be84021925092626bd493b3aa37bd9caef50a23d6ace807b513324dbffd3a4a5

Analysis

max time kernel
138s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
02-11-2024 07:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Size

12KB
MD5

84e838af1e1b7d9cb96ccdf6236f475b
SHA1

04824c153c289176e83dc6e64f91dac8d6e9a21b
SHA256

be84021925092626bd493b3aa37bd9caef50a23d6ace807b513324dbffd3a4a5
SHA512

ed0e88044a58cce3fb35637723220fe111d084fbeeecdb4c49756e7359e97437ebfac57aead52e61b9a394c8df3267e2995f6696a9c5fbd1e8a6ed734f5c52a9
SSDEEP

192:y/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMkw4Cje:yebFNw4Pk1itKkpAjjI2Ypdmkwxje

Score

9^/10

discovery persistence ransomware spyware stealer

Malware Config

Signatures

Renames multiple (2187) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Drops startup file 1 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Alcmeter = "C:\\Users\\Admin\\AppData\\Local\\Temp\\XclWp5W9KAI6fNr.exe"	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Drops file in System32 directory 64 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\FileRepository\termmou.inf_amd64_c4c8f901e3534194\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\IME\IMEJP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmomrn3.inf_amd64_c2314613ba3f3585\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\rdcameradriver.inf_amd64_43b67cb2258aaa60\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sdflauncher.inf_amd64_1ea082c6cf8f6982\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms007.inf_amd64_8bbf44975c626ac5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wvmic_shutdown.inf_amd64_bce6891915e70bbf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\nettcpip.inf_amd64_96215b82eaa40fd5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\it-IT\default.help.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmtdkj4.inf_amd64_3bc71c4327f9f94e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\stornvme.inf_amd64_1218fad01506b7af\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_bcfa5f586783921d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_scmvolume.inf_amd64_de693592afe8a496\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\nete1e3e.inf_amd64_895623810c19146a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\MUI\0410\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Engines\TTS\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.ODataUtils\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\AdvancedInstallers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbnet.inf_amd64_9e6bb7a4b7338267\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\setupdir\0012\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\it\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_UserResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\TrustedPlatformModule\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmaiwa4.inf_amd64_b74e18ebf47de72a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mtconfig.inf_amd64_fe91941ed205cd9b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms012.inf_amd64_707d3849370b9d23\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCClassResources\WindowsPackageCab\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmsun2.inf_amd64_de323a35134348a2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\msux64w10.inf_amd64_5aa81644af5957b3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netwew00.inf_amd64_325c0bd6349ed81c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Common\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmminij.inf_amd64_a85c8e1fe15a9532\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netevbda.inf_amd64_1503f4d5a0d6ba56\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\networklist\icons\StockIcons\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Com\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\msgpiowin32.inf_amd64_46634fa071d1db0d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_LogResource\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForAll\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\ProcessSet\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\DriverStore\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_netdriver.inf_amd64_2d569d832b41b8df\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbaudio2.inf_amd64_8d164ac6f7088f97\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\migration\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ialpss2i_i2c_skl.inf_amd64_9d9dbb01837eba23\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Printing_Admin_Scripts\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech_OneCore\Common\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\sl-SI\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\sr-Latn-RS\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetSecurity\de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netl1e64.inf_amd64_8d5ca5ab1472fc44\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms004.inf_amd64_c28ee88ec1bd4178\Amd64\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wsynth3dvsc.inf_amd64_1a08a3b6cd493e1f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\hidbthle.inf_amd64_bfb3ee8e5a97c3be\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmmcd.inf_amd64_43b149b35876b241\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sensorsservicedriver.inf_amd64_4761deffedf4e12e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\wbem\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetLbfo\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Com\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Schema\MSFT_FileDirectoryConfiguration\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\bthpan.inf_amd64_b06c3bc32f7db374\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PROFILE\PREVIEW.GIF	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.YourPhone_0.19051.7.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MediumTile.scale-125_contrast-white.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe\Win10\MicrosoftSolitaireAppList.targetsize-96_altform-unplated_contrast-black_devicefamily-colorfulunplated.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Google\Update\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\FetchingMail.scale-200.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-black\Movie-TVStoreLogo.scale-100_contrast-black.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nb-no\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\js\nls\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\MEDIA\BREEZE.WAV	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.19071.19011.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-black\SmallLogo.scale-125_contrast-black.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\en-us\pages\wefgalleryonenoteinsertwinrt.htm	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Wallet_2.4.18324.0_neutral_~_8wekyb3d8bbwe\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-il\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Place\RTL\contrast-white\LargeTile.scale-200.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\zh-cn\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\sk-sk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_neutral_~_8wekyb3d8bbwe\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\AppIcon.targetsize-48_contrast-white.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebMediaExtensions_1.0.20875.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-40_altform-unplated_contrast-white.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\ExchangeMediumTile.scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\Images\Ratings\Yelp8.scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\js\nls\zh-cn\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\167.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\contrast-black\MixedRealityPortalAppList.scale-200_contrast-black.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Logos\Square310x310\PaintLargeTile.scale-400.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxA-Yahoo-Dark.scale-125.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\Assets\contrast-white\PeopleAppList.targetsize-16_altform-lightunplated.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-24_contrast-black.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\zh-tw\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\[email protected]	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-20_altform-unplated.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\CardUIBkg.scale-125.HCWhite.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\tr-tr\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\WideTile.scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderAppList.targetsize-96_altform-lightunplated.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fi-FI\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\PIXEL\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Square44x44Logo.targetsize-256.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxCalendarLargeTile.scale-150.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\MarkAsReadToastQuickAction.scale-80.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderWideTile.contrast-black_scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\Common Files\microsoft shared\VC\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_x64__8wekyb3d8bbwe\Assets\JumpListSettings.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\7734_20x20x32.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxCalendarBadge.scale-400.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\Attribution\weatherdotcom.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\EmptyView.scale-200.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\InsiderHubSmallTile.scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\server_issue.gif	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsSoundRecorder_10.1906.1972.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\VoiceRecorderMedTile.contrast-white_scale-200.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Square44x44Logo.targetsize-64.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\illustrations.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-white\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\nls\da-dk\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\check_2x.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mn.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\Videos\Help\Sticker.mp4	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\LinkedInboxSmallTile.scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Car\LTR\contrast-white\WideTile.scale-200.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Sounds\SpeedLimitViolationAlert.wav	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-48_altform-unplated_contrast-black.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\ru-ru\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\WinSxS\amd64_ialpss2i_gpio2_cnl.inf.resources_31bf3856ad364e35_10.0.19041.1_en-us_1aff042fdca6b9af\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_libressl-components-onecore_31bf3856ad364e35_10.0.19041.964_none_cd0fd3b2337119ef\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..sprovider.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_983275e9ed90289e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_system.directoryser..anagement.resources_b77a5c561934e089_4.0.15805.0_fr-fr_2a5c807584be9e05\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..rolviewer.resources_31bf3856ad364e35_11.0.19041.1_en-us_96ab4b92fb362089\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\Containers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..mplus.res.resources_31bf3856ad364e35_10.0.19041.1_en-us_590d912de16dd7ff\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.19041.264_none_ef195f564f00d259\NewWindowIcon.scale-400_contrast-white.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-shacct_31bf3856ad364e35_10.0.19041.610_none_a415ea988031a7e3\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_multimedia-mferror.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_602d9f8e48d267a6\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-peerdist_31bf3856ad364e35_10.0.19041.1151_none_91f4a96c9f464c76\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..tools-adm.resources_31bf3856ad364e35_10.0.19041.1_es-es_3d22df9be889449c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft.windows.r..owershell.resources_31bf3856ad364e35_10.0.19041.1_es-es_1935e04c4184bf8b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_10.0.19041.1_none_c6753311bf6fdf3d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-w..smenttool.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_7d724a4bd7500818\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-n..orking-connectivity_31bf3856ad364e35_10.0.19041.746_none_1ac92c26b9949bd4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\de-DE\assets\ErrorPages\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..oolsclient.appxmain_31bf3856ad364e35_10.0.19041.1_none_75cd350cc8b5dbcf\i_sort_down.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-networking-hostname_31bf3856ad364e35_10.0.19041.746_none_c5921ea2fc45a3b3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-smbdirect.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_1e61db814d7f62d0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_systemresource-wind..-ui-accountscontrol_31bf3856ad364e35_10.0.19041.1_none_8805ef3af31f4b8c\Generic.Theme-Light_Scale-300.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-p..ty-common.resources_31bf3856ad364e35_10.0.19041.1_es-es_c7de5a89c4d8cd49\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AddInUtil.resources\v4.0_4.0.0.0_ja_b77a5c561934e089\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-i..sbinaries.resources_31bf3856ad364e35_10.0.19041.1_de-de_6988eb133eb82b0f\401-2.htm	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ie-ieadvpack.resources_31bf3856ad364e35_11.0.19041.1_uk-ua_f18dedac4f4bf48b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-k..l-pnp-adm.resources_31bf3856ad364e35_10.0.19041.1_it-it_e961f8e21ea93e0a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-n..qos-pacer.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_43bf289da5fe93b3\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_system.identitymodel.selectors.resources_b77a5c561934e089_10.0.19041.1_ja-jp_32ca2cd475729c49\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-hyper-v-h..t-service.resources_31bf3856ad364e35_10.0.19041.1_de-de_34bdd5cf1b571a11\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..l-keyboard-0001105f_31bf3856ad364e35_10.0.19041.1_none_57c32f61e71683eb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-webdavredir-webclient_31bf3856ad364e35_10.0.19041.1_none_0b16d740530f29fc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-3daudio-hrtfapo_31bf3856ad364e35_10.0.19041.1266_none_01934add04c2464d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_10.0.19041.1_none_f5f4f51cfb3d0189\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.web.management.ftp.resources_31bf3856ad364e35_10.0.19041.1_es-es_212c0d5e23e190fa\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-userdataaccess-cemapi_31bf3856ad364e35_10.0.19041.746_none_6b18b66830442fb5\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_windows-media-faceanalysis_31bf3856ad364e35_10.0.19041.746_none_62b14474b63afcfe\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..rvice_mof.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_7da5827f83dbffcf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mccs-networkhelper_31bf3856ad364e35_10.0.19041.1_none_716aa238883e95cc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..nter-core.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5d35c97dc0617ed1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..onservice.resources_31bf3856ad364e35_10.0.19041.1_es-es_6a93fabb3be01f9f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-scripting-vbscript_31bf3856ad364e35_11.0.19041.1266_none_0b2c951a40edb356\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_ws3cap.inf.resources_31bf3856ad364e35_10.0.19041.1_en-us_223770d6d89d3c45\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-media-streaming-ps_31bf3856ad364e35_10.0.19041.1_none_04aad9d5e1481d83\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-r..ckgroundmediapolicy_31bf3856ad364e35_10.0.19041.746_none_2b52281297de22ce\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-cryptext-dll.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_4f6cbd1583af867f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_10.0.19041.1_none_cd0389b654e71da2\Windows Notify Messaging.wav	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-tcpip_31bf3856ad364e35_10.0.19041.1_none_1776a3602eb73133\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.19041.844_none_d9eb415c5b9dbe4e\Square150x150Logo.contrast-white_scale-100.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-wofutil_31bf3856ad364e35_10.0.19041.1_none_41180bf7abb4de2d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft.windows.winhttp_31bf3856ad364e35_5.1.19041.264_none_7517ff6e147bc8a9\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\jsc.resources\v4.0_10.0.0.0_it_b03f5f7f11d50a3a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-imapiv2-base.resources_31bf3856ad364e35_10.0.19041.1_en-us_8f0cbcdfa9133f8e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_dual_netwew01.inf_31bf3856ad364e35_10.0.19041.1_none_c644870df2460710\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1_none_d0af17ec366548f3\logo.contrast-black_scale-400.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ameserver.resources_31bf3856ad364e35_10.0.19041.1_it-it_2118f745095e2f8d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.19041.264_none_ef195f564f00d259\MicrosoftEdgeSquare44x44.scale-150_contrast-white.png	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-settingsynchost_31bf3856ad364e35_10.0.19041.1202_none_f4a35974d85ff180\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mapcontrol.resources_31bf3856ad364e35_10.0.19041.1_es-es_336d1bbe8e0e9428\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_10.0.19041.928_none_6a67731cf3e151f2\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-m..ndation-mftranscode_31bf3856ad364e35_10.0.19041.1_none_7f7e04bc66a9491a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..ess-guard.resources_31bf3856ad364e35_10.0.19041.1151_en-us_699204d71041b23f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..anagerapi.resources_31bf3856ad364e35_10.0.19041.1_de-de_beb4b740629bcf01\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-i..sbinaries.resources_31bf3856ad364e35_10.0.19041.1_it-it_9f248a35f7c12459\401-1.htm	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

