3730e9cba4a93bc985ef7cd2368ccbf5eccd4724f514b38b20e320e5553dd08d

Resubmissions

25/03/2025, 13:12

250325-qfl42aznw9 10

25/03/2025, 13:09

25/03/2025, 13:05

25/03/2025, 13:01

25/03/2025, 12:55

25/03/2025, 12:51

05/02/2025, 11:16

16/07/2024, 08:54

Analysis

max time kernel
46s
max time network
6s
platform
windows11-21h2_x64
resource
win11-20250314-en
resource tags

arch:x64arch:x86image:win11-20250314-enlocale:en-usos:windows11-21h2-x64system
submitted
25/03/2025, 12:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
Size

1.3MB
MD5

af24c3030002d1487c6455fdb1a09eec
SHA1

72732ddefce71c13297df596267260a5d8e892f3
SHA256

37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c
SHA512

470a0cf695add143555eaa45f3fe5c462edb1cea2cd1589b19f55029b488fae58da2bd588bf79cdb16eeb4518bc7b7189eba764d611d008b1b27145ca0e8a2e3
SSDEEP

24576:Auh7HYGSWwFda6lBbXUqcTGKcr5YrcRBlBnNmkE9pneHiAvuQnL1mp/DVmu6KUi0:Dhkkw7LNNmTDqnRmJDx61i0

Score

8^/10

defense_evasion discovery persistence privilege_escalation

Malware Config

Signatures

Modifies Windows Firewall 2 TTPs 2 IoCs

defense_evasion

Windows Service

T1543.003

Disable or Modify System Firewall

T1562.004

pid	Process
5100	netsh.exe
3984	netsh.exe

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
3	api.my-ip.io
4	api.my-ip.io

Event Triggered Execution: Netsh Helper DLL 1 TTPs 6 IoCs

Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

persistence privilege_escalation

Netsh Helper DLL

T1546.007

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe

System Location Discovery: System Language Discovery 1 TTPs 32 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net1.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	net.exe

Runs net.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2072 wrote to memory of 5760	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	79
PID 2072 wrote to memory of 5760	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	79
PID 2072 wrote to memory of 5760	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	79
PID 5760 wrote to memory of 4248	5760	cmd.exe	81
PID 5760 wrote to memory of 4248	5760	cmd.exe	81
PID 5760 wrote to memory of 4248	5760	cmd.exe	81
PID 4248 wrote to memory of 6024	4248	net.exe	82
PID 4248 wrote to memory of 6024	4248	net.exe	82
PID 4248 wrote to memory of 6024	4248	net.exe	82
PID 2072 wrote to memory of 3080	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	83
PID 2072 wrote to memory of 3080	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	83
PID 2072 wrote to memory of 3080	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	83
PID 2072 wrote to memory of 4120	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	85
PID 2072 wrote to memory of 4120	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	85
PID 2072 wrote to memory of 4120	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	85
PID 2072 wrote to memory of 2256	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	87
PID 2072 wrote to memory of 2256	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	87
PID 2072 wrote to memory of 2256	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	87
PID 2072 wrote to memory of 2912	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	89
PID 2072 wrote to memory of 2912	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	89
PID 2072 wrote to memory of 2912	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	89
PID 2912 wrote to memory of 5072	2912	cmd.exe	91
PID 2912 wrote to memory of 5072	2912	cmd.exe	91
PID 2912 wrote to memory of 5072	2912	cmd.exe	91
PID 5072 wrote to memory of 4848	5072	net.exe	92
PID 5072 wrote to memory of 4848	5072	net.exe	92
PID 5072 wrote to memory of 4848	5072	net.exe	92
PID 2072 wrote to memory of 5108	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	93
PID 2072 wrote to memory of 5108	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	93
PID 2072 wrote to memory of 5108	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	93
PID 5108 wrote to memory of 4880	5108	cmd.exe	95
PID 5108 wrote to memory of 4880	5108	cmd.exe	95
PID 5108 wrote to memory of 4880	5108	cmd.exe	95
PID 4880 wrote to memory of 5020	4880	net.exe	96
PID 4880 wrote to memory of 5020	4880	net.exe	96
PID 4880 wrote to memory of 5020	4880	net.exe	96
PID 2072 wrote to memory of 5040	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	97
PID 2072 wrote to memory of 5040	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	97
PID 2072 wrote to memory of 5040	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	97
PID 5040 wrote to memory of 3344	5040	cmd.exe	99
PID 5040 wrote to memory of 3344	5040	cmd.exe	99
PID 5040 wrote to memory of 3344	5040	cmd.exe	99
PID 3344 wrote to memory of 2160	3344	net.exe	100
PID 3344 wrote to memory of 2160	3344	net.exe	100
PID 3344 wrote to memory of 2160	3344	net.exe	100
PID 2072 wrote to memory of 5088	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	101
PID 2072 wrote to memory of 5088	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	101
PID 2072 wrote to memory of 5088	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	101
PID 5088 wrote to memory of 5100	5088	cmd.exe	103
PID 5088 wrote to memory of 5100	5088	cmd.exe	103
PID 5088 wrote to memory of 5100	5088	cmd.exe	103
PID 2072 wrote to memory of 3516	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	104
PID 2072 wrote to memory of 3516	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	104
PID 2072 wrote to memory of 3516	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	104
PID 3516 wrote to memory of 3984	3516	cmd.exe	106
PID 3516 wrote to memory of 3984	3516	cmd.exe	106
PID 3516 wrote to memory of 3984	3516	cmd.exe	106
PID 2072 wrote to memory of 4752	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	107
PID 2072 wrote to memory of 4752	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	107
PID 2072 wrote to memory of 4752	2072	37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe	107
PID 4752 wrote to memory of 1044	4752	cmd.exe	109
PID 4752 wrote to memory of 1044	4752	cmd.exe	109
PID 4752 wrote to memory of 1044	4752	cmd.exe	109
PID 1044 wrote to memory of 2444	1044	net.exe	110

