f49df369e2ea0fd1cabba5d4d9558c28943c00b93a15d02424fdae570a841395

Resubmissions

24-11-2024 19:20

241124-x2gj1avmcx 10

24-11-2024 19:14

241124-xxxenavkdt 10

24-11-2024 18:51

241124-xhldvatmbs 10

Analysis

max time kernel
93s
max time network
96s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
24-11-2024 19:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Size

12KB
MD5

9690a2513021c69025be547b2ce313a6
SHA1

3a727cc36bd882844072e4e79bae64a772171005
SHA256

f49df369e2ea0fd1cabba5d4d9558c28943c00b93a15d02424fdae570a841395
SHA512

56ba2ce43c96e096c3c6fd86fea3cab7ecd7d0e5317c19e8163f6354acfd50129fb9b15c07caab35fcd65210981d2a74756acf7d148472a602e9e5b20d80938a
SSDEEP

192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMUDt:eebFNw4Pk1itKkpAjjI2YpdmU

Score

9^/10

discovery persistence ransomware spyware stealer

Malware Config

Signatures

Renames multiple (2353) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Drops startup file 1 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Alcmeter = "C:\\Users\\Admin\\AppData\\Local\\Temp\\KyN5377FpuKUICV.exe"	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Drops file in System32 directory 64 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\mdmfj2.inf_amd64_d99d1fb1fc589fcb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\InputSwitchToastHandler.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\MsDtc\es\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\XPSViewer\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\lsi_sas3i.inf_amd64_0c124c748b6ae4e6\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Registration\MSFT_FileDirectoryConfiguration\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmmcd.inf_amd64_46fb5b718b259171\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmtdkj5.inf_amd64_42d5be883a2b16ec\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netevbda.inf_amd64_b779cb8e24d23b60\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netnb.inf_amd64_10acfa4b924dd181\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sensorsalsdriver.inf_amd64_9969a93554339919\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\setupdir\0013\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\ca-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WindowsOptionalFeature\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Msdtc\Trace\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\de-DE\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RoleResource\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RoleResource\uk-UA\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\IME\IMETC\IMTCPROP.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Nui\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\slmgr\040C\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AssignedAccess\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Archive\it-IT\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetworkConnectivityStatus\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\volmgr.inf_amd64_c46fb1889d563881\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\iai2c.inf_amd64_a77c815b2999404d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\IME\SHARED\res\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\oobe\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\setup16.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_hidclass.inf_amd64_d6815bc5111fe8fa\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\scsidev.inf_amd64_28d2271d20cdd8d2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wnetvsc_vfpp.inf_amd64_af9b7897bd3ad8b9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\en-US\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Registration\MSFT_FileDirectoryConfiguration\ja-JP\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\nete1g3e.inf_amd64_af58b4e19562a3f9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netnvm64.inf_amd64_35bbbe80dec15683\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\SystemPropertiesHardware.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\zh-CN\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\DriverStore\es-ES\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmaiwa5.inf_amd64_377ecc296d72d917\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\npsvctrig.inf_amd64_5c7dd71239e89167\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\tpm.inf_amd64_2a45230b132b6dcc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbnet.inf_amd64_5229ee1dac1c624e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\mobsync.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_LogResource\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\1394.inf_amd64_1321f5d3cb2d9ef4\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmzyxlg.inf_amd64_281df5304fe06482\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wvmic_heartbeat.inf_amd64_300c2fef62ff6d5d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\eudcedit.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wiaacmgr.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmmct.inf_amd64_9208fead72720c5e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\DpiScaling.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\hidbth.inf_amd64_b16ba1b1167afeb9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmar1.inf_amd64_b57d3f2fc8043d70\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmboca.inf_amd64_c7be3a6df11faa80\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mrvlpcie8897.inf_amd64_07fc330c5a5730ca\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_x86_69e8e0efb212ba16\I386\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\sti.inf_amd64_3f5e62a7baeba7dc\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\de-DE\Licenses\OEM\Professional\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\he-IL\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\icacls.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\migration\fr-FR\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\wbem\WmiPrvSE.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageAppList.targetsize-40_altform-unplated_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Paint_10.2104.17.0_x64__8wekyb3d8bbwe\Assets\contrast-black\PaintAppList.targetsize-32_altform-lightunplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Paint_10.2104.17.0_x64__8wekyb3d8bbwe\Assets\contrast-white\PaintAppList.targetsize-60_altform-lightunplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.People_10.1909.12456.0_x64__8wekyb3d8bbwe\Assets\contrast-black\PeopleAppList.targetsize-40.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_1.0.22.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsAppList.targetsize-72_altform-unplated_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21012.10511.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-30_altform-unplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.65.0_x64__8wekyb3d8bbwe\Images\contrast-black\PowerAutomateSquare70x70Logo.scale-180.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\HxA-Generic-Light.scale-100.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\Tentative.scale-150_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\SLATE\PREVIEW.GIF	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingNews_1.0.6.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\NewsAppList.targetsize-36_altform-lightunplated_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\CalculatorLargeTile.scale-100_contrast-black.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_1.0.22.0_x64__8wekyb3d8bbwe\Assets\AppTiles\MapsAppList.targetsize-72_altform-lightunplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_321.14700.0.9_x64__cw5n1h2txyewy\DashboardLib\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\themes\dark\core_icons_fw.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\multi-tab-file-view.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\Pester\3.4.0\Functions\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\orbd.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.32731.0_x64__8wekyb3d8bbwe\Assets\contrast-black\WideTile.scale-125_contrast-black.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\HxA-Exchange.scale-125.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\nls\de-de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.BingNews_1.0.6.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\NewsAppList.targetsize-20_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Paint_10.2104.17.0_x64__8wekyb3d8bbwe\Assets\PaintAppList.targetsize-20_altform-unplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.65.0_x64__8wekyb3d8bbwe\Images\contrast-white\PowerAutomateSplashScreen.scale-150.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.41182.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-16_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\CalculatorLargeTile.scale-125.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\zh-tw\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.2008.32311.0_x64__8wekyb3d8bbwe\Assets\contrast-white\GetHelpAppList.targetsize-36_altform-unplated_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.40978.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-72.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2104.12721.0_x64__8wekyb3d8bbwe\Images\Square310x310Logo.scale-200.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\HxMailMediumTile.scale-125.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\core_icons.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\osmclienticon.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2102.13.0_x64__8wekyb3d8bbwe\Assets\NotepadWideTile.scale-125.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp.gif	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LivePersonaCard\images\default\linkedin_logo_small.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\QUAD\THMBNAIL.PNG	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\VBA\VBA7.1\1033\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2104.2.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SnipSketchAppList.targetsize-60.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2104.2.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SnipSketchAppList.targetsize-72.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_1.0.36.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.targetsize-40_altform-lightunplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files-select\js\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\VisualElements\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lv.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2020.503.58.0_x64__8wekyb3d8bbwe\LensSDK\Assets\Icons\icon_play_nor.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\Images\StoreLogo.scale-100.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21012.10511.0_x64__8wekyb3d8bbwe\Assets\OrientationControlFrontIndicator.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\de-de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\ro-ro\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\css\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\hr-hr\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng2.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\System\ole db\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_21.21030.25003.0_x64__8wekyb3d8bbwe\Assets\PhotosAppList.targetsize-20.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\images\EmptyCalendarSearch-Dark.scale-400.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.2103.1172.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\contrast-white\FeedbackHubSplashScreen.scale-125.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_1.0.22.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsAppList.targetsize-16_contrast-black.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_1.0.38.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderLogoExtensions.targetsize-80.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\StoreAppList.targetsize-96.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\AppIcon.targetsize-64_altform-unplated_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\Close2x.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
File created	C:\Windows\WinSxS\amd64_dual_netvwwanmp.inf_31bf3856ad364e35_10.0.22000.1_none_caae79f1efe8a111\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-w..nkobjcore.resources_31bf3856ad364e35_10.0.22000.1_en-us_ae20c59fc52a9d6f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..w-capture.resources_31bf3856ad364e35_10.0.22000.1_es-es_594c3713476e8ef1\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-execmodel-proxy_31bf3856ad364e35_10.0.22000.1_none_38e1a9ebda33d405\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..forcesync.resources_31bf3856ad364e35_10.0.22000.1_es-es_d5e5f72d462e65a0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_rdcameradriver.inf.resources_31bf3856ad364e35_10.0.22000.1_ja-jp_d920dd31374e76d8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-w..iamanager.resources_31bf3856ad364e35_10.0.22000.1_fr-fr_cb78e2891ca6ab3c\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\wow64_microsoft-windows-devices-wifi_31bf3856ad364e35_10.0.22000.37_none_d81a7f8ceb6f1f6f\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\Assets\BadgeLogo.scale-200.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_hidvhf.inf.resources_31bf3856ad364e35_10.0.22000.1_it-it_2da021d28ab0417f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\Framework\v3.5\de\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..minsnapin.resources_31bf3856ad364e35_10.0.22000.1_en-us_5e795cef9c3e663b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_netfx4-msvcp120_clr_dll_31bf3856ad364e35_4.0.15806.0_none_18f03c45f590b3e8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\x86_microsoft-windows-l..fessional.resources_31bf3856ad364e35_10.0.22000.493_nb-no_4def7c6e0acdffbd\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-icsigd.resources_31bf3856ad364e35_10.0.22000.1_en-us_751c01b60f2c9c97\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..ut-ninput.resources_31bf3856ad364e35_10.0.22000.1_en-us_80bd5c759b902969\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-i..sbinaries.resources_31bf3856ad364e35_10.0.22000.1_de-de_09db7b35a423b804\403-17.htm	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-ext_31bf3856ad364e35_10.0.22000.120_none_7f0512a4f8f54015\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Reflection.Emit.ILGeneration\v4.0_4.0.0.0__b03f5f7f11d50a3a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\x86_microsoft-windows-l..essionaln.resources_31bf3856ad364e35_10.0.22000.493_lv-lv_d2c4c85eaa0649a7\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_multipoint-perfcounters-files.resources_31bf3856ad364e35_10.0.22000.1_de-de_914b5e72f033528f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-n..quickstart.appxmain_31bf3856ad364e35_10.0.22000.120_none_8faca973dc064b74\NarratorAppList.targetsize-16_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-t..tivexcore.resources_31bf3856ad364e35_10.0.22000.1_it-it_56b017e15572547b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-u..resources.resources_31bf3856ad364e35_10.0.22000.1_de-de_ebcc363605bebd14\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-userexperience-desktop_31bf3856ad364e35_10.0.22000.493_none_81cdab704eaad423\Assets\contrast-white\GetStartedStoreLogo.scale-400_contrast-white.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\wow64_microsoft-windows-chkdsk_31bf3856ad364e35_10.0.22000.1_none_227ea1d8c5da52fb\chkdsk.exe	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-n..quickstart.appxmain_31bf3856ad364e35_10.0.22000.120_none_8faca973dc064b74\f\NarratorLargeTile.scale-400.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\SystemApps\microsoft.creddialoghost_cw5n1h2txyewy\pris\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..xperience.resources_31bf3856ad364e35_10.0.22000.1_uk-ua_eada7a4c0dbfd1cf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..gbinaries.resources_31bf3856ad364e35_10.0.22000.1_it-it_feca5e9f1d18f31e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..iagnostic.resources_31bf3856ad364e35_10.0.22000.1_fr-fr_7ac99967d7ae81f0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-winrs-adm.resources_31bf3856ad364e35_10.0.22000.1_de-de_e5d4fd10b309bcc8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft.build.engine_b03f5f7f11d50a3a_4.0.15806.0_none_93a796b5f9a90826\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..mpatibilitybinaries_31bf3856ad364e35_10.0.22000.1_none_5ad9cfcafd1fc6ea\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-store-licensemanager_31bf3856ad364e35_10.0.22000.318_none_3183279146552031\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_dual_pci.inf_31bf3856ad364e35_10.0.22000.469_none_3d9944f664bc3f96\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_10.0.22000.1_none_e9d56a12bd6e8dd2\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-mccs-syncres.resources_31bf3856ad364e35_10.0.22000.1_de-de_db9eb7f804e7e3bf\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_napinit.resources_31bf3856ad364e35_10.0.22000.1_fr-fr_15da405103aa4ed9\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-aarsvc_31bf3856ad364e35_10.0.22000.1_none_c387f681de81f59d\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..atibility.resources_31bf3856ad364e35_10.0.22000.1_uk-ua_84aad1abb351ce40\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-u..tionuxexe.resources_31bf3856ad364e35_10.0.22000.132_zh-tw_04836ac8c172ae92\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\x86_microsoft-windows-l..erprisesn.resources_31bf3856ad364e35_10.0.22000.493_nl-nl_d4727bc332260858\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-photoacquire.resources_31bf3856ad364e35_10.0.22000.1_ja-jp_674d47adc94fe483\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-http.resources_31bf3856ad364e35_10.0.22000.1_fr-fr_0bbbc94ece07b22a\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-mccs-syncres.resources_31bf3856ad364e35_10.0.22000.348_pl-pl_28ebd34de25dc27f\r\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\INF\.NET Data Provider for Oracle\0407\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\wow64_microsoft-windows-t..i-appcore.resources_31bf3856ad364e35_10.0.22000.184_es-mx_bfcded3a8a1f086f\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-directx-direct3d12_31bf3856ad364e35_10.0.22000.120_none_eb1d68ed52d9b0cb\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_c_media.inf.resources_31bf3856ad364e35_10.0.22000.1_uk-ua_2f41895792772968\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-n..kexplorer.resources_31bf3856ad364e35_10.0.22000.1_en-us_e86b4aa760e5750b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_10.0.22000.1_none_2b28cfd17039373e\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-fileexplorer.appxmain_31bf3856ad364e35_10.0.22000.120_none_64d060998298410d\SquareTile44x44.targetsize-96_altform-unplated_contrast-black_devicefamily-colorfulunplated.png	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..space-launcher-tool_31bf3856ad364e35_10.0.22000.1_none_0cd616cf3212fece\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-w..indowsuiinputinking_31bf3856ad364e35_10.0.22000.120_none_f5286acf9cb4c595\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-s..inidriversmigplugin_31bf3856ad364e35_10.0.22000.1_none_a1b309a6d98510c0\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-l..em-ppipro.resources_31bf3856ad364e35_10.0.22000.493_da-dk_5f7f682b31f93193\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.22000.1_fr-fr_6426f7e78adedba8\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-b..nager-wmiv2provider_31bf3856ad364e35_10.0.22000.1_none_d5b0052b1e9250bd\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-diagnostic-module_31bf3856ad364e35_10.0.22000.1_none_4a64bdcdcc037491\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File opened for modification	C:\Windows\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..c-drivermanager-dll_31bf3856ad364e35_10.0.22000.469_none_0b75abb46f3eeede\f\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-cdosys.resources_31bf3856ad364e35_10.0.22000.1_ru-ru_ffaf804617be181b\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