Modifies registry class 10 IoCs

Processes:

84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\shell\open\command	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\shell	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd\ = "UDCILLEPOQZTSZC"	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\ = "CRYPTED!"	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\DefaultIcon	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\XclWp5W9KAI6fNr.exe,0"	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\shell\open	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\UDCILLEPOQZTSZC\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\XclWp5W9KAI6fNr.exe"	84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\84e838af1e1b7d9cb96ccdf6236f475b_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:3376

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
2293e29731e9c3c60e4d6b7d5ddba49e

SHA1
2d8aae9931ac707a3bce38ae95fda4d891114e3b

SHA256
c39be84bf83466109a91a7cc679be43ab08dbda040e6cf2a9a63d6b2bd1fcb4d

SHA512
90b5e4a98bb2c9ea2d99e3b8258d2a5a07bad3e085e713321ba67445d91e9da636b82bfc8692cf63ccdf5f2f65cd6efa04fc813bea99adfdb67be0155a20524b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
db062901fdbb8f70d36e5af67859019b

SHA1
fa011c127794c7cd932cd1c21b91d1bd52d397ab

SHA256
9769751974b2e510dc1d751ade5b3bccfbe8612677e2fcdb5e43e90da59ef38f

SHA512
0b043aab0b726bb952af1d980a1a6722f3427cdcb285427ab91e7d3ef03053297fc47f078b4dd5d886641d9aa541668ea8e2d8e94bb194b38b1e94386c9c263a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
c3dc5d050310625f01abde607dc45dc9

SHA1
2732f1cddbd43f3500f61e144c43a3ae1ef9a160

SHA256
f944582f4dd64b73421eb3cd51e422efc79099394b20302decb3d1ff2b22717d

SHA512
20261aaa75fa6b4bd2669e4f5c25ad4338899098275fb53e3d4db16f7aa1d2e8a6dfdd72d6b072eea38e6317becb444f5525c3fa6071076947d555ffbf4116b0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
3608e0e7b6bca89ba37d510bc9c88df2

SHA1
bf7f6a1c596da156806ea4a592916e2cbaee0044

SHA256
b7e2eb836c95dc1da8080ac2d48a8e571c4449938b16f2794240bbf84912f7fa

SHA512
9de53b6e3738ed3938aace702f6c3b21ff793054723b99af34e4afd31c9a95259fe1fc8a8e7345a18084b93b1a9991e3ba7b64c383ae2127105fc8742e3f9242

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
416f38b8ad296695c565c408786694e4

SHA1
6618921accac17ec1d8ad0e377b6314a30c73c1c

SHA256
fbbaf425b7f24a269a59e4f7649f7f97e436f40760af7455ba8520eed5122622

SHA512
f8d9effd5ddac4a8cd53c3e732e7c7400137f2a7e86b02a610882bca315dacde9e85688514670403526bd7b6101a38401525d29840f72b8cb0ec9a19fb80c430

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
e1d6162b2f38b156eadeaf591a29948b

SHA1
74042e3e8c7daf8d2d288f16023157909cb2c4ce

SHA256
cec2fb209e8bdf6ea8fa1c1152b038d295486e5ffb3fb6b7581ffddb9c64fe3b

SHA512
7654da3d4c33dc02762a9570440aa60470fdb81ee53519d8a2f19c00c0ce9d6637dcef2299b08a81a19b3831b243c77e1f9e3877126f6e526c0735577470e1c1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
f60050c596088a6a0a2ea6c1f7503929

SHA1
f698060a93dfcbe3c28dfd0ee968829880428635

SHA256
b3ec6ce03a30298f2bbd45dd6d49d092cc8f1fb1809f04e3e29654a84e91b624

SHA512
3998b34a6266bb3bede9817115eece0041205db66bed29c958ce484b2faa49e7890fae1562ab00a5667a24b5aab4d99fdc4889cb768f84b38d537ba9e03eabd0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
8d2f5e5899aa3e77e2026d928cca64b3

SHA1
6620f6ceca7394755d2eaac84027eed74fc6d4e3

SHA256
9cb77a4bd3aa5f8c2457607ec4f46edcd42cedc05ad4be56b4a7cb576aa5b268

SHA512
aec87605d238d21afc150c53668441046c2bb7f58d55a43656e212ef22b7465d4a9b6493ba02cd530ac14d68e0e249ed38424fc2872bbaf8071c936051eda3ce

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
b883c4c1de4cab7c745c144a0331c02d

SHA1
f72e73652c72a602a55e8956610dc8ed7dc580d5

SHA256
86503727d2a3328232521a2d1fc328790500a55815046388820414e85d49bfe5

SHA512
f03d4ea1ab7959c990e2d289b41a23b0be7992bfc9f45a45c4ba374ac435573177681f20d6453d912b5ca2fc61e50995ba7debcbdd10c888141a20d9b9d75411

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
2a2754e4127550e8427b6d9e9052243c

SHA1
4d99432ec4a8b664cbb3b188042756c3a6373936

SHA256
fff8b5dfcc0d866ae3bcb3d91feeb62ec61f8a475992b4d9e397fcd1fc7e4970

SHA512
ed73e746439feeadde4229bd2988825cc4c805d3619663abe2d8f00df4918eabd51f29417188a3b6631a03db7e1953d0f169fa30e8c1e4d0815b82731a48fb1a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
8edc77ee2de3b8d85cb7276f6252375a

SHA1
166da5cc92a509bdb65a00b37af1166ddb968cd7

SHA256
fe5a22dbfc7140892a893c27b5aa85e0e32d2bd2dc1663e27ee7c8ed64a9ca84

SHA512
defda3266c34b670bae23cdaa2cb935797f8b9c11be361b428b199ff4e24042caa00a950f91665ebeca0cdf1b3886612225920155efc8f63083a9bdd5c2b0ddc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
450e918daa9a0971fcc6078516ea7018

SHA1
d369407e131f88502ddf89723dcb9762d36b5d25

SHA256
5a8180572f277abde645123f07e7970f28d19b7a2d51ddfe69d02d30af6a24a3

SHA512
5d4f599af8cb139526cfb61451d3c3b179e8e4653db002e3393bb896be1b9af2eab5279b96f85d68c6c78810398664330abea6640a4a482097bf524207a8c457

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
2d4c0b08521819147d6aeeedbe424e23

SHA1
0e767b63c142ec55b9fd48ea0d86eb85d8e5fea5

SHA256
0116d2ec73d0193145a37c794dfc38ca84e0709edaea81bdca034c808eee1834

SHA512
0806b2488058884a87a4ab91d5c4350cd17277965869c7a87c30e0e46f65c389fe9895aebd073158b73bfee5fd392651fecab0ecf5ddbb10908f65b6b194449a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
d98005ae98782d656603950bf842332a

SHA1
42078fe6b3e4755b84291b29d06ca74d86590fc0

SHA256
4e8702f932efb85f9d1bcb0b77fad6e7e416310fece73aa66bff1e057131aa5d

SHA512
185c4c868ae799efb22c655a941f21181815e487275b46a526abd70684dca81e000fb90dcd336c0d63725b41dd5e1bc07406f7eb9e7e47579209f02d4ae03ba0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
9ff086f0cf479a1badc289f6859124f6

SHA1
95b811eb6140f2dd7730d0ea3423567793812e34

SHA256
3b843910266a6d10528e05868bd9434e90fb242dbdc1b0144275456a52e424fb

SHA512
47c9f4464a4739c7aec160a9be202c0d520566106048339e0d70726a46e213477d0113c4f1e8db1b0932f519913ae57481e0920253ef28259001dc056c2753f7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
162add675d63c0ab247fc025bc1acad3

SHA1
a15cdfa6403b41743b2f589fbfe7812f84ec5a57

SHA256
2c4c7359904e1f593f2ad6ceb48b5c927b848193351f3d60a315a2368b35de8f

SHA512
360fb6f9a1fc75a1affc17bbcaf09212de1729a4ea359862a3bfed0bb17fcd10d87d1eab307dae775d4d651037d86e89ecd1ab5d1040a39470daa0721056922e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
c401055f4214ee424773448f4a74a763

