Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/11/2024, 22:05
Static task
static1
Behavioral task
behavioral1
Sample
httpswww.mediafire.comfiled5afgz2u8.txt
Resource
win10v2004-20241007-en
General
-
Target
httpswww.mediafire.comfiled5afgz2u8.txt
-
Size
71B
-
MD5
3cd6a70fe62e1dd5bd0b77250ddaced4
-
SHA1
3a0ed156f185bcb13230aab230013bcc6af09ebb
-
SHA256
05032de84d0a27a0f7cec6b9d0f063ffea9462ad35b45d1ada2457f792bd5687
-
SHA512
d38ab8c64ff6795266af3de2901ad7ae995e4cc373e76d8b944142e3d51694952696e5ce91263b042efb62864d77b73bfb7e03fd9c41c4adc35464b4ea276b7f
Malware Config
Signatures
-
Downloads MZ/PE file
-
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE 7 IoCs
pid Process 5764 7z2408-x64.exe 5800 7z2408-x64.exe 2244 7zG.exe 5936 7z2408-x64.exe 4544 Kiwi X External.exe 4940 Kiwi X External.exe 3100 Kiwi X External.exe -
Loads dropped DLL 2 IoCs
pid Process 3460 Process not Found 2244 7zG.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification C:\Program Files\7-Zip\Lang\en.ttt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\descript.ion 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\readme.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\sw.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\7z.exe 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\tg.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\7zG.exe 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\tk.txt 7z2408-x64.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt 7z2408-x64.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 3 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 7z2408-x64.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 7z2408-x64.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 7z2408-x64.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756635342223284" chrome.exe -
Modifies registry class 22 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" 7z2408-x64.exe Key created \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings chrome.exe Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{651FD84B-1D74-4A3D-8F4A-7BD247F15EAD} chrome.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} 7z2408-x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip 7z2408-x64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip 7z2408-x64.exe -
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 2660 NOTEPAD.EXE -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 4544 Kiwi X External.exe 4940 Kiwi X External.exe 3100 Kiwi X External.exe 4148 chrome.exe 4148 chrome.exe 4148 chrome.exe 4148 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
pid Process 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe Token: SeShutdownPrivilege 5088 chrome.exe Token: SeCreatePagefilePrivilege 5088 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe 5088 chrome.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 5936 7z2408-x64.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 5088 wrote to memory of 3148 5088 chrome.exe 94 PID 5088 wrote to memory of 3148 5088 chrome.exe 94 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2916 5088 chrome.exe 95 PID 5088 wrote to memory of 2712 5088 chrome.exe 97 PID 5088 wrote to memory of 2712 5088 chrome.exe 97 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98 PID 5088 wrote to memory of 2180 5088 chrome.exe 98
