Analysis

  • max time kernel
    140s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-10-2024 09:18

General

  • Target

    61797409f8b005b6cacf5e59851b5dbe_JaffaCakes118.exe

  • Size

    91KB

  • MD5

    61797409f8b005b6cacf5e59851b5dbe

  • SHA1

    5536bd41d054abbdbc40610d6a0a136243e08cc7

  • SHA256

    c141071bbe9887987205704086574b923a8f9d1197458e7298025d0c8dd2d36e

  • SHA512

    4fa58c509459edd2b29c17c8a7906c00d2fdef33383495ff908ac8aa08e189d4e0f883b03efab281dbb24b7103dea9c88b64900f3f3e3aebbe31a73f182d668d

  • SSDEEP

    1536:rr4NzX0Xt75M2V2f+ffGQzRbtFO8616Cs:rriEd75M2V2fS+QtbtG

Malware Config

Signatures

  • Detected Xorist Ransomware 5 IoCs
  • Xorist Ransomware

    Xorist is a ransomware first seen in 2020.

  • Renames multiple (1359) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Drivers directory 1 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in System32 directory 19 IoCs
  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies registry class 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61797409f8b005b6cacf5e59851b5dbe_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\61797409f8b005b6cacf5e59851b5dbe_JaffaCakes118.exe"
    1⤵
    • Drops file in Drivers directory
    • Adds Run key to start application
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Modifies registry class
    PID:4228

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

    Filesize

    50KB

    MD5

    e629e760fb680ee0fd8fb22f8aa4a691

    SHA1

    13a4b8e96635bd051818997d6acbd0398b3fc8f1

    SHA256

    73c3001bfc486b427756d007d742b5fc2f6fd801f63a5bef3e31e1cdb6bcb704

    SHA512

    7d387009ef98c7f73b8585e38e36091fb2c13540957158618aecb9b069c4ad392e45af5e30b757bbdd4327f8bc77a67d047038ae59b6914f20c8c3c0f6659ded

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

    Filesize

    1KB

    MD5

    77c9338416691b018a96d4033235c47b

    SHA1

    438b5ac11d1ca18c4103294bb3083ff835e4ff70

    SHA256

    03cc7c28271c82926b225a81dfd15fb9da88668ca2d10149cda84cc7e4495bc8

    SHA512

    5129574555df20d4431d3952c4b151f881d385e4b09eae8d9304babb40f581a4a117f09d20fc419585b11961c7f6d254262877d44042f2dacbb9b2b708e65e57

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

    Filesize

    3KB

    MD5

    3b7d44889efc4d1d0acf8d325e0e7db8

    SHA1

    1e0b1a4fab693ab5239da89b4f4256fc66d3d80c

    SHA256

    b72875e999744dfcea8ac99ca5e923c7f7eade60231b4bdf9a2605837de43e0b

    SHA512

    bb949097c9bf5763f01835e5d4d68a3d4f5520b774410ec7e46ee1e4474fd1228a4a53e71eb2ab324812068447020a1a5461bb33e54c60f3fa6f63123b895761

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

    Filesize

    683B

    MD5

    696fa80d30f2d791fd80c2bc6181dcc0

    SHA1

    07b6505f2a48eec49a092808fab2d71f6bc77ed9

    SHA256

    efed47fceddf41715ffc1d6668593bfdedcb4413aad266f09ff89c0294798a0a

    SHA512

    013f42ecf53682aa0cb353345a86ab2c1d5e09de6d1792ca8ac7171e312c2b39f9c2c2d39b0f944a4d1220efa79e5aa621816f7e3a99721116d9f1b48c51b3d8

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

    Filesize

    1KB

    MD5

    a8140642c098f8ff7cc34d5cb331d7c7

    SHA1

    1d4648adbd2e59e140f9f6d2add908a9d2ebb17f

    SHA256

    29f88549889e87df50a0b3e0776a8126e8317cabe400b529a2b2642a41968001

    SHA512

    3d967c1878c12b6bba11df5b0f01848fe345b6bdbc80ba17f38ca33c7ff0db460aa32de52d5dfa288c853db368d3f42c92cd0c51b848390d2678a37c8828c3df