Modifies registry class 10 IoCs

Processes:

9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\DefaultIcon	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\KyN5377FpuKUICV.exe,0"	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\shell\open\command	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\KyN5377FpuKUICV.exe"	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.pizdec	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.pizdec\ = "MCZJGRNOTVEWUIU"	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\shell	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\shell\open	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MCZJGRNOTVEWUIU\ = "CRYPTED!"	9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\9690a2513021c69025be547b2ce313a6_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:5448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
fd6c45ec28315daae6270f1535ba21eb

SHA1
1c4578c84a823835de8fa362a15b3cd13f8b9ee6

SHA256
746cf5aa5b434650ef2473911e8b0d6050848aa438ac5c40e22de783b550440d

SHA512
0be8188d95d20b4149e57e0509fc72c5c5765549f6b5fc50ec280768267a4a88906e3825f74647f102f81ef372d2e6465a779d877bb9f4a22845fac7df063455

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
5dd916996a2d8895243c77be8522b45d

SHA1
c359e163ae8eae5143a124ee18b731397bb803f0

SHA256
842584aa4f214cb890d0a3a5523f53a27cc65550b66d1920cfccf121954ecf4e

SHA512
b163dabdaffa6164f72a309db5d573d3a83560e160a46137f68911d0b33e26034e3f9096412119dec35e7acf42da7bc79b9721041c3a795e177629ad694ae8ff

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
1a03eefcc40c7f0f8d6e68fc791059da

SHA1
f335c0e4a50d95392194431c8b9e58bb737af66f

SHA256
2ec7f1a539c113ba641fecb42b80db62712672197c5ba5c9cca7ffda3ade3e6a

SHA512
52ce39bc8cc922a49223d3726c09412ff3898cf348744ec6b71117329358c3ea4de51873501d94a56bda4ebf170d64673917c159bfb806fa8e2df48f38e049fd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
c6422ce191b2af2f1a6b66f5f8870756

SHA1
d4473138274c2ba91e4d44d0b668f149934cf9ed

SHA256
ce21ecefddcfdd7c41dce379c4770a7016ae99e36b4794d37112d799f0ff3463

SHA512
088bc22cfff8ee70b9ab378b604023680e830db95ab5451e765160e97658b2d2d7e4bf2528a468f0abc01e858a9f22e663eb41bff4ed2a3b15956d6df0f3ef51

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
d17ac25109e5f77ff170688bc9f697b6

SHA1
ac3c4675484ff74ca75e77c8c2925e51a04c5a53

SHA256
18f0b516c59aa6cee0cf9ebc38583ab148a3366ad5db45189dc220f23a6f3902

SHA512
1d3f129fde3dbf86c385b3cd0086e0dfe4809fec3c043561875c71241326529c6f4990b4d2ad47425f464e7ada55b728e33143123c9e315ff208bda6b595cf6d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
d662a3043114683aa682908226954527

SHA1
315f184a1b866202246bf78cd33c3176936a66a6

SHA256
9f7ff6ede6ff57cdc37bd21eceb9743087e2a6d52bc1b05dc9e81f6d6a27447a

SHA512
37660e26bf4c2d2faf7f5dbc92d7cdaaa0b260b9b0c4e41a3c1a4914483b492002577dd94181fb4069df367c5ca4e1ff545addecda65c240036d16e7356c0134

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
0a425f9227baa15af6a962b5201a90f1

SHA1
0a0cd6c3081930c2c671a9b5184a14ff326f4983

SHA256
336974ec00726bc78d08ca79c85b1c5b8c25edc9381cd3867f0d7c88e19f8b22

SHA512
b7b7082b46a253af62e4813101079e4f3ef89c681396fad1bd515c01c71268e3578e17c55f24f9c8e3747f724c5f72988e721a2654ae6a5b7d6a11229c259eb0

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
8f3805888a773f127f4a0e219b2a39b7

SHA1
0c233e60aa960815a6572da61e60d293b5d44fe2

SHA256
4bb7a49a43a292ee8d9f6adc10de88a71ff9f0416682814ab9cc0c639e1c50c8

SHA512
69d6fd144877c983de570ed03f812662bcf1f8258586a9801d44cf6575eba079103bdcfefc5b5f2617461c74d28c382539fcea609e7ae4733f1426d3527caa00