C:\Users\Admin\AppData\Local\Temp\37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe
C:\Users\Admin\AppData\Local\Temp\37d8add251cb4179224ebbc0e28f8d9e26b5e64bbaec37f26a996bf51556f04c.exe bcdedit /set shutdown /r /f /t 2
1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2072
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop MSDTC
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:5760
- - C:\Windows\SysWOW64\net.exe
    net stop MSDTC
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:4248
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop MSDTC
      4⤵
      System Location Discovery: System Language Discovery
      PID:6024
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c bcdedit /set {default} bootstatuspolicy ignoreallfailures
  2⤵
  - System Location Discovery: System Language Discovery
  PID:3080
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c bcdedit /set {default} recoveryenabled no
  2⤵
  - System Location Discovery: System Language Discovery
  PID:4120
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c wbadmin delete catalog -quiet
  2⤵
  - System Location Discovery: System Language Discovery
  PID:2256
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop SQLSERVERAGENT
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2912
- - C:\Windows\SysWOW64\net.exe
    net stop SQLSERVERAGENT
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:5072
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop SQLSERVERAGENT
      4⤵
      System Location Discovery: System Language Discovery
      PID:4848
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop MSSQLSERVER
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:5108
- - C:\Windows\SysWOW64\net.exe
    net stop MSSQLSERVER
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:4880
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop MSSQLSERVER
      4⤵
      System Location Discovery: System Language Discovery
      PID:5020
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop vds
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:5040
- - C:\Windows\SysWOW64\net.exe
    net stop vds
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:3344
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop vds
      4⤵
      System Location Discovery: System Language Discovery
      PID:2160
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh advfirewall set currentprofile state off
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:5088
- - C:\Windows\SysWOW64\netsh.exe
    netsh advfirewall set currentprofile state off
    3⤵
    - Modifies Windows Firewall
    - Event Triggered Execution: Netsh Helper DLL
    - System Location Discovery: System Language Discovery
    PID:5100
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c netsh firewall set opmode mode=disable
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:3516
- - C:\Windows\SysWOW64\netsh.exe
    netsh firewall set opmode mode=disable
    3⤵
    - Modifies Windows Firewall
    - Event Triggered Execution: Netsh Helper DLL
    - System Location Discovery: System Language Discovery
    PID:3984
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop SQLWriter
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:4752
- - C:\Windows\SysWOW64\net.exe
    net stop SQLWriter
    3⤵
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:1044
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop SQLWriter
      4⤵
      System Location Discovery: System Language Discovery
      PID:2444
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop SQLBrowser
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1108
- - C:\Windows\SysWOW64\net.exe
    net stop SQLBrowser
    3⤵
    - System Location Discovery: System Language Discovery
    PID:904
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop SQLBrowser
      4⤵
      System Location Discovery: System Language Discovery
      PID:2476
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop MSSQLSERVER
  2⤵
  - System Location Discovery: System Language Discovery
  PID:344
- - C:\Windows\SysWOW64\net.exe
    net stop MSSQLSERVER
    3⤵
    - System Location Discovery: System Language Discovery
    PID:3524
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop MSSQLSERVER
      4⤵
      System Location Discovery: System Language Discovery
      PID:4584
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c net stop MSSQL$CONTOSO1
  2⤵
  - System Location Discovery: System Language Discovery
  PID:5764
- - C:\Windows\SysWOW64\net.exe
    net stop MSSQL$CONTOSO1
    3⤵
    - System Location Discovery: System Language Discovery
    PID:2428
  - - C:\Windows\SysWOW64\net1.exe
      C:\Windows\system32\net1 stop MSSQL$CONTOSO1
      4⤵
      System Location Discovery: System Language Discovery
      PID:876

C:\Windows\explorer.exe
explorer.exe
1⤵
PID:10944

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

T1543

Windows Service

T1543.003

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Privilege Escalation

Create or Modify System Process

T1543

Windows Service

T1543.003

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Defense Evasion

Impair Defenses

T1562

Disable or Modify System Firewall

T1562.004

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
413KB

MD5
6f6ce7b9a0712b7a83e3a396929d8daf

SHA1
8520c2e13372d99e0091f3b4d88f598b2723147c

SHA256
b8c48917f08a7cb5e6a467332300ce236700afeaa3e9e2125921c9705881edbe

SHA512
0293d29fb9b85ec47fd5dd034580e438d8dd8dd782dabf6cca569e27a32330fabfba4c4223bfb4076af235514b1fe7e3ca6ae0abe5f75ab5552712832f35dadf

Download Submit
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\ResiliencyLinks\resources.pak.DATA

Filesize
9.0MB

MD5
f5651e6dbad2fe013f1fe909650b74a4

SHA1
438e6a60be0586447aabbd2f85f655d4d9ef7181

SHA256
0877f4ca250b43d04e5e0d2c938da57f8fbb440014a11b982c0619646c79d203

SHA512
09b2cb3d221c8cf10ac8223a439cf395ab3c4252e04108b46a0c4e2a1c001e24726df8a4f2cb0a00cbca520445f4bf07e56fb6905a63fb808c3930fa9b3a87c5

Download Submit
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\msvcp140.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
569KB

MD5
65235e8e7e1d83f46bb8bcc10d06ac99

SHA1
1b7c5f4b2ba49e854b46d0f65ae9beb7831a1c55

SHA256
c6f8ce0c8b82fd4800f4165c314701e3b0b016e57698d913c281ba192fb8ab98

SHA512
74cd3bb42e473091e21e50ecaa68c4f6a80cd9bf7995f849ac0c98a76aad3fd4b0cc307400ae4f76818796351df754cd9100d69cdc44c10890f365610004d7bd

Download Submit
C:\Program Files\7-Zip\7zCon.sfx.(MJ-CZ6957480132)([email protected]).zxc

Filesize
189KB

MD5
3c9958fb404a0331314182f1d00fedaf

SHA1
164de9e5b8baefff750709b1883ef49f1b4e80e3

SHA256
0418d4458222b992d941174bdc925e79d2b91c3457fc32572c39188c4e3ff201

SHA512
ce3f7c119f2016e64c3ee5b376169ad6fbfdb688dc413f775dba48ee12fb7f964bb31325a33e139d5eb92bf5ea8251b3d990b5bdf38f4bc7503142dc7b8cc1b2

Download Submit
C:\Program Files\Common Files\microsoft shared\ClickToRun\SharedPerformance.man.(MJ-CZ6957480132)([email protected]).zxc

