6b73dba2d6e50f1bdc5bb31a8afef5f974180bf612353193a0cab3ac3b5ccac1

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
26-11-2024 00:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe
Size

431KB
MD5

9ebbe7f3d0d943ed49da5f96265456cc
SHA1

4805b176dcf5d84052ffde9c4cd14c7b6d8b08d2
SHA256

6b73dba2d6e50f1bdc5bb31a8afef5f974180bf612353193a0cab3ac3b5ccac1
SHA512

5ae5d9700c17af165fa3c68cb85ffb1689a5fa37e6207a4ed77bd3669e21c479b287bceefb713509903677fe10c0941f24d8296c0e2a5a8e2391d44629935e65
SSDEEP

6144:Yg9R9ROR6ee9c8b0RsrJ3n0dK2NP0RHx8D98WTBPW8fF8oABm1nKw:tNeegqwKhHSDeWTRW8fdebw

Score

8^/10

defense_evasion discovery persistence

Malware Config

Signatures

Adds policy Run key to start application 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

alg.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run	alg.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\lsass = "C:\\windows\\alg.exe"	alg.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\svchost = "C:\\Windows\\svchost.exe"	alg.exe

Deletes itself 1 IoCs

Processes:

cmd.exe

pid process

2600 cmd.exe
Executes dropped EXE 1 IoCs

Processes:

alg.exe

pid process

2552 alg.exe

pid	process
2600	cmd.exe

Loads dropped DLL 64 IoCs

Processes:

alg.exe

pid	process
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe
2552	alg.exe

Indicator Removal: File Deletion 1 TTPs
Adversaries may delete files left behind by the actions of their intrusion activity.
defense_evasion

File Deletion
T1070.004

Drops file in Program Files directory 64 IoCs

Processes:

alg.exe

description	ioc	process
File created	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\RCXC4D2.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\RCXBF64.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXCFAB.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\RCX6C15.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\RCXBEF0.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\RCXBF33.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLSERVER.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\ODeploy.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\MSOUC.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXD3C7.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\RCX6D8C.tmp	alg.exe
File created	\??\c:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\Install\{FC37790F-E395-416A-A1A1-53BC987E89B4}\RCXC783.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\Source Engine\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\RCXC540.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXC74D.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\XLICONS.EXE	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\RCX6BE5.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RCX7F3A.tmp	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Windows Media Player\wmpshare.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\alg.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXCDA6.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Internet Explorer\iexplore.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXCD48.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXCFAC.tmp	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\FLTLDR.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXD4B2.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\PPTICO.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXF0E1.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\RCXBF54.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\RCX85F3.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\RCX8D74.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\Install\{FC37790F-E395-416A-A1A1-53BC987E89B4}\chrome_installer.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\RCX6B28.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCX8E30.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\RCXDCFF.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\RCXBF22.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE	alg.exe
File created	\??\c:\Program Files (x86)\Mozilla Maintenance Service\alg.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\alg.exe	alg.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exealg.execmd.execmd.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	alg.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe

Suspicious use of WriteProcessMemory 12 IoCs

Processes:

9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exealg.exe

description	pid	process	target process
PID 2080 wrote to memory of 2552	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	alg.exe
PID 2080 wrote to memory of 2552	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	alg.exe
PID 2080 wrote to memory of 2552	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	alg.exe
PID 2080 wrote to memory of 2552	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	alg.exe
PID 2080 wrote to memory of 2600	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	cmd.exe
PID 2080 wrote to memory of 2600	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	cmd.exe
PID 2080 wrote to memory of 2600	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	cmd.exe
PID 2080 wrote to memory of 2600	2080	9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe	cmd.exe
PID 2552 wrote to memory of 2684	2552	alg.exe	cmd.exe
PID 2552 wrote to memory of 2684	2552	alg.exe	cmd.exe
PID 2552 wrote to memory of 2684	2552	alg.exe	cmd.exe
PID 2552 wrote to memory of 2684	2552	alg.exe	cmd.exe

C:\Users\Admin\AppData\Local\Temp\9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\9ebbe7f3d0d943ed49da5f96265456cc_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2080
- C:\windows\alg.exe
  "C:\windows\alg.exe"
  2⤵
  - Adds policy Run key to start application
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2552
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c del C:\Windows\temp\*.* /q /s
    3⤵
    - System Location Discovery: System Language Discovery
    PID:2684
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c del C:\Users\Admin\AppData\Local\Temp\9EBBE7~1.EXE > nul
  2⤵
  - Deletes itself
  - System Location Discovery: System Language Discovery
  PID:2600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Indicator Removal

T1070

File Deletion

T1070.004

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\RCX85F3.tmp

Filesize
58KB

MD5
51ad8237484b8e83f1311879cf553784

SHA1
85c5c716d356d502aa39c79cc0cb52b24979ea2c

SHA256
3c4b13019fccc1015b1fa53e5b8d0823141069149084e6a951c3758b0bea53a7

SHA512
b7b84ab7acd5f726fa8e8eed644b9d6194714e0bbd53b2b17f2e0a3096503d17db99026e7dbfce6a3114107be6d8bcbb90fa8a1a7b0ce838974b1662eedd87d5

