hxxps://www[.]mediafire[.]com/file/ltemareyq1pmqgy/#Pa$$C%C5%8C%F0%9D%94%BBe--2275__OpeN-Se-tUp@!#[.]zip/file

Resubmissions

06-01-2025 06:20

250106-g34sxsylbz 10

06-01-2025 06:14

250106-gzlg6s1kbq 8

Analysis

max time kernel
274s
max time network
205s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 06:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/ltemareyq1pmqgy/#Pa$$C%C5%8C%F0%9D%94%BBe--2275__OpeN-Se-tUp@!#.zip/file

Score

8^/10

discovery persistence phishing privilege_escalation

Malware Config

Signatures

Downloads MZ/PE file
A potential corporate email address has been identified in the URL: #Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#
phishing
A potential corporate email address has been identified in the URL: #Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#.zip
phishing
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
persistence privilege_escalation

Component Object Model Hijacking
T1546.015

Executes dropped EXE 8 IoCs

pid	Process
5760	7z2409-x64.exe
5600	7z2409-x64.exe
5180	7zFM.exe
5036	7zG.exe
5832	7z2409-x64.exe
1424	7zFM.exe
2216	7zG.exe
4740	setup.exe

Loads dropped DLL 3 IoCs

pid	Process
5036	7zG.exe
3428	Process not Found
2216	7zG.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Uninstall.exe	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hy.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\History.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bg.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7-zip32.dll	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\br.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eu.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mn.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nn.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pl.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\yo.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\an.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sv.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\tg.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\th.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ku.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sq.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ca.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ky.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eo.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hy.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lij.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lv.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ne.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bg.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fur.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7z.sfx	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\id.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\uz-cyrl.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pa-in.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ga.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ms.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sa.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ne.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.chm	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bg.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eu.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\az.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\va.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7-zip32.dll	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sl.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ta.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\yo.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kk.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sq.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spl.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fr.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pt.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7z.dll	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\az.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\va.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spl.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bn.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ta.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ar.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.exe	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lt.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ast.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\he.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ms.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pt-br.txt	7z2409-x64.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nb.txt	7z2409-x64.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	7z2409-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	7z2409-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	7z2409-x64.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 63 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings	msedge.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}"	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip	7z2409-x64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip	7z2409-x64.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 481763.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
3352	msedge.exe
3352	msedge.exe
1812	identity_helper.exe
1812	identity_helper.exe
4520	msedge.exe
4520	msedge.exe
4836	msedge.exe
4836	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 4 IoCs

pid	Process
1428	OpenWith.exe
4472	OpenWith.exe
5180	7zFM.exe
1424	7zFM.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe

Suspicious use of AdjustPrivilegeToken 12 IoCs

description	pid	Process
Token: SeRestorePrivilege	5180	7zFM.exe
Token: 35	5180	7zFM.exe
Token: SeRestorePrivilege	5036	7zG.exe
Token: 35	5036	7zG.exe
Token: SeSecurityPrivilege	5036	7zG.exe
Token: SeSecurityPrivilege	5036	7zG.exe
Token: SeRestorePrivilege	1424	7zFM.exe
Token: 35	1424	7zFM.exe
Token: SeRestorePrivilege	2216	7zG.exe
Token: 35	2216	7zG.exe
Token: SeSecurityPrivilege	2216	7zG.exe
Token: SeSecurityPrivilege	2216	7zG.exe

Suspicious use of FindShellTrayWindow 54 IoCs

pid	Process
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
5036	7zG.exe
1424	7zFM.exe
2216	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe
3352	msedge.exe

Suspicious use of SetWindowsHookEx 54 IoCs

pid	Process
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
1428	OpenWith.exe
5760	7z2409-x64.exe
5600	7z2409-x64.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
4472	OpenWith.exe
5832	7z2409-x64.exe
4740	setup.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3352 wrote to memory of 1800	3352	msedge.exe	82
PID 3352 wrote to memory of 1800	3352	msedge.exe	82
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 316	3352	msedge.exe	83
PID 3352 wrote to memory of 4800	3352	msedge.exe	84
PID 3352 wrote to memory of 4800	3352	msedge.exe	84
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85
PID 3352 wrote to memory of 2216	3352	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.mediafire.com/file/ltemareyq1pmqgy/#Pa$$C%C5%8C%F0%9D%94%BBe--2275__OpeN-Se-tUp@!#.zip/file
1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa82b646f8,0x7ffa82b64708,0x7ffa82b64718
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
  2⤵
  PID:316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:2216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:460
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5592 /prefetch:8
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1768 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
  2⤵
  PID:848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1728 /prefetch:1
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3748 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1
  2⤵
  PID:5336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7288 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
  2⤵
  PID:5316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1
  2⤵
  PID:5368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6356 /prefetch:8
  2⤵
  PID:5668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1940,11792625820443900307,3682175091513421236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4836
- C:\Users\Admin\Downloads\7z2409-x64.exe
  "C:\Users\Admin\Downloads\7z2409-x64.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5760
- C:\Users\Admin\Downloads\7z2409-x64.exe
  "C:\Users\Admin\Downloads\7z2409-x64.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3564

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4044

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4444

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#.zip\PaS$==2275.txt
1⤵
PID:1988

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1428

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:4472

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
PID:5180
- C:\Program Files\7-Zip\7zG.exe
  "C:\Program Files\7-Zip\7zG.exe" a -i#7zMap26859:186:7zEvent18054 -ad -saa -- "C:\Users\Admin\Downloads\#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#.zip\Archive"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  PID:5036

C:\Users\Admin\Downloads\7z2409-x64.exe
"C:\Users\Admin\Downloads\7z2409-x64.exe"
1⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5832

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:1424
- C:\Program Files\7-Zip\7zG.exe
  "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#\#P@S$wǾr𝓓__2275--Se-tUp@!\" -ad -an -ai#7zMap30309:178:7zEvent8037
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  PID:2216

C:\Users\Admin\Downloads\#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#\#P@S$wǾr𝓓__2275--Se-tUp@!\!Premium--SatUp\setup.exe
"C:\Users\Admin\Downloads\#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#\#P@S$wǾr𝓓__2275--Se-tUp@!\!Premium--SatUp\setup.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:4740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip.chm

Filesize
121KB

MD5
a7ba50e8a23bf4a17f827c69bdb8f6ab

SHA1
17db88d7fa4bdb042897cf1b8a8d6620dc4f3b07

SHA256
94561a6dd2e91b42d566846270b9d8915c30dd9200e7aab3a4e37547c0042491

SHA512
16598f7fe5dbad5abac11bbf84fce5a26dd686c1786ddeea7b86ea239fd1fd06587755eee7d376f4ca01a0c61f8b8babf5928222009160949a332fe5e985964a

Download Submit
C:\Program Files\7-Zip\7-zip.dll

Filesize
99KB

MD5
88518dec90d627d9d455d8159cf660c5

SHA1
e13c305d35385e5fb7f6d95bb457b944a1d5a2ca

SHA256
f39996ab8eabdffe4f9a22abb1a97665816ec77b64440e0a20a80a41f0810ced

SHA512
7c9d7bd455064d09307d42935c57de687764cf77d3c9ba417c448f4f2c4b87bcd6fea66354dfe80842a2fa3f96c81cc25e8bf77307b4ace1bbe1346cbe68435f

Download Submit
C:\Program Files\7-Zip\7-zip32.dll

Filesize
65KB

MD5
6915c13a6da91694aa3bb899439ed996

SHA1
b4a5efaf56051802f6b2e6da3895a66995a69df1

SHA256
15ef7d51e8ec5b05410d66402a8e168777cd007c4217b6c86dad46be167e482f

SHA512
6757407ad07642602eb841558c5535ee83e9775d9c7f639ad231ed3c8d89ed98a9aaaf1e1c1883ff5596955a28b00800c5f7c6a073e59d299687b07c0cfb54ab

Download Submit
C:\Program Files\7-Zip\7z.dll

Filesize
1.8MB

MD5
c4aabd70dc28c9516809b775a30fdd3f

SHA1
43804fa264bf00ece1ee23468c309bc1be7c66de

SHA256
882063948d675ee41b5ae68db3e84879350ec81cf88d15b9babf2fa08e332863

SHA512
5a88ec6714c4f78b061aed2f2f9c23e7b69596c1185fcb4b21b4c20c84b262667225cc3f380d6e31a47f54a16dc06e4d6ad82cfca7f499450287164c187cec51

Download Submit
C:\Program Files\7-Zip\7z.exe

Filesize
551KB

MD5
b6d5860f368b28caa9dd14a51666a5cd

SHA1
db96d4b476005a684f4a10480c722b3d89dde8a5

SHA256
e2ca3ec168ae9c0b4115cd4fe220145ea9b2dc4b6fc79d765e91f415b34d00de

SHA512
d2bb1d4f194091fc9f3a2dd27d56105e72c46db19af24b91af84e223ffcc7fec44b064bf94b63876ee7c20d40c45730b61aa6b1e327947d6fb1633f482daa529

Download Submit
C:\Program Files\7-Zip\7z.sfx

Filesize
208KB

MD5
c35811927e022b1631e3377be56fb392

SHA1
0d876cf74aa6515d6c6f90a7baf943cae48ba76f

SHA256
97b304ccf831e83ca58b5c99a736f6525f81378125143e92b76baea0988ec5e2

SHA512
5f8f65829051a8c7d0d0ddc98c574a2a58928af7f2ffcaf6d0aa4b414dd65ef78bbe8cee0fa53895481d3ad4cbd2c3f39db850c2d52ba640426fe7b0b4547094