Filesize
525KB

MD5
de338075798b97643c6f14d475e3a8e3

SHA1
876403bc9325cddccbb4e2ae7ec868caf64ff590

SHA256
581a2494e9c42a9f9cc83b969f2e6f3367d5a3a18f44a5efda0de898d9eba7fd

SHA512
647127b7188e116bff3a03e492825f9153f49c4066209db4d3a1f007ea869ebd10ece6e34239ee05730d26764336d5c3c6c1a74c4bada65dd34970ead951d233

Download Submit
C:\Program Files\Java\jdk-1.8\bin\javapackager.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
161KB

MD5
9dd626b984f07da83427b655f43d9b64

SHA1
2a7ebf4068a389fa403f57ea8bbf7745cc0c7766

SHA256
667cdfb828c8df6427cc5f622c97a47d0c8c9b7184f118ee277e6f5e3c0a7912

SHA512
eb719988a5803d072ada8b695a928564036a409f37fb7d1a330f79e958c52a562684a8c7bddf523ed4ef6aa3033b2caf52d969835b938c6229fd8674f6ad197a

Download Submit
C:\Program Files\Java\jdk-1.8\bin\unpack200.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
220KB

MD5
10cbf9a6ca2f57a80439755dea5b765d

SHA1
613bb85526df1e5216d34829a4c0ec69c747c3eb

SHA256
d16bf193ca779046e5ec25f25c30c854841d16a6e295bad5174740176adf1cf1

SHA512
552ca4745aaed10d4aa5b87b15d62ad0431563da15e576f620089cd51362608fa30f2bfa5db8ef8ce3635e987103192b0db24b40ad1da8266950822d03ccc2cd

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\glass.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
260KB

MD5
c5960566a52fc110a68fc7f5262ebf1b

SHA1
36db871003d699a3a9e2cc15cbf8d77f59c7dddd

SHA256
4873335f39dadbcb54fb5c18dda8873bece9ab3fb1d2b32cceaae77c6385c934

SHA512
09e4a832ba4b3c57f5f7f4c65c96e6c1fb15de59e48da635cc4da6c9f478107901188f83daaac289fe5555cb93c8f440e09755a0d79295a63595bebea0487a77

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\java.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
285KB

MD5
78c59d58bb2a3c23de95786c648af70b

SHA1
82e72f79f29285976d2ff37434ca220f757956af

SHA256
cb8cd4b39508fff749faff38d8d4383134c491da54744a4509898f71486c7a2c

SHA512
c72476bcadadcc37c25832833c0207381f7ed99ea97f07fc708bfcdf403b61a384414bb61f85b047925253c66117679b62a96e4689544e10a662e9a381305893

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\javacpl.cpl.(MJ-CZ6957480132)([email protected]).zxc

Filesize
260KB

MD5
577d5d938c64e6c5d7e19fede7e4bc19

SHA1
1d83ce0b7b3fdeae86ee90b0f10629590b2b5a25

SHA256
b01659b0e41a2360eca419721d888cfd593f7b6757845f04a7f3ff710b98aab0

SHA512
1128581851b4edb74166dd353d65aed15018a5aba830a6b5e7829124636a3c79f39d5f765347c5d1c3c2a69201d7eab52a086dbe564692443cb385b6ffdda802

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\javaw.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
285KB

MD5
f5bc6c86d1de19e41b7ed4e1518d774e

SHA1
944ff9460e149177314621ff11592f1a6513c71d

SHA256
98bb5b9b05aa20ca1fe6a6d2a1634caccb10ddec16e08e1d971a8571b931c794

SHA512
1990f6cbed45f8fb6dcde693feee6c5d164de75d0de59ff172f0bb16c91dcb961ef3e86f65ceb480551e7f6a55edd81e9e914c99399e4735778f83b8f8b87085

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\jdwp.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
208KB

MD5
5e784f52feb8f37a25c7b69eae750305

SHA1
f40d82806b1d197490481ddd9c34f161ec920955

SHA256
c9191f7816ec8915384646eb96cfcb74a162e354907c5deb42ef213d19e86897

SHA512
557f2bb313073c3b14baebc7613bfde4000a38fdc381c7e817b863dfa903f45938e46be6709ba9712a8316b976b3435bf4e21b51bfa9dd389f9c0a2bcb063201

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\jli.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
253KB

MD5
12a37a886ee7b853c06bac1e1cce6a24

SHA1
4e15cca4638f9cd5c69a0cfa9ca2606229282010

SHA256
1b563484dafc1e71f21ec2b9389b81defb91458be3727427c03d321ee02a256b

SHA512
2a6ea87c4d5e34290fbca29df66ef78982c001323b8a09b1875e4e73dcc4817ee695e4cf7fb1b61e7eea70ca6ff7b4ced5cd372abc61f399b4ecec70b0c30314

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\jpeg.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
202KB

MD5
0efa4701b6b8cda28d5a4ed883d402f9

SHA1
0adcfdcbf4f20d71aa51f98f8c9fa9822cd6c7f0

SHA256
8c137a4300b32a128e81d2294aac9b9a3f856693b11321cdac842bebcbdc29ee

SHA512
9421fba39aba7fb26bf958a5edbb7d48ca74244a5853de363847ed062ca661d88f7d4e22d7a98b9596600f8a7bc9d2c2a9c1900433a13937754382e215255dcb

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\splashscreen.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
214KB

MD5
575d534ac7a4bf51e9bd62499b53b9f7

SHA1
6610b67b7ab2cc34274efdf243179cab90b6123d

SHA256
a39eeed276073710892d8d699c6dd480c6ee98fd378619ae6947037c7c58094f

SHA512
bf887a7ed8bf43992c6d718473e0fb89d09af30fbf9d145b082720123e4e9ef8160f40ef5f69ea67706c5aab9da38090e65f13c18171a2d1ebfc05893b215d05

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\t2k.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
259KB

MD5
6096ab55d43ddaad907cc449a0f05d95

SHA1
bf08ff4efe4dda39d48367e6532d1931f64cd901

SHA256
5a3dbe4c020456d4e1e55aeb359df77e9855ced44fca02ff5e95f4a7a55ce777

SHA512
0c217432a54efa27da9cdbcb18cdc32cf434c93e347e7e5445227bc093a21c6ce44890e397ab54c5ade6d90b69c3d50b25a864686db7f065ac2f75803aa04601

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\unpack200.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
220KB

