97754aecbf59870d595178917a5c8ce6ff8211d20bc804332233b85fcb7a26c4

Analysis

max time kernel
93s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2024 18:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Size

12KB
MD5

c8f3115838b57dcebe58ca4a63bbb9f9
SHA1

1499782dda07a69281fcf4b77012dab58ea241fe
SHA256

97754aecbf59870d595178917a5c8ce6ff8211d20bc804332233b85fcb7a26c4
SHA512

a38dc1be0eaf93e2874d680b5d7af357b45cf50bf58cb6c2c07aaf5ae6a43a6b1bb8548653ae13ee51672737ed83506f225794996f69d5caa92a4ff83ab9c6f6
SSDEEP

192:o/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMrmEy:oebFNw4Pk1itKkpAjjI2YpdmqD

Score

9^/10

discovery ransomware spyware stealer

Malware Config

Signatures

Renames multiple (2184) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Drivers directory 9 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\de-DE\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\fr-FR\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\drivers\gmreadme.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\it-IT\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\ja-JP\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\uk-UA\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\drivers\en-US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Drops file in System32 directory 64 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\whvcrash.inf_amd64_1173082afb4becfd\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\wbem\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCClassResources\WindowsPackageCab\ja-JP\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmdsi.inf_amd64_0b96cc4cfeb2cbf8\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\rndiscmp.inf_amd64_81bff1eb756435c6\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\usbxhci.inf_amd64_6e228bfaadb050c6\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\setupdir\000b\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\WindowsCodecsRaw.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\ja-JP\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_UserResource\de-DE\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WindowsOptionalFeature\de-DE\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\BaseRegistration\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Dism\it-IT\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\TLS\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\MSDRM\MsoIrmProtector.xls	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\de-DE\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wdmvsc.inf_amd64_8666ee4da6ad6325\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\hu-HU\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Schema\MSFT_FileDirectoryConfiguration\de-DE\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_scsiadapter.inf_amd64_efffb8c026d3abc5\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\wsdprint.inf_amd64_b616bed30e8928ca\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AssignedAccess\en-US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_GroupResource\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\Schema\MSFT_FileDirectoryConfiguration\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\ialpss2i_gpio2_bxt_p.inf_amd64_8be317e01b44bf5a\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmtdkj5.inf_amd64_6f327fe9ac4fdb28\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netvwwanmp.inf_amd64_f9e30429669d7fff\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\rtvdevx64.inf_amd64_7b972df4e09f9463\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\tdibth.inf_amd64_e1022e6b4f7ab56d\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\BaseRegistration\uk-UA\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\kdnic.inf_amd64_6649425cdcae9b5f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_fssystemrecovery.inf_amd64_aa57df1ffa9aace0\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\fdc.inf_amd64_7534987814b257b2\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netpacer.inf_amd64_7d294c7fa012d315\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms006.inf_amd64_c3bdcb6fc975b614\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\storufs.inf_amd64_a7a5b507fa22251e\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\it-IT\Licenses\OEM\Professional\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Configuration\BaseRegistration\en-US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetSecurity\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\it-IT\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\nete1e3e.inf_amd64_895623810c19146a\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\prnms004.inf_amd64_c28ee88ec1bd4178\Amd64\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\it-IT\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\de\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\DiagSvcs\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmzyxel.inf_amd64_1edcf626fd489056\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\netwlv64.inf_amd64_0b9818131664d91e\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Speech\Common\es-ES\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForAll\fr-FR\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\c_61883.inf_amd64_2c1769df23d261a5\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\hidinterrupt.inf_amd64_eeb986311b3a5b16\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\InstallShield\setupdir\0021\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\Recovery\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\fr-FR\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WaitForSome\en-US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmcm28.inf_amd64_4b833c2630a2a287\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\net1yx64.inf_amd64_8604d8a50804b9c1\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmminij.inf_amd64_a85c8e1fe15a9532\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\EventTracingManagement\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\hidbatt.inf_amd64_a6fa9bcee39a694f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\System32\DriverStore\FileRepository\mdmeiger.inf_amd64_05ca2a1836c16cab\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-64_altform-unplated_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\6445_48x48x32.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxMailLargeTile.scale-200.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-24_altform-unplated_contrast-white.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\fi-fi\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\Microsoft Office\root\Office16\MSIPC\pt-BR\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Home\RTL\contrast-white\LargeTile.scale-125.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-black\OneNoteNewNoteSmallTile.scale-150.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\2876_24x24x32.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxCalendarAppList.targetsize-60.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\notification.send.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\fi-fi\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_neutral_~_8wekyb3d8bbwe\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Work\contrast-black\SmallTile.scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\en-il\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\de-de\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\StoreLogo.scale-125.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\nls\hr-hr\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\7-Zip\readme.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\PeopleMedTile.scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\OutlookMailBadge.scale-150.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsStoreLogo.scale-200.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\XboxApp.UI\Resources\Images\star_3qtr.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\tr.gif	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.Windows.Photos_2019.19071.12548.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\PhotosAppList.scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\SplashScreen.scale-200.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\bg5_thumb.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\hu-hu\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe\loc_archives\en-gb\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteAppList.scale-200.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteAppList.targetsize-16_altform-unplated.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Wide310x150Logo.scale-150.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\ExchangeMediumTile.scale-400.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\SmallTile.scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.YourPhone_0.19051.7.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\AppTiles\contrast-black\LargeTile.scale-125_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-96_altform-unplated_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\fil-PH\View3d\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNotePageMedTile.scale-400.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1906.2182.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\WorldClockSmallTile.contrast-white_scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.targetsize-36_altform-fullcolor.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2018.826.98.0_x64__8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-white_targetsize-24.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\EmptySearch.scale-200.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\HxMailAppList.scale-125.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\video_offline_demo_page1.jpg	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\SupplementalDictionaries\en_US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.GetHelp_10.1706.13331.0_x64__8wekyb3d8bbwe\Assets\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-black\SplashScreen.scale-125_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\LockScreenLogo.scale-125.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\InsiderHubAppList.targetsize-60_altform-unplated.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\MedTile.scale-100_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxSpeechToTextOverlay_1.17.29001.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\GamesXboxHubAppList.scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\contrast-white\Logo.scale-100_contrast-white.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\de-de\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LogoImages\OneNoteLogo.contrast-black_scale-80.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppPackageAppList.targetsize-24_altform-unplated_contrast-black.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageStoreLogo.scale-400_contrast-white.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\Bundle\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Transit\contrast-black\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_c_dot4.inf.resources_31bf3856ad364e35_10.0.19041.1_en-us_fb3a876a15cdcdeb\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-dsquery.resources_31bf3856ad364e35_10.0.19041.1_it-it_99aae233d1e19d14\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxsetup_31bf3856ad364e35_10.0.19041.1023_none_d34f4fd846c530a1\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_microsoft.web.management.ftpclient_31bf3856ad364e35_10.0.19041.1_none_2e9e1cc3ed86ad15\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemResources\Windows.UI.Shell\Images\RequestedDownloadsCloudIcon.contrast-white_scale-100.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_10.0.19041.546_none_3f1cc1d15da468cf\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-g..licymaker.resources_31bf3856ad364e35_10.0.19041.1_es-es_197e2d469b031a1a\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-coreshellapi_31bf3856ad364e35_10.0.19041.153_none_c5d8cff48405ddd0\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\Temp\PendingDeletes\ae46274236e5d701199700001815341f.License.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_mdmsettingsprov.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_20171ba0b6b59fc4\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-f..yphanimator-library_31bf3856ad364e35_10.0.19041.746_none_faa6ec755f8b9fdf\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-directcomposition_31bf3856ad364e35_10.0.19041.264_none_85aaecefd5053e96\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-brokerinfrastructure_31bf3856ad364e35_10.0.19041.1266_none_d2c44506a9944821\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_11.0.19041.264_none_693d5f2f14da2062\f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..i-windows.resources_31bf3856ad364e35_10.0.19041.1_de-de_42c45c23f5becd8f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ie-datacontrol_31bf3856ad364e35_11.0.19041.746_none_35b887aa286d8152\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-rpc-netsh.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_53d2e45db1a88a2c\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_fdssdp_31bf3856ad364e35_10.0.19041.746_none_232be7b6076e6821\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-lxss-vm-mode_31bf3856ad364e35_10.0.19041.1_none_84865c9f15ba86d1\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-dot3svc_31bf3856ad364e35_10.0.19041.1081_none_e049f4a228a31cca\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_10.0.19041.1_none_cd0389b654e71da2\Ring03.wav	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-dolbyatmosdecmft_31bf3856ad364e35_10.0.19041.208_none_97c1b91f71afdead\f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-c..er-office.resources_31bf3856ad364e35_7.0.19041.1_it-it_6e4093ec002e8d62\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..ces-targetedcontent_31bf3856ad364e35_10.0.19041.1151_none_e3a236d65e91b34c\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-windowsuiimmersive_31bf3856ad364e35_10.0.19041.1202_none_a690000a893f966b\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-rastls.resources_31bf3856ad364e35_10.0.19041.1_es-es_6f4b7699fc5f797d\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore-client_31bf3856ad364e35_10.0.19041.1023_none_3e879b530bf1ce72\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-footer-template.html	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-dot3conn.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_7576d178b0a773b7\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p..oler-core.resources_31bf3856ad364e35_10.0.19041.1_de-de_34d79790b1f532db\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_dual_usbser.inf_31bf3856ad364e35_10.0.19041.1202_none_11c19bf5388cd12f\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-devices-custom_31bf3856ad364e35_10.0.19041.746_none_74bb363b3580cc90\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-commonlog_31bf3856ad364e35_10.0.19041.264_none_5c643b8f866d5e2b\f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..r-wmerror.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_a1098e6d824abd2f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-s..structure.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_7ef9b96303f5aefb\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_system.net.http.webrequest.resources_b03f5f7f11d50a3a_4.0.15805.0_fr-fr_8286e197ce91324e\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\x86_netfx-aspnet_web_config_b03f5f7f11d50a3a_10.0.19041.1_none_5f0132d8aee083d8\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-deviceux.resources_31bf3856ad364e35_10.0.19041.1_en-us_256d21174c83b289\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\msil_system.resources_b77a5c561934e089_10.0.19041.1_de-de_27081ff14d4067bb\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-data-pdf.resources_31bf3856ad364e35_10.0.19041.1_it-it_ea8876bbaeab83f6\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ie-f12script.resources_31bf3856ad364e35_11.0.19041.1_fr-fr_0b3ead81bed98179\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-telephony-voiprt_31bf3856ad364e35_10.0.19041.746_none_21777d625d3ad9ec\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\ImmersiveControlPanel\en-US\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-tdi-driver_31bf3856ad364e35_10.0.19041.1_none_1cdf560fd553ffa5\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_11.0.19041.117_none_e10a859793556096\f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft.configci.commands_31bf3856ad364e35_10.0.19041.1_none_6d3d2166b6a9d0b1\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-network-qos-csp_31bf3856ad364e35_10.0.19041.546_none_362a5598c3e142b8\f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..aanalyzer.resources_31bf3856ad364e35_10.0.19041.1_it-it_663a7e304ddb86fc\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..er-engine.resources_31bf3856ad364e35_10.0.19041.1_sv-se_e22effbb464bf579\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-userdataaccess-cemapi_31bf3856ad364e35_10.0.19041.746_none_60c40c15fbe36dba\r\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\unifiedEnrollment\views\unifiedEnrollmentFinished.html	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_system.servicemodel.internals.resources_31bf3856ad364e35_4.0.15805.0_es-es_f2a98609c100d3ec\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_ufxsynopsys.inf.resources_31bf3856ad364e35_10.0.19041.1_es-es_acfec33b5b6a6356\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-i..-platform.resources_31bf3856ad364e35_11.0.19041.1_it-it_4c775ab7a368ad07\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-s..okerplugin.appxmain_31bf3856ad364e35_10.0.19041.1_none_11b2da2074e7d6e4\PasswordExpiry.contrast-white_scale-150.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-iis-logginglibraries_31bf3856ad364e35_10.0.19041.746_none_ff7e6acf5d4db486\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_wmbclass_wmc_union.inf.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_57499960a5b80247\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..oolsclient.appxmain_31bf3856ad364e35_10.0.19041.423_none_9de80b9d881a1ebd\i_chartzoom_reset.png	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-pktmon-setup_31bf3856ad364e35_10.0.19041.928_none_31fd477afc7b8278\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\amd64_microsoft.data.enti..ild.tasks.resources_b03f5f7f11d50a3a_4.0.15805.0_es-es_c637448975b4a462\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-csrsrv.resources_31bf3856ad364e35_10.0.19041.1_en-us_3e3deea668a0a60c\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
File created	C:\Windows\WinSxS\wow64_microsoft-windows-uiribbon.resources_31bf3856ad364e35_10.0.19041.1_en-us_8dc66c77bdf38e8f\HOW TO DECRYPT FILES.txt	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

