Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
20-01-2025 16:27
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe
Resource
win7-20241010-en
windows7-x64
13 signatures
150 seconds
General
-
Target
JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe
-
Size
136KB
-
MD5
f06fb99cbc73c95a41baa4f84e6d3ba7
-
SHA1
f45aa611eddbe9b1d35900b6462a1dbb2c9e0793
-
SHA256
29eafd0921383977f0bd7d8b57ba9e44d326520ea1e0d02fbef2806870fae303
-
SHA512
7bc1e58563c292180febf136694510f3ac85362596ec59830dc79dc13a8290237cba6f34184a8cde289ab48c552367976ee5f3a502d0e2383ae794f6d62b48a8
-
SSDEEP
768:h06R0UEgnKqGR7//GPc0LOBhvBrHks3IiyhDYQbGmxlNaM+WGa1wuxnzgOYw9ICY:HR0In3Pc0LCH9MtbvabUDzJYWu3Bb
Malware Config
Signatures
-
Modifies WinLogon for persistence 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "userinit.exe,c:\\program files (x86)\\microsoft\\watermark.exe" svchost.exe -
Ramnit family
-
Executes dropped EXE 1 IoCs
pid Process 2824 WaterMark.exe -
Loads dropped DLL 2 IoCs
pid Process 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe -
Drops file in System32 directory 2 IoCs
description ioc Process File created C:\Windows\SysWOW64\dmlconf.dat svchost.exe File opened for modification C:\Windows\SysWOW64\dmlconf.dat svchost.exe -
resource yara_rule behavioral1/memory/3064-4-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-3-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-8-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-9-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-7-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-2-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/3064-1-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2824-26-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2824-28-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2824-69-0x0000000000400000-0x0000000000421000-memory.dmp upx behavioral1/memory/2824-587-0x0000000000400000-0x0000000000421000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\cpu.html svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Selectors.Resources.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\flyout.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Web.Entity.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\settings.html svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll svchost.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll svchost.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\clock.html svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IO.Log.Resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationTypes.resources.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\currency.html svchost.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Xml.Linq.Resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll svchost.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\es-ES\slideShow.html svchost.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll svchost.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll svchost.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll svchost.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Windows.Presentation.resources.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll svchost.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll svchost.exe -
System Location Discovery: System Language Discovery 1 TTPs 4 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WaterMark.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language svchost.exe -
Suspicious behavior: EnumeratesProcesses 37 IoCs
pid Process 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2824 WaterMark.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe 2192 svchost.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeDebugPrivilege 2824 WaterMark.exe Token: SeDebugPrivilege 2192 svchost.exe Token: SeDebugPrivilege 2824 WaterMark.exe -
Suspicious use of UnmapMainImage 2 IoCs
pid Process 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 2824 WaterMark.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3064 wrote to memory of 2824 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 30 PID 3064 wrote to memory of 2824 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 30 PID 3064 wrote to memory of 2824 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 30 PID 3064 wrote to memory of 2824 3064 JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe 30 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2688 2824 WaterMark.exe 31 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2824 wrote to memory of 2192 2824 WaterMark.exe 32 PID 2192 wrote to memory of 256 2192 svchost.exe 1 PID 2192 wrote to memory of 256 2192 svchost.exe 1 PID 2192 wrote to memory of 256 2192 svchost.exe 1 PID 2192 wrote to memory of 256 2192 svchost.exe 1 PID 2192 wrote to memory of 256 2192 svchost.exe 1 PID 2192 wrote to memory of 332 2192 svchost.exe 2 PID 2192 wrote to memory of 332 2192 svchost.exe 2 PID 2192 wrote to memory of 332 2192 svchost.exe 2 PID 2192 wrote to memory of 332 2192 svchost.exe 2 PID 