MD5
b677d66d06d59df1e4be52a6d968db8e

SHA1
7d53de24c0316bf7bb3c29ec3fc16e989ef41ec6

SHA256
e57ab540c4b97b38017272cc734eca58a0115ea0708507077fb9070d8944ee78

SHA512
b4a58c3fa87937242637c05a28e888874443bbb2ba1fa1d524922488e28bcea31aac4691d533ae5dc8d12cb8b18ec39a646c54068c216bdd49aebf39ab7bf169

Download Submit
C:\Program Files\Java\jdk-1.8\jre\bin\wsdetect.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
240KB

MD5
3717df598cfb5854771e5dabaa8f7664

SHA1
4f9c86e84ea5f5add9e3d8e2f319cd6ced1a272e

SHA256
f0f61becbc18eda34988594154e1c50a68debca47ef0fa73459710a0bac9411b

SHA512
41bba3a0a1f316fa47ceb49d5ea1f7946fe93a707b23788709b3024571f2f12ce6231bd8eca151f2cd50c0b72018536e24f194faea7fa4781f5ee14493d78400

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\cmm\PYCC.pf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
268KB

MD5
873e6f5292fe2005421b5f904c110f15

SHA1
1a5a44d10d106a05eee19a018341833f10c516ef

SHA256
91c3ee66ba3b237892d089b9ea13138ce63a7c8628653f2831d34a9a6c34fc78

SHA512
1faa037617898bdcc81f9eb65a7b0f82e98747249419b4e85f33fb3169cb9c14451561cfc68ce6ae06e5aabe1a90bfbd663311bf41bff094c5fc3c5fe33c14df

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\ext\sunjce_provider.jar.(MJ-CZ6957480132)([email protected]).zxc

Filesize
288KB

MD5
b0fd4d533f181d31792c58566e2bd013

SHA1
a2dfe5faa061e6d115671f82227087fff21750ab

SHA256
095753eb178417b28fdb98b1bf6ea8e90cd49c079a9f91451a93bc883e7ab3bd

SHA512
1b45109fd592607eeda3f0f4897acb5578ee8db6c87d1372fdc2fe04229dea396c9ea5031608b73caf0b1980f4975bfc809450b6273b5a7813fc5208da66d7fd

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\ext\sunpkcs11.jar.(MJ-CZ6957480132)([email protected]).zxc

Filesize
287KB

MD5
bec70a2be43e47fac5d83f7ed0e66684

SHA1
5a17b048a0c8b26181a866bbc67dfaa6d78e243d

SHA256
edf6bfe0ad7d1809aff8b3c198fe29eefbc9620c3b65ea8cb129c3ca281c994e

SHA512
2576720c754d1a29118e0e3d9a263dd87ef00bf4ba29919b34de165ad2757d3e6605e676f6c1c8e714c488cd21405fbb75e0e4a5184665e59addbcbb0ded520e

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\fonts\LucidaTypewriterBold.ttf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
228KB

MD5
4353c5538add093bda19e3c640881bb0

SHA1
29aa076be43887062b72d95df8769a9c6d7c6490

SHA256
4e44960416fb770d23c9c54aa016a77ea25948bb19c1c125a192083fe38be34c

SHA512
429f48a476d60de5ba8fc5b2cdc7b60579531ef19838a319e81015555efc491d57cdd1c514e50f56b979d73c92bc178fb6866ade1338502d0034fc073ccee62f

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\fonts\LucidaTypewriterRegular.ttf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
237KB

MD5
6971bce5d7b548c628386db2078fc6f3

SHA1
6b39320784909bb19e3c514f75ea692506d73e99

SHA256
ca1904f04b7d861fe7ea5884e791880c080f44ba8e2c5c60979ff0d8b2e24755

SHA512
5f8d5e30e65f51fd1c3caf7d9249a1e798eaf5fa651adb01d4d446f2dc4b4fbf3aea48eafcd352e9f9feed1a1de172907a02d206b96607c04485e75f03e6c799

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\security\public_suffix_list.dat.(MJ-CZ6957480132)([email protected]).zxc

Filesize
226KB

MD5
b7e1b37b5a925231519f3f6ff7a67d2d

SHA1
4a7425c31d73d3f04848c33f04d95d9c9fc3b356

SHA256
7fc2407d0c3f442d2c86014e50e1ac3bceb675b7f5a8d8c9c2489bef90103152

SHA512
09228c49d2fb566790917d0457e8addcdeaf7b020f5227af03c7028a4fdcdd07b78f8471b7e87709bbf6bdcbf9a8841244adf7c9aadafb8ae8cecaf83e791fa5

Download Submit
C:\Program Files\Java\jre-1.8\bin\WindowsAccessBridge-64.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
195KB

MD5
1440c70be00acd706920d978e5b03637

SHA1
f9bacc485a4ea8c4791b5b28545b8944b20d20a0

SHA256
3e5f9170090328541dc73200b8456353573519a916285fa3acd12eeb56a7f299

SHA512
beaf6ad8d6072a14b42a4a5893104026091414a1ffd66f19852a17480bb7e1731fd24a41c2013a918264c33c67c6c5cd9c8536e23ffb12181f9e58276191b86e

Download Submit
C:\Program Files\Java\jre-1.8\bin\glass.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
260KB

MD5
d29d1349c17ebc236e326a929603839f

SHA1
a65c0219ffd02ad9121f71a6e5895f9e61e44966

SHA256
1df3570f9b8402f0d9280aded762f2072245e629dee17e9180862921cf9378e8

SHA512
14920ed7e81f53d6c19d431cb5696f2e79bbdebfe35d822ef3057a5087d24aa704b8e96012780caaa90529b7209d728a7669655f3d89d4dd912897c1bd8ff3ea

Download Submit
C:\Program Files\Java\jre-1.8\bin\java.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
285KB

MD5
795af5ca5d7eceaf9e3075088db20d0c

SHA1
2c6e1d33c872ea894849f09cb0534979581342af

SHA256
681d6fe6ab9f190130a4ddd9e4dc59a38d474335800e22df98c74f35edb735ff

SHA512
571a1121f4d8c43c7cbf8479d0c5fe47428d1b24371d0d9240af619cafea6ee84a77a924a15b54fbe13c17e9d1a7083424f50f5b799405e6a55fe8153c6a96d0