Download Submit
C:\Program Files\7-Zip\7zCon.sfx

Filesize
188KB

MD5
cd3ff26df13ef76463bda01187917fab

SHA1
f1f71022280241b29362dfda57df32464f1e7233

SHA256
1abea0a0cbfbea36809ccd861e25625cc85fe296322676b40f399121075593ba

SHA512
ca49a147a9529f68ab9ff8ebfb09ba57ce21a7e66628a52cdd915c7a4d2c17621a36d002aa87f6ce72c25ac0121a816b8b3165e614c79e9e36337e234043b958

Download Submit
C:\Program Files\7-Zip\7zFM.exe

Filesize
967KB

MD5
4eaae49d718451ec5442d4c8ef42b88b

SHA1
bbac4f5d69a0a778db567e6978d4dabf2d763167

SHA256
dc4fdcd96efe7b41e123c4cba19059162b08449627d908570b534e7d6ec7bf58

SHA512
41595b67c8506c054c28ce2b5dec9d304651449464c6e1eb092a049d49326594584900cff4e9b8210ca3ad8a23e9c22d8df1ae8af15f44a69f784cc546fcced3

Download Submit
C:\Program Files\7-Zip\7zG.exe

Filesize
696KB

MD5
d882650163a8f79c52e48aa9035bacbb

SHA1
9518c39c71af3cc77d7bbb1381160497778c3429

SHA256
07a6236cd92901b459cd015b05f1eeaf9d36e7b11482fcfd2e81cd9ba4767bff

SHA512
8f4604d086bf79dc8f4ad26db2a3af6f724cc683fae2210b1e9e2adf074aad5b11f583af3c30088e5c186e8890f8ddcf32477130d1435c6837457cf6ddaa7ca1

Download Submit
C:\Program Files\7-Zip\History.txt

Filesize
8KB

MD5
ccad44b829868fc155d11387f09c4f4b

SHA1
980dc6ceffd5c852f117034da08e14a34a36897b

SHA256
7d6a3d181b5166ffe08f2779903edd2749c3ef78fd3c0174bdc4380f4a7511b8

SHA512
97a0b4ad774a5ea008c67acd094e4c09261f759f82878f770d90d9fa63d2c283e231249815d6fca7fc12690edc55cdad76720125a403a3aa9237493ef0de942f

Download Submit
C:\Program Files\7-Zip\Lang\af.txt

Filesize
4KB

MD5
df216fae5b13d3c3afe87e405fd34b97

SHA1
787ccb4e18fc2f12a6528adbb7d428397fc4678a

SHA256
9cf684ea88ea5a479f510750e4089aee60bbb2452aa85285312bafcc02c10a34

SHA512
a6eee3d60b88f9676200b40ca9c44cc4e64cf555d9b8788d4fde05e05b8ca5da1d2c7a72114a18358829858d10f2beff094afd3bc12b370460800040537cff68

Download Submit
C:\Program Files\7-Zip\Lang\an.txt

Filesize
7KB

MD5
f16218139e027338a16c3199091d0600

SHA1
da48140a4c033eea217e97118f595394195a15d5

SHA256
3ab9f7aacd38c4cde814f86bc37eec2b9df8d0dddb95fc1d09a5f5bcb11f0eeb

SHA512
b2e99d70d1a7a2a1bfa2ffb61f3ca2d1b18591c4707e4c6c5efb9becdd205d646b3baa0e8cbd28ce297d7830d3dfb8f737266c66e53a83bdbe58b117f8e3ae14

Download Submit
C:\Program Files\7-Zip\Lang\ar.txt

Filesize
12KB

MD5
5747381dc970306051432b18fb2236f2

SHA1
20c65850073308e498b63e5937af68b2e21c66f3

SHA256
85a26c7b59d6d9932f71518ccd03eceeba42043cb1707719b72bfc348c1c1d72

SHA512
3306e15b2c9bb2751b626f6f726de0bcafdc41487ba11fabfcef0a6a798572b29f2ee95384ff347b3b83b310444aaeec23e12bb3ddd7567222a0dd275b0180ff

Download Submit
C:\Program Files\7-Zip\Lang\ast.txt

Filesize
4KB

MD5
1cf6411ff9154a34afb512901ba3ee02

SHA1
958f7ff322475f16ca44728349934bc2f7309423

SHA256
f5f2174daf36e65790c7f0e9a4496b12e14816dad2ee5b1d48a52307076be35f

SHA512
b554c1ab165a6344982533cceed316d7f73b5b94ce483b5dc6fb1f492c6b1914773027d31c35d60ab9408669520ea0785dc0d934d3b2eb4d78570ff7ccbfcf9c

Download Submit
C:\Program Files\7-Zip\Lang\az.txt

Filesize
10KB

MD5
9cd3a23ca6f66f570607f63be6aa0001

SHA1
912837c29c0e07470e257c21775b7513e9af4475

SHA256
1da941116e20e69f61a4a68481797e302c11fcf462ca7203a565588b26011615

SHA512
c90ead15096009b626b06f9eae1b004f4adba5d18ccdb5c7d92694d36903760541f8aa7352be96466f2b0775c69f850605988fa4ef86f3de4fca34f7b645457e

Download Submit
C:\Program Files\7-Zip\Lang\ba.txt

Filesize
10KB

MD5
387ff78cf5f524fc44640f3025746145

SHA1
8480e549d00003de262b54bc342af66049c43d3b

SHA256
8a85c3fcb5f81157490971ee4f5e6b9e4f80be69a802ebed04e6724ce859713f

SHA512
7851633ee62c00fa2c68f6f59220a836307e6dde37eae5e5dca3ca254d167e305fe1eb342f93112032dadafe9e9608c97036ac489761f7bdc776a98337152344

Download Submit
C:\Program Files\7-Zip\Lang\be.txt

Filesize
11KB

MD5
b1dd654e9d8c8c1b001f7b3a15d7b5d3

SHA1
5a933ae8204163c90c00d97ba0c589f4d9f3f532

SHA256
32071222af04465a3d98bb30e253579aa4beceaeb6b21ac7c15b25f46620bf30

SHA512
0137900aeb21f53e4af4027ea15eed7696ed0156577fe6194c2b2097f5fb9d201e7e9d52a51a26ae9a426f8137692154d80676f8705f335fed9ae7e0e1d0a10e

Download Submit
C:\Program Files\7-Zip\Lang\bg.txt

Filesize
17KB

MD5
2d0c8197d84a083ef904f8f5608afe46

SHA1
5ae918d2bb3e9337538ef204342c5a1d690c7b02

SHA256
62c6f410d011a109abecb79caa24d8aeb98b0046d329d611a4d07e66460eef3f

SHA512
3243d24bc9fdb59e1964e4be353c10b6e9d4229ef903a5ace9c0cb6e1689403173b11db022ca2244c1ef0f568be95f21915083a8c5b016f07752026d332878a4

Download Submit
C:\Program Files\7-Zip\Lang\bn.txt

Filesize
14KB

MD5
771c8b73a374cb30df4df682d9c40edf

SHA1
46aa892c3553bddc159a2c470bd317d1f7b8af2a

SHA256
3f55b2ec5033c39c159593c6f5ece667b92f32938b38fcaf58b4b2a98176c1fc

SHA512
8dcc9cc13322c4504ee49111e1f674809892900709290e58a4e219053b1f78747780e1266e1f4128c0c526c8c37b1a5d1a452eefba2890e3a5190eebe30657ba

Download Submit
C:\Program Files\7-Zip\Lang\br.txt

Filesize
4KB

MD5
07504a4edab058c2f67c8bcb95c605dd

SHA1
3e2ae05865fb474f10b396bfefd453c074f822fa

SHA256
432bdb3eaa9953b084ee14eee8fe0abbc1b384cbdd984ccf35f0415d45aabba8

SHA512
b3f54d695c2a12e97c93af4df09ce1800b49e40302bec7071a151f13866edfdfafc56f70de07686650a46a8664608d8d3ea38c2939f2f1630ce0bf968d669ccc

Download Submit
C:\Program Files\7-Zip\Lang\ca.txt

Filesize
9KB

MD5
a77210be2527533d1eceb8f0ea49607a

SHA1
807e36fce4dbe269601939a8579ffb43fe43f381

SHA256
da4df6490c7bc8afd804509f696f9afa6f709b7a327044e2781fa6c95770b239

SHA512
54096f332f2a9bd5690c973eae19ef4199a6acb5243133b9065f433830984f91b62a9f1d71efeed5952cff0bbcb1befdce321cbb090c620bfc13a98bcc1dc14e

Download Submit
C:\Program Files\7-Zip\Lang\co.txt

Filesize
11KB

MD5
de64842f09051e3af6792930a0456b16

SHA1
498b92a35f2a14101183ebe8a22c381610794465

SHA256
dcfb95b47a4435eb7504b804da47302d8a62bbe450dadf1a34baea51c7f60c77

SHA512
5dabeed739a753fd20807400dfc84f7bf1eb544704660a74afcf4e0205b7c71f1ddcf9f79ac2f7b63579735a38e224685b0125c49568cbde2d9d6add4c7d0ed8

Download Submit
C:\Program Files\7-Zip\Lang\cs.txt

Filesize
9KB

MD5
1130abf0e51093dc7edd2c0c334be5d8

SHA1
260a373c4df2ec71dcd343ce4cd97b65d18efa82

SHA256
da788d30aa74b3f8b3d920e98c535e4544756e9e4e235ed0221654f3177d3d2a

SHA512
0f7242992c990085b8332c7e072928a17f4fa4e729451600f1abf58158eb1b782ac4a3c200c1db510bf70f13e6790dadf897e1d1c6effb77187ad41b02e16dbc

Download Submit
C:\Program Files\7-Zip\Lang\cy.txt

Filesize
4KB

MD5
6bdf25354b531370754506223b146600

SHA1
c2487c59eeeaa5c0bdb19d826fb1e926d691358e

SHA256
470eaf5e67f5ead5b8c3ecc1b5b21b29d16c73591eb0047b681660346e25b3fb

SHA512
c357b07c176175cc36a85c42d91b0cada79dbfb584bdf57f22a6cb11898f88aecf4392037d5cea3e1bc02df7493bb27b9509226f810f1875105bbc33c6ae3f20