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
4377e7f23d98caf5c41b00206b3cb8cf

SHA1
7401a5eb2300b45e179e6b856f0aa71a65a26c39

SHA256
09dc577a11a1713a9fe0c0d4dda44ae9f5c7629213097ca0b851904615d038bb

SHA512
06ebadc479906484e5c5210c8f24885c3e2371bbf3d7254452ef32b5d5bf0b9aecb1a1372e406e9565e5519c9a35f479686061703933afc7d67fc7be14f9be9c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
356101ca175fe55ef55ea6d23ce14a0a

SHA1
873f557d6dc3bc350652a7613702c1ced8c1ad9b

SHA256
6397506db5ee0ae95166185b984a4b3f58064fd2713530f4072ed6c2f4df7fd1

SHA512
5d595801af9f73a97e08e9c56ca8b1b03bdd567b597cb9abb95bb868ceb08d85cbe24c72dd5a3a014e8e5bf93e59c0db65705e986d569f9a573b0da6afb8e102

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
a2480457be115fee3eefed33fa2f4438

SHA1
1dd3b5d61d5ff06a32a1d25d90421532d145289d

SHA256
24a97a5efd88021d34df0e83125405b5b6aa588773c2d463f8e6434e4d8877d6

SHA512
4f17465cb3e40109911d0c26cda5382c8947088f642947ec52f87c1946de10443068b32e7da6c68aa3023f9058df6cc0cfc2c2e402743dcc7b41510244559ef2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
d8aca58695e407435a8f8819ac56ba14

SHA1
3a018f3f6a530f9adae8959277a0d146d8e8ee96

SHA256
9ab6309854e712b6a72b72d9ab4ad11c649dbe3bf635870cde405899084d0512

SHA512
eb76d876ed8c51170a79677e7ea359efe08331322e905af114804c86790396eecefcab9252308bd3e71937cdc519f6e0045e95cff3838e3a6993067f8d57d4af

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
0a23738d4520b1c4f73d20e3702f07fa

SHA1
5f5b3c4cd0b4877e2827316743fdc1cbd4d1e4e4

SHA256
75073357239eb002d16266912ac5d1be3c834bc7707f01a885684c74942943b9

SHA512
653b9faaf22b4e2eda2b2786ec2f82842d3c4f37af1ed486c395194db0f7a8ea563d391d043fea7eeffa54ef9d5e509826f5287783b9d17fe682ad04317beea9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
ec4a879a5cf6a9e63c6a96ae7b7dd9b7

SHA1
babe967bba5055a1d3a34589d87d4aa5c776ade8

SHA256
19c0347c415d20fb615b289584849c8e45de90e09490785c43124de9df89fe4a

SHA512
df865152a2e21a54eb417920d45e7f30373e6130df8daab6fb810dcce9ebf8b31a0038c483ea377021558093a48a30d7bf6cda1470811b03222e14ee0c487e37

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
443148e2f57afbb0e871ca77bba76ac8

SHA1
f686235c114a9a17bf7719b536380fa8c601272a

SHA256
7d901f0d2769418b068fa9e988fcbdda67eff0eb997942c95a35a8a604fdbc3f

SHA512
8b729a53badbd2689925edbeab89db863b08eeda6924235f7c68b1c8974178add15229d0f57a30969abe0cfbbbe569ef6f0b227086e90432f78c525a714bfe50

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
76bc1759b8863d1d45d3481a3776eebb

SHA1
b937107e8e0a8e1460e74c0ad9d820a3ba952e78

SHA256
aa4fa11e013cf24c8fc39ad13bb4a6da6ff3e7a84477446f16dcf5fc4eb55ca3

SHA512
034288c1d4d6022d91a935e3f3ba2b73c914bec71446131949bbbe3ef567cc8764250fab8531231e2e89ebc496b2d7889b032841c45785f0bbd2f431c61e8414

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
9998dd8a4c4ed1ff5e64881c8066e422

SHA1
0f2439df072df4cbdf566db687acedb87e769929

SHA256
1c432cb917465613434fbd9aea1ce658bd5d60e6a4b490805d0752a8412fecbd

SHA512
fb53595d7cc6fd22b43de5e6fa23bdcd698cb91f451829eb18b927f6de63fd3e98da33e9a42e1d15d34a943e024c5f595b4bf3cda935ee7738940148f60f7f09

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
0b8f5831b19c2fd4983486ef6a2ded3a

SHA1
b89f9cc2e510a95996a7e7a005827c5294352183

SHA256
9d03ae3bfce9062ed8e3fb7b244c8e4a8e6b462f42967f464520be36897d1e96

SHA512
ff662dd58d393d692b9df3a8f8cfaf94827022d1e63c1d8a17eb35a10526b6aa0ca7b530b5e3a780155970f847d5ef69e050c7bb621d4f495201502b7596b459

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
4998429f3b68f4ac389f3eadc5534f27

SHA1
8e152ff9fcd7991b068546259f98e218f0cf2eb0

SHA256
b764005f0428a8a51f31b9a23b7239adc205b0df45b42c29c06a35cb2d4927b9

SHA512
fc5c13c755e718536bbbabcc9f441306b631b34f503f67c7846e91330fecdec52c6fcfa6f7cc23b1a44bda995b3adbfbe808eeafa0872a4c2f2667d9fb748e8a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
ea4af56405e6459b4b718d6ca6a5b53d

SHA1
54f8ee8bd70c8a03b9d9d75204faae97c5133d86

SHA256
9474b92f647af85e923553476ad890baf557c83a2d9985e5ecb809745bd9f41a

SHA512
e029600e84b3ae16d65256ff74b9c9da96aee2cf2f2432f9154b5ebbd0ec928460ceda8ff82c336e975676a673629e194f9513d8483cb0dd43517e36509273b5

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
2fa20017a198582d8562a0f28cd2416c

SHA1
15a1ea6ac6925bbd39298acdbb687c866098d583

SHA256
a9ea5be882784eca22a4dcc239004430c2fc5ce07d34dcc0edadbdc8d03a7586

SHA512
5bd2e43fd88136f3d79cbf05197df210cc66a3ead0779c88683932aaf9f100681e377236b1b8809bbfa4460d9345291ca165d5b3d9726d5db416561c8a2e45ab

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

Filesize
19KB

MD5
d543e75a191e078af1ff8fa8baa93e84

SHA1
f6e1673465e353a9baa3b24a5494eba29682a091

SHA256
9a0796eb504ae2844f5203053eb498a25401ab566e9461f09ec2ead07672d184

SHA512
db416dea473fecbb0e3d29f67a5dea0cb5652f6fbcac77820643a8be040e2650c92000683bbb6aaa1e91f422eef865fe5f8a9ba02928217a410b648f42d199d2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
cf2d5296bec8f29ee49c0a440e768b14

SHA1
f0ad309da3c3d81b14a802e6e3ee554a60dabe30

SHA256
9aac55f4509a2872dc7c57dc63f3417d038d5acb829394ea8245e3a9329a1f6e

SHA512
7f4359b996f60eed35e760cb4e8195a96eb79d12c94b92307bc7870ca138b4564c5f2b2e292d2c7c90c2bd90f1fb141f584506cdc25d71dbabcbd5f8b0512fbf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
75471d98eb771b39f74d4964373b147c

SHA1
c5e333b5d6f21d0da507565d7253831f68dec4f9

SHA256
f58ac30b6795345acd7b1f78d00d82401583958c4ff27294d1d600c69cd99153

SHA512
3d55d90ca7ca41109c434b46a37a9482aa42750da5e926a194a07b0d9655113a96e6ae893b52e1ed671180d950cde29ead195bcc4c7baa2cd81ccc9c5db4430b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
c4bcb1974aa289e82974463e513adece

SHA1
726d3982ec44a2cd56cfe099740ed364443ca16c

SHA256
144b623d0b2b70d0c89f54bdb1edee0b08ac49925ae0ee7259e714345eb9f50a

SHA512
58582934d4fb10b6238fdf714c20cb22304a5fc1d7b24395dccba096db387d5fff4ec99dde7795d1b482e017b819cb5e43c5bef535738215b9ae6d7bebf43a6e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
d0c5a7b9e818e05e5beabc8b37a85b4f

SHA1
38b61851923bc08c3d5b4ebef6210db4298ebcc2

SHA256
4f279224e585bcab6371bbf73cc81864376dfaa2986c98016d9f6bd7e9e710e2

SHA512
d25cfb2da1d0176cbbd33d3ed20eaf2780665878bc2ec8d09ce184fa3b2a6849c7c1f421ab535efdaaa5f273615bc25136d5a7434f453b464240adb9a982142d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
06ddf197a304cbeef278e810da2417b3

SHA1
1eb66077c44505b2fb5ee9cdd369cfbbe96f22f5

SHA256
984e4d1b9901045a9761e6f17c4aa53087ed04a6a73e2e1b03a27d47cf95a587

SHA512
e73ebbf815bccb07009d3bd148ef2e77f2b5f2f63d66283312f67807fde1655269dfa19e69c698b04e32b247a1d0183af452d7faa704e851930bd20ca99c0d8f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
264fc0116c8995dee9f7941b9dcc0de0

SHA1
191484f63967fda3d16fb8195a5f277c81291ef5

SHA256
688d5b5fcae362cf2c84f3c89c6defc935699f38469129b8bd0c13aeef11cdfe

SHA512
687c5d007dd344b3e98b7315adc6f43b2fa3aec2fea577412655b8a6e1b3f20ccd79e46f0ebb803982955c31e5a65da960cca06790db4f5e452058e4259c7107