Download Submit
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RCX7F5A.tmp

Filesize
59KB

MD5
c07f523d5480ae7ff505b6e316dbafa0

SHA1
da8185c200f1df51075a555ff58d8833b21a61b6

SHA256
5f1bc78504642db1c97e90631a0dc38b45b94c7ef991891b69f1eaf65e55e47d

SHA512
b918bae8e5952cdb94568a96f018ca07c629d26fea7547ff46252041c7755dedcda48c9f7fa7646cee5dee61d8ce7c43a7c894e59020dd745218c9073b173426

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\RCX8A48.tmp

Filesize
60KB

MD5
e3567e6225fb6f35e582c1c8c927e386

SHA1
5e6ea7e9ae33265ad0ee7380d95a2811b3acffa2

SHA256
221578d3e7c96b8f000dc2cea0ccbf4af4b931f4bf167b33b896c4fd6e7f4c2f

SHA512
c53a27c52e645bee29bdff0054dd7810f91a162713453217a914d1d90f690ffcce4151f3eec03e6e5ae322f2bbb70bd21004f4acd86798461404f6ac5da7920e

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\RCXD4B3.tmp

Filesize
57KB

MD5
6bab486dbb9fa4c5d5290e3af214f731

SHA1
70ca0ba716bf1f9e5b5e233464bac29f32fb81bb

SHA256
4aa20d42e31f9770e38ae91a034aa81a3a9fb995e910760086b16d1ecfe3dca9

SHA512
58580f7ec5e8fe804213b591092fe2b66c93a55a094b645e69c14f295eeb28d6115f78dc2a4b37aca97e226e0a129bcd126d7542d07f9f55bc9e499a4b137856

Download Submit
C:\Program Files (x86)\Microsoft Office\Office14\alg.exe

Filesize
84KB

MD5
f31240eb8ecb535ccd5f94d8ce029608

SHA1
439e2beab9173dccb286f2c23031d451e2bf514c

SHA256
89188cb7da276ceed287c5beec3bda622c8f99995b853dc8ad142c6b43f72790

SHA512
05a7eacac00e3169794f8fa26b70599d346886a18570c17f32fc7afef0cb7473a3b5de5d5c5e47f3b300a577b9c5031183efbfa8493fad9e4d7e44c7f0e57387

Download Submit
C:\Program Files (x86)\Mozilla Maintenance Service\alg.exe

Filesize
67KB

MD5
2eb073e504cb2d1ca7348d0f1bdaa4c8

SHA1
66587353d6d9b067690cc68e420122ef89b47ddf

SHA256
613889135be06ca1c91d6fefc2fdf0b2ad369ec7c3b6ef03cc8b3ce775c26eaa

SHA512
c92f9732f6a981c89cea14f8f02a27e9066e821e9f1bb6ab37ddcddf2f8c18e1f2f992d28d02c1d3e65dd2f2ebface99a3bfdb2b9932abb4a1e0ab307d13ef2f

Download Submit
C:\windows\alg.exe

Filesize
431KB

MD5
9ebbe7f3d0d943ed49da5f96265456cc

SHA1
4805b176dcf5d84052ffde9c4cd14c7b6d8b08d2

SHA256
6b73dba2d6e50f1bdc5bb31a8afef5f974180bf612353193a0cab3ac3b5ccac1

SHA512
5ae5d9700c17af165fa3c68cb85ffb1689a5fa37e6207a4ed77bd3669e21c479b287bceefb713509903677fe10c0941f24d8296c0e2a5a8e2391d44629935e65

Download Submit
\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\ose.exe

Filesize
145KB

MD5
9d10f99a6712e28f8acd5641e3a7ea6b

SHA1
835e982347db919a681ba12f3891f62152e50f0d

SHA256
70964a0ed9011ea94044e15fa77edd9cf535cc79ed8e03a3721ff007e69595cc

SHA512
2141ee5c07aa3e038360013e3f40969e248bed05022d161b992df61f21934c5574ed9d3094ffd5245f5afd84815b24f80bda30055cf4d374f9c6254e842f6bd5

Download Submit
\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\setup.exe

Filesize
1.0MB

MD5
4d92f518527353c0db88a70fddcfd390

SHA1
c4baffc19e7d1f0e0ebf73bab86a491c1d152f98

SHA256
97e6f3fc1a9163f10b6502509d55bf75ee893967fb35f318954797e8ab4d4d9c

SHA512
05a8136ccc45ef73cd5c70ee0ef204d9d2b48b950e938494b6d1a61dfba37527c9600382321d1c031dc74e4cf3e16f001ae0f8cd64d76d765f5509ce8dc76452

