c5b1e85073a146fc9ea48b222fb28970bd665bad98ce11581a63b763d6319ba0

Analysis

max time kernel
296s
max time network
298s
platform
windows11-21h2_x64
resource
win11-20250217-en
resource tags

arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
submitted
04/03/2025, 13:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sqldeveloper-23.1.1.345.2114-x64.zip
Size

437.5MB
MD5

3dc07aff110632a9e83189e7e689f279
SHA1

59aa51cc318a32c4ddbac9f4c0b8ae12d6871cbd
SHA256

c5b1e85073a146fc9ea48b222fb28970bd665bad98ce11581a63b763d6319ba0
SHA512

21adff64131acad4d447a1050497b8437366b9db35707626f9bb3fc90d1d369be631de009eb466b1909a054ee073ab3d7da12073594472b1b9a640f904ca3f21
SSDEEP

12582912:NYHbFsq8w6jrrvzngbaIA1f4l6mUQOLAeLiI0nwXw:NYHRow6DznwaIA1pDEnwXw

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT. 1 IoCs

phishing microsoft

flow	pid	Process
18	4700	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	sqldeveloper.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	sqldeveloper64W.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	sqldeveloper64W.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	sqldeveloper64W.exe
Key created	\REGISTRY\USER\S-1-5-21-2800786028-4028220528-1905518260-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	sqldeveloper64W.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe
3996	msedge.exe

Suspicious use of SetWindowsHookEx 12 IoCs

pid	Process
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe
5048	sqldeveloper64W.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 836 wrote to memory of 5048	836	sqldeveloper.exe	101
PID 836 wrote to memory of 5048	836	sqldeveloper.exe	101
PID 5048 wrote to memory of 4228	5048	sqldeveloper64W.exe	102
PID 5048 wrote to memory of 4228	5048	sqldeveloper64W.exe	102
PID 5048 wrote to memory of 1960	5048	sqldeveloper64W.exe	104
PID 5048 wrote to memory of 1960	5048	sqldeveloper64W.exe	104
PID 5048 wrote to memory of 3996	5048	sqldeveloper64W.exe	106
PID 5048 wrote to memory of 3996	5048	sqldeveloper64W.exe	106
PID 3996 wrote to memory of 1924	3996	msedge.exe	107
PID 3996 wrote to memory of 1924	3996	msedge.exe	107
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 2664	3996	msedge.exe	108
PID 3996 wrote to memory of 4700	3996	msedge.exe	109
PID 3996 wrote to memory of 4700	3996	msedge.exe	109
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110
PID 3996 wrote to memory of 2688	3996	msedge.exe	110

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\sqldeveloper-23.1.1.345.2114-x64.zip
1⤵
PID:2368

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:220

C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper.exe
"C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:836
- C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exe
  C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exe
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:5048
- - C:\Windows\SYSTEM32\reg.exe
    "reg" query "HKU\S-1-5-19"
    3⤵
    PID:4228
- - C:\Windows\SYSTEM32\reg.exe
    "reg" query "HKU\S-1-5-19"
    3⤵
    PID:1960
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://marketplace.visualstudio.com/items?itemName=Oracle.sql-developer
    3⤵
    - Enumerates system info in registry
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SendNotifyMessage
    - Suspicious use of WriteProcessMemory
    PID:3996
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa8db83cb8,0x7ffa8db83cc8,0x7ffa8db83cd8
      4⤵
      PID:1924
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
      4⤵
      PID:2664
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
      4⤵
      Detected potential entity reuse from brand MICROSOFT.
      Suspicious behavior: EnumeratesProcesses
      PID:4700
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
      4⤵
      PID:2688
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
      4⤵
      PID:5260
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
      4⤵
      PID:4624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5172

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4056

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
65e4ec4ac6e46cd0089677aa7d21b6ac

SHA1
3a4a960c8c4124adf7d4ae172dbcfc6bea04e9f8

SHA256
642f9feb6154979ad1d820c4f06528a68f22beb3d68e7f6d9f6effeeeca9d373

SHA512
de864963da030d132b366a466c71ac9a6349c505ff6323698309d31bcc85a378cf9a1e3f0252dd99f52ca1bfb45b58755905d7bd991ff540055a406d00905589

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6b9ce6bc1a88163282c78707a8b925d6

SHA1
fda0231f975424726b6cddf7352f61bf4b8b1545

SHA256
b6cb26b9adc42bf4160b174c05ed54f0e313973644470651a45de470ad87814b

SHA512
31aac5ee39b3f443f4adc6b1b9d5f846124b521c80aaf31ac1ddf881c9a551649ef6244bdb8554a39d364420634b6044b3cf27df7bcbdd4f889ef7f870a51564

