe8ad7

SHA256
600562decb323637318b4b614b9634e68138ea7912eb5f88d61854aa4c463a04

SHA512
edb6dee3eab2294005aaa232d745f7e25b20de4451f6a7112d61483e3ad1beeeb7fdde98a85b3074cceab5767b0e2f94384353ec4b4ea046b3d7baf56c3f8939

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
566c4fafef79fa27979648881dd99377

SHA1
33ed0b7952b3e72f933c027f993630a32263f42c

SHA256
dd8b7ab91b0c0c4b69b5999c576362747a14d0b6a844901b678b38512b0b8a40

SHA512
243429bb3a6e9ce7d8534910bba450af97ca3c4a5b43af64a3b7c07762b07fcc46f2b58a47ca230ec05fe330b4ad2d81330447b426139e42d4f43ebad81304ac

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
16d1c5bb9ab4fb7cf38bc499c042ecf2

SHA1
64dfe770eae57621c78fb575c26c2e1611a00689

SHA256
77653b8d493c44665ae5e072b89f4a43e947feeca4dd4ae84fc6bc1d61796329

SHA512
efcbcb28cc4a20c8e6f95d4f7bcfeccda5233a8acdd240b2c7afa20e2661f67873948f52333e739e2dbf95241294df34a79de518af3568107b45b5e08fddabea

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
359194315616a9cb9d017d62cdad054c

SHA1
61974aa802497320b74099c60ef86efbec764389

SHA256
3e25300dd289c6e63f75e171f5b00bc8ed52ebdc817750df920d1b745d61cbd1

SHA512
7c0ead9c3ae02c81b0bb3aa5bcbcb3768b766a083375859728d35b97d9174666b8740f794e31758d764d7347a91c982dadbb88f017339bd6d54db62601be63f1

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
9f7b94e392684435e13f3c4276e66b98

SHA1
8785735fa2b6d56ad0a6cf83fafbfa3a17ec4d2d

SHA256
bd9a944c7939d1b3fa728926501f4c4244966bc61013cbb2ad7fc4c57d464392

SHA512
2d9fea76e2f1605e2268d9a944c054f1c82fa80aa2b1426baf0cbd810cf6c8796c2360dc62fccae98d10f1ec68eb1c054ef23e3ed4433de54cea928421b9dd1f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
b789af83f47258e6b36f61e1a8a10cbe

SHA1
ca0e445491bc5820111956a8de4e3b989a58a5bd

SHA256
24ff5df068a5f746b3081c0cedee174ec639cc79227f0e6a5816d442d54d95bc

SHA512
32271b07659e7ace9b1661c93b8bb5348e1e254e1479ad3e1eb0499bc7a84cfddad71ca9be753eef342dc984f166d4a0d32f66f033f9c3710f0c581e4d96381f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
29521675f26413ad7f8ef50e5ac78029

SHA1
73160015314e0051dcea6fee8ce9b3db72a589f6

SHA256
52cc86818067ad545dff47100368b32838afc3bacb72d82e691e984ea1b98a0c

SHA512
d7a1b089505f65c7fe74b327e206c3ff47f59c8133a1a423c3a21d5e984909f44bbe08b26ec951fe9c8a2951e75862c82c655ef4ae798b1901eee3e295d14846

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
447bd316ef6b85a132f57e6282ac57bc

SHA1
762a390a8805038dbd86a343abec4ad6d734cd57

SHA256
43f9c311c93f9efd80adf1a34bd3eeb2a6198c72e87ea01681e4e76ecdcd32cb

SHA512
1295e21dac06009c6c9e7f89edd1f835d16f81fce342894a25b9651be0bdf6017a13931c42aac1e2de5c2ee6d1a1552b349729445066aa095e24a05df41c4a22

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
ee06255b41dac6d9b5125399c87944be

SHA1
cafd3513ed678861d37e267193291ad923511909

SHA256
056c2b7a4fc76ca1181f7dd054d10af9f92939366f25e983a493f51ec638377c

SHA512
999c4644844af7c0411c35cd7e2adcc00904a6eff5ad8e5b61a60776480471ca238821126a71a75b0a519ac01ada40a0dd556833ae482d9c964e562294caa95d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
a1b6b7febb3000220a88376ec85e9c08