Download Submit
C:\Program Files\Java\jre-1.8\bin\javacpl.cpl.(MJ-CZ6957480132)([email protected]).zxc

Filesize
260KB

MD5
c99786413a5cab1a5e3a574b6d0c7483

SHA1
1de526cddbd0a87d9b4e0bdc60461f17b177e9fc

SHA256
349da10bfc7a376d1370660af64c7048680ecf964d8d2fbb901948a6f831b847

SHA512
6e912f726faf99c16eb698034474ff7ccf803fb7fa63b059b9a2dc356b1428832bdaf863441567dc9a7065b9aa128f9cd6da9cc12ee06042a631326191d325d8

Download Submit
C:\Program Files\Java\jre-1.8\bin\javaw.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
285KB

MD5
a3bbb2d3a8e8f7970f3931462a6f64a3

SHA1
589eef8f7bb230d877c2ea309b3cd8e865f4e8ac

SHA256
08731a95246b28747dcd895f6bfcbfa0185f85304fd1a0fd790a331956eeb34d

SHA512
98ef62f535673645d791174cc7fad719abbe9c8d919984b7f62d33869d2be7a24e29e84e050d4da4b52c0f4dc773acac9cdd235c082320355bdc099ac0e99d3b

Download Submit
C:\Program Files\Java\jre-1.8\bin\jdwp.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
208KB

MD5
e174d7f84b9a3ab343e785b416f4fbbc

SHA1
0a56f355c90f34106edba1529abbc6516c6bb48b

SHA256
70ee9d3a0f476213ba8ff7e890700dbf609a1fcba880c8a8f3918803b07438d0

SHA512
a1670d61460390e412ce787b17c2155b4b69e8392d8a9af8d5f103c0a2c6dcdf50f612e72e46ab6160996808184cc5bbf620f6a93d48afe061e49f72a3c4c9cc

Download Submit
C:\Program Files\Java\jre-1.8\bin\jli.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
253KB

MD5
45b11218ddd93c9d1ebe67ed23fcda43

SHA1
9d484475a85a3323b400154bc791a6372c2ac1cc

SHA256
d0be0a1064c5081397ffdde20017c543a7c6d434e3fae4b4aa13902c289e506c

SHA512
63a6a2484ea9c35157eaf1ba8386812505bd7369cbdf0b41f5d67075b3bd294f44488bd92b52c9a60cd9964da734c9c629a2966332e13b48b4950d7967f9cbd9

Download Submit
C:\Program Files\Java\jre-1.8\bin\jpeg.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
202KB

MD5
4e4631f6ed08e6d46446addd0adbd9ca

SHA1
1a805290b7942fb28c3e8cee9616ab613e44991a

SHA256
da2cf13abb2e2ccdca45301ad1d0e1cbfcd8d507da7e7b62b0288881214af3ab

SHA512
0df69a96e4422808e67718951475fb36bbb2eb817e6c924b4c7d571caa235fe7fa46defd21b45ab41d1493519711847b9e7fd5840c1974c4a7c65803735bfc54

Download Submit
C:\Program Files\Java\jre-1.8\bin\lcms.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
261KB

MD5
95b5251572dc99eab48929d696d469fe

SHA1
b3cf9ebdcc82309aca079f72511d78196f4b197b

SHA256
c3f2377e7c3b277aac8a974bb2171f4b4409f5242efe50aea58efb7809155b56

SHA512
dc504ffecaaaf3aa94283a5b5eda1c8ea3058c897ea387d1d8cf0a50dd0d0d808a421df651a416464e3aefed74aada3236826c492622926f01ba21c230f7f9f2

Download Submit
C:\Program Files\Java\jre-1.8\bin\splashscreen.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
214KB

MD5
86ea24d6a267ece341b4bfd81214bc50

SHA1
7a7fee8a4372253bd7f14d44f7b370d69d00a0f1

SHA256
d99ecb657a2ba831e0acbdaec6bc07cf4733d3aa4167875e5867c4fee154656f

SHA512
7a196544a1c4bd7a623ad891fd8b803a0b8065adbac11e30d9dae435d68fba2144c6b085ba14e4c72eb28d1b21e9678eea0def74226c596c4c61661a36f10886

Download Submit
C:\Program Files\Java\jre-1.8\bin\t2k.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
259KB

MD5
769cd1c95844c87a477557f452a6fa25

SHA1
0ea2e134f992c0f9eacc278cfff4fde4e39ffdb4

SHA256
6e5d2c07acb6b28c1cfcfcd4ae4b39d92938f9f7be0793263d746266c3a75ef0

SHA512
30f044a57c92d3d3158b5f85c9fe3e5dc8e46a46b19271776fef782c0ee972990ca32a5b6319057ea5e7315a4781de1998b113393acdd2a06130fa8b90c60a6e

Download Submit
C:\Program Files\Java\jre-1.8\bin\unpack200.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
220KB

MD5
21e48e889bda5dace726830cc106d82e

SHA1
3709e37d34f6ffd2c9f0cb731c2788adced259ce

SHA256
6d2f9ee097c51adfd54de622ca10d2849b1e4f5d5cd09261e396b7035604b8ee

SHA512
f2641fc16a4429443bc252e4b5ef383ecb56c17ca1be6b1624e68260e85f35dfc68c72f7e5e3e897b714707a7c24ca81fa9b6f2e36bc074ee332545b5a548cc0

Download Submit
C:\Program Files\Java\jre-1.8\bin\wsdetect.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
240KB

MD5
b814875b358bcc53c842950e924a583c

SHA1
f3e4d1b50cb4707697eb6b68ad3077b7e4050287

SHA256
c81fb031f63f7f42e63ee3491f12f775e1d1ab7156f2f9ed21b564a4310d1b23

SHA512
79bd4409f1d991b88f08a50d3d1b5d25659a490e93be0244ee4f3104119ea06a512608c55f9ee8e7be7fbbf4fdc8531a5ac9f4e3afefd078441e8ba9545e4d4a

Download Submit
C:\Program Files\Java\jre-1.8\lib\cmm\PYCC.pf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
268KB