Modifies registry class 10 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\ = "CRYPTED!"	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\shell\open\command	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\E9G713do5ll8EP5.exe"	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.EnCiPhErEd\ = "BPBIDKANWTDRRFK"	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\shell\open	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\DefaultIcon	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\E9G713do5ll8EP5.exe,0"	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\BPBIDKANWTDRRFK\shell	c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\c8f3115838b57dcebe58ca4a63bbb9f9_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
- Drops startup file
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:2636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\aic_file_icons.png

Filesize
50KB

MD5
9a38082d0c7c06373280da280884577b

SHA1
33c15f624e80288f72336b6feddbdaddcbaa9a1b

SHA256
4b0ae443a1505c6471091778f2a809425b997866e26e7b0c24c07df155e4d6e4

SHA512
c666915bba74bb467c4c7b3406ef9edc375207854cc59c18ed8711dab64615453e8a60d967c5f36f6e4b481451b4055ca5627ce67d944160a0ee5ccdd6f8d749

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions.png

Filesize
1KB

MD5
4d7c696dd04380b50785ebcabbdd1750

SHA1
142f7a8e122e5c26a6605d1dec4bf488c2a8a6f5

SHA256
7bc3a664ed6161ee5773ec696eaaff47aec99e38d7468f2aee1c1d1ca264ee73

SHA512
062803756bbbc98da044da6efc0ca7d035d1f1b1f2b31ad1d014a9c892f0440a89f15f961a75f735b439aab3f8ea44e87907cf8f9ff18e9dc1bea97ea0e827da

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\selection-actions2x.png

Filesize
3KB

MD5
2195e1f443c635d561836bb604d99ef0

SHA1
d740ad985f719c564247e409d541d484b8db5a90

SHA256
ba515ea991c4292eaa72c6f7959e3621578b26096049faa600c79af0c6388ccc

SHA512
3feb3d1929b2fb05c27eb16829a2e4c3201b20e6606416379790f885ea680eafadb967f1132c8aa4e0491d2f236644d8799d8083d60e1f423bb024e1462a65ea

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png

Filesize
683B

MD5
55b216297108ce75fe02d695ce62b76d

SHA1
753359b4f8a3546884f285e96e013087cc83e827

SHA256
4304b9a2cac4e5a7d8573113c1110547209a54d7610f65501be23442ab5d9dba

SHA512
f84b8f51ef397e4ad29e808d91fe10c580310118b102603f19d5d7cf6bdaeb022c0b6bf07126268bfd6f441b31645e4aa18f1aec8eb43a1555fb4112797b4542

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png

Filesize
1KB

MD5
5ca75ba70845d83ef371f00d03ffa1f4

SHA1
f62dc8acb5708e046e0eb9372a9a42feca98e3ed

SHA256
b8b963cc0deaabbc47af5fd196b5c6aadf1fcf1ae205ab1961c542a163629b80

SHA512
a7070b214ec404bc889422db749607abb1033cbfac553489049bb3bbbd40d7e48a2c07b4fb9702060581dad3751465da11f6425eba081cda7f21143d8fe45586

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png

Filesize
445B

MD5
f935be45a99c5a66229b46b6a35eb7a2

SHA1
578e431a5081830a6f453728215cbff6f3000e98

SHA256
4f26a07bc37dfa77290550bbe0251ef8abb7e01b44d19ace5cc543758a831e3e

SHA512
20bd6374e8fbf54e81d663c2bb4428706e6bb63ad904010993f3cef145be5beeb2005443e6e4e488cafc9ccd2b3109b4fab26bd367c8473f4e209c746189c7cc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png

Filesize
611B

MD5
e272332763828061d7bcd38276ecf312

SHA1
23a2e2915f0c07531b424bd87ea0023d3e03cd36

SHA256
525ac8eb2ff310cb542ab93dd15d38b2dc194100105fe511dfba25f457bcf65a

SHA512
d4b2eaca1df45501bf6b909426dcbd5b9c575f131f7cc6782d84ac5e38ce9b480ad0091eecce27c114c0745515316d0b122555d4dbf64e33972b3dfb1d8ed125

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png

Filesize
388B

MD5
4a8e65c683e3844e4e64e6b69b2a607d

SHA1
f04472c56234e403cf9fab3c31b4739a397238e5

SHA256
18c353975faaf81476fb22971f9e5f8d4bb571479e92997c407d2cc3f57f0216

SHA512
cfaaeb76afaef6636441b2a9e11eef77ce814c520518574986f9aaa0c3d2d803971d50aec48f2b42d7bcfffda6b531ae26d457826c946d503c4cbf8340634f93

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
530ce0363ad72849bca5b30fea7ca307

SHA1
5cae21dc043a995c556f456a986475ef7896eb20

SHA256
a04a84c27d84745fc1d1a4058159c984a27534197a588a47198ea6b6271dd70c

SHA512
55da2ccaf70f8c516e573ea000d5694a70ab6e20b4984844c325334f077e6bb7980b7f6098be6009ddc185baa1f996d3b76d56706ca0d171fb8b09ff92fef7f6

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png

Filesize
388B

MD5
fa50c716c0efd41f2a8813d17daecc0e

SHA1
5d82eb643184dbc221449134b749cd46a6651daa

SHA256
0cf3beff982bc204e5f363b25e655b421042904163cad10f35118416c7f7b189

SHA512
93ad1e731da677b51e88908430f584864169040bcbb9580440560981fb6665490cb45c64ba26c88b3fc5511c55b566b28a7e98c99afccc6c2d0f3d89709a552e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png

Filesize
552B

MD5
8650bd08ad0a9713a919ab0ab4e00f1a

SHA1
2be56f90f9975d4f3e84296bbe745c336f5298c5

SHA256
a4ff7733a14f2b3a174bb02fc7add9a2e7fd8c52bb5ea4c2bfddad8ea92e911f

SHA512
405be817b96f959d456d769e3a0202e906f0ded5d0fcf88ddd6c99b1bd665813b94574c04aaf326d0939541a52cbdc27022e99d294407a0ae43f21db9feb5d1f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png

Filesize
388B

MD5
6d8e542379250f4285c6a9fb923d421b

SHA1
2a93e3c69290c9bfa296ae809c6f823a27275a9a

SHA256
bdda236258bb1a39e53bba006e62aeca0408deba1ef71469d08a8e593220ed8d

SHA512
2564e219f06f5276a4f9ca84a2f79b0dd7fd1880e927ac7bc2430a2d6993fca037d2e318ff83bd4fdbfabe8bb17e4fef1edebdf9ce276952654dad557f9fd346

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png

Filesize
552B

MD5
8fe5735342314821f478a68a4723b58e

SHA1
dd8d9f7c57b8a9012e866a2a0b45b427fa52e15c

SHA256
ccbc582d43d610bca15c70b7b1cd60cd932edd8a64e4691b843ca04ea49828d3

SHA512
2b29cf61859432e555074b3e3b434bd0ae703e51e2a28fb95a33413fbe31564d7d7c8adbba6b331b704e41908fe65a07df933c9a8e33131a7a01753ecb21c513

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons.png

Filesize
7KB

MD5
97d771750e23b56c84e070cbb7388cbd

SHA1
e3c1a744b237c666a925b1809d9ac24d3b47efab

SHA256
f8b3485d3d2ca7a54ff7d5667278701735a4293b91007ef2633324da87ebd09d

SHA512
17cf3d760c0b7ca6ba4725fe30039c7fe6a4bc9356b949169af6da16ee054ae04050ce0c39ab4f7fc90ebb1c18780d97b0ce43a43dddb2cccef385286199eaa4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_ie8.gif

Filesize
7KB

MD5
d153bf9262e38545b2ea9d1ef658fec0

SHA1
5dcf85fa6370c57be30ffc45ac32e71491c37080

SHA256
e3535ba402607c4f21d324cba07625a979e8ad878e699346a453011868c5b4bb

SHA512
8ef25228c5d6eebf54a5abac4312b18237e290689be6496f0eb0c35644d52fe2c7a76b86839bc6e45e98cc9cd1fff924ada1b54ab359dc6a7bea3df06a63524d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\icons_retina.png