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
35c773857738c8cc308589098f9b61b3

SHA1
e708e718761677d308c2cd933de56a242f91b864

SHA256
d8866d88f0489deac881cd2aa093b34d383d4dac277693f32c922d8dc10ab5f5

SHA512
c1db37d881a07b68e1c389b29e9303e636ecb229384d273f71c56ac39021f5b7f7e964873faacfdec5386302bbba6f6ea1c56c4bb5e77c4badfe3982eb5f095b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
0d256d178c2e070204215db1f85e13c0

SHA1
a04724a49fd92511ea95d337148c7824e4b1203f

SHA256
97b15d21644cecc6141734f6493dcf6fb43c1e936972d992d29a142923771d7c

SHA512
3f48a2928c5bb2832ef3c05fca4e851873fa18657baecf0f439334bf72f92f47219300658635b58588ad18a623bbbf213ca3e793a42ad58906121a43bfcd2bc1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
ae424a68fb2af73611dbab761a2437a8

SHA1
a7a5ba16b4cb2b03bb042b70c2ba08509b041d7d

SHA256
73cc2ef2cb4e75d36f5c940497a6e97cdedb89073dc0de72534e076d6c6e25ad

SHA512
3affe16b24cd5dad9caa1f5f8858d9573096d021b3d4b6000eb96551770a950463150154242ea9af50cb5832d3e5af310d9d67278bd9bb97e264260e49bfa1f8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
03026f32c5f8845d855714128e21d631

SHA1
3e851573b7061715d0e8f47ab4ab84da32d19728

SHA256
49e9b77119737e9d89c40a3ba470833da789e20c0cd536d5d23e36dd64dafc69

SHA512
6fa695089bf2b0f287104e4109844f99362aeddccbd05c9be43c50f2966ade3e2962cde173fd2ae4bfaed23ea5cf9c536922626813f9bfbe62cd059deaf2ca90

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
32654166306da48858ba12367e714586

SHA1
49b9f5c73d085b607f37901a3e9c250e05e0362b

SHA256
5359814b3a3c6d82b80e5fc5d7c5d1424dced13262c0487403e55940129d99cf

SHA512
5e2c781778f0eca1a9d37cbeac3ff4a08738dfe03bc4a310e0f3573787ed7fddbc73b63861136a0aaa66b4ca286c0a0f3f9ef4615f5d9f760403ca12d70e1382

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
40434b304e50852238b195415af5187b

SHA1
9c90db3359cba8a8f47ace7d3165d5bd01a48b2a

SHA256
df0e07147dee82150184c7e52881014313a37a17f0d9871486fde77955128a33

SHA512
cd8220198d731525575120d925365f1eb4df46bfeac4a69e7be76d67633d234686c0e5476623f8ce952b664f4a1865eecebb23076d1d529dceddee66e6a95790

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
3509f8ef0a99bafa2f2c3ae38fe11e2a

SHA1
19a2e759ea9d74b22480fd0e44d6153c231f625a

SHA256
bb84197616dc8e8858f4884028bf79b164e1c7d56d515a1459009cac64b3a140

SHA512
f180d9c7d9d2cfa9d24b85a8f23753fb3272d46ef2196cfc78c2458a80da6b09b7c1d3b3fbecd53b4f94297edd9804721f150ba68c3f0b34733b652bacc27f4f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
9b1ffee2ffd295578a531131a8410401

SHA1
aaab1a1a0d2b41eeaf8569df4f4f253a7c1d386c

SHA256
b5108f808d8c2de3c0b418f4383ae296a9301d29e41e37ae882ccc8a1c9adfa9

SHA512
fca7277b9dd598e39780879b8a20b05faa0920459b2cc1623999ca5b99921eb954e6df92d504c2e029b9a10e4de656d84f725d70b509f53ff0531c3c3f13e6b2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
0dbd1e5a657a0e660387eec2687cc325

SHA1
f6306411a95d45115b2e7844644ddc4320230a83

SHA256
65775cdf8de4144612127ee1a9be4cccbad950ba61c1ed207d26f5a315d1db4a

SHA512
3829746fa3febe30d069e69e03045b0025376c164c745cb4faa4c177e7d54250691a4cdb57c9736b1ecc92b6d324d5b9db5771f9e25a97e6bde7062544869b1c

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
cb06c40fb12130483e9dab0ec894d0df

SHA1
66654520b8decd935b767e5188de10de5caf25b6

SHA256
d4dfd18b80a3fb82f810cc6dc136b0eba625cd6b729e3a576874544ac755b39a

SHA512
37fe2fb323a92619e0afb6d9b3c9a39b7c2a536398e45782eafe820bfaea816e0dae61e81521ae82247b3f0ea1b203299d24c3fa8d7175c93cbf2232dceb8c97

Download Submit
C:\Program Files\7-Zip\Lang\ÊÀÊ ÐÀÑØÈÔÐÎÂÀÒÜ ÔÀÉËÛ.txt

Filesize
70B

MD5
2e07d07f927a600d6f86d0f2c149828b

SHA1
2cbfab45834837739f49bafaf63f1dec1cb96acd

SHA256
7e56f0e84c96de7dc45391cb351be97fe564a8275bca88e647f03694572a6926

SHA512
f9f6c33a685f0b324db426f1027fe61b2f81ba3842231c76ce7394912ba9ac6cc285bbdf26d247df03bc45fa74450d1d4a1c89eead09e41d6496646737148e7b

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
a0f37f3b5889c51f327baa9125d2eb47

SHA1
ddb1b332b8ac74a10c6351cfc81464c4c5b48ef0

SHA256
af5525e659bf85c0a7118216b68f7f6cac015cf520652f0699c1de1655b22716

SHA512
7523f38e3fd5d221e98486d4587c7b16a856510ec20ccd117616f6cc75c8237416bbb4994798dbabe7f847202a035b18411c2c609b728336f07f3c38e79469df

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
fb44dc54c39eeabc8180f961acf9afc6

SHA1
a98fd91411dacf14d6bdc99cf1b41b31f4597b2a

SHA256
0a98cbbd396e6a0bc8e799bd8cb4a3af0139511ac108d7b959dd0e9ef00d8f5c

SHA512
50d7b83cb54a968f44b2e477b5f58c7fc74e7fcf8afbc25239a2cd1b7e589defea78ed5d5d13bc69450bbc2077b4abfb130ec9ffdf2d522f1b0386d1eecf4397

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
3bb6d39b24b73a247f5efd3aefac7138

SHA1
267813164d7b2dcb2c854375f162b6c4832ae295

SHA256
86f3d828f9057e49d2dfc9120d4d4a97f95988a9e4b193ac0fdf2fecacc94b20

SHA512
75013cc31859c98324e121f4ea6b9ab4ecc3d7341ae4884d414e3c3af169dad533ddd322260e5d2adf9f792a9a35c8eee2a2f144153e6936714142075871e04c

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
39df7c518595f3f5240ab4c1a2b4a60f

SHA1
2848778f5107cc5318a4e71ecb6c3e45159ae622

SHA256
80f086bb75abb873775ae6a11ade58de8ab3091e3f338107f9cf0aa9d0f18bb7

SHA512
246c9b32e4061e1fd98212c3a9652e6f6aeed1101b822d7f045160155a1f2f6a53d41b69f226e55950c85cfcd81457849ab63e9042e5a8de9d8a41884be10009

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
d9847285752a9a825ca41380c19f4e80

SHA1
891cb978792249bcc0f6ff6f41f7952cb678b3d4

SHA256
beb3e8a5a1fde77e70f62a8423089d9f86ebd4a5aa7f25f3ccf3818db59e56ad

SHA512
17e1017fc131451274d57af347e29581ef4806fbff01beb853833934ffa8ed5c9f2f1e66767c6490d749287b01fba51c567d80abc8f95498962f7f01a999a5b8

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
0a27db412e060435794b2508ef45ce6e

SHA1
4d7d8d692b5355e97d702200a760a416b3595f6e

SHA256
bf97f03a22867aa37f2f701cdac340f9138c9c207db41c75d8f69c3fcc3806c2

SHA512
2029a8176aa7b57df8ee8f6b8b4d2bffb72e95d81a87d967a54c834abd89af363b726547f41e24f523c5399133fb3cc512893fc5dd75dcdd5f8a1746ae261899

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
290804897c1bf5d3569aba7c237a0b1f

SHA1
d6997bab44fa317e677741cc6e79991dfb0c92de

SHA256
a16d44eec86e01db24a4d25047f1495aa786eb2d06449ec553c8b3e36404f5eb

SHA512
a79dd3b9059d13af78812b5746d35d4ede98096f86825937789fc888538949c71243f5ebcd8838ac45c4f0d85797c38f28ce88523ae96402cd27f308c577ad55

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
566338a186ccf0be42e79ecc8ddbfd4a

SHA1
664afd0cfd126afee319f3f9f790cb6c463a08c6

SHA256
abb30bd032bf6728f3ceedbb62439ce61241a6e3eb799a8aa082cc40095368ee

SHA512
0ccc277a3e150b2c28e1656a67db40b50d816f3cc655aec3e8b0220dc74577ecc8663e0d333f28f3d93ca92313d4e1d575f22e81d49a9ba73dca860f69113241

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
2dacd65f7ef75e32d7628026c05e3ce4