MD5
57b99c0180939d409cbbf7c97df49602

SHA1
b739a44aa9c4b4ee198a05c993e0fb5fec66dab4

SHA256
15d9074a7c4dcd390199e555b98f4ae8807ea1e3313a9f3be5c4b6cddb59c14f

SHA512
21613faeff6692831514b65734b0000889a5061853f761a506d1f333aa6bd93766c6539255c7c555d97d7a120c3373ac2703bbde77258e8c86cd76a7a7df173a

Download Submit
C:\Program Files\Java\jre-1.8\lib\ext\sunjce_provider.jar.(MJ-CZ6957480132)([email protected]).zxc

Filesize
288KB

MD5
835d744595fa707d413949a8d64548c4

SHA1
a0a367856ca1af0f7289f009be869095d1ad36d8

SHA256
988a6a1e9b228f9d13620bca4cf59e2f7928b5b06d67725dbcfa9d687fab8249

SHA512
80f75ff74d925201933ff1db53f29d9b26140bd1e189b09718fcc26c5d734a05396d31fca572e175f9023176be1e4230626f5b6fb3df48f4dc130dd40b1f0027

Download Submit
C:\Program Files\Java\jre-1.8\lib\ext\sunpkcs11.jar.(MJ-CZ6957480132)([email protected]).zxc

Filesize
287KB

MD5
2485901768aaec630e0c998309530eff

SHA1
a677f3e07408eb760893ce92cdbb500d3fd2a6cd

SHA256
6fbb60a11b637cb077c929ca26c60683a7429ff627165b94325e12ebaa52dd6b

SHA512
42f7b97e7711e13a6ce43206e7a73b7984643ad148af59194a1e70176d1905310251ad087fd327299fa29413736241e1661cdea3f2374a8bba832d96d92df0dd

Download Submit
C:\Program Files\Java\jre-1.8\lib\fonts\LucidaTypewriterBold.ttf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
228KB

MD5
68a390353c6d83b3a25e3b6a334b16d4

SHA1
671d038e730041d62cc5a5d944339c541b64331f

SHA256
4fe108db09a7c65d80ea371fad8925df804c5aabf677155ea4a0396a8b89a22b

SHA512
26d46ef79f8db2644a462149ab1d212aa73a3be241dd55ec635807e8d42d6e02b4136cbf0e67d3bca75ff28c10ac12ab180932af3ac438770305b82d83059562

Download Submit
C:\Program Files\Java\jre-1.8\lib\fonts\LucidaTypewriterRegular.ttf.(MJ-CZ6957480132)([email protected]).zxc

Filesize
237KB

MD5
aa35a8018fe639f410a70d58794f0861

SHA1
136c47802006b4e5f2a0bb4c0cbc3d99af230550

SHA256
9e108d9b9da36c05ae1bbff25863fc0a592ff46ab1fd0d087f2a8a16b7d66eb9

SHA512
b9bc8452a1106fff4f348a99a1175b702cea2fc9fe70d0d727c593f76b99adf3885ddfe4225a4baa505ac890526383e1c30c175b2c14c3c57d456e1be1c4f36e

Download Submit
C:\Program Files\Microsoft Office\Office16\OSPPREARM.EXE.(MJ-CZ6957480132)([email protected]).zxc

Filesize
238KB

MD5
b147c72cde143414ea45cc108acf2e15

SHA1
26cc241c053b0b45892a5c5ef9fb5f63aa7645e9

SHA256
052d529cc699d8c4c51f2ffff4ad8c0ad12d62f9bdfee479be870eac04e90f50

SHA512
161b91dee15b2b58bef6daaf9465c1d8106808a57107f24eecd3a434a28f0392ab41c03b2c5810565150f9ee047958c501a7d1d2b90fb8c9c685c51aad3900a3

Download Submit
C:\Program Files\Microsoft Office\root\Licenses16\pkeyconfig-office.xrm-ms.(MJ-CZ6957480132)([email protected]).zxc

Filesize
904KB

MD5
ceaf5dd52c30b52e11b074730d9dacdb

SHA1
cb69cccb99ed6c6c245992cd21310afe12ddddd2

SHA256
c4ee88d0b735df39e9cef1a3acc9ff3cc8d285ade5a566a263831c53df38a4ed

SHA512
ba486cf6386d9c7957c1b3cfa86547e20c0e0507933f93885400d491b8bedb97eff995c6b3de6087705f1e5a78aa7cfab19c6a679faf6420bc9476556012b433

Download Submit
C:\Program Files\Microsoft Office\root\Office16\1033\PowerPointNaiveBayesCommandRanker.txt.(MJ-CZ6957480132)([email protected]).zxc

Filesize
297KB

MD5
d7b71ab63677b6c9989ad78549befd04

SHA1
2308aed27bd853ffaa7ca9f29240e456cb413ba0

SHA256
a2ea401e18067f73e8de4e50220cc90c36b66c29240b59bbcf41a98e23dcd817

SHA512
af847cb00b1400b25f38cdbcfe2ab87531e3ab29de8eb025dc51be44f2e1b9cb621d1c22fe7410a52592d1fb94b5177572ad8e3909a0368ca8ccdb7516efa561

Download Submit
C:\Program Files\Microsoft Office\root\Office16\AUDIOSEARCHSAPIFE.DLL.(MJ-CZ6957480132)([email protected]).zxc

Filesize
2.2MB

MD5
1b3fd22e5ae983ec756267706c4459ab

SHA1
98ca23caff2694c885b89f0a638c92faea91ab60

SHA256
52ea0b4483148c905cf76ce995e5ed865e3bb5f9e27a7f75a251d9c19e1ddfd6

SHA512
92bb72cbf49c77d29563e167985f1aa39e7eb1d47fc90fa7767808f1794e44d4a3b5c5dadeff7899acd2e2512c84de55813e8be135ab59461e186da0829daaf3

Download Submit
C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL012.XML.(MJ-CZ6957480132)([email protected]).zxc

Filesize
814KB

MD5
2003cee4af99c89f8b3976917cc15802

SHA1
e44194806e8a6b404e53b6d739367ce44e52b5d1

SHA256
7b13acd1f7243604cb580b4c4d1b9c0bf2d81e16ab2632b86eb3540a0855a23d

SHA512
13cf866e0f36c4f73d6ea1171265c75de9b00644ce6aeb8185ec2950dd92b59a0b100ad8162e75ecba2ec882d81ab473930c7c8b75e664358090300d153773b7