SHA1
dc05ae24c55282fc2432b3901f22a8a822e767ff

SHA256
f25878fdefeb7e12b261412172f8ca618d03e5dcc27e927799638ad744d3b969

SHA512
c58df5880d01d5ec196e8c129ff99a65185ceb789d0d60b94bfc173b6a47fffa23795e347d522b36329d9389fe156fc9581eba6c0be540bfdba929f66d40a8cd

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
931c77d2516cfdf53a7e37fdbb793a64

SHA1
19a8153048ea31a0008af70e3b3725ac62388454

SHA256
72668d4f58833db8e8bb157ad4bec284ec683533e602355d0fe48ec21c64b2b4

SHA512
7fd0215dca26ebce197ffcbf5e72ec12045cb7c948cb744ae4d44e0d2ebb796cc87da8c521fb829f33c1e6664cc9b9cff7922a894f7c2e2c83da1ff2f2b24dd2

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
ac91ce12f5288ecd6a75cd4656aa6a16

SHA1
f619602f45435fefec2f6156ab08eec626d00b1f

SHA256
ea8c770163fe5d3c46c1f3506cbd73b7672348e498aefec3b3003cedf7e02d6c

SHA512
65d9b27b8a3072b7b0d93470730d9a8530a47d4f1b97f9360477988cad140b7107b6a8cf6422751cade4a0142c50506bc74c9d27616894a7cbefecf3c8d03bc1

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
3fc5101acc3a06447984a2f3b61488d7

SHA1
809286952fa1601bf0a6c38cf6f56338a27c2f08

SHA256
220b0271201af03e592e8e1da8d8f5c306950f9b6e226aaffc8e38b0346bac9f

SHA512
05c8badc64444afeaeee1c65d64de2a4ac2c8ca9f23714fd62c09381a0cc4e501f45542e5ae37e20b614fac7c96be343fce6697877df93d7668df8b1117c2eb4

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
9cd738b8113af0b6d36934c898008370

SHA1
3eb015255c18a91ffeb89b7e1266bf821deeb5c0

SHA256
23507aeb7da9b750b100e374dd58bdecaa3dcfa70c134af948aa0a51384447fe

SHA512
556c9d2d0f7b619dc9b0e5c65d6d463d9ff2b76edb1f0bfabd9e57c01ada8c408041aafa299dfeed065de4b8a1ff86b2170acf9a838095f997187fbeae46f61d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
7f569fe54404feb3b0fd6f8de44b3c36

SHA1
45005e452a5f6e9084a67f861e7112b494c45d5d

SHA256
c6f860d8cc60acc755008f02754d886d936d37679c236597b9eccba1ea52278d

SHA512
563221c9fbfdff97ce1d0194ba632d68121ff156e1e43f730ee776091508747e21d834460bf3b23f6117214bbb2ed3b7df69dbe9c0436f34eebb160e17af04f2

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
2a8a1136f2805eeeb07f32db56549c3f

SHA1
c38084000732096c36ec9d31ce59134c767707e6

SHA256
6fc01e9e0123d06ea5f8ab292a69eae02ee801da1360b91f03caef9ae50c9c62

SHA512
79da30560112f52400bdc01b4e6bc7ef4910a3ba4ff0b02ea7e3af3be8bfee9e307eb3a38dc22e95bbe7bbc72f3ceba724f449da1ed2e98feb1bcc3397eec1d9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
bfee75fba758173403d585397e757f32

SHA1
32ddff849a7ee9cf6b7c3a181f7cc11d1e5d39da

SHA256
f4c56c44b57dd2c72ccb376819843045829fe6136086b413bfb0913fc2efd61c

SHA512
5df671184e0c7f3eafff82c0d79d5b3f5ba7fae003ae16fad776fb1181b9e3c8953c7263cae011c6a3e48622f5d1ebd341793df44bd937e7b0b4372143ff1e89

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
5cb227c433f30ecf94d78dfd39b768b0