Processes
-
C:\Windows\system32\NOTEPAD.EXEC:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\httpswww.mediafire.comfiled5afgz2u8.txt1⤵
- Opens file in notepad (likely ransom note)
PID:2660
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5088 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8c1a6cc40,0x7ff8c1a6cc4c,0x7ff8c1a6cc582⤵PID:3148
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1876,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1872 /prefetch:22⤵PID:2916
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2224 /prefetch:32⤵PID:2712
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2448 /prefetch:82⤵PID:2180
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:12⤵PID:3116
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3220,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:12⤵PID:400
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:12⤵PID:2980
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4712,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3728 /prefetch:82⤵PID:872
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4856 /prefetch:82⤵PID:1832
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4396,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:12⤵PID:2140
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5112,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5116 /prefetch:12⤵PID:372
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3408,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:12⤵PID:3880
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4380,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5192 /prefetch:12⤵PID:1004
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4808,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:12⤵PID:2552
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5316,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5348 /prefetch:82⤵PID:3844
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5308,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5464 /prefetch:82⤵PID:4448
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5400 /prefetch:82⤵PID:2248
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5512,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:82⤵PID:2880
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5500,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5272 /prefetch:82⤵PID:4588
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5004,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:82⤵PID:5040
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5284,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:82⤵PID:4928
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5800,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:82⤵PID:2184
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5716,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5232 /prefetch:22⤵PID:5812
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=240,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:12⤵PID:5152
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5612,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5864 /prefetch:82⤵PID:1668
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5928,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5964 /prefetch:82⤵