Filesize
15KB

MD5
5c437d6d5c5bde2649712f3fa52957d0

SHA1
24cea66f785425b8aa69e02dea7df1fa1e33af80

SHA256
eb05244b28fd1cf3da9dc24cf652814aabcab712b8020f407f394dbf508de7b3

SHA512
2417615476c4c9dedc2337e4109da8301dacfa5f7fa8d03030005921e553f762560989929330efc08ad6f3becb9d55037111aaa72cce7bdb3dfcb9f0c1aee841

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons.png

Filesize
8KB

MD5
6e48d0b5c851675e7301f421e2e1ddd8

SHA1
00613cd1ace224c34cfd7c3895b5b1303ca5aa22

SHA256
d9c9b425f9c32fb8e362c04adc42759ffb6d0c12ff74ab6975a5ef2f736a5539

SHA512
0c892969b9f4221feb9d3755da1220599b2b29ec3780ba7a467448554a59c9c11d9daff314d0f9d34369f21f22ccbbf13fce8534f0f87a0be58ef4efd04e5cf9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\images\new_icons_retina.png

Filesize
17KB

MD5
c79db531856e9f1543a73ae7531334fb

SHA1
685c6c2a9ca118425e8104ab9d8cdd7ebc5b15ad

SHA256
ff89e1d7f424aba5e0f85f09029e81750ca6ec8f918577ec3d849c22f749e849

SHA512
b25e78c7e90617d8a27a05d477ced02a4112b5ee7204cc04a3b2af8971e731aa474000d304518b33a24b1cdebc06f07d8f00ad890595f2ad137da4c878fba97c

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_pattern_RHP.png

Filesize
179B

MD5
ee6dcf0574d59a02d362de951ff52895

SHA1
fa98853e15641c844d5b82bed09b776c36e729a7

SHA256
1a52880098f71abf3c641a5e7600ab9b0c19fb3e684c4bd4add28c67bd87b6a1

SHA512
1741fced98e1c3d34aea6450c082078927cb250c50927149347f1848eeda1594049e4243865647558bee523e71151d1ca78fdcaf163f15a65cc5fe6e023719b4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\bg_patterns_header.png

Filesize
703B

MD5
fb49e6252e82aae0da2e6eb1746be40b

SHA1
862e0e4c7ee86652a6f9e7af7ee739b26d09f86b

SHA256
6b7ff3d3f414ddd4f9580ea2ca8d4cf2411fa9b5ee53dd42bc950dcf4df0af14

SHA512
1b34700ca45f0794e1b406d180ee90cda3f154aa29babd775d67bac7002c2ba59b66c2f8f87f85f221853677c368fec48502b8d15773a29b89b94b7485508650

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations.png

Filesize
8KB

MD5
1df6c7c7adb991f926ffa4ea698de508

SHA1
c3b320752b17285f32c1746abd0b5a357ce577d5

SHA256
81bacbd6cf861a730d3a6de99a9a89b44a33ae17082e0ad9b91c68184b67add6

SHA512
be51d4caf8093e8ba5f876e810bcce8fca504ee92f98370854a20112619c0843701972eb8a90e6e77d00bdf514d2e46bff6984080ac023696505199499501892

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\illustrations_retina.png

Filesize
19KB

MD5
20e2ccd7262a910ffa9be5d91e1fcdb1

SHA1
25a8ca7df60d2cba03df980b5aaa42be9cb66d4a

SHA256
53160d60593fe56406504b15e116e1a323efa63709b9bf1882368ab54f589d13

SHA512
08a210d4192b62bd14bd8bcceebb786c22ea77db31d35fd8c173b024404d85f26a98e3fd8ab0dc32ef37899f7a75271a8fe5d9bc8e93d2fe79acad84c7854655

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png

Filesize
6KB

MD5
6387356a072ea7a2dbe86c2736d57597

SHA1
8df48c7eda7f589f72ce5b4587f6dbc5b6a12c0d

SHA256
255f1b4575b55540bbb4e09be204a37a9d22ed89c3ead283be3f6e3db8d6c2ee

SHA512
9ee7b9c4343253e35d2a33aefaf36727df257f3c13d822428d13835ebb00e682d6055ff08f9b38726ac589eab7bd537a68bc9e8936d8b802d3a7822ec304c2df

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\bun.png

Filesize
2KB

MD5
92878aa34bc517bd037381e09c76e7ca

SHA1
1dfe4e06ec61bc2bff4140643ec7ae993ee16f72

SHA256
31b8fddb6f2e18cdde556ee7ace3d9f257245888e8f123d8f53f23b72122d3ef

SHA512
222d14eb67dd9fcc50256468c6f50f99f7d3a2bfa43afe30f8790819fc40e42dfc25b60dd7dea9dda18c7e5ebc767f911f33f5b8fc136e134823cd05356ba4cf

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview.png

Filesize
2KB

MD5
44a504fe74a5493fab357f8930d8515e

SHA1
71fedd2cd8ad3aaab51197f4c4a89e9f3951939a

SHA256
369f3c6d034bf7877016a822aaba6d8a3d7648db1e91cb4f7211511440af3f0c

SHA512
dc059d31a4fd56cb1a1613849f80b0f7abbc3c5c2df11aa765c000ddee71e89f7669bc0b7a60d5db8f493270bb1f261dec2b2a66dbf4d11abcf62f83d002514f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png

Filesize
4KB

MD5
3702c5ffd942eb88f55d50188506985f

SHA1
7acc20785a36f6816c8be32f3c3efd3e381e7dea

SHA256
c9b3d6015d5b4f5bc78ffef699b12f000e1e1f7c5c929438a0f900cad3b74f83

SHA512
58f9e2364ad5a9afd703610d1e389f49b2bd4f2f96557b46c1b926bbe0bc0425653d8ffbe4b9338419044358beb64abee98305dd6875b47503513a413e1c07a4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small.png

Filesize
289B

MD5
2d90fd50d72636cd88d6362df21047f6

SHA1
1e5eb0cee332d304a5d98b7648713b36f51c10fc

SHA256
de565c3322c19beb3280a1afbb00c42c17c41a17d231f09d9fc0917f8d866646

SHA512
028103814b3eed0d3809febd1ebd8ed6a8fa8a64089878fba445a41092d9680092b6a2dbc1f620907122587fa7153c693b88fa4788c936f020d2ce06bb527370

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png

Filesize
385B

MD5
18b456023fcb692fa2e05a37bbb78828

SHA1
54dc66bfe558089f207f4926980e4eba800525f3

SHA256
0c45e8b97bff424101ec497ad75f12b8a9b811263b6b0f14344b22c4497ba88d

SHA512
5230702a1b2b65c36eb612de4023835e406eb57008618e7a6f4fda723cde4c72bec26aeb5122dbdeb17dab860d77c62a58db6310b035649e6e62b5adddbbea7a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\illustrations.png

Filesize
4KB

MD5
eb74f497a35415d3097489b07a37958d

SHA1
22661abc8a2aebd5642b76700bd8684444e46662

SHA256
035185f6efe08f2493425eb3bb0e3fff6ebdbf992b853902b3f17186835d6066

SHA512
3ed27f5c305fe9fabc042a91c823c135ca38f7513c4a852cd44ba9662e0535f25f55e7a8ec7434e491bc4a101183cf2e091a02fdd4d9f606170a895d3b0019bd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\nub.png

Filesize
1003B

MD5
e428a4a79ad10c96540ffbb41e12eb44

SHA1
c62897ab5003a1f7eecbc0b1ae5a2813e3656126

SHA256
f1609aafc9a02fca06eaf9fe0c118fc1396620ee4f95e2d2f77a35cdeb098e54

SHA512
e3c38b00484ad555059b18f1b7316f83fc195d9309d758330f09bb93c5662c9c811ef30a8aa4b1c21251d3dbc6df66304d6b611bbd525be11391007deff477ea

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons.png

Filesize
1KB

MD5
bb39c294e9426767ee23cf060506fc2c

SHA1
9538166cccc54f826bc3d3a351c05a928fa66fbd

SHA256
c15c7fe26950fbd8b563d1548a11a9169bd5ddbd56f93a0829e6d69c573d17c9

SHA512
75ff467f202b37c3e7276232770f8117b42f9470ef1e6ec0704aa22c8e85efea044583efa266c485b71655e77ad0347d3a47f34cfb766248b0d75e9c4105cdac

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\share_icons2x.png

Filesize
2KB

MD5
2e988593bfe1648e4a331131f6365e31

SHA1
bfbb26313b194faa14ed6f8878705a20807c1040

SHA256
2afcda0ff090d26f991b8c7572fd5bd29ba2b1c43702914981d33ec433f3ebf8

SHA512
14e4c21a8488ccca06210e6dd2fa712e48a04e1ab596d3f86dcba0cc2428a3e3084912f5c9075bda6981661504289b5cca7e70c8ab65d200390c4cfcc186d61e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adc_logo.png

Filesize
3KB

MD5
0e573cadb0ae6c2826cf24bfa6c6a7f7

SHA1
dc86dd016843d7230e61f5c85d65141abe850180

SHA256
392ef0cbb124c5e37bafa596038be1774ae4dcb56e60d9d0f16ccb3fdac42d5e

SHA512
752c88bee3178860b3077aeff617c5465b3aee6651fdaaffa4b461a177be83a49976dcfe6fa59ae4422c0b2e256540a38fbebb839550e34317ed40b1c493e981

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif

Filesize
556B

MD5
8eff96bd677f944a4b9f4e3d10b7e71c

SHA1
30f919f2ca4c96a2a457e6bfb4dc600af3815de8

SHA256
1d65d697503f042d2bf7de5ddb1529cccbd5bda7b0f9ec55f30ef76581147681

SHA512
c6889653fe36dd0826074edbb418b26fd68dabb4b25678e8b28b251bc676fe72625cad13de1de3dba3737ac3d105c6f1c8969afa183b21e3c7c6d0b2b70364e9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\logo_retina.png

Filesize
6KB

MD5
036ea62333001411f407197e0b841ac0

SHA1
ef7ea89531cd708745c810054f05853ffc127266

SHA256
d867801d00809fdb10599041594f8c82711c72f50e7964123baf2137142e0f60

SHA512
b77525f9fbede7d7fd35b8eb09c29d9e6d7808597eb49aebc0ade0739f82e97472ed72598f7e4706636a81f0e34aef483b84c5f5ec18188fb43171c7d1de8827