Download Submit
C:\Program Files\7-Zip\Lang\da.txt

Filesize
7KB

MD5
c397e8ac4b966e1476adbce006bb49e4

SHA1
3e473e3bc11bd828a1e60225273d47c8121f3f2c

SHA256
5ccd481367f7d8c544de6177187aff53f1143ae451ae755ce9ed9b52c5f5d478

SHA512
cbbece415d16b9984c82bd8fa4c03dbd1fec58ed04e9ef0a860b74d451d03d1c7e07b23b3e652374a3b9128a7987414074c2a281087f24a77873cc45ec5aadd2

Download Submit
C:\Program Files\7-Zip\Lang\de.txt

Filesize
9KB

MD5
1e30a705da680aaeceaec26dcf2981de

SHA1
965c8ed225fb3a914f63164e0df2d5a24255c3d0

SHA256
895f76bfa4b1165e4c5a11bdab70a774e7d05d4bbdaec0230f29dcc85d5d3563

SHA512
ff96e6578a1ee38db309e72a33f5de7960edcc260ca1f5d899a822c78595cc761fedbdcdd10050378c02d8a36718d76c18c6796498e2574501011f9d988da701

Download Submit
C:\Program Files\7-Zip\Lang\el.txt

Filesize
17KB

MD5
5894a446df1321fbdda52a11ff402295

SHA1
a08bf21d20f8ec0fc305c87c71e2c94b98a075a4

SHA256
2dd2130f94d31262b12680c080c96b38ad55c1007f9e610ec8473d4bb13d2908

SHA512
0a2c3d24e7e9add3ca583c09a63ba130d0088ed36947b9f7b02bb48be4d30ef8dc6b8d788535a941f74a7992566b969adf3bd729665e61bfe22b67075766f8de

Download Submit
C:\Program Files\7-Zip\Lang\en.ttt

Filesize
7KB

MD5
bf2e140e9d30d6c51d372638ba7f4bd9

SHA1
a4358379a21a050252d738f6987df587c0bd373d

SHA256
c218145bb039e1fd042fb1f5425b634a4bdc1f40b13801e33ed36cfdbda063ed

SHA512
b524388f7476c9a43e841746764ff59bdb1f8a1b4299353156081a854ee4435b94b34b1a87c299ec23f8909e0652222595b3177ee0392e3b8c0ff0a818db7f9a

Download Submit
C:\Program Files\7-Zip\Lang\eo.txt

Filesize
4KB

MD5
29caad3b73f6557f0306f4f6c6338235

SHA1
d4b3147f23c75de84287ad501e7403e0fce69921

SHA256
a6ef5a5a1e28d406fd78079d9cacf819b047a296adc7083d34f2bfb3d071e5af

SHA512
77618995d9cf90603c5d4ad60262832d8ad64c91a5e6944efd447a5cc082a381666d986bb294d7982c8721b0113f867b86490ca11bb3d46980132c9e4df1bd92

Download Submit
C:\Program Files\7-Zip\Lang\es.txt

Filesize
10KB

MD5
ed230f9f52ef20a79c4bed8a9fefdf21

SHA1
ec0153260b58438ad17faf1a506b22ad0fec1bdc

SHA256
7199b362f43e9dca2049c0eeb8b1bb443488ca87e12d7dda0f717b2adbdb7f95

SHA512
32f0e954235420a535291cf58b823baacf4a84723231a8636c093061a8c64fcd0952c414fc5bc7080fd8e93f050505d308e834fea44b8ab84802d8449f076bc9

Download Submit
C:\Program Files\7-Zip\Lang\et.txt

Filesize
6KB

MD5
d6a50c4139d0973776fc294ee775c2ac

SHA1
1881d68ae10d7eb53291b80bd527a856304078a0

SHA256
6b2718882bb47e905f1fdd7b75ece5cc233904203c1407c6f0dcdc5e08e276da

SHA512
0fd14b4fd9b613d04ef8747dcd6a47f6f7777ac35c847387c0ea4b217f198aa8ac54ea1698419d4122b808f852e9110d1780edcb61a4057c1e2774aa5382e727

Download Submit
C:\Program Files\7-Zip\Lang\eu.txt

Filesize
8KB

MD5
c90cd9f1e3d05b80aba527eb765cbf13

SHA1
66d1e1b250e2288f1e81322edc3a272fc4d0fffc

SHA256
a1c9d46b0639878951538f531bba69aeddd61e6ad5229e3bf9c458196851c7d8

SHA512
439375d01799da3500dfa48c54eb46f7b971a299dfebff31492f39887d53ed83df284ef196eb8bc07d99d0ec92be08a1bf1a7dbf0ce9823c85449cc6f948f24c

Download Submit
C:\Program Files\7-Zip\Lang\ext.txt

Filesize
7KB

MD5
459b9c72a423304ffbc7901f81588337

SHA1
0ba0a0d9668c53f0184c99e9580b90ff308d79be

SHA256
8075fd31b4ebb54603f69abb59d383dcef2f5b66a9f63bb9554027fd2949671c

SHA512
033ced457609563e0f98c66493f665b557ddd26fab9a603e9de97978d9f28465c5ac09e96f5f8e0ecd502d73df29305a7e2b8a0ad4ee50777a75d6ab8d996d7f

Download Submit
C:\Program Files\7-Zip\Lang\fa.txt

Filesize
12KB

MD5
741e0235c771e803c1b2a0b0549eac9d

SHA1
7839ae307e2690721ad11143e076c77d3b699a3c

SHA256
657f2aceb60d557f907603568b0096f9d94143ff5a624262bbfeb019d45d06d7

SHA512
f8662732464fa6a20f35edcce066048a6ba6811f5e56e9ca3d9aa0d198fc9517642b4f659a46d8cb8c87e890adc055433fa71380fb50189bc103d7fbb87e0be5

Download Submit
C:\Program Files\7-Zip\Lang\fi.txt

Filesize
8KB

MD5
a04b6a55f112679c7004226b6298f885

SHA1
06c2377ac6a288fe9edd42df0c52f63dce968312

SHA256
12cc4a2cef76045e07dafc7aec7cf6f16a646c0bb80873ec89a5ae0b4844443b

SHA512
88c7ed08b35558d6d2cd8713b5d045fba366010b8c7a4a7e315c0073cd510d3da41b0438f277d2e0e9043b6fcb87e8417eb5698ab18b3c3d24be7ff64b038e38

Download Submit
C:\Program Files\7-Zip\Lang\fr.txt

Filesize
10KB

MD5
a49801879184c9200b408375fc4408d7

SHA1
763231bd9b883692c0e5127207cbfc6a2a29bc7d

SHA256
397a3af716eb7f0084f3aa04ad36eab82aab881589a359e7d6d4be673e1789a8

SHA512
f408203907594afa116a2003d0b65d77c9bca47663f7f6b26e9158b91dad40569e92851bf788a39105298561f854264a8dc57611637745e04e68585b837702f2

Download Submit
C:\Program Files\7-Zip\Lang\fur.txt

Filesize
6KB

MD5
06b08fe12c0f075d317cf9a2a1dd96bc

SHA1
0062ba87b9207536b9088e94505d765268069f63

SHA256
6ba88938c468e7217bd300b607d7a730530e63d1f97562604ec0bb00d66a06c9

SHA512
9f9fb1c045d92c1f8035d547554457e3466ae861a04f1cd3f57965e4a92f0fc433b2a7b3e9e1e71588e97f8c73d5914a750deded5d3056e327d7efe19a220198

Download Submit
C:\Program Files\7-Zip\Lang\fy.txt

Filesize
5KB

MD5
03d38f09189799a0d927727d071c54b6

SHA1
17ff3a2c83e6a0b0733f2a9a8ce6b83af4f1b137

SHA256
c1c050ed6fe2f8fbc048fd7d82944b8ada784415b6e62316d590c3c7aa45e112

SHA512
e511c1a271a3d78cb7f6111759eec4d7cfc2d46f71f87aa3c4ac1bb11cd4e55e7d4dbe54f9c5107025ffe8c5fcadad4359dc673bc802b82388e74a8f2fa60ff7

Download Submit
C:\Program Files\7-Zip\Lang\ga.txt

Filesize
7KB

MD5
236cfc435288002763c68c4bbee7b39d

SHA1
e74a2402c2cb744dbed8ac1c2154fb1de38148f9

SHA256
b18730124208d26e5e88b76bb99985bf61938d7a994b626b2de5230557d2d8dd

SHA512
fa6941594454cda55e081f15f367f430559849d218895b0b157a2204e8b30ae95db99c62981a9c30a152a63d1bdb8edd975bf06ee5adf1f31b42a2c10cf11580

Download Submit
C:\Program Files\7-Zip\Lang\gl.txt

Filesize
8KB

MD5
6cd7c2b4d6bba163b1623035feb4297d

SHA1
5df07bcfd1edbd448b566aea5789ef251303de69

SHA256
9280ab90261b0c8f206eef7196d7531e4e4932c9174ab899cee4f8ed97cc87c6

SHA512
7ed13085ebc2545b434f5671f958f7a5faa1bc29f7c10721a972afd2c886fc39f0a6e290e70f1f8ea798199ca26974257eaf9b8445652c9b02c789e198191a3e

Download Submit
C:\Program Files\7-Zip\Lang\gu.txt

Filesize
16KB

MD5
93cdc8832328a22e198920630d597268

SHA1
315e5b1c77fb4e2d0c3cc1f48b6db4c79ce9488a

SHA256
c6e54e2a93b821bc974209cd7e2d10e9fbc4ff07d238ae84f552e4ade271702c

SHA512
e8355a42f3a3b5f21d5d4c7a21324433c997ad39412b3bcdcf26edbd5ef882179168b2b5618f9fe631b88407608ab1a83bf139db05c09b608fddf01694b710df