- Modifies registry class
PID:3116
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5932,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:12⤵PID:4424
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5060,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:82⤵PID:5452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5016 /prefetch:82⤵PID:5532
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3580 /prefetch:82⤵PID:5660
-
-
C:\Users\Admin\Downloads\7z2408-x64.exe"C:\Users\Admin\Downloads\7z2408-x64.exe"2⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:5764
-
-
C:\Users\Admin\Downloads\7z2408-x64.exe"C:\Users\Admin\Downloads\7z2408-x64.exe"2⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:5800
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5528,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4148
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:4984
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:2892
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:5472
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Kiwi X External\" -ad -an -ai#7zMap32011:92:7zEvent319141⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2244
-
C:\Users\Admin\Downloads\7z2408-x64.exe"C:\Users\Admin\Downloads\7z2408-x64.exe"1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:5936
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:4544
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:4940
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:3100
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
99KB
MD5d346530e648e15887ae88ea34c82efc9
SHA15644d95910852e50a4b42375bddfef05f6b3490f
SHA256f972b164d9a90821be0ea2f46da84dd65f85cd0f29cd1abba0c8e9a7d0140902
SHA51262db21717f79702cbdd805109f30f51a7f7ff5f751dc115f4c95d052c5405eb34d5e8c5a83f426d73875591b7d463f00f686c182ef3850db2e25989ae2d83673
-
Filesize
1.8MB
MD51143c4905bba16d8cc02c6ba8f37f365
SHA1db38ac221275acd087cf87ebad393ef7f6e04656
SHA256e79ddfb6319dbf9bac6382035d23597dad979db5e71a605d81a61ee817c1e812
SHA512b918ae107c179d0b96c8fb14c2d5f019cad381ba4dcdc760c918dfcd5429d1c9fb6ce23f4648823a0449cb8a842af47f25ede425a4e37a7b67eb291ce8cce894
-
Filesize
692KB
MD54159ff3f09b72e504e25a5f3c7ed3a5b
SHA1b79ab2c83803e1d6da1dcd902f41e45d6cd26346
SHA2560163ec83208b4902a2846de998a915de1b9e72aba33d98d5c8a14a8fbf0f6101
SHA51248f54f0ab96be620db392b4c459a49a0fa8fbe95b1c1b7df932de565cf5f77adfaae98ef1e5998f326172b5ae4ffa9896aeac0f7b98568fcde6f7b1480df4e2d
-
Filesize
232KB
MD5fba521dc9a708881d068a8fa677536bc
SHA155025248eda686f0714f6e2df13f2f98fe58127a
SHA25659e8350c90f9625c71d7f42bda2fd1079db8d36e905db1e9ab37816820b1413c
SHA51244025cc19a99958baa74af3b0b511dcfad3685a91d02f9ed962e284ba6a56fb2cf9f4801838cc2ec2673627e15669b34c31b0e27dd3dc7dbb885552749715419
-
Filesize
40B
MD573d076263128b1602fe145cd548942d0
SHA169fe6ab6529c2d81d21f8c664da47c16c2e663ae
SHA256f2dd7199b48e34d54ee1a221f654ad9c04d8b606c02bdbe77b33b82fb2df6b29
SHA512e371083407ee6a1e3436a3d1ea4e6a84f211c6ad7c501f7a09916a9ada5b50a39dcb9e8be7a4dee664ea88ec33be8c6197c2f0ac2eabe3c0691bc9d0ed4e415d
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\78a0801d-41cc-4e60-9242-74746dbc630e.tmp
Filesize11KB
MD582a7e8d19c354cf173d5872397b58735
SHA129f14a265c31c0e379bbf88fc56859f049c54ce7
SHA256df8570e1504d9ce91606fe48dadb14cfa4ad72148a7e2ffb9893ffc4f6263e55