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

    Filesize

    445B

    MD5

    0179831b958867334f562c20a4a089a0

    SHA1

    3885ac4aa22d047b94827a00e6ba8841ce9c074b

    SHA256

    b91768ff8f1cdb4f728b486129e283fe49a2e7ca1813afa40090f3e8b4d0b36d

    SHA512

    37c7344de6a1d19a9b4aa3dd0f425cf21608c6a4941357f6d61cb6ed43bfc50c2a05476675d7070472385301269d4c626425d440a0a70c206b953f759e0b43d8

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

    Filesize

    611B

    MD5

    f56c505faf6688da70f40fcdd0a14f0a

    SHA1

    e95e415299729f8d993897094f590051697f2da1

    SHA256

    29d7c4149ce9b7e232d7621f70083e6d29584bd44c24766119904a3f0f221426

    SHA512

    de8466027e52621679161eace7464886d0b870f673ea5091e1d03df20b910e4c3040cedab5be898fd1d3548338bfe643e4f9a8ce1c3dae62281656c809f79c96

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png.EnCiPhErEd

    Filesize

    388B

    MD5

    b81c023089f041354e60f0ce374d86c1

    SHA1

    cd5085208a429d80b5f0e84a848f7f118690c9e8

    SHA256

    5c1e82c9649afc045de72ee723472d343ffb560f5f7f8bd726614efc55e930f8

    SHA512

    7f73e5d51bd7c7a89d8b7256bd9958e9a81824adff34ea18235f435fd5b233dc77678088960aa3a207ad31d6707cc83f22eb5ad451137fbfecb14d77f2a1a3e4

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

    Filesize

    552B

    MD5

    a697bba4ab9bedca6c8185bd5aadd368

    SHA1

    cf15abaa865192448eac660101892b794de9e10a

    SHA256

    31e15761fc28101caed9b613e1fad12577eee56e8f14d90a3f5b95e939b19fd9

    SHA512

    575dc3a466efca003c7b8954137e9fb69ad8c22516dc4af671c8f6464ab619d0dea9186a5a8527575c18bcc62eebb7d47f52fbfc9903198066f1e4391e9cf88f

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

    Filesize

    388B

    MD5

    c640257f67f4792e39f63e23b85ec4e8

    SHA1

    20e936f2654ba660a6a78fa49c8713ebbccb3fec

    SHA256

    52731df7efe184a796847d6c7d0d0eb24a903e1efb54fab5c27b3cce4c2e3cdf

    SHA512

    b9baac8ebd58dc81c8a62c0645946619ccc25c600d8abc12313f106d39bc94898701afc2615fca5418286b6827a2bdc5bc1c34a0aa14933ff6524de1d71cd7c3

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

    Filesize

    552B

    MD5

    68b49b553cf81f4e9c679b40348a33b5

    SHA1

    c4e1bbaaa3922488bd2d930760e29b5d4beb34fb

    SHA256

    9f6c42a4b7eb9cc3b0e3b79626e17fc89be867093799003efba70850b53ca83e

    SHA512

    387623bff876cb759edcd49646eb5aaa7e7ddba6fe261dfce14179fe71b79257a5c039d092cd6c81bf6e4342f41336259d45e1306d79fcc81e45eac718954193

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

    Filesize

    388B

    MD5

    568a12f186a6d06db6e9cf57ae83cca4

    SHA1

    968494ffa3a3421f5d64627977d2d0d9a452b886

    SHA256

    7486f162bc4cb01af4b1ba00e42bbeb80316f73c9c69b7e4dc1a2cfdbe2bc915

    SHA512

    73377f9f41b2a9701e2d0482bb2a1745c3ddbeabf2baa77508705977ab46a582d58e1bee5ebfe818d2ff7f44766ce389848810a26a3738317ffddb9b310ce052

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

    Filesize

    552B

    MD5

    b506380e21e91621473ea31cc44b66f2

    SHA1

    042c7fed46910dcedd462bc2cefb77bde6601002

    SHA256

    8cf79aa14f4f912779df0ae3af472b445c58274129e11d1ba41100ee423d5e97

    SHA512

    6545ccb0096c6b94ead0764e02430a4087254c1e7669d9d138d118cd79e1b6bdac8b70ebd0de14d0b6614b35828cbc8140a34c5549e648100ec3dc3a045f1f03