SHA1
16bf22e1eed661a1d71c6f729c5dc95a0b5acd2a

SHA256
51342075978f27cdea1e6131682424ee567d7455f07ad07806e689e000d0641c

SHA512
b7e4314dc87dd867a82233987a5084b0b68c328432b6d97cb1ec7cb81ddf4177dc458e2a1cf3d5b943bd0ab34dfc6aaa4f47b02843212330aa2110c360f57547

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
c067048597c862a01aabb1d8191ee864

SHA1
f6e862725760275be6927d2aa844dd82ac8af1a1

SHA256
fdf04b4969ab5d6bb37b2555b82ffefcd962ccbb26a4023f801f38bbd0838053

SHA512
1f6d7fed2beb57b3b92372e37584844e94cbafaa71f25086f4971a7ec35ff61e13dbc321c5f234c05451ca0b59fd6e846dfb62d85d93499cfb849e4393116dd5

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
8921a65395842b1be500eaec9a22e0ec

SHA1
2acb1756dc2820aa7b01c62d028f641b18b77b6f

SHA256
a15e20d0ade75f32111b55a3783675e87567ff579bbca68ead6b2db6e2b48a75

SHA512
c7e52a162dccd99053528457b9c53dd9504c5f7b7485154b081f468844905dad590e4893d62eaf4a84a76bfa37de476567921978be572729399384d29b8dc051

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
221914f20994eb19ef0b7e481432188d

SHA1
111dcdb217a28a2d5498a3d6157d6f6108fbd0e1

SHA256
5c2136e7ebe285d0d0c4d5c0ba64fbc6dde81a490d5bc587cfaf9a1a5582fc41

SHA512
d4751b0caca2b32be7e87196451cd54323923dc2c7c54ce8800a9855e9c45aa0bc897662bcf64eba7e0618970cbfcdbf5f8a17e5171fd9659a7c04e9dcec4a95

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
4e3f45b5b51504f37c98eef69b66af93

SHA1
7b689747a340bcecc6742965b2e0e60847c135d5

SHA256
05930bbd7ad701ead1d655f4ff6afa16c832fc7365b46f98eb9c65dacd381c85

SHA512
eb23c3c234c20d7a43b04ecd1e683a1c3b5578678b99355d8e38f1c00b5cb71f2323364fcb24463ffb98f4c60ead7c49a9298ae33d112f30b4dd0ed9617a489c

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
c89a8dc0f219604df340d1870805e315

SHA1
7a669ef9ba19de8861cdbec894fa068a3fe957f3

SHA256
e05c074e4f3ac4abac7820d32a08c9930cbd2f714016c28fc9e6de3c93776710

SHA512
7738c4f3f47a9108e9b37ea645c0abbf8c7bd3ffa54da900dfaf227ada5959b1cb14b17004820fbdfb5ad747221fa9a4ccfff0748dea212bddbfcbb9596a984e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
a3724b4424d4fd28e2971e43bd97b299

SHA1
25975e6616aa5035277e7560cebf04659ec759ac

SHA256
6bf8b43c9083adfd35911ad904df2a183d84d3101d57fb76b15c6afecf55acc5

SHA512
e64b62f63432712102d6bea98237d9a4a736975bcec921082710a736c30a6198033f7cf81e882d5a033ecbd3c6b18884946143f4062e63cb876b880d8c29b91d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
35b5f99c921c69183e21bbbca058338b

SHA1
f59332407501295419e377757bed8762ec3d7f2e

SHA256
f48fcb309d6fdec19a0b2dc8903146b236c0bee0d1d44cfae8cfa382e2f18c7a

SHA512
b59a2e7602ad35ba941b221d557926fa887f796ef82e8d41b5c47d9beb606adcdcb9d3e2025c4031035b865a7197ebb96d1213d4d7aadd4b6d9faad141507c02

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
d6acb60165ace5029a201c7649fae506

SHA1
8e12e77f356dc60bdcd22bc2f2273730df1c536a

SHA256
eb689ddb71642107e24456221684bd7ed2e35534852c9cc8c5b69afd33623dca

SHA512
a698a5902daaf1bac42fd1a1b6532198cbe7cdd3b07a047681b3e6329993d7f11d39db459849758cd9762de043b622671f562ad5769729208fb773705676c89b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
39c3438cfaf86176a72ec35897ff0824

SHA1
f12afddb11a75faedfd0fff8acb6f447fdbce646

SHA256
623f1930d4d155b3753d3e55a067a9e63b12ce7620ca470d9328ce1f0063cb6a

SHA512
ae7acfa25186ba6ef73c4ce913931b07dda862141143a13c3ce6b9a1fa791a47250e7c45cd7ee79267b88b83144819284ee6d23c39d35f15eb2a74da80818a91

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
4708b52ce806a0d5ab100e64a1bd3a37

SHA1
189a1339e2ff5417618f39336f9a86b31b5f2671

SHA256
7c5e034d5a01bd05ea4145c98e9c5e9fac028d6db409816a5e8f1eb05b13285a

SHA512
62fbe7431e0033d020f487830ab5d71ab1b66b9db4564d2f5eb7b23e1f318a78f4fd47deda85c1aefd0b15f7588acac6d27a1823ba3a117ff40480e6a4a3ac1b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
f128c222dc59a55d44ea142a891cd244

SHA1
b3ae432b9dec073ed4ad6b44fa53b907fd96a4eb

SHA256
00f4533600dc74f78e37918f59f5c22d1a44b0e5d680332111af396b61a319c3

SHA512
0d462c7da005517a5316f0c82be4b163374d06399a2e350726115e53632062991117e6b9d7ca5e34b386e9734aad12ea2e2475f9cdf4065cd9d95a7675b0e313

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
7d0eeb4a812ec34cf2a356a728f15310

SHA1
910fbbc88d52d1c8a409ff632ceaa3e0736164d7

SHA256
41d11e3d066b49b123c851e0b641fcec2e7731bddcfae162a2766091d9b0ebab

SHA512
0ec33b72f13a3f320c654eac7767ed1e4eb28b8e767438866249363b9d671967ba90abf9eedc774d1233a0c800e3266f87e9834d902631c9e88d243828e97644

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
14ad3259301a0be120af30e1aa7335e3

SHA1
5419888636ae5aa78569c6a33470e64cbeab155a

SHA256
c90b87b80fbd1c12c42ef09fc0ccd2be4fe18425cb22fd009d7d64d04df33200

SHA512
4812a7a0cbbf60f499e6432dae860b4d2a9af4e40999a6d5f130b9bad8f7bcf04c1a551c73c3447e761cd3a2b7a7aee4f23db800d532ee56cc9ca6466fe8cfbf

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
f2813dcc68bf3515a61e3971456644bd

SHA1
75f2bffe6d91fbf214b867032df8d3b4cdbfc5b0

SHA256
0d751ef6e193e8ea06332fd3d95589ac455b0fc4f84c2ef840cc48b76b6572ad

SHA512
e5b26bdef5167cabeb3d637204717cfb6020479a7807c1c34c3ae5340a50181e7bc4cd825853df300c15e857cd3ce3547368b7877fd6bde20f0bd5c0ce25211a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
59b9ff5b808ca379c03c5cc7de05e815

SHA1
c9fa705c271358ab4ef60fe5861a765623bd72d1

SHA256
fd8dfd5a55c635c3baba6db748fc5d342528c1146c7e80249e22630689b936c2

SHA512
9d943182bf8453699eee9dd3a71ba11e7f75dbf1edcfcc536a97c8f60f42db2d743ed4d70785a51d94cbb19d553adbcd23f0ab7e21d6a6541b04644c02aa28f5

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
9907bff3d816a808beafbcc0e922e796

SHA1
32a82cce325e76ab3db5a9538c058431458c24d9

SHA256
86df4e651ad9f1bc467db2c3b61eb8beaf50e426973260cd1c4ca1136c81d004

SHA512
8e334deb7ed96d1036bb199b81a18a3c6baf7a2cc8c62a0f2f8a34580c92b467013179c86a8ef020427252581c45a91be9a98adcd5e493017b8d4cd4d801baeb

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
339d6ab839fcaa8e891b50b1ada5018e

SHA1
19b1cd672e0604f241e53b11ce8905d762b3d58f

SHA256
19b57f2f305abe35f2af5dfe82d5c1bda2ae154405b96e8f6daa2f6cf43d8fef

SHA512
2c6a68a217af95d8500b3dd2557b41a534322bff03a44c27ba2681adfdd5918d758485682b63e5e14f40f10809824b749a6879f9bee7c3bfb53c16823d63905e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
4a830efcf6867824f5c753f594df5645

SHA1
4812e9dd367c1f71586787b383264f8c74e111ca

SHA256
be545edfbd5880167a1b95e2958b550d47756c01748292f4cad88f6e09e72376

SHA512
51d072bccd0b5e33b225ba51129179ca6c402efc0eafb9ed801c5a1d8b2a1628e5624047e87249a6717022d7ce5405efa5dfc08e75abc0617b4b15afb5f680ee

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
81697c6e533c0288487b9ce47af30e38

SHA1
95f13cd400fbac07f0838616e9195b966c7ca47c

SHA256
cd09dc3ffec19776c42fc653eda4ce04912660a79a26c40978078744848a3d82

SHA512
27277f7023654e3602465d80428a83d79ec638cf52dd09598d5aebd478a0668eaee39736713c206145ebd210ae31643a2b46ec7f2882500051cfaf042f6e4253

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
21220a0dd2995c21944384085e5ef176

SHA1
52b84d67560cbe5a5b1346c7136018436986b133

SHA256
9396b87052b0e3a4e568b010027a9adb764aab31082579c474ef7aef483847dd

SHA512
2cbc107fba3156f48bdecdee78011e352fa4b9f9d22bae0bee2dfdb0a4201ff7611b3654d9383fcdb8fdd43f2f68b7d63796a7aeef17e8d90b74bdd67f503b17