SHA512c08d58b48aefa2a3517825599e292f4a9906610aa5c3b6f9716b161843ea7773dd6f0a933b50b2c17a134efa78d698b52b78d4ce1d25a9a6f4a696451638e7bb
-
Filesize
649B
MD56cbd33e9360a6d0247ad208586341783
SHA1183bbd8c254bd74c2e8978d2d60f82d8e160fb3d
SHA2561bf878bc5b15e0521c41244062ed392da8a8e9c8cdb772d5d641e0e0a7781c65
SHA512af535e2fbd78d602bf9d8a56bf1ee8cc171427108bc118393f6b9633547d4203c2c5cb96b2e4cbce2b1f95073068911d07b90abd31d71d790ba5111417efc3c6
-
Filesize
1KB
MD522086a1b15ecfa1e61017377194aea7d
SHA14414ab8e45de9968991b07d0f19ac48a9f6cf3e4
SHA2563aaed1878f6b1176dbcd1f400d3bb5ed1ca30d2ae1bd249256cb317d33fe30b5
SHA51223adbe0df08977aab5c64a7e83b7395b779068f1661e63d14e3e503eaf0fa6068179d6cfd31fd0a1357b1cdc082c27a63de396b809ee6098cf737ff1d1012be2
-
Filesize
1KB
MD53df43f267ec66a3259187cab0a81b0fc
SHA14189007f256ba72a087fa48535cf9a74d33aeb9e
SHA25696cc6f76de25ae79e46226b302882e8a67a8e8b8220f164ae1433a94fb91c95c
SHA512db469c2839ee9f9606af7b6aa545d92856ba7ac14a93d21e5e6e21d09a431f8a420e8b145ce5b1b2239f1f3be2ea1c768b82d9edf14e554c152a6f5597c35ee2
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
Filesize851B
MD507ffbe5f24ca348723ff8c6c488abfb8
SHA16dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA2566895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA5127ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
Filesize854B
MD54ec1df2da46182103d2ffc3b92d20ca5
SHA1fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA2566c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d
-
Filesize
13KB
MD528c521761339d11488d7aa58ffcb475b
SHA188da2f2332cad015c6d1fc66689074c8f6d0e008
SHA2569140da78a2deace268c468f7594ee46bc7d5028512970e3a30eed535deadf672
SHA5126d119d47b3ab9e7d2d1e50917c28f154919de9a5669c875a0bfffc44b32029876045fe622a7e0db92baeec64f03deab6a2eac52d91d18d66de0c38a49fa0d42e
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
1KB
MD5eeb73ad3dbdb47b1723dbac34bf79981
SHA1003f6d5eb9c4e98b0db9e8bebf6d7342b176c741
SHA256dd7f61413fa5db931cffe1f724e9c47adcc20b829fc720da8212bc6487849f58
SHA51202bd95ac47cd80d6c568a4b3d25127c404013eb6792575abd74335f8f5ff6f40901e7cefa4c44f0ec8a82ea584dbca727b86dd6dd15b3824ef091c8043792a9c
-
Filesize
858B
MD5acabe0e3103498ad10a9b54375e3f914
SHA169653759a910e6f93d811acaf44ca4041cf6109f
SHA25620a685e2318b438bd2bf957736a8a9c49e3ead9f58f38aa1c6135141c1b21c65
SHA51207b861a2e5e917fe85a1f5f0c74d536a831fe93b3dbbd03996c473e67769f0f888626fcc7cc624807c0e3e1316e0f6810b39db103986854f6c3dfac0ba1e73ef
-
Filesize
10KB
MD5bb6bbdad2099a93cdf71421a53538d08
SHA137c3637f62be5dc976fa115367f04ddce4d25332
SHA25673b327f33654649dc9ca13528402230b9920bfe93f01e41652532724a8b8121c
SHA512bf48bcad9956e3cb9013f19f2c382611fe0c673be9f317b0d6f1fd154c372620cd11d57e3c5c25b7cbfcfeef9f9041676b773fd02db758c25c9e267ef4426f9b
-
Filesize
11KB
MD5bdbef443ea0759ee6b2a8daefccc1010
SHA153a428888f5ac47489f68bfb00364c45418abe63
SHA25663f165e244d6ba05b7f909e8ae8ca9e273e5eabe98bac596424bff289a0c286c
SHA512575ed2f626ba5a9f853540bbce6de56065ce7186ed00d4b5a40d3e936a82a30255cce34e6c9c293120ea07c710878c4b9b6268992542260d6e19c39d2fd8fd82
-
Filesize
10KB
MD50848b3e445c4e89ad06d0c77adf5330b
SHA15199cde828c78ed0d37fa1dc1e241cae96616f6a
SHA256bfa25210a49c1a1b86c8be6c2ec94774f06d21970ae89e96a7770d344faa4eb0
SHA512dba7d2620659fe31439dc7393341eecf035d75d763dad257b92c4c3b62b8726dbe102fb72ad4160e440ae7d160106fd5f3fde5364eaa8dafbe4772ab6af48f25