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

    Filesize

    7KB

    MD5

    54f7ae1baf7239aaf3008ec4bfd611a6

    SHA1

    d9175d2eaa224ff82c22c4343d84cf688cb3de8d

    SHA256

    8fe6a8e37c2fd63da0f99111c3d1f7d3319c9f5db8d1bdb733ae03e5e55f3ec8

    SHA512

    db368ed39d7570f793bca9c0c0783afc9c902c3f73f5a8179fcc203ff533967154c447133ecf77608ff1a4e6ecad7de3c40852fbc22aafb4faaf5937882f3063

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

    Filesize

    15KB

    MD5

    402b5f963b409013a6293914c2fda320

    SHA1

    2da09f5ccca3131d7305df60b459790aa74570cc

    SHA256

    f0afa0783a9e0430220df02a4cb30a435b34b8a6790a9e40e335a4845095ba63

    SHA512

    2e3a4aa6bde3342078a2f469852d07def76982dfa96471710e89bc14751d8dbd2251c4c7e2708e327568f2f6db2def91d24eea7e02aaff946170c94ac14c97c5

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

    Filesize

    8KB

    MD5

    1c1fe1885f24054f60e712fe75b8462f

    SHA1

    0d3da3b5b69abaf0abfa6da6e7421c8132fd75af

    SHA256

    9f0378d36c29cb27d558570f6a5f9f73195a90f8cbc1db72b317b52ea8377e7f

    SHA512

    cecccc57db56e6acbca7dc06e5980ce12db0810aeb2632d3e0b504a724ffe90340a24905d5544f83441b92afae5940c237059260e1c1ad57b9583d40ac0b2c95

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

    Filesize

    17KB

    MD5

    286a92fb28db715f882adfcc2b0cd5d1

    SHA1

    0aa908a0174839b8b46a80b04c6923efb27f38b9

    SHA256

    36067a78511960826d9db821fe005b67dd66ff600434f142868c153fb9bfb9e8

    SHA512

    ce7f657bb43aef4f5b9aba1d7062ba8464204146db132877e6d74f105f4f0a9120bedbd3300cd5c8242241b4723e7388a7729e0051edc359805c86988544b138

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

    Filesize

    179B

    MD5

    3da6c190bbbd065712e0113d7241d455

    SHA1

    48d1c062f998143ed4610359e547352e20005825

    SHA256

    294b498cdba53441c434b75e685939e62cb01523e75fa89ef13cced7911f655b

    SHA512

    cc127780fe2c8c37bfd4812dec77ddc0b0028499e9a68018e11546e40979d98ff04dd306cdf74be84def4c1a7778f34d107829c77944899f11cfa6e46e953c0e

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

    Filesize

    703B

    MD5

    30ae16f6c3a80c2f874bec1bd34c01f5

    SHA1

    a6214914f8155cba6a29d32eced9ec4fc4c15d78

    SHA256

    7f8ae2d5214d744a74e3ba6efb8c29db5bda5d4dd6b6127ec480edaca99ffb13

    SHA512

    585716b75f38ae990097481c08f405b12f79029e1d89b7628ff38c368d92e4911d0706fd5db20f15b23f3a7cba84fb1258099efe24a94a1c8bf3809daee42139

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

    Filesize

    8KB

    MD5

    aadba34d71e28e09da3c4273a9f8abcf

    SHA1

    3d152ea49ae8c63a187956f4a4dd9aa69b67107a

    SHA256

    b352632c7c070ebabcc0f2131f713deb7a03ab86a43e9e57486f8d22bd4e39c3

    SHA512

    faa1eb764926785b5cf2f969e6f04f4a602196700bad0d99e9dfb4e47d7eb93cb2947b3c0d2965e21de5b585bf78a759775ac549e389912a4d561585bac0d0b6