Download Submit
\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE

Filesize
818KB

MD5
a41e524f8d45f0074fd07805ff0c9b12

SHA1
948deacf95a60c3fdf17e0e4db1931a6f3fc5d38

SHA256
082329648337e5ba7377fed9d8a178809f37eecb8d795b93cca4ec07d8640ff7

SHA512
91bf4be7e82536a85a840dbc9f3ce7b7927d1cedf6391aac93989abae210620433e685b86a12d133a72369a4f8a665c46ac7fc9e8a806e2872d8b1514cbb305f

Download Submit
\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe

Filesize
507KB

MD5
c87e561258f2f8650cef999bf643a731

SHA1
2c64b901284908e8ed59cf9c912f17d45b05e0af

SHA256
a1dfa6639bef3cb4e41175c43730d46a51393942ead826337ca9541ac210c67b

SHA512
dea4833aa712c5823f800f5f5a2adcf241c1b2b6747872f540f5ff9da6795c4ddb73db0912593337083c7c67b91e9eaf1b3d39a34b99980fd5904ba3d7d62f6c

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe

Filesize
245KB

MD5
e84927bc7e4bef6af8daf8640d95325e

SHA1
796cfbd54995d1340e3bdd9329e6d165af8c3859

SHA256
7744d4c0da090157809e65259fb2682e8149b3fcf64a055607ab04f0cb732ea6

SHA512
dd8c9e848100b8c67f8ac5a01e76bc11843e36824d501eca797c9560b0c99a1349ede26e5da0f57a1c66c817d0caf99284dbf968e9f5df442a7c64c88dffb261

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe

Filesize
273KB

MD5
55e392d1bd55a1292b6ce766225416e5

SHA1
06d8134a3002e6974407fb5da0a59ab43415a52a

SHA256
db42cb95904cfc6891df2aa736506fb34a26cf9a26e88ab0ef262e0459344a3e

SHA512
0c55062cf8debbdf1a7a4f41527e43cd124fb7777e9b930de9cc900abf9c27a1956a536200e23dddc9a4068ac5bc9a8052299a4f2cf010cffd205a32d99581a2

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

Filesize
341KB

MD5
e16dd9faeca97b4c185426e5672becba

SHA1
f32087a346bcc58dedcfe1bc32f221d486a385c7

SHA256
c21bfc263890f02763f56b4e9f5cf9113656cf09d7864b53ec2fd2024bdadd60

SHA512
582180e0c7b35660114d5b1d4d5c92d75615321a74d160c2c7bc92b91a2c2b7ed758d63e2bbbdb1658992da6fe7ac546d7f4ea9a6c73a4a503989ea6e1a22d6a

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

Filesize
14KB

MD5
dc6311fbfd49f41fbf35860a30e68355

SHA1
b08b15be412e843acaf7ad5e6df0ef1e8bdb465c

SHA256
ffdf81680522029c2eb578a9f442fd9692900a5c782c711e35203fb2d25620ba

SHA512
5e2938f5a8396154928a7d093db3843d73497cea4f49c0f1b77e3aac6e29d1db7f0ad4518587c336f0dfccb67ff33aac8e12afa70503504c5d8d46d12a86e453

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe

Filesize
25KB

MD5
6ff84be315cfafbbdf36aa01af8389e7

SHA1
2c550a4059ac331f5f5c9d3f218e0f6184aa27c9

SHA256
47c67c1c88ceaee3cf1667bf956a3e11a84dea2f7c2afc634777aa5f1bf65c76

SHA512
72498b009573a9cc9b5554e61d56b68f273682bfa2e13808f4abd5b2171aa59dd4a64bd9f68a3a416cfaceacb0041df918d8a84f28a5fa7f204fc562c5b6b174

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe

Filesize
529KB

MD5
cca0c5482b8a6a275d9d49433f435dfa

SHA1
a72ae8621386e13c34055f612ae7612b8a18a39e

SHA256
6ea08bbcedf7cb51cfbe4896ef8c589a4568b1d5240265b1dcfda83dc8b55365

SHA512
b88f5cdb4bc08429ca40d24cef490128d341e10615d1d93d084b3247c2b28573d177d878c1385d3941e16a8bcc8a9f6b7870c152f4a43d02e69c05defcc9196e

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe

Filesize
97KB

MD5
713a30695b671b6e3b19b7d09f9d8409

SHA1
83916537c86d7dc1043c752f195f04fa42813afe

SHA256
6b42e2e9822b99f5f13a6d1f639fa64cc93001266ceb7a7d342da1bce84d5c08

SHA512
a450c691e0c8d16519b418b366a260360a57e8511c6975f2e3029c41f30a68d83448126c3d57c9fb36b3a44e839d4bbcaa73e0adfe305a71e04def2fd990cbf7