Download Submit
C:\Program Files\7-Zip\Lang\he.txt

Filesize
10KB

MD5
0771f160d56b1890a1cdc2ca040d2616

SHA1
36e69202682bf6993273b521424ec082998f6ca9

SHA256
03b4ea89cce3aa4193a7e3e1e6180dab8359388df3b574379935ea39d7b8d723

SHA512
b452c75292c7d365aa5759fb3f49de674255e839caa687436474b782f615b2ad86a11a58809a5bb60115b070c9b738a461db24e70502598a3bfeccf373220dbb

Download Submit
C:\Program Files\7-Zip\Lang\hi.txt

Filesize
17KB

MD5
18d9c82f12e07b71e03d6086deba0dc3

SHA1
c6c11c6f1fc00a25dd53e1c78f207f6c8c8b8b13

SHA256
5f79ae167a917860f95f73e5ed007fe250f30af794bcfce17941f9ef87d22a05

SHA512
196a859d52a1a742b98460eaf113552dce2cfc63378b19d2902beabc1e66cbd9e26bf37fc26453832aa10929aaf0196ed9211332e63c830b0e5946013c82bdc1

Download Submit
C:\Program Files\7-Zip\Lang\hr.txt

Filesize
7KB

MD5
9d8216183493ac2190a4d6e142ecab9a

SHA1
e534ebb714dbae2a9e12accbe96c6f2568b814c4

SHA256
210af273246d30cfde87295cd5f4ff135b0bdfb04fe7173bb60f935e685b8e10

SHA512
5b56560ad70652c9c6287f939b25676d8149c000c2388365197354dbe38c5cba5c25f0a3a529f0601a5b5d964b7278ab3a668e8469cf0ec718821fdabcf044bc

Download Submit
C:\Program Files\7-Zip\Lang\hu.txt

Filesize
10KB

MD5
a41e4d16c3b29603832ffd1bbb82283e

SHA1
15695a0bd98d429e9ab191cecb185b70cc492668

SHA256
486a382483096e9a86ccf6ca02123e48025de5055f1880af7f001c5c3fa25114

SHA512
413dd8c87015ede7868f992c25d568de66e1bd765c7a43066d8da8cf350f3620c77091f075020862ff6bf7c980c6091e92c5c843b3d57957c7516f5b0f51bca0

Download Submit
C:\Program Files\7-Zip\Lang\hy.txt

Filesize
13KB

MD5
fe73c2aacf07d5120aedd08792cb8268

SHA1
2c6e7d2ff42c5f65ef5f4c27600819354caa03b0

SHA256
91aac9368bd116ab11fda0b70ee4d75911a65713a272a3ba55d1435c33250f5a

SHA512
79dbd84fe71888b7c9fdbcd23f2d4735f731e3c2c7724fbd531c3ca531b1992e756b13b66889af30ec46770d350fcfaef2d7abe607594a2b4b92f60ed326d537

Download Submit
C:\Program Files\7-Zip\Lang\id.txt

Filesize
8KB

MD5
ba3591ccf26438cbe93e9c1d56bd1818

SHA1
758619a702d5a0794e4412aa6ae93fc46ea3dfb9

SHA256
90308689870ad079e1206a877157f7389bc4351a6b104ffa2bd9311409d6d92d

SHA512
2e9066bd733caaa9cedde2346be543d4360bd796e01bcb669602c9e6450ca5a2718cb67613469c11a4d2aa8c458d7fe9c59ab8eb9bde39846c195ce2cc22686b

Download Submit
C:\Program Files\7-Zip\Lang\io.txt

Filesize
4KB

MD5
0861ae63da2d00590369bb11b3857551

SHA1
8272f4761a3f2aca2bfaec6fcf08c82a9f36a65a

SHA256
b87a4fca8a0024a915ae86e36951cb7cea442948d9982d4247e49492445ba664

SHA512
70997d6775e1c91d021fda2143c831fe8396094e50337da3c4897da70636b7f10b363f35b997213a462b467fe6754d2c33e009e84363063eced871a2591cce88

Download Submit
C:\Program Files\7-Zip\Lang\is.txt

Filesize
8KB

MD5
c8f31d6adee368ca0aa00350df0d82df

SHA1
4146c7c62dd46b2c43c92cdf33e45fa7e2272d04

SHA256
dc61090369e1269a68c75e472d863aaf42207f702b3d3e12ca48d2852e1478e3

SHA512
758af54a33dc243992324974f01707c8027be7bdc7d07187a28038f4c9d8f7681d989b66f56a13b86e99c8bc74d80a70fa44bd5dd9532c99b78df7985b397ed8

Download Submit
C:\Program Files\7-Zip\Lang\it.txt

Filesize
9KB

MD5
aa7b46b6ddd673bc06bd90187e552743

SHA1
2c11a1e5f97ac1415073c2c953cd92018cf3eb93

SHA256
efb1aed5c52af731a733c720b6f5479898c9de28367a5de4c80f697fb745546a

SHA512
10c262122417b081d0403f9c917a4beba34078ca52e88478ebd2c0b6956aa6b61b34511fac71e87578d56ae1f5acdc265cddac8c92b9f14757daa75042dfc7aa

Download Submit
C:\Program Files\7-Zip\Lang\ja.txt

Filesize
12KB

MD5
a0c7eb5d5a5dd7ab6f4c1e4fef092256

SHA1
f121129211dbedba3c440267fd9bd1c636e263c2

SHA256
9f70f1943a8e0a9b9040d1f769ca2494c2b83ceb8dc55b08db1fc3e6973ad835

SHA512
f864c9ac99edc97968feca96919a412e87c27457f5e0a8956dcecf37351ce7aeaf0e745343a649743d665b46be108b3cc5bafd92029d25d5a5d9bf6c390e5149

Download Submit
C:\Program Files\7-Zip\Lang\ka.txt

Filesize
17KB

MD5
c99e6572f5638599dbca2ceac337a320

SHA1
73c64554a00c6d5a3dab8a2e7bd50426d6c7b6f4

SHA256
8dd6073b585dd2e9d8cdd8e0fce7dfeaf2f5a2d8bfc3059f67eaa3d8b5eb2d9e

SHA512
cde3d44793d1abab3b8d0ba71d1af85c7ca49b37f4331b43d546d1f2022fc9cedd1188869acee5bf9b74046788daf26f4e4658af86663065339103d2a602f7aa

Download Submit
C:\Program Files\7-Zip\Lang\kaa.txt

Filesize
7KB

MD5
ffc17520fb68fe464650b2f78e15ab5d

SHA1
2b83034ac04640160ddaa8e797faa5d8c80f956b

SHA256
24f7325271dd7ad2b63e977841d2f06ed0194bd9257f0db460df32baeeec4746

SHA512
4f1483796a8ef95b2be61811a6566ea2e19564f37733647b6eb4e1c82a8da8fa927afdf024a247fc7e70088f63133a7843fe6129b77b2ada01e39a1e814429c7

Download Submit
C:\Program Files\7-Zip\Lang\kab.txt

Filesize
7KB

MD5
5af10c5616e0487d236c8cbe2f23a7a4

SHA1
2049e1a82a0af13a8ed2cf9e4eb51f1dfd377480

SHA256
f249930089c374eab59078cf16b8652d443cf2a47485d737ae5a9fca2957d6b9

SHA512
8e2db2769d8c9d4af435986bc58f66f570c4d85bf7c8a2b9369f546cf45c0848a07986582e8e7f76a9aed569da2774e5b19706ec77bfd41bb6b4af86abcfcefe

Download Submit
C:\Program Files\7-Zip\Lang\kk.txt

Filesize
10KB

MD5
407130a212cfac68fa4873b0381b2cb1

SHA1
c0c9b84cc79619d27536e9f50f25d81237b234d3

SHA256
f813eac0b284edce156dd1e6b7ea75b027f4342e04d8b8db1131894a227a4562

SHA512
e80afdf726ccc5d495f62a9b289ee31703f151ea01eba32ad7d2da306c2c07de2f9049dc6592c3c962b7cc2cbe352b8b7a19e9dbcf7b3c6b61dcc4026b70c151

Download Submit
C:\Program Files\7-Zip\Lang\ko.txt

Filesize
10KB

MD5
e85ae412871344211d00326d3df2534d

SHA1
4a770eee2ef9f302b8190c8bbe3988a5d7c90e5e

SHA256
3ea103ffd2ff97e211c7ade3a79a882b494fe416bc56bd05f42f2e82158a7a03

SHA512
09eabfa3997f201f8402dc803319ee0ddc4007ef268ad44309fe78f9e2710d1a10930f2e89f2c0b201d1094c53f5cb7783e492503eb4737b2e3fdc1f39b69ef6

Download Submit
C:\Program Files\7-Zip\Lang\ku-ckb.txt

Filesize
11KB

MD5
8c3f9ad9c824dcf74a09c9d406db22e7

SHA1
0c683bb56a13c3fbca664f1e4c6c98d0f7aec8bc

SHA256
b8b7db8c139b19d414cef35ae96d854d5a8364c32b0c3fdc4cac331b5af44c16

SHA512
da33d4098679a14d2f434221ef968951407727126b12404c8b6c3e2ad6fa346d9d515dea940f9109d5d196e648583124f31a1d27cf518ab19e3dcad673c027cf

Download Submit
C:\Program Files\7-Zip\Lang\ku.txt

Filesize
5KB

MD5
28e69dd6e397fa98c07088e4cdbef1f4

SHA1
56e4a46b5c7360f609683562e617c75c28cd447c

SHA256
57ae544f3f9e8bf5d96ce1f9cfe5648eb6c1e2f5604da6eb0c80ae24bc1a40d7

SHA512
6bde04f3bbd42e73ea3e0a93e8ef69149f25dae491051d1655a85718af4d51f5247c610d87c20227f94beeeba038d54f7b213b0443382d080e87722485941aae

