Analysis
-
max time kernel
150s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
15-01-2025 20:51
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe
Resource
win7-20240903-en
windows7-x64
13 signatures
150 seconds
General
-
Target
JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe
-
Size
95KB
-
MD5
61a8261c135520d227f7e8bb1f8f5ae5
-
SHA1
8debf844f0b28f0536f7172cbbb3b248ae3fc435
-
SHA256
20f2c369b2ed1cf79f2473655561aebb94e0bb2738ff1b5e8f32cbfc9d4df28a
-
SHA512
fcbd772d11754575d62b88f06285b2fbb5aaa012206ddcc9e9d5bd09bcd6698651b2e470ce5ecaa46d29b7948f8563959109650cdd64b002b9e8a1200320f5fe
-
SSDEEP
768:x06R0UrgnKqGR7//GPc0LOBhvBrHks3IiyhDYQbGmxlNaM+WGa1wuxnzgOYw9ICW:XR0jn3Pc0LCH9MtbvabUDzJYWu3B
Malware Config
Signatures
-
Modifies WinLogon for persistence 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "userinit.exe,c:\\program files (x86)\\microsoft\\watermark.exe" svchost.exe -
Ramnit family
-
Executes dropped EXE 1 IoCs
pid Process 2844 WaterMark.exe -
Loads dropped DLL 2 IoCs
pid Process 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe -
Drops file in System32 directory 2 IoCs
description ioc Process File created C:\Windows\SysWOW64\dmlconf.dat svchost.exe File opened for modification C:\Windows\SysWOW64\dmlconf.dat svchost.exe -
resource yara_rule behavioral1/memory/2796-8-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-9-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-7-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-3-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-2-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-1-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2796-0-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2844-27-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2844-74-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2844-588-0x0000000000400000-0x0000000000421000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Entity.Design.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwjpn.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Web.Entity.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html svchost.exe File opened for modification C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\WindowsBase.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Windows.Presentation.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html svchost.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\clock.html svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Services.Design.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\Microsoft.Build.Utilities.v3.5.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll svchost.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Windows.Presentation.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\weather.html svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Management.Instrumentation.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSClientDataMgr\MSCDM.DLL svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\ALRTINTL.DLL svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Services.Client.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEEXCL.DLL svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe svchost.exe -
System Location Discovery: System Language Discovery 1 TTPs 4 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WaterMark.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe -
Suspicious behavior: EnumeratesProcesses 37 IoCs
pid Process 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 2844 WaterMark.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe 1544 svchost.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeDebugPrivilege 2844 WaterMark.exe Token: SeDebugPrivilege 1544 svchost.exe Token: SeDebugPrivilege 2844 WaterMark.exe -
Suspicious use of UnmapMainImage 2 IoCs
pid Process 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 2844 WaterMark.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2796 wrote to memory of 2844 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 31 PID 2796 wrote to memory of 2844 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 31 PID 2796 wrote to memory of 2844 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 31 PID 2796 wrote to memory of 2844 2796 JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe 31 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 2692 2844 WaterMark.exe 32 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 2844 wrote to memory of 1544 2844 WaterMark.exe 33 PID 1544 wrote to memory of 256 1544 svchost.exe 1 PID 1544 wrote to memory of 256 1544 svchost.exe 1 PID 1544 wrote to memory of 256 1544 svchost.exe 1 PID 1544 wrote to memory of 256 1544 svchost.exe 1 PID 1544 wrote to memory of 256 1544 svchost.exe 1 PID 1544 wrote to memory of 332 1544 svchost.exe 2 PID 1544 wrote to memory of 332 1544 svchost.exe 2 PID 1544 wrote to memory of 332 1544 svchost.exe 2 PID 1544 wrote to memory of 332 1544 svchost.exe 2 PID 1544 wrote to memory of 332 1544 svchost.exe 