-
Filesize
11KB
MD5efca0c4b78087127f7a885fe5a8cfce1
SHA12739a4aac389421522397b705a12aa6240d7e556
SHA25690a3129feafd8559af92c4c52d9c4a481b309246da6f1a54e53a8e1a624d009e
SHA51253ea2a93a0494199fcf1a24cef0b9096d6de562f6a49b6431da993faddba4a47c5c60385988557dff79f06b70a4bedc624ee1992c3bf8407ca0b4df9e658f3dc
-
Filesize
10KB
MD57f9b8a4b45d5d77575b18d76306455d8
SHA126ba955686047ca3c39c4cdef87c0bda6204cafc
SHA2568ea94d8c699eb454219f842b47336cab01b30b9041051327cb9f67ed9931ec35
SHA512446657167834ce6837e049d25197f03237dbaa27a6eaf90f4982aa6a147ed7829e167b173e4cc68a308113a02b6ab456e2e3bfbc96912d405aa35217b5ae1f81
-
Filesize
11KB
MD5ee62deb4627fa359c284fabeea7c0c11
SHA1bb8de87d66f1035328aa5aa5d869de00161603c5
SHA2562754b290350b09138be9b968b385749942a28d4baa145e4e32156265bfeff029
SHA512912fcceb99402e92ca6a3d4efe8ee22928838db651a3760c50109f43f7937b76d0f9dba520435fae893fed7d10a98d30363519232ac1b655454af63d11e512e6
-
Filesize
11KB
MD53f1b47582ba8fa55c236b74dc53f28db
SHA10fbf5a8405e6492d96f6cee413f2ec5d78480ebb
SHA2560b5a7398b78d2230c641ddb57ccb338ad39d4d29557d8764f21d9a95002a1f12
SHA512b6ba24ca9bfeb082a280a7f042e46fcbd85e02e524f901c20f5d31c276d7f2b007269d06187561517e81d86f26b9cf192c0bf5b01a26bb95529fb0cd95766b70
-
Filesize
11KB
MD5fa89a268a2bbdf23d7ca65e05e1d1d38
SHA1cde36d754daf81ed65a912d6d9227504b183527d
SHA25655b16e7872e5baa88d5525feabdcfe64cf5df5e050af9a87cf4afe851655c698
SHA512cf6d9ad58e88d800236854ddfdb24b0d9d477ded57fd0623a5543ba4bed0eb1288957af9ebff125fc553009e4fbda155f577ba630783a481f62afc682a628b54
-
Filesize
15KB
MD50e39f2015298e184882505717fc617ac
SHA12071b71d7d6dd6542b44761cec762ebfc8080c5d
SHA2565d2e169b942f429de3a553dd980ba5103aafae80d162ba7c97471edd8c25a061
SHA512ee59cb03d65f018b83e1fc5ed4936f27e015dda790767f67fb2a873546cf5ec7a0389588168dfa6f5e37259b56d97da9fa893d8cf37552cc612b00c5f5bc1a1f
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD55e79aa5671d10e42a070acc3c0aaced0
SHA110f0f6446f42ba9f0a373796ff9841a5bad544d0
SHA25680937e8e7b55f4e92b4342f8e502aed373e5c263443b4fa97ad1c125890511df
SHA512be3ec824f68b82707bf43ef5ccc59f541094132dba982908076b446a8e7aed62a5ed55a7d8025b7f5c0ddb25f4429db67a74189bb9f78d27c130a3512493897e
-
Filesize
232KB
MD57b7f40db1b74c97b81a27de60bb0e0af
SHA13e332fa4a7ecdd50b3f2911748cd2e4057b77e13
SHA25609f592b3e0ae71190329f19adae224c03468613991846ca555ba5a96ce458e37
SHA51232551e9f4eb468d77866618e0d76055e01a4df42f3407f836928fee3b772b156bf89e4265329d8f7da78984a8aac6b5be9a98d6fa441baaab8c14c5ba2c4998b
-
Filesize
116KB
MD585c29fdfdf90a32964b5f3aa66063e17
SHA157f6a0f8140768edf5fb50c5da2631a5195c5be2
SHA2569790c951889c2390c4aa20cabe3e6fd92fc9616b2f0653b102bf8eb3183fcf56
SHA512e875f4f38bc7144c1e76b2b4e489b761468a5fd62dcf41eff8ded23c28bd46200c2fc13150c938a2068aa498f6078f4e8edc25419af30abdbee1bf1a1ccc1f09
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir5088_1054536254\109ac654-bdf1-42de-be46-ed5fa13940bf.tmp
Filesize132KB
MD5da75bb05d10acc967eecaac040d3d733
SHA195c08e067df713af8992db113f7e9aec84f17181
SHA25633ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA51256533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir5088_1054536254\CRX_INSTALL\_locales\en_CA\messages.json
Filesize711B
MD5558659936250e03cc14b60ebf648aa09