SHA1
9d340cc7ef644bddff67fefab2e7b4ea393e2f22

SHA256
1b8a92a53a0b4673320b34e6f16860f49add6fb6fed31f0283508c571a47c44c

SHA512
b1763d8ef742744977dba46415208138b51c70e364c2183237683b7945c7269eb4d71f469e35643aa2a3cf88629d0722084557c7461984d492a0996d84946a71

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
66aa825b65680999d66e0a78d32ad632

SHA1
dd4712a90621e5f323627bb99d9e274ba4adb8f3

SHA256
45f6b321debaa73b1aac8f59ddab517b17931b2e9a1686372c0309dd58dd3e68

SHA512
a6b532af2331af85652a3d7cfa18bfcd51e295663c9ae5ea5a3d42d1a409204f63a9425b20d850b87f8e4627ce0d1534e6af9afb6f117c1b00ba60c90a910466

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
3ef57d7666422eeac21455e10a645c64

SHA1
090c561e8d449f69d1634e0abd0142386adff611

SHA256
9871c6d1e74dda2c4dc14ed440b83cf347917cc12fec601a70a2e9f27e50a2d3

SHA512
e58433ff8de3e4f4c2c43aebd87e8a852f80c993040da52b0fc81521c108f5c9939f29021c1364a3d341707daf874884285b922401fd59c59ac2bf30b6bf86e2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
a878c546badcc7fe3c7929130986a0ef

SHA1
0809998795bcca0a45f42e831b523f571dd8aed9

SHA256
359f446febff229dc1f45f729b7a5f04830a2998bdcc48b1de51635935a5eba6

SHA512
0a8acce913126bfbb5caecc36bbdc940924c259f467d2043495e02ed899deb230269f8cf03f644c63b2c697824ed7d2791bf91882b39cd049c623a1d0cfcd842

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
f195be86a90151bea75853b832f0ad22

SHA1
cf8a1dc5fe4856b316ed70cde78b9b1a2cba44f9

SHA256
484834399c175b8cf0c1093e69b254e6626c5ee5037497807341f0c2aa49afc7

SHA512
19cc3f64f9b21fda6bedc610076ffe95f395d1b321eadf5a65c4e20e0c359ccbce89f6be0512b0a01fc2b2b051594f48a4ca7aa15a8b55e0dd54e4674995dcb5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

Filesize
19KB

MD5
e8037be2697105451f2578dd5c8f0c77

SHA1
3f5a74f4f34720321b174e52abdf8c75e7ed1af8

SHA256
2e211e90eaa4fa983c9c3e6d9c179d5591dc856e2e04ac52f1655490ac04b3ed

SHA512
e0270d48f0a05978a15e3cbb5c087416512706299afc22f4be95316948fddd8f95cacbbcdbcee127e3722ff05bb40f870491d72564393b722f85f6a13604f3eb

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
25a458f514abc8f10ba940ebdfa09f53

SHA1
74c6a57aa61e270765e6880d2a8c47dd4081c1fc

SHA256
f7bed9f4783ec32e7e6f17006e1622bf727756aa9627a64bde85f29120ccd145

SHA512
ffbedc1a85f4a1ac8d2c8c529977c7147058035a12dda4dcd5f3e767206ab2a81ace64f5b56271ded070619569f962f1ea3b4243279185e81fb85ab69422317e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
7e6b03551c7c3dba02439629b7cda55f

SHA1
0eef7ffa3aec1b06a167ec8478e8170fabd7841e

SHA256
0dfb4ce39e04415a5de1512d913d8da62f7736579be168aa9b3cf06112f84c21

SHA512
0df18e161a932547ee9fe15adcd29087fe5c5dbe8d81116f5ddec6957aea7ad8fe8151888f83d37d0429e25e884c425065dfb390c9182d25fe649a9b17972f8b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
7d05828e20d3508d35f90d4872853ec6

SHA1
aa7c19920fc42427c683b9f1e20123ea93148076

SHA256
7751928c921f2af34006c5bc52c778ddfb5ea2cef811b10ccdeb1e0dfd314f65

SHA512
6f90f26026ad08daad86030528d39a27b0f5fd0a6e22178386c264fd1a9057e5e701ad1c2831842210c7ef9d92836af7a20f13daffba0ff2893aba8729240cee

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
51106768ead67ef464f7a02c7b91e2dc

SHA1
20db6243903e930df7e59b20b9fc67362349030b

SHA256
49cb1285066320d7b31f282289f6401679162e96a0f7694cbe9c1914d7224388

SHA512
0c20f96fee04f7cbe5110fcf7fae51b6257c163c3045981978c28d6563bc0e69305d5d2d8e9b345a16445bd01915ca94570ffc0e0ccda373741f11f68080c833

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
cf3e1e38536cb707d85ef67397899463

SHA1
a7612ebe55f9c16ba9cfd44cd8a1a8d0e1423b89

SHA256
afe0dab551b4f7ec3837eac87bc0f4cf96ef52b421ad3e14c9280351c105057a

SHA512
56109c53b2b9e09bd237b5fd89dafbbb84ee39859ac3b526f316478ec4a01868cb128186f4468bdac51fa3634438f217d8c00d60daa75bd369ce4c04e53790e7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
3f2615fbe01b0685e8854bdbf1d32098

SHA1
e40f6348632817d107401be10f2e11976849de5f

SHA256
5ad6dc28dbdc2f7d328e755e245185531e49ff545fe3af29d00ea021ec021da8

SHA512
9a44a606b4293fff93363c423b9e1c42dc83f098c50e836522f12741bfff2f04d4513c27bfade249917a1e222ad46abdbb35ca00f3bc39325c2678f36d50daeb

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
3db8b70dfc1b93c7bc5ff9383357f10c

SHA1
d7ce8cb29a53e819a335c3377517d9714c35ef3c

SHA256
6dacb73da6337eeb487cbb5c7b7ff6bd62ce6c19db4d3b13ea32217cb8caab03

SHA512
9424747f77fb6ad60cba2575fb186ee6d0a817c68a6690bbb422b0b58c62a0af6a5f5c1a737fea4f2e84c4764e5b8f0c7ff7eb28d35775bf762da7b5c5d81431

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
db9e0ba2bf528adf895835c1cb8e43f4

SHA1
a1536edcc95ad6e8a14ec007302aa443d8e37893

SHA256
fe180c7d45f8c28fa140566e2e74d202401356aa7149f18b65dff14771826601

SHA512
32c03e46f769508d0ceed1210c3a95cdac8d0c06365b91326176318e2935b85454b4b550b3a89d3eaee9361419b2988d326ac3922d6db1caab8e684e3c54dd9f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
586135ce6abbef400961bdb5a7d94c0c

SHA1
3381ec471d1f5e1c664d99b9fe84869bd23de3e9

SHA256
6807aad9e02500304e9c60d36f54614b6504b7b0be4e46abb8e63e5fe26e9284

SHA512
1020556fea602d19af69d04ea00f0deb60e1bcbff455f68a771aadfa2663d02d5d04e49522b29fcf78d20fcc6a824198aed8ce1f7b461371e7be481514229870

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
2d241b34de108fa948363c46c72a740a

SHA1
23c2b7b2c4444087783b113cb90e4ec86287f1e4

SHA256
e9e08221c1d323562b5f889a706ead2bdbf44fc69bb1d4e2fc1a2507fb4daad1

SHA512
499e7fb648684c1ef9b507b92ea987f9891af448074107372660bc963905fc6cfa283de20d66156964b93656725d107249fa6314baf5faf3141ad48682f317c5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
8ec6bde8f1579f6d733d5d3589dfd5d9

SHA1
90fd8d6220303a0b5209dff7cd985801d051e971

SHA256
bf9fbb778b2c81cbe9d86ea06c68e73720f7d74990e00f1d30814f1dceab4ee0

SHA512
c4860a1787ae141cff6e669db476208406c89af12ada9d05810826835fdd463205cb24a1bae2bf73b40b073c2baf28438c1a7777043120cc4b627fe428f41ce7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
0bf533f004b7816a490f8b789652a3dd

SHA1
2128a87f423bf1ac44ea91543071c0d161807d48

SHA256
bec8081ec6532ebb9346c6afe6f58822160f353b8add715fe9b34e58aa95a293

SHA512
b44036966372a64d102f3c709324e16074f6bbe863c5e56bb77cb64c6c82a4faf915923b580b08337b7f472654bc2bbc13bc90bb7b0e8177c49661b32f191115

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
1b5c2d24c9dd982d49513ad4ff87c894

SHA1
216930183a2ef7797170a0caaac8d0bd888c12c7

SHA256
8cc1c93a5282b0d3990ce53932065faf41afd9b854c01ed0c70f4faac51044a9

SHA512
db00cce3be93c3760307cafc47dc4db8be3a17a8d5b6d77076464e294cad43ba6448da700d2b0bc678eacbf6108769c7c7fc591bc3d3d12c7bbf177c28cb4636

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
fc7992f5e7c5e143a980c787d92e4a67

SHA1
a69fdee375fe69d48bcf643c81f2337a3645d191

SHA256
c428559771edc66aec2e804c47f107fa0ee171ad21daf62d7420634086799187

SHA512
4d187a64451a24de2cf22b5d93bd6f68042a761efdba4857f38eba258fc9dac6af66ec6602b85a7859c3b5f7e0ed0aaa556dd79551ac2d777b7d96e22174ab1f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
1854c06b2f80b27cc753451132ad7f21

SHA1
7e87482469383497409f234cbc89d4a85165812d

SHA256
2f94adb13c4ee221615c15b5dc0f2cf07e4a8d54effcbcc7ae45d8756e950753

SHA512
8e969a89a1fa73d7af336b8d36a50f6a1d4a0e5e0fe32e76ed6ce0cdd72d01f30455cd99f2e5c2e8a0bc93422bc09cbcd297af4003b8f7073672a472277f77d3

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
5f13fc3de14d02b9b5a52bac87773204

SHA1
dd53730e783f119d9d6a9320b8e8c24966365f1d

SHA256
266076c28cedd6aba41d03ca4f974c2cf8c5bcb23ae3b97e411ec97fd72b50db

SHA512
a04d4e68a690830ec9c20039c8d8f7a5daf88ad1dcbe6459db535dab3dedd53f301080528e82c7aea84eb42391d5668b33e5662f7a17cd076201fe71d274ff7b