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

Filesize
33KB

MD5
69b16c7b7746ba5c642fc05b3561fc73

SHA1
83d80d668dca76b899e1bf662ddee0e0c18ac791

SHA256
0deceb6b1b7a2dd1f13133ac7328ff420dad4610cee1fa7466e8e0f6baa39116

SHA512
6b8eebcfe5b04141640047fe468371ad02bb115ee9ef00260c0b33cfd56b142c2e01b3b1c6f07281aa57b1f3b9fdb1f1082fe5620f88a57b92d8f547267ef154

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe

Filesize
333KB

MD5
e5b38b9828293047f0352f7a38a22fb1

SHA1
681311628ac93f84371b2a069fa220dc89a3f672

SHA256
b85aeeaede189d9f56c843281a492cd8ada329f0b5b8b03d5a813eba3a290b61

SHA512
ed3e369451b938a556fb561afd6fd3ff5cfc93e386b035014fd4824a808f1e92e6d095ab33c340e6cd64ee00122fbd882abbcf0e15f3ffdb29a4fb9febe42920

Download Submit
\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe

Filesize
59KB

MD5
5e9d2fccad3b9edbc0a8ab0fe1e5e510

SHA1
4f74227b71e570f57e0bf611de8fe2b73cd3aba3

SHA256
ba7cd3c2ef37746576ea934fbbfe6ce0f659977f604cb6528e642e6d82e60ff7

SHA512
8e5ae33075564851f1534767558b1be79894858a912e5f53b00c98ad38e46bcdd17e225e32acea78b634221b506a312185ea155faaac976642c6fc8ed352f035

Download Submit
\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe

Filesize
34KB

MD5
d598a0818ec112074e4ecadb7fd83414

SHA1
a7154846b004135ba3e95e1e175d08bc9aab2e60

SHA256
d8fdda58db1a84ff2868d0d24bda9d9b496347a35008225f15c6599aa2f1c4bf

SHA512
5cd13c6b4247854a65f7322eafcb06d82c574384dc996be3bb3ab8f185818334acf6858e90136a321664543f3eb9d1b0419513ca254e4ed32959489653357240

Download Submit
\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe

Filesize
32KB

MD5
9c5b124efd76128d26d3bcf85a3f2092

SHA1
6f4a3a1b7d4fb47aba5b1c1bfc151f6eb8d2b3b0

SHA256
5fa546e912a3fedea19477ba68bb127cd2867170a2bdb831b78549c6190d55b9

SHA512
ca13ada6916ac4b5277cb7684a05ae2d36e61e3a5dd425cdcce34b8461b2337aa9c81fde1e08d9f6d24066f103bebbf135c6f66ac76bb2767eabc93f2e47f7f3

Download Submit
\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe

Filesize
90KB

MD5
27f8ebbdef6e8fa26f02d74263610729

SHA1
2ecce90a5b5661dbae6cfb890443cf8d47f052bb

SHA256
9feda23e175fa401fccd34614e2c3afde740c2ebab9a8fbc710fb9d08b712829

SHA512
71884b8e1d7042813f9ea6813565807cfe7b57b7c2d838ebf90ec2f34ab2a6acb36458d0e5b7f8a2bb07f03cbfd9cb145dfc72dae1658d1c514ef18a025c9a28

Download Submit
\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe

Filesize
2.4MB

MD5
34c4db669b76a662c5fa7c199e4f7519

SHA1
b047730ff73cbb63a540a2a0cd4e632ad594bbc4

SHA256
5a9619856991c1184c789d732f7c597cbe8d0add0732660a4ba358c6a3f258f8

SHA512
da596adb60d4c5ade81b196cc4277c3bfd523e70d72ed2f27d4426833f72182a99fa4bc8f069805deac958e65a4ebed7f43919853fc5fdc5b91a6e62089f2c09

Download Submit
\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE

Filesize
530KB

MD5
a87236e214f6d42a65f5dedac816aec8

SHA1
601f4e8cd6b1c5fcd8f0be4acf01a08261a07b94

SHA256
3c4a68070f3d7f14e488ae4f7ede8e7add0f8029995dc800833126ca062a2c6c

SHA512
5db8f065c02ac6a014ee407e3d64ae68fc9c9ae814532e58ea3aa27491baed8a15b5b1f90369eff37fb399c0ee96a92b3640110e3730084d3f0687734c41cf18

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\FLTLDR.EXE

Filesize
117KB

MD5
55d4acd4b1f8c060e4e880c213e5eb79

SHA1
c902866e5a10554e44b4e743ceabd5d687a51484

SHA256
7a7f3d1d777a49848bb8e4e344b7e6d75819345b4fe27b8ebf836618a8ad8d73

SHA512
b60cc303c2324ab7d93b8afa479a868d98ea117968f4d7233c27f5c9856f266e245324634548daadb32b9b9affab1e2530fdf9bb8248281f2fb671153f334bda