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
a671fe49128cdd13f50979d74285cf52

SHA1
abd4def68183db357247d98424531179f7d47477

SHA256
e1ae738451a0ab4eacc76bedefe04bbcdabce071fd5196846e2470c3c41e84c3

SHA512
e9801eaed57b026e3026ea6b9895390598d42333b18bd38c30e37349d3a85495160e4200110925f5ec359569248616d6753ea538c678dd8be538404899aba21c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
9a823026b8f16d72f6bc6abf1bae725d

SHA1
d000fd8e500a16e57242eeb726825d899e15c7e2

SHA256
dd7e0f8b8f885df94a4fdbf8ecb481f95ac91c555211faafc84c33e495a42181

SHA512
fd2e9aa7a3733f6653617b1c647e1d61303e1e53649475672c520ab3a13e0e859e9788c2afa7ce07a3a4a0a14cc5404d3da558fb5f5d4e6d634233ce1b86ccfd

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
e64951cbdb969197fe72f3581ac1bad0

SHA1
dc21f02db126a3994bc2d050d9eeb940488fd2e1

SHA256
27718612bdce03abf39d748c6703abc0619e15b3f1d238d9c1bc83a1272571da

SHA512
deb9905e9eb9217ac3cbcd1d4dd32feec2ba4e86be40694c7a37b80e026c4cad4a35f45fda142021689cb6b81f4719a5b5357a63b19e88d07849dce9ff906b69

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
e483f162befcedde198e443ae45b9e42

SHA1
c1ea1e482eb9f593b6baaeaea95aba7d50b90892

SHA256
c729bc1d1f0a4e8dc967925fac131ece56ef072bd4e983384fbe2d87c54213c6

SHA512
29d49a2cc199ff9d00f3f78fc276e4ae16944183b8fa8c5f5cb0084cf11361b03629140475f7900ca3659b1e94bf6edf408ac07899274709981104ac2da6498d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
18b931fb55d1c2b087faa80882f32ea4

SHA1
b84b9449776c28f03b7d94d87c280878ebb65867

SHA256
66bed9b7bea65fcc7cac98baf2aeacaeac9e33dfcf463f0f5ed24d548f746042

SHA512
ef977a911bb1966c8df1261361195c2b8a023854e3ff24c9d08a9b830c7f0e9e7dfa0cde37955c3edfd7ae5a1129112fb52c89455d01b42026d71c7d7099fa25

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
c375e83267379a6ffe9dfbb5c83fc6dd

SHA1
cd4e9759a173bb3ef39bd5a3b9d582641277cbcf

SHA256
cf81eb18f73ba30ce7f222e4d50da38a92866a04839a6c3bc1912e73d7387655

SHA512
ef5c568a34d2d0493a846cd11afdac688cfb4e4c4b96b08241dc32adf3448f09418c7f495506520776dd527cdc43491277d215507e11361f74e4b095efc32306

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
3757a65f1b043ad5f2e4d7f1131ec8d8

SHA1
b0fcae40d74d9901e32027ab22dea2c201a5e501

SHA256
fe5fdaa28be2f2b67f87f863160adbed16b91b294505b8a43ac88b37e9ae592f

SHA512
0a91fbe77d8adafe8a3f48027121cfb6e9e45d3b9adc3e90f5397ecb7a3c33f0bb3b7878dfa4fb5bd6eda388513dfec4fa795f826783bcf1e5d26ca63eb665ae

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md.pizdec

Filesize
1KB

MD5
ee78173686721e32c49cd005eabc884d

SHA1
754f3c336854aef54ba867dcdb8a406271e4be02

SHA256
1c259d79759e289974e0fe9b65cecb37006e7d56c5e73ea4a90f1fa21ea1fd99

SHA512
6aebd3979a72cc4f844b86124646c69dba741e3e4d8a65b928209f7d28443b4845c5eeabe2a2877153129ec28e0e48763461b2e357eac2f2a7328a20664728fb

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
fd998ab9a19cede72ca8b33ac0fbb17a

SHA1
bf12d2cc7135db632dc490d374aa8f708bc7c960

SHA256
6e046ddd38c821864e9d4f4b4b1c30ccf37e7ba846b42f019cf938cb1541f927

SHA512
bd907186b0ef1b4c12b7fdc1833481b215fc9f0b6ab5f72ac70697cbf9d522ccdfa11df8eb47f03b4c43dee839c4156e3a08dfd9ab2e7bdf9dda2ac5a1e9794c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
81eb024eef46b1dbaa3351a7da89d1f6

SHA1
e638ef27518ad13aa86f1b817d08f4d0205c461e

SHA256
f0f839db2d45cfe2c35dfd55ecb03327b9a397782af87bc004eab0e956d5a175

SHA512
7d1c3074752108a71c9dd5d7ed3d1e0b6663e17067723485eafe2b43c7e12246242b249c13d4593fc256ea83c4c4676a9d1508de02e3a9b5fb324a6c45259636

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
2970049cca604e96b88541911d9e1b73

SHA1
b6420322cc3437b1de4c65ab9214125d78c4cd28

SHA256
0a3258a128d8ec6cffd48085eb9bcdeb618bbf57059b651c2983dc6c906f9294

SHA512
6289a6b4b01833d75e76f291cc581b2a8cf5da6b22c41f58c846a937e0a687250bc72590e5f92b3a3026e7bbb82197629953219cc11f77dc964bcbca280925cc

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
4ad79d8046e0893ea9156b1494d6639f

SHA1
567433e6eefd3b7e79eb6b7d8e0cf53eb6234715

SHA256
ff80f64e6048cdff7c15a23db7afca35bd3ff8cc83f5be333a737ed9e2008312

SHA512
2cf2be533ac834f99ece0005858a8802db84981ddc499084ce18c36dd792965ad9ff9b326086f6331cb8a300bb9c6722cd042152b5c6705eb32d0b58d0bb36c3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
27da8c9408dc44eef203759685cb84a1

SHA1
e7efe87bd0cad31c46fa50b3d09585d3b8a7f2e1

SHA256
f3c14c5772ff5ba39ac34847db8e8059baffe82742a2200f1bd8388c1eded2e7

SHA512
57cdb23d30ec881af21b7acb628a389ffe50715d460fe12a6c8ac7d83a778c7b48f74bec2ae6a2f9cf34c0f5bf28e64b4ab9bd5dc96f4ac7652e84e332faac9e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
daa9385b5d3268c67dc99c2c841f4205

SHA1
d3c5b2c57ed943b3533f266080d3e5389bc5f17b

SHA256
d3efc3e1d785c11efb5c85b8932795a6cceb13f7b872f53b82403f9b74f7b811

SHA512
b0e256cd3df4d890b2e26c66888826fd8e2bd3f965d1c688644c3eb3345a867ceeb048fe896f94cdf816d45110736a0d96b9db5fea3271c91a47570f9ae6219d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md.pizdec

Filesize
1011B

MD5
32d594154b014bbb8d15975d81633cd6

SHA1
62aa114361e99049a4190c4d9fac841449e490f5

SHA256
048eca526e1b9d40b76420dca9dbd5d7c470d9f8a50970967209ffb5f6872219

SHA512
2ff822b59df2efbc258ff6cbae367b68fae1d325fb4850f6d550dad2c7effc76032f76137e5f4c2127527fcf99fa62ad53e6c9b23a36225771bae10030965449

Download Submit
C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-001F-040C-1000-0000000FF1CE}\misc.exe

Filesize
1014KB

MD5
ec2dbf06f71aaec68d3bb87b701358f4

SHA1
87836f2e36e152cceb22e025d877d1c44caef6ed

SHA256
9c605dae47dcc7637bd73c5391d9ba6d05dc0f70e2b4d57e7eb3e277f697826b

SHA512
2cad5e7a60a5b512f982c2c9029ee4caedbc6fbdf77c0f06ab99590d54b6080e8e855fb803b908c5b56d28e75ab39f3d60c862a284a84993c162aee9a9a90e25

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk

Filesize
407B

MD5
4a3a75f232e1fdbe35ec1fb94bf1a748

SHA1
a2bc851e81687310406ac1c2116708d0d909214f

SHA256
64c8191fac0b1bcb35f65e2d6ded46c383ca98817b52a99395fbd3f8caf5be74

SHA512
2ad255f784686bb61137e514354448b9ad22e30aaa995247cac0ffc49eca001d54418c3773e667481902426b491f469083c0944b52338b617c8da547988a4603

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
8287ea96cb08582fca386b37bc474fec

SHA1
166d18e2cf8b200dd7c9b9cb9192f8d3e3f520e9

SHA256
9fe45e6d150b703a4974ce9e956b265db742cfb9a66fdd112823be3b5256b013

SHA512
93824fea1ae8a188bb88070f3867d6452094669ec86c7ce042dd476b8e79b57bee47d030bf1167c7ecfccfa8ef4dc3a00cdcf72c326c0701e677759a0416cafb

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
357fbf42ef0508bc44b271f28fb6420a

SHA1
b9343cd2d5bed9a98150519871a9a58ce80cfec2

SHA256
6241b37e7a4ba7856571f24066d05170a01127fc6b50760765524a312f54f976

SHA512
d87c12ba767ecfa063e0dcb0438179f6560ff6197a6140609c8ee8f18bf8b2e81dcda0d2ea16d77971fa14cbf59b4e913ad45fa71c03d8ac7d98a1975d9a2061