Download Submit
C:\Program Files\7-Zip\Lang\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt

Filesize
612B

MD5
b1e89cb1602840cab5a72e9f8027b4a5

SHA1
365ce96db523ec7af6fd133965f59eb1bab515e8

SHA256
d6aa2633aeb94a577901da646d150941253534702cd5757e0dbe24def133e1d9

SHA512
c8fcca52af576c201b99b2f262f7a2875ce862511f28ea97ef1ae75661734da9564a145cf320353c0b1ee1303284321c5f35b43a1494ca3330389104a57c9f04

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
2e5a10b1cdd592f05b9789422dfb21bb

SHA1
9149b7572481fe69eaf049c87b6fad3e22862f28

SHA256
ff23a01137e3d61267c8d4627585de4dc1930e402492707288ad36cc7e1ca1c4

SHA512
3bae8873bab418812561ae621bfa6bf2b160418e17e2dddaee5a68f81397bad32f1b5dbdbe64971992dc52ccc7c2049745f0f3524639871778d04efc3d45c27a

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
5b7dd0be16fae9b16c6c349e7277b661

SHA1
49c51cec31d1d26f10e9d420c74180acf986bb45

SHA256
b1769935efcaca9344e2412d13f2907da55079347ff059201eed069670c348fa

SHA512
b89db529666a285b8bed4562b25387994c029210b3e2ed22c47fe9599587d3f0fa8205c9986ad9ba85b9995363d3b6633ddcde45694a07fb4d102f5bcb6e5fd0

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
8ed3da294d7b7089161e2147fb353a59

SHA1
871af53ac9702c3a05d2b6b925099c842c99efd1

SHA256
236e6e8d2f5e9713a2634dc73a541392886bbe412dd084935d48c0370adc8819

SHA512
7ebd722d7b680ae17698e6c0de7744ec3bbaf664a251ce93d84d5db589afb7117027018c534fada443483617294f1500bf7e960fe4fcb2f82a693847e8a105c4

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
ca4531b620260bb70a17ea73be453b6b

SHA1
2f1e7c1e4457c960c2361cb52e8b2e66dd14c694

SHA256
b792aa4de4d6ba79130eb7c10d8d0fac3524005351a48193c199772e6f07cd04

SHA512
4eb6a6d004939f674603dd3233bfc1302e33b4baceb63680a6fdddbe741d4723fd351849ef774c2fe09a87a21a507e0a2f8c64de0583f1f4365d5551aa7a8ea0

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
d51f8005fc76749c182a460ce9555160

SHA1
7d3b338e1ea2c3c357cb349e502c643c2c0bfd90

SHA256
d7a736ea818e6cc8c5a7ac3351e497c8aef81b57f7d75f1e89e794045e8e4590

SHA512
3ba7848d27ec0d0009527f63f856c955ee92134278db2a1a3b6dd5b008f64d6ebfaee700258a676a6e553b40a01f7a5e7b729dfca6ef85c21749a48141b09478

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
748d6e96dbd816dc2dcf049335bf4af9

SHA1
ccc1df14a0c7a429578519fde2520c569dce392d

SHA256
b43553dd0b09167a3bf7de91b2382245880fab5933d7bb0ce9f2f6b46052cd10

SHA512
f678280729d05c8369b6da10c7ca37869ecfb2a0060ca948bd76dc05113d069629723e0c399498b2c0e8c9c4076efe2a250a989e6d429d544b76fb92ac3e856b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
cc2674436fb4b02cbd0bb4427258caba

SHA1
f3b8730de57b282dbb7f4985bfacb5ff4d50e3a2

SHA256
1c0be3f8bbe3021f07ebaa46a25c580f906950749eb6e80149d14c064ae5615c

SHA512
a3bafe98c7dba6cc39a76ff1dbd4b04507351c43232db0a0fae5673cd006d7328c316a9c2ff2b28c457998a13c020015117f2818e4a22789100a2849259e85ee

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
663deebdc7ebe9fd9beb38003f3c3dcb

SHA1
32bb3c72c6247b5a317ce7e090ddcaa570428a6f

SHA256
e5d973a20ef0e617004e8aac3959c80f8a422bf6c292d67f3341e3db38b60966

SHA512
621273ed679279ae78d3a87e890ec219a873d94ce47feef0680a115ac456953af869386731ccabeeaa1c897b7ef2fdfba16e7299b67982aca343036fabbdabee

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
aa81f08b65c6b3327a03dfb6937be249

SHA1
03e850086b9060218a1e16adcb5f5b1a41d068cb

SHA256
081a4fbef77fdff34d542bb6bea7b611cf8640c88bb6843dfb8c2781d27271c1

SHA512
f843210eda63d0c82397626097991295c7e4bdc7b5d55d2085fdb699cb0711663f8fe465a27aab9f620066cc19da37835214bfce2d9bc618c2975d827d95df5d

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
5809c6a40309006088f7649f9daaef98

SHA1
4ea25459647d66ac247a33b2b49d9d08ac0bbc61

SHA256
b76cdff2595270811f473c407ce0085a7f49e0da9dd2a1a45927d236ea16f983

SHA512
433a7fc28f050912a474b6714f5fe9602e0a735ce926cdba6a495cec9d0c97eb808b5010cbcb26aac477623d0c6232e3af14906b69bb02a157244aaddc9d3e66

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
4ec5221479cf9ffd52a642be56efa43c

SHA1
a347241d00c1abeff4075f5f139ccf6557bd5716

SHA256
198f42e92a7eef74ba8d45ef2c802c9bd2f1313d6ceed50f8f08bec2088a50f1

SHA512
16574be4631b5e1879c09a0ecde01f4faeae7ec0490ab0a80b97a95b2c81a495780bedf121e4ad406ef68b3c9ba6308721dde7379798ff29a62554c87d72c88b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
5be52b55039ac2fc7cc9f5076a84116b

SHA1
b379ef1fe0272ff0eef36fa781ab0e91e0a6e075

SHA256
1533e5909e77a7726a61424eb1e3c16c4eb30da1719f25a3e81dc60bfdbb9114

SHA512
699a9247e32f8efe0e91ce5bfc398fc3672c9c976273f62856cf7e4e60eac9d6911fe2cb42ae3217418859cd7728a036b1d9455d1b8c5381c0565ae0426fd76b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
138774a799228aea30cf371c7e07bfd8

SHA1
282a0827701c0c7012512358ced4eaa73494090f

SHA256
2da8e245c291b7649146d658f8a25cbc801b6f07d99196f76b4bd6496598f4be

SHA512
1a1fbcbc807d243c64eacdd28bd654b712d3802f0d5400947ae949aeb28d6d7dcdb9d0130a10be6fc8a2eda3a4d6382ebdec36e94a4bcb40fd762733482a1f3b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
aa1c537ecc6d38f30f96db6575482ebc

SHA1
ffcc18b502e92a2e6936dc382cca6654b35ed118

SHA256
4a6a98cdc8b2b7c404ef8bdcad75dede61c03af08fcc75896dd7a98b986c2923

SHA512
d19e9a2acbbc4373c9259e34481890fd9d424cb2824b096f6846b2bdd867adede27ba7a84226e7e82b67dcc1dc5588f604c6bdaab04e6c1e723b17796cae9467

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
a28cb4c50198cbb3bafe6d0507664960

SHA1
9fb6b14b7ca89d93970dea864aa873fc339475f3

SHA256
642b35ad5567dfde680b3c0caddd4d1000330ff376fb8eccf0b21b12ecae5532

SHA512
f0ca82a6f639e30cc30729b8a432866334a5a88ba1e0a5f48f28efc9c499f6a770c8fedb55e5c5d5c5ac4055517b6817d2ce4344f045937b2328863fa3339d7a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
af8508ee18ca3da6a8e5a3e7c32cd146

SHA1
3e4795cffe57f599db2103c048502bd4d61d0d48

SHA256
de6aaa2216b1bd177e0a26e15e35e7f6b390cc8a9edcb9545b3b948638554078

SHA512
c28ca56a22ac24d6c3595c7c3e7c8cd3847566f1b4e03d98dbaed61dbfa2b8d4be87dd2c9b4f0d0e584854b37215a84106cfb7b63faa0820867c986ea032a123

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
4286b3c9ffafa6b547e9df3ca0fddd54

SHA1
9be7748ae4317b2399abbe3290fd49a1d5d459cf

SHA256
fde3c1de222c9e99fad7da53f4da6ce58856c413d3b9154127d95cb2b26b8a43

SHA512
c0122d5ca902dee2f7b294ddb0cc1bdbe2263784c8b10fd32832c4a6d46dc2b83cb4a6bf997fedf27e534357d119f7a5160d8d434e1482cbc396420b01899e2c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
d8022cfccf6493962468d22579a53f62

SHA1
f62ae2058a4ce4378f7efc0554ac8e1a5f874133

SHA256
0be809fdf1729dc45314646db995497250ce6b2b7f80e0823093a9e2c7830fb1

SHA512
624f6ee68129a9a6e68eb93444573f2ad89487102caf6b0bccf5df8b47cbd1f49bc440aac20757de1ca17dad14f7099214903cc0e2eb4209f12cb6bfa1a80cb9

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
d76e85b2b6c3f8af0074d23b27637b97

SHA1
d09853c5259e488fc72ae26c9a7d3dc3cc80db18

SHA256
21393ed3540bc0512c95766c258b9861138a00b16e35629fbb9ffca4d8fe3b3d

SHA512
591a9bf024baa33e3020e56ebad691be62f3f492698db312750d8b69a273b9baff2fb3e8e7a5896a3069abfd53ed1fd4a43ec8292430e29609c233b20e9c2ee3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
d25f35c9d63334e37c9f951513bff782

SHA1
8487a2c802f5a11179583d4b91e005531cdcf9e9

SHA256
0a4bb517901032708d06a9961c4b781af44e9d15b032a1d61559694cf51e94f4

SHA512
aeb45c0eddcd48f2aa11c0fb4319be22772d87b65234a85cedacf259c26d40e586f4b6b16d5897fa6e966345c25bb83a8ea2158053cf6b9c67b225ba13e186c3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
eeba3f2470f944086f75d54c95531661

SHA1
1a8b67106c0dea65ecfcaeae1a39b870de7a0402

SHA256
3a1df9805d0a228246231d54b59ad9eaada01a66ba339777f8e61869f8bab5c8

SHA512
b88fff565314da3cc21fd8b584608fcb6471e98b60f394cf0a8a026ce7f9613a5b629950e8438f58254720acbcd8e913c03c31d0aa25429621a9b840dd452907