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

    Filesize

    19KB

    MD5

    484fc27165e89cf5e71d20fbf988c35d

    SHA1

    f30c31616a052761881f380b311c55d071976108

    SHA256

    a0bc67da2909dfd18d5f626f6b44b33da8b1b317e1a817ec518d83230306e840

    SHA512

    fcc512db9dec76500c44d4128e47df4088150a8151e134f9c691c5d6974e87286b6982fc88ad51747d333d90ba7bd3136ab325a0b9fa056162d9718c2bdaa9aa

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

    Filesize

    6KB

    MD5

    1f7bbb45f6344ee3512037b072fa8bb4

    SHA1

    8c210ce6135012a7c8050e187099c4d523c593d2

    SHA256

    8c758124f7179cb3eb582866cbd5d7a8f894b2ae68cff516d5117773b5c41fe1

    SHA512

    f2d5e0da217196a4f125c3e8b554492356f9d4aa0b9625d98917eef0b22c98fba982c7e690ce74e69042c2d19e2521f5085b3c95b7e784f7904b6de3dd39679f

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

    Filesize

    2KB

    MD5

    bf05598760afc71639f243fc2225d3fe

    SHA1

    7f7d4c83b2faaada79ead6fe6103c4fd01eafa81

    SHA256

    3eabe2a60bbe644ec9a91dfcdf31f7155f3b400a18f4739636275607d2ff2023

    SHA512

    01202c42afa432ead8e19af61f592eb9081fed67605692c44270ea7f3a721e63c6eac0ea92ca9a4337a6edc2d9444dc2efcf0fc50b22c7ddb24f74236e075d46

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

    Filesize

    2KB

    MD5

    ce407e092074ac5e5497d6d895ddaf02

    SHA1

    d455342325a1965cc03388e0a16fde33b24b89d8

    SHA256

    eaebfe217a7594221339402fe9da8ac2c0e87c88bb49405165342a064f913ac8

    SHA512

    23823e96bc804d002d88f4e27d4a9aa752e8bf15a6a71527e292c613fce1f4596c91be730e6cf6fad599a0b8e2bda867417f9956cf74456e35a2b78c92a56c25

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

    Filesize

    4KB

    MD5

    4836b9519293d2f8189f976afdc4e892

    SHA1

    78025314bc3ac08c26168aa16e1830b28ecb08ef

    SHA256

    881776a8d1f4bd034f06235b36bc9b21a90e0115723e01d27b719fd3239af900

    SHA512

    8c57df1b90c5c657f9b62171ca3d8859bb983f1d61702e9a96070a2da4eff384e1cc32f05944ed409074705858afffe5dffd61114b056a49d889153d66d800ed

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

    Filesize

    289B

    MD5

    fb69323324272abeeb00b3e888ee8785

    SHA1

    a3aed92d24dc5b34923d46d2aa6f059297130522

    SHA256

    2e49a62b7fef30729246bb8d111f15e71a63be2f9f1fae41c74c1b70b056a5f4

    SHA512

    0f391f464e1c916751c8cfb3c219e44044756c34c0f8f9a72df4f419129ea613a6ab042c543a5cba68d5f950c4783ba43c9d1cf73968b042a6461b31aae447c6

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

    Filesize

    385B

    MD5

    e1ab20f9a9376a049515fc01911331ff

    SHA1

    03e16079b85cf91e9d6da23ccd3a896548143515

    SHA256

    e35a90b029f7c0bb288e4a04a9c579c28ce335407e35c9e523419bdc52cd0288

    SHA512

    12a4eaa8d3f1cebe6827bffa76713489b7bde4e266a9330903ebc46c1507499a6889cf6b16083ab28f8b956dfbbd7c93cd57b150afb15f314a52200a75895f88

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png.EnCiPhErEd

    Filesize

    4KB

    MD5

    2c32988a58a8206adca75576fddd0db8

    SHA1

    964d6efbeaf11c4c3864f7a4a2909edf428ebb42

    SHA256

    10622c99309f63920690895fb8f99aa81f5b6603cd8287c9fa2999ba8f3087c0

    SHA512

    e9b8cc090949de448f2450bc439abbd5060b7145c7bf6fcd67e58b85d8cb245a46daf7ebab1951c85877beec74d42141357611fafa3e39720589f52deb58a0ff