SHA132f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA2562445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA5121632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.deps.json
Filesize66KB
MD5aa0cdeb226722173e5fa3ea4cccc78f3
SHA16a5ad8a3f7a465889ec63bfa8fced4cca5b909a7
SHA256b6ebddb855d50861a1ae0b7c5c2981a610328743da28c876f8da1268a711432c
SHA5121f49fb6f37eee008d2adadaada2bc854b3f1a0985f8db345b08b9f7e88a2a469b9d09dd8ce31c2098850fad28fa109f7866232564548f0c99a67b8e8b835a97e
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.dll
Filesize6.8MB
MD52c0cdc4197f9febe9a79dfbbb69339ef
SHA1be71d6587d6c0328dc257d1533bddd8a89310d41
SHA256954701ed16fa37a48e8cb980d87990145816ee808def676204fd895b98678d0c
SHA512397d631bebb58ee8b80ab0953d938bda3100d1eeb7208c1a9e11a472ccaa416ffeb95cad2a4ed1a384b081ba8d2b6fb06861178458cddca256f35ce983e62935
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.dll.config
Filesize1KB
MD5768c2ad61947a7be36dd9f70f83ee4d9
SHA1f5cdb30b2ba51232a7a903da7cb1c417250556fe
SHA256cb95bd1fd1e0220ad9a1af79b2f1a6f68d354715c2bd7e8edb78ba65319d0f86
SHA5127f130df4cd0ce7f71e1d9d2a8ca25ed3927b49d8febc6d74f5dfda240423aa2bef853f738d645cf27a9c2fc840c0226f5d2bef5fcfd942b8e2a47574c5b66a4f
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
Filesize321KB
MD59fef2a301edbcd80a74670f54a88e41b
SHA1eb7a5845b2998217f8ebd4ecec4ba554d3edb757
SHA25602ad64a9b7a3e99337b59f54563082fbc48b26cb796fbe1cd834ce185fd63381
SHA512afb5badae34091bf88b5e97a1742385cb7ff4839f514ada697da00ea186ee0a9e35c53edcddcabda2a7f4d0cec4e2e53ec897033ec1856c05238efda07fc05c9
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.runtimeconfig.json
Filesize266B
MD5d8ae75ee64991f91ddf5fa2c72adcc7c
SHA1c8318862e3f8051daed02b9d764e7468cbe4bf86
SHA2566a9ae797b520e700bcb418aa36e945f22d27c86b3aebb393cb7c4462d52e76da
SHA5128907e87ce5c582ada4d391009b015ea9878c3f788a15f327dc7bf147e8a4ac80258e0541f1f35f3e00cb29dfbd55839908595a6941920d68bf7cb8bfdffb4998
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\bin\configs\Theme.cfg
Filesize45B
MD59a01c7ad9d3f9fc8b8f0b951c1eb4702
SHA1066ee3f5eb23d3989542fbcf9694ab07c8ce2a8a
SHA256fb9e0491f4802834614ab0ea04790461abd2725cbb1034992c7ae2580d6725bb
SHA51236548ee75116fd6ea5f7f16bfb68f88670ec435ae9058125cb866d6ff476dccc9dae8a8a94aae6f522521337902b89b3bb2d962c410f2947152df5eaee4b7074
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_1ao2pfbr_wpftmp.csproj.nuget.g.targets
Filesize1KB
MD5dae90742c8d0267da0b48e8586d3068c
SHA1da983548a739c189082b2037b6774643305850a2
SHA2562aed7451a92593dc80b91c560f0e4b9ddb1aa99f8339ad19ed3d878ef30424da
SHA51218826347563f37c61b07703eda08b6dacb43489f1dab27fdeabe2a36fd8803dd2f4d61093761690efd23af62bda1e7035e6921d441083eb13eddbeb8f9193418
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_1xakwnni_wpftmp.csproj.nuget.g.props
Filesize2KB
MD5cff1800e111aa1bf3fc7aafbce88cd75
SHA1196c59da7969f67bca9af0bee669a9901619e716
SHA2563a9c08a156105a3f6d019c9f384e728301398ce73bc273248857be62c962ebf1
SHA512c64c27a461d920246ac0d6e6e453ee1a36b86b436e37937110c831f3f94f532b75afd6ae7b9835c1120f92a807723aaeac0baa437aa9eb8d012aae7369e19a73
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_afhmq1oz_wpftmp.csproj.nuget.dgspec.json
Filesize4KB
MD5ede9d74e366abaf2e53c73728161ea63
SHA1ebf66a4cb754e0b985171da29d2c1eb30071cd01
SHA2568ca4f4db8f8c0c440f01b501d8ebaf6620940aed160e963ad69b3d0daff4cbe1