SHA1
a63d76a99874ba9c035bad7cd3f83d2b53717f81

SHA256
8cf8281ce156cd1b5e5660d4191eb60b2791f53685dc5dc1e73171e04eeced5c

SHA512
159d80127c3d3f8830b2b4c66693447184140b953cd7cb0122c25caee91b36408a0529fda1f59f10c6760e66b3c635eb182732021378053a27b0e84e76eb04de

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
54f68411371b9c6fdd4e2bc4cb501c5f

SHA1
c6d1be23b3d2e226ba9a396f28fde868169f8438

SHA256
fcf3171a98f0f7497a075b56bb942bbed1d9dc197e6bf5c68c9854d415a116cf

SHA512
49943069dff99f5739d4dd736ec1fd3d4308120b7dd6284974096c90cbddf2d74ea4350926f843bc980981c727fa34ca1a531974e615f8b40d2765388580a451

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
f552a4a70d880e60a435a0573b5242b3

SHA1
9b4f408f92394904fdf118ef77cb2bfa9ee426fc

SHA256
1777d68681ef71d59840d5bbcf0f73b3169b27cbda7c490e30779e9d272b4c06

SHA512
c7365fa6d550792bfb9b191347b680de6b3caedcfe2e3fe02dfaac6be9a02d4019592e3fc8eb12e16a883887bad879fa1287a3c39e3522a77275275d170721f5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
559015ad68907271c442f6acfe089b02

SHA1
5afae607cae8a34977c66caf148a98e8fedeaafb

SHA256
904a6eb229b10a65057dd7b6a2bef450bf4cb2cfafe2a3d31bf72d2bd82b2797

SHA512
8a1e0936786ede19eb1c56a8bfb9308729c8d85b7eb6709dd6b9c4624b73bcba9545a542ea5023efd7d69d9a380f7697b80d702a349aecf6d7a5b17e18623158

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk

Filesize
1015B

MD5
f2cfe40523be794649f818f6f619eef9

SHA1
49d2c79fca421404e70a9cd7f3a829b7f761a811

SHA256
b48e1bd8d7c0875007ff7e65342cec2e6b15bb8afc72ca3aa1cf8dddd34984ea

SHA512
0ba68c8624c4f2be15361a53bacd5b05811c8542fbe99eee575a3c783bdaf6234f294645510fd1630f9667d47ec25328fba36f61224d93a6da9f9bb3c681d373

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk

Filesize
1KB

MD5
38adc4ec93134ad42e17d701f0fb761f

SHA1
691138199e599daf23b9f14158ab108734c0fd27

SHA256
2d74ccb15111e141829f9d253629f17885a60529e26f03df2a8166a846743a39

SHA512
c5f35f0ae9094a03ec200157c12c04f52c8e0854fcf40602f842f8010df6eecd56b8683aa2af20d49528781e7ef30a1b65654013af13e9ba053da19031e12b82

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk

Filesize
1KB

MD5
a1bc555b3c675b66c20a11ea7c1f7f68

SHA1
1aae9cf06f6a7b233055af6447516618b7619b65

SHA256
d30de12bdec676a1c704260cbf9b7140756029b30e38b722eb2811bbbfa6203c

SHA512
1ed3df8d554832c8db6ca2c931e5a1582a95e9418664b55203c58aa6c00120b39b019c75868f357f2f8ca3d681b3182fe18dd9d422a01923e2b95b0bbf0f661c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk

Filesize
1KB

MD5
7154558dc6c3da7e9dbb1b7f2e4a93dc

SHA1
2c39acf2c654fd5c07711702ae6560d92e0dfe13

SHA256
f0f8241e3db1003dc762e6b7917e306e5e73cf0351d9dda3421bd2e9004a4161

SHA512
420435c2769440adfd4dd31e9691074d4c3ec9fb9330dcff2d29ab6c183df529fe4c1a402122669135bdd8feab1b40ed9238121666979de85d3c08f7a7742194

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
3105c0549c16f389a36f85103939b0d4

SHA1
d66b25b1310dcbce95eb86d8bb8aa7a458d554e1

SHA256
895f63560d48d5f616b6839bc1610fd217dc12be6ce6daea4e21fd43c9b1f60d

SHA512
c95e5338bff62bbd4dc7004778a6ce35cc0f9bcf9cdbd921f725df0a39fc46deaddf736c12295903952a1710c569fd104d20ec203625394d5d069d74d039c8ca