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
aad6f254d86866513ffd71b484c94f44

SHA1
56214be84579f02d7244a97956de9ab0b0cbbb23

SHA256
f742a6005047a9fdb283c9b2eeac52d2e2c0c649cac1b886ed3ccde1b95e8ce6

SHA512
0b8d2331040ceceff541a668514183eb939999e50810606a70fd66ea419c552c37d2cc79254329cf5aa17dab531c1d966f774cba468e55b8d8300a75c0b25ce8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
349B

MD5
ab00f2122391148fc44e8e6d549536fa

SHA1
fd5c13c1d741d58b0a926bbfba07932268a62213

SHA256
d7fb57ba985b604022391ca8b37fa1e132022deecc9f660525325c9c34d12b3f

SHA512
ae3aa3f5ac782d901eefff4e5665243dc6999039c40e133683d3db4bc5f9837cbb3a9caed7cd5fada9656324acb7d8efcab86c2a413ccc2d4729b1032cf3c48a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
bb75e9b557806f621f84d2548c21a4dd

SHA1
a9ffc395d3731192f62f23578b0957869a312410

SHA256
a80372c77ce9fe544dfbca1f2ba23ad50b25e9560239164dd6f5242aa76250c0

SHA512
e7c10ee1d5409676986ca27e228c6c3e37954c6011dfaefbe9f96f618d2b8ac27a93b7aba522a13d64da5d6305994f47ae3fba68d7eca164d01c0dd91dd8344e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
91dfb91a50c2f8a6a27ed95caaee1af5

SHA1
59b684c8ed9e73c5c5692be1e0026206d63f3b7e

SHA256
a17789ae621cf41b0cd2afd94cfbeec4a28aa3e89e77e70288dde5e8b9b0dee6

SHA512
802876326bf6a8df21a45bc02125939ba2f439ddab9f5afffae1a6639c2f119f5bd58efe36e3e5d13ef7976b884457c0ae1e7ea3d48b1ebc5e6fcd0025303c9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9559a46cada11871edeb66b0d01cae42

SHA1
3a606d14325245300593de5c6c8ed20d392aded0

SHA256
e97cd9135b704ffdeea7b474568fd74c43ef385d31390adabc6a0a8ff28e8b02

SHA512
ba5c1df526010d39ceda6ccd2a4da9762a78d6af7c4099dd3078a991c390b6c16b1614f068b8e76a33b75d8a7553bbd0943df274f14c884c2ea1c6a88609757d

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem.properties

Filesize
30B

MD5
1636476346e4942ae20fa309fe5a9abf

SHA1
c3e43dd0c3897ab3f6e1d70853ddce1cfefe7cec

SHA256
fe09c774ad04e5bab479d4e51d7e07e4a598f487b666ada8a28e6d35e9928e01

SHA512
20d39cdbe70c82dc98eaccba31c4b3bfb87ca9f6443e71709ebcb230eeadd842455039e2b3f73dd11d5bd4580bd0aa8155247c0bf9dd1e30e3b3efd87e066084

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem.properties

Filesize
54B

MD5
4296a87f2d343c9ced79e206ddff1a05

SHA1
9bfc159805a2c70e2fd27ad460f229c242c44b12

SHA256
e9f867d29fe522447409567e6e428edf318e9006d78cd05dceb00b411926ae90

SHA512
0edea99921d2a8de985247bba7d14c52d4d8806ef4c4fae92262011bf7f893f64215800b932f01b03bb8d5cefe15c2309861293aa0b996fa52c330728ca5d2bd

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\knownDockables.properties

Filesize
1KB

MD5
e9c55fe9aa147a6b9bbf952bf0979751

SHA1
82ec4ff429c9cdae98fa6de8939eb3185c11aacf

SHA256
e4b783f3a3e984d54b2088b38019634409e5c3483483fc6a551c3b5af7d86122

SHA512
660733d8bcfe544ee2bd8e441760d06607d4407b9cbdc0d9d4719f8d717b2169dcdb0856fa95715e1b839aeebec65678b4b507483707069b03f6f7436b1b09fe

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\knownDockablesInLayout.properties

Filesize
2KB

MD5
b37d1322e99f787968d6a5c7f222c653

SHA1
014319d205acacb08888730486058b93eef2f6ae

SHA256
008313358e930e1a533960578b354bae359f44ca695e633ddb091a6598e60f60

SHA512
cdca69c918df262f39850099386a2d544aa3d529ea394bbefa1c938f86510191a69c2ea1d4ade8734fe5a390479df9eb50b3c6bc9bde4865999dc0cfd914986d

