Analysis
-
max time kernel
296s -
max time network
298s -
platform
windows11-21h2_x64 -
resource
win11-20250217-en -
resource tags
arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system -
submitted
04/03/2025, 13:07
General
-
Target
sqldeveloper-23.1.1.345.2114-x64.zip
-
Size
437.5MB
-
MD5
3dc07aff110632a9e83189e7e689f279
-
SHA1
59aa51cc318a32c4ddbac9f4c0b8ae12d6871cbd
-
SHA256
c5b1e85073a146fc9ea48b222fb28970bd665bad98ce11581a63b763d6319ba0
-
SHA512
21adff64131acad4d447a1050497b8437366b9db35707626f9bb3fc90d1d369be631de009eb466b1909a054ee073ab3d7da12073594472b1b9a640f904ca3f21
-
SSDEEP
12582912:NYHbFsq8w6jrrvzngbaIA1f4l6mUQOLAeLiI0nwXw:NYHRow6DznwaIA1pDEnwXw
Malware Config
Signatures
-
flow pid Process 18 4700 msedge.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language sqldeveloper.exe -
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 sqldeveloper64W.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision sqldeveloper64W.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Modifies registry class 2 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ sqldeveloper64W.exe Key created \REGISTRY\USER\S-1-5-21-2800786028-4028220528-1905518260-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ sqldeveloper64W.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4700 msedge.exe 4700 msedge.exe 3996 msedge.exe 3996 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 3996 msedge.exe 3996 msedge.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe -
Suspicious use of SendNotifyMessage 12 IoCs
pid Process 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe 3996 msedge.exe -
Suspicious use of SetWindowsHookEx 12 IoCs
pid Process 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe 5048 sqldeveloper64W.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 836 wrote to memory of 5048 836 sqldeveloper.exe 101 PID 836 wrote to memory of 5048 836 sqldeveloper.exe 101 PID 5048 wrote to memory of 4228 5048 sqldeveloper64W.exe 102 PID 5048 wrote to memory of 4228 5048 sqldeveloper64W.exe 102 PID 5048 wrote to memory of 1960 5048 sqldeveloper64W.exe 104 PID 5048 wrote to memory of 1960 5048 sqldeveloper64W.exe 104 PID 5048 wrote to memory of 3996 5048 sqldeveloper64W.exe 106 PID 5048 wrote to memory of 3996 5048 sqldeveloper64W.exe 106 PID 3996 wrote to memory of 1924 3996 msedge.exe 107 PID 3996 wrote to memory of 1924 3996 msedge.exe 107 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 2664 3996 msedge.exe 108 PID 3996 wrote to memory of 4700 3996 msedge.exe 109 PID 3996 wrote to memory of 4700 3996 msedge.exe 109 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110 PID 3996 wrote to memory of 2688 3996 msedge.exe 110
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\sqldeveloper-23.1.1.345.2114-x64.zip1⤵PID:2368
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:220
-
C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper.exe"C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:836 -
C:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exeC:\Users\Admin\Documents\sqldeveloper-23.1.1.345.2114-x64\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exe2⤵
- Checks processor information in registry
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:5048 -
C:\Windows\SYSTEM32\reg.exe"reg" query "HKU\S-1-5-19"3⤵PID:4228
-
-
C:\Windows\SYSTEM32\reg.exe"reg" query "HKU\S-1-5-19"3⤵PID:1960
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://marketplace.visualstudio.com/items?itemName=Oracle.sql-developer3⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3996 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa8db83cb8,0x7ffa8db83cc8,0x7ffa8db83cd84⤵PID:1924
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:24⤵PID:2664
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:34⤵
- Detected potential entity reuse from brand MICROSOFT.