2192 wrote to memory of 332 2192 svchost.exe 2 PID 2192 wrote to memory of 368 2192 svchost.exe 3 PID 2192 wrote to memory of 368 2192 svchost.exe 3 PID 2192 wrote to memory of 368 2192 svchost.exe 3 PID 2192 wrote to memory of 368 2192 svchost.exe 3 PID 2192 wrote to memory of 368 2192 svchost.exe 3 PID 2192 wrote to memory of 380 2192 svchost.exe 4 PID 2192 wrote to memory of 380 2192 svchost.exe 4 PID 2192 wrote to memory of 380 2192 svchost.exe 4 PID 2192 wrote to memory of 380 2192 svchost.exe 4 PID 2192 wrote to memory of 380 2192 svchost.exe 4 PID 2192 wrote to memory of 416 2192 svchost.exe 5 PID 2192 wrote to memory of 416 2192 svchost.exe 5 PID 2192 wrote to memory of 416 2192 svchost.exe 5 PID 2192 wrote to memory of 416 2192 svchost.exe 5 PID 2192 wrote to memory of 416 2192 svchost.exe 5 PID 2192 wrote to memory of 468 2192 svchost.exe 6 PID 2192 wrote to memory of 468 2192 svchost.exe 6 PID 2192 wrote to memory of 468 2192 svchost.exe 6 PID 2192 wrote to memory of 468 2192 svchost.exe 6 PID 2192 wrote to memory of 468 2192 svchost.exe 6 PID 2192 wrote to memory of 476 2192 svchost.exe 7 PID 2192 wrote to memory of 476 2192 svchost.exe 7 PID 2192 wrote to memory of 476 2192 svchost.exe 7 PID 2192 wrote to memory of 476 2192 svchost.exe 7 PID 2192 wrote to memory of 476 2192 svchost.exe 7 PID 2192 wrote to memory of 484 2192 svchost.exe 8 PID 2192 wrote to memory of 484 2192 svchost.exe 8 PID 2192 wrote to memory of 484 2192 svchost.exe 8 PID 2192 wrote to memory of 484 2192 svchost.exe 8 PID 2192 wrote to memory of 484 2192 svchost.exe 8
Processes
-
C:\Windows\System32\smss.exe\SystemRoot\System32\smss.exe1⤵PID:256
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:332
-
C:\Windows\system32\wininit.exewininit.exe1⤵PID:368
-
C:\Windows\system32\services.exeC:\Windows\system32\services.exe2⤵PID:468
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k DcomLaunch3⤵PID:600
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe4⤵PID:1128
-
-
C:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}4⤵PID:1588
-
-
C:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exe -Embedding4⤵PID:2000
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k RPCSS3⤵PID:680
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted3⤵PID:756
-
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted3⤵PID:816
-
C:\Windows\system32\Dwm.exe"C:\Windows\system32\Dwm.exe"4⤵PID:1232
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs3⤵PID:864
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService3⤵PID:1000
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k NetworkService3⤵PID:300
-
-
C:\Windows\System32\spoolsv.exeC:\Windows\System32\spoolsv.exe3⤵PID:288
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetwork3⤵PID:1040
-
-
C:\Windows\system32\taskhost.exe"taskhost.exe"3⤵PID:1132
-
-
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"3⤵PID:1160
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation3⤵PID:1856
-
-
C:\Windows\system32\sppsvc.exeC:\Windows\system32\sppsvc.exe3⤵PID:824
-
-
-
C:\Windows\system32\lsass.exeC:\Windows\system32\lsass.exe2⤵PID:476
-
-
C:\Windows\system32\lsm.exeC:\Windows\system32\lsm.exe2⤵PID:484
-
-
C:\Windows\system32\csrss.exe%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=161⤵PID:380
-
C:\Windows\system32\winlogon.exewinlogon.exe1⤵PID:416
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵PID:1280
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f06fb99cbc73c95a41baa4f84e6d3ba7.exe"2⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:3064 -
C:\Program Files (x86)\Microsoft\WaterMark.exe"C:\Program Files (x86)\Microsoft\WaterMark.exe"3⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:2824 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe4⤵
- Modifies WinLogon for persistence
- Drops file in System32 directory
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:2688
-
-
C:\Windows\SysWOW64\svchost.exeC:\Windows\system32\svchost.exe4⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2192
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html
Filesize286KB
MD5e828b3dcf5c9b2210da25dc88b76433a
SHA1e197d9b39c8ca69a8b718a08dec8e37aeb0a38d3
SHA256d1cdd502a746d3fc1c391b55f84819cfd5a45ed9b242783b99f4f312307463ed
SHA5127be44f95ec9fbffac96fbd41bc9b7f6e46b1b310d480b4efa51a1ef80628aab40d1d8ade6fcb897489752106531cbc526badccd337faee58251d396f2d33666b
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html
Filesize282KB
MD5d182f1a8da9d15cbb6b87e93266b11e8
SHA1d99c868c9d8893d8b1e30bc9147b2395a2a0e003
SHA2567a33116ac26577ef59adcc659dc5505a5a056a7bac6d9675012ca684d60de875
SHA512f29fb073f8b19d372d011b63c3cc790f47f13bd59b778d2f3f7c4c0c345fe287a99056fa9def6528fa0bfd05ef2590e8b0288769344e7d803a8616a70a24f9a2
-
Filesize
136KB
MD5f06fb99cbc73c95a41baa4f84e6d3ba7
SHA1f45aa611eddbe9b1d35900b6462a1dbb2c9e0793
SHA25629eafd0921383977f0bd7d8b57ba9e44d326520ea1e0d02fbef2806870fae303
SHA5127bc1e58563c292180febf136694510f3ac85362596ec59830dc79dc13a8290237cba6f34184a8cde289ab48c552367976ee5f3a502d0e2383ae794f6d62b48a8