2 PID 1544 wrote to memory of 380 1544 svchost.exe 3 PID 1544 wrote to memory of 380 1544 svchost.exe 3 PID 1544 wrote to memory of 380 1544 svchost.exe 3 PID 1544 wrote to memory of 380 1544 svchost.exe 3 PID 1544 wrote to memory of 380 1544 svchost.exe 3 PID 1544 wrote to memory of 388 1544 svchost.exe 4 PID 1544 wrote to memory of 388 1544 svchost.exe 4 PID 1544 wrote to memory of 388 1544 svchost.exe 4 PID 1544 wrote to memory of 388 1544 svchost.exe 4 PID 1544 wrote to memory of 388 1544 svchost.exe 4 PID 1544 wrote to memory of 428 1544 svchost.exe 5 PID 1544 wrote to memory of 428 1544 svchost.exe 5 PID 1544 wrote to memory of 428 1544 svchost.exe 5 PID 1544 wrote to memory of 428 1544 svchost.exe 5 PID 1544 wrote to memory of 428 1544 svchost.exe 5 PID 1544 wrote to memory of 472 1544 svchost.exe 6 PID 1544 wrote to memory of 472 1544 svchost.exe 6 PID 1544 wrote to memory of 472 1544 svchost.exe 6 PID 1544 wrote to memory of 472 1544 svchost.exe 6 PID 1544 wrote to memory of 472 1544 svchost.exe 6 PID 1544 wrote to memory of 488 1544 svchost.exe 7 PID 1544 wrote to memory of 488 1544 svchost.exe 7 PID 1544 wrote to memory of 488 1544 svchost.exe 7 PID 1544 wrote to memory of 488 1544 svchost.exe 7 PID 1544 wrote to memory of 488 1544 svchost.exe 7 PID 1544 wrote to memory of 496 1544 svchost.exe 8 PID 1544 wrote to memory of 496 1544 svchost.exe 8 PID 1544 wrote to memory of 496 1544 svchost.exe 8 PID 1544 wrote to memory of 496 1544 svchost.exe 8 PID 1544 wrote to memory of 496 1544 svchost.exe 8
Processes
-
C:\Windows\System32\smss.exe\SystemRoot\System32\smss.exe1⤵PID:256
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:332
-
C:\Windows\system32\wininit.exewininit.exe1⤵PID:380
-
C:\Windows\system32\services.exeC:\Windows\system32\services.exe2⤵PID:472
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k DcomLaunch3⤵PID:600
-
C:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}4⤵PID:304
-
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe4⤵PID:1888
-
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe -Embedding4⤵PID:1176
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k RPCSS3⤵PID:680
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted3⤵PID:752
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted3⤵PID:816
-
C:\Windows\system32\Dwm.exe"C:\Windows\system32\Dwm.exe"4⤵PID:1156
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs3⤵PID:852
-
\\?\C:\Windows\system32\wbem\WMIADAP.EXEwmiadap.exe /F /T /R4⤵PID:2308
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService3⤵PID:968
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k NetworkService3⤵PID:236
-
-
C:\Windows\System32\spoolsv.exeC:\Windows\System32\spoolsv.exe3⤵PID:1020
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetwork3⤵PID:1056
-
-
C:\Windows\system32\taskhost.exe"taskhost.exe"3⤵PID:1104
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"3⤵PID:292
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation3⤵PID:2460
-
-
C:\Windows\system32\sppsvc.exeC:\Windows\system32\sppsvc.exe3⤵PID:628
-
-
-
C:\Windows\system32\lsass.exeC:\Windows\system32\lsass.exe2⤵PID:488
-
-
C:\Windows\system32\lsm.exeC:\Windows\system32\lsm.exe2⤵PID:496
-
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:388
-
C:\Windows\system32\winlogon.exewinlogon.exe1⤵PID:428
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵PID:1196
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_61a8261c135520d227f7e8bb1f8f5ae5.exe"2⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:2796 -
C:\Program Files (x86)\Microsoft\WaterMark.exe"C:\Program Files (x86)\Microsoft\WaterMark.exe"3⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:2844 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe4⤵
- Modifies WinLogon for persistence
- Drops file in System32 directory
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:2692
-
-
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe4⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1544
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html
Filesize204KB
MD526f392b8020627050762e63100d7ae89
SHA1835c09da317d663832ec98efc2eea125509ecb33
SHA2561cb5845450fdade1536a23717627bee4a7aec8abefc6ab70015c3bfaf6ae64b4
SHA512677f7cc6aa7cef688a445fb7e3329f3bf9f91fb61086fb03e06cbef6d974d2e4e6b2608ea652afcb728d0688b08e1d76939430e1a1c84b493a149f47f0f87731
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html
Filesize200KB
MD55b57a8013f48aa9338cf257f6d802eca
SHA13f2828d1f968fd1fb3a73f3c2e45c5dbe8ece36a
SHA256bd6c6b24129138c49ee34ecdcb5c34017dd602d1501ed6c3ce3859e6a0f59866
SHA512df1ae6e46ee06df71373b41acb6e5d422a3d1c6802224656c8143fc4f4aaac336f762ec621a9d356aad3bfdac81de923f008ceb543f0b80aaf2fb3446fc09b96
-
Filesize
95KB
MD561a8261c135520d227f7e8bb1f8f5ae5
SHA18debf844f0b28f0536f7172cbbb3b248ae3fc435
SHA25620f2c369b2ed1cf79f2473655561aebb94e0bb2738ff1b5e8f32cbfc9d4df28a
SHA512fcbd772d11754575d62b88f06285b2fbb5aaa012206ddcc9e9d5bd09bcd6698651b2e470ce5ecaa46d29b7948f8563959109650cdd64b002b9e8a1200320f5fe