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\LICLUA.EXE

Filesize
189KB

MD5
37cd4ed547914384c817aed45b50b8a4

SHA1
20c7daf067634dda7e1255e7ae3ef934d1fb1522

SHA256
7021a2b725aecbe925986bdb969f016b0c5f9c7a42301182acb351a1db66c19f

SHA512
64e535f3f91656d726896abc3d5a50782f38cbad30d17da810b113da24e7ed7b2a5ffbf85247859854264ca6da66458d9d4622f088b98e6a881afc3726199e19

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOICONS.EXE

Filesize
462KB

MD5
66c88b6782b844bc169c7f792936c0e1

SHA1
50cf028b05ede61c89d4fb3fde4caaae8b1a94ff

SHA256
b13d6112575cfcebd36ed20222b95c3869e7d292d36fef126324be8f29002a7f

SHA512
7e7825848ed26c5c04a61951139fc8c1ccc3f916f6c3616287a5fe707b59fd8f272bf0b30dd776632d7d8620217964e1a1b5381cfc7fdb6c2e8c45b829cbfcab

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE

Filesize
113KB

MD5
6ed32d3206c69fd9a591976e64003b18

SHA1
8e8aa84fa47579326aff29113db6b0e825d3f947

SHA256
542a9b77fe0f2adc61d3d2323d046256cb8227e09f337ff7355c489165e95e9f

SHA512
b612a732ad3175c1060a8e9e92ac3f5fe80fbfaf3e32a73b956b1f3b10ad0470df875fce8615b8affdffa3df17eed6d1bda9b27bae5d0ffbf9d4e4b37770494e

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Oarpmany.exe

Filesize
165KB

MD5
015751930f57a169f41b4142869cd139

SHA1
6690556f3cb5677a4d35fba7bd6c3f6c9d0f6761

SHA256
23e40ab5500599c794559e6b02ca1a63c436544ba576089e6c13c8759fbaece5

SHA512
740882f2527047ae8c473a038e2ab3179672e0eda7ba06d35034dfb3d7e686f10580f80d86e3553ea9870ee89fe34177d2b4f2f6f2557a6e583e9163c03c5ebe

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\ODeploy.exe

Filesize
498KB

MD5
d63cb47f665ff3caa0cd0db21b50345f

SHA1
7a8b5c9a9b2dcf08a0622f3475f0fc486dc8ecd0

SHA256
b237f60afbf0ff3680d68b673b4f06072249fce099f943dc731e0cccb4437576

SHA512
830c4820393557adcae93e625aec760130bb569b3eb3255338dd8c5935e236a32aeddbce2a44cd7347c9dfd8340e5888748e74e4a8bf3f9cbc7b7adf8669ea8d

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\Setup.exe

Filesize
1.0MB

MD5
988166248240a383a509be7d026e3ab0

SHA1
cb1f5e8941bff04f11f9bec60e1fa9d9e708b510

SHA256
e89ac835ed17dbf494434fd54adfcc1d7c2a6a57e2d7ed35abff4f6f1d290524

SHA512
3651f7e30b85449714183c5b3268f214c4ad463ecf62dabaf058b6beb482eb4844679d36217950d86a1e5365b9607c00dd6117a81e13dcf7e359ffe023816123

Download Submit
\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE

Filesize
13KB

MD5
7ffae006610a85317fbb092a2d65d1a9

SHA1
f61f245695232ada51d81671e9918d54d9f35575

SHA256
f10acd6e32bc4d7cc74feb9e84fec18a77aeb2838ebf2aa7e3280ba1c7f3fca2

SHA512
fa163a348c7e557d12b24f212eede900dee416f54557cc6cc1a18c6cf2d4d19e049e4e03000abaada320c80dbabba4a4eb028ace629442ecea8dab0add9ccc9b

Download Submit
\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe

Filesize
14KB

MD5
20d3e26304e9366c2e9ebc18df8d6e53

SHA1
b509c0db36f01849a9267544545bb6d5e6d7dbe4

SHA256
36d845e96a732363f43534376dbb776041ab6df86a9ec1cf0419e74e89855277

SHA512
ea5f1a35d3aada483e3fc60b83b2de5339e8095294a8eff4c66131dfaee5b74ba2e9dcf5754d95bedb72ef2aeb43ef47c16d8b3f062a00408242300082263964

Download Submit
\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe

Filesize
1.1MB

MD5
41bb0ce03e066012f36f5ee81aa5a737

SHA1
fca620d6e7b7c6513ea93f6b5d657b39bc7bce40

SHA256
47687c7db0d4107b82898d92a45992858d9452089d2ff7a3290ac79e4f5943da

SHA512
9d556b991aa3227f2ed4e079595a8fc574cf5bf560049a101d32b53b01aef41eede22ddb82f6f3509eb1f9a2f6fae2eb97d8060f2a6aa4fd6d73aa6a31117f3d