Download Submit
C:\Program Files\Microsoft Office\root\Office16\PAGESIZE\PGLBL054.XML.(MJ-CZ6957480132)([email protected]).zxc

Filesize
360KB

MD5
a1e21ab31ab2c85fee6f4cf127a07f58

SHA1
670dcb8db4576764e3ef0419dc70e23739af7a1d

SHA256
ce3c5ca5159c39aa6d66e2defe678708234eca90298890ab8c00455ebdb7610b

SHA512
b0525be27dc551efd5b5eab0af12b6653ce796d9b0aae69515e3aa41f4eb02790833153f12422feffb41e0395f9f60b78b026b527e81efe5f079e0652c7fa18c

Download Submit
C:\Program Files\Microsoft Office\root\Office16\STSLIST.DLL.(MJ-CZ6957480132)([email protected]).zxc

Filesize
3.8MB

MD5
079dd374344759e8416ec9f610ce16f2

SHA1
95e1ac3aab7291c51de9e0f1d45803eca054ccf7

SHA256
3bb08a6517427fb14d4339faec84d457b46b8918590ab0a46c423bba03c185ff

SHA512
142c2cc6ad5ebd6f198a8553e7975c648d88f6512b0d951e560ecfe857a0ed78ad4665fb19aac991a3aee1a3da7a58a7e324f425fde1d999b11bd378fdfbf262

Download Submit
C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe.(MJ-CZ6957480132)([email protected]).zxc

Filesize
9.4MB

MD5
76674bde19245608dfa53fb1d80d76bb

SHA1
07a7318452fcd9ab7cc34002ec725f463617dc4b

SHA256
b540e8a0fd4aa41f020db059ff7ca770093b9e0076cd1f138b288a4980eff9b0

SHA512
d6c081cb671eb1b0ea3a72389a85e1eb9dae4e7165e3aad63543cef772408bdd5829b6349109ce168d9ed6103a14cb98857cd41e1624cf6883cad5265ddc7663

Download Submit
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\concrt140.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
325KB

MD5
d36c34a120a928d636472dde28117da9

SHA1
07d761cfe649c2e584abbf0a0cbf65f92663e4b0

SHA256
548f6ebd3c9dc8484c24e1de3f4ed11388af8bb2a6e1c9855c11559d977ee0fd

SHA512
637a0d22c0c559cb4cc70c74669cd9f5df19b66aab3559005d72e10581b1ec1fbfb7cf5b4e0cb09191d287e0e7de06762ee9d2792fa09f4a11f0c9404daf7f6e

Download Submit
C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
672KB

MD5
dc1f102d56fd8737e62723ad9e724643

SHA1
56486f76567181cb17d7f3110233d1bf8bc4906f

SHA256
31184d81e06eb73e7044e5826a47409d3b3a5e8d32d107650ce4ed1c6856d042

SHA512
5beba7d079b45481b8b9f3ce63fe76891ab2c82b942369d7fd9bcabc27c9eaaedef5c00bae05b35329f7454f0467c92b0b468eee24a8b740502359dea0f91cee

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.Net.Primitives.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
209KB

MD5
c6bfaee7ce60ed6bee864370ce4da53d

SHA1
a858dfec60095ae55cd5cb8aeebf77044def2e99

SHA256
ac1d3c7fe5636d1bbd74b143678710b42e5d64eb7b923ffd799e53284eeb5679

SHA512
3dd30a04c56bd032a9dcdad1955b5ea48eaea80c452f6ac9e9c7c8317ccc6e2b2138adb96c00d105ab6489d31f7d6df249cd9209348606de51275e9df00b3c0f

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\System.Linq.Parallel.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
830KB

MD5
a2a78a79f15eeaa683cad5af35fdf8e4

SHA1
917b1ccbc24006643a31078379eabe79894d8e62

SHA256
2719ecb56d246708cf70e93b19566322b26392b8fb86ba7ee87442c0a7551466

SHA512
c0605c91609f3beb3ef07f0ea3cedfd5ed60a3bb3768483a816e62a1d9be5e1bd9d1632b7ec77c45ae435f4e3b469974a035c63da4ad31727734a1e812acfe44

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\System.Net.Sockets.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
550KB

MD5
3ec4163b1508af0c16ffe9f4a0e1191f

SHA1
103527cda1a1a6b7e2958430475628d2680e4670

SHA256
a5f50df3d5989630fe81c21d0331d0ec9b86a703b9149c0ab7f1532d93dbb91a

SHA512
e3ffaeb0edcb55793107fea9aa896d4d330f1f3a9cd316f0a1d9c08daa8c9f9617a4a441b7b46af93aa8cf898d3764677cf636e0ae0443d59a97b49744090380

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.16\System.Text.RegularExpressions.dll

Filesize
950KB

MD5
2981e9ef91d2d4288c80a10dff064e5d

SHA1
3640312a736e4df8b0ca560e8745887f8c5c1b7d

SHA256
9f3ab2ff132eb8caf68c29912a53d503d5e0518d1210750db6303b0c0b09fc79

SHA512
bbf7297662b557230bd2040d0701fbb4fcb7461b881ee55be37c0901054d02cbd5259881eb2bfd30b02c9191a4fb3fafd82cff9d35283b14e60344e59e4b68bf

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\System.IO.Compression.Native.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
816KB

MD5
6ad89d8b18b1f74ae4a08ebec64dc2bb

SHA1
a6c8db5566dee8e2726c1b6e99946dde1b50033f

SHA256
24311b9ce0335edcb0db0efeccdca5255abe71e694f2cb60eee76e776b9b295f

SHA512
81fbbfe7666c364deadf7596733f32567edadb1ca384988313f5d25a41b4d174d317491f7784119511af94919b47e1ab6e7e27d008effc1896a35d5448e970b8

Download Submit
C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.2\System.Linq.Expressions.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
3.5MB

MD5
06c7af9c00b4f5aa0a8fa2da8f45eaf2

SHA1
71bc55f2377b604be27c2ec76c71b8f95a01275f

SHA256
4d9f7198dd442633037c3e0e3fb927f714d301714a21f7d33167ee8bc9a7fcbf

SHA512
208dd24cfcd3da0dbd265fe4ea980fe5b1a3872c0144fb3dfc8e51ae1a56d4d6d3f792c2e6cddbb465edb1039a5a106bcf224aadf1a283c2f567e1171bf4c1d3