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
f134495f8a4e756954b8299df4506a22

SHA1
b5127fb36141e92022f53354e8fa8d6c639e2b85

SHA256
0bf4a44dc738f0b38a84927c1c3b149edacd2833772038521f580fc2696a1130

SHA512
e819f506455bb54392798d5392cdac501cd7b24bf5e36d860dc4f6f6c4f2b2cf09d7f4f098582d616297539e52fc98b47f0d247778fd354da7f619889c66e930

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
36c0be131b669b796131f6e470967762

SHA1
b457bcbc063e255ab5483aa324f85d025a7e8a96

SHA256
4ab4ebe8c8070add99b4f000e4439107d4d7000358072609bd638db6f2566dc8

SHA512
23a46b2aa751959f94db2ea03d9c2411aa661fe1e1f6b50632cf5e658fcae0c8a26958ad2b3f5ec038f4fbbcb63e35e82836b0946714b2b1ac8aa94ed73244de

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
00afb35b3be75bbb161423ab1640a9d3

SHA1
3b55e563f5f6d10442c67e4ce6cfb00ddebe84ae

SHA256
5ff90b2ff0b213795690341c4eea79814f8a03dbf32853227ac9c5ed3bda99eb

SHA512
256164c911bf6140311b3b5474c3e92b51f124b9031be3f75059ca6ca974f04f90e2b9f72e0623e86e1d82442fa6d9716a191a793990ee6b2b505e7b0aed000d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
2be1b4e10eb6cb626c9352a65e97b22c

SHA1
d86f195227998306182b19aaeebeec5cfee9337a

SHA256
be0f7c5cfa119c3e1c1197a9befc3b4bca4f4a61a37842785211782eb2bb1c48

SHA512
0b09b360e084f3f5fb0b7b5bed729c8904fdba2e650a1ce1025be9fc9a779b38822b2fef7d9a5b2925d43a86c1bd0fd3c35d381d837cd792dbef8a40e1615230

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
207c0a6bcde502a249cad609323a6e4b

SHA1
dce7a3dc190192215773bb7abb799c7a1b3526b7

SHA256
2a02dc5acccd52e0f60ea6c11d288e80b74ad1c53d6952d175c596ec7129ac4c

SHA512
4c31107be0305ef218a19e6f47aa52142399c56c37af45921d8d73c5152c58bb9ce0195bcd5da066609a1a6f7d4822bc7f486fe933c5ef88ca969d1949bf01e2

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
3a92fb2ab27e853e484137dd14bef085

SHA1
332340d88514de9551a418c61dcf9dd4279d55e7

SHA256
c1b6a921aa27fa43220056fb79c62bc428d53749cc0d00b98aa601b864b90a66

SHA512
081590050d36dbe4cf330e0a363cbddc6b072fc311153789f9bdb6b8fa77d1583a5069bbb989c17894fd804caaa4ba75528c4db21b3d1afe206189998f5933fd

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
2d84960d8cfca427ed55fba3454f530e

SHA1
231b938b34a7a392f10fd511a832ee5c5f56ebaa

SHA256
628e97a7681dc8aa9e59d5d82801b3f3125b583c2d373966a33aba1af1d1fc7e

SHA512
9edc094743915ae251820134d2e07137e6d3ee836388116126060db051297474094a325d117ee1c8c5ad9f98e6ede3c3f4c8a7e96ffe44fc953ace9e6384b2e3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
d92587e3d13a7531c63edc1b098f5605

SHA1
9013c8f4a9f042a9c21d3a44e04328bc29e8920a

SHA256
d9bcf2f15f88c1dbb862ca5f6724bafa1568f46e5b9395f658b01cef3d1ddc7d

SHA512
b917098ac7cb724f9cc8b3bac6991bd1249e21e0a9c3b54b1ca4e110493ea1419a2c99b7d875fdc3dc9b74c933ab893560181e20804328d2cdc94fda7d948ff3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
6ce8f3420125995534d8b40326a94624