Download Submit
\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe

Filesize
18KB

MD5
7a2323a4ef4c2a7651443239552581f6

SHA1
b3e6138072d303fbfca579a15ac86bd7572a7c2c

SHA256
18e279d77b8271a37bd9077900e57880f3cb3d2d9e5235ffc00f30752592f491

SHA512
39e6a802b7d64bf9547d4f93ff52004dc97bfe22f1363aba20b47e652dc5c27fae3a7b32fc10c585ca5e9621d7abd08888e25162991988f1b5d28e054f0fdd63

Download Submit
\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe

Filesize
85KB

MD5
ee0c93a37a7549bb3398c6093f25c9bd

SHA1
02ea12b829f147a5c6345f99ee4d2fcdd2cb7d4d

SHA256
604e2abeba3f46842e49c0d5dcfdaaf2746165f595f9dfa8ebfe03ffdd372c09

SHA512
1a5833d091139859847745f77032f6a0ff447d07f3c609d34d205ef63e68705b7232a72eba5315829ab52980d8ff5a9d2c9db59af056cd2517f4122db93010ff

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe

Filesize
302KB

MD5
381c22092074255a291f4c9946a5c28f

SHA1
cfd3817b09553851738818c55a01d18c7591f95f

SHA256
c94dcb40543cb405474597c7e7c9d8ef558b1422797752625db9ca4faf53689c

SHA512
e1f176f4d3f9b7ac057fa427d006e1d6c918e3bb623a713435011e6e27ba7728b22d501789f449cd54e5a58d19d62c25c7f55f8185b022b22cddcab070a385cc

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe

Filesize
398KB

MD5
f1de10a8b9909a4af635112c8866d534

SHA1
c340effbaed989e7f8ffc6f7574856cd8ed0d18b

SHA256
5df635fd14558c0a25ceecd2ad51fbc0d129a8fe681d36ecc9e7254ae0e0a40e

SHA512
a227edac6a6d440da6e13a7d0ecbf42f6ac6acecd7591e0a105bf5e8e417d54e0610d9d28c649c510dc91c454894bdeef7f4c4d3463c57225e1e7cbc142b0924

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdate.exe

Filesize
167KB

MD5
54a010c60be10b65eee5506720fccabb

SHA1
18cfa274db7d6567441db036eb2b25b720d58884

SHA256
9a4b728a0b652056cbd312dd917adc08c72c89b6f666472f4e3d59a1b8039d89

SHA512
afb51acc8b684db72d5ee9ad7c340d852322af0862a80976c6830330c9e094bc77e760a5806ba883b437c0d10139aa783c21cd87acd405c453df98422d6b99ae

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe

Filesize
114KB

MD5
9482267d8e065d5c3cfe30c69b41b30c

SHA1
b0d7b3b52fc3faac508a01a61ff9e9e7ed8a16fd

SHA256
23085b1bbb7d7b175ee9c4fc9db4e7dd8981a3f5246cd864ab178c53c0612758

SHA512
33c19803c00834755d2a6e75481b0bc0d50dfaeb4cf95d34bc4bd22b82cb58ab72f7e7af9d1e56c19e68374365d4fd095b8a4121c0c0099254a0bdba2dd86c63

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateComRegisterShell64.exe

Filesize
190KB

MD5
067c069e3a48184c32333ebbd152eb01

SHA1
e13808892bb9679a81d0ebdf5f51a6df42400149

SHA256
55f4339688f1e72f5da0819abaa1d1f0630f39c496ec1ea0ad8e3458c8df6b02

SHA512
74b3aecbf11f94948264b29481839bdf48d7b37f966cb5e2aa3062e66cf3587ecf247563e3bcc1837e1fb89602d327fdb4f22fa98c695b4d5768bc3f1903a2b4

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe

Filesize
224KB

MD5
d4b257c01bbaa68d15d8368475a4e227

SHA1
fafae083a882e163cfa8c77258baaab891c17df2

SHA256
dd6dd981c7f1a6673dc8cc3a0fe1fc8a54e059a9fdb0545b0dc9258299c0c546

SHA512
167494ecb32196e8e199d7d14a1c0498eee45ab8e8862e5441539fa569313bb602b9e979935c7cc5ba39300e54e8bdbdf2f502e4ea24b5e8339fd2c3685ca502

Download Submit
\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateOnDemand.exe

Filesize
114KB

MD5
27a531be4e959f1d7772133949832a10

SHA1
da4d3202e33c4a4c9480e8bff7726bbe0bc88e84

SHA256
09b9f613621fa39c97de92265fb886be93be5b37fe0985c54eb358efbf8befe3

SHA512
7e4e78a2f6ad80ed822c40dfc4466da49a4941f42ce92b78f40f0b0d3e22c087985efb134515d5592f7b86a4bc583733ea9eb7d33fe6e29d6e771572d75421d6