SHA512c7461084b391406087c420eb988c8078f06850988bc1082927a94d53df05ffd6fa52e50f8b1d71343204fc1b82575bc474ee6e55d4d17f354a6041088ba288b7
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_g3wd4dah_wpftmp.csproj.nuget.dgspec.json
Filesize4KB
MD56522a98e5a3e976861d72121bc2c075d
SHA192687e83e3fdba80b4c024cdbd946aa7cacd0ddc
SHA256dee0717681888b388847d906d4b0b316cdb1245468c743b6352218641c5d8f75
SHA5122781ac7109ba321d040a0a4dcc006b97b96cf647829671dc355e3f4917d7d245f323272ceef446501e1aa464ebca2f0c8bb4ec40b5f03ae6103ae5361f2784fb
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_hff5giod_wpftmp.csproj.nuget.g.props
Filesize2KB
MD50698c1512003f327fb76860f2b32f3e7
SHA1458e59648c36f4bb9dc33f8b994311f4f71a1602
SHA256dfc6e30528bd0340eb0d5ca52559544118ee9d429334b8712e21296d79792243
SHA5126428a6145ebbbf96a9b6189f4376c5fa64d5d1568466de2b2f3407dbeddd845f342f3fb8fb588a9513cb83f73d5690341c4927dccbf76bf872f21fa8ffcf0b03
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_th5mkddj_wpftmp.csproj.nuget.dgspec.json
Filesize4KB
MD599a39c5e9022a1f491a08a6a9f637b8e
SHA1fd2d5fcb0c44a5e124a2e339a95356138dcac2d7
SHA256a4979e8dfc842d630fcd30b24ee47d2068668c13ad443f30a78396decf4c7a28
SHA5125a875ce03410ff27ef3c9b2d41927bda84e80b8cd467010342f9d6c82f6de353a2a1e743163061233428e1f14e159568da46cf2b47a50f8ca74dcc2a69da7d23
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0ajav1nf_wpftmp.AssemblyInfo.cs
Filesize1KB
MD5d14a1d6e41bd343c1f1b3ac4301cdfa6
SHA16043ede18e7b13a52fabd8b13cb7a0c598a08acc
SHA2565c24a0119792b84b849be5d77baab4297ddde2157b68baf3c6093f8f0b9580c2
SHA51202a5d41de962e0a28bd6c13f01287b875e59c33be3102a99639803f5784c2e0abe9f880dec5003ef8fe92dc8582fc12f9fee8e70ddd30a7654197f0eca00cc6e
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0elk4nfn_wpftmp.AssemblyInfoInputs.cache
Filesize42B
MD5f4d2f014817b7287915f69fb98b77f80
SHA194c8a9a4411daae1359dbf79a06f2b9b90e7cbc8
SHA256fd01c59105f12d37621245b7cca02eaf71734e63f5469c214665c632b52a3b16
SHA51214095a7aec08329a90f59acbe6cf0b1440341412d4794d723f843272917ae8993e37634293556ca7f2ca439b39a6dc2096db377b3fce036b84ffc01ebf903f77
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0en33wym_wpftmp.AssemblyInfoInputs.cache
Filesize66B
MD57ce6531dacb47d1e66a9281910cd1b00
SHA186c075bd0821ef5e39d519a2a710ce887aae8b95
SHA25641973cc83b064838be9ecc8772c0d2659d32599518b8242ba85f6e5a9189a2e5
SHA51279da4b9941fd431f2c91dcd9051045660607a8982f18467d9858c91f4ed21231f369dbb2a7db5e73391b71556da57c74322ed81726c17a935f6bfa8ea92e12b9
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0hmbhjto_wpftmp.AssemblyInfo.cs
Filesize1KB
MD5625871be3f9600a79f42c4829aaa69a2
SHA16506c4d0d8432fec14fc8fce5bf183668ab0223f
SHA256156901117b6cd74cc02ea63c64e7a7b32a82afe38026ca33394b02bb748d0902
SHA512593602a16c1a9c110e64e42bca5c6510bdab83520510bf84fec0c84d75d291300d2a1dd13ee70ac41a927ee9d135c4abb5b037c7d5ec148f8c5cfde25141c2a2
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0hmbhjto_wpftmp.AssemblyInfoInputs.cache
Filesize42B
MD58cb3432355fb24d3741bc7da47157780
SHA1fdacad726a29667e74477e502af49c0578c36585
SHA256212cb58d33f88d2935d5ea8af5fd8568f523151d38fa06a369ff27c3686bfb8e
SHA51290b27e104f5194940e1a919caa8fe20c15352b1da729c2a99e523a584bf73df5010765b8bec7a8423b97e249ad014f0abc31c3bc1ef289535456ac3946f335ce
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0xhohhaf_wpftmp.AssemblyInfoInputs.cache
Filesize66B