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png

Filesize
826B

MD5
808b335034dc5bf4c669ad4dc19da467

SHA1
be79b76ad9f8d8a0e5bc77d6c2d7b67775ef8676

SHA256
636dbf7fffcd01997086a5666d4ee1ecbf5511c0c0968fa8e9d7d90aea52edcc

SHA512
290264d7fe6ad578cc8098311f6c5038a3b8b393e6e4f1be5dcf35b39ff3e9dcfa957b16b87c7414afd8cf07da85285b8e1a7f247bb261f4aa2b78f9826b92db

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png

Filesize
1KB

MD5
73acd6cb7c4a43f34822776a9e77677c

SHA1
0e337f94040a9cda6a23b997788905dd0554f8c8

SHA256
2d079daee5ecda3642fc6d2dec35be21581a1f72965a253c6a83ae75f3d15a46

SHA512
339a5b273fc8cd5e00fd2e0d7f95fe0d36ee5347dcf19b7c9f60d90531a4385bc991bd92f128c49ab252faa35b09b5a75ad592f630612bdb61cab0d14d2e3c75

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt

Filesize
32KB

MD5
337286fa83f340bedb19d74e1001f88c

SHA1
ee4a910d73e197d0ebfd0a635ad66b2a32f261c5

SHA256
dbbfd99a0b8550e2ff608a91265bbd4cf1f6e6bd03abc57a5a27baaf6e8a0c40

SHA512
9bb8c5fdc311b83d5dcd6ad2734d5d39fc1d0d36b0c77a9982d9f01976786977273acfa9b6ec4fb8333b2299445fc0dc677aa1125e7436b05b3989994e99bf6b

Download Submit
C:\Program Files\7-Zip\Lang\HOW TO DECRYPT FILES.txt

Filesize
17B

MD5
cbbb9f5dd35f68292dcef3020f9d0696

SHA1
fdc1b69aa777f6e940ba1ae9b3fab576fc7ed95a

SHA256
3f4ae3840d456a08b574639b6fefb217aaaef6625600110fe8aebc864c094ef4

SHA512
2929fb4970ffc66f4835bea44b9285a2408401b155410be12b3314a383e50f71a7a0fe665e9f03219328ae675ba6bcf0d841204229120ccde73ca190f5572d81

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif

Filesize
153B

MD5
7ffa5e1e3ed1614c4ef8ecf24926246b

SHA1
c41d8111df6d7b215f210d828ed41ee16a19d732

SHA256
57b51e89979f608d026ecbc37b21c54860be36374b331b9fecac3dc82427a94a

SHA512
ffc186924cfece7163037d8a86a5db43549a95042918a7c663ea098fce36d5518d0052af25dafd3dc1b5ba284fbc0c7db3ab30f3aaf6e55ecfe524d1988c74d9

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
190B

MD5
d6cafed3cb1350b1eeb3f2f31ebd0453

SHA1
6fa526d8bc726999aae7540986a7a9da8a7dcff7

SHA256
39f20d0581c2de60e678d77e5d444f76ed714c317a000ea73602deb79eedc9b8

SHA512
2595188b7ca7cebdd9a97394935877cfc01b02d49fd0cf7b3fbf47272ad8a58a283fe6afe34aefa0b2983b7f422ac072a6456e79b39080296f818878c0c05c3b

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
190B

MD5
1f1cf2903cdfd5b4f5a3a317c9280895

SHA1
e4c18c36f0637b5b48130415e26f392619112002

SHA256
0f141456a9422f66ea0761a8e740549da7f56575d1aba868e82f6ac9321e7007

SHA512
10dbbec6dbe6549a1e921f45d185a1243a4d84cd30c41b04ca5847e345c6d34ce75aaba826e634671ffabf3b7013b9d5712b917d7646440fe72c9cb3cd40c404

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
6d278f6b3d24685a917cc12b66387064

SHA1
563fae702effcd2bce1fbe7862727582b0bd61e6

SHA256
b7a070c0bc5f5b62ff22d6d183c5f79489fe3c6504790fe63c084fe2ed9feb34

SHA512
a71723f61d020fae9fba67d7c6446b42ed01934c79fe1583c8622fbe3f70e3a0fe233de6e1cba69390a5a223de5d4cfe90691d3ee8be94fd58ad7bb60dbcbfc6

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
f7f9590a958594847a0798addbfaab95

SHA1
fefb8679251d2806a8951e20eb6073a8d1380178

SHA256
2839c32c33bbbe03c85a40d781e0ab579a81630513e8eab0fac1ab6fea4ceeb8

SHA512
ed2bd14cd4b4642ee495a574576f7f8ff9f9d776ee4d3a5ad645f6d33ae571acc000494f35244ac10d083b7e7a905d1299fb7a2e320a651956a37aa7f686f8dd

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
2576de07e83b12b48d51ecec1f218a4d

SHA1
15283f3c192df002e99734f6f3eab04e756fc7ab

SHA256
b3b74489943ca29e7bcab3766ea2a138512ea7dde067c9295f2510a201448691

SHA512
ab6201d4b4786a96e623eeffdb4d3c3df2710a28034c394c3fe74c16961d3238b0be5fc3d2767991c0d91fe21617028c55e4d926a9fb597f37c28f3d543438bc

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
c5f596f80a2e50996db085a673287f61

SHA1
2901fe6e5fa38d99ec5bf7741e04fbe2b8075b07

SHA256
cb19def17003c75c31318e9b99eb927762358cb9275fae103a86b0e9bf39450f

SHA512
98950a8222c60b822aeab783385defd42df01c8035dfe786dc735b335ae0d69ce5590569f55d605f15980ac6a16dbcb33adb7d5f9d5a64fd1c39b8f27fbd854f

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
641a6200e2e7461db51e34999cf617fa

SHA1
dab4f04722e903cbf963f10cde0eb307926b082b

SHA256
2c64d60f826790d50f4a00aeb385e2da80a47a5d7edf81e0fe9636b7aed0c8c6

SHA512
e6115dc07e905d71408eb209e0267e6bf482c1c477c6541f2274f9c074bfbb2010d7f7dbc217b69764901e41e1f635175d4715d57260aa70cbb6338e0e3374ab

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
d6ec7a8bab7fa7259bee5855697f5a70

SHA1
6e228b7c20b673777efe370bf3ec2d571a39ccbb

SHA256
81e841a2e342799100563e48efcc4d7a637c9d1d3bddf22d3af22b6c3d59a3e7

SHA512
eb7e774901909c58132c623ae187a834edb106837e87538f21452774f0d4b78a7b3651b62450e36e733899cffb666d63c0e277209a90e4fb564e4784ee3123eb

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
2996f70093de4a5ddd550206a162e77b

SHA1
878dcb7120d2535694473091edee1a2aedd00fca

SHA256
1ca20268993840692bc8b71eb1041d54867ef225963696fc03c1a2187b962ef3

SHA512
2ca83572572c28ca604e29237c3583f623a9ccbb05c153f7a550246fb93c79aeaf41d2152515a01d9d6855f32155641e177eada955b4e66159a9995aadfbc4c4

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
3b7ac299a0bc235b546b1e0dd01e7783

SHA1
a02948f57d69add68ff0dd0a11f95d9a1a2ed86e

SHA256
0ab308a2dc46d093884ec1fecddc0e10be144b8e83e1b9d48d6c5ed85d722efb

SHA512
285c6f92a580a085f50c4b76b867a91e566f20da2c3bf648bc239b18f391d002f9a951ea9e1d3fd9e083ff1aeb38ab9c7a4a6dec009a4eafca53d2b9bbcd65af

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
2c75cb6f2cdde58a57203fd5260f09b7

SHA1
76f02a7eb7f9d19a1ecd5e35d73418d7dbebe2be

SHA256
219cf052b5c86ba807c222f096dd79ff32aa89d96e3c4e0efd973710244dfde3

SHA512
67136ace0ff5853e2488be5ef240d9e424bf0e951fdfda9ef1a9d55253c277042508fe936e0c257b24f39c2d4fe04a5899cf4fe19b179496bd95b8bc964717f9

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
401fc887b44979d1715edc7cae00837a

SHA1
f879f4f3491fd90990c99db416f04a7c65340fd9

SHA256
47fd2abfa31201a20c89047417407243724b75075d800670a6d9a1bdcedea9df

SHA512
269345fe50ae1f18a5fb5342be4a1fc0d92d2d56406ec8fcc6cf63291d09762f8117625f854b904c3d4ab96013ef10c518a08954dff69dd96179135b5260361b

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
1118007ac60e0101b8fd833961806195

SHA1
8607b54384c0ecdf0db284592c68cf7860c6047c

SHA256
8c01b5f704c4fed1a4b98061c0c741212e05d18f338f64ee6d155004bb77bac2

SHA512
c962ef3b891dccd3c77ca33af30d0a318a29acc9e840aa9613517e64e9fa1320ed217476e1b52161cffe1b1daa075654ca6d3595e916927d66ff18f90926a263

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
06aca116c57187c6b2016ea531c206f3

SHA1
37af76082e62374c41abf0ae2170a50121adcdfe

SHA256
aa4060c55c32422f7460f27430eac8f152b0b81270a150d98d41eb4bdd2b7dcc

SHA512
273c745a5fcea49b60de84d5804bcad8a097078f74e007e9bb609a8eb506edf5ad501b1a672d7de841cbc1d0093b9937838c6ca14403d40929f1d4bb00b661dd

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
01e50a39ef16ab278445ad4aefbb010e

SHA1
1efefce25ec4614ad2788ebe142fdfe7942cc3d3

SHA256
81132287aa15c165ee45fe4932232553bb7e9caa9e28404c441faa53f8dc2941

SHA512
c0dd41a01d679a28002e6babc9f6c2f63d693912c8aab69d78fb8f1340ce50cb4d3d9373d250fa5a0d88856930583aee3b95bc548a7358a031504862d2ec18ef

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
668a03c67f92f58a6a199c4f277dea6a

SHA1
8a6f062c7c2afe13d860ad302360661d0cb9b7dc

SHA256
c2deea8c4b6326573a9d8f4601035c7d8064bc63969bf711da770c545ef1258a

SHA512
d1cdd2de1eb2de3e8a128590f64fe48f098b7e38e57517c4f55efbeebd9826346bcba2f9484bce9b46541b687412e736ea68d499db1aec9a5924893e67f0fcc3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
162B