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\ja\PresentationFramework.resources.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
222KB

MD5
c1b173b579ab51436acd7cc9294944be

SHA1
fecba48e0b5af9c0266b96ed4307ec9657a834e6

SHA256
9e453e20b6a7649c42f2b5dafee043318959a99159402049d32640fd0e475900

SHA512
d37ef667b4bf015063cf9c49fa2c91c7c851e1403a24e7e44f95a56e81c16109ca6feb3f51b3c05b7e77bbd8dcc48da396b615c793536e555692256d5f90f3da

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\D3DCompiler_47_cor3.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
4.7MB

MD5
82d24a07782b2cff5b5a71aa1dde9b16

SHA1
1dcdc480f38643e8703d07f40ba9c7bc49cd9d22

SHA256
26370f3e134d598a584011ac9231a7f4f48517f1fa413ccb8f6bf276ca0bc03d

SHA512
6e7e7066711927b5274bb0d5e0267c0d61777fbfea68d2656e5d01ce6c48a8e743ac51e84349678176eb4cc8dab787c1cc1f410f0f6f65bca7133ebcce73c371

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\fr\System.Windows.Forms.resources.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
363KB

MD5
96b72de1ef1222050c4cae1071e8863a

SHA1
abb6347839e566ace50581dd9baf3ff01c0cda03

SHA256
01ba0bdcf9f7bdecceae143c7b79c0025b88f3c3e49f5b112e7da609956e81e0

SHA512
b206b2e33a94e0410458b1ab1c1c463d774adf7fc2bd1076db2bc1bec036581f432cb64d238875dcb4861b005f0950fc512397ce06ec6fee724f6e7e1fc660de

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.16\ja\System.Windows.Forms.resources.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
398KB

MD5
205c6c7c3de4cbd4188301aa8589a96c

SHA1
c4eeb3924568d1a3fac599d8e8891fc986fc8568

SHA256
944289de3f49e07f28e52f8931604bb2645274fdb999cd1f1c77f9475cde0e0d

SHA512
324f47040b430bb88e79a8f53558b9fdfcbd50e0daecfb864d506fc99f1c566ae8252a22dcee2d8e22d8b6df7f1c4350c05609c811647b529795052cf2342ea3

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\it\System.Windows.Forms.Design.resources.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
147KB

MD5
143c9e37fef462a1e9cb660236aa79cf

SHA1
168b939886dea15aaa7f5e5e589ef85b10609615

SHA256
9b398d34e003920509449a2267d7963a5ece88a62c22510600cd283551f50a38

SHA512
ebbb7e69422f18b6f3cc1f0ea23707a8c46a96446ee8b66505380c0ae9f5dce98c929280042d8bd61b1549d20f33f4659f12ab16df707eb43db58993a2ee9414

Download Submit
C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.2\zh-Hant\System.Windows.Forms.resources.dll.(MJ-CZ6957480132)([email protected]).zxc

Filesize
318KB

MD5
3ee8cb2a99ce706446aa102c2b1021a0

SHA1
74348e9768901f7c5f50b823f62d99af21055e16

SHA256
150a3f70a9eea9609e45305f17cb974d33c73bdb0ec70a1c56e00c3cc01ede89

SHA512
ee016e61ffdebef6f7ff9010f507a96b649ca19af6af1c451d587a3fe4b993044bc0b86080ee763af49dbc5cba259ec3440a5266aa837a6a981be92414c066d2

Download Submit
C:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db.(MJ-CZ6957480132)([email protected]).zxc

Filesize
624KB

MD5
1fc023a3f5168ba940f7146dffe2bf18

SHA1
ce8d1ec73ad14bc07b9b7a9a39f3a78c252874df

SHA256
9a64d87169b947f35e63cd99cda58fac95fd9c05c7faa9119f77a089193037cd

SHA512
775d283c40860c82a5339494944c13669804982c97415c7b7918585a1a7fefdb6d3097dbc04943d7715f98e7a9770cb37a98340808f982191c29d45107b7f5c4

Download Submit
C:\ProgramData\RSAKEY.key

Filesize
1KB

MD5
b64e7a0daa4f9d06f863c6478dd6d455

SHA1
60f179cd22063622e3bef7f05c388237b2d42d8c

SHA256
f61bba541278332559f5d408b044bf0114ce80dce2250dc90aa28045425fc774

SHA512
1a323635c1dbe815061987701fc9e740b6524708195977f25347a4778ca8e227cd217ceb1fbfe55f003754caa3473529bcb1bdeae9a16be80bc8aafdda2ffe87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db

Filesize
1024KB

MD5
9b1fca987d0c3a3e44e7e1003d71af32

SHA1
bb8930cbd140852d5379af47184827b047372ce7

SHA256
9a18ebe04d78ad3c02c738eacc9064317e5b058e52adccad7e04a512339ca2b9

SHA512
be0f576a8f66604462e74f35404ef7c8832d67cf5e6e97a09bed25b7027588409404251518099444b1f94a96d59f94f571b8e5c88bc83621190f991a5f5a7788

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db

Filesize
7KB

MD5
a3b63395676daa724e9e14e484afe340

SHA1
56f19c502745e18de962f183ef6c910de5460dc5

SHA256
a622836cb816057997f82991fce2cd5613ee8702c1ca2c7444afcb4642dc59d1

SHA512
82e74b9ae0ab41e109a482cce4e2bde7e0b6239e37d07715b74902d4949c37cce8a694e99ca7c90afb16b4072ad714319e3d28e57fa44ce56195a6d11d8f189c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pm60e3dc.default-release\places.sqlite.(MJ-CZ6957480132)([email protected]).zxc

Filesize
5.0MB

MD5
d7c0d4fbb007106d62cba0f50a8750fe

SHA1
edab506bffd32340f70792ad84041aca60e0003f

SHA256
c4e9b5a34238181d78d296eb3c0b10ff9a12542617cbda7418c33a5155cfadd0

SHA512
65940c8a766135ddc964c98bc55d8ba17aa51b7ddb6d9d5fefb0b0adcd1f223084c37fb580661366b5e12b57e9c222a9f1c1c733dc3e46587f5811f599a52213

Download Submit