- Suspicious behavior: EnumeratesProcesses
PID:4700
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:84⤵PID:2688
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:14⤵PID:5260
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,2082199276424896818,4811910392606304684,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:14⤵PID:4624
-
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5172
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4056
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD565e4ec4ac6e46cd0089677aa7d21b6ac
SHA13a4a960c8c4124adf7d4ae172dbcfc6bea04e9f8
SHA256642f9feb6154979ad1d820c4f06528a68f22beb3d68e7f6d9f6effeeeca9d373
SHA512de864963da030d132b366a466c71ac9a6349c505ff6323698309d31bcc85a378cf9a1e3f0252dd99f52ca1bfb45b58755905d7bd991ff540055a406d00905589
-
Filesize
152B
MD56b9ce6bc1a88163282c78707a8b925d6
SHA1fda0231f975424726b6cddf7352f61bf4b8b1545
SHA256b6cb26b9adc42bf4160b174c05ed54f0e313973644470651a45de470ad87814b
SHA51231aac5ee39b3f443f4adc6b1b9d5f846124b521c80aaf31ac1ddf881c9a551649ef6244bdb8554a39d364420634b6044b3cf27df7bcbdd4f889ef7f870a51564
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD5aad6f254d86866513ffd71b484c94f44
SHA156214be84579f02d7244a97956de9ab0b0cbbb23
SHA256f742a6005047a9fdb283c9b2eeac52d2e2c0c649cac1b886ed3ccde1b95e8ce6
SHA5120b8d2331040ceceff541a668514183eb939999e50810606a70fd66ea419c552c37d2cc79254329cf5aa17dab531c1d966f774cba468e55b8d8300a75c0b25ce8
-
Filesize
349B
MD5ab00f2122391148fc44e8e6d549536fa
SHA1fd5c13c1d741d58b0a926bbfba07932268a62213
SHA256d7fb57ba985b604022391ca8b37fa1e132022deecc9f660525325c9c34d12b3f
SHA512ae3aa3f5ac782d901eefff4e5665243dc6999039c40e133683d3db4bc5f9837cbb3a9caed7cd5fada9656324acb7d8efcab86c2a413ccc2d4729b1032cf3c48a
-
Filesize
5KB
MD5bb75e9b557806f621f84d2548c21a4dd
SHA1a9ffc395d3731192f62f23578b0957869a312410
SHA256a80372c77ce9fe544dfbca1f2ba23ad50b25e9560239164dd6f5242aa76250c0
SHA512e7c10ee1d5409676986ca27e228c6c3e37954c6011dfaefbe9f96f618d2b8ac27a93b7aba522a13d64da5d6305994f47ae3fba68d7eca164d01c0dd91dd8344e
-
Filesize
6KB
MD591dfb91a50c2f8a6a27ed95caaee1af5
SHA159b684c8ed9e73c5c5692be1e0026206d63f3b7e
SHA256a17789ae621cf41b0cd2afd94cfbeec4a28aa3e89e77e70288dde5e8b9b0dee6
SHA512802876326bf6a8df21a45bc02125939ba2f439ddab9f5afffae1a6639c2f119f5bd58efe36e3e5d13ef7976b884457c0ae1e7ea3d48b1ebc5e6fcd0025303c9d
-
Filesize
10KB
MD59559a46cada11871edeb66b0d01cae42
SHA13a606d14325245300593de5c6c8ed20d392aded0
SHA256e97cd9135b704ffdeea7b474568fd74c43ef385d31390adabc6a0a8ff28e8b02
SHA512ba5c1df526010d39ceda6ccd2a4da9762a78d6af7c4099dd3078a991c390b6c16b1614f068b8e76a33b75d8a7553bbd0943df274f14c884c2ea1c6a88609757d
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem.properties
Filesize30B
MD51636476346e4942ae20fa309fe5a9abf
SHA1c3e43dd0c3897ab3f6e1d70853ddce1cfefe7cec
SHA256fe09c774ad04e5bab479d4e51d7e07e4a598f487b666ada8a28e6d35e9928e01
SHA51220d39cdbe70c82dc98eaccba31c4b3bfb87ca9f6443e71709ebcb230eeadd842455039e2b3f73dd11d5bd4580bd0aa8155247c0bf9dd1e30e3b3efd87e066084
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem.properties
Filesize54B
MD54296a87f2d343c9ced79e206ddff1a05
SHA19bfc159805a2c70e2fd27ad460f229c242c44b12
SHA256e9f867d29fe522447409567e6e428edf318e9006d78cd05dceb00b411926ae90
SHA5120edea99921d2a8de985247bba7d14c52d4d8806ef4c4fae92262011bf7f893f64215800b932f01b03bb8d5cefe15c2309861293aa0b996fa52c330728ca5d2bd
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\knownDockables.properties
Filesize1KB