SHA1
317209523160b72a5fbeefec894bc7b70d515035

SHA256
ba29e35fbcfb95bde191e9b487f11bfe6e6f8e51a1e58eb092a9e0b6960492de

SHA512
a4082abc527335a7ef73666210296938b3c4a993577b380473d254fc79f14708dc887327d3b47e107d9ee4af95435b12aed352dfde04f813eabd08ca3bde6430

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
35b89225def5214aa888a1d1941c04c5

SHA1
878299effa2397b212639fd058c1c368ac35caa5

SHA256
d6499777ce1ab3d1e865d162b85d7fe19ed10c91ddb2447963fbfa4964158367

SHA512
5ba5fbd8b5f0eefb295368e697ef47c42ceba77e704194c6187a3c27dd6f50d4c80927a8300284c38fca74238cad0a84fa458e56a91efda4ef73232561cf97d2

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
1e05657dbd1d7364b2d73733d347835d

SHA1
d0bd64822a4f3d868608020022534a1405cfdac8

SHA256
377cc11675a31d020a9d2860c7606e110adc6197210904f82d108ab4931c25a4

SHA512
51af562c3cbd20afc9844c196604f2e134967da3a2af72a24f92da35df3181e49624a4319b4bf8eb6fdde10e207b2edb4a8e9afa822d1d8233880d2c2d53b3df

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
6aa94b09afd0963b6b61f68f85e5bf72

SHA1
c37f7e976526b8c2932540bafc80a23b1b0672fb

SHA256
aec939a318e47ca3bd80534781d225660701b7893b6d7d05e81ab098c46c0158

SHA512
4142375b7759030940991ea06590451c0b34b07c5ccabf54414de17b73efd80f28de9866c92cb81ece460d617533249a80a002a695717f5cdeef667be13ef5d7

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
89b9e1196544805c00554d582cfe0cdd

SHA1
ae0dfdfeb4c6d66c9f21d860ed979b7b7f8e6a9f

SHA256
464ec33c23625499a5a45b3f90b9d34b73bcc933cdee6f7798ff1b62c4b9cf5a

SHA512
0eead5505c3180dd97f846e462741048841d3425200354e19add101b4d4555e42d06879481695f301fd787a456bb125d005f4038aa35e7edb61e50f69f6e3988

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk

Filesize
1KB

MD5
644be439ac610a03a6b0e0bf6c0e4622

SHA1
daf8db9b1fe18af20645627914c72e47b7c26736

SHA256
a4f9e591b523d8395500b66ed0bce6f3ced6561de623feb5cf3979bbb10d3da6

SHA512
eaca212e888afefd087f9e5f3c1080876d4f43e1d3de9a89ad898cf30d0d63e2da05408d138817f3eb31f5999fe1da4c22d4c9f9ea3c270b060886897802c79a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
ccd108ac1aa0e67742771b2bb0546116

SHA1
10f9e5f6989f2f44f0d56fc9a80b79229ba241e8

SHA256
3463c1a2bc50b08539770c95a73870690a0a736a189b34449a59f7502a15c5c8

SHA512
d8a4b0d625c39b79767fdf3c48b3a4ed687978e1055fd116f648259d1ea97ff96f9e23105eae89fabacbcd389cb8f4ff88c9af14be6fd45c2da1dcf9cde06af5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
847e58d1239e5c1dc20f1be260bd69de

SHA1
7c9e094f3914f938aeffd1502f22bfa46e518e96

SHA256
f0b7c60f694fb4a2b81ebf71b4a669f747a6b487c33d069bdde8ab0149925aed

SHA512
fbb04da8c9bc026c22ac166528bc0f96a524e16edb7c44a4f525d8e722c03f2579789ba424b4412a24bac8891fa2c21b2db739409409bcac61243cdfb392cdc6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
4b98c8176ca56288166dea88df098fee

SHA1
7ef060716b5ff274a876e1d3201554f0b93ed943

SHA256
708b3dda46c4abd51a95c46aa89a0a198167ef739300f168d44008a4244b143a

SHA512
f6b301aae7f3f49407bce5b49de3dcf698801be3746cab3b3c3e2acd0f0112e8b70f7942ee3c3af59f462a2d51e82a9618ca2f764ae337de307b3a5a2295ceb1