MD597cee9976e4396ee29d24cf06b2f0fee
SHA1a187d089a3d36d77da7662ac98b5d690718552c0
SHA25647619039cb04e8382a7ba083034fc4c99dfe6655bd4f7cc9241150cdf411ce45
SHA51214b9f1a4919e2dffe59106ab68c5548d7062cff4d2703690128a25f39ad335c3c0de5bfd368f3deec493fbf68ee80ba86ed57a5f7aadb8d6fef26447ee177f80
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_aluw4bul_wpftmp.AssemblyInfo.cs
Filesize1KB
MD567f48e1d1825a122ef3392a3e3f80906
SHA1ca95e531fe21f6327d713c67b45ccd8187f291de
SHA25652224ea9e82696155766595b9a16cc29b6ae437586e879b9541cf19d1b63e87a
SHA512677d56b86a385f6b333e7ea2ec404f2f10f58cad129007adf244612da687e0170129d1ff47974650f95220e7dfec2291bf2db4c10d8e57e98c583da87673e93d
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_aluw4bul_wpftmp.AssemblyInfoInputs.cache
Filesize66B
MD57c6ab8f7d9444ada50eb3026c763d524
SHA1f9526aa0453fe3e311f5f625c7fe86361432bb97
SHA2569849952fa7828aeff7b18b1c99a2074351d134ef02fe096d9dcb4c41360f122e
SHA512c375dcc0bfc6fb0439918994964abed089c1651ba98e8710ac542c04212455b6a04bc7c60f5ac677558ad2553adbc705ddcc38e0cdfc36a6ebb6a6313414f027
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_dz4t5054_wpftmp.AssemblyInfo.cs
Filesize1KB
MD5c438a54fea248f70df3d5ecc14cbb9fb
SHA1697322682dc286e15e9a3b227d46f98685efe3ae
SHA256ee7417aa5b18ca95453600554f911bbeb82e5efdf9141817ee46abd1d18c78d0
SHA51257b2e06ee4e196f97be2fdc2bbc64be922c5a2ec28b2bdfb930ab03efb693e1c7d45502ac72bec88e16a1ce371ef2cd7b7f1be68051b46d2498ffdf9a51cd51a
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_dz4t5054_wpftmp.AssemblyInfoInputs.cache
Filesize66B
MD5b66d50947cf77c0813fe52a2ed19094b
SHA193bc2202259fe4cb1d27feb35864427ba37185e9
SHA25609a4209375bf97348bc0b644a1868e83748bf077c102af904a9574633a8047a7
SHA5127aab5d9d48b4be1932028439a7a94f3c185a0278c2a5681b33fd9541897b4a5c6d738538b83c98a810837c6599a2d526f15daaabc9b5b22c3a943c528053d16e
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\Kiwi X External_Content.g.i.cs
Filesize609B
MD5df3a673e620fa0f54ca5eb61081400e7
SHA1c9df9f10e53ad6770e036beb59975694b711a261
SHA25657d1057c5b39d96ee9d8278836daf049248c81a96e75957f7481ad6ee571c5fa
SHA512763a8d29d541dc527fcd591326b51df566196dc583f94a66d8c6e16d7d2b5ec3d3207b4eb6f38eefcadd10dfe48e11037222e538d64c1c93eb30a411ab31d22c
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\AimmyWPF_5ouxw5kf_wpftmp.AssemblyInfo.cs
Filesize1KB
MD5124d868809a908ce2e8518cdfd3db79e
SHA1bfd5e93a8c91c5c73593fa261bd4450c591399d4
SHA2560c0278a14e4351a4a4fb77d535a48593f98adf75134d60c13c98000cefd08446
SHA512a98e967faf82371b89f72cdf0465c5f50486158dacf93ca197ddc884bc3abe53b998c010ee5cad1644097deb5243187b232e4604dea32db372d3e3c796c97fca
-
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\AimmyWPF_5ouxw5kf_wpftmp.AssemblyInfoInputs.cache
Filesize66B
MD5ce01fcbcc2514440b384405e449f8add
SHA1bdd3831fd811d124dad9a84704d13b50b6c3b61f
SHA25620212cce49eb7eb5e861fc712c96dc4b158d53fa4f42e8df9e9398a6cd275355
SHA5122c61ceaf1277c68e6a6321d124caceaa1e428edb750530c9ced00b9c80131ba3ccbbc8d4210a0aaa6bf48179071948449e3476ddb5ea7c6a245271556a922c18
-
Filesize
1.5MB
MD50330d0bd7341a9afe5b6d161b1ff4aa1
SHA186918e72f2e43c9c664c246e62b41452d662fbf3
SHA25667cb9d3452c9dd974b04f4a5fd842dbcba8184f2344ff72e3662d7cdb68b099b
SHA512850382414d9d33eab134f8bd89dc99759f8d0459b7ad48bd9588405a3705aeb2cd727898529e3f71d9776a42e141c717e844e0b5c358818bbeac01d096907ad1