MD5e9c55fe9aa147a6b9bbf952bf0979751
SHA182ec4ff429c9cdae98fa6de8939eb3185c11aacf
SHA256e4b783f3a3e984d54b2088b38019634409e5c3483483fc6a551c3b5af7d86122
SHA512660733d8bcfe544ee2bd8e441760d06607d4407b9cbdc0d9d4719f8d717b2169dcdb0856fa95715e1b839aeebec65678b4b507483707069b03f6f7436b1b09fe
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\knownDockablesInLayout.properties
Filesize2KB
MD5b37d1322e99f787968d6a5c7f222c653
SHA1014319d205acacb08888730486058b93eef2f6ae
SHA256008313358e930e1a533960578b354bae359f44ca695e633ddb091a6598e60f60
SHA512cdca69c918df262f39850099386a2d544aa3d529ea394bbefa1c938f86510191a69c2ea1d4ade8734fe5a390479df9eb50b3c6bc9bde4865999dc0cfd914986d
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\layouts\editor\Editing.properties
Filesize181B
MD5d724026baa289ffa6e946a424c987176
SHA1e857f5fc2400006f8d5f8935fe1cbbf0501bd3e7
SHA256966376a3c412f1d3c3f79abcb3169ee396bb64a3cac7ad90f3ed8b2ff797fb44
SHA5127de78e47fd6160b760c4d48a7bee6c8c482aef2923f5f3b7afac7794fd31dcf93d89d5eda24c850715f20c5e1955759e215e3b60dad9d8cb68b64f1233e50969
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\layouts\task\Editing.properties
Filesize797B
MD55697fadd58c22fba446bc073867d74bb
SHA1946d1d9fa6e0c7c0fd07c4baf2a6787ea0aadbe8
SHA25617e2ddce7fe3ac67bac10a944f87f28991489b29a7bf9e003f1262571822e5e8
SHA512009474ad9eed8d984954147b394937ec8a3cc832dab8ea91d8d0fddc8a79c311325c5108220484260a9fea4d8cb13456ee2f140b3827fb87da24ceb7b46575af
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\com\oracle\jdeveloper\nbwindowsystem\Default\mainwnd.properties
Filesize45B
MD560fb5bbc5fcdc994cb5aba261ad6a927
SHA1282d47db5903d819b953587a9750461a988eac08
SHA2560555a13100ba95cdd11736c372570b4944d41326313383b33a42eff2097f81ad
SHA512a07e4538cb7b5902d9f779bd796014ae604b35d956a491e79e0c211cdd0a12aea6ad10ef3e13c6b41d10fffb8f0f9a10ab1530a4b56937315dbb2249d3f220a6
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Preferences\org\netbeans\core\windows\tctracker.properties
Filesize1KB
MD52940343f80eba03f8339465edbb21edb
SHA16b88b4e92f9eb5c6366e17c80bb18fcd1b0b583a
SHA25603eb04fa3eac2cbedefccaad4e14f727ce9381625edb89ce1e2b7c19468be37e
SHA5125196a7d05a6631210246c78b948e949699000c9ea138889526718df0f6c410470c986ceb5427f225db89e7964bbfb2a05b7cf14b55b01e6b6a121f9e9d5697fb
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Windows2Local\Components\NBDC_DatabaseNavigatorWindow.Default.settings
Filesize323B
MD503251b1944be2df52432e210a30d8ae5
SHA1b72bd5e0e95cd347cacd29074e636208e4ce0b09
SHA25604f5b66093d6e093a87cac7d0b3d6d1de5b349bb41408701c83d4fc6b209de8e
SHA51234b7236dd1f56c22a63c471d0e7dce9ade6b1ec69458bf261d019ba71431f266cf2a7f28be9fd9660187041b960e91ed19c2d5c695718e2bbb4bd04fba45c614
-
C:\Users\Admin\AppData\Roaming\SQL Developer\system23.1.1.345.2114\system_cache\config\Windows2Local\Components\NBDC_ReportNavigatorWindow.DatabaseReports.settings
Filesize329B
MD51f031d3ddb2f74372406fe215e37e67c
SHA1c042b8571c459c6c6fba2b52a981e389a1747f0e
SHA2562eb1eacde0f9b6bdf6b273bb98a2c6cb01ce70aa15d93ae256b6ef20299fb872
SHA512e90e3b88611b8bdbf680dbb9cc77bc9bc780710ea2fce2879c3608fa6019c2a0c8b217625d56bc6fe8b0943cf83be4dc292b9a9fc0fc9d32a464ba6b95e37c0c
-
Filesize
2KB
MD5eaf828c38b4444b3f6d9ec87acb9bb42
SHA1d2a0a7ac176b62fa0bbde3842da042a8a753b758
SHA256e788878931de3fd99a9c151803f8dceb6ca96f87b4a3cf516069e4932d30878a
SHA512a5708c32b0e5daee2d55d749671683806178dde3bba8d860f48d05087fcbf57b2194e79b6b1da898e5dd9aaf8200bebd53a25a4f788938f2bda0ed5d5bc99517