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
1d0a63d9809465a46c7fb01656856823

SHA1
c997760a9525a0e1ac3466751e40e12c879c775f

SHA256
87a34a78f2641f1cfe199ba125822e74df89e343c2784875964e40db8d7d0ea1

SHA512
52e44c4f2a9cd12c4d24dc9e6554ac080bac317c53a1361326230744549cad05f019d89ced29d37af60b963143c9d29545e94629b7a0582aa8b76a91deadf703

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
9074288ee555d8d6e9c008b6fb8f37dd

SHA1
f2cd9a7df721d5b3ae4fa6e8e7dcfcffbddac246

SHA256
392703e7fe28a1d60e5172bce4ecbca1fc6e09c3ac15e4441d8ea14c4dcadf2b

SHA512
87494f0cb40f9f4bec5b4625e25446717428abf6bcf59dee880b585891196ea2cf9d355685aff7fe48c4cf0df5f97a7369a51d71934d0a8b4ffcb2fa58b12242

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
154348b2331477ebd95ac6f004d58551

SHA1
afb5c10961abd76c9a0e01c4b0b22328022a5e14

SHA256
3d0645923a1fc55e6bccdb45d3c938623c198efff19247bea3713dfee9ea7771

SHA512
70627c9e2d64c33e21b7bfbda7418ff4baa4b7fc2298bc79bf0c0c360b5b8a086b01ebf2a9639a2b1f0490976150888889e5c98bd8134d8b8691250904fc9caa

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
0ff3aaaae1ccaa5057434276e03e52d4

SHA1
b496f1e17d9383ca3be28b479f326c153b2dd1a1

SHA256
e98ebe5713c5f7a6779cae7274d941af90230a8b0f677a2a82782a46204d1043

SHA512
056fbee2437b1db71dc2aa15e6ae7234621624b45f8c29c980ee59d7d70e0dae612bee3ed6ec7cddbd60787070ce0e254e0cd0f4e08299895e6333fb8c3c68ef

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
e6da400bb55a2490a327a6d76b7bf8ec

SHA1
138395b299ce4969c94428426682ced4b91963f2

SHA256
4225f1e0dcf6e9f080555d891ee01bc5a7130106bf82bcfb81aefeab1de1fa2c

SHA512
7952316a9de86f45c4bf2af5bdc5e4399242582cfb39f82bd8dfdd7dac60b889bb63fc6326a2c377a61bdc9763e2b1040d0983daa2bf9d0014ab0ede5955a4bb

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
16e8ae431af22c4d7795250fb624b29b

SHA1
ac82cae317f8381d2be50c60fbbcc505368093ea

SHA256
c98eee0c20b3a545d5d5fd52a50c96b8ead90c61fa5920f60deb234b90925a31

SHA512
5d326fe2f5444c002170527970a9bbe22e5f37e55c7c14c2d1c1c02bd159c55f638a2a5dd8c12ca6f19b5f7b3dd08a85a2df28ea438a43bf2d002da7d5d2b7d1

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
f7189dae5eef0c4cf97ab03a8ef44898

SHA1
67b6830a778b6715f0db0f5cdf2df68c71170f1c

SHA256
a95a02ee6e67fdd1da2b1124bfa32820e10138d608660314b5bb4961181bff64

SHA512
66976e21ffb3bc42fb2c95e95864bc90988ad1cdec73f140a4aaa4cb6089ffcad29e81d141de6f33f58a596978f4c7138f1cf40b108352eed30403d189fbd896

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
ac5c6843196ac957c262508bd9f5d243

SHA1
f83b4d2e739969c98eba17c5c1af6bb8eb2bf929

SHA256
164f7c6923e0c240bb5fe538c6ed05f9b646c40bed4e3915e1d41e65fa2bf719

SHA512
8650f771cb6160501b50dd5d55ef7bac205725bf2f712acd1f2f0e38ca9f8868e9640c1867bef5fa3b3350cb4407d6040058c60f345a2ebb8af31ce212af8fa0

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
4049cc64a88a3cc31e0aacfed3459a3d

SHA1
ebbfd5915cf236b52fa29f1530ee7782d498b066

SHA256
059f722750366d4ad5cba7ff2eb5193ff5a00068ac03f6d9e59b3aca42db660c

SHA512
e33bd83b25513cb53df48068ab01924df199f57e71ab01700a2402770ededd7c7a13b2c6a5a2383983864b5aed0e96f13c36711ad522c4b1c8944a82fbd4d9da

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
88a120ac5ca00b4a01cafb5f987588ef

SHA1
c4ef769f89acbedcd012b44e58e9a7253ed7eb9e

SHA256
69fbcdb000140d0463dbba926258ddcd76643f9b0992c8cdbd76c0ad652c5a57

SHA512
e2b63584a5f86df3e0fd9b6184c211730b44b5c9ac05746aa9f2843b0a3ccce535e20dfc9e62e2cbd357e1e80c431825ac382ac63bf465875e0f81797f6de3e1

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
ee45db3874099d07f9f9f801e8230676

SHA1
05936cfc7e8d08dd3927fd13d6ef5e9bbc9e888c

SHA256
86c58dd94aa19c24ee5f0ffc46706045d9a7f5cb68cce94bf2eba358f3b6492a

SHA512
719fd35bdb74a8d5668143def92e4ed07652231e253721c31b19d82fadfb6052bf3b0527119ac90337819ad7f0196f1396726fd0d8a77888a14cc16c6c76808a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
64f5efc62f533d96225d3b434a788187

SHA1
65208eef84638b2ef2f547e9b062b2ef19872acd

SHA256
199cea5d95924b93206845578c70edafaa549f0abb747fc6ef598312bb924e28

SHA512
570493b195c9bc44e79fa59dff4fb389ee58a1d0a970841c718876c9c07e6e9feca0c5d07d31f58a2c94620d68cae2db6db878060a456557897b70b85f21cafe

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
42a6cd6f8d02652a0f93ff0a00e06826

SHA1
ce4f86540bc0d45132b51d777cfb3552da672060

SHA256
5fb0654a161040a687ed593e1d5ab1a50e5fc0bde6bedfa091a9c537d737b054

SHA512
60f5eed1509d93457794c05cca0a4de0862519852ac213bdb5f8e073efca231efe75130a42ddce45faa057b5d0cad67784b95a276edbc02a9eb011dd0f5784f4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
0737405a688870db58e093aefc9604c7

SHA1
afd4ea1932995e2e914b0ea8caa0cb53924ad158

SHA256
ecba3a4b7166a6fb09bd29bb15249456d4c0f74fbabe0accd6cd1c126b57f715

SHA512
fc51daf4066902a35b69e60c6c32d5ab2f6abb53067cd013154193eac25416562d73658496854a52cf8e385be7ba3d1fc03ccfc3b7b708230237a73560de9fbe

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
9c53f3ddbcd2f61137cbca58e27de686

SHA1
15d926866b4b11ec7c9191febf229f656a81766b

SHA256
2b1752f3f967f1bffd94699b6d7e86fe4b6793f6e66dbee4e8f08a6a268ff745

SHA512
1cc6794cf230b76f71ccb4f47aa1668c54683415e8979b8fc5c0fba9626f38ddcb4e54c20384d136a65be090c513fd938eb87477013d68137ced37ad8f966788

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
949d551c38eb8a4ecca5a99d19139b55

SHA1
5c6ebf9d035d148dfbf2ba246bd6fe8588987e0d

SHA256
e24aa9625da6cbdb2d69b8b732072876285cb58a3dd24d1891a15b8631e318fc

SHA512
a7e8c89e49ddaee2a28283a9dd9ff60f0923ee604f65e574dce1be7c7cc9b6ab7a5787947ded8581921484608623c4830d74e5633d234be02e240f049e50228d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
e8d7350e66f5ab36aec7877e856a2ac3

SHA1
9e6a703e149e756c53e0a66d3b20e699b3ede82a

SHA256
2a7902d6f1ced1db600c2b97216cf07c6940712dfbbb3374343e3cf0cf2d7166

SHA512
f4a2e07ee92fb67d26627fe30cccbd879d9344a3777975cf08aa3b70dfb3d35d2bfbf5578b2c883eeebe8c81b7547871d1df3769e88be5eb74676fd4c3a3c09a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
b08183fbcb0e63e5d71431c0f5a3c897

SHA1
df958b01088fa2691184e185e49da18813bcf036

SHA256
c7ca587e30df3f582dc55a7d5808c1daebdb435a8eead442e92f4c83e7d67926

SHA512
141b9867b5e167d44a58e383550ffeec1e70a8484b926bb16372d20b92e57d80d04250488fdf731aa380047ccc11aa30083f7f9cb75c6745a2079e3f32dddc0e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
b8fe381a3102a2228df940ff5db7e70e

SHA1
dc0d031c358efdda679a5f68ea1026ba529d4191

SHA256
eb61b322c34284e2e289d2557c20e8f4ccc231b22c6963ed40f354430372888f

SHA512
7e66a815d88e2b39f62aa6c68efc0e4757ea21881b4bc335e6efe0f18ba88653b7905559a6d15a934663369d957fe5f5af8dcafdbbea956868dc3125a20323c4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
cd59f96f42145afda52ee8cd349acf6c

SHA1
28518fb8e83a11b4162a73f825209fcb04a05f38

SHA256
1c1cddb0a9b9ca37aa0d7a194e1277993fb66240615f055f63d339053ff3c1d4

SHA512
9c476179eb5d92bdca633cadf5bbbe545a95bc872505a4c8180e828bbe4573fe4f806f530ed411b7f42280cfe4436c6884ae64cbca329e4c5b1bf3eb243f663c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
1c36e692c6c1f6363b115073b90dfb77

SHA1
a44bbd773d016a59dec56cb518a1599cf73bd10d

SHA256
512f2acb7f2e1e08407b4099bbeea76fab2a8a9495599f2348990a8882b60012

SHA512
2818afc7d8cbccc354873040afdd3982f5b27d68a522ae94272de4e4f392f47faa725d9427858628710fb657aa077dec1c8dd4d7fb63f3d60229f72a7328d83f

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
25d923b21e22a8320ad4d55fabc2658e