Download Submit
\Program Files (x86)\Microsoft Office\Office14\1033\ONELEV.EXE

Filesize
44KB

MD5
987f657313a388148599a9baebb9e7dc

SHA1
d4071ab6e1895ec19eee2254a39b9cb6096b4ab4

SHA256
83dbcdb3aa38fe0f77fa8734eed8917001163ef321b1ec418b6f87c7dae1259d

SHA512
ecb700e94740944cb4027137774448aee938e88645ebe34b250d1f1256efd099bfe48b50aca3935a48bfd9da0bff5473a3384f36cb3724b0fca90658b17a0aa7

Download Submit
\Program Files (x86)\Microsoft Office\Office14\ACCICONS.EXE

Filesize
1.4MB

MD5
a1cbf221f65a4a957a1561e94c05d2ba

SHA1
f737fc584cc642e8b808a316faf0eeac8360d344

SHA256
cf4c6c14eca09ac8345555b82585c6138f7388de63fcd626b0c19bd88b9231a8

SHA512
83dadebac14d91aa9c41d8b516f369b2a318fb58bf1e05437468d4f339639e431f981b8841f3bdf84b0d8b86b9e0a918900b559d1a327abebeb25a35a8954295

Download Submit
\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

Filesize
89KB

MD5
901aa7a38ce13f14b6bbec38c0595698

SHA1
6abd81a46557f72680eb9e5fc74223b8c9c32088

SHA256
1e95f2048e2a1782807d52e9816ed267355718e24d01ff07ace73d965ede388a

SHA512
34bb4f656423021873363ec8dd1908fd1d01017e607ff8bc79fea3176ffb18f3281dcf21f7bedcd96c4ddbcff70bb2943435a18e31ddfb6f6c5bd226bf901672

Download Submit
\Program Files (x86)\Microsoft Office\Office14\CLVIEW.EXE

Filesize
206KB

MD5
a351a9e5b19018821ab612496da0c2c3

SHA1
b040fea2e94e6bfdef05540061b9f9a9f9ca17cb

SHA256
6bb70e81edc34e15d9798b317300d7758042db033a91efd7a40efa5e45a3cfa5

SHA512
00e264e71f1f36be5bb284f2d281a9e2e11b050c4e07c75c975b1fbe19be57b89f651a9b0a9dd338ae7b8ed68ce733c872d7763698c234353354035d7b42371e

Download Submit
\Program Files (x86)\Microsoft Office\Office14\CNFNOT32.EXE

Filesize
147KB

MD5
fc860959580c124e7e4781bb08437681

SHA1
b551dd88a1d3d5f277dc174f5d9d11eeea0dafb0

SHA256
eca127142a480fe51e7748159c8d219313a4730d60dc22c4dbbc1bd4d6a67b66

SHA512
abab3d964d5e7b1bdf365a429cbc5b48614f4fb64281d5c0a4b0ce0ab3580fa539ca0f33bc4243dbbe5c6649fa0ce1a2a89de12725a78971001cd768aeb075d2

Download Submit
\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE

Filesize
19.8MB

MD5
a53cc4c0fa7da7cdc8dddf4a0e6123f9

SHA1
09aeb141350d8d3ca91ac4cf902af9d6b2de3bf9

SHA256
ead4783058efc1fca6e92266cca02ae8ab79105405775208167d280c14d98914

SHA512
32a383f768d90c1eb5ffb8fffe6810ad90d76e6c65716819d4296344b31a3858db528eebc40d0561ae2be9d5f14533ecd44a0a783164b6b57e2588788209f665

Download Submit
\Program Files (x86)\Microsoft Office\Office14\GRAPH.EXE

Filesize
4.1MB

MD5
b6aba3b6872d0e4957d860bf050fbf64

SHA1
d1e55e141c402b45c6578758a72b52d112f1b16d

SHA256
a98aadf44727be20c0550b457a2e741c6fc6173f2eda2635c0213a1e509d9a24

SHA512
47f9184977e3a1f61417151b3678b41c61a9a2f30d12fa2bcdd006d8c32126ae7329a1e8a0816838d0940fda6529c7dc0931e9f5659caa9b780be7f6a5588766

Download Submit
\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE

Filesize
29.5MB

MD5
334a6b52049c0a30a89369785e05027a

SHA1
8881925df0de69ff7702313b182c31e6b84c8886

SHA256
086d9c660829c978140eed4851715224f4653a4b66e7a147b52fe5604eb514a3

SHA512
e59351cc3e1d59ba0e34235f33ee7316c5d44217c5b3dd8708504c86a3253a0e38c2be04430ed84601f0725857826a49ca9dd2f216e28e4a4ff74001453ffd02

Download Submit
\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE

Filesize
921KB

MD5
818cb3b1d36f079b03e79e23d0fbd83a

SHA1
2a60afd7bf7d1b198070ab199691bb2c0cc315c3

SHA256
955601226a4e610d3ca43f6b6fdca64e274187148be5b2ce60db05aea233625f

SHA512
d6f9d21b45289ac628af525f8197d429b3ac70dd59f68e0ab04da115e7bfa97ad2c9d34bdc0c805671acc9923e71818e226b2b4287f19f471f4863d7f00664c4