MD5
98656ed079002b40bcaf18585f0200ca

SHA1
53d9b825603c56ee31fd74a1cd1bc3156399df1f

SHA256
24168d384eebf05da00fdb9d179159c6f03d95f1e31bb57575db5d87bc9e8215

SHA512
b0e3452028174eb6c7e7c9bd454773882b053af354e4e476573a634bf0e5edd2ae22a793045eb9805769482414012ff8335dff7367248355e1f8756d00c6a14b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
30e0ca112de40bc3e3457c4d6c3c45cf

SHA1
cbc0798ef1c1668be2c2270de6a4b0ac488d2f7c

SHA256
55c381059102fdb6b02ccb569e894dc2758dd9179fda17fb0bc0a525ca1603ff

SHA512
4ab3c129e707e63029785961c3b7d0f8b430d0ec9f6a3bb438e77329054ef37c7644afe395c1d936ccc06780a807517bf363695a22a4466caf71878ad9a971da

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
51426a3f19fe8e938e48ab6405c032a4

SHA1
769274c79575c1d1dafd8d309422b03f3104c8bf

SHA256
2d10b2c6075975cd2f8d4801d7178fbae4ae50869d02d27ed86f101c551fe7fb

SHA512
7d8d169867fa643f8267f62ea70458b86a329506c2221789d373531fe72476e31d23d008f581fbf06498cf262a22cfca5e35859641761a32aab821a39bb9debb

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
01c0404badf9bdb3afafa9d07edf7b11

SHA1
0ce30b466d28d71ea1de286d02f8aa4f48755cf3

SHA256
09b9e17564430d2cf30ae09613acb246bc3ec337f05035112feae5d62660bae7

SHA512
7a21ad000af66abb8362c9a223de13b0b74fbcb5d7f2c8349a58348d2819092ef2cf9dc13c8d019485f861d692151c4522b6b464d1aabc8aad5f4c24775a772e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
9098ef001af4009058a912afed33afe2

SHA1
6d455b09a146c1903ed626efa78b58c318087862

SHA256
3725c78400573a901efb2e6121891b65db57d0515f10c0b9d266cf50a33232eb

SHA512
5943792557702ad437a03b275e70580d4f03aaa5df3360d295bdf9289f529fe86ebcc47e04f2790e36ab6cb4c8ff4c7e15ee8db41b9c3b4f3e71548fddf82080

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
f2cfcf3ab977d76c424ab96f1d6da193

SHA1
5f7ad6955179d4d46b3c4d1845b1bfaea840c854

SHA256
619d0e3d8d4ae142e4c982507d022fd3c3a42eac62618a858e17437ea76dd9bd

SHA512
47fd767b9b917e2b59c761a1277d33f7e43ce5aa766fbb5e39350b5acb7806c41f180910d9feadce7f994d16f2452cee60e528e3e95977b0fa8a5ca2ae855da3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
42046836a3f88aeb8f19d28907e52a41

SHA1
9a3d34b1d6cefc68e30408628f6e67b7af6170f5

SHA256
e08b92ae5ceb3b3cbb78a9ff48a4164b24ea3c324010f1156fac1df23b3f2bf6

SHA512
f703a4d2dd6c5e65f98c57f7bcef3f82021c7da24b8b6cf24f09fcc91b40c0f938a6223ed6ec94d0c4c1cc74550ccd132460cd3ac8e966ada7dde53942ab105c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
3d6438482e462c204a20ab3e7bbbfc39

SHA1
4baeb6073736eb165adfa52e45fa45a1f55b8746

SHA256
988192462f37bfbde345c4c1dc8c12d64fb21957f43047c2657723d63f3e679f

SHA512
73cec7eeb879405b128fa900ec95cb1d8a95a7945b22d2bd08a38787f87e180892e047f73560530bed7df5af2919f5dfbada4783425a47405d7380c0e7c2d29b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
1d65d0c4f92e57598dc156ceccec03e2

SHA1
d9a06791855e0db3563ec14eb91dd2879e4a16a3

SHA256
fa42ab5c2ce825e7a44adb61ba84df510b352799a37a9b5d6076f07983dc48dd

SHA512
b77cac8fe2791ba2561c2e58091fd7cb1449d297f2bb8d48127ba26aa73c66c1b086f8fd15b72581dde325970863b63ea01305785c6e161edd1a42360b2c3467

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
3151aa49ef0f62362c38ba4edc0691f0

SHA1
fe1eed41c6aeb9fa88b966fdef2911b41657ca66

SHA256
a0f70ff76451b08fe732338d06a98be9fd11c02a9d330f7a22077b965a2e2a60

SHA512
2ccb42a77e30c7bbebbda63721e960fde24da1dd54d08ef488abb39147ea526b15bf2f2a929b0972b12270105d54b585d6792a9306207ec225ab3a083c50c253

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
905a2cc1dbeefdeed341cb3fa8a324ca

SHA1
2843a432ac13c59d79e37a2292daded0a76878ad

SHA256
80e3fb9df33e76fa76b39d508d25ff1139b1e4806813fcd6e79dbeb3ddcf03f1

SHA512
cab3ee02dc6e3ee816eaeba108fb5f987120c736772cbb752cbc6f942414163aacfbff7f7c69bc0cede5e0dc86643ba85a113189b98ab32afae7fe6a4a4c4b3e

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
f9fdc12a870ef391e6df84a3cf7e992c

SHA1
fb97f6a64e2cf78f11749f2da094652f366bd34a

SHA256
362c3bbd1aa3e0f2e11ff90cb7c062a350b8108706f3bd92f2e58cdef1901875

SHA512
0b3714445d1c7a2330fe8c00c41e0a33e2a5e1a3541aa39b7e285a00a9de0f7c1bf08c24817bc623683a6115abf83f7d12c7c0df1c1fe0b0b7eac14de9eb654d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
be7c4b812849f70fbd41026730124d18

SHA1
46879bc429bcd466261a57b6c3abf271febe4b69

SHA256
5dde79cada61a0842fa303388b92ffa284482f976dc9855fdf267a60cf8c6973

SHA512
0b9b5af53daa59e3c6296acf1da94d089e655ac15522154e112e7886eaa950f4f6f5d753fe6e0781571fc4dccce7977a5eda2543894ea3148539e0df35cf1ffd

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
5d5ce458ed98ddbfd98587805a743d1f

SHA1
411b60004c8d5c926b9eeef7bcb0aa5b0072c65b

SHA256
ed2f3be3bc1752004b41d4873c9ca4c916854e25b818f1e47c4eb146901e7b9c

SHA512
a8edcff3a3939a68b543be3002c6457dd099eba5151ff7d11cd7d13294d6a59a347000235b198772328332f38dd21e6a85e3842056b23cd2eeb75321591c7059

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
af4194f0e94bc7c6c6c89dac307d08a9

SHA1
ad262fd0cafe498ba7b112a7a44c424f64677823

SHA256
c680afbdf5bdbb29900729376944ea16fba1e0abd724fdb1a63285db73768fa0

SHA512
b607198683fe42a591b260ad60e716bff90eb85b274c23044baeba02df1a2e3a9c51285597c27c2e1ab445c581728019bfe00436d12d16f2d8ce29614a75e419

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
e27cd5415c62d0b7271edb99bdf5782a

SHA1
6f8afe7a1ca2781fe456bb4f28de6cfc126e0ffd

SHA256
2ec2e49c06fe708d45222947f569403b95dd6ee561accf234498b82460672c3e

SHA512
6f4c3c672302ca786fba109e3147359f4773c454626cf6f5632d03c9059983f484ad091335c43a172b64a96992a6c798891d934b01f73c2f1556a3b25a4855d8

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
fa7c445a22e8e3a90955a24839e16472

SHA1
73d5c35e6d7c33ea0147e1ae0fcf5acc0032fc51

SHA256
f5d65d5ce37187430cd77441221235330d90ad99081c35e47ad8f90b208d902c

SHA512
505e75123849b2293c829cbe92b3b52e9a738f78440f33e2fae9028554c30d5d9d98064a15fe1bb7054d3283400c20c06f85b58b5f9cc1ffcdc3915bb262a797

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
4c33c7c969f27b1b6c5bc7fa6ee5edfb

SHA1
9c057e76e3a5da3fe228f734b2e85d7d4ffadb90

SHA256
f681b8fcf36decc12104a8f118730aceddf373bf82f110504db422142379cc86

SHA512
fc2a06f6a8fa45f7d702ac69eb8faabad0a9495fcc2a3033cae5f5fee09e64485a79c93bcda8f0a97c27a80de35620d3ef55366059cd73d6c1053cd4af9fb6c6

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
8202e1f036c5cf8d4ee8889e87ff0074

SHA1
433cb74091d8e954a5b842fba48a22507dfb46eb

SHA256
f2e39d12fa0a6d927fe0af3eac8b5f64a1c9f25201fe6899a7be4a779d3a375e

SHA512
0af5cd45542750d05bb0dd1cd2e719020a18c222c2ebda045af6d096b1b20a309cdefb42237c662132f9841fd93989eb9481b4662cbe45a1372f0c315056333a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
2e1ba5c0467fd8f28f42a0a51ec7abbf

SHA1
c36ef4989b68fccf50bbf4daa44381e5bdfed9d9

SHA256
ddc34509d8355a2cdfbf53fc681a614e771a6c609159bafcf9d3159ba5ae0087

SHA512
cd006cfed01f31dccd2651ffcc2f3a6b9dfdf3148022991abd5c1404dfe1d6ba180fa04737ae42b8b0fb8c062883529c65da49051b59a39aebfdf5968d8f08e4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
7b28293747317343e69a6ae7afaf984f

SHA1
d89a331738b14b831492dbd07d9fcd05e0cdc92d

SHA256
c20bbb0d0e23581d3116605e04e117c51d06c313ade1d1125145a4c7effaca03

SHA512
9ac66d6cb3ceea9e2b70ed19967844c5b8e96a05dc353aeb71354264c1adb1393cc3badfe17194659647fe58e07e60f4ebcb432c4dca35544a9e579ab382d7ec

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
c2d1f418f5b6d31dd7730c8a47851853

SHA1
62d345ff13c9c7a6155d8482c92fc023a208f779

SHA256
8a65f05f41136a16588641bbfcc67faa19500f030fdec94d0c281bde3bd1cacb

SHA512
f226b5b5f68c2310fd1e38b60d10d2cedbd1aa2f281a24c0a69611616e9fcf8b02408d0edc60a5c2c7499ac9d6bdb21207ed951e19498593c42dfa0ebb23edc7