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

    Filesize

    1003B

    MD5

    0dc4a9b8b439740e353d4aeab32d3bd2

    SHA1

    3f196331d4e127749eb631002b7ec25f2b0fc133

    SHA256

    d473a351c87db39841b479a6e5e23eb9de8c9053763d27293ddd51006e49f6bb

    SHA512

    de5d1fa2c090e89afab452ae9b6155bc4413e1bd7bb337a5a83a53eb693ee0bfbccae3d258b8d027d1ab3b648ac8e535533f7bd21862cab3e594c0be85acf98e

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

    Filesize

    1KB

    MD5

    554f9200d43d8e1a7e847d787c4ccbd4

    SHA1

    b90c3714c7b975a6075efeb225cdd4a21f2e5d45

    SHA256

    439f7714b184e43fdc97952c2ad7f054cf6a8285d6779839ac7ee9da6f43257c

    SHA512

    431ddee55510f18324cc0ca8a4bf476e9bf4f5ba8d4dd9a17e9e3899161e16af51d2b3c89e1cc29d32abb189afeedb5880e7e0c68fbc8cb6348fec7fc66ad0d9

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

    Filesize

    2KB

    MD5

    a6bf4b3268bac5644aa62c7b90f2de80

    SHA1

    7bb30e65b1b21e96a38db55b0c7605c23757a6ac

    SHA256

    7fee0d6ae62265a1d418c9c9febc6471c588c54facfeba770c5a5ae1e604d365

    SHA512

    fde509013caa8a97d31abd642a6180a169b717411758e8c607614c1a1116def9d48a52b2c6d2c94c2915849e631c1772d6931d9a79b80b9da7b2dda82aa24d08

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

    Filesize

    3KB

    MD5

    b6e88079a286c07507a9c152c821a892

    SHA1

    21e0fb3a649733cd8ee5dfc76540e5929b6482fc

    SHA256

    5910dc716145c2357ff65a434e23c20f0c2ebbde92a95eafc7401dc9962e4e53

    SHA512

    0b7f182833517a5621bb1e069a24491af0be1faecd48dd4a077850ea52a9796f4ad8d98aaab39fd80d2a3e1c4e39b11abceaa6b505e0bc0f8f5c2fb2790d3606

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

    Filesize

    6KB

    MD5

    e926bd31c02a4d320310b285d18fd48e

    SHA1

    4d8a059c908440504a113cf69262ef2719e1c969

    SHA256

    4626b90db9a187b686886b5b394d7652c90fb5ccc5073e3161c94bd39b8abc1b

    SHA512

    ac859c0d140995f353d9543a8d46f8bcf2867c895711ed8e59377fb9fc91e8ba546305d803c947d5c5dc045eb1253be70b0d63ab606a3e54e50e5319f4b8af81

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

    Filesize

    826B

    MD5

    123c917f13e1f1dc6014d2b00aafbb40

    SHA1

    36c47f8413c4614dda26fba533aad1f85a0a10d5

    SHA256

    a0684fe4dc45e8693c6ea4ee3849afd62c61522a358ab3c0445f22d2ff379485

    SHA512

    a3667f372a0ad1b324e850f20cf0b65d871cc25a9a4426c6a09b895c7f45925780da8bb4f90b53a7c2ec9e884ab54215f1665700ea588f7b9487ca404773c09d

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

    Filesize

    1KB

    MD5

    68dbea44ef614eb79aeb004d9ea29766

    SHA1

    36c07d22c226ceb5725cd37f41f44e7e75518777

    SHA256

    8894f4203f55071011690b2f049b09ebb9d1b7344c9d94d26a93d2ba7f6b2549

    SHA512

    582b156e9f00b082e251c5eb74766d6e7f302fe1e792a57a81a08c345746a6112763a0f27d935e553667a41c6c3aff0dc971912e9c4449e097c4fc496e271806