Download Submit
C:\Program Files\7-Zip\Lang\ky.txt

Filesize
11KB

MD5
e50c04d913dc92251aa6781c02e0bd45

SHA1
57e68c80b23a9b1bd689ccd81cbcd91e0cae6aac

SHA256
9a9e4ddacc494eaaa386f1220837020f332a49e7fff7f0bf8c38c847390dab18

SHA512
c428caf314f79d533246cee4015411102ed836d0173f67f3b2f4c61c3f3f81be7fb2fff7d3e863e999617ba05fd6f7fef4b67cff8557e1d0c86035ed29daa2ce

Download Submit
C:\Program Files\7-Zip\Lang\lij.txt

Filesize
7KB

MD5
58ff044fe195453f797dd1ac6903abf9

SHA1
4b8dae21dd14ac6daa1decf804336a1aae169aa9

SHA256
d9bb6bfc127938c47b43290241378887085314ad1326095934a362cd9836b560

SHA512
861300fe39ff0daca00b4cb56c4075afba2bb3a1654bcf35713251237630206f06bc63d7f339ecff040c9ea1f5b7094a11fe57c5848e91db9000f48d166ab1be

Download Submit
C:\Program Files\7-Zip\Lang\lt.txt

Filesize
8KB

MD5
b8056cba4edeb98d298d16edbc34d678

SHA1
a4d39c3eda31f8ce72c62e1db91deeabc884ceb0

SHA256
9c15db408e32dc699f598aab30f539f91a212e5fbaee2095022e24b3f1f09ecd

SHA512
5c3fb76a5502c7c0312a32cff38f99c303225c31c3e5c6041765bc2beb0e9d5ac9cb4f543b80eca969d54723a52122601b2074afa8991ad64b92cfda91104dc6

Download Submit
C:\Program Files\7-Zip\Lang\lv.txt

Filesize
4KB

MD5
056327042b9cfd5fcb5f788f22112d62

SHA1
fae6324417dc88e9a9bb0fbac9b4d4ce61c1980e

SHA256
533f9ff016e7bb36216665cca1065139a35d8da71651678814415ff457a9be7d

SHA512
fe853c2042251b3987c169f8241e0b3b0f1c3ae039dc7786b07e0db07e8a6b0f89e1d478f27d3c8dfd69473e6c6118ce13a39d7de84a22a3c2a660652b852660

Download Submit
C:\Program Files\7-Zip\Lang\mk.txt

Filesize
8KB

MD5
c16e6946f912b49963bfa7e44be2f7a0

SHA1
496922ad3e59737ac64289ee685f2fadaa942755

SHA256
90efca5f6b8e37b963f7e42f700938440171942e0de0ab8baeb08912c0952957

SHA512
55feea50104ed2249e6f5018b6883f89acbcc0396e80349653356f40329c4a420584b29734cd1ca8930e9a383da427ec979815cc3da3f6f59ad8948b2262e874

Download Submit
C:\Program Files\7-Zip\Lang\mn.txt

Filesize
7KB

MD5
1088565a362ebad250975f46f8a94328

SHA1
406593ac2e74b8911dda720952b7aff6c4b5c145

SHA256
c6a6cc400ee7420bfb680d71b43a9be1fbc75d7b98ae2b6ffe98229d5eefadca

SHA512
500093986ef49c23829d99251f0adcd20a6d348a91c74362e95e6d8e73b83f7ad665cb49da3e47da1ec671842abcc2d824850d243ee8d39c41e3568f9c2c89c4

Download Submit
C:\Program Files\7-Zip\Lang\mng.txt

Filesize
19KB

MD5
a10d62cb5875cc96d53e4bc02724f366

SHA1
bb8d2f73109084a9a11246733e5da148d964d6ea

SHA256
2e488ef05895b93aca2b5f72ea08da887722215d1b4cb85b12942ea32641da2b

SHA512
b01fcfa48883431ba98522c74a8ae9511bd6f122613e80a0439a049b8f509d689b89a59f280335532af284a351c52f44313a4961ea5acbfaf7ea2617af75e797

Download Submit
C:\Program Files\7-Zip\Lang\mng2.txt

Filesize
20KB

MD5
2be2f9c77556ca413b590b8477df5499

SHA1
dd5ce617642c977470aa20c6dc6815728c779245

SHA256
5a85cc532f802da683374c3f4c98e3f37425cf304d6772ba554d2c49bac7be0b

SHA512
3ba82549752e6bfe6c1f1706b205747d70f2f3106c49ea08d35e82047166c3d5b26457d6bf00fbbd0e9cac4ae8ec38123f533de3f68ed466f219c551b5417c40

Download Submit
C:\Program Files\7-Zip\Lang\mr.txt

Filesize
10KB

MD5
b681f52bc54b1b340a3184cde7ff59c2

SHA1
ba8d38155c0c81416233a360f7387eaf48c57db2

SHA256
f6d67ce2eae4c125bbf54c04ac783005bddc07007398cabd3b9603020af67bfd

SHA512
82fdb75b2f2a06e3cbbeaf1dfe84b196908286b9518194485dbbb168777181fa86a7e37136756544acc98165860e8ca61b83545f6cd1f13ee91bfa995a5df0d2

Download Submit
C:\Program Files\7-Zip\Lang\ms.txt

Filesize
4KB

MD5
e3267c5ed8158da2b7e2679107ce1394

SHA1
6550cde7359a1b3450d8c0937affbf0252fa4b82

SHA256
c88bc7ea0c20769847a0403e188e273a0897d1c77dd72cc4b45471fc67e0d5e1

SHA512
63c185613c5855379dd4cac3d2cf264d6bb2a0e9b483b22eab93b7e8b9abda88bee2f80fcd24f0e9be0972a04f6c725cb20cae678e3e4f61251721b5bdb1cdcd

Download Submit
C:\Program Files\7-Zip\Lang\nb.txt

Filesize
5KB

MD5
3b1958da0544a6c318d18ef5779e81f5

SHA1
67e991a6525da165145c4584c3d9b398583d7e68

SHA256
f349529ea4584eba51cd519b8a1d535d2daec762cd7369673b237fa03a526cc7

SHA512
e9b5e76fc908bc193738781fdbebd894ae310f6693f7b52d4369bc4f979a8ec9e2201e5a2056fbfc380fdad3143f3e5a3bc00d7ccb00cec078bc0e8caf318861

Download Submit
C:\Program Files\7-Zip\Lang\ne.txt

Filesize
12KB

MD5
04cfc22f9293329c5ea7ec5c4a14d3bc

SHA1
57aa51dec6bed50703054060f46918aa26ae0e4a

SHA256
e016e8872f2de7cbc1f4fc786c747cc26b2e250e6c1b8f1c46040b72c523d90f

SHA512
5099e2a8b6be04e2124280711af1bf5807dca5df93dd33cca416d56337adad19903aacef3872f550d16a82f8f1471ec5d821d6e4e096e817a8c4d8340291d402

Download Submit
C:\Program Files\7-Zip\Lang\nl.txt

Filesize
9KB

MD5
e888911310c0b6d7a1932de36ad27250

SHA1
928d9fbdb0c0c83042cac9059ffdde48ea4e9f71

SHA256
4cb5f08449b5e22ed15f8a8cc038d021cdbcf56548587023d1ab31ab6cfc232d

SHA512
56308e46914fd3b0ef62b33331f815fe95ca4a3cf122934dd0c506a041898d94a9ed6f3e1baef386efb9aa949cd47002fa859b4843f2e32c186ecdb6055ff85f

Download Submit
C:\Program Files\7-Zip\Lang\nn.txt

Filesize
5KB

MD5
780514af9e967d8aa65005365efa7d78

SHA1
9e060f149b110d0a0675b75d4a7b960563acca05

SHA256
db540e1a6b8ffff2497f9c1a63f85cb5f345f8cba767f05377c0365abaf7b7d4

SHA512
f85feeff1e89a371eb1143d695c76fbf84afee3699221e6e6ce7703a91ea80ac01af27d34635fa2b61b1d6d979cb91bb98affbdb1cdfae6cd04251a095eeec84

Download Submit
C:\Program Files\7-Zip\Lang\pa-in.txt

Filesize
13KB

MD5
c9ad9d02c661644f79820e779a6d3f0f

SHA1
92bd000af1ea18b2fe8941ca4df15858b4b53106

SHA256
e542c19640d39f3c56bf11a9eaadb554d7e74d8ec525d41a321e97c5ae5191c5

SHA512
40d178a217dd51a188e5c2ac5eb59db62db95dd0a7063e39b1ecfad0943bb54a118767890d3aa7a753d7316aa2f0494cef8bd81512d611ac2856256c524a5d0f

Download Submit
C:\Program Files\7-Zip\Lang\pl.txt

Filesize
9KB

MD5
f8821c75507199f4ef041eeba8b82281

SHA1
96759a3b826bb5dbc18730378d0f8ba08c1df7e1

SHA256
b4b96fdaa023a3988d514c1cb1e2914817cd538d3bb7f062778360338b73ba67

SHA512
173d6f0437a4e315f4f890f67ef93936e53205f950a9b718b8b232f6faf0ed7e33e6c72531e0c2613611f4b02f5fd1ed7cde8cbd05f2256a68fe577dae4d3a90

Download Submit
C:\Program Files\7-Zip\Lang\ps.txt

Filesize
8KB

MD5
23502d5cdd3671b634832d5f722cf5ea

SHA1
443fb98df15b8bfd081802938e180a87ee24104d

SHA256
fa12ca0be49f4921d06268fad673838c3a4644a70dc374a931997178f588e8f4

SHA512
e1fc00a7ad4a817b32370f2c03ea10473070b9d2febc29bb87d95ff2670e8e47ff27b2c2b6d63396306dc0185e127a49f602e969166cb27073feb735cfa47af8