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
5ef1212e8dc759ca5c2014dce05963e8

SHA1
7f4331294b3a6813ab3a8e9d3071e377394b2d13

SHA256
7004881fd59cfcc0ab30ea19c8512eb67c08b7a3385af3d41e60e8b1097f1593

SHA512
623c1d0d750ca34a029d513a172f8c80e8750dbc87c96edcc5181dfb9ef6cb16b4d46582871d2f0bca942fc0f4b88a2219b43cb95767c0b2c609bd9527a148a9

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
5c8735c1627e0ed6dfdb2f9c6c97ce81

SHA1
42d4b21b8e9661dc2fe53775893f479d42e881d2

SHA256
8c7f29730e3288e14d3dcb785d1c46e7c60a9d75d352331a65046006f03d1614

SHA512
c1ebd022072189fba06f5ad76b8d16b04f5f2687eab4ec73455ab5fd145903e8ecf7a8c58aed80e7461ee24597062c1ba483a1ed4557421b55bc3a53fec31b4c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
e11def4d9db2b74a17805ff69efeb517

SHA1
44603ec01f0ee63cc3a548101c1627b7b337db62

SHA256
02edb880cbbcaac9bdf6828c519a68f7cdec650013842264fcc490044b4514b2

SHA512
db97873f69ed6caead49fa7f0cb9944a2bd75f119333c4aaae03269ff8a551ded4ed49acc982de5c0160f5878823b8aff0a6c32bbad5927826021e26ceb33d63

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
63bae068303b32be08451c39d2eadfae

SHA1
d5d135b45f8c6416afdbf4cf221386b4f86aa3e1

SHA256
aed5c345705bb58f2eddf6206ae390a891b457dc37d506adda59768a09689ca5

SHA512
fcfb869d2a9e188e5017421eae9f14ecddb4a2381226cd8773763b3eb4abd9eb7a581cc8118577ed4c438a804511ec5bc910dab84d5436d5e0b714eea0b6269d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1011B

MD5
1518c45c89b97c59e5ad1884ed8ffafb

SHA1
06e7561b83ff50c436b28aa45d358584fa3f6a42

SHA256
72aafd5feba9554f65b4f6e3aca72bebadd9cee51c8e72929b79db27269e7b44

SHA512
731decdf4625c30491c3896a4007447b70fd87a1d84f9e3b84482199fc42804ffee0e8103846066fefc9899350769ff10230972c865102930e59330109ca4078

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727655840085328.txt

Filesize
77KB

MD5
3fe733255ebee5753e382ddfd42e1ac0

SHA1
9fea0a6a83f9d0f9ef00c937ac0bf8090217a825

SHA256
144f05a56c1e95827e5da40df10ab85cd08483ca46774b6d0687e0d42f9e081d

SHA512
47adec646bbe5ae6ab8aaf1b4e81c88acd27791fe75259036ac0e005ff4b5cc1aa9ab811064beedf488100e624b18db442cc3a81454d068ca32c62640b3f6ab6

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727656363999749.txt

Filesize
47KB

MD5
1ba65f21afb0bba0061dfe9bd86e9e6e

SHA1
10fcb55f912666e5f18ab5d06aff059b6bb591dd

SHA256
afa23d06e495f617d2665dd44773c13899a23fc428696e10b69c27adb88e9d0b

SHA512
dd49254d6114f13343cf0d7e0b5783c81e05355a39d9e16165ee7cbbad619ec8f2470bd1f83cc81004fd521896b526eda43f9261416fbb997bed75202a3b3071

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727662640605367.txt

Filesize
63KB

MD5
8471a25cf50feb3547f5417f071f0db1

SHA1
86742cdc1c23ea6d143085b0e6e9c4f2b7c49b0c

SHA256
589ea59b853e3e2510e3ac9059c725aa39cdfaf2ee1a861b279f7cfd180a3e9b

SHA512
b51a7be94fa2a66b2f6bc2f45aa6ea4b5703df8debadad32722c00f86c52b0647cd9b825a363250a0a8c354e437b6ddd9ab0bee9c49e4fdfd420f46fb443f9b1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133727665714398674.txt

Filesize
74KB

MD5
3c17f331f9bd935e7d0cd485e008b2e2

SHA1
730b7d198813a5d4b3fa5da1e878abd05e8b0bd3

SHA256
42db69569bea167f825d70532f4ac4477faa7ebe484e47edd8a5d13307fabcf8

SHA512
be15392eeb5a7a8aa8f89388a21b0a4d85f2c3efd3afeb03141eff126080f6091cb496e9397cbd19987fb01d554845adb8d9d7cc316fcd4a89da9c599fbc21e7

Download Submit
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk

Filesize
407B

MD5
4018d5f5ee5acced923439da7a230fe4

SHA1
818951bb652c8cd70be9217f4c91503e5081bf64

SHA256
437b12335c378ee3a54714ae88b2269c23e4141215f772b591219cecb500389c

SHA512
063e3595181a37d750f5780f4eb608a7c9d720e69b487a68670257bbf15af13e705c9aeea5ea988429b9f1c25a85a8d7783b65077edf14bf90d2d5c0a62ca8a0

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\ASPdotNET_logo.jpg

Filesize
21KB

MD5
4d66163c59ce2dffdf0bad8a420c3122

SHA1
ef02002b039116e0f8609a05aceb3e7697b51b85

SHA256
dc2fbc2bea03562fab98bfc41ab50a3e6ab5bf955d41ee7ec9ad91350e594846

SHA512
e06f00f661b818435ceba139bbfb303d161f0e863ba1d2489b74e128bc5d9bbd74318be0d7d5352147ec2c6e1675d601b23314145c6adb700ec5462c34546722

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\HelpIcon_solid.gif

Filesize
1KB

MD5
88162f6d138b6a0019ec5393cd156539

SHA1
39a849884b4c76f7ec14eb88428c087e4c6e07c8

SHA256
0f608efbd2113bf297f48c163df9d1bcfcd7f4c85112ace990fbffb14f71132b

SHA512
cad8f2583840f01f56ff03ab62be70b9aea89d4dfc41f74d5151d87289e1feb6ab2fb824bb5b1d85f41327f35e36f03a055b1864f12e00d2814ab18f09739783

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\alert_lrg.gif

Filesize
952B

MD5
e50a1f8faafdda4419ad9e2924634b68

SHA1
91372ddc3ac9e96fc9e7ee4cc3a8b12b87995d90

SHA256
52f0ec9ce3e2f5b7bd612594e652bc15c8cafe2a0953afd39b119c1a4de0b446

SHA512
dc6f652b0dab0b23c48d4274ade326a657c820d9fb415159e567df2e6177901d9c7ccf4f6ae5fc31cd5c3d4249b71146b77682672bc227d8a2bc73f5768b4ef3

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\aspx_file.gif

Filesize
121B

MD5
e01daa311be7dd8c26c5269a3d44620e

SHA1
6b0df4940c3100c7d5f6e20eac493c1c46def1bf

SHA256
eb1415be18ea40faa7024a030ca06af0cfb6043908f36b03fc015b3fcd33784f

SHA512
b3dbb1f577561807bca79b7255dc206c677689505d5c10ba227694580ce88e256aa5aa4dc722329a0af5dea419d65b50defe29034c3c1d78105b89614e4e39d9

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\branding_Full2.gif

Filesize
1KB

MD5
0e34bf2c49aa3ba41f264bdfbc16aad8

SHA1
cf89f84b60da1214cfa66fde9885b1ca5ea514a2

SHA256
a0e98f66e6a49c8f88c7cfbdd271377f085b4a70939532e9ca3dcf95f380601e

SHA512
dcb0c4c1dcd818773177d3a83a217d63554a56ff521060a0224e0d5308ed584df4f50d2a3023e9e8c5e1f73f6f43e9f9ddc5c84feb96fc51eca7a4a4fd0b9099

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\darkBlue_GRAD.jpg

Filesize
8KB

MD5
ef6fa83221c147ff6b108ae8799ad9f0

SHA1
27f797e17490aa2b001ff7fe28144dd8f3cecb65

SHA256
5629fd9dce4d08aca343265b9635c500d91f03b7ca490ae9e10e84efa0568639

SHA512
c6e2df1a281b434572d1e3c18227c5f7ba61d9ecc0c4c0d57b3b0c0a21f9313fef86bde0a25dfc4a34a47a7d6ea4c1496c0461af1af14b64d58e08956f233dff

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\folder.gif

Filesize
914B

MD5
2b60540a6b659f53b10d7ccc44fa81c3

SHA1
df5d9998b0cdda734ec7244d1edc4f0b57c9c4b1

SHA256
ca40234caf0c770009fd74a97c1ff53d232cce3b924997a8f228fac82dad2d8f

SHA512
f59f0813b3ad5b9d507693579250670a1126e49b8c2621ccf0795cd5b310660a5eaf31e4952bf3d22a2c37abde4bea20b7392c6ef3a29e58dd5f76a5f8c06fad

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\headerGRADIENT_Tall.gif

Filesize
328B

MD5
667c83c990a09ff5c06c11b843d49e9d

SHA1
9405bff3fb25406945fdc614a2eae175b448bcd8

SHA256
d76f669225dcb21e4ed604769c13888a3810ad80ce62b69eb9ee5c1e0bcc76ee

SHA512
25458e18c39ae3e5697c45d7251244f1ed877e3e3df77af151834d9ed4d43a9e24d3a07f795003d3011e767f0e8b3e522d757acd43e64f5b8f9b97316c93a0ce

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\help.jpg

Filesize
1KB

MD5
92c2581688d28d3af78b82350b8d53d3

SHA1
47746e5a0607f168fcc2c7536731a141f630e6cc

SHA256
1ae18c3612b034f029ca69581ad6d4e9fa0dc7afd80093fd3480e007fdf187d1

SHA512
dc1bdc720fdb10fb7f0b6bb8ef6f8a7af1ee0b5c2253306ebabd486e30624366057612ebdebadc4ea42e1009cef7f992832f4719c41d951ac7ed0e228ebd0aa8

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image1.gif

Filesize
162B

MD5
3464967ed85837f3f2c8662d4cc7f64b

SHA1
60c3e8c9345281138b3b603d3475026107c78c82

SHA256
01108860b283ec2b486dbeaf7349f6cc6c56775e03d228812fd2dde27f70dd42

SHA512
0208b57d53f25ff9df7517eb547eb4af87ccfdd8458b6c060387a3ea82503ee87e894cff956754ef0d770a763a2772fc28063371da20692738bed3a809791dd0

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\image2.gif

Filesize
586B

MD5
2e5488c3acde66e32eac50b81d7b6699

SHA1
a3583a96ae7f3c9c3839edd07774427bde49996c

SHA256
e9e863fcc24552a718faf69c8ed6cfc5de1423e94ffe9c3f49d76e67430c01ab

SHA512
dc60ea59a02ec67c478489e5d9aac79cbd6ab3aeef13003f90df848a63d3330e5cc0efc657313e91ca4224dc30021c6cd87e58b729e53b74ee233120cde13b78

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif

Filesize
124B

MD5
dc5ee4681ed2d3b1fa938da1354a4755

SHA1
ecf5e606e51f0d8458fb08f5527caa113d471570

SHA256
3b24f350097cc437b8676d5fb9ec442a16202e19be3a7c4defa6efd1379f20ab

SHA512
c1137b502243957fe9ad6f415759b584db2ae2acf0d3b63d1c92d06476f82619ab7c2d99d8d11d953a6b5c9b4a6931ff42d08054d7947a4fb73a006479f9584c

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\topGradRepeat.jpg

Filesize
8KB

MD5
c1a9cec18c3abaa875366fd25348e1e1

SHA1
a521f1fe8d7552af04d7a957a90e2f165cbabab5

SHA256
c268d9dc37af40156b7725e95263e1159c7d9a32c82d69ad03277ad76b660516

SHA512
ec54158a3c3a98b072b8bbd9532acd2c68140b24f0b14a3292f0db6f0f1c8ca2fbabe2223ae56f519e9941e4e0d72b06da3a2c0403f4c88ae6d18eb528fd19c4

Download Submit
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ASP.NETWebAdminFiles\Images\yellowCORNER.gif

Filesize
880B

MD5
4d2115b42741b15a0555e5dc062cca61

SHA1
57882111e4030e1c2b0d5d8bbeb10461db4d8c45

SHA256
2a4abdaaabd06eaee4028124fe98831ef34b43679fc90ff76b0a748f75b94a97

SHA512
a20155a4deb04b460ced822b8ba4bc6d6d991a13a165ae3b5cd138b8c53f24ac7870f8d32f6944795df7bcbd64aa72736e10095014d721d571d2cf851180915a

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk

Filesize
1KB

MD5
2be29d94eadab48e7ce96b292345df17

SHA1
a7e09572423de214967e801762d34c84fbeb3b75

SHA256
6ae9ae7ba4a68e8d076e97a38de731c17475daec0380614edad0fbff2f828051

SHA512
ebfb8ebd1907fc611e6ffabab9488d25fa75913ef3e3dd5b4b7a10e81d2507602f2faddea48fb60eaef84df99db16eeacc5e351dfb6dd700a48be238694fe625

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk

Filesize
1KB

MD5
ccd1c3c381fb17e7c6940dee188a6686

SHA1
0bbf0e97fa2368081f248e37347faf244fe08df4

SHA256
ddafd841a331e3d62ca276a5cb93cdf306b78875d8894179d279e20ee5852c36

SHA512
8ea6f2584ec8d95f4a9e5f24440e883c8975b1a107aa236162bd84313a47e3f95550c99cb1fd5f5801d365550626a86d56d89c4c6f517cde793d5c361ac8a19d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk

Filesize
1KB

MD5
90d391201c63777c3f142dd34573c6d2

SHA1
0a9cb56145ae29d190dac71eee4eb9c7c464db5f

SHA256
614e5d9e346854c7d88e15415569e538865a474f660130fe5ca73a512d9281d2

SHA512
855a33429612b3034513be1d00ff85ec14a8351e0d7f2677683a12b5cd0789e04117d393b3a30e15812812093b73efc84168aa8e4077e61a234197d8c67c2967

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk

Filesize
1KB

MD5
bc50f5bd422265311f5b428936a1ecde

SHA1
ccc277c46a47da71cab51f9e1123006b24328660

SHA256
4b6b76eb65e398af8cf7ef5f813c5ff0e61cedd423eecb65533269d9ae72771d

SHA512
2d6311bfed0787c56aaa93d2f5eed8dd8a4143d15184ad9350ed2576b941df5c2eae4e6a417772358fb2aeababfc38302e3a234f7215db29be431310347e1033

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk

Filesize
1KB

MD5
102c74ba9dc2cbc3031a0fcd0cae144d

SHA1
6a064d48e6b0994adb572ba0ce2d46b9729d8fdd

SHA256
b47d1c5cb94638162c42f3427bd204ed53bf83589e20f4951fdcc6dd70b39541

SHA512
0547fada5d53dfaed6bb408760645fa6a92bfdc50c66f6b84a837a5caab8cb2d2c7bcb72ffa31594677a0697d54a956b1f0ab55580e7d7a0ef81a844b1a739e6

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk

Filesize
1021B

MD5
f3cad815cab63a46bf419103cfba3f47

SHA1
fe1fcef0b26582c0924616e79b805d6ebb265d78

SHA256
70f918dd4462c461099ef7f7bf0a2ce9f92ff756faf52d5463b7a6bacd241b28

SHA512
5d14abfc7c6d4b1e0da816846e0a8f744d34dfc88b696fe01d10ebf8dee914d2c306950a3acc8aea64f1320d0148d70a800afb9c2f9e502c5147099cec5db274

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk

Filesize
1015B

MD5
15d6cdb626cae83d70676f512d44437b

SHA1
7fa2b45ada3c3a7f30e702eb272e2134c33e9ffe

SHA256
08d7fb83eee3f2020bba3440baf3a499ef6a5c72652b450e9c8fa7d7f4a10a05

SHA512
498562e87b0f5b40e6aa89c437590f8f783eb55dfaa496c5060ba9d1b080af35ba03f022fe26afe7e123a376f678317bff618f0f9cc727a58e040bf21d8f452b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk

Filesize
1KB

MD5
2e67e9a1b07bfb84acd342e66bb88a1b

SHA1
4e5125a2fe56b43625e4aa1dcf4d4b014be17179

SHA256
3b57d8667a835401e1a5eaf8142cbe00620a72e0f84cea7b20cb10e072cb912b

SHA512
75a3aa32076f074a1912b6cff95a55b633f0c3b51d282c8a132b2c33d91dd9777753dd3fef6fccfb343de04da85652eea1f618daf07fb6ab05f13bdf6b4efa0b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk

Filesize
1KB

MD5
847ba76ee58829f6b25ef7148372c921

SHA1
c983bcb8a0531528c3af6ec70db3033dadcfa6a6

SHA256
10cccb176f8bf3f376eb2110dd5df8e6dcefbb76ec05051356b346807705372a

SHA512
5b1ef87016e60bf55bb852934cca1d41af10b1f4af12c0979bd0fbeae21780e9ee80746e7c92dec34a7bfa5b217acea9d0d22f3c03ddba450f01da8602d8a39f

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk

Filesize
1KB

MD5
aa945931781d3b2e8953703ec42318ba

SHA1
5645fecbaed96e5d87e0158d25e2d922b9b992e6

SHA256
b6a60e8a3a893e3b4eef30c03050c634c55f3ebe635826842724b1d4773d8638

SHA512
cf2e4631978e3165114f11c404fdb4996685379622129859b9e1fc4d5cc1ac7b474c1f3362c8c30ddf0d7f44accd2e9b7423cf04d90be03b9efd291f6046091b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk

Filesize
1015B

MD5
936439b63ba9f5e2685d15e693f29f16

SHA1
eec3e54f4667714a5756d7978f1def79d0ff304c

SHA256
0938c215ff2773e9ded13cec910f6ab63443c172127180d0011562ed46ac7bf9

SHA512
57bc59c745c74056e2c90f3ae758970b9ae7b317ee4332cc2af80d0b1bf21ece24600329cba771d8b461b534ed4cc2a7132ec1bb5f335ab288f8e45df3152bec

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk

Filesize
1015B

MD5
a6ad05e2e02e19c7b984170885a91425

SHA1
783cdc6af1985de1f0953b537082439227a855d0

SHA256
2747cec23d96a59978bef5ef160f61f4aa7dfa3bf5367dc27ff01b4a741359ff

SHA512
56eeb1f51e1b7c80557522dd59ee6e3459acb77d55cef622e35e9c2bee12b7f8e53a4c353ca73326f34a1935811b2845ac49a91cb624e0a423b6515274980918

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk

Filesize
1KB

MD5
751e232c2551c1f249fbd4878e7ab26b

SHA1
08a1e308ab20bd3fbdfe328a96ba31326287ba2b

SHA256
7be18265a4f7c0d214d8230783fedb32b046bbf6272625b603d8bd1df109ad57

SHA512
62713479daaf637ef07a2bc1a19630d350c08b3d836c7cfe983c149526ac612e27d661c544bebf8bea437de5ca2d2e8b1a097647f96774251371afcfeedb2542

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk

Filesize
1KB

MD5
e299f73674e620bb89f26576679787e5

SHA1
8aa0790e4887b9c302d902c006a294ddfd35ffa6

SHA256
9b67e8d095fc898d175484ded2aa35678dbaf771d26da2f1cf04c40d78672d63

SHA512
10b61f3bb3a8aa8a6c7825f5f4ff9f75aa638ef1ae2608353c0f13cdbd32a0f8b525b593b319022ae9af7a19ebe69cbadf01fbd8dc16b7fb1adabda9f8fd79b3

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk

Filesize
1KB

MD5
a9130e475f2d4c838af17ebe922527b8

SHA1
754264d366da133d99108613f1996e8aef4857ac

SHA256
475354167e14bfd1a59113e22e1f29661e5dc0ae5ee8ce4cb94c663f66d1f836

SHA512
98c569cf67365c81751feafe27cfbc367550875a07e4e4212e8c7dc7356128d09a99b1a99d5a7b77f6c42d6dc10ad39efdad7b50afd9580bb6b03ec4877f208d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk

Filesize
1015B

MD5
024e242cb71e25abaaeaebcdb24ac6ad

SHA1
62d2ac2a0d4d31e63c0953cfaa4ee98d1965446f

SHA256
5f92975403745078a8e86354927d27be035b2c68dfea2d8f393c26ddf9ce28f3

SHA512
d9afbcbeeb45615eac3d26648efd5b66f658dc0e7753dc76a19b68416ce18e77daecfc984fe90a80d1984a09c56503b350df681f745f2cfcb9085e8370262077