  • C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

    Filesize

    32KB

    MD5

    da45f7011f0b7160c3ee0a8493515d8e

    SHA1

    f33ccb5d1881551def9be8cf85190efedc137f3c

    SHA256

    3967006c5afd30f61a57483f4a3533ca1edcd9d57b16abac5f3a0de0f77547de

    SHA512

    32754c25f6dd287f1bbe84304b9deee215346e7e42a1572fabf4507c386a57ae971cee6d0b160ea50266630f268ed162ddf0e5521d8c9db438d9100f3f70c9b5

  • C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

    Filesize

    190B

    MD5

    dac39d31eff4bad02f47398d082bfad6

    SHA1

    f4c4772aa7a1a95901ca5153d046728fe0d4bbbb

    SHA256

    1531fd321115fd6fa3f3259046be73645139caa6df49df9810534decdac5d326

    SHA512

    00d84afb10ff21498207311044694da7343a6f9ee9b64e57603c7534dbd80c5b48da830e7a496931a51858a282bd403f38416a1ce593726a736a40c23f772814

  • C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

    Filesize

    190B

    MD5

    fff2689b60f86fe745e8f4c3af2ee29a

    SHA1

    ab6a044bfbd164dffc477d3ab330be5a969e940a

    SHA256

    9d18a673f3924c2e2fe6c37c5f229a2e57ce704825aca0f9cc6be079171cbb7c

    SHA512

    e2899bcc652451d5530f0609938bfdf21f85c11de2f4e400eabbeac2ef705229e25026df15f616a30ef540c939be432fca856c4c1c973c604fbbd99818aa43fd

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727655977808114.txt

    Filesize

    77KB

    MD5

    a22f33be922c33bcbcc3d016c942216b

    SHA1

    3dd24455936f6eddae1924cc0c0f08bddb82b80c

    SHA256

    69692b4ca6d4c38f02cf175e072b13b846a986837ce4a8e0ff31664e285beff5

    SHA512

    1692c8d45979d57e93e171bdc2ae6ea644774ecddea2d2f3ab9f156040425b1978793d8b07b5a3eb64b69f5a70c5daa1806b00dfe51a42c1079971beeaeced4e

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727656717558154.txt

    Filesize

    47KB

    MD5

    e9e1792ea6b1fc51daf62939b3f0c7ff

    SHA1

    05f5e5ab30646e68931fb8c7ba4a7fdae3a37faa

    SHA256

    a09c1f59c16ede1daffaa5bc66eb3044cef0b4e5be154041d11c5df5745788fd

    SHA512

    854b8cc557e574576736cffc84c3aaf985eed4fd373b91b97ab5562d0db51d1a392c08848a3cad19c3de6f0541fc9f86f10e92459085352f723ce5861b64c6ec

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727663096253949.txt

    Filesize

    63KB

    MD5

    26bcf7cec2e282d02c141dc4f656f369

    SHA1

    dfba24cdf4105fbc3d7ff15d5e44df1c1bdbac6b

    SHA256

    b76d6df6371e587df7e03820d3a47187d271836917ce39acb17714dcada7973f

    SHA512

    be670c7576b14bee0d47f725cdc842371cee3bd809b5b9cfcd09482371abb1c8fca240573485b18fb599c536df6a3c51f4cef5d4bbc5dff2a5cfae7077f88c44

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727665766873969.txt

    Filesize

    74KB

    MD5

    eafdb1e8fc0b23581be90160cf538c09

    SHA1

    1b086029b0ff4fc0ca52328d5bc23620983f6186

    SHA256

    18094e99f5bbe7e35134bea1b4a1cf89add8fb900df2106020e9147440cb2675

    SHA512

    c571c0313b679f0037453930c151ce604bd14a149c9d79c1954a368250f63ea740b20d4a54903cb7207efe00ee67bbcc2eefee08c4d31621ba3f9d5290221bcd

  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

    Filesize

    21KB

    MD5

    edda91b246d82df280ae7dbad7709c70

    SHA1

    3fd6a39ce0a06ca3e65cf453b34b4dea141c1f83

    SHA256

    8c2c958ecb7e3ae1645489fcb97148d99d81e76f7bc894f5d0282f928c61399e

    SHA512

    f45e36434d5fd0c11cc96ab2f967671b48c274d41497380e131f96bca440d00ab289508408353453c8d6f976cec735a30c20268b5c5cc45214c2fe80ef0cdea0