SHA1
454dc8174205e309c387aa41dfa8f6c6877dc553

SHA256
7bf8a6314643b1d29ab233670def8c581ee87fb63485f74f4dce1fab919d538e

SHA512
19dc85e69b4a401aad8c974ce9ca8ecc9a4ece2becca1df51cefa9746b74195dc0be3183714d90c7e96e5636c79c83f9bebb87ca07a72143214af3eb2c939651

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1011B

MD5
789b007775b227ea8b62e07183298440

SHA1
f8abcb9f21623ed6328c9ca55eb7cfded7539a7a

SHA256
1cbe53794fe2d647a58592b3ef588b1ee55269ac8fe37078c42c9eb92bb21faa

SHA512
c6a3aeba17e47115aa5b5fc9b24f446a569e74bdd2e5d102f45212b2eb4bed6adfc1634d98745d2b6648384b320b6907340785ebccdaf976c6b66d7f6db836cb

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727662721799026.txt

Filesize
77KB

MD5
7be117a6dbf92abc7dce0ffcad2f21ab

SHA1
ebaec48e2e065a8e2bfe673e95eb2951a6c3c912

SHA256
3d41e32fad83fce236a734059e91ef9f28dbfcb30dddf111fb86baabe240d3d6

SHA512
9e99c9feb0862b31a0774c742552fe9c6e80e0065b890073c54f8a0b09599377c728bc53ab41c6023c81b796405507e842a08f242817fd9347f2fbe5e4abee15

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727663191189319.txt

Filesize
47KB

MD5
23ef2470c87136ba9a4b777fd7aa525c

SHA1
a203e4bc4f73fe4f4bae748ca048bbc18402a71f

SHA256
582442db8f859949723022d0ea5795877024b0d1d922128929cd6f574e2fc040

SHA512
41b0a1e415d4992a370619222dd51621b1e408b531541f671f32258888fcf11037cdd39454e3586cbaaecc88c51de0fe0e194f50ee4ccdc4284009148ea0f410

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727670188807600.txt

Filesize
63KB

MD5
42cdb5511ce7d742025ee6593db0c599

SHA1
0a546bdce4311ade0371ea21077b201a3cf5ad00

SHA256
8acae9b11226c291ae558e35be60bc6fa4931ac9a227e6bad2431036dc36890a

SHA512
02ce942c5a3397db711c9ce39100fee73503e67c60d44f1f2896a51505aa87e3f0ee9090382cfae3304f250f78891ccf981074dd053c424768ccd35984a68360

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727672984949051.txt

Filesize
74KB

MD5
474b50ec04a5b649856163f39ed37983

SHA1
231910e7ca3e73441973cfe8173662e62297661f

SHA256
1de7c9b539154d5106855e4b5587daa94033dadcad4725a0634689ee5a18920f

SHA512
5af51eaa16a23014970567fb1cf81c99c234309e7d3763a7ea116ec6ffc081f74970c1fb14509882d6737def2b2ea4861bb4ad70f5e90c0500c1f2e3b137f5ff

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk

Filesize
407B

MD5
5c37ed692d1a144bed4637805ba816da

SHA1
27fb6a4a77b1b5e5eee597ceb2c1383c834e2c9a

SHA256
031409d204e588156667b6680f2c3afc72f0928afe4a5d4c63a4db10755e5dcf

SHA512
954b72e9f2f2aaca5e2a9f57e0376283aedcf8b4a60d70c45bb38a06e39bf6b2fd0338014aeca2b6812cf8b81ad2ab265066c8f4a2393910738ac939c8a24ed1

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
73694c2cc2c38f4c53e7c14a9bca0e4b

SHA1
a66dceb7e3118acc59e10c1fc1bc6236308ed93f

SHA256
0080c1e34997f178d5627437bb73bd0eea5caefe069f68003dbd8b5354422b63

SHA512
ca094cd61bb7b5ee228e559324ba3c5917dfdf74b0825c70580caa125fcef288eb1386411d9f208204d8063a036137f1f12bfc807fb054f1f33f39c2c6bc7525

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
f2793b7665246f8c3a8b78dae1d34adf

SHA1
bfb8450163d49703d50a54676e2a793f168cf01a

SHA256
1933abff1a607e73c34ee4cd7696359203091d80d677edaf132dbb7a4f038100

SHA512
c7b922a60a3f08ed32e56b4717cea630659af1bdc414c25df5689b9d14c4ee100cf4348de743844ebd096f945cb0dde2383a773f3a03918fd28563a300067568

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
4f9b0f5125261e883b99dd7292a19de6

SHA1
12b28b2c16f74064f5274ddfda607bb0d367f783

SHA256
6f088800af995a74d533f21850c3d585dbe25ce452330877ecb4b1aef8895964

SHA512
c11882bcb6b4c4c30daa7fb972ae372e43bc4b054de073d8fdd1dbfc9d2f1eb8260141810741d911dc9c104cb5b7a3b7b54ddc1f94e3a411660757b2eb1b7801

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
bebc0fc167b4241812666fe8b1b85c54

SHA1
22f3036d5ec282b60d90ff21dbb3bc2dd6d4d1f1

SHA256
8629f791f11188c17515a30b0591f6159dfc8d2f2f56cfef2ed6800b8568869b

SHA512
8a772e005393a47db2e85086911d219c5d1db0b53c127add9d24ff3a2204ef68334f65f7e0ff15e525d20dcac366c0b3c0525977d3b5393d64bb00d36e8c5a2d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
49cf41c4d36650215f13d18859ab87a9

SHA1
959fef7cad1228a62f81a2f4e32658c5c001858a

SHA256
752fe23b08546dff5d7be5115e6d8b8309b9367759f1df5fa761446811db856b

SHA512
537fa6759a24fa84d9a9b2e660c1229d2fba9923485de530888cc63dc8e966bba52737d97f2ab7386d54372c7bec5ab0f259a7b5c01d9a98ee270fa97f6840d1

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
d62083a5bda49c670148ba33511a48ed

SHA1
dd4f745b61bb0a12f155918496c1b04608e3fa66

SHA256
2bf0408fef9c0e4e57100355330c799dfec60d380be093f64ecf8fd65de3f1b0

SHA512
0de05d6a575da2e4bf2520f09950197ad50394981871599e4c8af53b9c31d3884fa56976a716f38e283fe74e7013e52d3345202ade68f6e94e708f50743a9612

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\deselectedTab_1x1.gif

Filesize
61B

MD5
72046d9ce2b319185af8e439624582f6

SHA1
46fbb2926f66469ae85f39082fb46dc868dbedfb

SHA256
fb5859c33f7084e9209e94206f2a1354c4c466e56b9c8bdca668229b2fc713dd

SHA512
17724e6706666ff62dbe233e05b299e52e96ee83685934702204a80c582df11fd18857adb2621f6933104c791450348d358b77150ce739cdd3010f0a4017585d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
eca3bd06305e340d106c3eb6458e0dc6

SHA1
3ca070ff75de6651b48a8fef78a09824544faa68

SHA256
b3c1a74df08e5ed2a0f67d625cb53eb34f610a8b1644a613e6c6ef0b537a9c10

SHA512
060c2dc4987d83ae3da4bfe7e643e28723538d4716d03bf3e9ab4f1b1c5c8f7cc77bca069363e7090145cb8b3a9c2a9b059f85d9e718f0f10823f8f7563fcdf3

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\gradient_onBlue.gif

Filesize
90B

MD5
b5ca45fe75d7640af6e76a9ba508a789

SHA1
b00f53c5462ea99f5ab6e90d66dadeaa19215f6d

SHA256
c6725adbf4fbf898ede5b63443f6af6c4f54ee68f2fc96f604d31aa30231c582

SHA512
f92c9a82cf3241c5bb54eaa65ea6f7da2bcbf88521ef5e45a491c160c4cc70b1c591e7a76194342f2422ac4ba79e5afe6d9467ae52a2a79d0901ac98c9a31f2d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\gradient_onWhite.gif

Filesize
90B

MD5
28d2541d78d041dbe11032c073f66e71

SHA1
a9dd58f679dc3f9314fe7f625e4af690e7547586

SHA256
31d7757ebd3ec742093c713491578b04628312fbeb6bd40b41ea124c942c0e14

SHA512
bc2c6edefdfb160dd791e1629948a20c1c21f7ad850450d0a741cb0d961fb1d6d01fd933090235d705aecdcba37e5d608d80965205597f90e0dd9bbf6b1ac83e

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
68d8f1304e53afeacb25282bc4bb6514

SHA1
f4c1ff12c90500da861c0d11d601f01b8955c9d3

SHA256
1b4122ec2fbfd1514c7aeceed51ddb95f7f98c2562eb168a7b30240b9bf1a5a4

SHA512
b6aee996e60cb167774a064f215991750b5c1095d045f1e44efaddae94d76f41f6aa18e7408012893e6fc546b5ed105120e6eb481bc6d5582318b127a71782d0

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
5d8ae7bbd9146346f666bb6b851ff031

SHA1
81324e7d6d3a024143eaa60a1a99eb853bc0bbde

SHA256
6d2c3e5255674c81dd8773d3d6e7079f3d52a041265ad61edcd81d50f8ce870c

SHA512
7f86f0234a3f5ab475beb7dde6172fe83df6a2c6f3403e270462ac0c2eb0f186709076c3a2e14de6ba38c9c8df83e92be1ce2f475ec63ae3ee17f36fbc4e298d

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
c96d636d51313865177bfda5f5064d7d

SHA1
c8e1a6da84801fd38a80c5aca46d475c577ff3d0

SHA256
e05badabc4d61ef759d2222cddbafc02572d9a57a0ff8db578c1159351311f18

SHA512
22bc3555845dde78ee1fec95439fbd6059761088dd91750d7db4d49ec52a8d805ba8af921666ea5b52e52d91e289b36df885b01a608a6d9cf0ebe98d38a03ddf

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
d1315c98252dc6598c6be422fcef6eb5

SHA1
9dac757509b3b37eb5c263aa0948dcb8a439527e

SHA256
0f2267b6661da1ee4c0656d45a8824fd89ea068abe5b8f4ec39475e5bf9fc207

SHA512
a15613f73c38b35abacbf05ce4e31de3073f37d647cec701374f74283b3297f16f4b134ea5cd7432f7018f498d87367766367456371c3cffeb9ad35a174def4f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
6c7c4cc35baa5197a008c6c793a70a60