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
5ceddcb22b10b4b11dcd0688038ff539

SHA1
00c17e6ebe477f9cd1e4aa163002e33274ee33a0

SHA256
92366fcf63bb17fdd37338417857541d96ede2281d3517a1407cfa684009d36d

SHA512
529f2223b2a86065a12fd79b4ff992c1bb72b8286adaf43062e72a7ea29f70f88c32005cf93759c4022011d669b5eb2499123866917c0c56058f5a5004bd6e3f

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
28ab2a193772b3d47cdfb7ac311c2004

SHA1
71782f5639da464f39c262f4b45a9c5927b40274

SHA256
259075ef3b6609155d17a6c1e73d272f4c41fe46d5d024d88b88305535965581

SHA512
d25b0c003df4bcc8225ae25457143eefbed1e231b71571694ca25335a5f81b9d44c7ca026482fc8b2b21a02f8bda6823429766fe6033f522ec3fbcbe7ce9862a

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
0ce7f593a5212cedb1e6c9847c510850

SHA1
9b2599a91a9141e4632483e36eb45c149adb44a9

SHA256
2699f0f85a3a6fd6ba7b223eb1a45437a89f186bcb312b42786dfd8ceee50b53

SHA512
2c5ff148cafe1c28384c1e02c78791d225ed7ef7039fe79ea08a2f4329bff51b9e07fc6ac89cead8d7cb8960a4e5df449d410560f866d174b68d926eeab08413

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
1d1836b02dcf448cbf897265189f97d0

SHA1
2514f529e1795c6e2f6f92065d194c9ba31a4b07

SHA256
7179a94fcde23259219aff694ba90ad13c9c4cbaa3a73d9f5ce67addfeed7608

SHA512
bb74c57c38f20b809ff61f55b79543de3167fe6e0949d4fd78dd2ab9c156e9d68f4b46e247f99eb094bea0ee8b6e912999f3014109c349af673691ba7dabbb15

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
34b8d6bd229d9302d81139fe7dc09552

SHA1
e9d79f7dd51e614d71d61a8e196c95ca822a06fa

SHA256
0e4d7bff5391fa9bbb930922f62dd35f786c970a63a14fb80a482d835eb71f31

SHA512
3691907f66d78cf2c8f778904678f2821ab1555010a5277201bf13ad00921255461c30c30f82f537bf5b5c9b3f5c90fee0bdf776b63a7b67457a5c150f1313fb

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
7aa0b818a4113175516894b33e99f895

SHA1
c331834e02f0a03baaf4dd40ef5e2a3adb41e6f3

SHA256
0b5a17b8cd706c741501b1d30dc2550dd1c562dc7fddba023057b48ebb9d7666

SHA512
c8eb1331e5c695a2ddb81f13669b831d1e31528130f814eb62e16f4094c65dc1cfe1b7fbc7b3b419579936e000c0210a48fb298893207684d13cb0c1cfd46ff2

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
e9980532d30168a8fe89846250472071

SHA1
c31b8066d1e597cab2b7ce67b83a5ba8dd588db4

SHA256
9ff84f55559d59b75da28e10e1ffa7248b6f5715f0e4a126e3185f8798b72e43

SHA512
8e14f4110a40232ba7360cc317891cc5ff4124a5e08ab851f761a74b8df8d8f545d0bf8d0a0856ae250fbef6dcb6585b0bd34d8861b5094593766232017b6ae4

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
5d8fcc29e88ffc29db1fe1825405ef74

SHA1
a0c963addbd06fcbe36cc64fa3fec7f3ae20e59b

SHA256
bbe0ed4cb25f74c39f6cdffb6e63ec13e6f3b41298df5f8a3526005d1b0988bc

SHA512
52bcb14399b41fc46a17f05061e5f1753dc1ac4bb413914fb6230a1587e19f05917b1a7b3d71a00c2262bb5d2199504627ecfc3c28b2b1f399db332bfd720259

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
b4098e9d79282245b59849f54f889703

SHA1
e736d78a7f38408b6efae59ba30d38c1ab43d0e3

SHA256
3c1d92680cf5b0434235800d1ae866d9e3183969ae0275ac38fed1b38b183030

SHA512
cb3114c731f9592b0eb5a7dac0d7cf4014fd1ebc16a25d250be4ae66a6a6dac591f7e3bcd4f8314a47d0f2f9cea669a080032f3bb351604036bbb68a45e5303a

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
fee35a49a8dde45f6e0701ab5aa27a9b

SHA1
528eb637978350ed17c9b2022fe972cecfb9b27f

SHA256
445776130c7cb28390cd0e92a9c72f6e58c6e76c9c4a0c85507ecfa6f1d90119

SHA512
696b1ea1172b9e391848b95262cb4fcf596956f5c6f0798db799fe57c4699f1e1394380be46adcd3e731f6804f43c37e2230f2a65089441bf52bb2df68ac84bb

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
b93afae955631b4ee22fcb8260cf111e

SHA1
ffe19972f652a2c6b84d5a5ce2a774debf6fd849

SHA256
362f60cc08ce5f66edc74d0659a07d61cb3a6921bf751dd27f67b0a130193cc2

SHA512
e9b165c241c75b841787f3a1e203ae50427512f5ca3f5cf3cc77540e1469994253fc3bba2230c27d9b0c51877881a36ae19e901929b2a3f6be4caa291f7a5c82

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
1a4aff43c9d4e13543abd603566b10a2

SHA1
08d5637a26fe7c21309223d8b75d789a2081402d

SHA256
69583f6ee7e97e7af96a05d01681507a51a9619a3f315afa9bb252783c204dc0

SHA512
536d3f4bee52c563c76fd368b2f53390c61dda51ed3ac1019facfc7a3a86385f422a1e8a91eb50c248363bf208c132763c3570808654439fffbb60482a760786

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
aa3bb6b3dcdc22b85c043efe5d06fa1d

SHA1
2a17ecb1ade5fbc863af9da1b158e51a9948a324

SHA256
394c043357e59c63808282e8e10344dd88ce0dc4821ba3a5077ba2ff3708a5ca

SHA512
5a09ff78a0aada43608d5f08a8e08b7a967392c9e58286c6b835f0268395de55c0908161509e38b9fff1399be5cb31245be9e9f4c80f1159f9175ca0a482661b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
6be85b705678ec1dbf8c5b4d3cf76125

SHA1
f25e9d1254ba62657a545f632ea9d9095ddabe1e

SHA256
3157d93e18337789a7fa554614e22d9bd4ee0191d20c1395b0306865144af9f9

SHA512
eb2bdbc18d9a3e96d57e3aae4694ee2b96dd9232894b2f900b14f2545f510ddf8d06f1313f0bcb181e15c5389c9977427d855cce5a142d9fdde5ba9e753a51fc

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
d003417199281fa17db888766eb06784

SHA1
15a1a90cc83a7ecd16acee2b674b9d4d704bd2af

SHA256
2b5062e5e9343610b78e6a787e8abb45b1bf8c89d294fc890c33f7a07bc3dad3

SHA512
f2236889221e60683daa62e77ae32aa1987ddbdd78851f4891f5e9a6eec2146810bb04a78297aba395b3f8678625332113355c3b70da37e734498839cd4531d5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
367074b893edfc7549b1b59d23cdff78

SHA1
cdee7b9fc20d23253ccf63264cf3ff17bb300d38

SHA256
2dec6b110c87101595bf4abee4e89d2982aa2ff427db6dd48dc61369281c017c

SHA512
33c961190c7c1b3dbc85e3b7bf77342b5ffe71973c4dbc9aa69188a08af8066e469ff0178445bedff44eecd18ed65e21407b8e0e23603447898e2b1a64385547

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
4f5cf5bf7c83346152e238e2d044811e

SHA1
78971337cbf80e35d35d1bec9c20c7bc53af16ec

SHA256
28080934c4d3be4e8620dcb8adca5882a0f6171d3546cd2a8646cb3dbc7ce48b

SHA512
7298adc1af3995f33a1843f537e905f8a2c97d05d1e6b2ea56a836ba3aed7581d1283ccff615b83fcdf4ab9734e146972209d7b564afce5196d9823467d7c74e

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
15c587a469f8c6fbe88b7970aefee2e9

SHA1
73077c72ad5fed8f74352941b4d3a1c4925ea271

SHA256
45e3b5e4f77fbad3e61ab7bded28f09f6282b073e31d00c8982a2fb5ad8c3916

SHA512
86e3d44388ffbe257eda0659fd5c34e0e22ce8cb46bb26e66c6f3a6ec325e1d242874febc0f6d4b30c635b5b28352b0dff8a2f286fbb6a3362bca521b2928514

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk

Filesize
1KB

MD5
cc2b098b3d3f7d91de24ef8410ad5459

SHA1
f2cd07828228e948b3152485c2c28d9d4b00638f

SHA256
6dc89140a2e835dd96b30c14480c1922c66b72b26314da5f068af01c8845413f

SHA512
b7a52ef82140dd222a0a0210d87fb5a667e6680883565322165aeab6ac535e51f1adc4836e82709eb64b44bd8784b94787b158f4b690b93292967e9974dbb3ee

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk

Filesize
1KB

MD5
5d4ac576738c8653bdec88449f1ed49d

SHA1
b4e9d0e665c6e926db83941becef60bc94ba41a7

SHA256
f10ac73b749f051461ab90865ce2d13fe9fbaebfded7d28ebdf108edd774a1dc

SHA512
58859b0dea528d5b017df3ad2ac1bc6e12fee5105e0a455a082c78887ff0b1bf89a5af7be18073b6d5381034804990a42fef04b39cf6c05ee83a5bd40fd319f2