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk

Filesize
335B

MD5
0fda231d7203e084c92fe5be930bb0c4

SHA1
be5b07cf62d4f563332dff992843f9c81acbae78

SHA256
7cd44fa1564cb0fef0d134e5f4f89908b460210f9e72a40de16c2e29582e55da

SHA512
a40d970a9296935e0fbe9007b7c933cd05ec94153a46eb2aeb4039763ad2c08d45c66e9b06c47fdb5ab7993ae37040464c904034705937990a9ab795b54e66a3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
6ce3ca7baae987f52bc5f1249df2a2e4

SHA1
9764aece9d9aa27e0d0e0e89906973703ce34a5f

SHA256
3521e5619678eabfe012fd164c3ef52f2c2da47936304c2bcdf63d794b4a0fe3

SHA512
0956eca19cd939cb3124a1165e89708275374eb773545f0fc83f6af72739a4ee8ecbcc7be3ed772ff1b11ce6bf050a4850adcdb5505afed65cb9e986fccfd4c7

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
59d4d08b3b7e42c24def1b8912232543

SHA1
35b61a811ce0cf4f24b44e5a75f80cb9b6f65c41

SHA256
40bd180a066f594f7dca0775224ccacd90be9c6c72e513e06bd92f36693c17d2

SHA512
feedd887fe8bdd41918a8d15a244e7c5b8941cbcc69e84ff624d9ca7bcd3788667a44a99590c91f14ce9fb703ee24c3ee6d8292c107a1300cb87f51e1844df80

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
0b58e1b06b8491d86e366cb0c00e9394

SHA1
4d648dc1805ede0328be8e7f8c12f891f8f37550

SHA256
e0e26b263f36cf6ba0dcaef7318d42254b187ee61354efc2f038cda58d06cdd8

SHA512
8f9f680dfd296362e7eaf5a85f814580982ef02ce3f3f78d821e2a4ea74a31734462172b8e9abe21c401f8481c881bf5bfc3578d8fd8567c94466946db16db8b

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
643f223b58ec9fed72c9dcf00876b298

SHA1
f4ab11361de44bc1b4cba25bf751f172852442a1

SHA256
d8ec3dd46440440ccf7b412d257adcf7b35adb736cdfa018b82697e3b306065e

SHA512
2020e1f0b7f6570ac03d61921e45ee34645b27a2af481ca60053b5fa26675c88ae5946b7c99e03a4cbcae3228688df4c7f866b0ccf166a682fc11aa411f51761

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
249b7036ea00bcc937457a8c60320314

SHA1
4fcc82b5f8ba39df892ab9805609a785f6119752

SHA256
4c8cf96f91b14aebb7ea2f2dfbafd12871b9bdc282547d3b0cdae5f24d502c89

SHA512
d82ad0c2585082e25a44206d3525baa7cf44c5f74ad03607e95794ff9f1e5863a0d788aea6bc773f9bfeab50ad3e0a1f2288c1ecdd1b6559a3496414213415ba

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
9dc4ce09995f0979e9608c6341ce1e84

SHA1
39dcc292f4cf5b066b1602fb6dbf422e62d28fa4

SHA256
acfee069a472ebf34b99929549d2cd7d3fa69b6a4af90b5f25b559b7ab2301c4

SHA512
8a1e47af538ad0f809cce756437073ab8a6bce87c7cfeaca07b5fbf0a48fe6eb5498087693aabe6e500e449d9f03b4dc74a7298ba4d02a208508fc390eea5e25

Download Submit
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk

Filesize
1KB

MD5
a1ad17b71f90a72999f24b6214beb89a

SHA1
a59eb04ca93ceced5cafaffa31ba250600418fa2

SHA256
7c63678ae1e41c73969057a6191613edb7aaf40bdca7f05862f96abf8e9cad4d

SHA512
5631cbf5274d14d96fc0c69e02db7e2128f90af9ba5407b0804323faec41db8b2b2f6f2893e4ba559dea3deaf6489cbc740f63ccc78018af9c4bdbf60635bfd9

Download Submit