SHA1
615b29a0672d3a397fe7a3f91b8dfcd2c270ef0e

SHA256
b78d04d40e5b924063138c1e0e61f95c4480a28b6005fd64e90db37e34fa9c31

SHA512
b0326b25ca8c8d8b41c1b00ca419bf2ee955739042234759f6e0f878f02223fa66c507c0d5eadf8b7c2a2f5c69bfd27cc1dc007de24fe0e9419f5179214120e5

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\selectedTab_leftCorner.gif

Filesize
65B

MD5
88d2669eeca06adeb94ea513b26b068c

SHA1
9a72439d25c1d473a56c9589dfa6f212c357b652

SHA256
0ce4c066ac75c3a34b5a6da2f4eef9ddbffefbf5350ded9adf3d52963aee04eb

SHA512
ea3896a23d54c3f9bc0f9baed4d50408a503aee1fae7b25477fe4c15de8f5fea28f6b42e87dc31d021b9c77b55d1df3f0b9fd92e5a98b768a2c6666b1814dba7

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\selectedTab_rightCorner.gif

Filesize
65B

MD5
fd12b5434f0a726c16e0f936ed10a557

SHA1
3a0bd8f2e52a3f510ed08a85aa25addbdafbd0df

SHA256
8f1156d8de52770e7c13953db36fa8b8f3f78921f0548d90d411d36c6c324f55

SHA512
b3ea5ad22e33f3ae635d74b37b44cd6ea88a84a3ea24a59bb19643953483068001227d46a8a41a2083fad7357e8eb55c2995a0f19a5a6aeb6d7025412288be5e

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
dc18e6abf9831c56912bd27086fdfdcd

SHA1
b81cbab69b74de16fa6254cc60a003d6df712aa4

SHA256
07a3140332d0bb96996c48f7db38121793ffa8fb2f3889986ea7812180e0700d

SHA512
c6b08969bd4aa90e2fcd43ddc40a47a529c1b2a9d39c1cea174545cedab9b8c16755c2d8d27c5e5230df1a2ff99dc149b3303c4125d051c3bcee24fbda65a291

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\unSelectedTab_leftCorner.gif

Filesize
65B

MD5
51f6e5e27135a77521038ba58fcd8657

SHA1
1ffe6c12154e2b09ce51b011056f1a49a858b8a6

SHA256
41be78bb26f84d4556a6c15ab0bd9dbfa7fc21f118e5b6e9afbe6c482e551c83

SHA512
a041c0074a733d6b445824acc7ca011446e623ab1be7eca0eade62170025bddcd460464ae53b15035d281a0a57432a37878d37d22204f6463bfd93d478d3c92f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\unSelectedTab_rightCorner.gif

Filesize
65B

MD5
85812d30d5f2a1ab7d98a21956ff0a68

SHA1
c15064a54045b65c3274da9256be83ea0ec07318

SHA256
b8bddd9d408f08c7a29f72414cde78821c652ac95ff67e42c15e70435eed19ff

SHA512
1ffd5df76be8ed11390aac773522df86ffbc3d48f81e00f18d3521905411bb83fc0c7dff58e423304d8d56a1104b507be5f995e713be913ca4ddf63ec86731ed

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
40e2e213542f1daf20b5f55766dee53c

SHA1
aa4161bfc0bccd31c94926f87d381ef99a10129d

SHA256
f100ce4a8d1da029b0ecbd821a57a7ad165fd370c450f015a347282752cb1b81

SHA512
1005d8516e62473de37a2f58fcde5f172c312e3d1037725f105fa0d4ef1a536c4629a5204a96431b8f36e63a2cf908fd761af7ea910e34092fafbea82f5a9957

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
ad9c6aee9438c5ffc6f573a813e8c9ae

SHA1
3f687691cf85642bed690a70c237a7fcf9024a9c

SHA256
f5faab971be2c7c2d81d634fbd38ef4bf650f107507f54c9ffcf5af8415cdd97

SHA512
a569a1a851576ce70035be45d7f5380829ff30ab4e1064a28d2d27416a616cf34f1039f0147d9b10ee0cb51840afc8cd28a461209f3e1efd3b956cccddac68a1

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
cb42dfa1ff609095b3d788b4aa5eb4a8

SHA1
d9aaa4dab44e7c4d47da2a411b4a119f023baa67

SHA256
ba558ee96be101cb7485e4b3a69eade7096949eabe6d3af9876d5b6035db3eff

SHA512
b44665cdb9a444150950890da5adff5eca7fdc9bb6e470d30fa92d1ce5e262c3d95a1071c901632d70bac3de0772002bacf78dd020857aa926ce68c198729029

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
37046da1a985e2f22d52a0251df7932b

SHA1
fdc95cb583e98f0a5d2a62c1e7b13794c4a6b224

SHA256
484999ead33a717d3cdff5738bd20c98c60cfbdd86657ddca96709b04448c94a

SHA512
e16eb64788627eff7f775fe542a6b7099156bb36016165dc33226902cbb97b2bde6083507c0e222074b8130bd22428c6883e147085c9703190aeba0a5400e41b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
78e4ce439c1938adb9250891a43dec13

SHA1
17d33f1972c778466fac1858b2ef2318e6cfc0da

SHA256
13ee95b6ff9baa7202874d4b122766fe08b34a0419764815326e74135a3dadde

SHA512
a4d4f997dc1bdaced50a800ed2a326e29424d463326c8bdc32b3860bd83d812586672f07e805730667c0f90a5c2a3bf11b45203e560f751ffae2327c49b550f1

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
26ac658f7aa2b88db45a9b08cf0958a5

SHA1
386769f0c824caeab8c30da438de6e05a557566f

SHA256
a124ca4fd3dae5a64520fb2b5e282f144d492fffb30f3b8ed4292050e8274d6f

SHA512
eff9ac3defc63980d54b015abdd28d775cd4bb9e87517ef879e74921fae0507d8909c74f0ff30fc6a92150e0d4b4e41f74bde2daca4acd009e6ce28f7eecb361

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
005ea6be9868447493983d4441ad00ca

SHA1
e09c8e422dadeec60afe2dd7fd9b17bee56ca1fa

SHA256
6edf596368ce3b85eb1e25ccd84b4cade497c87230ef043011ebf673d412a4cd

SHA512
d1a41686a65dd7e2b8a9e94e537f7f2825e9b4e6961413df1c463b98605ca1c98926d3c70b80b46535d24871a45a6d3553a7f4356dc9a94eaf2bc0d20817b0d5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk

Filesize
1015B

MD5
a193b6e57654f71c98c1aeb7da63b971

SHA1
639fc366274f328b7b776955d6490ebceaf4b596

SHA256
33a251a51a10922d993e015f5e1dae38ffccfeccde9dc05b82472aea06316290

SHA512
4204f7dd670399eb706e653a630753626ae1c95107eba7ca4b41a97cfcf8726576692cee85b0d8aabf8e6136a5e55e79c7fedd69d17ed2185a76887c220fcce6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk

Filesize
1KB

MD5
e6891fa6a65a4470ba1ea0bdf2b978a5

SHA1
cd17a765f2bb356fc2ac4628d4a53fc498f97db4

SHA256
321aa4f5b74d871eabd896ee7b71f10c77d4c40e844b7da9aad28832c333dc75

SHA512
ec11cf51fed5bf42b196e17ea18f7d7a5f724e6a85a6c70c4367f561c054e82aba711e76bfb1a0fbf9016dea0dced4d457e61f2168402d09bdc21ae15894b064

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk

Filesize
1KB

MD5
90d84a5334bc97b52a2a58908b1925cd

SHA1
25d3a145a3bb4b48206463cf47d82c55f43435e5

SHA256
8f27a35f6c4674237733a8725514430c0455ea408e2d7c4978add8c7f84f446d

SHA512
30289d087ef7c7eea10c24f3aa2a15787aa80ccd790d86e44cba8c4f6f5d4fdbc359b1e6988b91bb411198ed175ba6399383377acc789140262267bf7526881d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk

Filesize
1KB

MD5
15f21256fa0b098934bfd7d91cc5767d

SHA1
b1d40e7b211c7cb20ec5c2ad8cd666025d1be690

SHA256
2483244f88ef188c44d8a669d81675e2a9237005a4903bb29a21e7d76aab31a3

SHA512
66e569e983e0517dc376c9ed704e2544c0f868207d5296af0cc72acbf51a707d4b146c06b0c0a0b6746fe094fae74c47ab56abab080539a1bd25e310351743da

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
9fe923e560d341ef4a2a6a80bae6f85d

SHA1
4a8d06903aed9a31e9a55e8a7884a1e779a30560

SHA256
9ddc7bd8e8f7678f3ce0070feb56be903e824904315e5fc05da8ba3c37267f27

SHA512
7a0b4a71af7c68d651e8aefc1409556f6fcf4ad3d2e5ac82d1be8c003b1b7cd55673966b20cdcc8c9af4564ad3cd019990b9e45a1d3a4a4e5f8d6d74e410acb0

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
09771d02d3b719fd9736791cce757aed

SHA1
aeaab532bfde6b5500d79977054827fa95887844

SHA256
9f1a3a441dc8bc99d7fc7c7e6ac91f1f0debd1914569f68d0b7156d311d4a7b4

SHA512
c68225e917645f002e9f3f6a69c58e4da253a4d53f7f7eff8c55fa0f85851b02f80b01fa378d7f220530f1d61ae427cae60c8ab44ccda0c38fd2afe63bb0d43e

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
adec697caa152653897ce88c0638e473

SHA1
cc7bae02f03fe045e307012c0688d7dcab8619a8

SHA256
a96c19632491b97b32c3969a8b9aa51cf7011458812b2a61451b866efa8a27cd

SHA512
011fd7a9944cb89e6e6247c0087e0d2c7fbd63d9888aff896e778c0f2cd9f73319b6f4ed1ea89950fb4133bf3b12e546806b83c05d0cfd52c678eb546389f236

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
69a9bccedf1ae0ed882bc011c774a6e3

SHA1
dfddafc7f0d23ec358517f8fe1b837f350107a6f

SHA256
34a2bc7d207a8723e58bdd94240bd36a702a2622a4fc6b6c5677bc9baeb3d112

SHA512
5a448aa3b17248a3bbb034442b83ffa3955d94106346e48ccb0e23caf6f43ba83029cb3a3dd4f99f376c1c320e90dc05e2046f138a9fd9850f64f31aea2e0ab2

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
67f5f70953f9de4e8363549a7caf3b9d