  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

    Filesize

    8KB

    MD5

    a4dc5ebe45f42cecd6a21f522ea6a3d1

    SHA1

    3298e93098e9d8e88cb5c07a99bcc18de2ef0ab2

    SHA256

    c20a6071059a0e0f67ab55991448bb7a364b008d5d8b5a3889a46f2959d9e3a5

    SHA512

    2084be2872118ec7c4296e50945090909a9e8d1548337e3ebe612c7006b9928fe2a1f72240fc28d75e313b81d17cc6221297bcf220b949c59b2a9b2b8719f104

  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

    Filesize

    1KB

    MD5

    7383755058e0cd2a01bb411c165cde58

    SHA1

    c30dedb05a35afd7e03b682f6d9a0ad16a9c7201

    SHA256

    b972016874d51a812bc675aca085bcb08e460e09c58fcdaf70243387bca44dc1

    SHA512

    6d17962bc334e869c937727cbf4d29d95359f259733f38263ef7881cba0207de6c534c6b0a947803b5b1ec192f904134708731191b647a7ceb7b9b192846e1f2

  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

    Filesize

    8KB

    MD5

    690aead534cd824f57fab35b1193a777

    SHA1

    9f87b9d594454aed0d9e3627cf5e6352675871ed

    SHA256

    900b9c9eaac551d937b0b6322bea29561da31422ee955b22c52c45bbc8ac326a

    SHA512

    f3cadb755eb51c32ab212f7ba7eb428ec13ec5d72bfe7ba45cdbd4974491d0cf8fde0d348a3faaec8aa6043580bcbedc200008d9fabe09c3a20ec8429e04c61e

  • C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

    Filesize

    296B

    MD5

    ca4e72d6839e69eec26ab0461ff7b4f1

    SHA1

    5786e463f76c31b290d135da294c1a925c771b7f

    SHA256

    a5285abdef65de89942247c61a1a0faffb291eccb652c556526edddbba01f4e8

    SHA512

    a07fde3f7659cd7ccb1985984532f2fb8ef9f4bdcdbc9744d9f53b24fb0c6110c102746f4819ef44b01b6e24e9448e4e10e7b5704a026e905085285188f2f042

  • C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

    Filesize

    276B

    MD5

    39978f0c5dcd9c0daf0b1000a8d7b567

    SHA1

    3ea7240ccb143dc82e2df847f653b875750bd569

    SHA256

    7bce3f64eefc9dc9d0c5e61b269fdbec161bc7d798182c21e4a3a559cee41cd0

    SHA512

    c9ee4cdc53a16976d68a01aebc7a933b6fc3b4deeb2323ca868f414aa35f393a644a685ed87bc5b71eafc93a8c5f2e2673f1c777080868c490d3f3a2bac26a2e

  • C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

    Filesize

    296B

    MD5

    83fd00bebe5667677dbe53a45ee7cd59

    SHA1

    32c869db25ac61fd5c4fa991338bbdcdd51a7c57

    SHA256

    517a4d3cf1550bfb7a5dcc55d2ab385599f117c545a8c59247b6def3e097f355

    SHA512

    a004e4585ca8d9be433a10dfdfa0951001a80c2b5305260df1b554d776333ec342bf1ed90adab8281f69265ab33dfa65b59e3e99bfe40c0aa436da004494d957

  • C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

    Filesize

    276B

    MD5

    3160b7be6b65ef575e9fdafdc4778555

    SHA1

    d5a41e968cf19dd2d5c65c6fa47b54a975c6067d

    SHA256

    4a3fdb921cb1bbe9f17fed4402340af351196d23d3e18d2e3ff41506e92fb030

    SHA512

    b1b020c9ae9f466d01d3f6f514fe4275a3b0ffe07b3566443a672b1fa83487dcd7fcd9a871120ba3aa5baeca984bc5a938b577499c3a26a42bb5f11f80e5a633

  • memory/4228-2448-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

  • memory/4228-2447-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

  • memory/4228-0-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

  • memory/4228-2699-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

  • memory/4228-2701-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

  • memory/4228-2702-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB