Analysis
-
max time kernel
150s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
01-01-2025 07:40
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
JaffaCakes118_4c9a1d8f0b983034f302f2622795fa0d.dll
Resource
win7-20241010-en
windows7-x64
13 signatures
150 seconds
General
-
Target
JaffaCakes118_4c9a1d8f0b983034f302f2622795fa0d.dll
-
Size
156KB
-
MD5
4c9a1d8f0b983034f302f2622795fa0d
-
SHA1
a88c4ae6ec6f29aa6a3bf8723c2deffdb8fbc545
-
SHA256
e8399a473af5316fbbbafb2b12015562fe73f990596850786d3e5d1a14358fba
-
SHA512
cfecf60fceef93d7e410da43537c8e1f8a9cec57a2db6a10ff9e0a38ff8f48e2d53713aedf9fe00aa2dce3305fce79f8c47730d850621848175a157313c69963
-
SSDEEP
3072:G61Ye3TaEu2CoCcn3zO7A4D8XlizSxNP8OZfitqTPwZb:bTa12CoCckAe81gSxNPBfvP
Malware Config
Signatures
-
Modifies WinLogon for persistence 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "userinit.exe,c:\\program files (x86)\\microsoft\\watermark.exe" svchost.exe -
Ramnit family
-
Executes dropped EXE 2 IoCs
pid Process 1628 rundll32Srv.exe 3016 WaterMark.exe -
Loads dropped DLL 4 IoCs
pid Process 2296 rundll32.exe 2296 rundll32.exe 1628 rundll32Srv.exe 1628 rundll32Srv.exe -
Drops file in System32 directory 3 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64\dmlconf.dat svchost.exe File created C:\Windows\SysWOW64\rundll32Srv.exe rundll32.exe File created C:\Windows\SysWOW64\dmlconf.dat svchost.exe -
resource yara_rule behavioral1/memory/1628-13-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/files/0x00100000000122f3-11.dat upx behavioral1/memory/1628-17-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/memory/3016-26-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/memory/3016-31-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/memory/3016-29-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/memory/3016-69-0x0000000000400000-0x0000000000441000-memory.dmp upx behavioral1/memory/3016-675-0x0000000000400000-0x0000000000441000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IO.Log.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\ja-JP\slideShow.html svchost.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationCore.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\WindowsFormsIntegration.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Net.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll svchost.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll svchost.exe File opened for modification C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll svchost.exe File opened for modification C:\Program Files\Google\Chrome\Application\106.0.5249.119\eventlog_provider.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Design.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Entity.Design.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Design.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Web.Entity.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\settings.html svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Xml.Linq.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\flyout.html svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\ReachFramework.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.Client.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll svchost.exe -
Program crash 1 IoCs
pid pid_target Process procid_target 832 2296 WerFault.exe 30 -
System Location Discovery: System Language Discovery 1 TTPs 5 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WaterMark.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rundll32.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rundll32Srv.exe -
Suspicious behavior: EnumeratesProcesses 37 IoCs
pid Process 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 3016 WaterMark.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe 2856 svchost.exe -
Suspicious use of AdjustPrivilegeToken 6 IoCs
description pid Process Token: SeDebugPrivilege 3016 WaterMark.exe Token: SeDebugPrivilege 2856 svchost.exe Token: SeDebugPrivilege 832 WerFault.exe Token: SeDebugPrivilege 2296 rundll32.exe Token: SeDebugPrivilege 3016 WaterMark.exe Token: SeDebugPrivilege 1892 svchost.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 816 wrote to memory of 2296 816 rundll32.exe 30 PID 2296 wrote to memory of 1628 2296 rundll32.exe 31 PID 2296 wrote to memory of 1628 2296 rundll32.exe 31 PID 2296 wrote to memory of 1628 2296 rundll32.exe 31 PID 2296 wrote to memory of 1628 2296 rundll32.exe 31 PID 2296 wrote to memory of 832 2296 rundll32.exe 32 PID 2296 wrote to memory of 832 2296 rundll32.exe 32 PID 2296 wrote to memory of 832 2296 rundll32.exe 32 PID 2296 wrote to memory of 832 2296 rundll32.exe 32 PID 1628 wrote to memory of 3016 1628 rundll32Srv.exe 33 PID 1628 wrote to memory of 3016 1628 rundll32Srv.exe 33 PID 1628 wrote to memory of 3016 1628 rundll32Srv.exe 33 PID 1628 wrote to memory of 3016 1628 rundll32Srv.exe 33 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 1892 3016 WaterMark.exe 34 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 3016 wrote to memory of 2856 3016 WaterMark.exe 35 PID 2856 wrote to memory of 256 2856 svchost.exe 1 PID 2856 wrote to memory of 256 2856 svchost.exe 1 PID 2856 wrote to memory of 256 2856 svchost.exe 1 PID 2856 wrote to memory of 256 2856 svchost.exe 1 PID 2856 wrote to memory of 256 2856 svchost.exe 1 PID 2856 wrote to memory of 332 2856 svchost.exe 2 PID 2856 wrote to memory of 332 2856 svchost.exe 2 PID 2856 wrote to memory of 332 2856 svchost.exe 2 PID 2856 wrote to memory of 332 2856 svchost.exe 2 PID 2856 wrote to memory of 332 2856 svchost.exe 2 PID 2856 wrote to memory of 368 2856 svchost.exe 3 PID 2856 wrote to memory of 368 2856 svchost.exe 3 PID 2856 wrote to memory of 368 2856 svchost.exe 3 PID 2856 wrote to memory of 368 2856 svchost.exe 3 PID 2856 wrote to memory of 368 2856 svchost.exe 3 PID 2856 wrote to memory of 380 2856 svchost.exe 4 PID 2856 wrote to memory of 380 2856 svchost.exe 4 PID 2856 wrote to memory of 380 2856 svchost.exe 4 PID 2856 wrote to memory of 380 2856 svchost.exe 4 PID 2856 wrote to memory of 380 2856 svchost.exe 4 PID 2856 wrote to memory of 412 2856 svchost.exe 5 PID 2856 wrote to memory of 412 2856 svchost.exe 5 PID 2856 wrote to memory of 412 2856 svchost.exe 5 PID 2856 wrote to memory of 412 2856 svchost.exe 5 PID 2856 wrote to memory of 412 2856 svchost.exe 5
Processes
-
C:\Windows\System32\smss.exe\SystemRoot\System32\smss.exe1⤵PID:256
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:332
-
C:\Windows\system32\wininit.exewininit.exe1⤵PID:368
-
C:\Windows\system32\services.exeC:\Windows\system32\services.exe2⤵PID:464
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k DcomLaunch3⤵PID:588
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe4⤵PID:1660
-
-
C:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}4⤵PID:1740
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k RPCSS3⤵PID:664
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted3⤵PID:748
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted3⤵PID:796
-
C:\Windows\system32\Dwm.exe"C:\Windows\system32\Dwm.exe"4⤵PID:1296
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs3⤵PID:848
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService3⤵PID:984
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k NetworkService3⤵PID:284
-
-
C:\Windows\System32\spoolsv.exeC:\Windows\System32\spoolsv.exe3⤵PID:1012
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetwork3⤵PID:1032
-
-
C:\Windows\system32\taskhost.exe"taskhost.exe"3⤵PID:1196
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"3⤵PID:1456
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation3⤵PID:2484
-
-
C:\Windows\system32\sppsvc.exeC:\Windows\system32\sppsvc.exe3⤵PID:2520
-
-
-
C:\Windows\system32\lsass.exeC:\Windows\system32\lsass.exe2⤵PID:480
-
-
C:\Windows\system32\lsm.exeC:\Windows\system32\lsm.exe2⤵PID:488
-
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:380
-
C:\Windows\system32\winlogon.exewinlogon.exe1⤵PID:412
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵PID:1336
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4c9a1d8f0b983034f302f2622795fa0d.dll,#12⤵
- Suspicious use of WriteProcessMemory
PID:816 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4c9a1d8f0b983034f302f2622795fa0d.dll,#13⤵
- Loads dropped DLL
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2296 -
C:\Windows\SysWOW64\rundll32Srv.exeC:\Windows\SysWOW64\rundll32Srv.exe4⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:1628 -
C:\Program Files (x86)\Microsoft\WaterMark.exe"C:\Program Files (x86)\Microsoft\WaterMark.exe"5⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3016 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe6⤵
- Modifies WinLogon for persistence
- Drops file in System32 directory
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
PID:1892
-
-
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe6⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2856
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2296 -s 2284⤵
- Program crash
- Suspicious use of AdjustPrivilegeToken
PID:832
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html
Filesize201KB
MD5767eb5d6751aa8fcff636622d12f7046
SHA1eac9bfdcdd60fdbf9026ec238fb3f2ab29b63d9d
SHA256ae220ed6ae256b5e3cc14a22cfb7939f2840582662a424dbc57ff1e6e068d2d5
SHA512f24289c178882e1ef77c668df03abb85e6f2d89f59b54933218c95718d9138e34e210f84b050cceac83d953e64b1d47213dc56de96d7a88bc3af34086488272b
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html
Filesize198KB
MD5664c40bc41bb809363bb527caf71eae7
SHA1d63e50230a1d575517d0ee638ae631f6eaa62879
SHA2563fb0037804ec5de62b46a7427f69eada8d40579fb0ffc79213c7587c2e9933bc
SHA5128d30aeda2932ff39337f29c169ecb6ea942df15240c4d5d5baa7f60f9a9853880d4892eddf13259786ab7ab6d2f6cdf5c6e466363df7068b01e4167e7aff35d3
-
Filesize
94KB
MD5f6736faa3126f64ed4a7109e40c47806
SHA10d50917f44d6e173bac24916c95343616dcbf18c
SHA256bc0cb854888c155cbfed860a6546bea3c82db643df30437fe14d91194939a874
SHA51229cc26cd4df360252917a5d913e5e4776b6d05061b464f09dbb33918491affdc15cac9e142a9227a48f27d26db1f8ee85bd3d417365d6fef9b2fd380e090efe5