Download Submit
\Program Files (x86)\Microsoft Office\Office14\IEContentService.exe

Filesize
564KB

MD5
42d927353ebd38247c45f73be30e5438

SHA1
4c09cacb7ff6f2daad8b9171f1a4811f57f460f2

SHA256
46b682a6e218066005b4691c0d16254607c41c51c8711558740d4a62beadf4d1

SHA512
435b77c1accae88db0ca27bd152c1bb374c47617db66fac72bd1f41bb8784461cca8bb36c3002bf0124c033273960b57af3514e05e5222f8b2220b5583da997e

Download Submit
\Program Files (x86)\Microsoft Office\Office14\INFOPATH.EXE

Filesize
1.7MB

MD5
e7667239fc311cbbc86e84c7d4ed1f23

SHA1
ba55b9c8d2edca3483d600616cb1a9114d4f625f

SHA256
343883df0625d9ab21c3de31c2c5fbcc24c6d0c151d2dcacd2ba1f04e6a40ad6

SHA512
7a8423e2d236f1ded8b51779519dfb9cce45bcb5d92503b35651278a0108e3b3e7b35fd266201e14bcaca76be99218481e9037d95394ea1442c204e66439aa7a

Download Submit
\Program Files (x86)\Microsoft Office\Office14\MSACCESS.EXE

Filesize
13.3MB

MD5
87232c8139f1cd82a2c3e39070d30b52

SHA1
13e2beede1ab86a3a12277893570c320e375d191

SHA256
8b8ad6ac7501d2c82eca1197c0310fa306b05d313d1b75c1020bc2b2965272c9

SHA512
e0032aa0182b66e3edbb7b76dd9411a6839e10cd3749337449dedd706ec8ff387042349fbe56c9d4b76a1aa095d750b6bd5e4a180ba7c70c144bf0fe697846f0

Download Submit
\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE

Filesize
69KB

MD5
325898762af50cc9d7a4c504b7cd6206

SHA1
94bb4333872c472fca319c5b59aa1f1d0f651b7d

SHA256
293eb1f421601477e48119966adbd2d8be68510334c19a8377c5e772e40e039a

SHA512
ac780fe9d27a92699e4a5d6d8c29c7c69ca8d298717710b06fabafa66e5422e61e2bd02b8245fcf7543e3a4f7fbcb2173feb7160eb8659a769b19a1169406ab8

Download Submit
\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

Filesize
701KB

MD5
7aff1c22e8bc6d8181053fc3590fd0f2

SHA1
f81c044f3ed14a7c5ef33495891a846b297d5353

SHA256
7ad0bf719597cd4770a45e16c4f45f233f99d473aa1f4f0b0fc0f8d26976f883

SHA512
2a8c89e80371413e1458270fe2a1c963e085e8fbf2af5ecf921bd075a73c6f08333ade3cb6993a0db3ac5a008d0f3b80c9c5248a38d7e70842fe084df446f121

Download Submit
\Program Files (x86)\Microsoft Office\Office14\MSOUC.EXE

Filesize
352KB

MD5
84b5e431dd9e08590e15ba29d85964d2

SHA1
738daf1cfd697baa77bc278493d985de3ea4da27

SHA256
28b7f8a6e333c8347c8472ac6bc9bb3caf4b505cc1a9bcd92c3db21947c04127

SHA512
484f62cef80d58728df0e1f255fbb62121c5d9f12eaeaa4fa0bf73d57b9f8accac598b1c3bd03c09aeae014d2687fa8bc06bb698af15f53f20b7bbe6b4021709

Download Submit
\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe

Filesize
17.0MB

MD5
def8d3ec3d85dc8dae33683766d0be5e

SHA1
7f13856a4f5f2610485de33546416917838270a0

SHA256
0f63e7d7cb8923fd0b8de1d135883b9b50b453f1093c3ac9c6e2a5cc1ff9d8ff

SHA512
3a9af3e8b506739e15f2a8ff7e39fd495f5a8e84df901fdccfdd855403359552af33dc805c58e2348ea8544088dde2d96f76b29e7aa93c5fa60cffc49ca25762

Download Submit
\Program Files (x86)\Microsoft Office\Office14\misc.exe

Filesize
557KB

MD5
fb3c8178ad435b5b2194d5ce774e1f53

SHA1
f8ffa7825a628ae2d3be6d1a82281985f8029427

SHA256
8263b2fd09374585546353e8b61439dec4fb6e26d547d5ebed7696cab7dc8060

SHA512
e0ee5d6d9d0eb5b9724ca2cbfc642241c5b8e7b48d4b724473a5af7665a25442c22fb365e1431f567cf88c3f550d411d99818bb9346e29dd1730a43712425a7c

Download Submit