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
70edaef6d8cd0346e6319e2a5f70ad6b

SHA1
65d36b5f642557d079c24f18c9d7e70331dcfcfc

SHA256
c425a5c0c445e670a85e0a0bffdb8257d6ea498f6e83c89f9f45c3ec4ef8426c

SHA512
830e9f7af83e6408bc566fdd1ff1328e306b243c94a0edaa869686388e106a5190c0a4f30c62d850ddb7f599e39a387fcb36ef20f0bae96c34741dfd4ab37844

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
d1075b94703bcab2091b91c42779a923

SHA1
fa394ca0748ca2405037568b6c837f7a1cc9161a

SHA256
0bf41083a96b28e1dff336547aee45bac19179a1b21c48917164bbe7bcbf8c9b

SHA512
d32527f264d305c986ccbd7984e8e0fb5aab960f00efaa85abc25841d6338bd688235e27a0667560255a7a12fb6429b278b9df0724c9432fbe0da50cfd0ea31b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
aac1505d6ba272f15bb23d8e31c14597

SHA1
063317bf2879b0789eba278fb7556d458540a87b

SHA256
73f627e3c22ecbf056fdaa13274fbdaa8ede2a10feee2464ce253b6543575d64

SHA512
0d39d0a357ed0777fcc8adbb9fba508d94f16151e4eff8cc17172130a9424583a9d13495074069b99822feead16b164ee6cdd2b826913692d08ea89c60245a60

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
baa943a9bf5fe8ceafc412b14531c032

SHA1
06128103c233da2147da3b7c52457503ca86a55b

SHA256
4d8d8f18f3a3f6806b00885350c96470dd134c244a095026af43ee3f05e44414

SHA512
3f933e0be2f5e5f82a7c90d799faf7c41f4d5100114551f3bdd1b7c0fe3ff85b4850d03846d839890a960f4a713c7768b6c6539736ca92385e83fa9bb63f6249

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
483faa817235c535bf8d73bfcf6d9c94

SHA1
8b136c8497e58e78dd93e539d22a161bb4fc7520

SHA256
91392bce02dbf197d27a9603881cb329d5dca609316734c360c4c3c8feeca1f5

SHA512
d7f379f0bcd039a3f88571de81a249832300cb8aafa3da2c740a424729dcce270dd8178206748a02919b1c04a24048651dcefda78172b8ce890bda268f752df9

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
211483a2158b516ff8b27981c4afcfbc

SHA1
434311a2aadecdcd60488b6c337e04cfac626de3

SHA256
6553c66398b3920250b005b31de79dd67bbf6c48eb66846e965fa1d5007f4acc

SHA512
fcdf4a67d22d353e812cc731803ff89a8516b95b7ffe5d0b1fc675dc4ce897578501e55025ee0b251cf3e39e6f25f98872136c4aa3f1354f2bdb31aa8c53215a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
54cdd2245ecec5e9785ee49ca24d5588

SHA1
011e4c62c05e6570b167741c16ceeb28e34c192d

SHA256
a4409e6da870db1c9ef10416e710c6fcb38d57987f5db99964b157adcb9fc7ca

SHA512
4ff2c71119854aefad48ff84cb92705e517e47d3c406db3c6da8c509ff5a8e52cbe6bc53a92c4dd698518018c50fcfa2fc073afe925310d07c0731aa0d004f43

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
39d044434b7a042a1898999b429a5f80

SHA1
628e76eac8ee410c02973f8fcaa6ef04b455e0dc

SHA256
a322c2067eaa2ae697dd422a944995dc4cfc6de79fc8f668f15df743b79ce0f6

SHA512
7f826938484189f5a5ea0b4a272ecde9f306c4953ba282f5365b053bb8ab6d8a0ddb0bc72c59c59bed633deeffcfd82ec9fd93f7762c83d307c9709b1834db81

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
66b3f58dbcadb250f8cfa800ebb7f516

SHA1
69fc753c656cccd10f8a12471bea255d63f79562

SHA256
67872e6dbeb6a4752f5b4b1aa23047913c59963365f60f9ba4a79aac36404f27

SHA512
f6d22809e2419f0b08377be10697145f71c301a59ca79f42b34a1aac3d21025392ad8a1ded8162c6852b82ee7f1adb1794b2dbd04883a5197a22facf9c129599

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
6a3bcf16fd6d89fb5029dcf774d51842

SHA1
89821e41c97c6f0568559b05274179c85db727c9

SHA256
96a788d678c5599c36b33e122701823c9ec7f8b01a09b95d9227850a6a9d5230

SHA512
38bfce96a6107619e2152cc29a62f919674bc71018ace0573950ae5f44a4584353569cd5a60c6072a13267962316861c265244d4b40bbcb7a31b37076cc33171

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
955355b2a4844a936524c359ca9f4f4d

SHA1
127f9b9d4766ee23cc556d34ba80476aa8932814

SHA256
0afdeb209189f982f405729512ea90e00ac73347ea17771830bb442a1350c5ce

SHA512
d65148aeb017ea9ecb54635507fa0c9e567c816a76651a01846681af37428c4d85eed1fb93fa52914cfe0872e41b8fb2407baea022a761f6a211043503d07759

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
0fd051c53c2a8fc6f24164c37cb7dee5

SHA1
022cec90d72d8edd22cf1c6be7095ec3e39cb820

SHA256
5ebbeea80c75e9965eb6964dba73aa99ec5352126855f80ca0f97fec8fb1048f

SHA512
ac88a0f047390238828686f043928b49ca93381a7db326a17a57201eb541b9e83ac89dfd251c8ce078ce7b28d6178d802feca6c6590d0420e8d9215a53758551

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
c8d0fdbd9a21dc4471adb5017b96933c

SHA1
a06f68426a8f1a717082dd47ba239cbfc4789cae

SHA256
758bb29afe42b06b8188413de911b94ca599ad676db966ddaba6b44775ef8208

SHA512
319765605e84b1529400bdd323cc7fff6f016a77f74d5d1d52a5d0d1df768bf57013dd6e6bb39dbb440ea0b6fddebb009223aabbd2685b2e2d60da5a5df1f040

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
cac2e208180c4425df30e86e94e06b6f

SHA1
9eea2a2deef253dcc15c16c72562a29c45deb0a2

SHA256
40fcf8960bcae5a90e39bea017af98c2672c016d068a3de588e1cdec39f73798

SHA512
1583fbf39407fa540497aa5d0dd6312c5cc31d1057e50129d00cde140696697c2eb7d0541b00eed90d107cfc84c740e0358408c13b18cc3ed7dbf6749bcecb81

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk

Filesize
1KB

MD5
013b13e30b5265fcdc390a0e8a142b08

SHA1
7dd5cafab90dc4685d1c04af0ac8b131f5b447c3

SHA256
10ab57a79714105327f30eacf1fe8131acf33e99605a57298e1a7ba3eca1faca

SHA512
258d957ea81b3455e38b6c7efd18fb6e4cebf78fc0cfb71651e8a03c6945f0e791de2223624e1d00b846cce4f5d45ace59967fee3137be856fe56e82dec1d5b5

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
4ff44f0bb6c1b17361a56ad26cae637c

SHA1
d0dd94d4fa3c046e0b79732af4e033b0b2cfb224

SHA256
d03286e31c660cc7ed2583e8ed706979ddacfbb036c6e152779e14c3ec96304f

SHA512
681244ebd55e0c93f03a782412aa7ff503e6c9a415f8337388cdf8d0eb699c133d30a42a1643cbb0bfa4216025eee0636fcbcb75d346df6e022cac2451872c6b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
3f9d1b0cdd7da75bb7cd70e0bbafb6d7

SHA1
ea64ce5f3b708c5019e895a31eced2603b024d96

SHA256
02d8b25d1815534e776390ec31f17341b1213defc4e3fc9c0c7c24844e9dfbb7

SHA512
2fd6fc87ddc2af4b54ebdbd03858b5b9b8b6743ae487bfe4489097b28f47a3158c728bfd41919fd84a40526c59a55197e4045632bc244496c966fc3524a57158

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
2e8e024cb7d908ad3d7956caeebbf2b2

SHA1
2d6dc06237a5702894066a6464a175f6ea250afc

SHA256
093828689685616b76a66950b5d15d7d516edcc6ec9bd0988f142643dfb1d3b7

SHA512
f4770be7b00481b1b0fae66887b2178a34dd96b9830a652bd32eb4e6714a9b737a2db6174a0183d40d2a86082c2885e99431a015fca0508325c7e1a9987018fe

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
e6b4aa01470b2765a170bea9dda2bbb7

SHA1
ac341ecf8f3faf2eedad97373b04348d7a4c84ec

SHA256
ba36da709007c0cc0f3b3ec8bac9eebba4e86e70590371798d3e0fe2738a2f0d

SHA512
e30aad70c1feb6ae12fd96138ecf5ae6ec4df59c3771454d146cb0b40464add12cf58662efa2c85b0aa164ef6c0e77982242e35cf1f17c6efeaac3d1ed0b163c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
3375e0355cabe82f489b368048fa1abc

SHA1
abd17a2a3a4edaeaed48fe5ecab0a1a4046fc17d

SHA256
64e83fe66075c5bd8a75e4ee4f605a926273319c2d86b0e59564de63aa37c932

SHA512
8fc0060223fa763cef4e7df4035ae283ee138d8c13df41c3d299c796aaea62a349c396c17726175054a14a58000c6f1893774255a269c8b9349db7875d719ec3

Download Submit