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk

Filesize
1KB

MD5
04be2e9e30b646fa952de29327f319ff

SHA1
54be0d19a6dd8e412f677653c5de5b5dc230fd6d

SHA256
089930bd1cf2d07f01ac0eb431d405a2cc29f299a5f916d929998fac8b032eee

SHA512
51f6fe373bfa6a6969d47641bff7aa3ae4ba1860c76cc4389ec5e9686334637f50d93194e5f4aa9641ec1f0fd2d16c4c6ff8965bbb1b3a096d0e3070e197357c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk

Filesize
1015B

MD5
864fe516cb8905b575d6838f850e2ad0

SHA1
a8331fd423ea43df33a5750008819bdf17909cda

SHA256
92b546b1ba2f6d9e94a5cb10ccc850c6fb2d70d1a569dc9324117bb2db44c04a

SHA512
4bdcb64af81747c5c5b1ebab28fdb0e4d438f78a057c236046d21d0c7f3019cb78ef75622c079da832d518034732b77d17f7c0743488949e4eb3d508d4774c0d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk

Filesize
1KB

MD5
6b42864cbdbb891b4a725ed784c25327

SHA1
8490da19f6bd8db7642e531fef1878a5aab20f1e

SHA256
bcf2b4da66cdfbb05b564a1e1bd772e3718a4e5793a3c7208bd20126b150b8b2

SHA512
07c2c2865623f49782fa002c83f30e0d86e001c5e6cb0c503042fa6513adc69fb94fff37190a7b9398f23429a4be400ba859085e75f82b8d04628bc8a7e0506d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

Filesize
352B

MD5
9893213150575ee0cd1b7e40a786e825

SHA1
e822ea3cc5c5a36df3eecb4b9b7c5a33d3792bf4

SHA256
c380a29743e8dd660ed853d0ea89c67cfee5b2f1302fa7c8280cd77aea8e46e5

SHA512
1ee835e8dbe15cfaf256466074d4242f1fcb23f2abd44b44de8836dd9bb5159427dd6272b9f45d95e0f87d1f64a725dbe84297c0f03f645717200974fbdda025

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

Filesize
334B

MD5
a5ac38c666067c38e5b8daedf89199f9

SHA1
faaf5f176c2228fe65e26f4d27d1558c4648b1a2

SHA256
7afed0826246aed2778fd01be0a9d39c9828549e7061d8a9cd9ea3e4be0592e0

SHA512
013a9db7186f5a2e70ec4035f65beebffb746594a1facb548332bf7cbebbf628e7003635657c66fa1a8371a96f31d45e592a9e6136f8f79af60ed21d5e60d092

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk

Filesize
1KB

MD5
719077a178e11829b1668935c8310a3f

SHA1
894c8a6cd52cec0a5b1323fc7c99e9ce55b61cc3

SHA256
e8e0781f2bf6444321513e73e915d1d5496574e2680456bc204ca6a3dc09cbf8

SHA512
4cb3a892210d0968c41923904dc76a504b13ec9dce0f7f635573450a55be374c8ff054234ce48a0198404a29eff2476617fe28b704414ce8a6dc4a1c1fc79e0c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk

Filesize
1KB

MD5
5d1cce9ee6eb35e9eaa5f3c05d4d2511

SHA1
079153338e946ac09db3d9b98625f190d67f816d

SHA256
15de00e4aeb634ea9d657d75749a0c9b2bf34454a6b3b3017c112445ceef0296

SHA512
94c7abe3f959f2d672458fe32838fad303099e22d7b9debab984f29681fce87c35c4011285a7969e2e420567ca2b5328176e8992f7a4937094405b2bb375ed24

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk

Filesize
1KB

MD5
fa1284b343d3a1586e0c7e83e5fea9c3

SHA1
400059d21e2f981fa0c0cbbb29124315e07277b2

SHA256
a39fc0e7c120eff0c73e59d99dfdcc8a1946ed12c015c58de020ae00cff0a6c1

SHA512
e14861ca3e91dca6ca6d7b57a7ec63c466e80ae1d5f1dfaff145200a0f2de9efacdf3d44e0faf02c510b232a9cb580b39dae726d2b48e84c361b74029866d585

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk

Filesize
1KB

MD5
18bca3f197a11db362ba0c3d85b5a7d8

SHA1
89a5474f845c4b2025541e3067a83d97d4616f15

SHA256
1882a387f4e9893d10e1ebcf6a6dfdcac5da9d510e1cc61ba9914aa8dbb5234f

SHA512
5932a6f0e4f969a5cf6f2a2ef8fcb93ca5e80fbc1e754d3a2f4af543318d7e02180eecda584e66b8dc55ee6e6a6d5baa12a57007ea48085a2e51ea41edf2c70c

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk

Filesize
1KB

MD5
1ab6699636fc98bb0353fc3bc06d2244

SHA1
a6f694ab5aa0f95dc042eaab4c482ba341169b60

SHA256
bfbb2438e556dfccd32ffecdda6302fa754636737c52469110897f94cc695617

SHA512
92f656d8912f51263eb4b7035d00121590a008cc0a659c686fc9275143a137ce876aa2d6d714a0481a0a3f1f141997ed0ebbc1b8d05cd00887a40fbb1b7270af

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk

Filesize
405B

MD5
02ede714f1615c83a911d128c03b6891

SHA1
2718909bf5e80880b3369b82a41d0e0716569e5d

SHA256
cc1715b39aaec0e8c5bc2d43ee099c0a2e051b63420ba14fb4c07fda39681930

SHA512
cc32006def43afe8c4935bd977ec2f42ad4bd491bc1af5fe1eaaa8051f0eec48a014d231ede51004ba90fc6a0c5e69ea181083d5e31d850d9a267b107aa6cd79

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk

Filesize
409B

MD5
55e364fb796ea799cdc77a90c4ec36d8

SHA1
860bb8b2a025ac48c9dfa4d755dc95d55c473158

SHA256
e1112152cb7ea311d81248fc2e13688c4ef31c38af745a986e73369eaf5b178a

SHA512
953b2309e8939dae822f32e50f3e63e636bf7aac6d0809cbfea8505b7e18549ad81cf9ea38c75ef3caf054a44250ca1f0af5c05da174023cdc0a20b3a44a3101

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk

Filesize
335B

MD5
18661599783f83018d6d4168f47f8395

SHA1
d8130ba98eaabdb1cbdabade40dd9dca100c975d

SHA256
6a05af2ed84673a178f89b32291ff2f847f7cdaa31d75e59ebd44a2bc91c5c40

SHA512
12c00b8ce5569653405d164e7c6292a9dfd7efd0a8a964556eaea56b591c74a6bd4cdd7ead229f0f34ddf092098e5b16661f684ccae38b6ee01b317c91fa412b

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk

Filesize
2KB

MD5
1e85c36aec4ac7d1094f733dbe435a29

SHA1
b33ca1603364084885c03a34c38069c0e4f3c499

SHA256
bc28d5f56c174e792d03142a0659c8cb501be52def0fda7d35a2b081a8eee6bb

SHA512
c7ed8f0fcd7a6997f3e9e938b596b1a10a7cc9ddb3214b64befe98f7fb0cdad1add34c617bb78bfbfa19e525bdf8946a0057a34442264bc9d0ede13c7a39e52d

Download Submit
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk

Filesize
2KB

MD5
f3d4b48b7b734684cb2cb66eafcde722

SHA1
5d8497dfbe7b2ed81d17600c124973abfdc4cc65

SHA256
67d30f35924e40f09e953184d583ca0bf91a4fbd1751bae4e434ed23715831fc

SHA512
4bd959850fce0dd46122c59f968a317533eb48c7c00c7671ba83a0a1a1844d027aa1db739283cc3a12a7ed7f64fd6087d88a29f25d7a53acfcf822c8194b011e

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
cee4e754d203fe62c613c76881f3f962

SHA1
f7c6862f15993415c3b7033b3bec19e06f895184

SHA256
5d9fe38bb7bb5e6c0b23ac2857e148ebed215a34a46069544c6147278485312c

SHA512
006e9e21c3dee73c90330b1883e78e8547f5aad99c25d0899bf9f092cbcba72dba9c9c0df556df9d6e4422ab17875d4545c6872ba70bab498a59b77f6faa5547

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.153_none_90dc0b923cd83016\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
4b227f14d312c3a551e454072d34fc4b

SHA1
8dd0cb21474fc8c85f945e645688f48de1ec6617

SHA256
854bb46bbf43fcd54832a8cd3a52d9d34f1b5b0f11b89a08bcf8d5dc788059e4

SHA512
20eb79e73279fff4d10711736c098595b48c9ddd8d7790e36b026cf8770221f0a617642a2e6511d7650fe34fdc4564fef346913e41804a4361b290ac339a2429

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_altform-unplated_contrast-black.png

Filesize
296B

MD5
6186505c48d8550fc59bdda3f70ab854

SHA1
de72e99178ee48a10e60edc08c56620f80896ba4

SHA256
367c46d8bd25d3997a461c5c739f0b86346e2e3766dbd607f0f222f26458f2af

SHA512
47b21e138812160279e22b66d1a173bc8d07ef67500c524c38d202570e574f3dd00374e961806d028bebb88bfd383e40d69b9960cbd4916eda7a158414c981a6

Download Submit
C:\Windows\WinSxS\amd64_microsoft-windows-sechealthui.appxmain_31bf3856ad364e35_10.0.19041.964_none_90d24b203cdf4e96\Square44x44Logo.targetsize-44_contrast-white.png

Filesize
276B

MD5
4ecf62d68d57a2358222364bbf43d52f

SHA1
a660770cfb1e230fd5647705a976baa5bee31022

SHA256
de6807a3c98c612aab97cb40326e89b159dd05f254233bad37e37d8b374e6c09

SHA512
39c3630ed3269913ec0dfe0e6a83a9ad3d43eaccba0e218d46785f9acd8cc13556b59102a211718de16ebb13a1d4da8a50914463829cf45d19f0041026add303

Download Submit
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk

Filesize
1KB

MD5
8537fa0b1f8990a0a88a9b95f330eec0

SHA1
a7e403d6d0254661c68d58f2f6766397b1c13c35

SHA256
c27510cea79f98dec214d7a407047b8b4ebb570d809f5a2b9859a40ca324e6a7

SHA512
5e5bd7c0021fef60aedba1fb9e9a084e4a7731005848aa829a5b9eb8ba12e79e9588258e2ada7d553eaaae567102772b5b7298764bc1b784342c8f7c108dc491

Download Submit