Download Submit
C:\Program Files\7-Zip\Lang\pt-br.txt

Filesize
9KB

MD5
f0cbdaa70d567ee71c685250958ec194

SHA1
2db013e6608739aa45453d0f69ba953fcc78b14d

SHA256
6b21924caea51b395efa0b8fa5d7e2492ce6a6b86dcc08565a5a4dee5c182167

SHA512
3ae68cc6be78d6bca7304516b25733a516aaf2121fb8e62ebb9b6fd5194d261117f7ab0c142dbfb2efe2016e189e7ebb1f5be4a82253f087a34a59cfc41ef7b9

Download Submit
C:\Program Files\7-Zip\Lang\pt.txt

Filesize
9KB

MD5
f868c8fe0f1cbded1aec5cd29754b289

SHA1
5e0113e3d5bfb938441cae077034e7735b18c324

SHA256
3c76d190ea88cc339392fdb46e005e72e16658cf07fa83487e1a77250e027f41

SHA512
6c83c388460a3dfcdeea369523678867511b8fa360caaa72dc6e042f4a281f4764f137880e5369e06e60c3b3f304b3bb8df7e6c0edc3992972e646729bb240f5

Download Submit
C:\Program Files\7-Zip\Lang\ro.txt

Filesize
9KB

MD5
9a2fc6431192e6fc18871da5d4adc467

SHA1
eea02faf56e746dfadf67c5fe4e12a79ea2fb089

SHA256
4fd993dbae9606c062dc3511292274631335956a016b74b3061bab55f7d9c736

SHA512
a4945cd1522fd2a57960959c4937c55920520be615f3cb84cbe74842479d426aff28f3e041fa61a338b121ca3be64efc4c128ca94a48b4d994eea79a42aab7f9

Download Submit
C:\Program Files\7-Zip\Lang\ru.txt

Filesize
15KB

MD5
447e681a030c82c3832dba0b51cc790d

SHA1
401bf38c2122ae2493470820c92d069f3f6c7606

SHA256
3e76bc88db5cb108cf8750b01bdabbb3772dbf2bf14592c6ab18b7339817d6ee

SHA512
d17ef32a1de17ec1c9d6cae6199e6623db700b18e43b3b85ef403a60ec11b9efc0ac0bb188b03d13f7895dfcf4ed37d1f40c1bfc4bee469742b712ed5de70722

Download Submit
C:\Program Files\7-Zip\Lang\sa.txt

Filesize
18KB

MD5
fd1b984baea0e5a905f756e9fdc54e86

SHA1
4da8da9154115f6bf0962fd02db9d7e166285c8e

SHA256
02cc9032c117a7818865af3dcadbdd3c7b348be3507681cd0032dd9bd15b76fc

SHA512
1595742cccfff001c7be0a7809f2e700460ad4cbd684d5a0cc53c5ccf615046e2e94efd96ceeaca3d6fb20aaa5249d7677ab1f6faf8dab0a1b559a0c0951913e

Download Submit
C:\Program Files\7-Zip\Lang\si.txt

Filesize
18KB

MD5
5203e172ecb9f384bce04d243684551f

SHA1
5f6a09b52d729f3f6c95aba9d29bfd6c7cd0340b

SHA256
5405e5b04e670ff7a5b5242a3872803725053324ffdc31f71511ea6b2573f6e0

SHA512
ce6b058891375577eb726a15e5430bce4450a9c06d3f2d3361ffe5d39c0c47097b6d0e7cdc7b907a8e5f23fa8fa5a1866661a2aa3167d982fd5aeec33fa39077

Download Submit
C:\Program Files\7-Zip\Lang\sk.txt

Filesize
9KB

MD5
3fdecae1ff188894295759380b0378da

SHA1
935a4797540ce26828569c50924baae230f2d41e

SHA256
b53fe26795b01f3347b614eaa499d28770d94eb5b51005c842386e97d8344cb6

SHA512
f5b87defb1837e98ea46e1e37e13180976c5910f13e18a178397c530e6f15c585cf55e54048206d1a343c298bfe136e0ccf259657b29d7a8c5a9ee2537288aed

Download Submit
C:\Program Files\7-Zip\Lang\sl.txt

Filesize
8KB

MD5
722551a008a99008006af6ce4161537a

SHA1
294abea21d393bf624a4a97c1b4db63d3332c312

SHA256
6b53fb390da88bd79d76487ff30466ae972976d2eed030ade6d9b93991b99cbc

SHA512
4bde588e3add4b20b3dd89953136a655e0521cf3ec97e72a7ff337bf64e41f3da75f60e4e56c5b833b86d6c23fafaa92ebb0effe1d063d499ef3992c60bac8f0

Download Submit
C:\Program Files\7-Zip\Lang\sq.txt

Filesize
5KB

MD5
69720a6d09230d9747bb2aa3c0ef650d

SHA1
4750e61ec19ba905d6f2bc5828510fd08d915af8

SHA256
b6ee3c8a14230aa7d1a17c5493e0a410c5c5c638ba7a9d81681ffed4a8de6884

SHA512
92230fee3e5bc4b57013e359e43bf5f921dcfd9cad4522e09b11ef8bf2f21f96555fc3af72618a06d953f8d68050629358a8a7312a649489d6ca82780b793c88

Download Submit
C:\Program Files\7-Zip\Lang\sr-spc.txt

Filesize
11KB

MD5
d95e6ff9dae7fa22083d9ed73588fe1a

SHA1
f061e9e1afe02b7b92d626432cd9da55bd8bc2dd

SHA256
817d7a33f2adb19f47f45f78c314f6ae6df4ca4da133c1f7a82703e0cdee7e20

SHA512
210bfdc206c2173bd680b6f319afda3228ac44caf611c3846ef9ae0ad11701306ba923ccc9715086ff3ca5222f80713bf9fd6abf61141232834dd95692edc7c6

Download Submit
C:\Program Files\7-Zip\Lang\sr-spl.txt

Filesize
6KB

MD5
9e08d57d48b4d8cb16f98736c5c0511b

SHA1
85a597b74bcb1cbf918d6366705f0b0c0727de31

SHA256
d8c5223fe423129145c5b55a756e499d4680b1df0a7115d72736f09e51c89c1f

SHA512
13e431e00f5ec0373de201897c68a55c91962bd3df6cd693448d3d5d6ebb478b51a1834ecd37b456761dce94dbc4e5214fd421fa7bad3b5b8a51051d0d8d6964

Download Submit
C:\Program Files\7-Zip\Lang\sv.txt

Filesize
8KB

MD5
9a27f7e51e2143f4258aac9975f78f60

SHA1
49dffbd91fe27a81da38becde87de6b2df28962f

SHA256
233596e0d29dad356cd31c302eb1eb3a263736f166f5a7628a753bd808668ebb

SHA512
83c6464e05c776910552591d6d4b8dcb5cd0cc8c627519aefb7b61672f4478e42fdb8e023b5bfd29c313a22deeee75fcf66bf638f8d48156e98694f110b7d324

Download Submit
C:\Program Files\7-Zip\Lang\sw.txt

Filesize
7KB

MD5
baac3ff9fc4b6a656ac7c51d44117bd9

SHA1
feacd226efb71ee149424f39ab47ebf6f64cab04

SHA256
9fed3c0b4e67673bc1d8bbd67d1f6651fade030f98d12173c3564f2c492a67f8

SHA512
44413a73cd0de02f245cb5d8b35bb457ae136c1c2bbb76934f120f6d0b14fce928b4763475730f018c6e4b4ad4881a32cf1c99879c197cc4e70b8a992b3bfca4

Download Submit
C:\Program Files\7-Zip\Lang\ta.txt

Filesize
11KB

MD5
dd0ae446ad4c5d6f20db6ece80f21606

SHA1
cddb5dc08da094ff69e48c1af7e329f6b83fb6a6

SHA256
ae1a795105574bf2674a5de98a4f06cadd9c79debde9fc288f64b3d607fa329d

SHA512
543777575d32b9e1a67afa2380b7953b79f3031ad6421314ba1dd957ec356fc0446903e09ca70a4e61f1264fc87846c968574d3adf90f1563bae3ccca875636f

Download Submit
C:\Program Files\7-Zip\Lang\tg.txt

Filesize
14KB

MD5
ea08a1d73a4a150d7ec590b094d4e0d5

SHA1
e4f3172cf52db8da27f7d95cfba2eacfab12d533

SHA256
e029f34ddea8b1358e1f519526ef643d79be37cfce55bb5ea21b4bd0d026f9d3

SHA512
3661ec554c82f3608099e08808e5151b8d7bcca385cf09d0fd4181073a52e1e835485df0684f5091d0f5ef487a07298286db463c3971e3986a6ad9b0bf7784c2

Download Submit
C:\Program Files\7-Zip\Lang\th.txt

Filesize
15KB

MD5
6be5ba977c60f103b54c4289399ce43e

SHA1
48dff625438573a366d56ecef43bc43a10e124a8

SHA256
a1967002746961cdc4f3ad4f5f081bba6db231660cdfd5f2ab4a572eb11dd67c

SHA512
da61aa3c5389b5096f1c899ad17ebc20125b18d959f8c74aae10665f65de4a3c2069afe47380c093926180c952336fcbeff71329809d7fa59ab490849b647dbb

Download Submit
C:\Program Files\7-Zip\Lang\tk.txt

Filesize
8KB

MD5
1f610df86538a3ed788d6a8024c1982e

SHA1
3180f829602b83148c73a47ef4daf841bb379a14

SHA256
a0f485755cbc6356cfa4bef5cb6134653dc6743f4bfca89ced92d43ec31c5649

SHA512
c184e3898944b2c0a12806e0b0592fd19be05a75e7f3b2f9a69b8d39fa847e90aebe93e1e96588aaa38dcdbb9ff89c1667bca1b5a5fdfdb7f77e37a574981309