SHA1
135aa4b1ae62d9cde5970d901000b77eb58a1030

SHA256
8cedc114cc1519753c4ea79cf8675df104de9583c1c1b78481e14e802e6bdc06

SHA512
f8976a8deadaa4ace469e573bb9719edf81be3b5bfb18c8f21e410bfe71ed62dcd0956f345d7c2cb3f3ae7704c9d29a7bfd4db8a773f9a5759bef5bbd06e6525

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
444c42a216ac42dacd4642265df72e10

SHA1
1802463ea3baa8d7c71ca89043fbdf96c58b44c7

SHA256
eadd6926cd8f40b72240aeccd7a32257de171451eb7f16202ee4954f769d611e

SHA512
67a87f40f74ef8bfd95327d543d3a1e1dc34d4b9f36416c1937e740977a19b533951240a557c83e8c0352387c26c61fc8869a3e31154e05b8c4332293ec39c2b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
e6c98ce531d86fa2152000327661d475

SHA1
41aa6b06f4f69c44ebcbc075f19817fd3b6f8761

SHA256
739cabd38cb3c1146430ec4761e0319db499d94688f104f096af26f2affa1f25

SHA512
b253514a60692174f77adee452b0f9f2904b0b6736c5e5346042784b187f9c06229a0b671e667a360eca93b405a0c7d4d3a0944710578e6cb97883909c7de5bb

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
1fd5ea19fb0247878527c35d2d6cc10c

SHA1
ea28c5f19ee4d6fc025478d84e2a9dc1488c343d

SHA256
0a149e722a9a3401ddd7dec98c7893f92a01591e9f70f6389bbb4806232d2864

SHA512
02699d7b1696a70d430eddc04ae9b1ba9560e49a495f34e24f4d18c91c43c9459f2d4ba80f0aa74dc0211085a310d9d5552ae10aa4f1fcd533753097e6177881

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
ef6870786621d4fd1704668da9d386aa

SHA1
f07053878e3f295f189de4331134c6818a2d6ef5

SHA256
c267d7eb9c30f110e9a40feb6e9c7cd92d6fda2ecd635f90a8439d836c2b9e57

SHA512
f5ce81ba1720fae422726d1637c0aac746a061c22e286956c4907d88be4a89d95bf49e7aae4a168684860894f760db43364fa373ae937e4dd5ca840b04732ac8

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
74d4810703b4ced60ad45f73e85b31c3

SHA1
af241299eba94e1a1c039adf72f528322ac26423

SHA256
8b6861a5cfed39ffd51ebe1950b2d888b4f81f789638f313814be4f554442525

SHA512
483e1dcbfcb955d3896b53713b71fe4c6fd885d2f06603cb6c69613a764f8902db7016d5148557c1417e152f9c102334fa682257ad14bba2ba01e173014e1a59

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
432f502111c46680916b20cf2d806b14

SHA1
7f05fc55a9840202e96ec6cdeedd752fd4ac15a6

SHA256
ca44b05f5eca6e9f579102b4054be1a47e50f392e76d991ab09129ce3be667af

SHA512
d709f3eb7d2686f5a21d564351b29c10f48f34a0eb85fea76bcef4c29a7fc91521988fd1a5d2323db101b220103d11cd47bb09145549f62a5dc102c98d74bc6d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
0d861b0be6ed00053dec939716273cf5

SHA1
74cea190a8ee59ca98eef715b9d0901fcb46387a

SHA256
26b92eb843e98847456e1536bc23f11fd0eb34ea0e137ad3af2d3f6e1e203159

SHA512
a377ae58a800248f04572c91a129718b4ae00c691c76f03983ed76c0d42b46a980604ad5d81ee254e553abcbe96a676207cffe5a8c0c71250269e9920e16d023

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
c4c771cb25a542234129675f421b63ae

SHA1
ccaa1935a13fad4f50949681d6a5f88082f2315d

SHA256
d014b7f6e3d3934be5d94008ed5c27da06dd8fda2391322a0079c76e5996a9b3

SHA512
97724060365c097911acd6a1cbb522b840985cfed33a48e7e08ad7b8124c62be7757c83c145185f844e5544931388abde6ddaa0f49c96a5bb383bdc9e70d0794

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
58908c102865ffcc1ecc74c43988fbc2

SHA1
fa8cff94a0e6bf6989ccfbdf200bca4bb07aca41

SHA256
1c180ae716592ca6c5f9b59a386fa56488b212e03bedb976273c1b50758c192c

SHA512
3f1733132edb23a33419bae42389c3d05ac7b57946037825e80f003e9062a511d3c4019f437f8933fb386fc8ec992efa6dea208f237fc10aea2b2d8f623c90c0

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk

Filesize
1KB

MD5
6cd00e12a85d27dc373658641734a20b

SHA1
92d8b1dbb7f5fd448e7a79d0d489b5fef7d2a44f

SHA256
ff4ed444babd16d52c32ea6c0838f292a6934b6e996afe82c9180688af656267

SHA512
8877ef5539990fa5cfaaff11e6575ab263adbff9822b587f22128270671005564c619c8744222cfaf639540f4cd1eff266738e92280e63b4b32eaf5da070d17a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
eefac2cbe8c8acfe9b89f13a69ff364f

SHA1
13cbe7acaeb6b9e3749ecbcf912f1d35920e5e50

SHA256
527d17a04d8e82f934d04e8a00ff2e9c846bd06c3c7be7063d73ef53168c4f64

SHA512
8a9ca02d05124e299a799f6715bd63c303ea5d10beaeae6ed7c6e793232ef8a4213e29f1bf5321c5cd6966216f0792d407b0f45f3b7d80b417ec991022dad1f9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
3a46f7f824cf47784ca6094ec6702013

SHA1
1c2541fe0d21e96a3c553aacc314bcb1b84bcacb

SHA256
038aa1322c6df282ec00852d276b86558ddd7d48ae95e051d6314ad408ad5dbe

SHA512
3f8e859f337b8c00b54d6415c583b11b5611199551f067cc7d5b37535f226a527a7f4d138644f050578d35aa76bebfc03ca70dd327c63f81f165c17ee6420eed

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
433bb3b8da749aa91c412b39a9a4d772

SHA1
6303e2ec28366215ab04d68126599c502fea0ab7

SHA256
3837027bab8c839b5bfaec96843f9de69ac00634cf97705d3a95c67db0cfaed9

SHA512
26d36192e6584a9ff5eba90690c6d6e40ac51ec172639399cea6693bd5556c7528d5f90878c954648b141641ea0cf830912a73537ff6367611bdef3929a89fa6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk

Filesize
335B

MD5
90e0236eaa33385ee8c53cd6a3a9458f

SHA1
da7bba758091dae313f5794a6f83a019c40fe406

SHA256
6f4047df0a368a386b3687ffc8e7c2d7f8ebe6050bb1022cdca4d48beccbdc4b

SHA512
c1fc4076add2aa5664a6adeec04c276a03a99a41e0875bced118b462bf9b75e96df8bff42c48835887dad0da97ff7206097a7c31fba33ae82036da755df5687c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
6d6c0f7093b0f3d37d02c2c65065b99a

SHA1
22ee71522cdaea841a62d7163d21298707c9008b

SHA256
465cf6d62c8f4cf7dadb3288139bde3f28e3afbeccd4b74e1d9f9c52960b8505

SHA512
ef5c3d20cc8dc43430508461c264036753ed921a4dba58d769b928c78be278795bae200691dd2abb027e285103b28308b27f84953fe9e0805c828180ff7272c9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
83b068b8d778c9135a94fa066d0d04b8

SHA1
27a94444068cf6256c41a7df03749a4ef10081a5

SHA256
cfbf4ba747f2cd1a702052ee0e27b1e2c9f6ec3888210d0512ba4c5e03b36377

SHA512
13e7aa3fadc4baf02c734bf68dba48bd8d7f90684cc2f8c695e9820e9fa3735d22c48c9dce98fec6068b09a127970a7047d1b55d58ef78999fe022868d23f05e

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
c67a95742e9a3ff68142ec360ef839b8

SHA1
a36e89f1ffc2b8c83fa58d50fa27530a7a77f333

SHA256
b68fd2f6918e306fb8ca6960393c6611da7ef0981e1c9940ee1b7d1412725680

SHA512
2fd6ba319d3ef33d7da85bf244b53ec1cc764c3048227d72ee05b91b26b4524e6d9cc23daa67796782625ae063dc35ca6418a65ee3a55a85638fbbaf260a96d5

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
f7ec436aba1424fb5dc205c3d0552588

SHA1
b927e9d2a88d1df9ea7a1dd2e901c072d421328a

SHA256
a10c3c0eceea8325abfbc8b18b541d80dcb58fbafc376bc9d5e0920e3e0cdbc8

SHA512
d52f9aa1aba403a6386703b21569bb7422352596e46fbd366e9b8feb9bd2cee302157c31b5e3144e43018bf813b478fe37b6d19f5ed4134785656d34417b7862

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
135b4d06942ce248cad69407cc83a4fa

SHA1
ec6f6b5a989f5cacc5488505544ccd02d94633b4

SHA256
5946dca4486044a463ae4afd3c5a4a03686c5de96ca3ad5df7b134a1a319aca5

SHA512
1512ae256204ba10d99544394960395f10250dce911ddfcab3c3e955a26b4ec99dbf9fc4923e17e8061b35c83b18b358996afa6a3469c2aabd3bd3e7f04e0ca0

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
840d6d225af92572e57a3e109a6feca1

SHA1
6a4db47cbc5d038560bcf56e39fdc9d3c2796c61

SHA256
0dadb1e64306d990e5c52e557349a568b9d38b82f2900f3f39ecc010c0717269

SHA512
7a155e3f594745a8294405f362a2d1b9ed4c829c4b970ddef84e1ef4dc283b7c5c3ab4ba97fbe003b55ec9d8f6d832fe64d8627bff5d144ae5a11345872b61dd

Download Submit
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk

Filesize
1KB

MD5
b193b4ea6cd4ba96a66591b0424377b1

SHA1
47305a106866fecdd106a278fb669097a9f71006

SHA256
b49d92bc4b8738cc64254a248c72c5eef95fa67fc56f469a83809b72218fff2e

SHA512
a94bd816222e60475361c4a3cb15e3f5c0caa8b9571f0b16f1302ea11dfd068b11baaf7c641392c0666a12c1c63deafc29d0e8e97b553faa2e53a10e15111645

Download Submit