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\layouts\editor\Editing.properties

Filesize
181B

MD5
d724026baa289ffa6e946a424c987176

SHA1
e857f5fc2400006f8d5f8935fe1cbbf0501bd3e7

SHA256
966376a3c412f1d3c3f79abcb3169ee396bb64a3cac7ad90f3ed8b2ff797fb44

SHA512
7de78e47fd6160b760c4d48a7bee6c8c482aef2923f5f3b7afac7794fd31dcf93d89d5eda24c850715f20c5e1955759e215e3b60dad9d8cb68b64f1233e50969

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\layouts\task\Editing.properties

Filesize
797B

MD5
5697fadd58c22fba446bc073867d74bb

SHA1
946d1d9fa6e0c7c0fd07c4baf2a6787ea0aadbe8

SHA256
17e2ddce7fe3ac67bac10a944f87f28991489b29a7bf9e003f1262571822e5e8

SHA512
009474ad9eed8d984954147b394937ec8a3cc832dab8ea91d8d0fddc8a79c311325c5108220484260a9fea4d8cb13456ee2f140b3827fb87da24ceb7b46575af

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\mainwnd.properties

Filesize
45B

MD5
60fb5bbc5fcdc994cb5aba261ad6a927

SHA1
282d47db5903d819b953587a9750461a988eac08

SHA256
0555a13100ba95cdd11736c372570b4944d41326313383b33a42eff2097f81ad

SHA512
a07e4538cb7b5902d9f779bd796014ae604b35d956a491e79e0c211cdd0a12aea6ad10ef3e13c6b41d10fffb8f0f9a10ab1530a4b56937315dbb2249d3f220a6

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\org\netbeans\core\windows\tctracker.properties

Filesize
1KB

MD5
2940343f80eba03f8339465edbb21edb

SHA1
6b88b4e92f9eb5c6366e17c80bb18fcd1b0b583a

SHA256
03eb04fa3eac2cbedefccaad4e14f727ce9381625edb89ce1e2b7c19468be37e

SHA512
5196a7d05a6631210246c78b948e949699000c9ea138889526718df0f6c410470c986ceb5427f225db89e7964bbfb2a05b7cf14b55b01e6b6a121f9e9d5697fb

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Windows2Local\Components\NBDC_DatabaseNavigatorWindow.Default.settings

Filesize
323B

MD5
03251b1944be2df52432e210a30d8ae5

SHA1
b72bd5e0e95cd347cacd29074e636208e4ce0b09

SHA256
04f5b66093d6e093a87cac7d0b3d6d1de5b349bb41408701c83d4fc6b209de8e

SHA512
34b7236dd1f56c22a63c471d0e7dce9ade6b1ec69458bf261d019ba71431f266cf2a7f28be9fd9660187041b960e91ed19c2d5c695718e2bbb4bd04fba45c614

Download Submit
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Windows2Local\Components\NBDC_ReportNavigatorWindow.DatabaseReports.settings

Filesize
329B

MD5
1f031d3ddb2f74372406fe215e37e67c

SHA1
c042b8571c459c6c6fba2b52a981e389a1747f0e

SHA256
2eb1eacde0f9b6bdf6b273bb98a2c6cb01ce70aa15d93ae256b6ef20299fb872

SHA512
e90e3b88611b8bdbf680dbb9cc77bc9bc780710ea2fce2879c3608fa6019c2a0c8b217625d56bc6fe8b0943cf83be4dc292b9a9fc0fc9d32a464ba6b95e37c0c

Download Submit
C:\Users\Admin\AppData\Roaming\sqldeveloper\23.1.1\product.conf

Filesize
2KB

MD5
eaf828c38b4444b3f6d9ec87acb9bb42

SHA1
d2a0a7ac176b62fa0bbde3842da042a8a753b758

SHA256
e788878931de3fd99a9c151803f8dceb6ca96f87b4a3cf516069e4932d30878a

SHA512
a5708c32b0e5daee2d55d749671683806178dde3bba8d860f48d05087fcbf57b2194e79b6b1da898e5dd9aaf8200bebd53a25a4f788938f2bda0ed5d5bc99517

Download Submit
memory/5048-1329-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1272-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1254-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1182-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1519-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1527-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1535-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1555-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1564-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download
memory/5048-1585-0x00000001F19E0000-0x00000001F5E77000-memory.dmp

Filesize
68.6MB

Download