Download Submit
C:\Program Files\7-Zip\Lang\tr.txt

Filesize
9KB

MD5
cd44ef9f1c6526a18d9956517e510c16

SHA1
dd65dad1b27f26b538cb3c8fc11895a7c6a81f20

SHA256
d8ddeec7a1d5f98be9fe727d47f8bdf733e21693e988dcfe48089ac3344dcf30

SHA512
51676ae9c163686dad3748e2dec7898ed218673d15af741404c4eb30e8e8c23cc8c5bb7e33e1b7cc40de56c1acfe2639711f47bfac9ef9fae5703eaa889f924d

Download Submit
C:\Program Files\7-Zip\Lang\tt.txt

Filesize
13KB

MD5
730c16345e2a2366c2221d5f22980666

SHA1
41e92f0b3aee2436183e1263aad85787ecbabf34

SHA256
813b5264f3f2d2b632b346e800e738e04dc098c7b3a1a2af64bcf3a6acbca037

SHA512
339a9b6e5788b6b2d627c16b6dca5a942133b2f113adc21225c693951d87ee5c476a684565c2a38510a23c42e1dfa0689a62450cb2d741d4ac43a53b9b691606

Download Submit
C:\Program Files\7-Zip\Lang\ug.txt

Filesize
10KB

MD5
47c628c679ff488ddf4e14c457d2fca0

SHA1
e8da632e677a92224b5095271087a68c60504b9c

SHA256
7fd494130f9b96dfca492d495ef3fd7b4eaacf59f075172898ece5aebd1f6fce

SHA512
a4a22d6fe3c01a3e3d93c6d555b840eeecd72f396f0bcb5afd871292bca5b86f2ca76e3cf44fa71dd6c1b08d6672c50d16d0fba679a4af4aa677993a9900e497

Download Submit
C:\Program Files\7-Zip\Lang\uk.txt

Filesize
16KB

MD5
a2aee165e60fa2c7b48fba9cdfcc8766

SHA1
8ede3b75e841c8e1820e8b40a66ad6cc14d11e3c

SHA256
ca1557c69453b1354279682cf1d3e9d65a0fde56189939ec3dc359ad18be5fe7

SHA512
10e74e0dcb6ef09b4b9b7ff9c47b915ad6553ed82d7da1970aa7fe95cefcffb5a8e6dd9fbf9d109b65fe03e9027559011a18144f7f936fe504613e092543cd5d

Download Submit
C:\Program Files\7-Zip\Lang\uz-cyrl.txt

Filesize
14KB

MD5
0e053b461b1840743441f2b74d73e3ee

SHA1
c3f211f45c0702531c0bb09c13eafe32634ee9cc

SHA256
dd414d39f8da2fbd5caa0c7a7a9155c5f802b4d45f2e8828a79c7b4b63bd1179

SHA512
8e2144242e9000290dad52008b3db9878b35c1c3182b74273965a5f7b4dc4afe146d2c97a5318525ade263753f08413a6fa45b7ec38f9c56d5042787d9e6c78e

Download Submit
C:\Program Files\7-Zip\Lang\uz.txt

Filesize
8KB

MD5
4479712709b19297483d020d11164745

SHA1
adbf9f8ef1c44e7f7d13ef5e0abe1f49c4ed3f1b

SHA256
d62f8d3e7aa1f2636a1ad1b2aede0da9fd725941a5f81d24a9b0b7599caf0f50

SHA512
a857b93e9991aee4cdd6730de538ab3bfd13620d0a99aea1f49859b0d479ef4f757c4d99846fc1754691802b5dafd044fc306bd31c0429dcf15eb5dc3c0b9036

Download Submit
C:\Program Files\7-Zip\Lang\va.txt

Filesize
9KB

MD5
1651078be7ce617922904ca7941fae20

SHA1
1fe33f74aaa6af59b5055b968ef6424107544538

SHA256
c0d985dea02778276ba3d3df96b50b33f7ba0c1ec7c62761f0dcd67a05b62270

SHA512
e1721ee191e1ba24212e85c013497c66d35db0e48df464d2e86762b4a0855ac04ffec59af8c259f91dff0924d977ffeb1fba92a7c9a951d5f8fddfd0b02bb67e

Download Submit
C:\Program Files\7-Zip\Lang\vi.txt

Filesize
7KB

MD5
a0612fa9eb8196659d15c67ac965a5e6

SHA1
ae733bbaef962f3a10c5855ed30b6d084c8c5d5f

SHA256
c73634402c3effdb2750ab5cf6f1083abd8771529bff6f7e513d646e0fcdae23

SHA512
74991149573fbc7b5d9bef36b0f8cb00951bebe959f2d9058c227f3e75a874e22c8aa6219bbd643e483e0d969674a9ca9004e33f116bc923a30c872fc3f7909c

Download Submit
C:\Program Files\7-Zip\Lang\yo.txt

Filesize
10KB

MD5
5d90f9c7771022e43c15a4393a0670ce

SHA1
689269a4b3aed23cdf59ed395732c592b515ac83

SHA256
de2497946932d806f822082c3cf9f2f26a18752d9973f9d09e0889a94ce4c28a

SHA512
7a8bd040989cf66dd0f15be68dfcf2799c34c491fdf900315ab82619938c79be9f18c6a5b1a4ac7df6bba951b3b309ddaf4f5ed628a69b8b893406f68fbc9510

Download Submit
C:\Program Files\7-Zip\Lang\zh-cn.txt

Filesize
8KB

MD5
d13839af103477df8cfd0bc2eb876eb0

SHA1
93af39ebeb9677003db67b386588409329104f4e

SHA256
d04e5bd3bf1e3f3754c3603889aa1b659d1dac518c5c6b5c1c49ecf16dca1c01

SHA512
dd79b5a8790e906e8bbe3fe69476126ab76ed472b4374e5fb7f4b272365bc305492832a1e3b95d22fc7d3c9edd9b013c7bc8871c6bc85a717acf3b361da1900f

Download Submit
C:\Program Files\7-Zip\Lang\zh-tw.txt

Filesize
8KB

MD5
e6c38c199079be58ee81e8da55e783ac

SHA1
1ad09b0146f317786afb0a09c7907e6ccb5c207e

SHA256
76a17b0a97925e5d6deb1ebe8ae14f83bd49957c492c3733a0ea178e28b0d74b

SHA512
014d3fb64b22da94d5ac7626b3e4bf9321fb05647bdb1be3eef79add3efb06ef6b0fc1590031d4e781489afc96ba4b7e4a86590bce98c901812e890a4680ed02

Download Submit
C:\Program Files\7-Zip\License.txt

Filesize
5KB

MD5
761b393dac39374a072e58aa6a4872fc

SHA1
fa049f28e907ab6a0489d1fec1746df3a26d22e2

SHA256
3a9a7bca133a8af4560f48dfa351f941e110d80a2c2466e537ec6680b9fc2dda

SHA512
93c5a05469d4469c713370ac8d711caf57bf87b91b4f77aaa6f950552180548624890ec0e910c0f0e2fa1e05417edf37e31e9c128815a3811110bca90885860e

Download Submit
C:\Program Files\7-Zip\Uninstall.exe

Filesize
14KB

MD5
e03115ee7530777231a0051667ab23d3

SHA1
5ded32077cda52b5527f75017552a598b0523db7

SHA256
cccf6f489961bb78c5c4baecd964442b14593799403e2b6e4d50082c3e64803a

SHA512
053f81c647b55df05bef067f26be1d25b44cdd1d5a59c4341904f0b9173a1ad6cc3209035ed4782626b150f090f52276c7d99e77eaf108b2fed52f2179e959ee

Download Submit
C:\Program Files\7-Zip\descript.ion

Filesize
366B

MD5
eb7e322bdc62614e49ded60e0fb23845

SHA1
1bb477811ecdb01457790c46217b61cb53153b75

SHA256
1da513f5a4e8018b9ae143884eb3eaf72454b606fd51f2401b7cfd9be4dbbf4f

SHA512
8160b581a3f237d87e664d93310f5e85a42df793b3e22390093f9fb9a0a39950be6df2a713b55259fce5d5411d0499886a8039288d9481b4095fabadddbebb60

Download Submit
C:\Program Files\7-Zip\readme.txt

Filesize
1KB

MD5
800e525e791ce8ca84a9200ddcabd6b2

SHA1
69800f0c14111fd0ca7f6a41268ad5f4d8ed24f4

SHA256
7687c86d1096d2587a8ee0a9e585725abd1ab7a8af98fdf1cc8234ae94624f33

SHA512
095a707bbe3af79cda2e77799817ae979f72233c92be0ca2f1b089aa285de6498afcd44f84c328b094cbfc733f16c664135bfcaa9a93e5af73bb90afabcb71f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5c1b7a33f9102adb2afbf54adb790209

SHA1
32a8be80ba518a5cdd5d5ef2057d94e537ac8f25

SHA256
c0864a2312f8f08af0dc56ce9f41c700dd7a7eedc65009bfd9e485f6cc307247

SHA512
8a1548682a9fcbf144fbb028cd6c341c1a779d79bb034e31e714f5d9a711d313a9cbdd264a13d9aa8b4a530cea772d10f6cd2f8d5f9da7a0128b2cb942f7d93b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
3fa5ed2c32aab01aa873e4848f3a5eab

SHA1
49fbb545b628a1c60558029812ef8614c6ae3017

SHA256
bfb5faa9c152c9baec0e8a5c450b6e81085539573739c1620c6804fc7fc09060

SHA512
9d6781bf151240a78c04c8d02c5579c894f6de84977cb0f16d25594e37c3b438d8f89b582d1e451379351cf3b167b8f6e12b08cee0519f126faade079b60e3fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
8KB

MD5
8e00d1cd59dd9429c96c7170b7382758

SHA1
450ebec0ecce64377af1b086d986e1e876a1a133

SHA256
99183b303987662528cce4ab54b88db186009d7aedc00ec811d4c0dc251e0c2d

SHA512
c6d8374bab3fcfdf16f9ff4b96b6de35726da96ab58387fc41477a3f513fa4bbf3e6a4d04f600d6a31650a1a92e53fd874aa9757b22905e9517921c0e33fc81c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
02f772d4271214d59b62be6bf64f341b

SHA1
3a0fb52009422621134a99e00190477a8bfe8bb5

SHA256
fb463b3f393c1d63afb0e74116eafef3cdee11095cb637c8e2ef3856b864a643

SHA512
afc5d8d61e2f81d960d07484db20af7f628fb6c1eae8ddc8ab34ee77837187c7642aef2e8d99d48b1855207adeded9b612824d966e658d40882ed9496d013326

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
472a628657e63f52a9d9b69916a2ff1c

SHA1
bb7aa2ba894f80e5c6c894f6b6a90357d8b1b8ab

SHA256
db9a9b75fa1aabd039e658acb9b2a22bb32f299f462014c23206ac5774892b6c

SHA512
83ef6fcea95b81d511b1e2b6853e8cfaf3f4d6e199353b592bde810aba19309eda4bb594cacf3372292bd2e01160c8b4d99607003b8c84253be5d8b4df9e5310

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
1a3226c1b84c92f63d404ee48fd7cfcc

SHA1
13a87defe999b0ba2c3ec35b3ed69f6613031eef

SHA256
6351ef4238f225bcb3c4d59f9b9c81d4c3c6ea8c1eb95e5383f1283e53fcdbf6

SHA512
63886dfd613efc5ad00660a505cb291f2460983d6f8a69c56f63fa1302a3a2081486968437d0c6f2a10ee4f31dcdd59383f562d22b6a5bd800bcd6bfe7df7e8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
02c47d6295e0b63c13caa52b888377df

SHA1
e5321c31871a4e8eaa1c6c5a87f51ff4cc2fdb4f

SHA256
353fb684cd17bb7bfff1bd4b025f83aeee0a883463437a31583954ee55a251fc

SHA512
ca0650a320bdaa4edd0696d65686bd903be1397d0d82b468b07b2e341078a4885a27c07b9b2b3dbd6740e9d38b4bbb5da9d93bc94cf93fab545c271472f663ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
cb2d98df8d710e0257afc8a9e492f94b

SHA1
4ce47bbe6b63799bf5ef20c42788ced0f6c1b34a

SHA256
3fa42ced43fa7c4574b2744b5a776cec728db5530ce5be74420706ce168ad815

SHA512
0bf7700e46e30a8d7f9596d6480bbf30ca10f6351d01e63fb46f7a2e009df633ed55de92b894fba5ecaf4697699128546a5e3bf282848e965d9a118a6bfced1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
87ce025825b6685c9ac5646f33a36fbd

SHA1
1590836f829d5d6b6727194fc2d90f75ff372884

SHA256
b538bb3a728cc35af9f964bd26d4431888c09af757144fdca57be2ef06b2ed91

SHA512
91a7243da67508a13eccc1d8ac73866e6a49ee949c0cb3d934ac0a7b593b1cdf181c4626ab3a6822ae4c3fb4bf95cee880640d74e350367ec76d9cc0dd53110c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
533eb56a009426c16dba0d235a016f5a

SHA1
eb582443fe4896a370b74356123f3e3d0f5dfbf6

SHA256
bd0d704d47be7be0247bde298fc1dceb93099279a0de080f8948b10c1fde2215

SHA512
03eec8b5a99bdd59d6e915ad996062ff64a2d9342560c71a3aab530991fa25a1849b41c2c79edf53ce43ae733d7fed940474994b1d3896d87433f9b9eb1427e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5876e1.TMP

Filesize
48B

MD5
d5cdad8565a78aba6ae744c58e4a254b

SHA1
a0889660f47cb8120e26ac038de6f35988da3d6d

SHA256
d59ea03373780b7512f0bbc229bd5edf35105e1b3701d6ba40b3db7bf07f4de9

SHA512
04f9b7f0f703ca37e8959bf00d1c09c8220ba9d8b35cb5545cfe1aaeec480f3029b0e5e0e6bdfeed22bb019f8d015a422453cc93d9b1d8d74477148e6d751504

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
1fc96524df8690943f46f8095c937564

SHA1
88936c5ec9cdd74a11cad527836216eed352d370

SHA256
07e573be10663260b899da468ce95f45e88a1c71d05f3f31270584add7742cbe

SHA512
a6253c6d304807a61e21612d7f49a26bc95b9a9b9420e3f60c8e77a6ca458938a1da29ce0caf2b51e0e63ce36f5e5cc0256b611cfa7355013f5894583d305c52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
4b16959ed5a3054171d8fbb2eb549f95

SHA1
e3bbc753425ad700258a80aa785b4a86fe11210a

SHA256
5e50b6f3a39ca49d9e2b251f5a4d5a37e8d87340b74c7d22f4a1315b01132683

SHA512
ca94e6f46d5e87291ab5bf6d31432d8414c6d8f7dded1caa190a98ef8c82748d142a4c85b127caf1fccbc1a31da860310352db687b6004d41fea0dbdb9a0ae2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
230104e4a885b8fb81d943186e6d1d47

SHA1
d9a63d293701204f60865ca91f74e004e6d557de

SHA256
8d7fb47abef0bb36f8f38f388513697e01895e046b2b599b3bd109d8eea6aac1

SHA512
f50784c49c892829c33a77b1d842c8f56f615c9bbdf3f3c361f8075a90c6c806cdf59f97198babdcf437dfbceee6d2735ddcdc8f11415cd4715771b9aa8f34a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5833ad.TMP

Filesize
538B

MD5
6c9f674d298d0d2c4943caf4d8754fc7

SHA1
109ac2623563a9a164675fb35a45bf337fba9c0c

SHA256
22ecfd4088b16e5490ae55ee4f86e96b0015d4bc00f872810daec2ab9329f736

SHA512
a64edd60f591a33a00536bf1891cc649c839c4fe1184f96dcccae69bc9c831bfb4fa165b3824e6f1837b7e95896860dbfea1daaa04a57ed6ff8b19a74e816ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ef268789fbae3e553213b765ad9361ee

SHA1
bd41f9b7bb3409e0e8298435241f67ace7464e10

SHA256
9e913bfcf7999090bfc6d5e0e453cfb85a5a517b7b4990fbb3f5168f539a0356

SHA512
7f746b6239f6c3c0bf8188fd95fe48d60f8350c078b1b54c6eea60a874807701e7153750568907beb8aca3b7df2398d75ccd79a67598ef7b962d425063c66796

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d7a35ccd08913b96f89b54f745a1bacf

SHA1
ec6f9eefe5160c40e666e42deed9c41a4291bf1b

SHA256
9018a4673a68b3b53fe98c825b87215092efb526266213baa13ec426afa10499

SHA512
caf717c10cc4a023fb763036e71bb1f92d2d2a561b927cc4381eaf9a137e0101ac04c9575e37b619acef0a426666ef7bd1f3cc806519d8ba957fc3633146bffd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5e31af6e8c53a029f5e97b03d08f75e7

SHA1
fffa18579f3966b768a65c876786e2ad4d61406a

SHA256
021f57612875f02438f5bba5c267dfdbaf6254d3fb332a08a8e46a321e68e1b3

SHA512
580ea751a84457ddc5ffa0547c38fb4cc2929544968d7bd13510ccedf8ec6bad539a9ce37b13b5ab2e106d5cd288faad77e1be4376cb169ca575f87e0f289b53

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
3bd3ea43f3747e8346287b71b6a95080

SHA1
8035537c88cda807502d3e7b5716d5b94ae2e1a6

SHA256
88865377c18fb8507587a385e91d9406cf4476c5aaf91570b19c8558916c6dd0

SHA512
593045d4ba0b11637db067068bff8301635423a67b7b361c07aa86a4e1ad555bc8e2222dc98ded77ff6fef6ea064f4b3efd04936fb280bbf0aced61079510690

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
078c5060b0c1b0704d6d807b981c0ee7

SHA1
eeda025027a475b010a115c4ea727a481e15528c

SHA256
233ccaeeaacca2af85f479e4cec0b174710f0a45bb742f912e793bed211c7a92

SHA512
7b7e8c27fd2bbe121366d338503d0f1883d24fdbe936a61f981808d94001b7ed693f5c6f9377ca822a7ebf2e37bb3d838b448f411ae247346c1d00a6f9e2bcbe

Download Submit
C:\Users\Admin\Downloads\#Pa$$CŌ𝔻e--2275__OpeN-Se-tUp@!#.zip

Filesize
5.4MB

MD5
e03c9ea1c772760057fe7b1a6fcb2d53

SHA1
535b0866580cf4ab6a2ab91f88f7b4e7b23eba5a

SHA256
31a6d9bfa15c7fac1d47a4ea4e54eacc15820db59060d67d0ae0536af809f66f

SHA512
6bef384ed153c896f9fd79761a4218d37bfdf938167a4af7941395039df5e60241d46775cf41c11d668768501ae85eb47e138b3e4568f3ab840e6ba286fae35f

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 481763.crdownload

Filesize
1.6MB

MD5
6c73cc4c494be8f4e680de1a20262c8a

SHA1
28b53835fe92c3fa6e0c422fc3b17c6bc1cb27e0

SHA256
bdd1a33de78618d16ee4ce148b849932c05d0015491c34887846d431d29f308e

SHA512
2e8b746c51132f933cc526db661c2cb8cee889f390e3ce19dabbad1a2e6e13bed7a60f08809282df8d43c1c528a8ce7ce28e9e39fea8c16fd3fcda5604ae0c85

Download Submit